blallo/tt-rss
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

add Public_Handler

Browse source 
misc code cleanup
This commit is contained in:
Andrew Dolgov 2011-12-13 14:49:11 +04:00
parent 46da73c255
commit 5f0a3741d0
14 changed files with 517 additions and 345 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

62
backend.php
View file

@ -16,17 +16,21 @@
$_REQUEST = array_map('stripslashes_deep', $_REQUEST); $_REQUEST = array_map('stripslashes_deep', $_REQUEST);
} }
function __autoload($class) { $op = $_REQUEST["op"];
$file = "classes/".strtolower(basename($class)).".php"; @$method = $_REQUEST['subop'] ? $_REQUEST['subop'] : $_REQUEST["method"];
if (file_exists($file)) {
require $file; /* Public calls compatibility shim */
}
$public_calls = array("globalUpdateFeeds", "rss", "getUnread", "getProfiles", "share",
"fbexport", "logout", "pubsub");
if (array_search($op, $public_calls) !== false) {
header("Location: public.php?" . $_SERVER['QUERY_STRING']);
return;
} }
$op = $_REQUEST["op"];
require_once "functions.php"; require_once "functions.php";
if ($op != "share") require_once "sessions.php"; require_once "sessions.php";
require_once "sanity_check.php"; require_once "sanity_check.php";
require_once "config.php"; require_once "config.php";
require_once "db.php"; require_once "db.php";
@ -40,17 +44,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (!$link) { if (!init_connection($link)) return;
if (DB_TYPE == "mysql") {
print mysql_error();
}
// PG seems to display its own errors just fine by default.
return;
}
init_connection($link);
$method = $_REQUEST['subop'] ? $_REQUEST['subop'] : $_REQUEST["method"];
header("Content-Type: text/plain; charset=utf-8"); header("Content-Type: text/plain; charset=utf-8");
@ -62,15 +56,9 @@
authenticate_user($link, "admin", null); authenticate_user($link, "admin", null);
} }
$public_calls = array("globalUpdateFeeds", "rss", "getUnread", "getProfiles", "share", // TODO remove and handle within Handlers
"fbexport", "logout", "pubsub");
if (array_search($op, $public_calls) !== false) { if (!($_SESSION["uid"] && validate_session($link))) {
handle_public_request($link, $op);
return;
} else if (!($_SESSION["uid"] && validate_session($link))) {
if ($op == 'pref-feeds' && $method == 'add') { if ($op == 'pref-feeds' && $method == 'add') {
header("Content-Type: text/html"); header("Content-Type: text/html");
login_sequence($link); login_sequence($link);
@ -136,6 +124,13 @@
return; return;
} }
function __autoload($class) {
$file = "classes/".strtolower(basename($class)).".php";
if (file_exists($file)) {
require $file;
}
}
$op = str_replace("-", "_", $op); $op = str_replace("-", "_", $op);
if (class_exists($op)) { if (class_exists($op)) {
@ -154,17 +149,8 @@
} }
} }
switch($op) { // Select action according to $op value. header("Content-Type: text/plain");
case "pref_instances": print json_encode(array("error" => array("code" => 7)));
require_once "modules/pref-instances.php";
module_pref_instances($link);
break; // pref-instances
default:
header("Content-Type: text/plain");
print json_encode(array("error" => array("code" => 7)));
break; // fallback
} // Select action according to $op value.
// We close the connection to database. // We close the connection to database.
db_close($link); db_close($link);

204
classes/pref_instances.php Normal file
View file

@ -0,0 +1,204 @@
<?php
class Pref_Instances extends Protected_Handler {
function before() {
if (parent::before()) {
if ($_SESSION["access_level"] < 10) {
print __("Your access level is insufficient to open this tab.");
return false;
}
return true;
}
return false;
}
function remove() {
$ids = db_escape_string($_REQUEST['ids']);
db_query($this->link, "DELETE FROM ttrss_linked_instances WHERE
id IN ($ids)");
}
function add() {
$id = db_escape_string($_REQUEST["id"]);
$access_url = db_escape_string($_REQUEST["access_url"]);
$access_key = db_escape_string($_REQUEST["access_key"]);
db_query($this->link, "BEGIN");
$result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
WHERE access_url = '$access_url'");
if (db_num_rows($result) == 0) {
db_query($this->link, "INSERT INTO ttrss_linked_instances
(access_url, access_key, last_connected, last_status_in, last_status_out)
VALUES
('$access_url', '$access_key', '1970-01-01', -1, -1)");
}
db_query($this->link, "COMMIT");
}
function edit() {
$id = db_escape_string($_REQUEST["id"]);
$result = db_query($this->link, "SELECT * FROM ttrss_linked_instances WHERE
id = '$id'");
print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"id\" value=\"$id\">";
print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-instances\">";
print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"editSave\">";
print "<div class=\"dlgSec\">".__("Instance")."</div>";
print "<div class=\"dlgSecCont\">";
/* URL */
$access_url = htmlspecialchars(db_fetch_result($result, 0, "access_url"));
print __("URL:") . " ";
print "<input dojoType=\"dijit.form.ValidationTextBox\" required=\"1\"
placeHolder=\"".__("Instance URL")."\"
regExp='^(http|https)://.*'
style=\"font-size : 16px; width: 20em\" name=\"access_url\"
value=\"$access_url\">";
print "<hr/>";
$access_key = htmlspecialchars(db_fetch_result($result, 0, "access_key"));
/* Access key */
print __("Access key:") . " ";
print "<input dojoType=\"dijit.form.ValidationTextBox\" required=\"1\"
placeHolder=\"".__("Access key")."\" regExp='\w{40}'
style=\"width: 20em\" name=\"access_key\" id=\"instance_edit_key\"
value=\"$access_key\">";
print "<p class='insensitive'>" . __("Use one access key for both linked instances.");
print "</div>";
print "<div class=\"dlgButtons\">
<div style='float : left'>
<button dojoType=\"dijit.form.Button\"
onclick=\"return dijit.byId('instanceEditDlg').regenKey()\">".
__('Generate new key')."</button>
</div>
<button dojoType=\"dijit.form.Button\"
onclick=\"return dijit.byId('instanceEditDlg').execute()\">".
__('Save')."</button>
<button dojoType=\"dijit.form.Button\"
onclick=\"return dijit.byId('instanceEditDlg').hide()\"\">".
__('Cancel')."</button></div>";
}
function editSave() {
$id = db_escape_string($_REQUEST["id"]);
$access_url = db_escape_string($_REQUEST["access_url"]);
$access_key = db_escape_string($_REQUEST["access_key"]);
db_query($this->link, "UPDATE ttrss_linked_instances SET
access_key = '$access_key', access_url = '$access_url',
last_connected = '1970-01-01'
WHERE id = '$id'");
}
function index() {
if (!function_exists('curl_init')) {
print "<div style='padding : 1em'>";
print_error("This functionality requires CURL functions. Please enable CURL in your PHP configuration (you might also want to disable open_basedir in php.ini) and reload this page.");
print "</div>";
}
print "<div id=\"pref-instance-wrap\" dojoType=\"dijit.layout.BorderContainer\" gutters=\"false\">";
print "<div id=\"pref-instance-header\" dojoType=\"dijit.layout.ContentPane\" region=\"top\">";
print "<div id=\"pref-instance-toolbar\" dojoType=\"dijit.Toolbar\">";
$sort = db_escape_string($_REQUEST["sort"]);
if (!$sort || $sort == "undefined") {
$sort = "access_url";
}
print "<div dojoType=\"dijit.form.DropDownButton\">".
"<span>" . __('Select')."</span>";
print "<div dojoType=\"dijit.Menu\" style=\"display: none;\">";
print "<div onclick=\"selectTableRows('prefInstanceList', 'all')\"
dojoType=\"dijit.MenuItem\">".__('All')."</div>";
print "<div onclick=\"selectTableRows('prefInstanceList', 'none')\"
dojoType=\"dijit.MenuItem\">".__('None')."</div>";
print "</div></div>";
print "<button dojoType=\"dijit.form.Button\" onclick=\"addInstance()\">".__('Link instance')."</button>";
print "<button dojoType=\"dijit.form.Button\" onclick=\"editSelectedInstance()\">".__('Edit')."</button>";
print "<button dojoType=\"dijit.form.Button\" onclick=\"removeSelectedInstances()\">".__('Remove')."</button>";
print "</div>"; #toolbar
$result = db_query($this->link, "SELECT *,
(SELECT COUNT(*) FROM ttrss_linked_feeds
WHERE instance_id = ttrss_linked_instances.id) AS num_feeds
FROM ttrss_linked_instances
ORDER BY $sort");
print "<p class=\"insensitive\" style='margin-left : 1em;'>" . __("You can connect other instances of Tiny Tiny RSS to this one to share Popular feeds. Link to this instance of Tiny Tiny RSS by using this URL:");
print " <a href=\"#\" onclick=\"alert('".htmlspecialchars(get_self_url_prefix())."')\">(display url)</a>";
print "<p><table width='100%' id='prefInstanceList' class='prefInstanceList' cellspacing='0'>";
print "<tr class=\"title\">
<td align='center' width=\"5%\">&nbsp;</td>
<td width=''><a href=\"#\" onclick=\"updateInstanceList('access_url')\">".__('Instance URL')."</a></td>
<td width='20%'><a href=\"#\" onclick=\"updateInstanceList('access_key')\">".__('Access key')."</a></td>
<td width='10%'><a href=\"#\" onclick=\"updateUsersList('last_connected')\">".__('Last connected')."</a></td>
<td width='10%'><a href=\"#\" onclick=\"updateUsersList('num_feeds')\">".__('Stored feeds')."</a></td>
</tr>";
$lnum = 0;
while ($line = db_fetch_assoc($result)) {
$class = ($lnum % 2) ? "even" : "odd";
$id = $line['id'];
$this_row_id = "id=\"LIRR-$id\"";
$line["last_connected"] = make_local_datetime($this->link, $line["last_connected"], false);
print "<tr class=\"$class\" $this_row_id>";
print "<td align='center'><input onclick='toggleSelectRow(this);'
type=\"checkbox\" id=\"LICHK-$id\"></td>";
$onclick = "onclick='editInstance($id, event)' title='".__('Click to edit')."'";
$access_key = mb_substr($line['access_key'], 0, 4) . '...' .
mb_substr($line['access_key'], -4);
print "<td $onclick>" . htmlspecialchars($line['access_url']) . "</td>";
print "<td $onclick>" . htmlspecialchars($access_key) . "</td>";
print "<td $onclick>" . htmlspecialchars($line['last_connected']) . "</td>";
print "<td $onclick>" . htmlspecialchars($line['num_feeds']) . "</td>";
print "</tr>";
++$lnum;
}
print "</table>";
print "</div>"; #pane
print "</div>"; #container
}
}
?>

210
classes/public_handler.php Normal file
View file

@ -0,0 +1,210 @@
<?php
class Public_Handler extends Handler {
function getUnread() {
$login = db_escape_string($_REQUEST["login"]);
$fresh = $_REQUEST["fresh"] == "1";
$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");
if (db_num_rows($result) == 1) {
$uid = db_fetch_result($result, 0, "id");
print getGlobalUnread($this->link, $uid);
if ($fresh) {
print ";";
print getFeedArticles($this->link, -3, false, true, $uid);
}
} else {
print "-1;User not found";
}
}
function getProfiles() {
$login = db_escape_string($_REQUEST["login"]);
$password = db_escape_string($_REQUEST["password"]);
if (authenticate_user($this->link, $login, $password)) {
$result = db_query($this->link, "SELECT * FROM ttrss_settings_profiles
WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");
print "<select style='width: 100%' name='profile'>";
print "<option value='0'>" . __("Default profile") . "</option>";
while ($line = db_fetch_assoc($result)) {
$id = $line["id"];
$title = $line["title"];
print "<option value='$id'>$title</option>";
}
print "</select>";
$_SESSION = array();
}
}
function pubsub() {
$mode = db_escape_string($_REQUEST['hub_mode']);
$feed_id = (int) db_escape_string($_REQUEST['id']);
$feed_url = db_escape_string($_REQUEST['hub_topic']);
if (!PUBSUBHUBBUB_ENABLED) {
header('HTTP/1.0 404 Not Found');
echo "404 Not found";
return;
}
// TODO: implement hub_verifytoken checking
$result = db_query($this->link, "SELECT feed_url FROM ttrss_feeds
WHERE id = '$feed_id'");
if (db_num_rows($result) != 0) {
$check_feed_url = db_fetch_result($result, 0, "feed_url");
if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) {
if ($mode == "subscribe") {
db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 2
WHERE id = '$feed_id'");
print $_REQUEST['hub_challenge'];
return;
} else if ($mode == "unsubscribe") {
db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0
WHERE id = '$feed_id'");
print $_REQUEST['hub_challenge'];
return;
} else if (!$mode) {
// Received update ping, schedule feed update.
//update_rss_feed($this->link, $feed_id, true, true);
db_query($this->link, "UPDATE ttrss_feeds SET
last_update_started = '1970-01-01',
last_updated = '1970-01-01' WHERE id = '$feed_id'");
}
} else {
header('HTTP/1.0 404 Not Found');
echo "404 Not found";
}
} else {
header('HTTP/1.0 404 Not Found');
echo "404 Not found";
}
}
function logout() {
logout_user();
header("Location: index.php");
}
function fbexport() {
$access_key = db_escape_string($_POST["key"]);
// TODO: rate limit checking using last_connected
$result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
WHERE access_key = '$access_key'");
if (db_num_rows($result) == 1) {
$instance_id = db_fetch_result($result, 0, "id");
$result = db_query($this->link, "SELECT feed_url, site_url, title, subscribers
FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");
$feeds = array();
while ($line = db_fetch_assoc($result)) {
array_push($feeds, $line);
}
db_query($this->link, "UPDATE ttrss_linked_instances SET
last_status_in = 1 WHERE id = '$instance_id'");
print json_encode(array("feeds" => $feeds));
} else {
print json_encode(array("error" => array("code" => 6)));
}
}
function share() {
$uuid = db_escape_string($_REQUEST["key"]);
$result = db_query($this->link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
uuid = '$uuid'");
if (db_num_rows($result) != 0) {
header("Content-Type: text/html");
$id = db_fetch_result($result, 0, "ref_id");
$owner_uid = db_fetch_result($result, 0, "owner_uid");
$_SESSION["uid"] = $owner_uid;
$article = format_article($this->link, $id, false, true);
$_SESSION["uid"] = "";
print_r($article['content']);
} else {
print "Article not found.";
}
}
function rss() {
header("Content-Type: text/xml; charset=utf-8");
$feed = db_escape_string($_REQUEST["id"]);
$key = db_escape_string($_REQUEST["key"]);
$is_cat = $_REQUEST["is_cat"] != false;
$limit = (int)db_escape_string($_REQUEST["limit"]);
$search = db_escape_string($_REQUEST["q"]);
$match_on = db_escape_string($_REQUEST["m"]);
$search_mode = db_escape_string($_REQUEST["smode"]);
$view_mode = db_escape_string($_REQUEST["view-mode"]);
if (SINGLE_USER_MODE) {
authenticate_user($this->link, "admin", null);
}
$owner_id = false;
if ($key) {
$result = db_query($this->link, "SELECT owner_uid FROM
ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");
if (db_num_rows($result) == 1)
$owner_id = db_fetch_result($result, 0, "owner_uid");
}
if ($owner_id) {
$_SESSION['uid'] = $owner_id;
generate_syndicated_feed($this->link, 0, $feed, $is_cat, $limit,
$search, $search_mode, $match_on, $view_mode);
} else {
header('HTTP/1.1 403 Forbidden');
}
}
/* function globalUpdateFeeds() {
// Update all feeds needing a update.
update_daemon_common($this->link, 0, true, true);
} */
}
?>

2
db-updater.php
View file

@ -9,7 +9,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
init_connection($link); if (!init_connection($link)) return;
login_sequence($link); login_sequence($link);
$owner_uid = $_SESSION["uid"]; $owner_uid = $_SESSION["uid"];

4
include/db.php
View file

@ -61,7 +61,7 @@ function db_query($link, $query, $die_on_error = true) {
if (!$result) { if (!$result) {
$query = htmlspecialchars($query); // just in case $query = htmlspecialchars($query); // just in case
if ($die_on_error) { if ($die_on_error) {
die("Query <i>$query</i> failed [$result]: " . pg_last_error($link)); die("Query <i>$query</i> failed [$result]: " . ($link ? pg_last_error($link) : "No connection"));
} }
} }
return $result; return $result;
@ -70,7 +70,7 @@ function db_query($link, $query, $die_on_error = true) {
if (!$result) { if (!$result) {
$query = htmlspecialchars($query); $query = htmlspecialchars($query);
if ($die_on_error) { if ($die_on_error) {
die("Query <i>$query</i> failed: " . mysql_error($link)); die("Query <i>$query</i> failed: " . ($link ? mysql_error($link) : "No connection"));
} }
} }
return $result; return $result;

295
include/functions.php
View file

@ -5835,18 +5835,24 @@
} }
function init_connection($link) { function init_connection($link) {
if (DB_TYPE == "pgsql") { if ($link) {
pg_query($link, "set client_encoding = 'UTF-8'");
pg_set_client_encoding("UNICODE");
pg_query($link, "set datestyle = 'ISO, european'");
pg_query($link, "set TIME ZONE 0");
} else {
db_query($link, "SET time_zone = '+0:0'");
if (defined('MYSQL_CHARSET') && MYSQL_CHARSET) { if (DB_TYPE == "pgsql") {
db_query($link, "SET NAMES " . MYSQL_CHARSET); pg_query($link, "set client_encoding = 'UTF-8'");
// db_query($link, "SET CHARACTER SET " . MYSQL_CHARSET); pg_set_client_encoding("UNICODE");
pg_query($link, "set datestyle = 'ISO, european'");
pg_query($link, "set TIME ZONE 0");
} else {
db_query($link, "SET time_zone = '+0:0'");
if (defined('MYSQL_CHARSET') && MYSQL_CHARSET) {
db_query($link, "SET NAMES " . MYSQL_CHARSET);
}
} }
return true;
} else {
print "Unable to connect to database:" . db_last_error();
return false;
} }
} }
@ -7428,242 +7434,25 @@
} }
} }
function handle_public_request($link, $op) {
switch ($op) {
case "getUnread":
$login = db_escape_string($_REQUEST["login"]);
$fresh = $_REQUEST["fresh"] == "1";
$result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");
if (db_num_rows($result) == 1) {
$uid = db_fetch_result($result, 0, "id");
print getGlobalUnread($link, $uid);
if ($fresh) {
print ";";
print getFeedArticles($link, -3, false, true, $uid);
}
} else {
print "-1;User not found";
}
break; // getUnread
case "getProfiles":
$login = db_escape_string($_REQUEST["login"]);
$password = db_escape_string($_REQUEST["password"]);
if (authenticate_user($link, $login, $password)) {
$result = db_query($link, "SELECT * FROM ttrss_settings_profiles
WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");
print "<select style='width: 100%' name='profile'>";
print "<option value='0'>" . __("Default profile") . "</option>";
while ($line = db_fetch_assoc($result)) {
$id = $line["id"];
$title = $line["title"];
print "<option value='$id'>$title</option>";
}
print "</select>";
$_SESSION = array();
}
break; // getprofiles
case "pubsub":
$mode = db_escape_string($_REQUEST['hub_mode']);
$feed_id = (int) db_escape_string($_REQUEST['id']);
$feed_url = db_escape_string($_REQUEST['hub_topic']);
if (!PUBSUBHUBBUB_ENABLED) {
header('HTTP/1.0 404 Not Found');
echo "404 Not found";
return;
}
// TODO: implement hub_verifytoken checking
$result = db_query($link, "SELECT feed_url FROM ttrss_feeds
WHERE id = '$feed_id'");
if (db_num_rows($result) != 0) {
$check_feed_url = db_fetch_result($result, 0, "feed_url");
if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) {
if ($mode == "subscribe") {
db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 2
WHERE id = '$feed_id'");
print $_REQUEST['hub_challenge'];
return;
} else if ($mode == "unsubscribe") {
db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 0
WHERE id = '$feed_id'");
print $_REQUEST['hub_challenge'];
return;
} else if (!$mode) {
// Received update ping, schedule feed update.
//update_rss_feed($link, $feed_id, true, true);
db_query($link, "UPDATE ttrss_feeds SET
last_update_started = '1970-01-01',
last_updated = '1970-01-01' WHERE id = '$feed_id'");
}
} else {
header('HTTP/1.0 404 Not Found');
echo "404 Not found";
}
} else {
header('HTTP/1.0 404 Not Found');
echo "404 Not found";
}
break; // pubsub
case "logout":
logout_user();
header("Location: index.php");
break; // logout
case "fbexport":
$access_key = db_escape_string($_POST["key"]);
// TODO: rate limit checking using last_connected
$result = db_query($link, "SELECT id FROM ttrss_linked_instances
WHERE access_key = '$access_key'");
if (db_num_rows($result) == 1) {
$instance_id = db_fetch_result($result, 0, "id");
$result = db_query($link, "SELECT feed_url, site_url, title, subscribers
FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");
$feeds = array();
while ($line = db_fetch_assoc($result)) {
array_push($feeds, $line);
}
db_query($link, "UPDATE ttrss_linked_instances SET
last_status_in = 1 WHERE id = '$instance_id'");
print json_encode(array("feeds" => $feeds));
} else {
print json_encode(array("error" => array("code" => 6)));
}
break; // fbexport
case "share":
$uuid = db_escape_string($_REQUEST["key"]);
$result = db_query($link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
uuid = '$uuid'");
if (db_num_rows($result) != 0) {
header("Content-Type: text/html");
$id = db_fetch_result($result, 0, "ref_id");
$owner_uid = db_fetch_result($result, 0, "owner_uid");
$_SESSION["uid"] = $owner_uid;
$article = format_article($link, $id, false, true);
$_SESSION["uid"] = "";
print_r($article['content']);
} else {
print "Article not found.";
}
break;
case "rss":
$feed = db_escape_string($_REQUEST["id"]);
$key = db_escape_string($_REQUEST["key"]);
$is_cat = $_REQUEST["is_cat"] != false;
$limit = (int)db_escape_string($_REQUEST["limit"]);
$search = db_escape_string($_REQUEST["q"]);
$match_on = db_escape_string($_REQUEST["m"]);
$search_mode = db_escape_string($_REQUEST["smode"]);
$view_mode = db_escape_string($_REQUEST["view-mode"]);
if (SINGLE_USER_MODE) {
authenticate_user($link, "admin", null);
}
$owner_id = false;
if ($key) {
$result = db_query($link, "SELECT owner_uid FROM
ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");
if (db_num_rows($result) == 1)
$owner_id = db_fetch_result($result, 0, "owner_uid");
}
if ($owner_id) {
$_SESSION['uid'] = $owner_id;
generate_syndicated_feed($link, 0, $feed, $is_cat, $limit,
$search, $search_mode, $match_on, $view_mode);
} else {
header('HTTP/1.1 403 Forbidden');
}
break; // rss
case "globalUpdateFeeds":
// Update all feeds needing a update.
update_daemon_common($link, 0, true, true);
break; // globalUpdateFeeds
default:
header("Content-Type: text/plain");
print json_encode(array("error" => array("code" => 7)));
break; // fallback
}
}
function make_feed_browser($link, $search, $limit, $mode = 1) { function make_feed_browser($link, $search, $limit, $mode = 1) {
$owner_uid = $_SESSION["uid"]; $owner_uid = $_SESSION["uid"];
$rv = ''; $rv = '';
if ($search) { if ($search) {
$search_qpart = "AND (UPPER(feed_url) LIKE UPPER('%$search%') OR $search_qpart = "AND (UPPER(feed_url) LIKE UPPER('%$search%') OR
UPPER(title) LIKE UPPER('%$search%'))"; UPPER(title) LIKE UPPER('%$search%'))";
} else { } else {
$search_qpart = ""; $search_qpart = "";
} }
if ($mode == 1) { if ($mode == 1) {
/* $result = db_query($link, "SELECT feed_url, subscribers FROM /* $result = db_query($link, "SELECT feed_url, subscribers FROM
ttrss_feedbrowser_cache WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf ttrss_feedbrowser_cache WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
WHERE tf.feed_url = ttrss_feedbrowser_cache.feed_url WHERE tf.feed_url = ttrss_feedbrowser_cache.feed_url
AND owner_uid = '$owner_uid') $search_qpart AND owner_uid = '$owner_uid') $search_qpart
ORDER BY subscribers DESC LIMIT $limit"); */ ORDER BY subscribers DESC LIMIT $limit"); */
$result = db_query($link, "SELECT feed_url, site_url, title, SUM(subscribers) AS subscribers FROM $result = db_query($link, "SELECT feed_url, site_url, title, SUM(subscribers) AS subscribers FROM
(SELECT feed_url, site_url, title, subscribers FROM ttrss_feedbrowser_cache UNION ALL (SELECT feed_url, site_url, title, subscribers FROM ttrss_feedbrowser_cache UNION ALL
SELECT feed_url, site_url, title, subscribers FROM ttrss_linked_feeds) AS qqq SELECT feed_url, site_url, title, subscribers FROM ttrss_linked_feeds) AS qqq
@ -7672,7 +7461,7 @@
WHERE tf.feed_url = qqq.feed_url WHERE tf.feed_url = qqq.feed_url
AND owner_uid = '$owner_uid') $search_qpart AND owner_uid = '$owner_uid') $search_qpart
GROUP BY feed_url, site_url, title ORDER BY subscribers DESC LIMIT $limit"); GROUP BY feed_url, site_url, title ORDER BY subscribers DESC LIMIT $limit");
} else if ($mode == 2) { } else if ($mode == 2) {
$result = db_query($link, "SELECT *, $result = db_query($link, "SELECT *,
(SELECT COUNT(*) FROM ttrss_user_entries WHERE (SELECT COUNT(*) FROM ttrss_user_entries WHERE
@ -7686,74 +7475,74 @@
owner_uid = '$owner_uid' $search_qpart owner_uid = '$owner_uid' $search_qpart
ORDER BY id DESC LIMIT $limit"); ORDER BY id DESC LIMIT $limit");
} }
$feedctr = 0; $feedctr = 0;
while ($line = db_fetch_assoc($result)) { while ($line = db_fetch_assoc($result)) {
if ($mode == 1) { if ($mode == 1) {
$feed_url = htmlspecialchars($line["feed_url"]); $feed_url = htmlspecialchars($line["feed_url"]);
$site_url = htmlspecialchars($line["site_url"]); $site_url = htmlspecialchars($line["site_url"]);
$subscribers = $line["subscribers"]; $subscribers = $line["subscribers"];
$check_box = "<input onclick='toggleSelectListRow2(this)' $check_box = "<input onclick='toggleSelectListRow2(this)'
dojoType=\"dijit.form.CheckBox\" dojoType=\"dijit.form.CheckBox\"
type=\"checkbox\" \">"; type=\"checkbox\" \">";
$class = ($feedctr % 2) ? "even" : "odd"; $class = ($feedctr % 2) ? "even" : "odd";
$site_url = "<a target=\"_blank\" $site_url = "<a target=\"_blank\"
href=\"$site_url\"> href=\"$site_url\">
<span class=\"fb_feedTitle\">". <span class=\"fb_feedTitle\">".
htmlspecialchars($line["title"])."</span></a>"; htmlspecialchars($line["title"])."</span></a>";
$feed_url = "<a target=\"_blank\" class=\"fb_feedUrl\" $feed_url = "<a target=\"_blank\" class=\"fb_feedUrl\"
href=\"$feed_url\"><img src='images/feed-icon-12x12.png' href=\"$feed_url\"><img src='images/feed-icon-12x12.png'
style='vertical-align : middle'></a>"; style='vertical-align : middle'></a>";
$rv .= "<li>$check_box $feed_url $site_url". $rv .= "<li>$check_box $feed_url $site_url".
"&nbsp;<span class='subscribers'>($subscribers)</span></li>"; "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
} else if ($mode == 2) { } else if ($mode == 2) {
$feed_url = htmlspecialchars($line["feed_url"]); $feed_url = htmlspecialchars($line["feed_url"]);
$site_url = htmlspecialchars($line["site_url"]); $site_url = htmlspecialchars($line["site_url"]);
$title = htmlspecialchars($line["title"]); $title = htmlspecialchars($line["title"]);
$check_box = "<input onclick='toggleSelectListRow2(this)' dojoType=\"dijit.form.CheckBox\" $check_box = "<input onclick='toggleSelectListRow2(this)' dojoType=\"dijit.form.CheckBox\"
type=\"checkbox\">"; type=\"checkbox\">";
$class = ($feedctr % 2) ? "even" : "odd"; $class = ($feedctr % 2) ? "even" : "odd";
if ($line['articles_archived'] > 0) { if ($line['articles_archived'] > 0) {
$archived = sprintf(__("%d archived articles"), $line['articles_archived']); $archived = sprintf(__("%d archived articles"), $line['articles_archived']);
$archived = "&nbsp;<span class='subscribers'>($archived)</span>"; $archived = "&nbsp;<span class='subscribers'>($archived)</span>";
} else { } else {
$archived = ''; $archived = '';
} }
$site_url = "<a target=\"_blank\" $site_url = "<a target=\"_blank\"
href=\"$site_url\"> href=\"$site_url\">
<span class=\"fb_feedTitle\">". <span class=\"fb_feedTitle\">".
htmlspecialchars($line["title"])."</span></a>"; htmlspecialchars($line["title"])."</span></a>";
$feed_url = "<a target=\"_blank\" class=\"fb_feedUrl\" $feed_url = "<a target=\"_blank\" class=\"fb_feedUrl\"
href=\"$feed_url\"><img src='images/feed-icon-12x12.png' href=\"$feed_url\"><img src='images/feed-icon-12x12.png'
style='vertical-align : middle'></a>"; style='vertical-align : middle'></a>";
$rv .= "<li id=\"FBROW-".$line["id"]."\">". $rv .= "<li id=\"FBROW-".$line["id"]."\">".
"$check_box $feed_url $site_url $archived</li>"; "$check_box $feed_url $site_url $archived</li>";
} }
++$feedctr; ++$feedctr;
} }
if ($feedctr == 0) { if ($feedctr == 0) {
$rv .= "<li style=\"text-align : center\"><p>".__('No feeds found.')."</p></li>"; $rv .= "<li style=\"text-align : center\"><p>".__('No feeds found.')."</p></li>";
} }
return $rv; return $rv;
} }
?> ?>

2
index.php
View file

@ -16,7 +16,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
init_connection($link); if (!init_connection($link)) return;
login_sequence($link); login_sequence($link);

2
opml.php
View file

@ -10,7 +10,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
init_connection($link); if (!init_connection($link)) return;
function opml_export($link, $name, $owner_uid, $hide_private_feeds=false, $include_settings=true) { function opml_export($link, $name, $owner_uid, $hide_private_feeds=false, $include_settings=true) {
if (!$_REQUEST["debug"]) { if (!$_REQUEST["debug"]) {

2
prefs.php
View file

@ -10,7 +10,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
init_connection($link); if (!init_connection($link)) return;
login_sequence($link); login_sequence($link);

49
public.php
View file

@ -16,10 +16,8 @@
$_REQUEST = array_map('stripslashes_deep', $_REQUEST); $_REQUEST = array_map('stripslashes_deep', $_REQUEST);
} }
$op = $_REQUEST["op"];
require_once "functions.php"; require_once "functions.php";
if ($op != "share") require_once "sessions.php"; require_once "sessions.php";
require_once "sanity_check.php"; require_once "sanity_check.php";
require_once "config.php"; require_once "config.php";
require_once "db.php"; require_once "db.php";
@ -33,30 +31,37 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (!$link) { if (!init_connection($link)) return;
if (DB_TYPE == "mysql") {
print mysql_error();
}
// PG seems to display its own errors just fine by default.
return;
}
init_connection($link);
$method = $_REQUEST["method"];
$mode = $_REQUEST["mode"];
if ((!$op || $op == "rss" || $op == "dlg") && !$_REQUEST["noxml"]) {
header("Content-Type: application/xml; charset=utf-8");
} else {
header("Content-Type: text/plain; charset=utf-8");
}
if (ENABLE_GZIP_OUTPUT) { if (ENABLE_GZIP_OUTPUT) {
ob_start("ob_gzhandler"); ob_start("ob_gzhandler");
} }
handle_public_request($link, $op); function __autoload($class) {
$file = "classes/".strtolower(basename($class)).".php";
if (file_exists($file)) {
require $file;
}
}
$method = $_REQUEST["op"];
$handler = new Public_Handler($link, $_REQUEST);
if ($handler) {
if ($handler->before()) {
if ($method && method_exists($handler, $method)) {
$handler->$method();
} else if (method_exists($handler, 'index')) {
$handler->index();
}
$handler->after();
return;
}
}
header("Content-Type: text/plain");
print json_encode(array("error" => array("code" => 7)));
// We close the connection to database. // We close the connection to database.
db_close($link); db_close($link);

2
register.php
View file

@ -18,7 +18,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
init_connection($link); if (!init_connection($link)) return;
if ($_REQUEST["format"] == "feed") { if ($_REQUEST["format"] == "feed") {
header("Content-Type: text/xml"); header("Content-Type: text/xml");

2
twitter.php
View file

@ -11,7 +11,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
init_connection($link); if (!init_connection($link)) return;
login_sequence($link); login_sequence($link);
$owner_uid = $_SESSION["uid"]; $owner_uid = $_SESSION["uid"];

8
update.php
View file

@ -47,14 +47,6 @@
// Create a database connection. // Create a database connection.
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (!$link) {
if (DB_TYPE == "mysql") {
print mysql_error();
}
// PG seems to display its own errors just fine by default.
return;
}
init_connection($link); init_connection($link);
if ($op == "-feeds") { if ($op == "-feeds") {

18
update_daemon2.php
View file

@ -133,13 +133,7 @@
// It is unnecessary to start the fork loop if database is not ok. // It is unnecessary to start the fork loop if database is not ok.
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (!$link) { if (!init_connection($link)) return;
if (DB_TYPE == "mysql") {
print mysql_error();
}
// PG seems to display its own errors just fine by default.
return;
}
db_close($link); db_close($link);
@ -190,15 +184,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (!$link) { if (!init_connection($link)) return;
if (DB_TYPE == "mysql") {
print mysql_error();
}
// PG seems to display its own errors just fine by default.
return;
}
init_connection($link);
// We disable stamp file, since it is of no use in a multiprocess update. // We disable stamp file, since it is of no use in a multiprocess update.
// not really, tho for the time being -fox // not really, tho for the time being -fox