banananetwork
/
tt-rss
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

add Public_Handler

Browse Source 
misc code cleanup
master
Andrew Dolgov 13 years ago
parent 46da73c255
commit 5f0a3741d0
14 changed files with 515 additions and 343 deletions
Show Stats Download Patch File Download Diff File

62
backend.php
Unescape Escape View File

@ -16,17 +16,21 @@
$_REQUEST = array_map('stripslashes_deep', $_REQUEST);
}
function __autoload($class) {
$file = "classes/".strtolower(basename($class)).".php";
if (file_exists($file)) {
require $file;
}
}
$op = $_REQUEST["op"];
@$method = $_REQUEST['subop'] ? $_REQUEST['subop'] : $_REQUEST["method"];
/* Public calls compatibility shim */
$public_calls = array("globalUpdateFeeds", "rss", "getUnread", "getProfiles", "share",
"fbexport", "logout", "pubsub");
if (array_search($op, $public_calls) !== false) {
header("Location: public.php?" . $_SERVER['QUERY_STRING']);
return;
}
require_once "functions.php";
if ($op != "share") require_once "sessions.php";
require_once "sessions.php";
require_once "sanity_check.php";
require_once "config.php";
require_once "db.php";
@ -40,17 +44,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (!$link) {
if (DB_TYPE == "mysql") {
print mysql_error();
}
// PG seems to display its own errors just fine by default.
return;
}
init_connection($link);
$method = $_REQUEST['subop'] ? $_REQUEST['subop'] : $_REQUEST["method"];
if (!init_connection($link)) return;
header("Content-Type: text/plain; charset=utf-8");
@ -62,15 +56,9 @@
authenticate_user($link, "admin", null);
}
$public_calls = array("globalUpdateFeeds", "rss", "getUnread", "getProfiles", "share",
"fbexport", "logout", "pubsub");
// TODO remove and handle within Handlers
if (array_search($op, $public_calls) !== false) {
handle_public_request($link, $op);
return;
} else if (!($_SESSION["uid"] && validate_session($link))) {
if (!($_SESSION["uid"] && validate_session($link))) {
if ($op == 'pref-feeds' && $method == 'add') {
header("Content-Type: text/html");
login_sequence($link);
@ -136,6 +124,13 @@
return;
}
function __autoload($class) {
$file = "classes/".strtolower(basename($class)).".php";
if (file_exists($file)) {
require $file;
}
}
$op = str_replace("-", "_", $op);
if (class_exists($op)) {
@ -154,17 +149,8 @@
}
}
switch($op) { // Select action according to $op value.
case "pref_instances":
require_once "modules/pref-instances.php";
module_pref_instances($link);
break; // pref-instances
default:
header("Content-Type: text/plain");
print json_encode(array("error" => array("code" => 7)));
break; // fallback
} // Select action according to $op value.
header("Content-Type: text/plain");
print json_encode(array("error" => array("code" => 7)));
// We close the connection to database.
db_close($link);

204
classes/pref_instances.php
Unescape Escape View File

@ -0,0 +1,204 @@
<?php
class Pref_Instances extends Protected_Handler {
function before() {
if (parent::before()) {
if ($_SESSION["access_level"] < 10) {
print __("Your access level is insufficient to open this tab.");
return false;
}
return true;
}
return false;
}
function remove() {
$ids = db_escape_string($_REQUEST['ids']);
db_query($this->link, "DELETE FROM ttrss_linked_instances WHERE
id IN ($ids)");
}
function add() {
$id = db_escape_string($_REQUEST["id"]);
$access_url = db_escape_string($_REQUEST["access_url"]);
$access_key = db_escape_string($_REQUEST["access_key"]);
db_query($this->link, "BEGIN");
$result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
WHERE access_url = '$access_url'");
if (db_num_rows($result) == 0) {
db_query($this->link, "INSERT INTO ttrss_linked_instances
(access_url, access_key, last_connected, last_status_in, last_status_out)
VALUES
('$access_url', '$access_key', '1970-01-01', -1, -1)");
}
db_query($this->link, "COMMIT");
}
function edit() {
$id = db_escape_string($_REQUEST["id"]);
$result = db_query($this->link, "SELECT * FROM ttrss_linked_instances WHERE
id = '$id'");
print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"id\" value=\"$id\">";
print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-instances\">";
print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"editSave\">";
print "<div class=\"dlgSec\">".__("Instance")."</div>";
print "<div class=\"dlgSecCont\">";
/* URL */
$access_url = htmlspecialchars(db_fetch_result($result, 0, "access_url"));
print __("URL:") . " ";
print "<input dojoType=\"dijit.form.ValidationTextBox\" required=\"1\"
placeHolder=\"".__("Instance URL")."\"
regExp='^(http|https)://.*'
style=\"font-size : 16px; width: 20em\" name=\"access_url\"
value=\"$access_url\">";
print "<hr/>";
$access_key = htmlspecialchars(db_fetch_result($result, 0, "access_key"));
/* Access key */
print __("Access key:") . " ";
print "<input dojoType=\"dijit.form.ValidationTextBox\" required=\"1\"
placeHolder=\"".__("Access key")."\" regExp='\w{40}'
style=\"width: 20em\" name=\"access_key\" id=\"instance_edit_key\"
value=\"$access_key\">";
print "<p class='insensitive'>" . __("Use one access key for both linked instances.");
print "</div>";
print "<div class=\"dlgButtons\">
<div style='float : left'>
<button dojoType=\"dijit.form.Button\"
onclick=\"return dijit.byId('instanceEditDlg').regenKey()\">".
__('Generate new key')."</button>
</div>
<button dojoType=\"dijit.form.Button\"
onclick=\"return dijit.byId('instanceEditDlg').execute()\">".
__('Save')."</button>
<button dojoType=\"dijit.form.Button\"
onclick=\"return dijit.byId('instanceEditDlg').hide()\"\">".
__('Cancel')."</button></div>";
}
function editSave() {
$id = db_escape_string($_REQUEST["id"]);
$access_url = db_escape_string($_REQUEST["access_url"]);
$access_key = db_escape_string($_REQUEST["access_key"]);
db_query($this->link, "UPDATE ttrss_linked_instances SET
access_key = '$access_key', access_url = '$access_url',
last_connected = '1970-01-01'
WHERE id = '$id'");
}
function index() {
if (!function_exists('curl_init')) {
print "<div style='padding : 1em'>";
print_error("This functionality requires CURL functions. Please enable CURL in your PHP configuration (you might also want to disable open_basedir in php.ini) and reload this page.");
print "</div>";
}
print "<div id=\"pref-instance-wrap\" dojoType=\"dijit.layout.BorderContainer\" gutters=\"false\">";
print "<div id=\"pref-instance-header\" dojoType=\"dijit.layout.ContentPane\" region=\"top\">";
print "<div id=\"pref-instance-toolbar\" dojoType=\"dijit.Toolbar\">";
$sort = db_escape_string($_REQUEST["sort"]);
if (!$sort || $sort == "undefined") {
$sort = "access_url";
}
print "<div dojoType=\"dijit.form.DropDownButton\">".
"<span>" . __('Select')."</span>";
print "<div dojoType=\"dijit.Menu\" style=\"display: none;\">";
print "<div onclick=\"selectTableRows('prefInstanceList', 'all')\"
dojoType=\"dijit.MenuItem\">".__('All')."</div>";
print "<div onclick=\"selectTableRows('prefInstanceList', 'none')\"
dojoType=\"dijit.MenuItem\">".__('None')."</div>";
print "</div></div>";
print "<button dojoType=\"dijit.form.Button\" onclick=\"addInstance()\">".__('Link instance')."</button>";
print "<button dojoType=\"dijit.form.Button\" onclick=\"editSelectedInstance()\">".__('Edit')."</button>";
print "<button dojoType=\"dijit.form.Button\" onclick=\"removeSelectedInstances()\">".__('Remove')."</button>";
print "</div>"; #toolbar
$result = db_query($this->link, "SELECT *,
(SELECT COUNT(*) FROM ttrss_linked_feeds
WHERE instance_id = ttrss_linked_instances.id) AS num_feeds
FROM ttrss_linked_instances
ORDER BY $sort");
print "<p class=\"insensitive\" style='margin-left : 1em;'>" . __("You can connect other instances of Tiny Tiny RSS to this one to share Popular feeds. Link to this instance of Tiny Tiny RSS by using this URL:");
print " <a href=\"#\" onclick=\"alert('".htmlspecialchars(get_self_url_prefix())."')\">(display url)</a>";
print "<p><table width='100%' id='prefInstanceList' class='prefInstanceList' cellspacing='0'>";
print "<tr class=\"title\">
<td align='center' width=\"5%\">&nbsp;</td>
<td width=''><a href=\"#\" onclick=\"updateInstanceList('access_url')\">".__('Instance URL')."</a></td>
<td width='20%'><a href=\"#\" onclick=\"updateInstanceList('access_key')\">".__('Access key')."</a></td>
<td width='10%'><a href=\"#\" onclick=\"updateUsersList('last_connected')\">".__('Last connected')."</a></td>
<td width='10%'><a href=\"#\" onclick=\"updateUsersList('num_feeds')\">".__('Stored feeds')."</a></td>
</tr>";
$lnum = 0;
while ($line = db_fetch_assoc($result)) {
$class = ($lnum % 2) ? "even" : "odd";
$id = $line['id'];
$this_row_id = "id=\"LIRR-$id\"";
$line["last_connected"] = make_local_datetime($this->link, $line["last_connected"], false);
print "<tr class=\"$class\" $this_row_id>";
print "<td align='center'><input onclick='toggleSelectRow(this);'
type=\"checkbox\" id=\"LICHK-$id\"></td>";
$onclick = "onclick='editInstance($id, event)' title='".__('Click to edit')."'";
$access_key = mb_substr($line['access_key'], 0, 4) . '...' .
mb_substr($line['access_key'], -4);
print "<td $onclick>" . htmlspecialchars($line['access_url']) . "</td>";
print "<td $onclick>" . htmlspecialchars($access_key) . "</td>";
print "<td $onclick>" . htmlspecialchars($line['last_connected']) . "</td>";
print "<td $onclick>" . htmlspecialchars($line['num_feeds']) . "</td>";
print "</tr>";
++$lnum;
}
print "</table>";
print "</div>"; #pane
print "</div>"; #container
}
}
?>

210
classes/public_handler.php
Unescape Escape View File

@ -0,0 +1,210 @@
<?php
class Public_Handler extends Handler {
function getUnread() {
$login = db_escape_string($_REQUEST["login"]);
$fresh = $_REQUEST["fresh"] == "1";
$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");
if (db_num_rows($result) == 1) {
$uid = db_fetch_result($result, 0, "id");
print getGlobalUnread($this->link, $uid);
if ($fresh) {
print ";";
print getFeedArticles($this->link, -3, false, true, $uid);
}
} else {
print "-1;User not found";
}
}
function getProfiles() {
$login = db_escape_string($_REQUEST["login"]);
$password = db_escape_string($_REQUEST["password"]);
if (authenticate_user($this->link, $login, $password)) {
$result = db_query($this->link, "SELECT * FROM ttrss_settings_profiles
WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");
print "<select style='width: 100%' name='profile'>";
print "<option value='0'>" . __("Default profile") . "</option>";
while ($line = db_fetch_assoc($result)) {
$id = $line["id"];
$title = $line["title"];
print "<option value='$id'>$title</option>";
}
print "</select>";
$_SESSION = array();
}
}
function pubsub() {
$mode = db_escape_string($_REQUEST['hub_mode']);
$feed_id = (int) db_escape_string($_REQUEST['id']);
$feed_url = db_escape_string($_REQUEST['hub_topic']);
if (!PUBSUBHUBBUB_ENABLED) {
header('HTTP/1.0 404 Not Found');
echo "404 Not found";
return;
}
// TODO: implement hub_verifytoken checking
$result = db_query($this->link, "SELECT feed_url FROM ttrss_feeds
WHERE id = '$feed_id'");
if (db_num_rows($result) != 0) {
$check_feed_url = db_fetch_result($result, 0, "feed_url");
if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) {
if ($mode == "subscribe") {
db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 2
WHERE id = '$feed_id'");
print $_REQUEST['hub_challenge'];
return;
} else if ($mode == "unsubscribe") {
db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0
WHERE id = '$feed_id'");
print $_REQUEST['hub_challenge'];
return;
} else if (!$mode) {
// Received update ping, schedule feed update.
//update_rss_feed($this->link, $feed_id, true, true);
db_query($this->link, "UPDATE ttrss_feeds SET
last_update_started = '1970-01-01',
last_updated = '1970-01-01' WHERE id = '$feed_id'");
}
} else {
header('HTTP/1.0 404 Not Found');
echo "404 Not found";
}
} else {
header('HTTP/1.0 404 Not Found');
echo "404 Not found";
}
}
function logout() {
logout_user();
header("Location: index.php");
}
function fbexport() {
$access_key = db_escape_string($_POST["key"]);
// TODO: rate limit checking using last_connected
$result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
WHERE access_key = '$access_key'");
if (db_num_rows($result) == 1) {
$instance_id = db_fetch_result($result, 0, "id");
$result = db_query($this->link, "SELECT feed_url, site_url, title, subscribers
FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");
$feeds = array();
while ($line = db_fetch_assoc($result)) {
array_push($feeds, $line);
}
db_query($this->link, "UPDATE ttrss_linked_instances SET
last_status_in = 1 WHERE id = '$instance_id'");
print json_encode(array("feeds" => $feeds));
} else {
print json_encode(array("error" => array("code" => 6)));
}
}
function share() {
$uuid = db_escape_string($_REQUEST["key"]);
$result = db_query($this->link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
uuid = '$uuid'");
if (db_num_rows($result) != 0) {
header("Content-Type: text/html");
$id = db_fetch_result($result, 0, "ref_id");
$owner_uid = db_fetch_result($result, 0, "owner_uid");
$_SESSION["uid"] = $owner_uid;
$article = format_article($this->link, $id, false, true);
$_SESSION["uid"] = "";
print_r($article['content']);
} else {
print "Article not found.";
}
}
function rss() {
header("Content-Type: text/xml; charset=utf-8");
$feed = db_escape_string($_REQUEST["id"]);
$key = db_escape_string($_REQUEST["key"]);
$is_cat = $_REQUEST["is_cat"] != false;
$limit = (int)db_escape_string($_REQUEST["limit"]);
$search = db_escape_string($_REQUEST["q"]);
$match_on = db_escape_string($_REQUEST["m"]);
$search_mode = db_escape_string($_REQUEST["smode"]);
$view_mode = db_escape_string($_REQUEST["view-mode"]);
if (SINGLE_USER_MODE) {
authenticate_user($this->link, "admin", null);
}
$owner_id = false;
if ($key) {
$result = db_query($this->link, "SELECT owner_uid FROM
ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");
if (db_num_rows($result) == 1)
$owner_id = db_fetch_result($result, 0, "owner_uid");
}
if ($owner_id) {
$_SESSION['uid'] = $owner_id;
generate_syndicated_feed($this->link, 0, $feed, $is_cat, $limit,
$search, $search_mode, $match_on, $view_mode);
} else {
header('HTTP/1.1 403 Forbidden');
}
}
/* function globalUpdateFeeds() {
// Update all feeds needing a update.
update_daemon_common($this->link, 0, true, true);
} */
}
?>

2
db-updater.php
Unescape Escape View File

@ -9,7 +9,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
init_connection($link);
if (!init_connection($link)) return;
login_sequence($link);
$owner_uid = $_SESSION["uid"];

4
include/db.php
Unescape Escape View File

@ -61,7 +61,7 @@ function db_query($link, $query, $die_on_error = true) {
if (!$result) {
$query = htmlspecialchars($query); // just in case
if ($die_on_error) {
die("Query <i>$query</i> failed [$result]: " . pg_last_error($link));
die("Query <i>$query</i> failed [$result]: " . ($link ? pg_last_error($link) : "No connection"));
}
}
return $result;
@ -70,7 +70,7 @@ function db_query($link, $query, $die_on_error = true) {
if (!$result) {
$query = htmlspecialchars($query);
if ($die_on_error) {
die("Query <i>$query</i> failed: " . mysql_error($link));
die("Query <i>$query</i> failed: " . ($link ? mysql_error($link) : "No connection"));
}
}
return $result;

295
include/functions.php
Unescape Escape View File

@ -5835,18 +5835,24 @@
}
function init_connection($link) {
if (DB_TYPE == "pgsql") {
pg_query($link, "set client_encoding = 'UTF-8'");
pg_set_client_encoding("UNICODE");
pg_query($link, "set datestyle = 'ISO, european'");
pg_query($link, "set TIME ZONE 0");
} else {
db_query($link, "SET time_zone = '+0:0'");
if ($link) {
if (defined('MYSQL_CHARSET') && MYSQL_CHARSET) {
db_query($link, "SET NAMES " . MYSQL_CHARSET);
// db_query($link, "SET CHARACTER SET " . MYSQL_CHARSET);
if (DB_TYPE == "pgsql") {
pg_query($link, "set client_encoding = 'UTF-8'");
pg_set_client_encoding("UNICODE");
pg_query($link, "set datestyle = 'ISO, european'");
pg_query($link, "set TIME ZONE 0");
} else {
db_query($link, "SET time_zone = '+0:0'");
if (defined('MYSQL_CHARSET') && MYSQL_CHARSET) {
db_query($link, "SET NAMES " . MYSQL_CHARSET);
}
}
return true;
} else {
print "Unable to connect to database:" . db_last_error();
return false;
}
}
@ -7428,242 +7434,25 @@
}
}
function handle_public_request($link, $op) {
switch ($op) {
case "getUnread":
$login = db_escape_string($_REQUEST["login"]);
$fresh = $_REQUEST["fresh"] == "1";
$result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");
if (db_num_rows($result) == 1) {
$uid = db_fetch_result($result, 0, "id");
print getGlobalUnread($link, $uid);
if ($fresh) {
print ";";
print getFeedArticles($link, -3, false, true, $uid);
}
} else {
print "-1;User not found";
}
break; // getUnread
case "getProfiles":
$login = db_escape_string($_REQUEST["login"]);
$password = db_escape_string($_REQUEST["password"]);
if (authenticate_user($link, $login, $password)) {
$result = db_query($link, "SELECT * FROM ttrss_settings_profiles
WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");
print "<select style='width: 100%' name='profile'>";
print "<option value='0'>" . __("Default profile") . "</option>";
while ($line = db_fetch_assoc($result)) {
$id = $line["id"];
$title = $line["title"];
print "<option value='$id'>$title</option>";
}
print "</select>";
$_SESSION = array();
}
break; // getprofiles
case "pubsub":
$mode = db_escape_string($_REQUEST['hub_mode']);
$feed_id = (int) db_escape_string($_REQUEST['id']);
$feed_url = db_escape_string($_REQUEST['hub_topic']);
if (!PUBSUBHUBBUB_ENABLED) {
header('HTTP/1.0 404 Not Found');
echo "404 Not found";
return;
}
// TODO: implement hub_verifytoken checking
$result = db_query($link, "SELECT feed_url FROM ttrss_feeds
WHERE id = '$feed_id'");
if (db_num_rows($result) != 0) {
$check_feed_url = db_fetch_result($result, 0, "feed_url");
if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) {
if ($mode == "subscribe") {
db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 2
WHERE id = '$feed_id'");
print $_REQUEST['hub_challenge'];
return;
} else if ($mode == "unsubscribe") {
db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 0
WHERE id = '$feed_id'");
print $_REQUEST['hub_challenge'];
return;
} else if (!$mode) {
// Received update ping, schedule feed update.
//update_rss_feed($link, $feed_id, true, true);
db_query($link, "UPDATE ttrss_feeds SET
last_update_started = '1970-01-01',
last_updated = '1970-01-01' WHERE id = '$feed_id'");
}
} else {
header('HTTP/1.0 404 Not Found');
echo "404 Not found";
}
} else {
header('HTTP/1.0 404 Not Found');
echo "404 Not found";
}
break; // pubsub
case "logout":
logout_user();
header("Location: index.php");
break; // logout
case "fbexport":
$access_key = db_escape_string($_POST["key"]);
// TODO: rate limit checking using last_connected
$result = db_query($link, "SELECT id FROM ttrss_linked_instances
WHERE access_key = '$access_key'");
if (db_num_rows($result) == 1) {
$instance_id = db_fetch_result($result, 0, "id");
$result = db_query($link, "SELECT feed_url, site_url, title, subscribers
FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");
$feeds = array();
while ($line = db_fetch_assoc($result)) {
array_push($feeds, $line);
}
db_query($link, "UPDATE ttrss_linked_instances SET
last_status_in = 1 WHERE id = '$instance_id'");
print json_encode(array("feeds" => $feeds));
} else {
print json_encode(array("error" => array("code" => 6)));
}
break; // fbexport
case "share":
$uuid = db_escape_string($_REQUEST["key"]);
$result = db_query($link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
uuid = '$uuid'");
if (db_num_rows($result) != 0) {
header("Content-Type: text/html");
$id = db_fetch_result($result, 0, "ref_id");
$owner_uid = db_fetch_result($result, 0, "owner_uid");
$_SESSION["uid"] = $owner_uid;
$article = format_article($link, $id, false, true);
$_SESSION["uid"] = "";
print_r($article['content']);
} else {
print "Article not found.";
}
break;
case "rss":
$feed = db_escape_string($_REQUEST["id"]);
$key = db_escape_string($_REQUEST["key"]);
$is_cat = $_REQUEST["is_cat"] != false;
$limit = (int)db_escape_string($_REQUEST["limit"]);
$search = db_escape_string($_REQUEST["q"]);
$match_on = db_escape_string($_REQUEST["m"]);
$search_mode = db_escape_string($_REQUEST["smode"]);
$view_mode = db_escape_string($_REQUEST["view-mode"]);
if (SINGLE_USER_MODE) {
authenticate_user($link, "admin", null);
}
$owner_id = false;
if ($key) {
$result = db_query($link, "SELECT owner_uid FROM
ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");
if (db_num_rows($result) == 1)
$owner_id = db_fetch_result($result, 0, "owner_uid");
}
if ($owner_id) {
$_SESSION['uid'] = $owner_id;
generate_syndicated_feed($link, 0, $feed, $is_cat, $limit,
$search, $search_mode, $match_on, $view_mode);
} else {
header('HTTP/1.1 403 Forbidden');
}
break; // rss
case "globalUpdateFeeds":
// Update all feeds needing a update.
update_daemon_common($link, 0, true, true);
break; // globalUpdateFeeds
default:
header("Content-Type: text/plain");
print json_encode(array("error" => array("code" => 7)));
break; // fallback
}
}
function make_feed_browser($link, $search, $limit, $mode = 1) {
$owner_uid = $_SESSION["uid"];
$rv = '';
if ($search) {
$search_qpart = "AND (UPPER(feed_url) LIKE UPPER('%$search%') OR
UPPER(title) LIKE UPPER('%$search%'))";
} else {
$search_qpart = "";
}
if ($mode == 1) {
/* $result = db_query($link, "SELECT feed_url, subscribers FROM
ttrss_feedbrowser_cache WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
WHERE tf.feed_url = ttrss_feedbrowser_cache.feed_url
AND owner_uid = '$owner_uid') $search_qpart
ORDER BY subscribers DESC LIMIT $limit"); */
$result = db_query($link, "SELECT feed_url, site_url, title, SUM(subscribers) AS subscribers FROM
(SELECT feed_url, site_url, title, subscribers FROM ttrss_feedbrowser_cache UNION ALL
SELECT feed_url, site_url, title, subscribers FROM ttrss_linked_feeds) AS qqq
@ -7672,7 +7461,7 @@
WHERE tf.feed_url = qqq.feed_url
AND owner_uid = '$owner_uid') $search_qpart
GROUP BY feed_url, site_url, title ORDER BY subscribers DESC LIMIT $limit");
} else if ($mode == 2) {
$result = db_query($link, "SELECT *,
(SELECT COUNT(*) FROM ttrss_user_entries WHERE
@ -7686,74 +7475,74 @@
owner_uid = '$owner_uid' $search_qpart
ORDER BY id DESC LIMIT $limit");
}
$feedctr = 0;
while ($line = db_fetch_assoc($result)) {
if ($mode == 1) {
$feed_url = htmlspecialchars($line["feed_url"]);
$site_url = htmlspecialchars($line["site_url"]);
$subscribers = $line["subscribers"];
$check_box = "<input onclick='toggleSelectListRow2(this)'
dojoType=\"dijit.form.CheckBox\"
type=\"checkbox\" \">";
$class = ($feedctr % 2) ? "even" : "odd";
$site_url = "<a target=\"_blank\"
href=\"$site_url\">
<span class=\"fb_feedTitle\">".
htmlspecialchars($line["title"])."</span></a>";
$feed_url = "<a target=\"_blank\" class=\"fb_feedUrl\"
href=\"$feed_url\"><img src='images/feed-icon-12x12.png'
style='vertical-align : middle'></a>";
$rv .= "<li>$check_box $feed_url $site_url".
"&nbsp;<span class='subscribers'>($subscribers)</span></li>";
} else if ($mode == 2) {
$feed_url = htmlspecialchars($line["feed_url"]);
$site_url = htmlspecialchars($line["site_url"]);
$title = htmlspecialchars($line["title"]);
$check_box = "<input onclick='toggleSelectListRow2(this)' dojoType=\"dijit.form.CheckBox\"
type=\"checkbox\">";
$class = ($feedctr % 2) ? "even" : "odd";
if ($line['articles_archived'] > 0) {
$archived = sprintf(__("%d archived articles"), $line['articles_archived']);
$archived = "&nbsp;<span class='subscribers'>($archived)</span>";
} else {
$archived = '';
}
$site_url = "<a target=\"_blank\"
href=\"$site_url\">
<span class=\"fb_feedTitle\">".
htmlspecialchars($line["title"])."</span></a>";
$feed_url = "<a target=\"_blank\" class=\"fb_feedUrl\"
href=\"$feed_url\"><img src='images/feed-icon-12x12.png'
style='vertical-align : middle'></a>";
$rv .= "<li id=\"FBROW-".$line["id"]."\">".
"$check_box $feed_url $site_url $archived</li>";
}
++$feedctr;
}
if ($feedctr == 0) {
$rv .= "<li style=\"text-align : center\"><p>".__('No feeds found.')."</p></li>";
}
return $rv;
}
?>

2
index.php
Unescape Escape View File

@ -16,7 +16,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
init_connection($link);
if (!init_connection($link)) return;
login_sequence($link);

2
opml.php
Unescape Escape View File

@ -10,7 +10,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
init_connection($link);
if (!init_connection($link)) return;
function opml_export($link, $name, $owner_uid, $hide_private_feeds=false, $include_settings=true) {
if (!$_REQUEST["debug"]) {

2
prefs.php
Unescape Escape View File

@ -10,7 +10,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
init_connection($link);
if (!init_connection($link)) return;
login_sequence($link);

45
public.php
Unescape Escape View File

@ -16,10 +16,8 @@
$_REQUEST = array_map('stripslashes_deep', $_REQUEST);
}
$op = $_REQUEST["op"];
require_once "functions.php";
if ($op != "share") require_once "sessions.php";
require_once "sessions.php";
require_once "sanity_check.php";
require_once "config.php";
require_once "db.php";
@ -33,30 +31,37 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (!$link) {
if (DB_TYPE == "mysql") {
print mysql_error();
}
// PG seems to display its own errors just fine by default.
return;
if (!init_connection($link)) return;
if (ENABLE_GZIP_OUTPUT) {
ob_start("ob_gzhandler");
}
init_connection($link);
function __autoload($class) {
$file = "classes/".strtolower(basename($class)).".php";
if (file_exists($file)) {
require $file;
}
}
$method = $_REQUEST["method"];
$mode = $_REQUEST["mode"];
$method = $_REQUEST["op"];
if ((!$op || $op == "rss" || $op == "dlg") && !$_REQUEST["noxml"]) {
header("Content-Type: application/xml; charset=utf-8");
} else {
header("Content-Type: text/plain; charset=utf-8");
}
$handler = new Public_Handler($link, $_REQUEST);
if (ENABLE_GZIP_OUTPUT) {
ob_start("ob_gzhandler");
if ($handler) {
if ($handler->before()) {
if ($method && method_exists($handler, $method)) {
$handler->$method();
} else if (method_exists($handler, 'index')) {
$handler->index();
}
$handler->after();
return;
}
}
handle_public_request($link, $op);
header("Content-Type: text/plain");
print json_encode(array("error" => array("code" => 7)));
// We close the connection to database.
db_close($link);

2
register.php
Unescape Escape View File

@ -18,7 +18,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
init_connection($link);
if (!init_connection($link)) return;
if ($_REQUEST["format"] == "feed") {
header("Content-Type: text/xml");

2
twitter.php
Unescape Escape View File

@ -11,7 +11,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
init_connection($link);
if (!init_connection($link)) return;
login_sequence($link);
$owner_uid = $_SESSION["uid"];

8
update.php
Unescape Escape View File

@ -47,14 +47,6 @@
// Create a database connection.
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (!$link) {
if (DB_TYPE == "mysql") {
print mysql_error();
}
// PG seems to display its own errors just fine by default.
return;
}
init_connection($link);
if ($op == "-feeds") {

18
update_daemon2.php
Unescape Escape View File

@ -133,13 +133,7 @@
// It is unnecessary to start the fork loop if database is not ok.
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (!$link) {
if (DB_TYPE == "mysql") {
print mysql_error();
}
// PG seems to display its own errors just fine by default.
return;
}
if (!init_connection($link)) return;
db_close($link);
@ -190,15 +184,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (!$link) {
if (DB_TYPE == "mysql") {
print mysql_error();
}
// PG seems to display its own errors just fine by default.
return;
}
init_connection($link);
if (!init_connection($link)) return;
// We disable stamp file, since it is of no use in a multiprocess update.
// not really, tho for the time being -fox

Write Preview
Loading…
Cancel
Save