article.php 28 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068
  1. <?php
  2. class Article extends Handler_Protected {
  3. function csrf_ignore($method) {
  4. $csrf_ignored = array("redirect", "editarticletags");
  5. return array_search($method, $csrf_ignored) !== false;
  6. }
  7. function redirect() {
  8. $id = clean($_REQUEST['id']);
  9. $sth = $this->pdo->prepare("SELECT link FROM ttrss_entries, ttrss_user_entries
  10. WHERE id = ? AND id = ref_id AND owner_uid = ?
  11. LIMIT 1");
  12. $sth->execute([$id, $_SESSION['uid']]);
  13. if ($row = $sth->fetch()) {
  14. $article_url = $row['link'];
  15. $article_url = str_replace("\n", "", $article_url);
  16. header("Location: $article_url");
  17. return;
  18. } else {
  19. print_error(__("Article not found."));
  20. }
  21. }
  22. /*
  23. function view() {
  24. $id = clean($_REQUEST["id"]);
  25. $cids = explode(",", clean($_REQUEST["cids"]));
  26. $mode = clean($_REQUEST["mode"]);
  27. // in prefetch mode we only output requested cids, main article
  28. // just gets marked as read (it already exists in client cache)
  29. $articles = array();
  30. if ($mode == "") {
  31. array_push($articles, $this->format_article($id, false));
  32. } else if ($mode == "zoom") {
  33. array_push($articles, $this->format_article($id, true, true));
  34. } else if ($mode == "raw") {
  35. if (isset($_REQUEST['html'])) {
  36. header("Content-Type: text/html");
  37. print '<link rel="stylesheet" type="text/css" href="css/default.css"/>';
  38. }
  39. $article = $this->format_article($id, false, isset($_REQUEST["zoom"]));
  40. print $article['content'];
  41. return;
  42. }
  43. $this->catchupArticleById($id, 0);
  44. if (!$_SESSION["bw_limit"]) {
  45. foreach ($cids as $cid) {
  46. if ($cid) {
  47. array_push($articles, $this->format_article($cid, false, false));
  48. }
  49. }
  50. }
  51. print json_encode($articles);
  52. } */
  53. /*
  54. private function catchupArticleById($id, $cmode) {
  55. if ($cmode == 0) {
  56. $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
  57. unread = false,last_read = NOW()
  58. WHERE ref_id = ? AND owner_uid = ?");
  59. } else if ($cmode == 1) {
  60. $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
  61. unread = true
  62. WHERE ref_id = ? AND owner_uid = ?");
  63. } else {
  64. $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
  65. unread = NOT unread,last_read = NOW()
  66. WHERE ref_id = ? AND owner_uid = ?");
  67. }
  68. $sth->execute([$id, $_SESSION['uid']]);
  69. $feed_id = $this->getArticleFeed($id);
  70. CCache::update($feed_id, $_SESSION["uid"]);
  71. }
  72. */
  73. static function create_published_article($title, $url, $content, $labels_str,
  74. $owner_uid) {
  75. $guid = 'SHA1:' . sha1("ttshared:" . $url . $owner_uid); // include owner_uid to prevent global GUID clash
  76. if (!$content) {
  77. $pluginhost = new PluginHost();
  78. $pluginhost->load_all(PluginHost::KIND_ALL, $owner_uid);
  79. $pluginhost->load_data();
  80. $af_readability = $pluginhost->get_plugin("Af_Readability");
  81. if ($af_readability) {
  82. $enable_share_anything = $pluginhost->get($af_readability, "enable_share_anything");
  83. if ($enable_share_anything) {
  84. $extracted_content = $af_readability->extract_content($url);
  85. if ($extracted_content) $content = $extracted_content;
  86. }
  87. }
  88. }
  89. $content_hash = sha1($content);
  90. if ($labels_str != "") {
  91. $labels = explode(",", $labels_str);
  92. } else {
  93. $labels = array();
  94. }
  95. $rc = false;
  96. if (!$title) $title = $url;
  97. if (!$title && !$url) return false;
  98. if (filter_var($url, FILTER_VALIDATE_URL) === FALSE) return false;
  99. $pdo = Db::pdo();
  100. $pdo->beginTransaction();
  101. // only check for our user data here, others might have shared this with different content etc
  102. $sth = $pdo->prepare("SELECT id FROM ttrss_entries, ttrss_user_entries WHERE
  103. guid = ? AND ref_id = id AND owner_uid = ? LIMIT 1");
  104. $sth->execute([$guid, $owner_uid]);
  105. if ($row = $sth->fetch()) {
  106. $ref_id = $row['id'];
  107. $sth = $pdo->prepare("SELECT int_id FROM ttrss_user_entries WHERE
  108. ref_id = ? AND owner_uid = ? LIMIT 1");
  109. $sth->execute([$ref_id, $owner_uid]);
  110. if ($row = $sth->fetch()) {
  111. $int_id = $row['int_id'];
  112. $sth = $pdo->prepare("UPDATE ttrss_entries SET
  113. content = ?, content_hash = ? WHERE id = ?");
  114. $sth->execute([$content, $content_hash, $ref_id]);
  115. $sth = $pdo->prepare("UPDATE ttrss_user_entries SET published = true,
  116. last_published = NOW() WHERE
  117. int_id = ? AND owner_uid = ?");
  118. $sth->execute([$int_id, $owner_uid]);
  119. } else {
  120. $sth = $pdo->prepare("INSERT INTO ttrss_user_entries
  121. (ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache,
  122. last_read, note, unread, last_published)
  123. VALUES
  124. (?, '', NULL, NULL, ?, true, '', '', NOW(), '', false, NOW())");
  125. $sth->execute([$ref_id, $owner_uid]);
  126. }
  127. if (count($labels) != 0) {
  128. foreach ($labels as $label) {
  129. Labels::add_article($ref_id, trim($label), $owner_uid);
  130. }
  131. }
  132. $rc = true;
  133. } else {
  134. $sth = $pdo->prepare("INSERT INTO ttrss_entries
  135. (title, guid, link, updated, content, content_hash, date_entered, date_updated)
  136. VALUES
  137. (?, ?, ?, NOW(), ?, ?, NOW(), NOW())");
  138. $sth->execute([$title, $guid, $url, $content, $content_hash]);
  139. $sth = $pdo->prepare("SELECT id FROM ttrss_entries WHERE guid = ?");
  140. $sth->execute([$guid]);
  141. if ($row = $sth->fetch()) {
  142. $ref_id = $row["id"];
  143. $sth = $pdo->prepare("INSERT INTO ttrss_user_entries
  144. (ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache,
  145. last_read, note, unread, last_published)
  146. VALUES
  147. (?, '', NULL, NULL, ?, true, '', '', NOW(), '', false, NOW())");
  148. $sth->execute([$ref_id, $owner_uid]);
  149. if (count($labels) != 0) {
  150. foreach ($labels as $label) {
  151. Labels::add_article($ref_id, trim($label), $owner_uid);
  152. }
  153. }
  154. $rc = true;
  155. }
  156. }
  157. $pdo->commit();
  158. return $rc;
  159. }
  160. function editArticleTags() {
  161. print __("Tags for this article (separated by commas):")."<br>";
  162. $param = clean($_REQUEST['param']);
  163. $tags = Article::get_article_tags($param);
  164. $tags_str = join(", ", $tags);
  165. print_hidden("id", "$param");
  166. print_hidden("op", "article");
  167. print_hidden("method", "setArticleTags");
  168. print "<table width='100%'><tr><td>";
  169. print "<textarea dojoType=\"dijit.form.SimpleTextarea\" rows='4'
  170. style='height : 100px; font-size : 12px; width : 98%' id=\"tags_str\"
  171. name='tags_str'>$tags_str</textarea>
  172. <div class=\"autocomplete\" id=\"tags_choices\"
  173. style=\"display:none\"></div>";
  174. print "</td></tr></table>";
  175. print "<div class='dlgButtons'>";
  176. print "<button dojoType=\"dijit.form.Button\"
  177. onclick=\"dijit.byId('editTagsDlg').execute()\">".__('Save')."</button> ";
  178. print "<button dojoType=\"dijit.form.Button\"
  179. onclick=\"dijit.byId('editTagsDlg').hide()\">".__('Cancel')."</button>";
  180. print "</div>";
  181. }
  182. function setScore() {
  183. $ids = explode(",", clean($_REQUEST['id']));
  184. $score = (int)clean($_REQUEST['score']);
  185. $ids_qmarks = arr_qmarks($ids);
  186. $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
  187. score = ? WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
  188. $sth->execute(array_merge([$score], $ids, [$_SESSION['uid']]));
  189. print json_encode(array("id" => $ids,
  190. "score" => (int)$score,
  191. "score_class" => get_score_class($score),
  192. "score_pic" => get_score_pic($score)));
  193. }
  194. function getScore() {
  195. $id = clean($_REQUEST['id']);
  196. $sth = $this->pdo->prepare("SELECT score FROM ttrss_user_entries WHERE ref_id = ? AND owner_uid = ?");
  197. $sth->execute([$id, $_SESSION['uid']]);
  198. $row = $sth->fetch();
  199. $score = $row['score'];
  200. print json_encode(array("id" => $id,
  201. "score" => (int)$score,
  202. "score_pic" => get_score_pic($score)));
  203. }
  204. function setArticleTags() {
  205. $id = clean($_REQUEST["id"]);
  206. $tags_str = clean($_REQUEST["tags_str"]);
  207. $tags = array_unique(trim_array(explode(",", $tags_str)));
  208. $this->pdo->beginTransaction();
  209. $sth = $this->pdo->prepare("SELECT int_id FROM ttrss_user_entries WHERE
  210. ref_id = ? AND owner_uid = ? LIMIT 1");
  211. $sth->execute([$id, $_SESSION['uid']]);
  212. if ($row = $sth->fetch()) {
  213. $tags_to_cache = array();
  214. $int_id = $row['int_id'];
  215. $sth = $this->pdo->prepare("DELETE FROM ttrss_tags WHERE
  216. post_int_id = ? AND owner_uid = ?");
  217. $sth->execute([$int_id, $_SESSION['uid']]);
  218. foreach ($tags as $tag) {
  219. $tag = sanitize_tag($tag);
  220. if (!tag_is_valid($tag)) {
  221. continue;
  222. }
  223. if (preg_match("/^[0-9]*$/", $tag)) {
  224. continue;
  225. }
  226. // print "<!-- $id : $int_id : $tag -->";
  227. if ($tag != '') {
  228. $sth = $this->pdo->prepare("INSERT INTO ttrss_tags
  229. (post_int_id, owner_uid, tag_name)
  230. VALUES (?, ?, ?)");
  231. $sth->execute([$int_id, $_SESSION['uid'], $tag]);
  232. }
  233. array_push($tags_to_cache, $tag);
  234. }
  235. /* update tag cache */
  236. sort($tags_to_cache);
  237. $tags_str = join(",", $tags_to_cache);
  238. $sth = $this->pdo->prepare("UPDATE ttrss_user_entries
  239. SET tag_cache = ? WHERE ref_id = ? AND owner_uid = ?");
  240. $sth->execute([$tags_str, $id, $_SESSION['uid']]);
  241. }
  242. $this->pdo->commit();
  243. $tags = Article::get_article_tags($id);
  244. $tags_str = $this->format_tags_string($tags, $id);
  245. $tags_str_full = join(", ", $tags);
  246. if (!$tags_str_full) $tags_str_full = __("no tags");
  247. print json_encode(array("id" => (int)$id,
  248. "content" => $tags_str, "content_full" => $tags_str_full));
  249. }
  250. function completeTags() {
  251. $search = clean($_REQUEST["search"]);
  252. $sth = $this->pdo->prepare("SELECT DISTINCT tag_name FROM ttrss_tags
  253. WHERE owner_uid = ? AND
  254. tag_name LIKE ? ORDER BY tag_name
  255. LIMIT 10");
  256. $sth->execute([$_SESSION['uid'], "$search%"]);
  257. print "<ul>";
  258. while ($line = $sth->fetch()) {
  259. print "<li>" . $line["tag_name"] . "</li>";
  260. }
  261. print "</ul>";
  262. }
  263. function assigntolabel() {
  264. return $this->labelops(true);
  265. }
  266. function removefromlabel() {
  267. return $this->labelops(false);
  268. }
  269. private function labelops($assign) {
  270. $reply = array();
  271. $ids = explode(",", clean($_REQUEST["ids"]));
  272. $label_id = clean($_REQUEST["lid"]);
  273. $label = Labels::find_caption($label_id, $_SESSION["uid"]);
  274. $reply["info-for-headlines"] = array();
  275. if ($label) {
  276. foreach ($ids as $id) {
  277. if ($assign)
  278. Labels::add_article($id, $label, $_SESSION["uid"]);
  279. else
  280. Labels::remove_article($id, $label, $_SESSION["uid"]);
  281. $labels = $this->get_article_labels($id, $_SESSION["uid"]);
  282. array_push($reply["info-for-headlines"],
  283. array("id" => $id, "labels" => $this->format_article_labels($labels)));
  284. }
  285. }
  286. $reply["message"] = "UPDATE_COUNTERS";
  287. print json_encode($reply);
  288. }
  289. function getArticleFeed($id) {
  290. $sth = $this->pdo->prepare("SELECT feed_id FROM ttrss_user_entries
  291. WHERE ref_id = ? AND owner_uid = ?");
  292. $sth->execute([$id, $_SESSION['uid']]);
  293. if ($row = $sth->fetch()) {
  294. return $row["feed_id"];
  295. } else {
  296. return 0;
  297. }
  298. }
  299. static function format_article_enclosures($id, $always_display_enclosures,
  300. $article_content, $hide_images = false) {
  301. $result = Article::get_article_enclosures($id);
  302. $rv = '';
  303. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_FORMAT_ENCLOSURES) as $plugin) {
  304. $retval = $plugin->hook_format_enclosures($rv, $result, $id, $always_display_enclosures, $article_content, $hide_images);
  305. if (is_array($retval)) {
  306. $rv = $retval[0];
  307. $result = $retval[1];
  308. } else {
  309. $rv = $retval;
  310. }
  311. }
  312. unset($retval); // Unset to prevent breaking render if there are no HOOK_RENDER_ENCLOSURE hooks below.
  313. if ($rv === '' && !empty($result)) {
  314. $entries_html = array();
  315. $entries = array();
  316. $entries_inline = array();
  317. foreach ($result as $line) {
  318. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ENCLOSURE_ENTRY) as $plugin) {
  319. $line = $plugin->hook_enclosure_entry($line);
  320. }
  321. $url = $line["content_url"];
  322. $ctype = $line["content_type"];
  323. $title = $line["title"];
  324. $width = $line["width"];
  325. $height = $line["height"];
  326. if (!$ctype) $ctype = __("unknown type");
  327. //$filename = substr($url, strrpos($url, "/")+1);
  328. $filename = basename($url);
  329. $player = format_inline_player($url, $ctype);
  330. if ($player) array_push($entries_inline, $player);
  331. # $entry .= " <a target=\"_blank\" href=\"" . htmlspecialchars($url) . "\" rel=\"noopener noreferrer\">" .
  332. # $filename . " (" . $ctype . ")" . "</a>";
  333. $entry = "<div onclick=\"popupOpenUrl('".htmlspecialchars($url)."')\"
  334. dojoType=\"dijit.MenuItem\">$filename ($ctype)</div>";
  335. array_push($entries_html, $entry);
  336. $entry = array();
  337. $entry["type"] = $ctype;
  338. $entry["filename"] = $filename;
  339. $entry["url"] = $url;
  340. $entry["title"] = $title;
  341. $entry["width"] = $width;
  342. $entry["height"] = $height;
  343. array_push($entries, $entry);
  344. }
  345. if ($_SESSION['uid'] && !get_pref("STRIP_IMAGES") && !$_SESSION["bw_limit"]) {
  346. if ($always_display_enclosures ||
  347. !preg_match("/<img/i", $article_content)) {
  348. foreach ($entries as $entry) {
  349. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_RENDER_ENCLOSURE) as $plugin)
  350. $retval = $plugin->hook_render_enclosure($entry, $hide_images);
  351. if ($retval) {
  352. $rv .= $retval;
  353. } else {
  354. if (preg_match("/image/", $entry["type"])) {
  355. if (!$hide_images) {
  356. $encsize = '';
  357. if ($entry['height'] > 0)
  358. $encsize .= ' height="' . intval($entry['height']) . '"';
  359. if ($entry['width'] > 0)
  360. $encsize .= ' width="' . intval($entry['width']) . '"';
  361. $rv .= "<p><img
  362. alt=\"".htmlspecialchars($entry["filename"])."\"
  363. src=\"" .htmlspecialchars($entry["url"]) . "\"
  364. " . $encsize . " /></p>";
  365. } else {
  366. $rv .= "<p><a target=\"_blank\" rel=\"noopener noreferrer\"
  367. href=\"".htmlspecialchars($entry["url"])."\"
  368. >" .htmlspecialchars($entry["url"]) . "</a></p>";
  369. }
  370. if ($entry['title']) {
  371. $rv.= "<div class=\"enclosure_title\">${entry['title']}</div>";
  372. }
  373. }
  374. }
  375. }
  376. }
  377. }
  378. if (count($entries_inline) > 0) {
  379. //$rv .= "<hr clear='both'/>";
  380. foreach ($entries_inline as $entry) { $rv .= $entry; };
  381. $rv .= "<br clear='both'/>";
  382. }
  383. $rv .= "<div class=\"attachments\" dojoType=\"dijit.form.DropDownButton\">".
  384. "<span>" . __('Attachments')."</span>";
  385. $rv .= "<div dojoType=\"dijit.Menu\" style=\"display: none;\">";
  386. foreach ($entries as $entry) {
  387. if ($entry["title"])
  388. $title = " &mdash; " . truncate_string($entry["title"], 30);
  389. else
  390. $title = "";
  391. if ($entry["filename"])
  392. $filename = truncate_middle(htmlspecialchars($entry["filename"]), 60);
  393. else
  394. $filename = "";
  395. $rv .= "<div onclick='popupOpenUrl(\"".htmlspecialchars($entry["url"])."\")'
  396. dojoType=\"dijit.MenuItem\">".$filename . $title."</div>";
  397. };
  398. $rv .= "</div>";
  399. $rv .= "</div>";
  400. }
  401. return $rv;
  402. }
  403. static function format_article($id, $mark_as_read = true, $zoom_mode = false, $owner_uid = false) {
  404. if (!$owner_uid) $owner_uid = $_SESSION["uid"];
  405. $rv = array();
  406. $rv['id'] = $id;
  407. /* we can figure out feed_id from article id anyway, why do we
  408. * pass feed_id here? let's ignore the argument :(*/
  409. $pdo = Db::pdo();
  410. $sth = $pdo->prepare("SELECT feed_id FROM ttrss_user_entries
  411. WHERE ref_id = ?");
  412. $sth->execute([$id]);
  413. $row = $sth->fetch();
  414. $feed_id = (int) $row["feed_id"];
  415. $rv['feed_id'] = $feed_id;
  416. //if (!$zoom_mode) { print "<article id='$id'><![CDATA["; };
  417. if ($mark_as_read) {
  418. $sth = $pdo->prepare("UPDATE ttrss_user_entries
  419. SET unread = false,last_read = NOW()
  420. WHERE ref_id = ? AND owner_uid = ?");
  421. $sth->execute([$id, $owner_uid]);
  422. CCache::update($feed_id, $owner_uid);
  423. }
  424. $sth = $pdo->prepare("SELECT id,title,link,content,feed_id,comments,int_id,lang,
  425. ".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
  426. (SELECT site_url FROM ttrss_feeds WHERE id = feed_id) as site_url,
  427. (SELECT title FROM ttrss_feeds WHERE id = feed_id) as feed_title,
  428. (SELECT hide_images FROM ttrss_feeds WHERE id = feed_id) as hide_images,
  429. (SELECT always_display_enclosures FROM ttrss_feeds WHERE id = feed_id) as always_display_enclosures,
  430. num_comments,
  431. tag_cache,
  432. author,
  433. guid,
  434. orig_feed_id,
  435. note
  436. FROM ttrss_entries,ttrss_user_entries
  437. WHERE id = ? AND ref_id = id AND owner_uid = ?");
  438. $sth->execute([$id, $owner_uid]);
  439. if ($line = $sth->fetch()) {
  440. $line["tags"] = Article::get_article_tags($id, $owner_uid, $line["tag_cache"]);
  441. unset($line["tag_cache"]);
  442. $line["content"] = sanitize($line["content"],
  443. $line['hide_images'],
  444. $owner_uid, $line["site_url"], false, $line["id"]);
  445. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_RENDER_ARTICLE) as $p) {
  446. $line = $p->hook_render_article($line);
  447. }
  448. $line['content'] = rewrite_cached_urls($line['content']);
  449. $num_comments = (int) $line["num_comments"];
  450. $entry_comments = "";
  451. if ($num_comments > 0) {
  452. if ($line["comments"]) {
  453. $comments_url = htmlspecialchars($line["comments"]);
  454. } else {
  455. $comments_url = htmlspecialchars($line["link"]);
  456. }
  457. $entry_comments = "<a class=\"comments\"
  458. target='_blank' rel=\"noopener noreferrer\" href=\"$comments_url\">$num_comments ".
  459. _ngettext("comment", "comments", $num_comments)."</a>";
  460. } else {
  461. if ($line["comments"] && $line["link"] != $line["comments"]) {
  462. $entry_comments = "<a class=\"comments\" target='_blank' rel=\"noopener noreferrer\" href=\"".
  463. htmlspecialchars($line["comments"])."\">".__("comments")."</a>";
  464. }
  465. }
  466. $enclosures = self::get_article_enclosures($line["id"]);
  467. if ($zoom_mode) {
  468. header("Content-Type: text/html");
  469. $rv['content'] .= "<!DOCTYPE html>
  470. <html><head>
  471. <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>
  472. <title>".$line["title"]."</title>".
  473. stylesheet_tag("css/default.css")."
  474. <link rel=\"shortcut icon\" type=\"image/png\" href=\"images/favicon.png\">
  475. <link rel=\"icon\" type=\"image/png\" sizes=\"72x72\" href=\"images/favicon-72px.png\">";
  476. $rv['content'] .= "<meta property=\"og:title\" content=\"".htmlspecialchars($line["title"])."\"/>\n";
  477. $rv['content'] .= "<meta property=\"og:site_name\" content=\"".htmlspecialchars($line["feed_title"])."\"/>\n";
  478. $rv['content'] .= "<meta property=\"og:description\" content=\"".
  479. htmlspecialchars(truncate_string(strip_tags($line["content"]), 500, "..."))."\"/>\n";
  480. $rv['content'] .= "</head>";
  481. $og_image = false;
  482. foreach ($enclosures as $enc) {
  483. if (strpos($enc["content_type"], "image/") !== FALSE) {
  484. $og_image = $enc["content_url"];
  485. break;
  486. }
  487. }
  488. if (!$og_image) {
  489. $tmpdoc = new DOMDocument();
  490. if (@$tmpdoc->loadHTML(mb_substr($line["content"], 0, 131070))) {
  491. $tmpxpath = new DOMXPath($tmpdoc);
  492. $first_img = $tmpxpath->query("//img")->item(0);
  493. if ($first_img) {
  494. $og_image = $first_img->getAttribute("src");
  495. }
  496. }
  497. }
  498. if ($og_image) {
  499. $rv['content'] .= "<meta property=\"og:image\" content=\"" . htmlspecialchars($og_image) . "\"/>";
  500. }
  501. $rv['content'] .= "<body class='flat ttrss_utility ttrss_zoom'>";
  502. }
  503. $rv['content'] .= "<div class='post post-$id'>";
  504. /* header */
  505. $rv['content'] .= "<div class='header'>";
  506. $rv['content'] .= "<div class='row'>"; # row
  507. //$entry_author = $line["author"] ? " - " . $line["author"] : "";
  508. $parsed_updated = make_local_datetime($line["updated"], true,
  509. $owner_uid, true);
  510. if ($line["link"]) {
  511. $rv['content'] .= "<div class='title'><a target='_blank' rel='noopener noreferrer'
  512. title=\"".htmlspecialchars($line['title'])."\"
  513. href=\"" .htmlspecialchars($line["link"]) . "\">" . $line["title"] . "</a></div>";
  514. } else {
  515. $rv['content'] .= "<div class='title'>" . $line["title"] . "</div>";
  516. }
  517. if (!$zoom_mode)
  518. $rv['content'] .= "<div class='date'>$parsed_updated<br/></div>";
  519. $rv['content'] .= "</div>"; # row
  520. $rv['content'] .= "<div class='row'>"; # row
  521. /* left buttons */
  522. $rv['content'] .= "<div class='buttons left'>";
  523. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ARTICLE_LEFT_BUTTON) as $p) {
  524. $rv['content'] .= $p->hook_article_left_button($line);
  525. }
  526. $rv['content'] .= "</div>";
  527. /* comments */
  528. $rv['content'] .= "<div class='comments'>$entry_comments</div>";
  529. $rv['content'] .= "<div class='author'>".$line['author']."</div>";
  530. /* tags */
  531. $tags_str = Article::format_tags_string($line["tags"], $id);
  532. $tags_str_full = join(", ", $line["tags"]);
  533. if (!$tags_str_full) $tags_str_full = __("no tags");
  534. $rv['content'] .= "<i class='material-icons'>label_outline</i><div>";
  535. if (!$zoom_mode) {
  536. $rv['content'] .= "<span id=\"ATSTR-$id\">$tags_str</span>
  537. <a title=\"".__('Edit tags for this article')."\"
  538. href=\"#\" onclick=\"Article.editTags($id)\">(+)</a>";
  539. $rv['content'] .= "<div dojoType=\"dijit.Tooltip\"
  540. id=\"ATSTRTIP-$id\" connectId=\"ATSTR-$id\"
  541. position=\"below\">$tags_str_full</div>";
  542. } else {
  543. $tags_str = strip_tags($tags_str);
  544. $rv['content'] .= "<span id=\"ATSTR-$id\">$tags_str</span>";
  545. }
  546. $rv['content'] .= "</div>";
  547. /* buttons */
  548. $rv['content'] .= "<div class='buttons right'>";
  549. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ARTICLE_BUTTON) as $p) {
  550. $rv['content'] .= $p->hook_article_button($line);
  551. }
  552. $rv['content'] .= "</div>";
  553. $rv['content'] .= "</div>"; # row
  554. $rv['content'] .= "</div>"; # header
  555. /* note */
  556. $rv['content'] .= "<div id=\"POSTNOTE-$id\">";
  557. if ($line['note']) {
  558. $rv['content'] .= Article::format_article_note($id, $line['note'], !$zoom_mode);
  559. }
  560. $rv['content'] .= "</div>";
  561. /* content */
  562. $lang = $line['lang'] ? $line['lang'] : "en";
  563. $rv['content'] .= "<div class=\"content\" lang=\"$lang\">";
  564. /* originally from */
  565. if (!$zoom_mode && $line["orig_feed_id"]) {
  566. $of_sth = $pdo->prepare("SELECT * FROM ttrss_archived_feeds
  567. WHERE id = ? AND owner_uid = ?");
  568. $of_sth->execute([$line["orig_feed_id"], $owner_uid]);
  569. if ($tmp_line = $of_sth->fetch()) {
  570. $rv['content'] .= "<div clear='both'>";
  571. $rv['content'] .= __("Originally from:");
  572. $rv['content'] .= "&nbsp;";
  573. $rv['content'] .= "<a target='_blank' rel='noopener noreferrer'
  574. href=' " . htmlspecialchars($tmp_line['site_url']) . "'>" .
  575. $tmp_line['title'] . "</a>";
  576. $rv['content'] .= "&nbsp;";
  577. $rv['content'] .= "<a target='_blank' rel='noopener noreferrer' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>";
  578. $rv['content'] .= "</div>";
  579. }
  580. }
  581. /* content body */
  582. $rv['content'] .= $line["content"];
  583. if (!$zoom_mode) {
  584. $rv['content'] .= Article::format_article_enclosures($id,
  585. $line["always_display_enclosures"],
  586. $line["content"],
  587. $line["hide_images"]);
  588. }
  589. $rv['content'] .= "</div>"; # content
  590. $rv['content'] .= "</div>"; # post
  591. }
  592. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_FORMAT_ARTICLE) as $p) {
  593. $rv['content'] = $p->hook_format_article($rv['content'], $line, $zoom_mode);
  594. }
  595. return $rv;
  596. }
  597. static function get_article_tags($id, $owner_uid = 0, $tag_cache = false) {
  598. $a_id = $id;
  599. if (!$owner_uid) $owner_uid = $_SESSION["uid"];
  600. $pdo = Db::pdo();
  601. $sth = $pdo->prepare("SELECT DISTINCT tag_name,
  602. owner_uid as owner FROM ttrss_tags
  603. WHERE post_int_id = (SELECT int_id FROM ttrss_user_entries WHERE
  604. ref_id = ? AND owner_uid = ? LIMIT 1) ORDER BY tag_name");
  605. $tags = array();
  606. /* check cache first */
  607. if ($tag_cache === false) {
  608. $csth = $pdo->prepare("SELECT tag_cache FROM ttrss_user_entries
  609. WHERE ref_id = ? AND owner_uid = ?");
  610. $csth->execute([$id, $owner_uid]);
  611. if ($row = $csth->fetch()) $tag_cache = $row["tag_cache"];
  612. }
  613. if ($tag_cache) {
  614. $tags = explode(",", $tag_cache);
  615. } else {
  616. /* do it the hard way */
  617. $sth->execute([$a_id, $owner_uid]);
  618. while ($tmp_line = $sth->fetch()) {
  619. array_push($tags, $tmp_line["tag_name"]);
  620. }
  621. /* update the cache */
  622. $tags_str = join(",", $tags);
  623. $sth = $pdo->prepare("UPDATE ttrss_user_entries
  624. SET tag_cache = ? WHERE ref_id = ?
  625. AND owner_uid = ?");
  626. $sth->execute([$tags_str, $id, $owner_uid]);
  627. }
  628. return $tags;
  629. }
  630. static function format_tags_string($tags) {
  631. if (!is_array($tags) || count($tags) == 0) {
  632. return __("no tags");
  633. } else {
  634. $maxtags = min(5, count($tags));
  635. $tags_str = "";
  636. for ($i = 0; $i < $maxtags; $i++) {
  637. $tags_str .= "<a class=\"tag\" href=\"#\" onclick=\"Feeds.open({feed:'".$tags[$i]."'})\">" . $tags[$i] . "</a>, ";
  638. }
  639. $tags_str = mb_substr($tags_str, 0, mb_strlen($tags_str)-2);
  640. if (count($tags) > $maxtags)
  641. $tags_str .= ", &hellip;";
  642. return $tags_str;
  643. }
  644. }
  645. static function format_article_labels($labels) {
  646. if (!is_array($labels)) return '';
  647. $labels_str = "";
  648. foreach ($labels as $l) {
  649. $labels_str .= sprintf("<span class='hlLabelRef'
  650. style='color : %s; background-color : %s'>%s</span>",
  651. $l[2], $l[3], $l[1]);
  652. }
  653. return $labels_str;
  654. }
  655. static function format_article_note($id, $note, $allow_edit = true) {
  656. if ($allow_edit) {
  657. $onclick = "onclick='Plugins.Note.edit($id)'";
  658. $note_class = 'editable';
  659. } else {
  660. $onclick = '';
  661. $note_class = '';
  662. }
  663. return "<div class='article-note $note_class'>
  664. <i class='material-icons'>note</i>
  665. <div $onclick class='body'>$note</div>
  666. </div>";
  667. return $str;
  668. }
  669. static function get_article_enclosures($id) {
  670. $pdo = Db::pdo();
  671. $sth = $pdo->prepare("SELECT * FROM ttrss_enclosures
  672. WHERE post_id = ? AND content_url != ''");
  673. $sth->execute([$id]);
  674. $rv = array();
  675. while ($line = $sth->fetch()) {
  676. if (file_exists(CACHE_DIR . '/images/' . sha1($line["content_url"]))) {
  677. $line["content_url"] = get_self_url_prefix() . '/public.php?op=cached_url&hash=' . sha1($line["content_url"]);
  678. }
  679. array_push($rv, $line);
  680. }
  681. return $rv;
  682. }
  683. static function purge_orphans() {
  684. // purge orphaned posts in main content table
  685. if (DB_TYPE == "mysql")
  686. $limit_qpart = "LIMIT 5000";
  687. else
  688. $limit_qpart = "";
  689. $pdo = Db::pdo();
  690. $res = $pdo->query("DELETE FROM ttrss_entries WHERE
  691. NOT EXISTS (SELECT ref_id FROM ttrss_user_entries WHERE ref_id = id) $limit_qpart");
  692. if (Debug::enabled()) {
  693. $rows = $res->rowCount();
  694. Debug::log("Purged $rows orphaned posts.");
  695. }
  696. }
  697. static function catchupArticlesById($ids, $cmode, $owner_uid = false) {
  698. if (!$owner_uid) $owner_uid = $_SESSION["uid"];
  699. $pdo = Db::pdo();
  700. $ids_qmarks = arr_qmarks($ids);
  701. if ($cmode == 0) {
  702. $sth = $pdo->prepare("UPDATE ttrss_user_entries SET
  703. unread = false,last_read = NOW()
  704. WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
  705. } else if ($cmode == 1) {
  706. $sth = $pdo->prepare("UPDATE ttrss_user_entries SET
  707. unread = true
  708. WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
  709. } else {
  710. $sth = $pdo->prepare("UPDATE ttrss_user_entries SET
  711. unread = NOT unread,last_read = NOW()
  712. WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
  713. }
  714. $sth->execute(array_merge($ids, [$owner_uid]));
  715. /* update ccache */
  716. $sth = $pdo->prepare("SELECT DISTINCT feed_id FROM ttrss_user_entries
  717. WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
  718. $sth->execute(array_merge($ids, [$owner_uid]));
  719. while ($line = $sth->fetch()) {
  720. CCache::update($line["feed_id"], $owner_uid);
  721. }
  722. }
  723. static function getLastArticleId() {
  724. $pdo = DB::pdo();
  725. $sth = $pdo->prepare("SELECT ref_id AS id FROM ttrss_user_entries
  726. WHERE owner_uid = ? ORDER BY ref_id DESC LIMIT 1");
  727. $sth->execute([$_SESSION['uid']]);
  728. if ($row = $sth->fetch()) {
  729. return $row['id'];
  730. } else {
  731. return -1;
  732. }
  733. }
  734. static function get_article_labels($id, $owner_uid = false) {
  735. $rv = array();
  736. if (!$owner_uid) $owner_uid = $_SESSION["uid"];
  737. $pdo = Db::pdo();
  738. $sth = $pdo->prepare("SELECT label_cache FROM
  739. ttrss_user_entries WHERE ref_id = ? AND owner_uid = ?");
  740. $sth->execute([$id, $owner_uid]);
  741. if ($row = $sth->fetch()) {
  742. $label_cache = $row["label_cache"];
  743. if ($label_cache) {
  744. $tmp = json_decode($label_cache, true);
  745. if (!$tmp || $tmp["no-labels"] == 1)
  746. return $rv;
  747. else
  748. return $tmp;
  749. }
  750. }
  751. $sth = $pdo->prepare("SELECT DISTINCT label_id,caption,fg_color,bg_color
  752. FROM ttrss_labels2, ttrss_user_labels2
  753. WHERE id = label_id
  754. AND article_id = ?
  755. AND owner_uid = ?
  756. ORDER BY caption");
  757. $sth->execute([$id, $owner_uid]);
  758. while ($line = $sth->fetch()) {
  759. $rk = array(Labels::label_to_feed_id($line["label_id"]),
  760. $line["caption"], $line["fg_color"],
  761. $line["bg_color"]);
  762. array_push($rv, $rk);
  763. }
  764. if (count($rv) > 0)
  765. Labels::update_cache($owner_uid, $id, $rv);
  766. else
  767. Labels::update_cache($owner_uid, $id, array("no-labels" => 1));
  768. return $rv;
  769. }
  770. }