diff options
| author | Andrew Dolgov <[email protected]> | 2011-11-15 11:40:57 +0400 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2011-11-15 11:40:57 +0400 |
| commit | e0d91d846dd5ac42a95a0832777cc76aaf579bc2 (patch) | |
| tree | 5568c9cd6ad6d569cd7c15efb1c2c1d15e1e210c /functions.php | |
| parent | 507426ef6e5c5921d68a20390fa4d7c32a23d780 (diff) | |
experimental split of public calls into public.php (refs #389)
Diffstat (limited to 'functions.php')
| -rw-r--r-- | functions.php | 235 |
1 files changed, 229 insertions, 6 deletions
diff --git a/functions.php b/functions.php index 0dd9ccab3..83159e62c 100644 --- a/functions.php +++ b/functions.php @@ -840,7 +840,7 @@ !ini_get("open_basedir")) { $callback_url = get_self_url_prefix() . - "/backend.php?op=pubsub&id=$feed"; + "/public.php?op=pubsub&id=$feed"; $s = new Subscriber($feed_hub_url, $callback_url); @@ -1284,7 +1284,7 @@ if (PUBSUBHUBBUB_HUB && $published == 'true') { $rss_link = get_self_url_prefix() . - "/backend.php?op=rss&id=-2&key=" . + "/public.php?op=rss&id=-2&key=" . get_feed_access_key($link, -2, false, $owner_uid); $p = new Publisher(PUBSUBHUBBUB_HUB); @@ -3830,7 +3830,7 @@ $last_error = $qfh_ret[3]; $feed_self_url = get_self_url_prefix() . - "/backend.php?op=rss&id=-2&key=" . + "/public.php?op=rss&id=-2&key=" . get_feed_access_key($link, -2, false); if (!$feed_site_url) $feed_site_url = get_self_url_prefix(); @@ -4239,7 +4239,7 @@ if (PUBSUBHUBBUB_HUB) { $rss_link = get_self_url_prefix() . - "/backend.php?op=rss&id=-2&key=" . + "/public.php?op=rss&id=-2&key=" . get_feed_access_key($link, -2, false); $p = new Publisher(PUBSUBHUBBUB_HUB); @@ -4378,7 +4378,7 @@ } $rss_link = htmlspecialchars(get_self_url_prefix() . - "/backend.php?op=rss&id=$feed_id$cat_q$search_q"); + "/public.php?op=rss&id=$feed_id$cat_q$search_q"); $reply .= "<option value=\"0\" disabled=\"1\">".__('Feed:')."</option>"; @@ -7544,11 +7544,17 @@ _debug("Updating: " . $line['access_url'] . " ($id)"); - $fetch_url = $line['access_url'] . '/backend.php?op=fbexport'; + $fetch_url = $line['access_url'] . '/public.php?op=fbexport'; $post_query = 'key=' . $line['access_key']; $feeds = fetch_file_contents($fetch_url, false, false, false, $post_query); + // try doing it the old way + if (!$feeds) { + $fetch_url = $line['access_url'] . '/backend.php?op=fbexport'; + $feeds = fetch_file_contents($fetch_url, false, false, false, $post_query); + } + if ($feeds) { $feeds = json_decode($feeds, true); @@ -7598,6 +7604,223 @@ last_status_out = '$status', last_connected = NOW() WHERE id = '$id'"); } + } + + function handle_public_request($link, $op) { + switch ($op) { + + case "getUnread": + $login = db_escape_string($_REQUEST["login"]); + $fresh = $_REQUEST["fresh"] == "1"; + + $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'"); + + if (db_num_rows($result) == 1) { + $uid = db_fetch_result($result, 0, "id"); + + print getGlobalUnread($link, $uid); + + if ($fresh) { + print ";"; + print getFeedArticles($link, -3, false, true, $uid); + } + + } else { + print "-1;User not found"; + } + + break; // getUnread + + case "getProfiles": + $login = db_escape_string($_REQUEST["login"]); + $password = db_escape_string($_REQUEST["password"]); + + if (authenticate_user($link, $login, $password)) { + $result = db_query($link, "SELECT * FROM ttrss_settings_profiles + WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title"); + + print "<select style='width: 100%' name='profile'>"; + + print "<option value='0'>" . __("Default profile") . "</option>"; + + while ($line = db_fetch_assoc($result)) { + $id = $line["id"]; + $title = $line["title"]; + + print "<option value='$id'>$title</option>"; + } + + print "</select>"; + + $_SESSION = array(); + } + break; // getprofiles + + case "pubsub": + $mode = db_escape_string($_REQUEST['hub_mode']); + $feed_id = (int) db_escape_string($_REQUEST['id']); + $feed_url = db_escape_string($_REQUEST['hub_topic']); + + if (!PUBSUBHUBBUB_ENABLED) { + header('HTTP/1.0 404 Not Found'); + echo "404 Not found"; + return; + } + + // TODO: implement hub_verifytoken checking + + $result = db_query($link, "SELECT feed_url FROM ttrss_feeds + WHERE id = '$feed_id'"); + + if (db_num_rows($result) != 0) { + + $check_feed_url = db_fetch_result($result, 0, "feed_url"); + + if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) { + if ($mode == "subscribe") { + + db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 2 + WHERE id = '$feed_id'"); + + print $_REQUEST['hub_challenge']; + return; + + } else if ($mode == "unsubscribe") { + + db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 0 + WHERE id = '$feed_id'"); + + print $_REQUEST['hub_challenge']; + return; + + } else if (!$mode) { + + // Received update ping, schedule feed update. + //update_rss_feed($link, $feed_id, true, true); + + db_query($link, "UPDATE ttrss_feeds SET + last_update_started = '1970-01-01', + last_updated = '1970-01-01' WHERE id = '$feed_id' AND + owner_uid = ".$_SESSION["uid"]); + + } + } else { + header('HTTP/1.0 404 Not Found'); + echo "404 Not found"; + } + } else { + header('HTTP/1.0 404 Not Found'); + echo "404 Not found"; + } + + break; // pubsub + + case "logout": + logout_user(); + header("Location: tt-rss.php"); + break; // logout + + case "fbexport": + + $access_key = db_escape_string($_POST["key"]); + + // TODO: rate limit checking using last_connected + $result = db_query($link, "SELECT id FROM ttrss_linked_instances + WHERE access_key = '$access_key'"); + + if (db_num_rows($result) == 1) { + + $instance_id = db_fetch_result($result, 0, "id"); + + $result = db_query($link, "SELECT feed_url, site_url, title, subscribers + FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100"); + + $feeds = array(); + + while ($line = db_fetch_assoc($result)) { + array_push($feeds, $line); + } + + db_query($link, "UPDATE ttrss_linked_instances SET + last_status_in = 1 WHERE id = '$instance_id'"); + + print json_encode(array("feeds" => $feeds)); + } else { + print json_encode(array("error" => array("code" => 6))); + } + break; // fbexport + + case "share": + $uuid = db_escape_string($_REQUEST["key"]); + + $result = db_query($link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE + uuid = '$uuid'"); + + if (db_num_rows($result) != 0) { + header("Content-Type: text/html"); + + $id = db_fetch_result($result, 0, "ref_id"); + $owner_uid = db_fetch_result($result, 0, "owner_uid"); + + $_SESSION["uid"] = $owner_uid; + $article = format_article($link, $id, false, true); + $_SESSION["uid"] = ""; + print_r($article['content']); + + } else { + print "Article not found."; + } + + break; + + case "rss": + $feed = db_escape_string($_REQUEST["id"]); + $key = db_escape_string($_REQUEST["key"]); + $is_cat = $_REQUEST["is_cat"] != false; + $limit = (int)db_escape_string($_REQUEST["limit"]); + + $search = db_escape_string($_REQUEST["q"]); + $match_on = db_escape_string($_REQUEST["m"]); + $search_mode = db_escape_string($_REQUEST["smode"]); + $view_mode = db_escape_string($_REQUEST["view-mode"]); + + if (SINGLE_USER_MODE) { + authenticate_user($link, "admin", null); + } + + $owner_id = false; + + if ($key) { + $result = db_query($link, "SELECT owner_uid FROM + ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'"); + + if (db_num_rows($result) == 1) + $owner_id = db_fetch_result($result, 0, "owner_uid"); + } + + if ($owner_id) { + $_SESSION['uid'] = $owner_id; + + generate_syndicated_feed($link, 0, $feed, $is_cat, $limit, + $search, $search_mode, $match_on, $view_mode); + } else { + header('HTTP/1.1 403 Forbidden'); + } + break; // rss + + + case "globalUpdateFeeds": + // Update all feeds needing a update. + update_daemon_common($link, 0, true, true); + break; // globalUpdateFeeds + + + default: + header("Content-Type: text/plain"); + print json_encode(array("error" => array("code" => 7))); + break; // fallback + + } } ?> |