banananetwork
/
tt-rss
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

feeds: use PDO

Browse Source
master
Andrew Dolgov 7 years ago
parent 2e52e4fd7a
commit bf6db17b8f
1 changed files with 152 additions and 163 deletions
Show Stats Download Patch File Download Diff File

83
classes/pref/feeds.php
Unescape Escape View File

@ -499,20 +499,20 @@ class Pref_Feeds extends Handler_Protected {
global $purge_intervals;
global $update_intervals;
print '<div dojoType="dijit.layout.TabContainer" style="height : 450px">
<div dojoType="dijit.layout.ContentPane" title="'.__('General').'">';
$feed_id = $_REQUEST["id"];
$result = db_query(
"SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
owner_uid = " . $_SESSION["uid"]);
$sth = $this->pdo->prepare("SELECT * FROM ttrss_feeds WHERE id = ? AND
owner_uid = ?");
$sth->execute([$feed_id, $_SESSION['uid']]);
if ($row = $sth->fetch()) {
print '<div dojoType="dijit.layout.TabContainer" style="height : 450px">
<div dojoType="dijit.layout.ContentPane" title="'.__('General').'">';
$auth_pass_encrypted = sql_bool_to_bool(db_fetch_result($result, 0,
"auth_pass_encrypted"));
$auth_pass_encrypted = sql_bool_to_bool($row["auth_pass_encrypted"]);
$title = htmlspecialchars(db_fetch_result($result,
0, "title"));
$title = htmlspecialchars($row["title"]);
print_hidden("id", "$feed_id");
print_hidden("op", "pref-feeds");
@ -529,9 +529,7 @@ class Pref_Feeds extends Handler_Protected {
/* Feed URL */
$feed_url = db_fetch_result($result, 0, "feed_url");
$feed_url = htmlspecialchars(db_fetch_result($result,
0, "feed_url"));
$feed_url = htmlspecialchars($row["feed_url"]);
print "<hr/>";
@ -541,7 +539,7 @@ class Pref_Feeds extends Handler_Protected {
regExp='^(http|https)://.*' style=\"width : 20em\"
name=\"feed_url\" value=\"$feed_url\">";
$last_error = db_fetch_result($result, 0, "last_error");
$last_error = $row["last_error"];
if ($last_error) {
print "&nbsp;<img src=\"images/error.png\" alt=\"(error)\"
@ -554,7 +552,7 @@ class Pref_Feeds extends Handler_Protected {
if (get_pref('ENABLE_FEED_CATS')) {
$cat_id = db_fetch_result($result, 0, "cat_id");
$cat_id = $row["cat_id"];
print "<hr/>";
@ -567,7 +565,7 @@ class Pref_Feeds extends Handler_Protected {
/* FTS Stemming Language */
if (DB_TYPE == "pgsql") {
$feed_language = db_fetch_result($result, 0, "feed_language");
$feed_language = $row["feed_language"];
print "<hr/>";
@ -583,14 +581,14 @@ class Pref_Feeds extends Handler_Protected {
/* Update Interval */
$update_interval = db_fetch_result($result, 0, "update_interval");
$update_interval = $row["update_interval"];
print_select_hash("update_interval", $update_interval, $update_intervals,
'dojoType="dijit.form.Select"');
/* Purge intl */
$purge_interval = db_fetch_result($result, 0, "purge_interval");
$purge_interval = $row["purge_interval"];
print "<hr/>";
print __('Article purging:') . " ";
@ -601,8 +599,8 @@ class Pref_Feeds extends Handler_Protected {
print "</div>";
$auth_login = htmlspecialchars(db_fetch_result($result, 0, "auth_login"));
$auth_pass = db_fetch_result($result, 0, "auth_pass");
$auth_login = htmlspecialchars($row["auth_login"]);
$auth_pass = $row["auth_pass"];
if ($auth_pass_encrypted && function_exists("mcrypt_decrypt")) {
require_once "crypt.php";
@ -646,7 +644,7 @@ class Pref_Feeds extends Handler_Protected {
//print "<div class=\"dlgSec\">".__("Options")."</div>";
print "<div class=\"dlgSecSimple\">";
$private = sql_bool_to_bool(db_fetch_result($result, 0, "private"));
$private = sql_bool_to_bool($row["private"]);
if ($private) {
$checked = "checked=\"1\"";
@ -657,7 +655,7 @@ class Pref_Feeds extends Handler_Protected {
print "<input dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" name=\"private\" id=\"private\"
$checked>&nbsp;<label for=\"private\">".__('Hide from Popular feeds')."</label>";
$include_in_digest = sql_bool_to_bool(db_fetch_result($result, 0, "include_in_digest"));
$include_in_digest = sql_bool_to_bool($row["include_in_digest"]);
if ($include_in_digest) {
$checked = "checked=\"1\"";
@ -670,7 +668,7 @@ class Pref_Feeds extends Handler_Protected {
$checked>&nbsp;<label for=\"include_in_digest\">".__('Include in e-mail digest')."</label>";
$always_display_enclosures = sql_bool_to_bool(db_fetch_result($result, 0, "always_display_enclosures"));
$always_display_enclosures = sql_bool_to_bool($row["always_display_enclosures"]);
if ($always_display_enclosures) {
$checked = "checked";
@ -682,7 +680,7 @@ class Pref_Feeds extends Handler_Protected {
name=\"always_display_enclosures\"
$checked>&nbsp;<label for=\"always_display_enclosures\">".__('Always display image attachments')."</label>";
$hide_images = sql_bool_to_bool(db_fetch_result($result, 0, "hide_images"));
$hide_images = sql_bool_to_bool($row["hide_images"]);
if ($hide_images) {
$checked = "checked=\"1\"";
@ -695,7 +693,7 @@ class Pref_Feeds extends Handler_Protected {
$checked>&nbsp;<label for=\"hide_images\">".
__('Do not embed images')."</label>";
$cache_images = sql_bool_to_bool(db_fetch_result($result, 0, "cache_images"));
$cache_images = sql_bool_to_bool($row["cache_images"]);
if ($cache_images) {
$checked = "checked=\"1\"";
@ -708,7 +706,7 @@ class Pref_Feeds extends Handler_Protected {
$checked>&nbsp;<label for=\"cache_images\">".
__('Cache media')."</label>";
$mark_unread_on_update = sql_bool_to_bool(db_fetch_result($result, 0, "mark_unread_on_update"));
$mark_unread_on_update = sql_bool_to_bool($row["mark_unread_on_update"]);
if ($mark_unread_on_update) {
$checked = "checked";
@ -766,9 +764,7 @@ class Pref_Feeds extends Handler_Protected {
print "<button dojoType=\"dijit.form.Button\" onclick=\"return dijit.byId('feedEditDlg').execute()\">".__('Save')."</button>
<button dojoType=\"dijit.form.Button\" onclick=\"return dijit.byId('feedEditDlg').hide()\">".__('Cancel')."</button>
</div>";
return;
}
}
function editfeeds() {
@ -1129,10 +1125,15 @@ class Pref_Feeds extends Handler_Protected {
print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">";
print "<div id=\"pref-feeds-feeds\" dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Feeds')."\">";
$result = db_query("SELECT COUNT(id) AS num_errors
FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
$sth = $this->pdo->prepare("SELECT COUNT(id) AS num_errors
FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ?");
$sth->execute([$_SESSION['uid']]);
$num_errors = db_fetch_result($result, 0, "num_errors");
if ($row = $sth->fetch()) {
$num_errors = $row["num_errors"];
} else {
$num_errors = 0;
}
if ($num_errors > 0) {
@ -1737,25 +1738,13 @@ class Pref_Feeds extends Handler_Protected {
private function update_feed_access_key($feed_id, $is_cat, $owner_uid = false) {
if (!$owner_uid) $owner_uid = $_SESSION["uid"];
$sql_is_cat = bool_to_sql_bool($is_cat);
$result = db_query("SELECT access_key FROM ttrss_access_keys
WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat
AND owner_uid = " . $owner_uid);
// clear old value and generate new one
$sth = $this->pdo->prepare("DELETE FROM ttrss_access_keys
WHERE feed_id = ? AND is_cat = ? AND owner_uid = ?");
$sth->execute([$feed_id, $is_cat, $owner_uid]);
if (db_num_rows($result) == 1) {
$key = uniqid_short();
db_query("UPDATE ttrss_access_keys SET access_key = '$key'
WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat
AND owner_uid = " . $owner_uid);
return $key;
} else {
return get_feed_access_key($feed_id, $is_cat, $owner_uid);
}
}
// Silent
function clearKeys() {

Write Preview
Loading…
Cancel
Save