banananetwork
/
tt-rss
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

rssutils: PDO

Browse Source
master
Andrew Dolgov 7 years ago
parent afcb105f4e
commit 0567016b40
2 changed files with 285 additions and 280 deletions
Show Stats Download Patch File Download Diff File

10
classes/ccache.php
Unescape Escape View File

@ -142,7 +142,13 @@ class CCache {
$unread = (int) Feeds::getFeedArticles($feed_id, $is_cat, true, $owner_uid); $unread = (int) Feeds::getFeedArticles($feed_id, $is_cat, true, $owner_uid);
} }
$pdo->beginTransaction(); $tr_in_progress = false;
try {
$pdo->beginTransaction();
} catch (Exception $e) {
$tr_in_progress = true;
}
$sth = $pdo->prepare("SELECT feed_id FROM $table $sth = $pdo->prepare("SELECT feed_id FROM $table
WHERE owner_uid = ? AND feed_id = ? LIMIT 1"); WHERE owner_uid = ? AND feed_id = ? LIMIT 1");
@ -164,7 +170,7 @@ class CCache {
$sth->execute([$feed_id, $unread, $owner_uid]); $sth->execute([$feed_id, $unread, $owner_uid]);
} }
$pdo->commit(); if (!$tr_in_progress) $pdo->commit();
if ($feed_id > 0 && $prev_unread != $unread) { if ($feed_id > 0 && $prev_unread != $unread) {

553
classes/rssutils.php
Unescape Escape View File

@ -33,10 +33,10 @@ class RSSUtils {
while ($line = $sth->fetch()) { while ($line = $sth->fetch()) {
$subscribers = db_escape_string($line["subscribers"]); $subscribers = $line["subscribers"];
$feed_url = db_escape_string($line["feed_url"]); $feed_url = $line["feed_url"];
$title = db_escape_string($line["title"]); $title = $line["title"];
$site_url = db_escape_string($line["site_url"]); $site_url = $line["site_url"];
$tmph = $pdo->prepare("SELECT subscribers FROM $tmph = $pdo->prepare("SELECT subscribers FROM
ttrss_feedbrowser_cache WHERE feed_url = ?"); ttrss_feedbrowser_cache WHERE feed_url = ?");
@ -211,79 +211,90 @@ class RSSUtils {
// this is used when subscribing // this is used when subscribing
static function set_basic_feed_info($feed) { static function set_basic_feed_info($feed) {
$feed = db_escape_string($feed); $pdo = Db::pdo();
$result = db_query("SELECT owner_uid,feed_url,auth_pass,auth_login,auth_pass_encrypted $sth = $pdo->prepare("SELECT owner_uid,feed_url,auth_pass,auth_login,auth_pass_encrypted
FROM ttrss_feeds WHERE id = '$feed'"); FROM ttrss_feeds WHERE id = ?");
$sth->execute([$feed]);
$owner_uid = db_fetch_result($result, 0, "owner_uid"); if ($row = $sth->fetch()) {
$auth_pass_encrypted = sql_bool_to_bool(db_fetch_result($result, $owner_uid = $row["owner_uid"];
0, "auth_pass_encrypted"));
$auth_login = db_fetch_result($result, 0, "auth_login"); $auth_pass_encrypted = sql_bool_to_bool($row["auth_pass_encrypted"]);
$auth_pass = db_fetch_result($result, 0, "auth_pass");
if ($auth_pass_encrypted && function_exists("mcrypt_decrypt")) { $auth_login = $row["auth_login"];
require_once "crypt.php"; $auth_pass = $row["auth_pass"];
$auth_pass = decrypt_string($auth_pass);
}
$fetch_url = db_fetch_result($result, 0, "feed_url"); if ($auth_pass_encrypted && function_exists("mcrypt_decrypt")) {
require_once "crypt.php";
$auth_pass = decrypt_string($auth_pass);
}
$pluginhost = new PluginHost(); $fetch_url = $row["feed_url"];
$user_plugins = get_pref("_ENABLED_PLUGINS", $owner_uid);
$pluginhost->load(PLUGINS, PluginHost::KIND_ALL); $pluginhost = new PluginHost();
$pluginhost->load($user_plugins, PluginHost::KIND_USER, $owner_uid); $user_plugins = get_pref("_ENABLED_PLUGINS", $owner_uid);
$pluginhost->load_data();
$basic_info = array(); $pluginhost->load(PLUGINS, PluginHost::KIND_ALL);
foreach ($pluginhost->get_hooks(PluginHost::HOOK_FEED_BASIC_INFO) as $plugin) { $pluginhost->load($user_plugins, PluginHost::KIND_USER, $owner_uid);
$basic_info = $plugin->hook_feed_basic_info($basic_info, $fetch_url, $owner_uid, $feed, $auth_login, $auth_pass); $pluginhost->load_data();
}
$basic_info = array();
foreach ($pluginhost->get_hooks(PluginHost::HOOK_FEED_BASIC_INFO) as $plugin) {
$basic_info = $plugin->hook_feed_basic_info($basic_info, $fetch_url, $owner_uid, $feed, $auth_login, $auth_pass);
}
if (!$basic_info) { if (!$basic_info) {
$feed_data = fetch_file_contents($fetch_url, false, $feed_data = fetch_file_contents($fetch_url, false,
$auth_login, $auth_pass, false, $auth_login, $auth_pass, false,
FEED_FETCH_TIMEOUT, FEED_FETCH_TIMEOUT,
0); 0);
global $fetch_curl_used; global $fetch_curl_used;
if (!$fetch_curl_used) { if (!$fetch_curl_used) {
$tmp = @gzdecode($feed_data); $tmp = @gzdecode($feed_data);
if ($tmp) $feed_data = $tmp; if ($tmp) $feed_data = $tmp;
} }
$feed_data = trim($feed_data); $feed_data = trim($feed_data);
$rss = new FeedParser($feed_data); $rss = new FeedParser($feed_data);
$rss->init(); $rss->init();
if (!$rss->error()) { if (!$rss->error()) {
$basic_info = array( $basic_info = array(
'title' => db_escape_string(mb_substr($rss->get_title(), 0, 199)), 'title' => mb_substr($rss->get_title(), 0, 199),
'site_url' => db_escape_string(mb_substr(rewrite_relative_url($fetch_url, $rss->get_link()), 0, 245)) 'site_url' => mb_substr(rewrite_relative_url($fetch_url, $rss->get_link()), 0, 245)
); );
}
} }
}
if ($basic_info && is_array($basic_info)) { if ($basic_info && is_array($basic_info)) {
$result = db_query("SELECT title, site_url FROM ttrss_feeds WHERE id = '$feed'"); $sth = $pdo->prepare("SELECT title, site_url FROM ttrss_feeds WHERE id = ?");
$sth->execute([$feed]);
$registered_title = db_fetch_result($result, 0, "title"); if ($row = $sth->fetch()) {
$orig_site_url = db_fetch_result($result, 0, "site_url");
if ($basic_info['title'] && (!$registered_title || $registered_title == "[Unknown]")) { $registered_title = $row["title"];
db_query("UPDATE ttrss_feeds SET $orig_site_url = $row["site_url"];
title = '${basic_info['title']}' WHERE id = '$feed'");
} if ($basic_info['title'] && (!$registered_title || $registered_title == "[Unknown]")) {
$sth = $pdo->prepare("UPDATE ttrss_feeds SET
title = ? WHERE id = ?");
$sth->execute([$basic_info['title'], $feed]);
}
if ($basic_info['site_url'] && $orig_site_url != $basic_info['site_url']) { if ($basic_info['site_url'] && $orig_site_url != $basic_info['site_url']) {
db_query("UPDATE ttrss_feeds SET $sth = $pdo->prepare("UPDATE ttrss_feeds SET
site_url = '${basic_info['site_url']}' WHERE id = '$feed'"); site_url = ? WHERE id = ?");
$sth->execute([$basic_info['site_url'], $feed]);
}
}
} }
} }
} }
@ -298,16 +309,18 @@ class RSSUtils {
_debug_suppress(!$debug_enabled); _debug_suppress(!$debug_enabled);
_debug("start", $debug_enabled); _debug("start", $debug_enabled);
$result = db_query("SELECT title FROM ttrss_feeds $pdo = Db::pdo();
WHERE id = '$feed'");
$sth = $pdo->prepare("SELECT title FROM ttrss_feeds WHERE id = ?");
$sth->execute([$feed]);
if (db_num_rows($result) == 0) { if (!$row = $sth->fetch()) {
_debug("feed $feed NOT FOUND/SKIPPED", $debug_enabled); _debug("feed $feed NOT FOUND/SKIPPED", $debug_enabled);
user_error("Attempt to update unknown/invalid feed $feed", E_USER_WARNING); user_error("Attempt to update unknown/invalid feed $feed", E_USER_WARNING);
return false; return false;
} }
$title = db_fetch_result($result, 0, "title"); $title = $row["title"];
// feed was batch-subscribed or something, we need to get basic info // feed was batch-subscribed or something, we need to get basic info
// this is not optimal currently as it fetches stuff separately TODO: optimize // this is not optimal currently as it fetches stuff separately TODO: optimize
@ -316,39 +329,43 @@ class RSSUtils {
RSSUtils::set_basic_feed_info($feed); RSSUtils::set_basic_feed_info($feed);
} }
$result = db_query("SELECT id,update_interval,auth_login, $sth = $pdo->prepare("SELECT id,update_interval,auth_login,
feed_url,auth_pass,cache_images, feed_url,auth_pass,cache_images,
mark_unread_on_update, owner_uid, mark_unread_on_update, owner_uid,
auth_pass_encrypted, feed_language, auth_pass_encrypted, feed_language,
last_modified, last_modified,
".SUBSTRING_FOR_DATE."(last_unconditional, 1, 19) AS last_unconditional ".SUBSTRING_FOR_DATE."(last_unconditional, 1, 19) AS last_unconditional
FROM ttrss_feeds WHERE id = '$feed'"); FROM ttrss_feeds WHERE id = ?");
$sth->execute([$feed]);
$owner_uid = db_fetch_result($result, 0, "owner_uid"); if ($row = $sth->fetch()) {
$mark_unread_on_update = sql_bool_to_bool(db_fetch_result($result,
0, "mark_unread_on_update"));
$auth_pass_encrypted = sql_bool_to_bool(db_fetch_result($result,
0, "auth_pass_encrypted"));
db_query("UPDATE ttrss_feeds SET last_update_started = NOW() $owner_uid = $row["owner_uid"];
WHERE id = '$feed'"); $mark_unread_on_update = sql_bool_to_bool($row["mark_unread_on_update"]);
$auth_pass_encrypted = sql_bool_to_bool($row["auth_pass_encrypted"]);
$auth_login = db_fetch_result($result, 0, "auth_login"); $sth = $pdo->prepare("UPDATE ttrss_feeds SET last_update_started = NOW()
$auth_pass = db_fetch_result($result, 0, "auth_pass"); WHERE id = ?");
$sth->execute([$feed]);
if ($auth_pass_encrypted && function_exists("mcrypt_decrypt")) { $auth_login = $row["auth_login"];
require_once "crypt.php"; $auth_pass = $row["auth_pass"];
$auth_pass = decrypt_string($auth_pass);
} if ($auth_pass_encrypted && function_exists("mcrypt_decrypt")) {
require_once "crypt.php";
$auth_pass = decrypt_string($auth_pass);
}
$stored_last_modified = db_fetch_result($result, 0, "last_modified"); $stored_last_modified = $row["last_modified"];
$last_unconditional = db_fetch_result($result, 0, "last_unconditional"); $last_unconditional = $row["last_unconditional"];
$cache_images = sql_bool_to_bool(db_fetch_result($result, 0, "cache_images")); $cache_images = sql_bool_to_bool($row["cache_images"]);
$fetch_url = db_fetch_result($result, 0, "feed_url"); $fetch_url = $row["feed_url"];
$feed_language = db_escape_string(mb_strtolower(db_fetch_result($result, 0, "feed_language"))); $feed_language = mb_strtolower($row["feed_language"]);
if (!$feed_language) $feed_language = 'english'; if (!$feed_language) $feed_language = 'english';
$feed = db_escape_string($feed); } else {
return false;
}
$date_feed_processed = date('Y-m-d H:i'); $date_feed_processed = date('Y-m-d H:i');
@ -432,10 +449,8 @@ class RSSUtils {
_debug("source last modified: " . $fetch_last_modified, $debug_enabled); _debug("source last modified: " . $fetch_last_modified, $debug_enabled);
if ($feed_data && $fetch_last_modified != $stored_last_modified) { if ($feed_data && $fetch_last_modified != $stored_last_modified) {
$last_modified_escaped = db_escape_string(substr($fetch_last_modified, 0, 245)); $sth = $pdo->prepare("UPDATE ttrss_feeds SET last_modified = ? WHERE id = ?");
$sth->execute([substr($fetch_last_modified, 0, 245), $feed]);
db_query("UPDATE ttrss_feeds SET last_modified = '$last_modified_escaped' WHERE id = '$feed'");
} }
// cache vanilla feed data for re-use // cache vanilla feed data for re-use
@ -455,18 +470,17 @@ class RSSUtils {
_debug("unable to fetch: $fetch_last_error [$fetch_last_error_code]", $debug_enabled); _debug("unable to fetch: $fetch_last_error [$fetch_last_error_code]", $debug_enabled);
$error_escaped = '';
// If-Modified-Since // If-Modified-Since
if ($fetch_last_error_code != 304) { if ($fetch_last_error_code != 304) {
$error_escaped = db_escape_string($fetch_last_error); $error_message = $fetch_last_error;
} else { } else {
_debug("source claims data not modified, nothing to do.", $debug_enabled); _debug("source claims data not modified, nothing to do.", $debug_enabled);
$error_message = "";
} }
db_query( $sth = $pdo->prepare("UPDATE ttrss_feeds SET last_error = ?,
"UPDATE ttrss_feeds SET last_error = '$error_escaped', last_updated = NOW() WHERE id = ?");
last_updated = NOW() WHERE id = '$feed'"); $sth->execute([$error_message, $feed]);
return; return;
} }
@ -478,7 +492,7 @@ class RSSUtils {
$rss = new FeedParser($feed_data); $rss = new FeedParser($feed_data);
$rss->init(); $rss->init();
$feed = db_escape_string($feed); $feed = $feed;
if (!$rss->error()) { if (!$rss->error()) {
@ -488,26 +502,27 @@ class RSSUtils {
_debug("language: $feed_language", $debug_enabled); _debug("language: $feed_language", $debug_enabled);
_debug("processing feed data...", $debug_enabled); _debug("processing feed data...", $debug_enabled);
// db_query("BEGIN");
if (DB_TYPE == "pgsql") { if (DB_TYPE == "pgsql") {
$favicon_interval_qpart = "favicon_last_checked < NOW() - INTERVAL '12 hour'"; $favicon_interval_qpart = "favicon_last_checked < NOW() - INTERVAL '12 hour'";
} else { } else {
$favicon_interval_qpart = "favicon_last_checked < DATE_SUB(NOW(), INTERVAL 12 HOUR)"; $favicon_interval_qpart = "favicon_last_checked < DATE_SUB(NOW(), INTERVAL 12 HOUR)";
} }
$result = db_query("SELECT owner_uid,favicon_avg_color, $sth = $pdo->prepare("SELECT owner_uid,favicon_avg_color,
(favicon_last_checked IS NULL OR $favicon_interval_qpart) AS (favicon_last_checked IS NULL OR $favicon_interval_qpart) AS
favicon_needs_check favicon_needs_check
FROM ttrss_feeds WHERE id = '$feed'"); FROM ttrss_feeds WHERE id = ?");
$sth->execute([$feed]);
$favicon_needs_check = sql_bool_to_bool(db_fetch_result($result, 0, if ($row = $sth->fetch()) {
"favicon_needs_check")); $favicon_needs_check = sql_bool_to_bool($row["favicon_needs_check"]);
$favicon_avg_color = db_fetch_result($result, 0, "favicon_avg_color"); $favicon_avg_color = $row["favicon_avg_color"];
$owner_uid = $row["owner_uid"];
$owner_uid = db_fetch_result($result, 0, "owner_uid"); } else {
return false;
}
$site_url = db_escape_string(mb_substr(rewrite_relative_url($fetch_url, $rss->get_link()), 0, 245)); $site_url = mb_substr(rewrite_relative_url($fetch_url, $rss->get_link()), 0, 245);
_debug("site_url: $site_url", $debug_enabled); _debug("site_url: $site_url", $debug_enabled);
_debug("feed_title: " . $rss->get_title(), $debug_enabled); _debug("feed_title: " . $rss->get_title(), $debug_enabled);
@ -528,23 +543,25 @@ class RSSUtils {
if ($favicon_modified_new > $favicon_modified) if ($favicon_modified_new > $favicon_modified)
$favicon_avg_color = ''; $favicon_avg_color = '';
$favicon_colorstring = "";
if (file_exists($favicon_file) && function_exists("imagecreatefromstring") && $favicon_avg_color == '') { if (file_exists($favicon_file) && function_exists("imagecreatefromstring") && $favicon_avg_color == '') {
require_once "colors.php"; require_once "colors.php";
db_query("UPDATE ttrss_feeds SET favicon_avg_color = 'fail' WHERE $sth = $pdo->prepare("UPDATE ttrss_feeds SET favicon_avg_color = 'fail' WHERE
id = '$feed'"); id = ?");
$sth->execute([$feed]);
$favicon_color = db_escape_string( $favicon_color = calculate_avg_color($favicon_file);
calculate_avg_color($favicon_file));
$favicon_colorstring = ",favicon_avg_color = " . $pdo->quote($favicon_color);
$favicon_colorstring = ",favicon_avg_color = '".$favicon_color."'";
} else if ($favicon_avg_color == 'fail') { } else if ($favicon_avg_color == 'fail') {
_debug("floicon failed on this file, not trying to recalculate avg color", $debug_enabled); _debug("floicon failed on this file, not trying to recalculate avg color", $debug_enabled);
} }
db_query("UPDATE ttrss_feeds SET favicon_last_checked = NOW() $sth = $pdo->prepare("UPDATE ttrss_feeds SET favicon_last_checked = NOW()
$favicon_colorstring $favicon_colorstring WHERE id = ?");
WHERE id = '$feed'"); $sth->execute([$feed]);
} }
_debug("loading filters & labels...", $debug_enabled); _debug("loading filters & labels...", $debug_enabled);
@ -562,10 +579,11 @@ class RSSUtils {
if (!is_array($items)) { if (!is_array($items)) {
_debug("no articles found.", $debug_enabled); _debug("no articles found.", $debug_enabled);
db_query("UPDATE ttrss_feeds $sth = $pdo->prepare("UPDATE ttrss_feeds
SET last_updated = NOW(), last_unconditional = NOW(), last_error = '' WHERE id = '$feed'"); SET last_updated = NOW(), last_unconditional = NOW(), last_error = '' WHERE id = ?");
$sth->execute([$feed]);
return; // no articles return true; // no articles
} }
_debug("processing articles...", $debug_enabled); _debug("processing articles...", $debug_enabled);
@ -582,20 +600,18 @@ class RSSUtils {
break; break;
} }
$entry_guid = $item->get_id(); $entry_guid = strip_tags($item->get_id());
if (!$entry_guid) $entry_guid = $item->get_link(); if (!$entry_guid) $entry_guid = strip_tags($item->get_link());
if (!$entry_guid) $entry_guid = RSSUtils::make_guid_from_title($item->get_title()); if (!$entry_guid) $entry_guid = RSSUtils::make_guid_from_title($item->get_title());
if (!$entry_guid) continue; if (!$entry_guid) continue;
$entry_guid = "$owner_uid,$entry_guid"; $entry_guid = "$owner_uid,$entry_guid";
$entry_guid_hashed = db_escape_string('SHA1:' . sha1($entry_guid)); $entry_guid_hashed = 'SHA1:' . sha1($entry_guid);
_debug("guid $entry_guid / $entry_guid_hashed", $debug_enabled); _debug("guid $entry_guid / $entry_guid_hashed", $debug_enabled);
$entry_timestamp = ""; $entry_timestamp = strip_tags($item->get_date());
$entry_timestamp = $item->get_date();
_debug("orig date: " . $item->get_date(), $debug_enabled); _debug("orig date: " . $item->get_date(), $debug_enabled);
@ -607,9 +623,7 @@ class RSSUtils {
_debug("date $entry_timestamp [$entry_timestamp_fmt]", $debug_enabled); _debug("date $entry_timestamp [$entry_timestamp_fmt]", $debug_enabled);
// $entry_title = html_entity_decode($item->get_title(), ENT_COMPAT, 'UTF-8'); $entry_title = strip_tags($item->get_title());
// $entry_title = decode_numeric_entities($entry_title);
$entry_title = $item->get_title();
$entry_link = rewrite_relative_url($site_url, $item->get_link()); $entry_link = rewrite_relative_url($site_url, $item->get_link());
@ -627,11 +641,11 @@ class RSSUtils {
print "\n"; print "\n";
} }
$entry_comments = db_escape_string(mb_substr($item->get_comments_url(), 0, 245)); $entry_comments = mb_substr(strip_tags($item->get_comments_url()), 0, 245);
$num_comments = (int) $item->get_comments_count(); $num_comments = (int) $item->get_comments_count();
$entry_author = $item->get_author(); // escaped later $entry_author = strip_tags($item->get_author());
$entry_guid = db_escape_string(mb_substr($entry_guid, 0, 245)); $entry_guid = mb_substr($entry_guid, 0, 245);
_debug("author $entry_author", $debug_enabled); _debug("author $entry_author", $debug_enabled);
_debug("num_comments: $num_comments", $debug_enabled); _debug("num_comments: $num_comments", $debug_enabled);
@ -658,18 +672,18 @@ class RSSUtils {
_debug("done collecting data.", $debug_enabled); _debug("done collecting data.", $debug_enabled);
$result = db_query("SELECT id, content_hash, lang FROM ttrss_entries $sth = $pdo->prepare("SELECT id, content_hash, lang FROM ttrss_entries
WHERE guid = '".db_escape_string($entry_guid)."' OR guid = '$entry_guid_hashed'"); WHERE guid = ? OR guid = ?");
$sth->execute([$entry_guid, $entry_guid_hashed]);
if (db_num_rows($result) != 0) { if ($row = $sth->fetch()) {
$base_entry_id = db_fetch_result($result, 0, "id"); $base_entry_id = $row["id"];
$entry_stored_hash = db_fetch_result($result, 0, "content_hash"); $entry_stored_hash = $row["content_hash"];
$article_labels = Article::get_article_labels($base_entry_id, $owner_uid); $article_labels = Article::get_article_labels($base_entry_id, $owner_uid);
$entry_language = db_fetch_result($result, 0, "lang"); $entry_language = $row["lang"];
$existing_tags = Article::get_article_tags($base_entry_id, $owner_uid); $existing_tags = Article::get_article_tags($base_entry_id, $owner_uid);
$entry_tags = array_unique(array_merge($entry_tags, $existing_tags)); $entry_tags = array_unique(array_merge($entry_tags, $existing_tags));
} else { } else {
$base_entry_id = false; $base_entry_id = false;
$entry_stored_hash = ""; $entry_stored_hash = "";
@ -709,10 +723,9 @@ class RSSUtils {
// dupes when the entry gets purged and reinserted again e.g. // dupes when the entry gets purged and reinserted again e.g.
// in the case of SLOW SLOW OMG SLOW updating feeds // in the case of SLOW SLOW OMG SLOW updating feeds
$base_entry_id = db_fetch_result($result, 0, "id"); $sth = $pdo->prepare("UPDATE ttrss_entries SET date_updated = NOW()
WHERE id = ?");
db_query("UPDATE ttrss_entries SET date_updated = NOW() $sth->execute([$base_entry_id]);
WHERE id = '$base_entry_id'");
continue; continue;
} }
@ -736,8 +749,6 @@ class RSSUtils {
print "\n"; print "\n";
} }
$entry_plugin_data = db_escape_string($entry_plugin_data);
_debug("plugin data: $entry_plugin_data", $debug_enabled); _debug("plugin data: $entry_plugin_data", $debug_enabled);
// Workaround: 4-byte unicode requires utf8mb4 in MySQL. See https://tt-rss.org/forum/viewtopic.php?f=1&t=3377&p=20077#p20077 // Workaround: 4-byte unicode requires utf8mb4 in MySQL. See https://tt-rss.org/forum/viewtopic.php?f=1&t=3377&p=20077#p20077
@ -802,15 +813,14 @@ class RSSUtils {
} }
$entry_tags = $article["tags"]; $entry_tags = $article["tags"];
$entry_guid = db_escape_string($entry_guid); $entry_title = strip_tags($article["title"]);
$entry_title = db_escape_string($article["title"]); $entry_author = mb_substr(strip_tags($article["author"]), 0, 245);
$entry_author = db_escape_string(mb_substr($article["author"], 0, 245)); $entry_link = strip_tags($article["link"]);
$entry_link = db_escape_string($article["link"]);
$entry_content = $article["content"]; // escaped below $entry_content = $article["content"]; // escaped below
$entry_force_catchup = $article["force_catchup"]; $entry_force_catchup = $article["force_catchup"];
$article_labels = $article["labels"]; $article_labels = $article["labels"];
$entry_score_modifier = (int) $article["score_modifier"]; $entry_score_modifier = (int) $article["score_modifier"];
$entry_language = db_escape_string($article["language"]); $entry_language = $article["language"];
if ($debug_enabled) { if ($debug_enabled) {
_debug("article labels:", $debug_enabled); _debug("article labels:", $debug_enabled);
@ -825,20 +835,17 @@ class RSSUtils {
if ($cache_images && is_writable(CACHE_DIR . '/images')) if ($cache_images && is_writable(CACHE_DIR . '/images'))
RSSUtils::cache_media($entry_content, $site_url, $debug_enabled); RSSUtils::cache_media($entry_content, $site_url, $debug_enabled);
$entry_content = db_escape_string($entry_content, false); $csth = $pdo->prepare("SELECT id FROM ttrss_entries
WHERE guid = ? OR guid = ?");
//db_query("BEGIN"); $csth->execute([$entry_guid, $entry_guid_hashed]);
$result = db_query("SELECT id FROM ttrss_entries
WHERE (guid = '$entry_guid' OR guid = '$entry_guid_hashed')");
if (db_num_rows($result) == 0) { if (!$row = $csth->fetch()) {
_debug("base guid [$entry_guid or $entry_guid_hashed] not found, creating...", $debug_enabled); _debug("base guid [$entry_guid or $entry_guid_hashed] not found, creating...", $debug_enabled);
// base post entry does not exist, create it // base post entry does not exist, create it
db_query( $usth = $pdo->prepare(
"INSERT INTO ttrss_entries "INSERT INTO ttrss_entries
(title, (title,
guid, guid,
@ -855,48 +862,39 @@ class RSSUtils {
lang, lang,
author) author)
VALUES VALUES
('$entry_title', (?, ?, ?, ?, ?, ?,
'$entry_guid_hashed',
'$entry_link',
'$entry_timestamp_fmt',
'$entry_content',
'$entry_current_hash',
false, false,
NOW(), NOW(),
'$date_feed_processed', ?, ?, ?, ?, ?, ?)");
'$entry_comments',
'$num_comments', $usth->execute([$entry_title,
'$entry_plugin_data', $entry_guid_hashed,
'$entry_language', $entry_link,
'$entry_author')"); $entry_timestamp_fmt,
$entry_content,
$entry_current_hash,
$date_feed_processed,
$entry_comments,
$num_comments,
$entry_plugin_data,
$entry_language,
$entry_author]);
} }
// now it should exist, if not - bad luck then $csth->execute([$entry_guid, $entry_guid_hashed]);
$result = db_query("SELECT id FROM ttrss_entries
WHERE guid = '$entry_guid' OR guid = '$entry_guid_hashed'");
$entry_ref_id = 0; $entry_ref_id = 0;
$entry_int_id = 0; $entry_int_id = 0;
if (db_num_rows($result) == 1) { if ($row = $csth->fetch()) {
_debug("base guid found, checking for user record", $debug_enabled); _debug("base guid found, checking for user record", $debug_enabled);
$ref_id = db_fetch_result($result, 0, "id"); $ref_id = $row['id'];
$entry_ref_id = $ref_id; $entry_ref_id = $ref_id;
/* $stored_guid = db_fetch_result($result, 0, "guid");
if ($stored_guid != $entry_guid_hashed) {
if ($debug_enabled) _debug("upgrading compat guid to hashed one", $debug_enabled);
db_query("UPDATE ttrss_entries SET guid = '$entry_guid_hashed' WHERE
id = '$ref_id'");
} */
if (RSSUtils::find_article_filter($article_filters, "filter")) { if (RSSUtils::find_article_filter($article_filters, "filter")) {
//db_query("COMMIT"); // close transaction in progress
continue; continue;
} }
@ -906,103 +904,104 @@ class RSSUtils {
// check for user post link to main table // check for user post link to main table
$query = "SELECT ref_id, int_id FROM ttrss_user_entries WHERE $sth = $pdo->prepare("SELECT ref_id, int_id FROM ttrss_user_entries WHERE
ref_id = '$ref_id' AND owner_uid = '$owner_uid'"; ref_id = ? AND owner_uid = ?");
$sth->execute([$ref_id, $owner_uid]);
// if ($_REQUEST["xdebug"]) print "$query\n";
$result = db_query($query);
// okay it doesn't exist - create user entry // okay it doesn't exist - create user entry
if (db_num_rows($result) == 0) { if ($row = $sth->fetch()) {
$entry_ref_id = $row["ref_id"];
$entry_int_id = $row["int_id"];
_debug("user record FOUND: RID: $entry_ref_id, IID: $entry_int_id", $debug_enabled);
} else {
_debug("user record not found, creating...", $debug_enabled); _debug("user record not found, creating...", $debug_enabled);
if ($score >= -500 && !RSSUtils::find_article_filter($article_filters, 'catchup') && !$entry_force_catchup) { if ($score >= -500 && !RSSUtils::find_article_filter($article_filters, 'catchup') && !$entry_force_catchup) {
$unread = 'true'; $unread = 1;
$last_read_qpart = 'NULL'; $last_read_qpart = null;
} else { } else {
$unread = 'false'; $unread = 0;
$last_read_qpart = 'NOW()'; $last_read_qpart = 'NOW()';
} }
if (RSSUtils::find_article_filter($article_filters, 'mark') || $score > 1000) { if (RSSUtils::find_article_filter($article_filters, 'mark') || $score > 1000) {
$marked = 'true'; $marked = 1;
} else { } else {
$marked = 'false'; $marked = 0;
} }
if (RSSUtils::find_article_filter($article_filters, 'publish')) { if (RSSUtils::find_article_filter($article_filters, 'publish')) {
$published = 'true'; $published = 1;
} else { } else {
$published = 'false'; $published = 0;
} }
$last_marked = ($marked == 'true') ? 'NOW()' : 'NULL'; $last_marked = ($marked == 'true') ? 'NOW()' : null;
$last_published = ($published == 'true') ? 'NOW()' : 'NULL'; $last_published = ($published == 'true') ? 'NOW()' : null;
$result = db_query( $sth = $pdo->prepare(
"INSERT INTO ttrss_user_entries "INSERT INTO ttrss_user_entries
(ref_id, owner_uid, feed_id, unread, last_read, marked, (ref_id, owner_uid, feed_id, unread, last_read, marked,
published, score, tag_cache, label_cache, uuid, published, score, tag_cache, label_cache, uuid,
last_marked, last_published) last_marked, last_published)
VALUES ('$ref_id', '$owner_uid', '$feed', $unread, VALUES (?, ?, ?, ?, ?, ?, ?, ?, '', '', '', ?, ?)");
$last_read_qpart, $marked, $published, '$score', '', '',
'', $last_marked, $last_published)");
$result = db_query( $sth->execute([$ref_id, $owner_uid, $feed, $unread, $last_read_qpart, $marked,
"SELECT int_id FROM ttrss_user_entries WHERE $published, $score, $last_marked, $last_published]);
ref_id = '$ref_id' AND owner_uid = '$owner_uid' AND
feed_id = '$feed' LIMIT 1");
if (db_num_rows($result) == 1) { $sth = $pdo->prepare("SELECT int_id FROM ttrss_user_entries WHERE
$entry_int_id = db_fetch_result($result, 0, "int_id"); ref_id = ? AND owner_uid = ? AND
} feed_id = ? LIMIT 1");
} else {
_debug("user record FOUND", $debug_enabled); $sth->execute([$ref_id, $owner_uid, $feed]);
$entry_ref_id = db_fetch_result($result, 0, "ref_id"); if ($row = $sth->fetch())
$entry_int_id = db_fetch_result($result, 0, "int_id"); $entry_int_id = $row['int_id'];
} }
_debug("RID: $entry_ref_id, IID: $entry_int_id", $debug_enabled); _debug("resulting RID: $entry_ref_id, IID: $entry_int_id", $debug_enabled);
if (DB_TYPE == "pgsql") { if (DB_TYPE == "pgsql") {
$tsvector_combined = db_escape_string(mb_substr($entry_title . ' ' . strip_tags(str_replace('<', ' <', $entry_content)), $tsvector_combined = mb_substr($entry_title . ' ' . strip_tags(str_replace('<', ' <', $entry_content)),
0, 1000000)); 0, 1000000);
$tsvector_qpart = "tsvector_combined = to_tsvector('$feed_language', '$tsvector_combined'),"; $tsvector_qpart = "tsvector_combined = to_tsvector('$feed_language', ".$pdo->quote($tsvector_combined)."),";
} else { } else {
$tsvector_qpart = ""; $tsvector_qpart = "";
} }
db_query("UPDATE ttrss_entries $sth = $pdo->prepare("UPDATE ttrss_entries
SET title = '$entry_title', SET title = ?,
content = '$entry_content', content = ?,
content_hash = '$entry_current_hash', content_hash = ?,
updated = '$entry_timestamp_fmt', updated = ?,
$tsvector_qpart $tsvector_qpart
num_comments = '$num_comments', num_comments = ?,
plugin_data = '$entry_plugin_data', plugin_data = ?,
author = '$entry_author', author = ?,
lang = '$entry_language' lang = ?
WHERE id = '$ref_id'"); WHERE id = ?");
$sth->execute([$entry_title, $entry_content, $entry_current_hash, $entry_timestamp_fmt,
$num_comments, $entry_plugin_data, $entry_author, $entry_language, $ref_id]);
// update aux data // update aux data
db_query("UPDATE ttrss_user_entries $sth = $pdo->prepare("UPDATE ttrss_user_entries
SET score = '$score' WHERE ref_id = '$ref_id'"); SET score = ? WHERE ref_id = ?");
$sth->execute([$score, $ref_id]);
if ($mark_unread_on_update) { if ($mark_unread_on_update) {
_debug("article updated, marking unread as requested.", $debug_enabled); _debug("article updated, marking unread as requested.", $debug_enabled);
db_query("UPDATE ttrss_user_entries $sth = $pdo->prepare("UPDATE ttrss_user_entries
SET last_read = null, unread = true WHERE ref_id = '$ref_id'"); SET last_read = null, unread = true WHERE ref_id = ?");
$sth->execute([$ref_id]);
} }
} }
//db_query("COMMIT");
_debug("assigning labels [other]...", $debug_enabled); _debug("assigning labels [other]...", $debug_enabled);
foreach ($article_labels as $label) { foreach ($article_labels as $label) {
@ -1039,31 +1038,28 @@ class RSSUtils {
print_r($enclosures); print_r($enclosures);
} }
//db_query("BEGIN"); $esth = $pdo->prepare("SELECT id FROM ttrss_enclosures
WHERE content_url = ? AND post_id = ?");
// debugging $usth = $pdo->prepare("INSERT INTO ttrss_enclosures
// db_query("DELETE FROM ttrss_enclosures WHERE post_id = '$entry_ref_id'"); (content_url, content_type, title, duration, post_id, width, height) VALUES
(?, ?, ?, ?, ?, ?, ?)");
foreach ($enclosures as $enc) { foreach ($enclosures as $enc) {
$enc_url = db_escape_string($enc[0]); $enc_url = $enc[0];
$enc_type = db_escape_string($enc[1]); $enc_type = $enc[1];
$enc_dur = db_escape_string($enc[2]); $enc_dur = $enc[2];
$enc_title = db_escape_string($enc[3]); $enc_title = $enc[3];
$enc_width = intval($enc[4]); $enc_width = intval($enc[4]);
$enc_height = intval($enc[5]); $enc_height = intval($enc[5]);
$result = db_query("SELECT id FROM ttrss_enclosures $esth->execute([$enc_url, $entry_ref_id]);
WHERE content_url = '$enc_url' AND post_id = '$entry_ref_id'");
if (db_num_rows($result) == 0) { if (!$esth->fetch()) {
db_query("INSERT INTO ttrss_enclosures $usth->execute([$enc_url, $enc_type, (string)$enc_title, $enc_dur, $entry_ref_id, $enc_width, $enc_height]);
(content_url, content_type, title, duration, post_id, width, height) VALUES
('$enc_url', '$enc_type', '$enc_title', '$enc_dur', '$entry_ref_id', $enc_width, $enc_height)");
} }
} }
//db_query("COMMIT");
// check for manual tags (we have to do it here since they're loaded from filters) // check for manual tags (we have to do it here since they're loaded from filters)
foreach ($article_filters as $f) { foreach ($article_filters as $f) {
@ -1106,24 +1102,24 @@ class RSSUtils {
if (count($filtered_tags) > 0) { if (count($filtered_tags) > 0) {
//db_query("BEGIN"); $tsth = $pdo->prepare("SELECT id FROM ttrss_tags
WHERE tag_name = ? AND post_int_id = ? AND
owner_uid = ? LIMIT 1");
$usth = $pdo->prepare("INSERT INTO ttrss_tags
(owner_uid,tag_name,post_int_id)
VALUES (?, ?, ?)");
foreach ($filtered_tags as $tag) { foreach ($filtered_tags as $tag) {
$tag = sanitize_tag($tag); $tag = sanitize_tag($tag);
$tag = db_escape_string($tag);
if (!tag_is_valid($tag)) continue; if (!tag_is_valid($tag)) continue;
$result = db_query("SELECT id FROM ttrss_tags $tsth->execute([$tag, $entry_int_id, $owner_uid]);
WHERE tag_name = '$tag' AND post_int_id = '$entry_int_id' AND
owner_uid = '$owner_uid' LIMIT 1");
if ($result && db_num_rows($result) == 0) {
db_query("INSERT INTO ttrss_tags if (!$tsth->fetch()) {
(owner_uid,tag_name,post_int_id) $usth->execute([$owner_uid, $tag, $entry_int_id]);
VALUES ('$owner_uid','$tag', '$entry_int_id')");
} }
array_push($tags_to_cache, $tag); array_push($tags_to_cache, $tag);
@ -1133,13 +1129,12 @@ class RSSUtils {
$tags_to_cache = array_unique($tags_to_cache); $tags_to_cache = array_unique($tags_to_cache);
$tags_str = db_escape_string(join(",", $tags_to_cache)); $tags_str = join(",", $tags_to_cache);
db_query("UPDATE ttrss_user_entries
SET tag_cache = '$tags_str' WHERE ref_id = '$entry_ref_id'
AND owner_uid = $owner_uid");
//db_query("COMMIT"); $tsth = $pdo->prepare("UPDATE ttrss_user_entries
SET tag_cache = ? WHERE ref_id = ?
AND owner_uid = ?");
$tsth->execute([$tags_str, $entry_ref_id, $owner_uid]);
} }
_debug("article processed", $debug_enabled); _debug("article processed", $debug_enabled);
@ -1149,14 +1144,13 @@ class RSSUtils {
purge_feed($feed, 0, $debug_enabled); purge_feed($feed, 0, $debug_enabled);
db_query("UPDATE ttrss_feeds $sth = $pdo->prepare("UPDATE ttrss_feeds
SET last_updated = NOW(), last_unconditional = NOW(), last_error = '' WHERE id = '$feed'"); SET last_updated = NOW(), last_unconditional = NOW(), last_error = '' WHERE id = ?");
$sth->execute([$feed]);
// db_query("COMMIT");
} else { } else {
$error_msg = db_escape_string(mb_substr($rss->error(), 0, 245)); $error_msg = mb_substr($rss->error(), 0, 245);
_debug("fetch error: $error_msg", $debug_enabled); _debug("fetch error: $error_msg", $debug_enabled);
@ -1166,12 +1160,12 @@ class RSSUtils {
} }
} }
db_query( $sth = $pdo->prepare("UPDATE ttrss_feeds SET last_error = ?,
"UPDATE ttrss_feeds SET last_error = '$error_msg', last_updated = NOW(), last_unconditional = NOW() WHERE id = ?");
last_updated = NOW(), last_unconditional = NOW() WHERE id = '$feed'"); $sth->execute([$error_msg, $feed]);
unset($rss); unset($rss);
return; return false;
} }
_debug("done", $debug_enabled); _debug("done", $debug_enabled);
@ -1240,14 +1234,15 @@ class RSSUtils {
static function expire_error_log($debug) { static function expire_error_log($debug) {
if ($debug) _debug("Removing old error log entries..."); if ($debug) _debug("Removing old error log entries...");
$pdo = Db::pdo();
if (DB_TYPE == "pgsql") { if (DB_TYPE == "pgsql") {
db_query("DELETE FROM ttrss_error_log $pdo->query("DELETE FROM ttrss_error_log
WHERE created_at < NOW() - INTERVAL '7 days'"); WHERE created_at < NOW() - INTERVAL '7 days'");
} else { } else {
db_query("DELETE FROM ttrss_error_log $pdo->query("DELETE FROM ttrss_error_log
WHERE created_at < DATE_SUB(NOW(), INTERVAL 7 DAY)"); WHERE created_at < DATE_SUB(NOW(), INTERVAL 7 DAY)");
} }
} }
static function expire_lock_files($debug) { static function expire_lock_files($debug) {
@ -1454,19 +1449,23 @@ class RSSUtils {
} }
static function cleanup_counters_cache($debug) { static function cleanup_counters_cache($debug) {
$result = db_query("DELETE FROM ttrss_counters_cache $pdo = Db::pdo();
$res = $pdo->query("DELETE FROM ttrss_counters_cache
WHERE feed_id > 0 AND WHERE feed_id > 0 AND
(SELECT COUNT(id) FROM ttrss_feeds WHERE (SELECT COUNT(id) FROM ttrss_feeds WHERE
id = feed_id AND id = feed_id AND
ttrss_counters_cache.owner_uid = ttrss_feeds.owner_uid) = 0"); ttrss_counters_cache.owner_uid = ttrss_feeds.owner_uid) = 0");
$frows = db_affected_rows($result);
$result = db_query("DELETE FROM ttrss_cat_counters_cache $frows = $res->rowCount();
$res = $pdo->query("DELETE FROM ttrss_cat_counters_cache
WHERE feed_id > 0 AND WHERE feed_id > 0 AND
(SELECT COUNT(id) FROM ttrss_feed_categories WHERE (SELECT COUNT(id) FROM ttrss_feed_categories WHERE
id = feed_id AND id = feed_id AND
ttrss_cat_counters_cache.owner_uid = ttrss_feed_categories.owner_uid) = 0"); ttrss_cat_counters_cache.owner_uid = ttrss_feed_categories.owner_uid) = 0");
$crows = db_affected_rows($result);
$crows = $res->rowCount();
if ($debug) _debug("Removed $frows (feeds) $crows (cats) orphaned counter cache entries."); if ($debug) _debug("Removed $frows (feeds) $crows (cats) orphaned counter cache entries.");
} }

Write Preview
Loading…
Cancel
Save