article.php 28 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054
  1. <?php
  2. class Article extends Handler_Protected {
  3. function csrf_ignore($method) {
  4. $csrf_ignored = array("redirect", "editarticletags");
  5. return array_search($method, $csrf_ignored) !== false;
  6. }
  7. function redirect() {
  8. $id = clean($_REQUEST['id']);
  9. $sth = $this->pdo->prepare("SELECT link FROM ttrss_entries, ttrss_user_entries
  10. WHERE id = ? AND id = ref_id AND owner_uid = ?
  11. LIMIT 1");
  12. $sth->execute([$id, $_SESSION['uid']]);
  13. if ($row = $sth->fetch()) {
  14. $article_url = $row['link'];
  15. $article_url = str_replace("\n", "", $article_url);
  16. header("Location: $article_url");
  17. return;
  18. } else {
  19. print_error(__("Article not found."));
  20. }
  21. }
  22. function view() {
  23. $id = clean($_REQUEST["id"]);
  24. $cids = explode(",", clean($_REQUEST["cids"]));
  25. $mode = clean($_REQUEST["mode"]);
  26. // in prefetch mode we only output requested cids, main article
  27. // just gets marked as read (it already exists in client cache)
  28. $articles = array();
  29. if ($mode == "") {
  30. array_push($articles, $this->format_article($id, false));
  31. } else if ($mode == "zoom") {
  32. array_push($articles, $this->format_article($id, true, true));
  33. } else if ($mode == "raw") {
  34. if (isset($_REQUEST['html'])) {
  35. header("Content-Type: text/html");
  36. print '<link rel="stylesheet" type="text/css" href="css/default.css"/>';
  37. }
  38. $article = $this->format_article($id, false, isset($_REQUEST["zoom"]));
  39. print $article['content'];
  40. return;
  41. }
  42. $this->catchupArticleById($id, 0);
  43. if (!$_SESSION["bw_limit"]) {
  44. foreach ($cids as $cid) {
  45. if ($cid) {
  46. array_push($articles, $this->format_article($cid, false, false));
  47. }
  48. }
  49. }
  50. print json_encode($articles);
  51. }
  52. private function catchupArticleById($id, $cmode) {
  53. if ($cmode == 0) {
  54. $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
  55. unread = false,last_read = NOW()
  56. WHERE ref_id = ? AND owner_uid = ?");
  57. } else if ($cmode == 1) {
  58. $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
  59. unread = true
  60. WHERE ref_id = ? AND owner_uid = ?");
  61. } else {
  62. $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
  63. unread = NOT unread,last_read = NOW()
  64. WHERE ref_id = ? AND owner_uid = ?");
  65. }
  66. $sth->execute([$id, $_SESSION['uid']]);
  67. $feed_id = $this->getArticleFeed($id);
  68. CCache::update($feed_id, $_SESSION["uid"]);
  69. }
  70. static function create_published_article($title, $url, $content, $labels_str,
  71. $owner_uid) {
  72. $guid = 'SHA1:' . sha1("ttshared:" . $url . $owner_uid); // include owner_uid to prevent global GUID clash
  73. if (!$content) {
  74. $pluginhost = new PluginHost();
  75. $pluginhost->load_all(PluginHost::KIND_ALL, $owner_uid);
  76. $pluginhost->load_data();
  77. $af_readability = $pluginhost->get_plugin("Af_Readability");
  78. if ($af_readability) {
  79. $enable_share_anything = $pluginhost->get($af_readability, "enable_share_anything");
  80. if ($enable_share_anything) {
  81. $extracted_content = $af_readability->extract_content($url);
  82. if ($extracted_content) $content = $extracted_content;
  83. }
  84. }
  85. }
  86. $content_hash = sha1($content);
  87. if ($labels_str != "") {
  88. $labels = explode(",", $labels_str);
  89. } else {
  90. $labels = array();
  91. }
  92. $rc = false;
  93. if (!$title) $title = $url;
  94. if (!$title && !$url) return false;
  95. if (filter_var($url, FILTER_VALIDATE_URL) === FALSE) return false;
  96. $pdo = Db::pdo();
  97. $pdo->beginTransaction();
  98. // only check for our user data here, others might have shared this with different content etc
  99. $sth = $pdo->prepare("SELECT id FROM ttrss_entries, ttrss_user_entries WHERE
  100. guid = ? AND ref_id = id AND owner_uid = ? LIMIT 1");
  101. $sth->execute([$guid, $owner_uid]);
  102. if ($row = $sth->fetch()) {
  103. $ref_id = $row['id'];
  104. $sth = $pdo->prepare("SELECT int_id FROM ttrss_user_entries WHERE
  105. ref_id = ? AND owner_uid = ? LIMIT 1");
  106. $sth->execute([$ref_id, $owner_uid]);
  107. if ($row = $sth->fetch()) {
  108. $int_id = $row['int_id'];
  109. $sth = $pdo->prepare("UPDATE ttrss_entries SET
  110. content = ?, content_hash = ? WHERE id = ?");
  111. $sth->execute([$content, $content_hash, $ref_id]);
  112. $sth = $pdo->prepare("UPDATE ttrss_user_entries SET published = true,
  113. last_published = NOW() WHERE
  114. int_id = ? AND owner_uid = ?");
  115. $sth->execute([$int_id, $owner_uid]);
  116. } else {
  117. $sth = $pdo->prepare("INSERT INTO ttrss_user_entries
  118. (ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache,
  119. last_read, note, unread, last_published)
  120. VALUES
  121. (?, '', NULL, NULL, ?, true, '', '', NOW(), '', false, NOW())");
  122. $sth->execute([$ref_id, $owner_uid]);
  123. }
  124. if (count($labels) != 0) {
  125. foreach ($labels as $label) {
  126. Labels::add_article($ref_id, trim($label), $owner_uid);
  127. }
  128. }
  129. $rc = true;
  130. } else {
  131. $sth = $pdo->prepare("INSERT INTO ttrss_entries
  132. (title, guid, link, updated, content, content_hash, date_entered, date_updated)
  133. VALUES
  134. (?, ?, ?, NOW(), ?, ?, NOW(), NOW())");
  135. $sth->execute([$title, $guid, $url, $content, $content_hash]);
  136. $sth = $pdo->prepare("SELECT id FROM ttrss_entries WHERE guid = ?");
  137. $sth->execute([$guid]);
  138. if ($row = $sth->fetch()) {
  139. $ref_id = $row["id"];
  140. $sth = $pdo->prepare("INSERT INTO ttrss_user_entries
  141. (ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache,
  142. last_read, note, unread, last_published)
  143. VALUES
  144. (?, '', NULL, NULL, ?, true, '', '', NOW(), '', false, NOW())");
  145. $sth->execute([$ref_id, $owner_uid]);
  146. if (count($labels) != 0) {
  147. foreach ($labels as $label) {
  148. Labels::add_article($ref_id, trim($label), $owner_uid);
  149. }
  150. }
  151. $rc = true;
  152. }
  153. }
  154. $pdo->commit();
  155. return $rc;
  156. }
  157. function editArticleTags() {
  158. print __("Tags for this article (separated by commas):")."<br>";
  159. $param = clean($_REQUEST['param']);
  160. $tags = Article::get_article_tags($param);
  161. $tags_str = join(", ", $tags);
  162. print_hidden("id", "$param");
  163. print_hidden("op", "article");
  164. print_hidden("method", "setArticleTags");
  165. print "<table width='100%'><tr><td>";
  166. print "<textarea dojoType=\"dijit.form.SimpleTextarea\" rows='4'
  167. style='height : 100px; font-size : 12px; width : 98%' id=\"tags_str\"
  168. name='tags_str'>$tags_str</textarea>
  169. <div class=\"autocomplete\" id=\"tags_choices\"
  170. style=\"display:none\"></div>";
  171. print "</td></tr></table>";
  172. print "<div class='dlgButtons'>";
  173. print "<button dojoType=\"dijit.form.Button\"
  174. onclick=\"dijit.byId('editTagsDlg').execute()\">".__('Save')."</button> ";
  175. print "<button dojoType=\"dijit.form.Button\"
  176. onclick=\"dijit.byId('editTagsDlg').hide()\">".__('Cancel')."</button>";
  177. print "</div>";
  178. }
  179. function setScore() {
  180. $ids = explode(",", clean($_REQUEST['id']));
  181. $score = (int)clean($_REQUEST['score']);
  182. $ids_qmarks = arr_qmarks($ids);
  183. $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
  184. score = ? WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
  185. $sth->execute(array_merge([$score], $ids, [$_SESSION['uid']]));
  186. print json_encode(array("id" => $ids,
  187. "score" => (int)$score,
  188. "score_pic" => get_score_pic($score)));
  189. }
  190. function getScore() {
  191. $id = clean($_REQUEST['id']);
  192. $sth = $this->pdo->prepare("SELECT score FROM ttrss_user_entries WHERE ref_id = ? AND owner_uid = ?");
  193. $sth->execute([$id, $_SESSION['uid']]);
  194. $row = $sth->fetch();
  195. $score = $row['score'];
  196. print json_encode(array("id" => $id,
  197. "score" => (int)$score,
  198. "score_pic" => get_score_pic($score)));
  199. }
  200. function setArticleTags() {
  201. $id = clean($_REQUEST["id"]);
  202. $tags_str = clean($_REQUEST["tags_str"]);
  203. $tags = array_unique(trim_array(explode(",", $tags_str)));
  204. $this->pdo->beginTransaction();
  205. $sth = $this->pdo->prepare("SELECT int_id FROM ttrss_user_entries WHERE
  206. ref_id = ? AND owner_uid = ? LIMIT 1");
  207. $sth->execute([$id, $_SESSION['uid']]);
  208. if ($row = $sth->fetch()) {
  209. $tags_to_cache = array();
  210. $int_id = $row['int_id'];
  211. $sth = $this->pdo->prepare("DELETE FROM ttrss_tags WHERE
  212. post_int_id = ? AND owner_uid = ?");
  213. $sth->execute([$int_id, $_SESSION['uid']]);
  214. foreach ($tags as $tag) {
  215. $tag = sanitize_tag($tag);
  216. if (!tag_is_valid($tag)) {
  217. continue;
  218. }
  219. if (preg_match("/^[0-9]*$/", $tag)) {
  220. continue;
  221. }
  222. // print "<!-- $id : $int_id : $tag -->";
  223. if ($tag != '') {
  224. $sth = $this->pdo->prepare("INSERT INTO ttrss_tags
  225. (post_int_id, owner_uid, tag_name)
  226. VALUES (?, ?, ?)");
  227. $sth->execute([$int_id, $_SESSION['uid'], $tag]);
  228. }
  229. array_push($tags_to_cache, $tag);
  230. }
  231. /* update tag cache */
  232. sort($tags_to_cache);
  233. $tags_str = join(",", $tags_to_cache);
  234. $sth = $this->pdo->prepare("UPDATE ttrss_user_entries
  235. SET tag_cache = ? WHERE ref_id = ? AND owner_uid = ?");
  236. $sth->execute([$tags_str, $id, $_SESSION['uid']]);
  237. }
  238. $this->pdo->commit();
  239. $tags = Article::get_article_tags($id);
  240. $tags_str = $this->format_tags_string($tags, $id);
  241. $tags_str_full = join(", ", $tags);
  242. if (!$tags_str_full) $tags_str_full = __("no tags");
  243. print json_encode(array("id" => (int)$id,
  244. "content" => $tags_str, "content_full" => $tags_str_full));
  245. }
  246. function completeTags() {
  247. $search = clean($_REQUEST["search"]);
  248. $sth = $this->pdo->prepare("SELECT DISTINCT tag_name FROM ttrss_tags
  249. WHERE owner_uid = ? AND
  250. tag_name LIKE ? ORDER BY tag_name
  251. LIMIT 10");
  252. $sth->execute([$_SESSION['uid'], "$search%"]);
  253. print "<ul>";
  254. while ($line = $sth->fetch()) {
  255. print "<li>" . $line["tag_name"] . "</li>";
  256. }
  257. print "</ul>";
  258. }
  259. function assigntolabel() {
  260. return $this->labelops(true);
  261. }
  262. function removefromlabel() {
  263. return $this->labelops(false);
  264. }
  265. private function labelops($assign) {
  266. $reply = array();
  267. $ids = explode(",", clean($_REQUEST["ids"]));
  268. $label_id = clean($_REQUEST["lid"]);
  269. $label = Labels::find_caption($label_id, $_SESSION["uid"]);
  270. $reply["info-for-headlines"] = array();
  271. if ($label) {
  272. foreach ($ids as $id) {
  273. if ($assign)
  274. Labels::add_article($id, $label, $_SESSION["uid"]);
  275. else
  276. Labels::remove_article($id, $label, $_SESSION["uid"]);
  277. $labels = $this->get_article_labels($id, $_SESSION["uid"]);
  278. array_push($reply["info-for-headlines"],
  279. array("id" => $id, "labels" => $this->format_article_labels($labels)));
  280. }
  281. }
  282. $reply["message"] = "UPDATE_COUNTERS";
  283. print json_encode($reply);
  284. }
  285. function getArticleFeed($id) {
  286. $sth = $this->pdo->prepare("SELECT feed_id FROM ttrss_user_entries
  287. WHERE ref_id = ? AND owner_uid = ?");
  288. $sth->execute([$id, $_SESSION['uid']]);
  289. if ($row = $sth->fetch()) {
  290. return $row["feed_id"];
  291. } else {
  292. return 0;
  293. }
  294. }
  295. static function format_article_enclosures($id, $always_display_enclosures,
  296. $article_content, $hide_images = false) {
  297. $result = Article::get_article_enclosures($id);
  298. $rv = '';
  299. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_FORMAT_ENCLOSURES) as $plugin) {
  300. $retval = $plugin->hook_format_enclosures($rv, $result, $id, $always_display_enclosures, $article_content, $hide_images);
  301. if (is_array($retval)) {
  302. $rv = $retval[0];
  303. $result = $retval[1];
  304. } else {
  305. $rv = $retval;
  306. }
  307. }
  308. unset($retval); // Unset to prevent breaking render if there are no HOOK_RENDER_ENCLOSURE hooks below.
  309. if ($rv === '' && !empty($result)) {
  310. $entries_html = array();
  311. $entries = array();
  312. $entries_inline = array();
  313. foreach ($result as $line) {
  314. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ENCLOSURE_ENTRY) as $plugin) {
  315. $line = $plugin->hook_enclosure_entry($line);
  316. }
  317. $url = $line["content_url"];
  318. $ctype = $line["content_type"];
  319. $title = $line["title"];
  320. $width = $line["width"];
  321. $height = $line["height"];
  322. if (!$ctype) $ctype = __("unknown type");
  323. //$filename = substr($url, strrpos($url, "/")+1);
  324. $filename = basename($url);
  325. $player = format_inline_player($url, $ctype);
  326. if ($player) array_push($entries_inline, $player);
  327. # $entry .= " <a target=\"_blank\" href=\"" . htmlspecialchars($url) . "\" rel=\"noopener noreferrer\">" .
  328. # $filename . " (" . $ctype . ")" . "</a>";
  329. $entry = "<div onclick=\"openUrlPopup('".htmlspecialchars($url)."')\"
  330. dojoType=\"dijit.MenuItem\">$filename ($ctype)</div>";
  331. array_push($entries_html, $entry);
  332. $entry = array();
  333. $entry["type"] = $ctype;
  334. $entry["filename"] = $filename;
  335. $entry["url"] = $url;
  336. $entry["title"] = $title;
  337. $entry["width"] = $width;
  338. $entry["height"] = $height;
  339. array_push($entries, $entry);
  340. }
  341. if ($_SESSION['uid'] && !get_pref("STRIP_IMAGES") && !$_SESSION["bw_limit"]) {
  342. if ($always_display_enclosures ||
  343. !preg_match("/<img/i", $article_content)) {
  344. foreach ($entries as $entry) {
  345. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_RENDER_ENCLOSURE) as $plugin)
  346. $retval = $plugin->hook_render_enclosure($entry, $hide_images);
  347. if ($retval) {
  348. $rv .= $retval;
  349. } else {
  350. if (preg_match("/image/", $entry["type"])) {
  351. if (!$hide_images) {
  352. $encsize = '';
  353. if ($entry['height'] > 0)
  354. $encsize .= ' height="' . intval($entry['height']) . '"';
  355. if ($entry['width'] > 0)
  356. $encsize .= ' width="' . intval($entry['width']) . '"';
  357. $rv .= "<p><img
  358. alt=\"".htmlspecialchars($entry["filename"])."\"
  359. src=\"" .htmlspecialchars($entry["url"]) . "\"
  360. " . $encsize . " /></p>";
  361. } else {
  362. $rv .= "<p><a target=\"_blank\" rel=\"noopener noreferrer\"
  363. href=\"".htmlspecialchars($entry["url"])."\"
  364. >" .htmlspecialchars($entry["url"]) . "</a></p>";
  365. }
  366. if ($entry['title']) {
  367. $rv.= "<div class=\"enclosure_title\">${entry['title']}</div>";
  368. }
  369. }
  370. }
  371. }
  372. }
  373. }
  374. if (count($entries_inline) > 0) {
  375. $rv .= "<hr clear='both'/>";
  376. foreach ($entries_inline as $entry) { $rv .= $entry; };
  377. $rv .= "<hr clear='both'/>";
  378. }
  379. $rv .= "<div class=\"attachments\" dojoType=\"dijit.form.DropDownButton\">".
  380. "<span>" . __('Attachments')."</span>";
  381. $rv .= "<div dojoType=\"dijit.Menu\" style=\"display: none;\">";
  382. foreach ($entries as $entry) {
  383. if ($entry["title"])
  384. $title = " &mdash; " . truncate_string($entry["title"], 30);
  385. else
  386. $title = "";
  387. if ($entry["filename"])
  388. $filename = truncate_middle(htmlspecialchars($entry["filename"]), 60);
  389. else
  390. $filename = "";
  391. $rv .= "<div onclick='openUrlPopup(\"".htmlspecialchars($entry["url"])."\")'
  392. dojoType=\"dijit.MenuItem\">".$filename . $title."</div>";
  393. };
  394. $rv .= "</div>";
  395. $rv .= "</div>";
  396. }
  397. return $rv;
  398. }
  399. static function format_article($id, $mark_as_read = true, $zoom_mode = false, $owner_uid = false) {
  400. if (!$owner_uid) $owner_uid = $_SESSION["uid"];
  401. $rv = array();
  402. $rv['id'] = $id;
  403. /* we can figure out feed_id from article id anyway, why do we
  404. * pass feed_id here? let's ignore the argument :(*/
  405. $pdo = Db::pdo();
  406. $sth = $pdo->prepare("SELECT feed_id FROM ttrss_user_entries
  407. WHERE ref_id = ?");
  408. $sth->execute([$id]);
  409. $row = $sth->fetch();
  410. $feed_id = (int) $row["feed_id"];
  411. $rv['feed_id'] = $feed_id;
  412. //if (!$zoom_mode) { print "<article id='$id'><![CDATA["; };
  413. if ($mark_as_read) {
  414. $sth = $pdo->prepare("UPDATE ttrss_user_entries
  415. SET unread = false,last_read = NOW()
  416. WHERE ref_id = ? AND owner_uid = ?");
  417. $sth->execute([$id, $owner_uid]);
  418. CCache::update($feed_id, $owner_uid);
  419. }
  420. $sth = $pdo->prepare("SELECT id,title,link,content,feed_id,comments,int_id,lang,
  421. ".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
  422. (SELECT site_url FROM ttrss_feeds WHERE id = feed_id) as site_url,
  423. (SELECT title FROM ttrss_feeds WHERE id = feed_id) as feed_title,
  424. (SELECT hide_images FROM ttrss_feeds WHERE id = feed_id) as hide_images,
  425. (SELECT always_display_enclosures FROM ttrss_feeds WHERE id = feed_id) as always_display_enclosures,
  426. num_comments,
  427. tag_cache,
  428. author,
  429. guid,
  430. orig_feed_id,
  431. note
  432. FROM ttrss_entries,ttrss_user_entries
  433. WHERE id = ? AND ref_id = id AND owner_uid = ?");
  434. $sth->execute([$id, $owner_uid]);
  435. if ($line = $sth->fetch()) {
  436. $line["tags"] = Article::get_article_tags($id, $owner_uid, $line["tag_cache"]);
  437. unset($line["tag_cache"]);
  438. $line["content"] = sanitize($line["content"],
  439. $line['hide_images'],
  440. $owner_uid, $line["site_url"], false, $line["id"]);
  441. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_RENDER_ARTICLE) as $p) {
  442. $line = $p->hook_render_article($line);
  443. }
  444. $line['content'] = rewrite_cached_urls($line['content']);
  445. $num_comments = (int) $line["num_comments"];
  446. $entry_comments = "";
  447. if ($num_comments > 0) {
  448. if ($line["comments"]) {
  449. $comments_url = htmlspecialchars($line["comments"]);
  450. } else {
  451. $comments_url = htmlspecialchars($line["link"]);
  452. }
  453. $entry_comments = "<a class=\"comments\"
  454. target='_blank' rel=\"noopener noreferrer\" href=\"$comments_url\">$num_comments ".
  455. _ngettext("comment", "comments", $num_comments)."</a>";
  456. } else {
  457. if ($line["comments"] && $line["link"] != $line["comments"]) {
  458. $entry_comments = "<a class=\"comments\" target='_blank' rel=\"noopener noreferrer\" href=\"".htmlspecialchars($line["comments"])."\">".__("comments")."</a>";
  459. }
  460. }
  461. $enclosures = self::get_article_enclosures($line["id"]);
  462. if ($zoom_mode) {
  463. header("Content-Type: text/html");
  464. $rv['content'] .= "<!DOCTYPE html>
  465. <html><head>
  466. <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>
  467. <title>".$line["title"]."</title>".
  468. stylesheet_tag("css/default.css")."
  469. <link rel=\"shortcut icon\" type=\"image/png\" href=\"images/favicon.png\">
  470. <link rel=\"icon\" type=\"image/png\" sizes=\"72x72\" href=\"images/favicon-72px.png\">";
  471. $rv['content'] .= "<meta property=\"og:title\" content=\"".htmlspecialchars($line["title"])."\"/>\n";
  472. $rv['content'] .= "<meta property=\"og:site_name\" content=\"".htmlspecialchars($line["feed_title"])."\"/>\n";
  473. $rv['content'] .= "<meta property=\"og:description\" content=\"".
  474. htmlspecialchars(truncate_string(strip_tags($line["content"]), 500, "..."))."\"/>\n";
  475. $rv['content'] .= "</head>";
  476. $og_image = false;
  477. foreach ($enclosures as $enc) {
  478. if (strpos($enc["content_type"], "image/") !== FALSE) {
  479. $og_image = $enc["content_url"];
  480. break;
  481. }
  482. }
  483. if (!$og_image) {
  484. $tmpdoc = new DOMDocument();
  485. if (@$tmpdoc->loadHTML(mb_substr($line["content"], 0, 131070))) {
  486. $tmpxpath = new DOMXPath($tmpdoc);
  487. $first_img = $tmpxpath->query("//img")->item(0);
  488. if ($first_img) {
  489. $og_image = $first_img->getAttribute("src");
  490. }
  491. }
  492. }
  493. if ($og_image) {
  494. $rv['content'] .= "<meta property=\"og:image\" content=\"" . htmlspecialchars($og_image) . "\"/>";
  495. }
  496. $rv['content'] .= "<body class=\"claro ttrss_utility ttrss_zoom\">";
  497. }
  498. $rv['content'] .= "<div class=\"post\" id=\"POST-$id\">";
  499. $rv['content'] .= "<div class=\"header\">";
  500. $entry_author = $line["author"];
  501. if ($entry_author) {
  502. $entry_author = __(" - ") . $entry_author;
  503. }
  504. $parsed_updated = make_local_datetime($line["updated"], true,
  505. $owner_uid, true);
  506. if (!$zoom_mode)
  507. $rv['content'] .= "<div class=\"date\">$parsed_updated</div>";
  508. if ($line["link"]) {
  509. $rv['content'] .= "<div class='title'><a target='_blank' rel='noopener noreferrer'
  510. title=\"".htmlspecialchars($line['title'])."\"
  511. href=\"" .
  512. htmlspecialchars($line["link"]) . "\">" .
  513. $line["title"] . "</a>" .
  514. "<span class='author'>$entry_author</span></div>";
  515. } else {
  516. $rv['content'] .= "<div class='title'>" . $line["title"] . "$entry_author</div>";
  517. }
  518. if ($zoom_mode) {
  519. $feed_title = htmlspecialchars($line["feed_title"]);
  520. $rv['content'] .= "<div class=\"feed-title\">$feed_title</div>";
  521. $rv['content'] .= "<div class=\"date\">$parsed_updated</div>";
  522. }
  523. $tags_str = Article::format_tags_string($line["tags"], $id);
  524. $tags_str_full = join(", ", $line["tags"]);
  525. if (!$tags_str_full) $tags_str_full = __("no tags");
  526. if (!$entry_comments) $entry_comments = "&nbsp;"; # placeholder
  527. $rv['content'] .= "<div class='tags' style='float : right'>
  528. <img src='images/tag.png'
  529. class='tagsPic' alt='Tags' title='Tags'>&nbsp;";
  530. if (!$zoom_mode) {
  531. $rv['content'] .= "<span id=\"ATSTR-$id\">$tags_str</span>
  532. <a title=\"".__('Edit tags for this article')."\"
  533. href=\"#\" onclick=\"editArticleTags($id, $feed_id)\">(+)</a>";
  534. $rv['content'] .= "<div dojoType=\"dijit.Tooltip\"
  535. id=\"ATSTRTIP-$id\" connectId=\"ATSTR-$id\"
  536. position=\"below\">$tags_str_full</div>";
  537. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ARTICLE_BUTTON) as $p) {
  538. $rv['content'] .= $p->hook_article_button($line);
  539. }
  540. } else {
  541. $tags_str = strip_tags($tags_str);
  542. $rv['content'] .= "<span id=\"ATSTR-$id\">$tags_str</span>";
  543. }
  544. $rv['content'] .= "</div>";
  545. $rv['content'] .= "<div clear='both'>";
  546. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ARTICLE_LEFT_BUTTON) as $p) {
  547. $rv['content'] .= $p->hook_article_left_button($line);
  548. }
  549. $rv['content'] .= "$entry_comments</div>";
  550. if ($line["orig_feed_id"]) {
  551. $of_sth = $pdo->prepare("SELECT * FROM ttrss_archived_feeds
  552. WHERE id = ? AND owner_uid = ?");
  553. $of_sth->execute([$line["orig_feed_id"], $owner_uid]);
  554. if ($tmp_line = $of_sth->fetch()) {
  555. $rv['content'] .= "<div clear='both'>";
  556. $rv['content'] .= __("Originally from:");
  557. $rv['content'] .= "&nbsp;";
  558. $rv['content'] .= "<a target='_blank' rel='noopener noreferrer'
  559. href=' " . htmlspecialchars($tmp_line['site_url']) . "'>" .
  560. $tmp_line['title'] . "</a>";
  561. $rv['content'] .= "&nbsp;";
  562. $rv['content'] .= "<a target='_blank' rel='noopener noreferrer' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>";
  563. $rv['content'] .= "<img title='".__('Feed URL')."' class='tinyFeedIcon' src='images/pub_set.png'></a>";
  564. $rv['content'] .= "</div>";
  565. }
  566. }
  567. $rv['content'] .= "</div>";
  568. $rv['content'] .= "<div id=\"POSTNOTE-$id\">";
  569. if ($line['note']) {
  570. $rv['content'] .= Article::format_article_note($id, $line['note'], !$zoom_mode);
  571. }
  572. $rv['content'] .= "</div>";
  573. if (!$line['lang']) $line['lang'] = 'en';
  574. $rv['content'] .= "<div class=\"content\" lang=\"".$line['lang']."\">";
  575. $rv['content'] .= $line["content"];
  576. if (!$zoom_mode) {
  577. $rv['content'] .= Article::format_article_enclosures($id,
  578. $line["always_display_enclosures"],
  579. $line["content"],
  580. $line["hide_images"]);
  581. }
  582. $rv['content'] .= "</div>";
  583. $rv['content'] .= "</div>";
  584. }
  585. if ($zoom_mode) {
  586. $rv['content'] .= "
  587. <div class='footer'>
  588. <button onclick=\"return window.close()\">".
  589. __("Close this window")."</button></div>";
  590. $rv['content'] .= "</body></html>";
  591. }
  592. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_FORMAT_ARTICLE) as $p) {
  593. $rv['content'] = $p->hook_format_article($rv['content'], $line, $zoom_mode);
  594. }
  595. return $rv;
  596. }
  597. static function get_article_tags($id, $owner_uid = 0, $tag_cache = false) {
  598. $a_id = $id;
  599. if (!$owner_uid) $owner_uid = $_SESSION["uid"];
  600. $pdo = Db::pdo();
  601. $sth = $pdo->prepare("SELECT DISTINCT tag_name,
  602. owner_uid as owner FROM ttrss_tags
  603. WHERE post_int_id = (SELECT int_id FROM ttrss_user_entries WHERE
  604. ref_id = ? AND owner_uid = ? LIMIT 1) ORDER BY tag_name");
  605. $tags = array();
  606. /* check cache first */
  607. if ($tag_cache === false) {
  608. $csth = $pdo->prepare("SELECT tag_cache FROM ttrss_user_entries
  609. WHERE ref_id = ? AND owner_uid = ?");
  610. $csth->execute([$id, $owner_uid]);
  611. if ($row = $csth->fetch()) $tag_cache = $row["tag_cache"];
  612. }
  613. if ($tag_cache) {
  614. $tags = explode(",", $tag_cache);
  615. } else {
  616. /* do it the hard way */
  617. $sth->execute([$a_id, $owner_uid]);
  618. while ($tmp_line = $sth->fetch()) {
  619. array_push($tags, $tmp_line["tag_name"]);
  620. }
  621. /* update the cache */
  622. $tags_str = join(",", $tags);
  623. $sth = $pdo->prepare("UPDATE ttrss_user_entries
  624. SET tag_cache = ? WHERE ref_id = ?
  625. AND owner_uid = ?");
  626. $sth->execute([$tags_str, $id, $owner_uid]);
  627. }
  628. return $tags;
  629. }
  630. static function format_tags_string($tags) {
  631. if (!is_array($tags) || count($tags) == 0) {
  632. return __("no tags");
  633. } else {
  634. $maxtags = min(5, count($tags));
  635. $tags_str = "";
  636. for ($i = 0; $i < $maxtags; $i++) {
  637. $tags_str .= "<a class=\"tag\" href=\"#\" onclick=\"viewfeed({feed:'".$tags[$i]."'})\">" . $tags[$i] . "</a>, ";
  638. }
  639. $tags_str = mb_substr($tags_str, 0, mb_strlen($tags_str)-2);
  640. if (count($tags) > $maxtags)
  641. $tags_str .= ", &hellip;";
  642. return $tags_str;
  643. }
  644. }
  645. static function format_article_labels($labels) {
  646. if (!is_array($labels)) return '';
  647. $labels_str = "";
  648. foreach ($labels as $l) {
  649. $labels_str .= sprintf("<span class='hlLabelRef'
  650. style='color : %s; background-color : %s'>%s</span>",
  651. $l[2], $l[3], $l[1]);
  652. }
  653. return $labels_str;
  654. }
  655. static function format_article_note($id, $note, $allow_edit = true) {
  656. $str = "<div class='articleNote' onclick=\"editArticleNote($id)\">
  657. <div class='noteEdit' onclick=\"editArticleNote($id)\">".
  658. ($allow_edit ? __('(edit note)') : "")."</div>$note</div>";
  659. return $str;
  660. }
  661. static function get_article_enclosures($id) {
  662. $pdo = Db::pdo();
  663. $sth = $pdo->prepare("SELECT * FROM ttrss_enclosures
  664. WHERE post_id = ? AND content_url != ''");
  665. $sth->execute([$id]);
  666. $rv = array();
  667. while ($line = $sth->fetch()) {
  668. if (file_exists(CACHE_DIR . '/images/' . sha1($line["content_url"]))) {
  669. $line["content_url"] = get_self_url_prefix() . '/public.php?op=cached_url&hash=' . sha1($line["content_url"]);
  670. }
  671. array_push($rv, $line);
  672. }
  673. return $rv;
  674. }
  675. static function purge_orphans() {
  676. // purge orphaned posts in main content table
  677. if (DB_TYPE == "mysql")
  678. $limit_qpart = "LIMIT 5000";
  679. else
  680. $limit_qpart = "";
  681. $pdo = Db::pdo();
  682. $res = $pdo->query("DELETE FROM ttrss_entries WHERE
  683. NOT EXISTS (SELECT ref_id FROM ttrss_user_entries WHERE ref_id = id) $limit_qpart");
  684. if (Debug::enabled()) {
  685. $rows = $res->rowCount();
  686. Debug::log("Purged $rows orphaned posts.");
  687. }
  688. }
  689. static function catchupArticlesById($ids, $cmode, $owner_uid = false) {
  690. if (!$owner_uid) $owner_uid = $_SESSION["uid"];
  691. $pdo = Db::pdo();
  692. $ids_qmarks = arr_qmarks($ids);
  693. if ($cmode == 0) {
  694. $sth = $pdo->prepare("UPDATE ttrss_user_entries SET
  695. unread = false,last_read = NOW()
  696. WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
  697. } else if ($cmode == 1) {
  698. $sth = $pdo->prepare("UPDATE ttrss_user_entries SET
  699. unread = true
  700. WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
  701. } else {
  702. $sth = $pdo->prepare("UPDATE ttrss_user_entries SET
  703. unread = NOT unread,last_read = NOW()
  704. WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
  705. }
  706. $sth->execute(array_merge($ids, [$owner_uid]));
  707. /* update ccache */
  708. $sth = $pdo->prepare("SELECT DISTINCT feed_id FROM ttrss_user_entries
  709. WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
  710. $sth->execute(array_merge($ids, [$owner_uid]));
  711. while ($line = $sth->fetch()) {
  712. CCache::update($line["feed_id"], $owner_uid);
  713. }
  714. }
  715. static function getLastArticleId() {
  716. $pdo = DB::pdo();
  717. $sth = $pdo->prepare("SELECT ref_id AS id FROM ttrss_user_entries
  718. WHERE owner_uid = ? ORDER BY ref_id DESC LIMIT 1");
  719. $sth->execute([$_SESSION['uid']]);
  720. if ($row = $sth->fetch()) {
  721. return $row['id'];
  722. } else {
  723. return -1;
  724. }
  725. }
  726. static function get_article_labels($id, $owner_uid = false) {
  727. $rv = array();
  728. if (!$owner_uid) $owner_uid = $_SESSION["uid"];
  729. $pdo = Db::pdo();
  730. $sth = $pdo->prepare("SELECT label_cache FROM
  731. ttrss_user_entries WHERE ref_id = ? AND owner_uid = ?");
  732. $sth->execute([$id, $owner_uid]);
  733. if ($row = $sth->fetch()) {
  734. $label_cache = $row["label_cache"];
  735. if ($label_cache) {
  736. $tmp = json_decode($label_cache, true);
  737. if (!$tmp || $tmp["no-labels"] == 1)
  738. return $rv;
  739. else
  740. return $tmp;
  741. }
  742. }
  743. $sth = $pdo->prepare("SELECT DISTINCT label_id,caption,fg_color,bg_color
  744. FROM ttrss_labels2, ttrss_user_labels2
  745. WHERE id = label_id
  746. AND article_id = ?
  747. AND owner_uid = ?
  748. ORDER BY caption");
  749. $sth->execute([$id, $owner_uid]);
  750. while ($line = $sth->fetch()) {
  751. $rk = array(Labels::label_to_feed_id($line["label_id"]),
  752. $line["caption"], $line["fg_color"],
  753. $line["bg_color"]);
  754. array_push($rv, $rk);
  755. }
  756. if (count($rv) > 0)
  757. Labels::update_cache($owner_uid, $id, $rv);
  758. else
  759. Labels::update_cache($owner_uid, $id, array("no-labels" => 1));
  760. return $rv;
  761. }
  762. }