tt-rss/backend.php

<?php
	set_include_path(get_include_path() . PATH_SEPARATOR . "include");

	/* remove ill effects of magic quotes */

	if (get_magic_quotes_gpc()) {
		function stripslashes_deep($value) {
			$value = is_array($value) ?
				array_map('stripslashes_deep', $value) : stripslashes($value);
				return $value;
		}

		$_POST = array_map('stripslashes_deep', $_POST);
		$_GET = array_map('stripslashes_deep', $_GET);
		$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
		$_REQUEST = array_map('stripslashes_deep', $_REQUEST);
	}

	function __autoload($class) {
		$file = "classes/".strtolower(basename($class)).".php";
		if (file_exists($file)) {
			require $file;
		}
	}

	$op = $_REQUEST["op"];

	require_once "functions.php";
	if ($op != "share") require_once "sessions.php";
	require_once "sanity_check.php";
	require_once "config.php";
	require_once "db.php";
	require_once "db-prefs.php";

	no_cache_incantation();

	startup_gettext();

	$script_started = getmicrotime();

	$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);

	if (!$link) {
		if (DB_TYPE == "mysql") {
			print mysql_error();
		}
		// PG seems to display its own errors just fine by default.
		return;
	}

	init_connection($link);

	$method = strtolower($_REQUEST["method"]);
	$mode = $_REQUEST["mode"];

	/* if ((!$op || $op == "rss" || $op == "dlg") && !$_REQUEST["noxml"]) {
			header("Content-Type: application/xml; charset=utf-8");
	} else {
			header("Content-Type: text/plain; charset=utf-8");
	} */

	header("Content-Type: text/plain; charset=utf-8");

	if (ENABLE_GZIP_OUTPUT) {
		ob_start("ob_gzhandler");
	}

	if (SINGLE_USER_MODE) {
		authenticate_user($link, "admin", null);
	}

	$public_calls = array("globalUpdateFeeds", "rss", "getUnread", "getProfiles", "share",
		"fbexport", "logout", "pubsub");

	if (array_search($op, $public_calls) !== false) {

		handle_public_request($link, $op);
		return;

	} else if (!($_SESSION["uid"] && validate_session($link))) {
		if ($op == 'pref-feeds' && $_REQUEST['method'] == 'add') {
			header("Content-Type: text/html");
			login_sequence($link);
			render_login_form($link);
		} else {
			header("Content-Type: text/plain");
			print json_encode(array("error" => array("code" => 6)));
		}
		return;
	}

	$purge_intervals = array(
		0  => __("Use default"),
		-1 => __("Never purge"),
		5  => __("1 week old"),
		14 => __("2 weeks old"),
		31 => __("1 month old"),
		60 => __("2 months old"),
		90 => __("3 months old"));

	$update_intervals = array(
		0   => __("Default interval"),
		-1  => __("Disable updates"),
		15  => __("Each 15 minutes"),
		30  => __("Each 30 minutes"),
		60  => __("Hourly"),
		240 => __("Each 4 hours"),
		720 => __("Each 12 hours"),
		1440 => __("Daily"),
		10080 => __("Weekly"));

	$update_intervals_nodefault = array(
		-1  => __("Disable updates"),
		15  => __("Each 15 minutes"),
		30  => __("Each 30 minutes"),
		60  => __("Hourly"),
		240 => __("Each 4 hours"),
		720 => __("Each 12 hours"),
		1440 => __("Daily"),
		10080 => __("Weekly"));

	$update_methods = array(
		0   => __("Default"),
		1   => __("Magpie"),
		2   => __("SimplePie"),
		3   => __("Twitter OAuth"));

	if (DEFAULT_UPDATE_METHOD == "1") {
		$update_methods[0] .= ' (SimplePie)';
	} else {
		$update_methods[0] .= ' (Magpie)';
	}

	$access_level_names = array(
		0 => __("User"),
		5 => __("Power User"),
		10 => __("Administrator"));

	$error = sanity_check($link);

	if ($error['code'] != 0 && $op != "logout") {
		print json_encode(array("error" => $error));
		return;
	}

	if (class_exists($op)) {
		$handler = new $op($link, $_REQUEST);

		if ($handler) {
			if ($handler->before()) {
				if ($method && method_exists($handler, $method)) {
					$handler->$method();
				} else if (method_exists($handler, 'index')) {
					$handler->index();
				}
				$handler->after();
				return;
			}
		}
	}

	switch($op) { // Select action according to $op value.

		case "pref-feeds":
			require_once "modules/pref-feeds.php";
			module_pref_feeds($link);
		break; // pref-feeds

		case "pref-filters":
			require_once "modules/pref-filters.php";
			module_pref_filters($link);
		break; // pref-filters

		case "pref-labels":
			require_once "modules/pref-labels.php";
			module_pref_labels($link);
		break; // pref-labels

		case "pref-prefs":
			require_once "modules/pref-prefs.php";
			module_pref_prefs($link);
		break; // pref-prefs

		case "pref-users":
			require_once "modules/pref-users.php";
			module_pref_users($link);
		break; // prefs-users

		case "help":
			require_once "modules/help.php";
			module_help($link);
		break; // help

		case "pref-instances":
			require_once "modules/pref-instances.php";
			module_pref_instances($link);
		break; // pref-instances

		case "digestTest":
			print_r(prepare_headlines_digest($link, $_SESSION["uid"]));
		break; // digestTest

		case "digestSend":
			send_headlines_digests($link);
		break; // digestSend

		case "loading":
			header("Content-type: text/html");
			print __("Loading, please wait...") . " " .
				"<img src='images/indicator_tiny.gif'>";
		break; // loading

		default:
			header("Content-Type: text/plain");
			print json_encode(array("error" => array("code" => 7)));
		break; // fallback
	} // Select action according to $op value.

	// We close the connection to database.
	db_close($link);
?>
change short php tags to long ones 18 years ago			`<?php`
overall directory tree cleanup 13 years ago			`set_include_path(get_include_path() . PATH_SEPARATOR . "include");`

disable magic quotes if needed 17 years ago			`/* remove ill effects of magic quotes */`

make sure magic quote workaround actually works 14 years ago			`if (get_magic_quotes_gpc()) {`
use better magic quotes removal fix 14 years ago			`function stripslashes_deep($value) {`
backend/view: use JSON instead of XML; backend: output session invalid error using JSON 13 years ago			`$value = is_array($value) ?`
use better magic quotes removal fix 14 years ago			`array_map('stripslashes_deep', $value) : stripslashes($value);`
			`return $value;`
			`}`

			`$_POST = array_map('stripslashes_deep', $_POST);`
			`$_GET = array_map('stripslashes_deep', $_GET);`
			`$_COOKIE = array_map('stripslashes_deep', $_COOKIE);`
			`$_REQUEST = array_map('stripslashes_deep', $_REQUEST);`
disable magic quotes if needed 17 years ago			`}`

add tiny-OOP style backend RPC 13 years ago			`function __autoload($class) {`
			`$file = "classes/".strtolower(basename($class)).".php";`
			`if (file_exists($file)) {`
			`require $file;`
			`}`
			`}`

fix sharing for not logged in users 13 years ago			`$op = $_REQUEST["op"];`

remove error_reporting() hacks; set default error reporting level in functions.php 14 years ago			`require_once "functions.php";`
fix sharing for not logged in users 13 years ago			`if ($op != "share") require_once "sessions.php";`
provide startup config.php value checking, report at D001 18 years ago			`require_once "sanity_check.php";`
			`require_once "config.php";`
better fatal error handling by frontend (remove error.php) 18 years ago			`require_once "db.php";`
			`require_once "db-prefs.php";`
provide startup config.php value checking, report at D001 18 years ago
no-cache fixes for safari 17 years ago			`no_cache_incantation();`
do not reference gettext modules if ENABLE_TRANSLATIONS is disabled 17 years ago
config: remove ENABLE_TRANSLATIONS 13 years ago			`startup_gettext();`
no-cache fixes for safari 17 years ago
login system tweaks 17 years ago			`$script_started = getmicrotime();`

backend/view: use JSON instead of XML; backend: output session invalid error using JSON 13 years ago			`$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);`
login system tweaks 17 years ago
			`if (!$link) {`
			`if (DB_TYPE == "mysql") {`
			`print mysql_error();`
			`}`
backend/view: use JSON instead of XML; backend: output session invalid error using JSON 13 years ago			`// PG seems to display its own errors just fine by default.`
login system tweaks 17 years ago			`return;`
			`}`

code cleanup, test for db_escape() crazyness in DB sanity check 16 years ago			`init_connection($link);`
login system tweaks 17 years ago
add tiny-OOP style backend RPC 13 years ago			`$method = strtolower($_REQUEST["method"]);`
disable application/xml content-type for op=view zoom mode 16 years ago			`$mode = $_REQUEST["mode"];`
login system tweaks 17 years ago
implement tiny-OOP routing 13 years ago			`/* if ((!$op \|\| $op == "rss" \|\| $op == "dlg") && !$_REQUEST["noxml"]) {`
rpc: no longer use XML 13 years ago			`header("Content-Type: application/xml; charset=utf-8");`
			`} else {`
add experimental support for simplepie (once again) 17 years ago			`header("Content-Type: text/plain; charset=utf-8");`
implement tiny-OOP routing 13 years ago			`} */`

			`header("Content-Type: text/plain; charset=utf-8");`
automatically logout user when session expires 19 years ago
backend/viewfeed: use JSON 13 years ago			`if (ENABLE_GZIP_OUTPUT) {`
			`ob_start("ob_gzhandler");`
			`}`

backend: force login on init when in single user mode 15 years ago			`if (SINGLE_USER_MODE) {`
			`authenticate_user($link, "admin", null);`
			`}`

experimental split of public calls into public.php (refs #389) 13 years ago			`$public_calls = array("globalUpdateFeeds", "rss", "getUnread", "getProfiles", "share",`
			`"fbexport", "logout", "pubsub");`
backend/view: use JSON instead of XML; backend: output session invalid error using JSON 13 years ago
experimental split of public calls into public.php (refs #389) 13 years ago			`if (array_search($op, $public_calls) !== false) {`

			`handle_public_request($link, $op);`
			`return;`

			`} else if (!($_SESSION["uid"] && validate_session($link))) {`
subop -> method 13 years ago			`if ($op == 'pref-feeds' && $_REQUEST['method'] == 'add') {`
allow redirect to login page when calling external feed subscription url (using bookmarklet, for example) (refs #344) 13 years ago			`header("Content-Type: text/html");`
			`login_sequence($link);`
			`render_login_form($link);`
			`} else {`
			`header("Content-Type: text/plain");`
			`print json_encode(array("error" => array("code" => 6)));`
			`}`
backend/view: use JSON instead of XML; backend: output session invalid error using JSON 13 years ago			`return;`
automatically logout user when session expires 19 years ago			`}`
http user auth, password changer in preferences 19 years ago
simplify update/purge interval selection 18 years ago			`$purge_intervals = array(`
change _() to __() (use php-gettext) 17 years ago			`0 => __("Use default"),`
			`-1 => __("Never purge"),`
			`5 => __("1 week old"),`
			`14 => __("2 weeks old"),`
			`31 => __("1 month old"),`
			`60 => __("2 months old"),`
			`90 => __("3 months old"));`
simplify update/purge interval selection 18 years ago
			`$update_intervals = array(`
rework feed dialog layouts 16 years ago			`0 => __("Default interval"),`
change _() to __() (use php-gettext) 17 years ago			`-1 => __("Disable updates"),`
add 15 minute feed update interval 17 years ago			`15 => __("Each 15 minutes"),`
change _() to __() (use php-gettext) 17 years ago			`30 => __("Each 30 minutes"),`
pref-prefs: show default update interval as a dropdown 15 years ago			`60 => __("Hourly"),`
			`240 => __("Each 4 hours"),`
			`720 => __("Each 12 hours"),`
			`1440 => __("Daily"),`
			`10080 => __("Weekly"));`

			`$update_intervals_nodefault = array(`
			`-1 => __("Disable updates"),`
			`15 => __("Each 15 minutes"),`
			`30 => __("Each 30 minutes"),`
change _() to __() (use php-gettext) 17 years ago			`60 => __("Hourly"),`
			`240 => __("Each 4 hours"),`
			`720 => __("Each 12 hours"),`
			`1440 => __("Daily"),`
			`10080 => __("Weekly"));`
simplify update/purge interval selection 18 years ago
allow per-feed update method selection 17 years ago			`$update_methods = array(`
rework feed dialog layouts 16 years ago			`0 => __("Default"),`
add update method names array 17 years ago			`1 => __("Magpie"),`
backend/view: use JSON instead of XML; backend: output session invalid error using JSON 13 years ago			`2 => __("SimplePie"),`
add separate update method for Twitter, select it as default when subscribing to twitter.com feeds 14 years ago			`3 => __("Twitter OAuth"));`
allow per-feed update method selection 17 years ago
config: replace confusing option ENABLE_SIMPLEPIE with DEFAULT_UPDATE_METHOD; bump config version 14 years ago			`if (DEFAULT_UPDATE_METHOD == "1") {`
allow per-feed update method selection 17 years ago			`$update_methods[0] .= ' (SimplePie)';`
			`} else {`
			`$update_methods[0] .= ' (Magpie)';`
			`}`

user editor improved, some form parameter validation reimplemented for prototyped-forms 18 years ago			`$access_level_names = array(`
backend/view: use JSON instead of XML; backend: output session invalid error using JSON 13 years ago			`0 => __("User"),`
add new access level 5, show user's level in prefs 16 years ago			`5 => __("Power User"),`
change _() to __() (use php-gettext) 17 years ago			`10 => __("Administrator"));`
user editor improved, some form parameter validation reimplemented for prototyped-forms 18 years ago
rework initial sanitycheck to use JSON 13 years ago			`$error = sanity_check($link);`

fix redirects after schema upgrade; fix logout requiring valid schema 13 years ago			`if ($error['code'] != 0 && $op != "logout") {`
rework initial sanitycheck to use JSON 13 years ago			`print json_encode(array("error" => $error));`
			`return;`
			`}`
mark feeds with update errors in feedlist (closes #8) 19 years ago
add tiny-OOP style backend RPC 13 years ago			`if (class_exists($op)) {`
			`$handler = new $op($link, $_REQUEST);`
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago
add tiny-OOP style backend RPC 13 years ago			`if ($handler) {`
			`if ($handler->before()) {`
implement tiny-OOP routing 13 years ago			`if ($method && method_exists($handler, $method)) {`
			`$handler->$method();`
			`} else if (method_exists($handler, 'index')) {`
			`$handler->index();`
add tiny-OOP style backend RPC 13 years ago			`}`
implement tiny-OOP routing 13 years ago			`$handler->after();`
			`return;`
add tiny-OOP style backend RPC 13 years ago			`}`
			`}`
			`}`

			`switch($op) { // Select action according to $op value.`
initial mockup 19 years ago
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`case "pref-feeds":`
backend: do not include all modules all the time 13 years ago			`require_once "modules/pref-feeds.php";`
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`module_pref_feeds($link);`
			`break; // pref-feeds`
browser interface fixes 19 years ago
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`case "pref-filters":`
backend: do not include all modules all the time 13 years ago			`require_once "modules/pref-filters.php";`
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`module_pref_filters($link);`
			`break; // pref-filters`
feed browser now works 19 years ago
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`case "pref-labels":`
backend: do not include all modules all the time 13 years ago			`require_once "modules/pref-labels.php";`
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`module_pref_labels($link);`
			`break; // pref-labels`
fix title/link quote escaping issue when subscribing from feed browser (thread 108) 18 years ago
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`case "pref-prefs":`
backend: do not include all modules all the time 13 years ago			`require_once "modules/pref-prefs.php";`
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`module_pref_prefs($link);`
			`break; // pref-prefs`
module fixes 18 years ago
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`case "pref-users":`
backend: do not include all modules all the time 13 years ago			`require_once "modules/pref-users.php";`
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`module_pref_users($link);`
			`break; // prefs-users`
feed browser now works 19 years ago
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`case "help":`
backend: do not include all modules all the time 13 years ago			`require_once "modules/help.php";`
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`module_help($link);`
			`break; // help`
feed browser now works 19 years ago
implement instances tab 13 years ago			`case "pref-instances":`
backend: do not include all modules all the time 13 years ago			`require_once "modules/pref-instances.php";`
implement instances tab 13 years ago			`module_pref_instances($link);`
			`break; // pref-instances`

move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`case "digestTest":`
			`print_r(prepare_headlines_digest($link, $_SESSION["uid"]));`
			`break; // digestTest`
security fix for op=digestTest 18 years ago
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`case "digestSend":`
			`send_headlines_digests($link);`
			`break; // digestSend`
add experimental digest code 18 years ago
add tweet button to digest, misc digest fixes; rework article tweeting to use ajax loading of needed info 14 years ago			`case "loading":`
backend/loading: fix content type 13 years ago			`header("Content-type: text/html");`
backend/view: use JSON instead of XML; backend: output session invalid error using JSON 13 years ago			`print __("Loading, please wait...") . " " .`
add tweet button to digest, misc digest fixes; rework article tweeting to use ajax loading of needed info 14 years ago			`"<img src='images/indicator_tiny.gif'>";`
implement instances tab 13 years ago			`break; // loading`
add tweet button to digest, misc digest fixes; rework article tweeting to use ajax loading of needed info 14 years ago
merge logout.php inside backend.php 13 years ago			`default:`
			`header("Content-Type: text/plain");`
			`print json_encode(array("error" => array("code" => 7)));`
implement instances tab 13 years ago			`break; // fallback`
implement pubsubhubbub subscriber (update schema) 13 years ago			`} // Select action according to $op value.`
add tweet button to digest, misc digest fixes; rework article tweeting to use ajax loading of needed info 14 years ago
move update daemon code to common function, reorganize backend.php (patch from landure) 17 years ago			`// We close the connection to database.`
updated mysql schema 19 years ago			`db_close($link);`
initial mockup 19 years ago			`?>`