123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277 |
- <?php
- require_once "config.php";
- header("Content-type: text/json");
- // let's not start a session if there's no cookie, login is impossible
- // via backend anyway
- if (!isset($_COOKIE['epube_sid'])) {
- header($_SERVER["SERVER_PROTOCOL"]." 402 Unauthorized");
- echo "Unauthorized";
- die;
- }
- require_once "sessions.php";
- require_once "db.php";
- @$owner = SQLite3::escapeString($_SESSION["owner"]);
- if (!$owner) {
- header($_SERVER["SERVER_PROTOCOL"]." 401 Unauthorized");
- echo "Unauthorized";
- die;
- }
- $op = $_REQUEST["op"];
- $ldb = Db::get();
- ob_start("ob_gzhandler");
- switch ($op) {
- case "cover":
- $id = (int) $_REQUEST["id"];
- $db = new SQLite3(CALIBRE_DB, SQLITE3_OPEN_READONLY);
- $result = $db->query("SELECT has_cover, path FROM books WHERE id = " . $id);
- while ($line = $result->fetchArray(SQLITE3_ASSOC)) {
- $filename = BOOKS_DIR . "/" . $line["path"] . "/" . "cover.jpg";
- if (file_exists($filename)) {
- $base_filename = basename($filename);
- header("Content-type: " . mime_content_type($filename));
- header('Cache-control: max-age= ' . (86400*24));
- readfile($filename);
- } else {
- header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found");
- echo "File not found.";
- }
- }
- break;
- case "getowner":
- $owner = SQLite3::escapeString($_SESSION["owner"]);;
- print json_encode(["owner" => $owner]);
- break;
- case "getinfo":
- $id = (int) $_REQUEST["id"];
- $db = new SQLite3(CALIBRE_DB, SQLITE3_OPEN_READONLY);
- $result = $db->query("SELECT books.*, s.name AS series_name,
- (SELECT text FROM comments WHERE book = books.id) AS comment,
- (SELECT id FROM data WHERE book = books.id AND format = 'EPUB' LIMIT 1) AS epub_id FROM books
- LEFT JOIN books_series_link AS bsl ON (bsl.book = books.id)
- LEFT JOIN series AS s ON (bsl.series = s.id)
- WHERE books.id = " . $id);
- if ($line = $result->fetchArray(SQLITE3_ASSOC)) {
- print json_encode($line);
- }
- break;
- case "togglefav":
- $id = (int) $_REQUEST["id"];
- $result = $ldb->query("SELECT id FROM epube_favorites WHERE bookid = '$id'
- AND owner = '$owner' LIMIT 1");
- $found_id = false;
- $status = -1;
- while ($line = $result->fetchArray(SQLITE3_ASSOC)) {
- $found_id = $line["id"];
- }
- if ($found_id) {
- $ldb->query("DELETE FROM epube_favorites WHERE id = " . $found_id);
- $status = 0;
- } else {
- $ldb->query("INSERT INTO epube_favorites (bookid, owner) VALUES ($id, '$owner')");
- $status = 1;
- }
- print json_encode(["id" => $id, "status" => $status]);
- case "download":
- $id = (int) $_REQUEST["id"];
- $db = new SQLite3(CALIBRE_DB, SQLITE3_OPEN_READONLY);
- $result = $db->query("SELECT path, name, format FROM data LEFT JOIN books ON (data.book = books.id) WHERE data.id = " . $id);
- while ($line = $result->fetchArray(SQLITE3_ASSOC)) {
- $filename = BOOKS_DIR . "/" . $line["path"] . "/" . $line["name"] . "." . strtolower($line["format"]);
- if (file_exists($filename)) {
- $base_filename = basename($filename);
- header("Content-type: " . mime_content_type($filename));
- header("Content-Disposition: attachment; filename=\"$base_filename\"");
- readfile($filename);
- } else {
- header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found");
- echo "File not found.";
- }
- }
- break;
- case "getpagination":
- $bookid = (int) $_REQUEST["id"];
- if ($bookid) {
- $result = $ldb->query("SELECT pagination FROM epube_pagination WHERE bookid = '$bookid' LIMIT 1");
- if ($line = $result->fetchArray()) {
- print $line["pagination"];
- } else {
- header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found");
- echo "File not found.";
- }
- }
- break;
- case "storepagination":
- $bookid = (int) $_REQUEST["id"];
- $payload = SQLite3::escapeString($_REQUEST["payload"]);
- $total_pages = (int) $_REQUEST["total"];
- if ($bookid && $payload && $total_pages) {
- $ldb->query("BEGIN");
- $result = $ldb->query("SELECT id FROM epube_pagination WHERE bookid = '$bookid' LIMIT 1");
- if ($line = $result->fetchArray()) {
- $id = $line["id"];
- $ldb->query("UPDATE epube_pagination SET pagination = '$payload',
- total_pages = '$total_pages' WHERE id = '$id'");
- } else {
- $ldb->query("INSERT INTO epube_pagination (bookid, pagination, total_pages) VALUES
- ('$bookid', '$payload', '$total_pages')");
- }
- $ldb->query("COMMIT");
- }
- break;
- case "getlastread":
- $bookid = (int) $_REQUEST["id"];
- $lastread = 0;
- $lastcfi = "";
- $totalpages = 0;
- if ($bookid) {
- $result = $ldb->query("SELECT b.lastread, b.lastcfi, p.total_pages FROM epube_books AS b, epube_pagination AS p
- WHERE b.bookid = p.bookid AND b.bookid = '$bookid' AND b.owner = '$owner' LIMIT 1");
- if ($line = $result->fetchArray()) {
- $lastread = (int) $line["lastread"];
- $lastcfi = $line["lastcfi"];
- $totalpages = (int) $line["total_pages"];
- }
- }
- print json_encode(["page" => $lastread, "cfi" => $lastcfi, "total" => $totalpages]);
- break;
- case "storelastread":
- $page = (int) $_REQUEST["page"];
- $bookid = (int) $_REQUEST["id"];
- $cfi = SQLite3::escapeString($_REQUEST["cfi"]);
- if ($page && $bookid) {
- $ldb->query("BEGIN");
- $result = $ldb->query("SELECT id, lastread, lastcfi FROM epube_books
- WHERE bookid = '$bookid' AND owner = '$owner' LIMIT 1");
- if ($line = $result->fetchArray()) {
- $id = $line["id"];
- $lastread = (int) $line["lastread"];
- if ($lastread < $page || $page == -1) {
- if ($page == -1) $page = 0;
- $ldb->query("UPDATE epube_books SET lastread = '$page', lastcfi = '$cfi' WHERE id = '$id'");
- }
- } else {
- $ldb->query("INSERT INTO epube_books (bookid, owner, lastread, lastcfi) VALUES
- ('$bookid', '$owner', '$page', '$cfi')");
- }
- $ldb->query("COMMIT");
- }
- print json_encode(["page" => $page, "cfi" => $cfi]);
- break;
- case "define":
- if (defined('DICT_ENABLED') && DICT_ENABLED) {
- $word = escapeshellarg($_REQUEST["word"]);
- exec(DICT_CLIENT . " -h ". DICT_SERVER ." $word 2>&1", $output, $rc);
- if ($rc == 0) {
- print json_encode(["result" => $output]);
- } else if ($rc == 21) {
- $word_matches = [];
- foreach ($output as $line) {
- if (preg_match('/^[^ ]+: *(.*)/', $line, $match)) {
- if ($match[1]) {
- $word_matches = explode(" ", $match[1]);
- break;
- }
- }
- }
- $word_matches = implode(" ", array_map("escapeshellarg", $word_matches));
- unset($output);
- exec(DICT_CLIENT . " -h ". DICT_SERVER ." $word_matches 2>&1", $output, $rc);
- if ($rc == 0) {
- print json_encode(["result" => $output]);
- }
- } else if ($rc == 20) {
- exec(DICT_CLIENT . " -s soundex -h ". DICT_SERVER ." $word 2>&1", $output, $rc);
- print json_encode(["result" => $output]);
- } else {
- print json_encode(["result" => $output]);
- }
- }
- break;
- default:
- header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found");
- echo "Method not found.";
- }
- ?>
|