diff options
56 files changed, 1399 insertions, 1399 deletions
diff --git a/classes/api.php b/classes/api.php index 10e511919..422fc5a1b 100644 --- a/classes/api.php +++ b/classes/api.php @@ -18,7 +18,7 @@ class API extends Handler { return false; } - if ($_SESSION["uid"] && $method != "logout" && !get_pref( 'ENABLE_API_ACCESS')) { + if ($_SESSION["uid"] && $method != "logout" && !get_pref('ENABLE_API_ACCESS')) { print $this->wrap(self::STATUS_ERR, array("error" => 'API_DISABLED')); return false; } @@ -50,13 +50,13 @@ class API extends Handler { @session_destroy(); @session_start(); - $login = db_escape_string( $_REQUEST["user"]); + $login = db_escape_string($_REQUEST["user"]); $password = $_REQUEST["password"]; $password_base64 = base64_decode($_REQUEST["password"]); if (SINGLE_USER_MODE) $login = "admin"; - $result = db_query( "SELECT id FROM ttrss_users WHERE login = '$login'"); + $result = db_query("SELECT id FROM ttrss_users WHERE login = '$login'"); if (db_num_rows($result) != 0) { $uid = db_fetch_result($result, 0, "id"); @@ -69,11 +69,11 @@ class API extends Handler { return; } - if (get_pref( "ENABLE_API_ACCESS", $uid)) { - if (authenticate_user( $login, $password)) { // try login with normal password + if (get_pref("ENABLE_API_ACCESS", $uid)) { + if (authenticate_user($login, $password)) { // try login with normal password print $this->wrap(self::STATUS_OK, array("session_id" => session_id(), "api_level" => self::API_LEVEL)); - } else if (authenticate_user( $login, $password_base64)) { // else try with base64_decoded password + } else if (authenticate_user($login, $password_base64)) { // else try with base64_decoded password print $this->wrap(self::STATUS_OK, array("session_id" => session_id(), "api_level" => self::API_LEVEL)); } else { // else we are not logged in @@ -95,11 +95,11 @@ class API extends Handler { } function getUnread() { - $feed_id = db_escape_string( $_REQUEST["feed_id"]); - $is_cat = db_escape_string( $_REQUEST["is_cat"]); + $feed_id = db_escape_string($_REQUEST["feed_id"]); + $is_cat = db_escape_string($_REQUEST["is_cat"]); if ($feed_id) { - print $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread( $feed_id, $is_cat))); + print $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($feed_id, $is_cat))); } else { print $this->wrap(self::STATUS_OK, array("unread" => getGlobalUnread())); } @@ -111,13 +111,13 @@ class API extends Handler { } function getFeeds() { - $cat_id = db_escape_string( $_REQUEST["cat_id"]); + $cat_id = db_escape_string($_REQUEST["cat_id"]); $unread_only = sql_bool_to_bool($_REQUEST["unread_only"]); - $limit = (int) db_escape_string( $_REQUEST["limit"]); - $offset = (int) db_escape_string( $_REQUEST["offset"]); + $limit = (int) db_escape_string($_REQUEST["limit"]); + $offset = (int) db_escape_string($_REQUEST["offset"]); $include_nested = sql_bool_to_bool($_REQUEST["include_nested"]); - $feeds = $this->api_get_feeds( $cat_id, $unread_only, $limit, $offset, $include_nested); + $feeds = $this->api_get_feeds($cat_id, $unread_only, $limit, $offset, $include_nested); print $this->wrap(self::STATUS_OK, $feeds); } @@ -134,7 +134,7 @@ class API extends Handler { else $nested_qpart = "true"; - $result = db_query( "SELECT + $result = db_query("SELECT id, title, order_id, (SELECT COUNT(id) FROM ttrss_feeds WHERE ttrss_feed_categories.id IS NOT NULL AND cat_id = ttrss_feed_categories.id) AS num_feeds, @@ -149,10 +149,10 @@ class API extends Handler { while ($line = db_fetch_assoc($result)) { if ($include_empty || $line["num_feeds"] > 0 || $line["num_cats"] > 0) { - $unread = getFeedUnread( $line["id"], true); + $unread = getFeedUnread($line["id"], true); if ($enable_nested) - $unread += getCategoryChildrenUnread( $line["id"]); + $unread += getCategoryChildrenUnread($line["id"]); if ($unread || !$unread_only) { array_push($cats, array("id" => $line["id"], @@ -166,11 +166,11 @@ class API extends Handler { foreach (array(-2,-1,0) as $cat_id) { if ($include_empty || !$this->isCategoryEmpty($cat_id)) { - $unread = getFeedUnread( $cat_id, true); + $unread = getFeedUnread($cat_id, true); if ($unread || !$unread_only) { array_push($cats, array("id" => $cat_id, - "title" => getCategoryTitle( $cat_id), + "title" => getCategoryTitle($cat_id), "unread" => $unread)); } } @@ -180,22 +180,22 @@ class API extends Handler { } function getHeadlines() { - $feed_id = db_escape_string( $_REQUEST["feed_id"]); + $feed_id = db_escape_string($_REQUEST["feed_id"]); if ($feed_id != "") { - $limit = (int)db_escape_string( $_REQUEST["limit"]); + $limit = (int)db_escape_string($_REQUEST["limit"]); if (!$limit || $limit >= 60) $limit = 60; - $offset = (int)db_escape_string( $_REQUEST["skip"]); - $filter = db_escape_string( $_REQUEST["filter"]); + $offset = (int)db_escape_string($_REQUEST["skip"]); + $filter = db_escape_string($_REQUEST["filter"]); $is_cat = sql_bool_to_bool($_REQUEST["is_cat"]); $show_excerpt = sql_bool_to_bool($_REQUEST["show_excerpt"]); $show_content = sql_bool_to_bool($_REQUEST["show_content"]); /* all_articles, unread, adaptive, marked, updated */ - $view_mode = db_escape_string( $_REQUEST["view_mode"]); + $view_mode = db_escape_string($_REQUEST["view_mode"]); $include_attachments = sql_bool_to_bool($_REQUEST["include_attachments"]); - $since_id = (int)db_escape_string( $_REQUEST["since_id"]); + $since_id = (int)db_escape_string($_REQUEST["since_id"]); $include_nested = sql_bool_to_bool($_REQUEST["include_nested"]); $sanitize_content = true; @@ -211,10 +211,10 @@ class API extends Handler { /* do not rely on params below */ - $search = db_escape_string( $_REQUEST["search"]); - $search_mode = db_escape_string( $_REQUEST["search_mode"]); + $search = db_escape_string($_REQUEST["search"]); + $search_mode = db_escape_string($_REQUEST["search_mode"]); - $headlines = $this->api_get_headlines( $feed_id, $limit, $offset, + $headlines = $this->api_get_headlines($feed_id, $limit, $offset, $filter, $is_cat, $show_excerpt, $show_content, $view_mode, $override_order, $include_attachments, $since_id, $search, $search_mode, $include_nested, $sanitize_content); @@ -226,10 +226,10 @@ class API extends Handler { } function updateArticle() { - $article_ids = array_filter(explode(",", db_escape_string( $_REQUEST["article_ids"])), is_numeric); - $mode = (int) db_escape_string( $_REQUEST["mode"]); - $data = db_escape_string( $_REQUEST["data"]); - $field_raw = (int)db_escape_string( $_REQUEST["field"]); + $article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric); + $mode = (int) db_escape_string($_REQUEST["mode"]); + $data = db_escape_string($_REQUEST["data"]); + $field_raw = (int)db_escape_string($_REQUEST["field"]); $field = ""; $set_to = ""; @@ -269,16 +269,16 @@ class API extends Handler { $article_ids = join(", ", $article_ids); - $result = db_query( "UPDATE ttrss_user_entries SET $field = $set_to $additional_fields WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]); + $result = db_query("UPDATE ttrss_user_entries SET $field = $set_to $additional_fields WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]); - $num_updated = db_affected_rows( $result); + $num_updated = db_affected_rows($result); if ($num_updated > 0 && $field == "unread") { - $result = db_query( "SELECT DISTINCT feed_id FROM ttrss_user_entries + $result = db_query("SELECT DISTINCT feed_id FROM ttrss_user_entries WHERE ref_id IN ($article_ids)"); while ($line = db_fetch_assoc($result)) { - ccache_update( $line["feed_id"], $_SESSION["uid"]); + ccache_update($line["feed_id"], $_SESSION["uid"]); } } @@ -286,7 +286,7 @@ class API extends Handler { if (PUBSUBHUBBUB_HUB) { $rss_link = get_self_url_prefix() . "/public.php?op=rss&id=-2&key=" . - get_feed_access_key( -2, false); + get_feed_access_key(-2, false); $p = new Publisher(PUBSUBHUBBUB_HUB); $pubsub_result = $p->publish_update($rss_link); @@ -304,7 +304,7 @@ class API extends Handler { function getArticle() { - $article_id = join(",", array_filter(explode(",", db_escape_string( $_REQUEST["article_id"])), is_numeric)); + $article_id = join(",", array_filter(explode(",", db_escape_string($_REQUEST["article_id"])), is_numeric)); $query = "SELECT id,title,link,content,cached_content,feed_id,comments,int_id, marked,unread,published,score, @@ -314,7 +314,7 @@ class API extends Handler { WHERE id IN ($article_id) AND ref_id = id AND owner_uid = " . $_SESSION["uid"] ; - $result = db_query( $query); + $result = db_query($query); $articles = array(); @@ -322,13 +322,13 @@ class API extends Handler { while ($line = db_fetch_assoc($result)) { - $attachments = get_article_enclosures( $line['id']); + $attachments = get_article_enclosures($line['id']); $article = array( "id" => $line["id"], "title" => $line["title"], "link" => $line["link"], - "labels" => get_article_labels( $line['id']), + "labels" => get_article_labels($line['id']), "unread" => sql_bool_to_bool($line["unread"]), "marked" => sql_bool_to_bool($line["marked"]), "published" => sql_bool_to_bool($line["published"]), @@ -363,7 +363,7 @@ class API extends Handler { $config["daemon_is_running"] = file_is_locked("update_daemon.lock"); - $result = db_query( "SELECT COUNT(*) AS cf FROM + $result = db_query("SELECT COUNT(*) AS cf FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]); $num_feeds = db_fetch_result($result, 0, "cf"); @@ -376,41 +376,41 @@ class API extends Handler { function updateFeed() { require_once "include/rssfuncs.php"; - $feed_id = (int) db_escape_string( $_REQUEST["feed_id"]); + $feed_id = (int) db_escape_string($_REQUEST["feed_id"]); - update_rss_feed( $feed_id, true); + update_rss_feed($feed_id, true); print $this->wrap(self::STATUS_OK, array("status" => "OK")); } function catchupFeed() { - $feed_id = db_escape_string( $_REQUEST["feed_id"]); - $is_cat = db_escape_string( $_REQUEST["is_cat"]); + $feed_id = db_escape_string($_REQUEST["feed_id"]); + $is_cat = db_escape_string($_REQUEST["is_cat"]); - catchup_feed( $feed_id, $is_cat); + catchup_feed($feed_id, $is_cat); print $this->wrap(self::STATUS_OK, array("status" => "OK")); } function getPref() { - $pref_name = db_escape_string( $_REQUEST["pref_name"]); + $pref_name = db_escape_string($_REQUEST["pref_name"]); - print $this->wrap(self::STATUS_OK, array("value" => get_pref( $pref_name))); + print $this->wrap(self::STATUS_OK, array("value" => get_pref($pref_name))); } function getLabels() { - //$article_ids = array_filter(explode(",", db_escape_string( $_REQUEST["article_ids"])), is_numeric); + //$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric); $article_id = (int)$_REQUEST['article_id']; $rv = array(); - $result = db_query( "SELECT id, caption, fg_color, bg_color + $result = db_query("SELECT id, caption, fg_color, bg_color FROM ttrss_labels2 WHERE owner_uid = '".$_SESSION['uid']."' ORDER BY caption"); if ($article_id) - $article_labels = get_article_labels( $article_id); + $article_labels = get_article_labels($article_id); else $article_labels = array(); @@ -437,11 +437,11 @@ class API extends Handler { function setArticleLabel() { - $article_ids = array_filter(explode(",", db_escape_string( $_REQUEST["article_ids"])), is_numeric); - $label_id = (int) db_escape_string( $_REQUEST['label_id']); - $assign = (bool) db_escape_string( $_REQUEST['assign']) == "true"; + $article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric); + $label_id = (int) db_escape_string($_REQUEST['label_id']); + $assign = (bool) db_escape_string($_REQUEST['assign']) == "true"; - $label = db_escape_string( label_find_caption( + $label = db_escape_string(label_find_caption( $label_id, $_SESSION["uid"])); $num_updated = 0; @@ -451,9 +451,9 @@ class API extends Handler { foreach ($article_ids as $id) { if ($assign) - label_add_article( $id, $label, $_SESSION["uid"]); + label_add_article($id, $label, $_SESSION["uid"]); else - label_remove_article( $id, $label, $_SESSION["uid"]); + label_remove_article($id, $label, $_SESSION["uid"]); ++$num_updated; @@ -481,25 +481,25 @@ class API extends Handler { } function shareToPublished() { - $title = db_escape_string( strip_tags($_REQUEST["title"])); - $url = db_escape_string( strip_tags($_REQUEST["url"])); - $content = db_escape_string( strip_tags($_REQUEST["content"])); + $title = db_escape_string(strip_tags($_REQUEST["title"])); + $url = db_escape_string(strip_tags($_REQUEST["url"])); + $content = db_escape_string(strip_tags($_REQUEST["content"])); - if (Article::create_published_article( $title, $url, $content, "", $_SESSION["uid"])) { + if (Article::create_published_article($title, $url, $content, "", $_SESSION["uid"])) { print $this->wrap(self::STATUS_OK, array("status" => 'OK')); } else { print $this->wrap(self::STATUS_ERR, array("error" => 'Publishing failed')); } } - static function api_get_feeds( $cat_id, $unread_only, $limit, $offset, $include_nested = false) { + static function api_get_feeds($cat_id, $unread_only, $limit, $offset, $include_nested = false) { $feeds = array(); /* Labels */ if ($cat_id == -4 || $cat_id == -2) { - $counters = getLabelCounters( true); + $counters = getLabelCounters(true); foreach (array_values($counters) as $cv) { @@ -523,10 +523,10 @@ class API extends Handler { if ($cat_id == -4 || $cat_id == -1) { foreach (array(-1, -2, -3, -4, -6, 0) as $i) { - $unread = getFeedUnread( $i); + $unread = getFeedUnread($i); if ($unread || !$unread_only) { - $title = getFeedTitle( $i); + $title = getFeedTitle($i); $row = array( "id" => $i, @@ -543,14 +543,14 @@ class API extends Handler { /* Child cats */ if ($include_nested && $cat_id) { - $result = db_query( "SELECT + $result = db_query("SELECT id, title FROM ttrss_feed_categories WHERE parent_cat = '$cat_id' AND owner_uid = " . $_SESSION["uid"] . " ORDER BY id, title"); while ($line = db_fetch_assoc($result)) { - $unread = getFeedUnread( $line["id"], true) + - getCategoryChildrenUnread( $line["id"]); + $unread = getFeedUnread($line["id"], true) + + getCategoryChildrenUnread($line["id"]); if ($unread || !$unread_only) { $row = array( @@ -573,7 +573,7 @@ class API extends Handler { } if ($cat_id == -4 || $cat_id == -3) { - $result = db_query( "SELECT + $result = db_query("SELECT id, feed_url, cat_id, title, order_id, ". SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"] . @@ -585,7 +585,7 @@ class API extends Handler { else $cat_qpart = "cat_id IS NULL"; - $result = db_query( "SELECT + $result = db_query("SELECT id, feed_url, cat_id, title, order_id, ". SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated FROM ttrss_feeds WHERE @@ -595,7 +595,7 @@ class API extends Handler { while ($line = db_fetch_assoc($result)) { - $unread = getFeedUnread( $line["id"]); + $unread = getFeedUnread($line["id"]); $has_icon = feed_has_icon($line['id']); @@ -619,13 +619,13 @@ class API extends Handler { return $feeds; } - static function api_get_headlines( $feed_id, $limit, $offset, + static function api_get_headlines($feed_id, $limit, $offset, $filter, $is_cat, $show_excerpt, $show_content, $view_mode, $order, $include_attachments, $since_id, $search = "", $search_mode = "", $include_nested = false, $sanitize_content = true) { - $qfh_ret = queryFeedHeadlines( $feed_id, $limit, + $qfh_ret = queryFeedHeadlines($feed_id, $limit, $view_mode, $is_cat, $search, $search_mode, $order, $offset, 0, false, $since_id, $include_nested); @@ -641,8 +641,8 @@ class API extends Handler { $tags = explode(",", $line["tag_cache"]); $labels = json_decode($line["label_cache"], true); - //if (!$tags) $tags = get_article_tags( $line["id"]); - //if (!$labels) $labels = get_article_labels( $line["id"]); + //if (!$tags) $tags = get_article_tags($line["id"]); + //if (!$labels) $labels = get_article_labels($line["id"]); $headline_row = array( "id" => (int)$line["id"], @@ -709,13 +709,13 @@ class API extends Handler { } function unsubscribeFeed() { - $feed_id = (int) db_escape_string( $_REQUEST["feed_id"]); + $feed_id = (int) db_escape_string($_REQUEST["feed_id"]); - $result = db_query( "SELECT id FROM ttrss_feeds WHERE + $result = db_query("SELECT id FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = ".$_SESSION["uid"]); if (db_num_rows($result) != 0) { - Pref_Feeds::remove_feed( $feed_id, $_SESSION["uid"]); + Pref_Feeds::remove_feed($feed_id, $_SESSION["uid"]); print $this->wrap(self::STATUS_OK, array("status" => "OK")); } else { print $this->wrap(self::STATUS_ERR, array("error" => "FEED_NOT_FOUND")); @@ -723,13 +723,13 @@ class API extends Handler { } function subscribeToFeed() { - $feed_url = db_escape_string( $_REQUEST["feed_url"]); - $category_id = (int) db_escape_string( $_REQUEST["category_id"]); - $login = db_escape_string( $_REQUEST["login"]); - $password = db_escape_string( $_REQUEST["password"]); + $feed_url = db_escape_string($_REQUEST["feed_url"]); + $category_id = (int) db_escape_string($_REQUEST["category_id"]); + $login = db_escape_string($_REQUEST["login"]); + $password = db_escape_string($_REQUEST["password"]); if ($feed_url) { - $rc = subscribe_to_feed( $feed_url, $category_id, + $rc = subscribe_to_feed($feed_url, $category_id, $login, $password, false); print $this->wrap(self::STATUS_OK, array("status" => $rc)); @@ -741,7 +741,7 @@ class API extends Handler { function getFeedTree() { $include_empty = sql_bool_to_bool($_REQUEST['include_empty']); - $pf = new Pref_Feeds( $_REQUEST); + $pf = new Pref_Feeds($_REQUEST); $_REQUEST['mode'] = 2; $_REQUEST['force_show_empty'] = $include_empty; @@ -760,13 +760,13 @@ class API extends Handler { private function isCategoryEmpty($id) { if ($id == -2) { - $result = db_query( "SELECT COUNT(*) AS count FROM ttrss_labels2 + $result = db_query("SELECT COUNT(*) AS count FROM ttrss_labels2 WHERE owner_uid = " . $_SESSION["uid"]); return db_fetch_result($result, 0, "count") == 0; } else if ($id == 0) { - $result = db_query( "SELECT COUNT(*) AS count FROM ttrss_feeds + $result = db_query("SELECT COUNT(*) AS count FROM ttrss_feeds WHERE cat_id IS NULL AND owner_uid = " . $_SESSION["uid"]); return db_fetch_result($result, 0, "count") == 0; diff --git a/classes/article.php b/classes/article.php index 9917d4d06..df850daca 100644 --- a/classes/article.php +++ b/classes/article.php @@ -8,9 +8,9 @@ class Article extends Handler_Protected { } function redirect() { - $id = db_escape_string( $_REQUEST['id']); + $id = db_escape_string($_REQUEST['id']); - $result = db_query( "SELECT link FROM ttrss_entries, ttrss_user_entries + $result = db_query("SELECT link FROM ttrss_entries, ttrss_user_entries WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."' LIMIT 1"); @@ -27,10 +27,10 @@ class Article extends Handler_Protected { } function view() { - $id = db_escape_string( $_REQUEST["id"]); - $cids = explode(",", db_escape_string( $_REQUEST["cids"])); - $mode = db_escape_string( $_REQUEST["mode"]); - $omode = db_escape_string( $_REQUEST["omode"]); + $id = db_escape_string($_REQUEST["id"]); + $cids = explode(",", db_escape_string($_REQUEST["cids"])); + $mode = db_escape_string($_REQUEST["mode"]); + $omode = db_escape_string($_REQUEST["omode"]); // in prefetch mode we only output requested cids, main article // just gets marked as read (it already exists in client cache) @@ -38,26 +38,26 @@ class Article extends Handler_Protected { $articles = array(); if ($mode == "") { - array_push($articles, format_article( $id, false)); + array_push($articles, format_article($id, false)); } else if ($mode == "zoom") { - array_push($articles, format_article( $id, true, true)); + array_push($articles, format_article($id, true, true)); } else if ($mode == "raw") { if ($_REQUEST['html']) { header("Content-Type: text/html"); print '<link rel="stylesheet" type="text/css" href="tt-rss.css"/>'; } - $article = format_article( $id, false); + $article = format_article($id, false); print $article['content']; return; } - $this->catchupArticleById( $id, 0); + $this->catchupArticleById($id, 0); if (!$_SESSION["bw_limit"]) { foreach ($cids as $cid) { if ($cid) { - array_push($articles, format_article( $cid, false, false)); + array_push($articles, format_article($cid, false, false)); } } } @@ -65,27 +65,27 @@ class Article extends Handler_Protected { print json_encode($articles); } - private function catchupArticleById( $id, $cmode) { + private function catchupArticleById($id, $cmode) { if ($cmode == 0) { - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET unread = false,last_read = NOW() WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); } else if ($cmode == 1) { - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET unread = true WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); } else { - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET unread = NOT unread,last_read = NOW() WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); } - $feed_id = getArticleFeed( $id); - ccache_update( $feed_id, $_SESSION["uid"]); + $feed_id = getArticleFeed($id); + ccache_update($feed_id, $_SESSION["uid"]); } - static function create_published_article( $title, $url, $content, $labels_str, + static function create_published_article($title, $url, $content, $labels_str, $owner_uid) { $guid = 'SHA1:' . sha1("ttshared:" . $url . $owner_uid); // include owner_uid to prevent global GUID clash @@ -104,30 +104,30 @@ class Article extends Handler_Protected { if (filter_var($url, FILTER_VALIDATE_URL) === FALSE) return false; - db_query( "BEGIN"); + db_query("BEGIN"); // only check for our user data here, others might have shared this with different content etc - $result = db_query( "SELECT id FROM ttrss_entries, ttrss_user_entries WHERE + $result = db_query("SELECT id FROM ttrss_entries, ttrss_user_entries WHERE link = '$url' AND ref_id = id AND owner_uid = '$owner_uid' LIMIT 1"); if (db_num_rows($result) != 0) { $ref_id = db_fetch_result($result, 0, "id"); - $result = db_query( "SELECT int_id FROM ttrss_user_entries WHERE + $result = db_query("SELECT int_id FROM ttrss_user_entries WHERE ref_id = '$ref_id' AND owner_uid = '$owner_uid' LIMIT 1"); if (db_num_rows($result) != 0) { $int_id = db_fetch_result($result, 0, "int_id"); - db_query( "UPDATE ttrss_entries SET + db_query("UPDATE ttrss_entries SET content = '$content', content_hash = '$content_hash' WHERE id = '$ref_id'"); - db_query( "UPDATE ttrss_user_entries SET published = true, + db_query("UPDATE ttrss_user_entries SET published = true, last_published = NOW() WHERE int_id = '$int_id' AND owner_uid = '$owner_uid'"); } else { - db_query( "INSERT INTO ttrss_user_entries + db_query("INSERT INTO ttrss_user_entries (ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache, last_read, note, unread, last_published) VALUES @@ -136,24 +136,24 @@ class Article extends Handler_Protected { if (count($labels) != 0) { foreach ($labels as $label) { - label_add_article( $ref_id, trim($label), $owner_uid); + label_add_article($ref_id, trim($label), $owner_uid); } } $rc = true; } else { - $result = db_query( "INSERT INTO ttrss_entries + $result = db_query("INSERT INTO ttrss_entries (title, guid, link, updated, content, content_hash, date_entered, date_updated) VALUES ('$title', '$guid', '$url', NOW(), '$content', '$content_hash', NOW(), NOW())"); - $result = db_query( "SELECT id FROM ttrss_entries WHERE guid = '$guid'"); + $result = db_query("SELECT id FROM ttrss_entries WHERE guid = '$guid'"); if (db_num_rows($result) != 0) { $ref_id = db_fetch_result($result, 0, "id"); - db_query( "INSERT INTO ttrss_user_entries + db_query("INSERT INTO ttrss_user_entries (ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache, last_read, note, unread, last_published) VALUES @@ -161,7 +161,7 @@ class Article extends Handler_Protected { if (count($labels) != 0) { foreach ($labels as $label) { - label_add_article( $ref_id, trim($label), $owner_uid); + label_add_article($ref_id, trim($label), $owner_uid); } } @@ -169,7 +169,7 @@ class Article extends Handler_Protected { } } - db_query( "COMMIT"); + db_query("COMMIT"); return $rc; } @@ -178,9 +178,9 @@ class Article extends Handler_Protected { print __("Tags for this article (separated by commas):")."<br>"; - $param = db_escape_string( $_REQUEST['param']); + $param = db_escape_string($_REQUEST['param']); - $tags = get_article_tags( db_escape_string( $param)); + $tags = get_article_tags(db_escape_string($param)); $tags_str = join(", ", $tags); @@ -209,10 +209,10 @@ class Article extends Handler_Protected { } function setScore() { - $ids = db_escape_string( $_REQUEST['id']); - $score = (int)db_escape_string( $_REQUEST['score']); + $ids = db_escape_string($_REQUEST['id']); + $score = (int)db_escape_string($_REQUEST['score']); - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET score = '$score' WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]); print json_encode(array("id" => $id, @@ -222,14 +222,14 @@ class Article extends Handler_Protected { function setArticleTags() { - $id = db_escape_string( $_REQUEST["id"]); + $id = db_escape_string($_REQUEST["id"]); - $tags_str = db_escape_string( $_REQUEST["tags_str"]); + $tags_str = db_escape_string($_REQUEST["tags_str"]); $tags = array_unique(trim_array(explode(",", $tags_str))); - db_query( "BEGIN"); + db_query("BEGIN"); - $result = db_query( "SELECT int_id FROM ttrss_user_entries WHERE + $result = db_query("SELECT int_id FROM ttrss_user_entries WHERE ref_id = '$id' AND owner_uid = '".$_SESSION["uid"]."' LIMIT 1"); if (db_num_rows($result) == 1) { @@ -238,7 +238,7 @@ class Article extends Handler_Protected { $int_id = db_fetch_result($result, 0, "int_id"); - db_query( "DELETE FROM ttrss_tags WHERE + db_query("DELETE FROM ttrss_tags WHERE post_int_id = $int_id AND owner_uid = '".$_SESSION["uid"]."'"); foreach ($tags as $tag) { @@ -255,7 +255,7 @@ class Article extends Handler_Protected { // print "<!-- $id : $int_id : $tag -->"; if ($tag != '') { - db_query( "INSERT INTO ttrss_tags + db_query("INSERT INTO ttrss_tags (post_int_id, owner_uid, tag_name) VALUES ('$int_id', '".$_SESSION["uid"]."', '$tag')"); } @@ -267,14 +267,14 @@ class Article extends Handler_Protected { sort($tags_to_cache); $tags_str = join(",", $tags_to_cache); - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET tag_cache = '$tags_str' WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); } - db_query( "COMMIT"); + db_query("COMMIT"); - $tags = get_article_tags( $id); + $tags = get_article_tags($id); $tags_str = format_tags_string($tags, $id); $tags_str_full = join(", ", $tags); @@ -286,9 +286,9 @@ class Article extends Handler_Protected { function completeTags() { - $search = db_escape_string( $_REQUEST["search"]); + $search = db_escape_string($_REQUEST["search"]); - $result = db_query( "SELECT DISTINCT tag_name FROM ttrss_tags + $result = db_query("SELECT DISTINCT tag_name FROM ttrss_tags WHERE owner_uid = '".$_SESSION["uid"]."' AND tag_name LIKE '$search%' ORDER BY tag_name LIMIT 10"); @@ -311,10 +311,10 @@ class Article extends Handler_Protected { private function labelops($assign) { $reply = array(); - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); - $label_id = db_escape_string( $_REQUEST["lid"]); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $label_id = db_escape_string($_REQUEST["lid"]); - $label = db_escape_string( label_find_caption( $label_id, + $label = db_escape_string(label_find_caption($label_id, $_SESSION["uid"])); $reply["info-for-headlines"] = array(); @@ -324,11 +324,11 @@ class Article extends Handler_Protected { foreach ($ids as $id) { if ($assign) - label_add_article( $id, $label, $_SESSION["uid"]); + label_add_article($id, $label, $_SESSION["uid"]); else - label_remove_article( $id, $label, $_SESSION["uid"]); + label_remove_article($id, $label, $_SESSION["uid"]); - $labels = get_article_labels( $id, $_SESSION["uid"]); + $labels = get_article_labels($id, $_SESSION["uid"]); array_push($reply["info-for-headlines"], array("id" => $id, "labels" => format_article_labels($labels, $id))); diff --git a/classes/auth/base.php b/classes/auth/base.php index 102a19778..782848a79 100644 --- a/classes/auth/base.php +++ b/classes/auth/base.php @@ -15,7 +15,7 @@ class Auth_Base { $user_id = $this->find_user_by_login($login); if (!$user_id) { - $login = db_escape_string( $login); + $login = db_escape_string($login); $salt = substr(bin2hex(get_random_bytes(125)), 0, 250); $pwd_hash = encrypt_password($password, $salt, true); @@ -23,7 +23,7 @@ class Auth_Base { (login,access_level,last_login,created,pwd_hash,salt) VALUES ('$login', 0, null, NOW(), '$pwd_hash','$salt')"; - db_query( $query); + db_query($query); return $this->find_user_by_login($login); @@ -36,9 +36,9 @@ class Auth_Base { } function find_user_by_login($login) { - $login = db_escape_string( $login); + $login = db_escape_string($login); - $result = db_query( "SELECT id FROM ttrss_users WHERE + $result = db_query("SELECT id FROM ttrss_users WHERE login = '$login'"); if (db_num_rows($result) > 0) { diff --git a/classes/backend.php b/classes/backend.php index a04168108..7737df0f6 100644 --- a/classes/backend.php +++ b/classes/backend.php @@ -11,7 +11,7 @@ class Backend extends Handler { require_once "digest.php"; - $rv = prepare_headlines_digest( $_SESSION['uid'], 1, 1000); + $rv = prepare_headlines_digest($_SESSION['uid'], 1, 1000); $rv[3] = "<pre>" . $rv[3] . "</pre>"; diff --git a/classes/db/pgsql.php b/classes/db/pgsql.php index 0cb737978..4d860790b 100644 --- a/classes/db/pgsql.php +++ b/classes/db/pgsql.php @@ -31,11 +31,11 @@ class Db_Pgsql implements IDb { function escape_string($s, $strip_tags = true) { if ($strip_tags) $s = strip_tags($s); - return pg_escape_string( $s); + return pg_escape_string($s); } function query($query, $die_on_error = true) { - $result = pg_query( $query); + $result = pg_query($query); if (!$result) { $query = htmlspecialchars($query); // just in case diff --git a/classes/dbupdater.php b/classes/dbupdater.php index ffcac7cf7..a319da03d 100644 --- a/classes/dbupdater.php +++ b/classes/dbupdater.php @@ -12,7 +12,7 @@ class DbUpdater { } function getSchemaVersion() { - $result = db_query( "SELECT schema_version FROM ttrss_version"); + $result = db_query("SELECT schema_version FROM ttrss_version"); return (int) db_fetch_result($result, 0, "schema_version"); } @@ -37,21 +37,21 @@ class DbUpdater { if (is_array($lines)) { - db_query( "BEGIN"); + db_query("BEGIN"); foreach ($lines as $line) { if (strpos($line, "--") !== 0 && $line) { - db_query( $line); + db_query($line); } } $db_version = $this->getSchemaVersion(); if ($db_version == $version) { - db_query( "COMMIT"); + db_query("COMMIT"); return true; } else { - db_query( "ROLLBACK"); + db_query("ROLLBACK"); return false; } } else { diff --git a/classes/dlg.php b/classes/dlg.php index 99cd7cffa..5e14690c4 100644 --- a/classes/dlg.php +++ b/classes/dlg.php @@ -6,7 +6,7 @@ class Dlg extends Handler_Protected { if (parent::before($method)) { header("Content-Type: text/html"); # required for iframe - $this->param = db_escape_string( $_REQUEST["param"]); + $this->param = db_escape_string($_REQUEST["param"]); return true; } return false; @@ -18,15 +18,15 @@ class Dlg extends Handler_Protected { print "<div class=\"prefFeedOPMLHolder\">"; $owner_uid = $_SESSION["uid"]; - db_query( "BEGIN"); + db_query("BEGIN"); print "<ul class='nomarks'>"; - $opml = new Opml( $_REQUEST); + $opml = new Opml($_REQUEST); $opml->opml_import($_SESSION["uid"]); - db_query( "COMMIT"); + db_query("COMMIT"); print "</ul>"; print "</div>"; @@ -106,7 +106,7 @@ class Dlg extends Handler_Protected { FROM ttrss_tags WHERE owner_uid = ".$_SESSION["uid"]." GROUP BY tag_name ORDER BY count DESC LIMIT 50"; - $result = db_query( $query); + $result = db_query($query); $tags = array(); @@ -114,7 +114,7 @@ class Dlg extends Handler_Protected { $tags[$line["tag_name"]] = $line["count"]; } - if( count($tags) == 0 ){ return; } + if(count($tags) == 0 ){ return; } ksort($tags); @@ -171,7 +171,7 @@ class Dlg extends Handler_Protected { print "<label for=\"tag_mode_all\">".__("All tags.")."</input>"; print "<select id=\"all_tags\" name=\"all_tags\" title=\"" . __('Which Tags?') . "\" multiple=\"multiple\" size=\"10\" style=\"width : 100%\">"; - $result = db_query( "SELECT DISTINCT tag_name FROM ttrss_tags WHERE owner_uid = ".$_SESSION['uid']." + $result = db_query("SELECT DISTINCT tag_name FROM ttrss_tags WHERE owner_uid = ".$_SESSION['uid']." AND LENGTH(tag_name) <= 30 ORDER BY tag_name ASC"); while ($row = db_fetch_assoc($result)) { @@ -195,10 +195,10 @@ class Dlg extends Handler_Protected { function generatedFeed() { $this->params = explode(":", $this->param, 3); - $feed_id = db_escape_string( $this->params[0]); + $feed_id = db_escape_string($this->params[0]); $is_cat = (bool) $this->params[1]; - $key = get_feed_access_key( $feed_id, $is_cat); + $key = get_feed_access_key($feed_id, $is_cat); $url_path = htmlspecialchars($this->params[2]) . "&key=" . $key; diff --git a/classes/feeds.php b/classes/feeds.php index 1c3ad58c5..153c0f5aa 100644 --- a/classes/feeds.php +++ b/classes/feeds.php @@ -174,16 +174,16 @@ class Feeds extends Handler_Protected { if (!$cache_images && time() - $last_updated > 120 || isset($_REQUEST['DevForceUpdate'])) { include "rssfuncs.php"; - update_rss_feed( $feed, true, true); + update_rss_feed($feed, true, true); } else { - db_query( "UPDATE ttrss_feeds SET last_updated = '1970-01-01', last_update_started = '1970-01-01' + db_query("UPDATE ttrss_feeds SET last_updated = '1970-01-01', last_update_started = '1970-01-01' WHERE id = '$feed'"); } } } if ($method_split[0] == "MarkAllReadGR") { - catchup_feed( $method_split[1], false); + catchup_feed($method_split[1], false); } // FIXME: might break tag display? @@ -197,18 +197,18 @@ class Feeds extends Handler_Protected { } } - @$search = db_escape_string( $_REQUEST["query"]); + @$search = db_escape_string($_REQUEST["query"]); if ($search) { $disable_cache = true; } - @$search_mode = db_escape_string( $_REQUEST["search_mode"]); + @$search_mode = db_escape_string($_REQUEST["search_mode"]); if ($_REQUEST["debug"]) $timing_info = print_checkpoint("H0", $timing_info); // error_log("format_headlines_list: [" . $feed . "] method [" . $method . "]"); - if( $search_mode == '' && $method != '' ){ + if($search_mode == '' && $method != '' ){ $search_mode = $method; } // error_log("search_mode: " . $search_mode); @@ -240,7 +240,7 @@ class Feeds extends Handler_Protected { } } else { - $qfh_ret = queryFeedHeadlines( $feed, $limit, $view_mode, $cat_view, + $qfh_ret = queryFeedHeadlines($feed, $limit, $view_mode, $cat_view, $search, $search_mode, $override_order, $offset, 0, false, 0, $include_children); } @@ -261,7 +261,7 @@ class Feeds extends Handler_Protected { $headlines_count = db_num_rows($result); - /* if (get_pref( 'COMBINED_DISPLAY_MODE')) { + /* if (get_pref('COMBINED_DISPLAY_MODE')) { $button_plugins = array(); foreach (explode(",", ARTICLE_BUTTON_PLUGINS) as $p) { $pclass = "button_" . trim($p); @@ -282,11 +282,11 @@ class Feeds extends Handler_Protected { $num_unread = 0; $cur_feed_title = ''; - $fresh_intl = get_pref( "FRESH_ARTICLE_MAX_AGE") * 60 * 60; + $fresh_intl = get_pref("FRESH_ARTICLE_MAX_AGE") * 60 * 60; if ($_REQUEST["debug"]) $timing_info = print_checkpoint("PS", $timing_info); - $expand_cdm = get_pref( 'CDM_EXPANDED'); + $expand_cdm = get_pref('CDM_EXPANDED'); while ($line = db_fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; @@ -307,7 +307,7 @@ class Feeds extends Handler_Protected { } } - if (!is_array($labels)) $labels = get_article_labels( $id); + if (!is_array($labels)) $labels = get_article_labels($id); $labels_str = "<span id=\"HLLCTR-$id\">"; $labels_str .= format_article_labels($labels, $id); @@ -357,11 +357,11 @@ class Feeds extends Handler_Protected { # $content_link = "<a href=\"javascript:viewContentUrl('".$line["link"]."');\">" . # $line["title"] . "</a>"; - $updated_fmt = make_local_datetime( $line["updated"], false); + $updated_fmt = make_local_datetime($line["updated"], false); $date_entered_fmt = T_sprintf("Imported at %s", - make_local_datetime( $line["date_entered"], false)); + make_local_datetime($line["date_entered"], false)); - if (get_pref( 'SHOW_CONTENT_PREVIEW')) { + if (get_pref('SHOW_CONTENT_PREVIEW')) { $content_preview = truncate_string(strip_tags($line["content_preview"]), 100); } @@ -423,15 +423,15 @@ class Feeds extends Handler_Protected { /* $row_background = "background-image : -moz-linear-gradient(left, rgba(255, 255, 255, 0) 50%, rgba($rgba, 0.2) 100%);". "background-image : linear-gradient(to right, rgba(255, 255, 255, 0) 50%, rgba($rgba, 0.2) 100%);"; - "background-image : -webkit-gradient(linear, left top, right top, color-stop( 50%, rgba(255,255,255,0)), + "background-image : -webkit-gradient(linear, left top, right top, color-stop(50%, rgba(255,255,255,0)), color-stop(100%, rgba($rgba, 0.2)));"; */ } else { $row_background = ""; } - if (!get_pref( 'COMBINED_DISPLAY_MODE')) { + if (!get_pref('COMBINED_DISPLAY_MODE')) { - if (get_pref( 'VFEED_GROUP_BY_FEED')) { + if (get_pref('VFEED_GROUP_BY_FEED')) { if ($feed_id != $vgroup_last_feed && $line["feed_title"]) { $cur_feed_title = $line["feed_title"]; @@ -472,7 +472,7 @@ class Feeds extends Handler_Protected { onclick=\"\">" . truncate_string($line["title"], 200); - if (get_pref( 'SHOW_CONTENT_PREVIEW')) { + if (get_pref('SHOW_CONTENT_PREVIEW')) { if ($content_preview) { $reply['content'] .= "<span class=\"contentPreview\"> - $content_preview</span>"; } @@ -486,7 +486,7 @@ class Feeds extends Handler_Protected { $reply['content'] .= "<span class=\"hlUpdated\">"; - if (!get_pref( 'VFEED_GROUP_BY_FEED')) { + if (!get_pref('VFEED_GROUP_BY_FEED')) { if (@$line["feed_title"]) { $reply['content'] .= "<div class=\"hlFeed\"> <a href=\"#\" onclick=\"viewfeed($feed_id)\">". @@ -502,7 +502,7 @@ class Feeds extends Handler_Protected { $reply['content'] .= $score_pic; - if ($line["feed_title"] && !get_pref( 'VFEED_GROUP_BY_FEED')) { + if ($line["feed_title"] && !get_pref('VFEED_GROUP_BY_FEED')) { $reply['content'] .= "<span onclick=\"viewfeed($feed_id)\" style=\"cursor : pointer\" @@ -515,17 +515,17 @@ class Feeds extends Handler_Protected { } else { - $line["tags"] = get_article_tags( $id, $_SESSION["uid"], $line["tag_cache"]); + $line["tags"] = get_article_tags($id, $_SESSION["uid"], $line["tag_cache"]); unset($line["tag_cache"]); - $line["content"] = sanitize( $line["content_preview"], + $line["content"] = sanitize($line["content_preview"], sql_bool_to_bool($line['hide_images']), false, $entry_site_url); foreach ($pluginhost->get_hooks($pluginhost::HOOK_RENDER_ARTICLE_CDM) as $p) { $line = $p->hook_render_article_cdm($line); } - if (get_pref( 'VFEED_GROUP_BY_FEED') && $line["feed_title"]) { + if (get_pref('VFEED_GROUP_BY_FEED') && $line["feed_title"]) { if ($feed_id != $vgroup_last_feed) { $cur_feed_title = $line["feed_title"]; @@ -594,7 +594,7 @@ class Feeds extends Handler_Protected { id=\"CEXC-$id\" class=\"cdmExcerpt\"> - $content_preview</span>"; $reply['content'] .= "</span>"; - if (!get_pref( 'VFEED_GROUP_BY_FEED')) { + if (!get_pref('VFEED_GROUP_BY_FEED')) { if (@$line["feed_title"]) { $reply['content'] .= "<div class=\"hlFeed\"> <a href=\"#\" onclick=\"viewfeed($feed_id)\">". @@ -609,7 +609,7 @@ class Feeds extends Handler_Protected { $reply['content'] .= "<div style=\"vertical-align : middle\">"; $reply['content'] .= "$score_pic"; - if (!get_pref( "VFEED_GROUP_BY_FEED") && $line["feed_title"]) { + if (!get_pref("VFEED_GROUP_BY_FEED") && $line["feed_title"]) { $reply['content'] .= "<span style=\"cursor : pointer\" title=\"".htmlspecialchars($line["feed_title"])."\" onclick=\"viewfeed($feed_id)\">$feed_icon_img</span>"; @@ -633,7 +633,7 @@ class Feeds extends Handler_Protected { if ($line["orig_feed_id"]) { - $tmp_result = db_query( "SELECT * FROM ttrss_archived_feeds + $tmp_result = db_query("SELECT * FROM ttrss_archived_feeds WHERE id = ".$line["orig_feed_id"]); if (db_num_rows($tmp_result) != 0) { @@ -673,7 +673,7 @@ class Feeds extends Handler_Protected { $always_display_enclosures = sql_bool_to_bool($line["always_display_enclosures"]); - $reply['content'] .= format_article_enclosures( $id, $always_display_enclosures, $line["content"], sql_bool_to_bool($line["hide_images"])); + $reply['content'] .= format_article_enclosures($id, $always_display_enclosures, $line["content"], sql_bool_to_bool($line["hide_images"])); $reply['content'] .= "</div>"; @@ -757,15 +757,15 @@ class Feeds extends Handler_Protected { $reply['content'] .= "<p><span class=\"insensitive\">"; - $result = db_query( "SELECT ".SUBSTRING_FOR_DATE."(MAX(last_updated), 1, 19) AS last_updated FROM ttrss_feeds + $result = db_query("SELECT ".SUBSTRING_FOR_DATE."(MAX(last_updated), 1, 19) AS last_updated FROM ttrss_feeds WHERE owner_uid = " . $_SESSION['uid']); $last_updated = db_fetch_result($result, 0, "last_updated"); - $last_updated = make_local_datetime( $last_updated, false); + $last_updated = make_local_datetime($last_updated, false); $reply['content'] .= sprintf(__("Feeds last updated at %s"), $last_updated); - $result = db_query( "SELECT COUNT(id) AS num_errors + $result = db_query("SELECT COUNT(id) AS num_errors FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]); $num_errors = db_fetch_result($result, 0, "num_errors"); @@ -786,9 +786,9 @@ class Feeds extends Handler_Protected { } function catchupAll() { - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET last_read = NOW(), unread = false WHERE unread = true AND owner_uid = " . $_SESSION["uid"]); - ccache_zero_all( $_SESSION["uid"]); + ccache_zero_all($_SESSION["uid"]); } function view() { @@ -798,17 +798,17 @@ class Feeds extends Handler_Protected { if ($_REQUEST["debug"]) $timing_info = print_checkpoint("0", $timing_info); - $omode = db_escape_string( $_REQUEST["omode"]); + $omode = db_escape_string($_REQUEST["omode"]); - $feed = db_escape_string( $_REQUEST["feed"]); - $method = db_escape_string( $_REQUEST["m"]); - $view_mode = db_escape_string( $_REQUEST["view_mode"]); + $feed = db_escape_string($_REQUEST["feed"]); + $method = db_escape_string($_REQUEST["m"]); + $view_mode = db_escape_string($_REQUEST["view_mode"]); $limit = 30; @$cat_view = $_REQUEST["cat"] == "true"; - @$next_unread_feed = db_escape_string( $_REQUEST["nuf"]); - @$offset = db_escape_string( $_REQUEST["skip"]); - @$vgroup_last_feed = db_escape_string( $_REQUEST["vgrlf"]); - $order_by = db_escape_string( $_REQUEST["order_by"]); + @$next_unread_feed = db_escape_string($_REQUEST["nuf"]); + @$offset = db_escape_string($_REQUEST["skip"]); + @$vgroup_last_feed = db_escape_string($_REQUEST["vgrlf"]); + $order_by = db_escape_string($_REQUEST["order_by"]); if (is_numeric($feed)) $feed = (int) $feed; @@ -824,18 +824,18 @@ class Feeds extends Handler_Protected { if ($feed < LABEL_BASE_INDEX) { $label_feed = feed_to_label_id($feed); - $result = db_query( "SELECT id FROM ttrss_labels2 WHERE + $result = db_query("SELECT id FROM ttrss_labels2 WHERE id = '$label_feed' AND owner_uid = " . $_SESSION['uid']); } else if (!$cat_view && is_numeric($feed) && $feed > 0) { - $result = db_query( "SELECT id FROM ttrss_feeds WHERE + $result = db_query("SELECT id FROM ttrss_feeds WHERE id = '$feed' AND owner_uid = " . $_SESSION['uid']); } else if ($cat_view && is_numeric($feed) && $feed > 0) { - $result = db_query( "SELECT id FROM ttrss_feed_categories WHERE + $result = db_query("SELECT id FROM ttrss_feed_categories WHERE id = '$feed' AND owner_uid = " . $_SESSION['uid']); } if ($result && db_num_rows($result) == 0) { - print json_encode($this->generate_error_feed( __("Feed not found."))); + print json_encode($this->generate_error_feed(__("Feed not found."))); return; } @@ -843,21 +843,21 @@ class Feeds extends Handler_Protected { * so for performance reasons we don't do that here */ if ($feed >= 0) { - ccache_update( $feed, $_SESSION["uid"], $cat_view); + ccache_update($feed, $_SESSION["uid"], $cat_view); } - set_pref( "_DEFAULT_VIEW_MODE", $view_mode); - set_pref( "_DEFAULT_VIEW_ORDER_BY", $order_by); + set_pref("_DEFAULT_VIEW_MODE", $view_mode); + set_pref("_DEFAULT_VIEW_ORDER_BY", $order_by); /* bump login timestamp if needed */ if (time() - $_SESSION["last_login_update"] > 3600) { - db_query( "UPDATE ttrss_users SET last_login = NOW() WHERE id = " . + db_query("UPDATE ttrss_users SET last_login = NOW() WHERE id = " . $_SESSION["uid"]); $_SESSION["last_login_update"] = time(); } if (!$cat_view && is_numeric($feed) && $feed > 0) { - db_query( "UPDATE ttrss_feeds SET last_viewed = NOW() + db_query("UPDATE ttrss_feeds SET last_viewed = NOW() WHERE id = '$feed' AND owner_uid = ".$_SESSION["uid"]); } @@ -924,15 +924,15 @@ class Feeds extends Handler_Protected { $reply['headlines']['content'] .= "<p><span class=\"insensitive\">"; - $result = db_query( "SELECT ".SUBSTRING_FOR_DATE."(MAX(last_updated), 1, 19) AS last_updated FROM ttrss_feeds + $result = db_query("SELECT ".SUBSTRING_FOR_DATE."(MAX(last_updated), 1, 19) AS last_updated FROM ttrss_feeds WHERE owner_uid = " . $_SESSION['uid']); $last_updated = db_fetch_result($result, 0, "last_updated"); - $last_updated = make_local_datetime( $last_updated, false); + $last_updated = make_local_datetime($last_updated, false); $reply['headlines']['content'] .= sprintf(__("Feeds last updated at %s"), $last_updated); - $result = db_query( "SELECT COUNT(id) AS num_errors + $result = db_query("SELECT COUNT(id) AS num_errors FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]); $num_errors = db_fetch_result($result, 0, "num_errors"); @@ -952,7 +952,7 @@ class Feeds extends Handler_Protected { return $reply; } - private function generate_error_feed( $error) { + private function generate_error_feed($error) { $reply = array(); $reply['headlines']['id'] = -6; @@ -986,9 +986,9 @@ class Feeds extends Handler_Protected { print "<hr/>"; - if (get_pref( 'ENABLE_FEED_CATS')) { + if (get_pref('ENABLE_FEED_CATS')) { print __('Place in category:') . " "; - print_feed_cat_select( "cat", false, 'dojoType="dijit.form.Select"'); + print_feed_cat_select("cat", false, 'dojoType="dijit.form.Select"'); } print "</div>"; @@ -1044,7 +1044,7 @@ class Feeds extends Handler_Protected { function feedBrowser() { if (defined('_DISABLE_FEED_BROWSER') && _DISABLE_FEED_BROWSER) return; - $browser_search = db_escape_string( $_REQUEST["search"]); + $browser_search = db_escape_string($_REQUEST["search"]); print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"rpc\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"updateFeedBrowser\">"; @@ -1081,7 +1081,7 @@ class Feeds extends Handler_Protected { require_once "feedbrowser.php"; print "<ul class='browseFeedList' id='browseFeedList'>"; - print make_feed_browser( $search, 25); + print make_feed_browser($search, 25); print "</ul>"; print "<div align='center'> @@ -1092,7 +1092,7 @@ class Feeds extends Handler_Protected { } function search() { - $this->params = explode(":", db_escape_string( $_REQUEST["param"]), 2); + $this->params = explode(":", db_escape_string($_REQUEST["param"]), 2); $active_feed_id = sprintf("%d", $this->params[0]); $is_cat = $this->params[1] != "false"; @@ -1110,12 +1110,12 @@ class Feeds extends Handler_Protected { print "<select name=\"search_mode\" dojoType=\"dijit.form.Select\"> <option value=\"all_feeds\">".__('All feeds')."</option>"; - $feed_title = getFeedTitle( $active_feed_id); + $feed_title = getFeedTitle($active_feed_id); if (!$is_cat) { - $feed_cat_title = getFeedCatTitle( $active_feed_id); + $feed_cat_title = getFeedCatTitle($active_feed_id); } else { - $feed_cat_title = getCategoryTitle( $active_feed_id); + $feed_cat_title = getCategoryTitle($active_feed_id); } if ($active_feed_id && !$is_cat) { @@ -1128,7 +1128,7 @@ class Feeds extends Handler_Protected { $cat_preselected = "selected=\"1\""; } - if (get_pref( 'ENABLE_FEED_CATS') && ($active_feed_id > 0 || $is_cat)) { + if (get_pref('ENABLE_FEED_CATS') && ($active_feed_id > 0 || $is_cat)) { print "<option $cat_preselected value=\"this_cat\">$feed_cat_title</option>"; } else { //print "<option disabled>".__('This category')."</option>"; diff --git a/classes/handler/public.php b/classes/handler/public.php index 1e96bef00..5af416adc 100644 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -21,7 +21,7 @@ class Handler_Public extends Handler { else if ($feed == -1) $date_sort_field = "last_marked DESC"; - $qfh_ret = queryFeedHeadlines( $feed, + $qfh_ret = queryFeedHeadlines($feed, 1, $view_mode, $is_cat, $search, $search_mode, $date_sort_field, $offset, $owner_uid, false, 0, false, true); @@ -41,7 +41,7 @@ class Handler_Public extends Handler { header("Last-Modified: $last_modified", true); } - $qfh_ret = queryFeedHeadlines( $feed, + $qfh_ret = queryFeedHeadlines($feed, $limit, $view_mode, $is_cat, $search, $search_mode, $date_sort_field, $offset, $owner_uid, false, 0, false, true); @@ -54,7 +54,7 @@ class Handler_Public extends Handler { $feed_self_url = get_self_url_prefix() . "/public.php?op=rss&id=-2&key=" . - get_feed_access_key( -2, false, $owner_uid); + get_feed_access_key(-2, false, $owner_uid); if (!$feed_site_url) $feed_site_url = get_self_url_prefix(); @@ -82,7 +82,7 @@ class Handler_Public extends Handler { $tpl->setVariable('ARTICLE_EXCERPT', truncate_string(strip_tags($line["content_preview"]), 100, '...'), true); - $content = sanitize( $line["content_preview"], false, $owner_uid); + $content = sanitize($line["content_preview"], false, $owner_uid); if ($line['note']) { $content = "<div style=\"$note_style\">Article note: " . $line['note'] . "</div>" . @@ -99,14 +99,14 @@ class Handler_Public extends Handler { $tpl->setVariable('ARTICLE_AUTHOR', htmlspecialchars($line['author']), true); - $tags = get_article_tags( $line["id"], $owner_uid); + $tags = get_article_tags($line["id"], $owner_uid); foreach ($tags as $tag) { $tpl->setVariable('ARTICLE_CATEGORY', htmlspecialchars($tag), true); $tpl->addBlock('category'); } - $enclosures = get_article_enclosures( $line["id"]); + $enclosures = get_article_enclosures($line["id"]); foreach ($enclosures as $e) { $type = htmlspecialchars($e['content_type']); @@ -158,13 +158,13 @@ class Handler_Public extends Handler { $article['link'] = $line['link']; $article['title'] = $line['title']; $article['excerpt'] = truncate_string(strip_tags($line["content_preview"]), 100, '...'); - $article['content'] = sanitize( $line["content_preview"], false, $owner_uid); + $article['content'] = sanitize($line["content_preview"], false, $owner_uid); $article['updated'] = date('c', strtotime($line["updated"])); if ($line['note']) $article['note'] = $line['note']; if ($article['author']) $article['author'] = $line['author']; - $tags = get_article_tags( $line["id"], $owner_uid); + $tags = get_article_tags($line["id"], $owner_uid); if (count($tags) > 0) { $article['tags'] = array(); @@ -174,7 +174,7 @@ class Handler_Public extends Handler { } } - $enclosures = get_article_enclosures( $line["id"]); + $enclosures = get_article_enclosures($line["id"]); if (count($enclosures) > 0) { $article['enclosures'] = array(); @@ -201,19 +201,19 @@ class Handler_Public extends Handler { } function getUnread() { - $login = db_escape_string( $_REQUEST["login"]); + $login = db_escape_string($_REQUEST["login"]); $fresh = $_REQUEST["fresh"] == "1"; - $result = db_query( "SELECT id FROM ttrss_users WHERE login = '$login'"); + $result = db_query("SELECT id FROM ttrss_users WHERE login = '$login'"); if (db_num_rows($result) == 1) { $uid = db_fetch_result($result, 0, "id"); - print getGlobalUnread( $uid); + print getGlobalUnread($uid); if ($fresh) { print ";"; - print getFeedArticles( -3, false, true, $uid); + print getFeedArticles(-3, false, true, $uid); } } else { @@ -223,9 +223,9 @@ class Handler_Public extends Handler { } function getProfiles() { - $login = db_escape_string( $_REQUEST["login"]); + $login = db_escape_string($_REQUEST["login"]); - $result = db_query( "SELECT * FROM ttrss_settings_profiles,ttrss_users + $result = db_query("SELECT * FROM ttrss_settings_profiles,ttrss_users WHERE ttrss_users.id = ttrss_settings_profiles.owner_uid AND login = '$login' ORDER BY title"); print "<select dojoType='dijit.form.Select' style='width : 220px; margin : 0px' name='profile'>"; @@ -243,9 +243,9 @@ class Handler_Public extends Handler { } function pubsub() { - $mode = db_escape_string( $_REQUEST['hub_mode']); - $feed_id = (int) db_escape_string( $_REQUEST['id']); - $feed_url = db_escape_string( $_REQUEST['hub_topic']); + $mode = db_escape_string($_REQUEST['hub_mode']); + $feed_id = (int) db_escape_string($_REQUEST['id']); + $feed_url = db_escape_string($_REQUEST['hub_topic']); if (!PUBSUBHUBBUB_ENABLED) { header('HTTP/1.0 404 Not Found'); @@ -255,7 +255,7 @@ class Handler_Public extends Handler { // TODO: implement hub_verifytoken checking - $result = db_query( "SELECT feed_url FROM ttrss_feeds + $result = db_query("SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'"); if (db_num_rows($result) != 0) { @@ -265,7 +265,7 @@ class Handler_Public extends Handler { if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) { if ($mode == "subscribe") { - db_query( "UPDATE ttrss_feeds SET pubsub_state = 2 + db_query("UPDATE ttrss_feeds SET pubsub_state = 2 WHERE id = '$feed_id'"); print $_REQUEST['hub_challenge']; @@ -273,7 +273,7 @@ class Handler_Public extends Handler { } else if ($mode == "unsubscribe") { - db_query( "UPDATE ttrss_feeds SET pubsub_state = 0 + db_query("UPDATE ttrss_feeds SET pubsub_state = 0 WHERE id = '$feed_id'"); print $_REQUEST['hub_challenge']; @@ -282,9 +282,9 @@ class Handler_Public extends Handler { } else if (!$mode) { // Received update ping, schedule feed update. - //update_rss_feed( $feed_id, true, true); + //update_rss_feed($feed_id, true, true); - db_query( "UPDATE ttrss_feeds SET + db_query("UPDATE ttrss_feeds SET last_update_started = '1970-01-01', last_updated = '1970-01-01' WHERE id = '$feed_id'"); @@ -306,9 +306,9 @@ class Handler_Public extends Handler { } function share() { - $uuid = db_escape_string( $_REQUEST["key"]); + $uuid = db_escape_string($_REQUEST["key"]); - $result = db_query( "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE + $result = db_query("SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE uuid = '$uuid'"); if (db_num_rows($result) != 0) { @@ -317,7 +317,7 @@ class Handler_Public extends Handler { $id = db_fetch_result($result, 0, "ref_id"); $owner_uid = db_fetch_result($result, 0, "owner_uid"); - $article = format_article( $id, false, true, $owner_uid); + $article = format_article($id, false, true, $owner_uid); print_r($article['content']); @@ -328,28 +328,28 @@ class Handler_Public extends Handler { } function rss() { - $feed = db_escape_string( $_REQUEST["id"]); - $key = db_escape_string( $_REQUEST["key"]); + $feed = db_escape_string($_REQUEST["id"]); + $key = db_escape_string($_REQUEST["key"]); $is_cat = $_REQUEST["is_cat"] != false; - $limit = (int)db_escape_string( $_REQUEST["limit"]); - $offset = (int)db_escape_string( $_REQUEST["offset"]); + $limit = (int)db_escape_string($_REQUEST["limit"]); + $offset = (int)db_escape_string($_REQUEST["offset"]); - $search = db_escape_string( $_REQUEST["q"]); - $search_mode = db_escape_string( $_REQUEST["smode"]); - $view_mode = db_escape_string( $_REQUEST["view-mode"]); + $search = db_escape_string($_REQUEST["q"]); + $search_mode = db_escape_string($_REQUEST["smode"]); + $view_mode = db_escape_string($_REQUEST["view-mode"]); - $format = db_escape_string( $_REQUEST['format']); + $format = db_escape_string($_REQUEST['format']); if (!$format) $format = 'atom'; if (SINGLE_USER_MODE) { - authenticate_user( "admin", null); + authenticate_user("admin", null); } $owner_id = false; if ($key) { - $result = db_query( "SELECT owner_uid FROM + $result = db_query("SELECT owner_uid FROM ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'"); if (db_num_rows($result) == 1) @@ -367,7 +367,7 @@ class Handler_Public extends Handler { function globalUpdateFeeds() { include "rssfuncs.php"; // Update all feeds needing a update. - update_daemon_common( 0, true, false); + update_daemon_common(0, true, false); // Update feedbrowser update_feedbrowser_cache(); @@ -375,7 +375,7 @@ class Handler_Public extends Handler { // Purge orphans and cleanup tags purge_orphans(); - cleanup_tags( 14, 50000); + cleanup_tags(14, 50000); global $pluginhost; $pluginhost->run_hooks($pluginhost::HOOK_UPDATE_TASK, "hook_update_task", $op); @@ -402,12 +402,12 @@ class Handler_Public extends Handler { if ($action == 'share') { - $title = db_escape_string( strip_tags($_REQUEST["title"])); - $url = db_escape_string( strip_tags($_REQUEST["url"])); - $content = db_escape_string( strip_tags($_REQUEST["content"])); - $labels = db_escape_string( strip_tags($_REQUEST["labels"])); + $title = db_escape_string(strip_tags($_REQUEST["title"])); + $url = db_escape_string(strip_tags($_REQUEST["url"])); + $content = db_escape_string(strip_tags($_REQUEST["content"])); + $labels = db_escape_string(strip_tags($_REQUEST["labels"])); - Article::create_published_article( $title, $url, $content, $labels, + Article::create_published_article($title, $url, $content, $labels, $_SESSION["uid"]); print "<script type='text/javascript'>"; @@ -513,7 +513,7 @@ class Handler_Public extends Handler { if (!SINGLE_USER_MODE) { - $login = db_escape_string( $_POST["login"]); + $login = db_escape_string($_POST["login"]); $password = $_POST["password"]; $remember_me = $_POST["remember_me"]; @@ -525,18 +525,18 @@ class Handler_Public extends Handler { @session_start(); - if (authenticate_user( $login, $password)) { + if (authenticate_user($login, $password)) { $_POST["password"] = ""; $_SESSION["language"] = $_POST["language"]; - $_SESSION["ref_schema_version"] = get_schema_version( true); + $_SESSION["ref_schema_version"] = get_schema_version(true); $_SESSION["bw_limit"] = !!$_POST["bw_limit"]; if ($_POST["profile"]) { - $profile = db_escape_string( $_POST["profile"]); + $profile = db_escape_string($_POST["profile"]); - $result = db_query( "SELECT id FROM ttrss_settings_profiles + $result = db_query("SELECT id FROM ttrss_settings_profiles WHERE id = '$profile' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) != 0) { @@ -563,7 +563,7 @@ class Handler_Public extends Handler { if ($_SESSION["uid"]) { - $feed_url = db_escape_string( trim($_REQUEST["feed_url"])); + $feed_url = db_escape_string(trim($_REQUEST["feed_url"])); header('Content-Type: text/html; charset=utf-8'); print "<html> @@ -577,7 +577,7 @@ class Handler_Public extends Handler { alt=\"Tiny Tiny RSS\"/> <h1>".__("Subscribe to feed...")."</h1><div class='content'>"; - $rc = subscribe_to_feed( $feed_url); + $rc = subscribe_to_feed($feed_url); switch ($rc['code']) { case 0: @@ -625,7 +625,7 @@ class Handler_Public extends Handler { $tt_uri = get_self_url_prefix(); if ($rc['code'] <= 2){ - $result = db_query( "SELECT id FROM ttrss_feeds WHERE + $result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); $feed_id = db_fetch_result($result, 0, "id"); @@ -656,16 +656,16 @@ class Handler_Public extends Handler { } function subscribe2() { - $feed_url = db_escape_string( trim($_REQUEST["feed_url"])); - $cat_id = db_escape_string( $_REQUEST["cat_id"]); - $from = db_escape_string( $_REQUEST["from"]); + $feed_url = db_escape_string(trim($_REQUEST["feed_url"])); + $cat_id = db_escape_string($_REQUEST["cat_id"]); + $from = db_escape_string($_REQUEST["from"]); /* only read authentication information from POST */ - $auth_login = db_escape_string( trim($_POST["auth_login"])); - $auth_pass = db_escape_string( trim($_POST["auth_pass"])); + $auth_login = db_escape_string(trim($_POST["auth_login"])); + $auth_pass = db_escape_string(trim($_POST["auth_pass"])); - $rc = subscribe_to_feed( $feed_url, $cat_id, $auth_login, $auth_pass); + $rc = subscribe_to_feed($feed_url, $cat_id, $auth_login, $auth_pass); switch ($rc) { case 1: @@ -712,7 +712,7 @@ class Handler_Public extends Handler { $tt_uri = get_self_url_prefix(); if ($rc <= 2){ - $result = db_query( "SELECT id FROM ttrss_feeds WHERE + $result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); $feed_id = db_fetch_result($result, 0, "id"); @@ -788,9 +788,9 @@ class Handler_Public extends Handler { print "</form>"; } else if ($method == 'do') { - $login = db_escape_string( $_POST["login"]); - $email = db_escape_string( $_POST["email"]); - $test = db_escape_string( $_POST["test"]); + $login = db_escape_string($_POST["login"]); + $email = db_escape_string($_POST["email"]); + $test = db_escape_string($_POST["test"]); if (($test != 4 && $test != 'four') || !$email || !$login) { print_error(__('Some of the required form parameters are missing or incorrect.')); @@ -802,13 +802,13 @@ class Handler_Public extends Handler { } else { - $result = db_query( "SELECT id FROM ttrss_users + $result = db_query("SELECT id FROM ttrss_users WHERE login = '$login' AND email = '$email'"); if (db_num_rows($result) != 0) { $id = db_fetch_result($result, 0, "id"); - Pref_Users::resetUserPassword( $id, false); + Pref_Users::resetUserPassword($id, false); print "<p>"; @@ -869,7 +869,7 @@ class Handler_Public extends Handler { <?php @$op = $_REQUEST["subop"]; - $updater = new DbUpdater( DB_TYPE, SCHEMA_VERSION); + $updater = new DbUpdater(DB_TYPE, SCHEMA_VERSION); if ($op == "performupdate") { if ($updater->isUpdateRequired()) { diff --git a/classes/logger/sql.php b/classes/logger/sql.php index 387478c10..888ef67dd 100644 --- a/classes/logger/sql.php +++ b/classes/logger/sql.php @@ -12,7 +12,7 @@ class Logger_SQL { $file = Db::get()->escape_string($file); $line = Db::get()->escape_string($line); $context = ''; // backtrace is a lot of data which is not really critical to store - //$context = db_escape_string( serialize($context)); + //$context = db_escape_string(serialize($context)); $owner_uid = $_SESSION["uid"] ? $_SESSION["uid"] : "NULL"; diff --git a/classes/opml.php b/classes/opml.php index a800880e4..986386378 100644 --- a/classes/opml.php +++ b/classes/opml.php @@ -32,7 +32,7 @@ class Opml extends Handler_Protected { <div class=\"floatingLogo\"><img src=\"images/logo_small.png\"></div> <h1>".__('OPML Utility')."</h1><div class='content'>"; - add_feed_category( "Imported feeds"); + add_feed_category("Imported feeds"); $this->opml_notice(__("Importing OPML...")); $this->opml_import($owner_uid); @@ -66,14 +66,14 @@ class Opml extends Handler_Protected { $out = ""; if ($cat_id) { - $result = db_query( "SELECT title FROM ttrss_feed_categories WHERE id = '$cat_id' + $result = db_query("SELECT title FROM ttrss_feed_categories WHERE id = '$cat_id' AND owner_uid = '$owner_uid'"); $cat_title = htmlspecialchars(db_fetch_result($result, 0, "title")); } if ($cat_title) $out .= "<outline text=\"$cat_title\">\n"; - $result = db_query( "SELECT id,title + $result = db_query("SELECT id,title FROM ttrss_feed_categories WHERE $cat_qpart AND owner_uid = '$owner_uid' ORDER BY order_id, title"); @@ -82,7 +82,7 @@ class Opml extends Handler_Protected { $out .= $this->opml_export_category($owner_uid, $line["id"], $hide_private_feeds); } - $feeds_result = db_query( "select title, feed_url, site_url + $feeds_result = db_query("select title, feed_url, site_url from ttrss_feeds where $feed_cat_qpart AND owner_uid = '$owner_uid' AND $hide_qpart order by order_id, title"); @@ -131,7 +131,7 @@ class Opml extends Handler_Protected { if ($include_settings) { $out .= "<outline text=\"tt-rss-prefs\" schema-version=\"".SCHEMA_VERSION."\">"; - $result = db_query( "SELECT pref_name, value FROM ttrss_user_prefs WHERE + $result = db_query("SELECT pref_name, value FROM ttrss_user_prefs WHERE profile IS NULL AND owner_uid = " . $_SESSION["uid"] . " ORDER BY pref_name"); while ($line = db_fetch_assoc($result)) { @@ -145,7 +145,7 @@ class Opml extends Handler_Protected { $out .= "<outline text=\"tt-rss-labels\" schema-version=\"".SCHEMA_VERSION."\">"; - $result = db_query( "SELECT * FROM ttrss_labels2 WHERE + $result = db_query("SELECT * FROM ttrss_labels2 WHERE owner_uid = " . $_SESSION['uid']); while ($line = db_fetch_assoc($result)) { @@ -161,7 +161,7 @@ class Opml extends Handler_Protected { $out .= "<outline text=\"tt-rss-filters\" schema-version=\"".SCHEMA_VERSION."\">"; - $result = db_query( "SELECT * FROM ttrss_filters2 + $result = db_query("SELECT * FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY id"); while ($line = db_fetch_assoc($result)) { @@ -172,7 +172,7 @@ class Opml extends Handler_Protected { $line["rules"] = array(); $line["actions"] = array(); - $tmp_result = db_query( "SELECT * FROM ttrss_filters2_rules + $tmp_result = db_query("SELECT * FROM ttrss_filters2_rules WHERE filter_id = ".$line["id"]); while ($tmp_line = db_fetch_assoc($tmp_result)) { @@ -197,7 +197,7 @@ class Opml extends Handler_Protected { array_push($line["rules"], $tmp_line); } - $tmp_result = db_query( "SELECT * FROM ttrss_filters2_actions + $tmp_result = db_query("SELECT * FROM ttrss_filters2_actions WHERE filter_id = ".$line["id"]); while ($tmp_line = db_fetch_assoc($tmp_result)) { @@ -253,16 +253,16 @@ class Opml extends Handler_Protected { private function opml_import_feed($doc, $node, $cat_id, $owner_uid) { $attrs = $node->attributes; - $feed_title = db_escape_string( mb_substr($attrs->getNamedItem('text')->nodeValue, 0, 250)); - if (!$feed_title) $feed_title = db_escape_string( mb_substr($attrs->getNamedItem('title')->nodeValue, 0, 250)); + $feed_title = db_escape_string(mb_substr($attrs->getNamedItem('text')->nodeValue, 0, 250)); + if (!$feed_title) $feed_title = db_escape_string(mb_substr($attrs->getNamedItem('title')->nodeValue, 0, 250)); - $feed_url = db_escape_string( mb_substr($attrs->getNamedItem('xmlUrl')->nodeValue, 0, 250)); - if (!$feed_url) $feed_url = db_escape_string( mb_substr($attrs->getNamedItem('xmlURL')->nodeValue, 0, 250)); + $feed_url = db_escape_string(mb_substr($attrs->getNamedItem('xmlUrl')->nodeValue, 0, 250)); + if (!$feed_url) $feed_url = db_escape_string(mb_substr($attrs->getNamedItem('xmlURL')->nodeValue, 0, 250)); - $site_url = db_escape_string( mb_substr($attrs->getNamedItem('htmlUrl')->nodeValue, 0, 250)); + $site_url = db_escape_string(mb_substr($attrs->getNamedItem('htmlUrl')->nodeValue, 0, 250)); if ($feed_url && $feed_title) { - $result = db_query( "SELECT id FROM ttrss_feeds WHERE + $result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = '$owner_uid'"); if (db_num_rows($result) == 0) { @@ -275,7 +275,7 @@ class Opml extends Handler_Protected { (title, feed_url, owner_uid, cat_id, site_url, order_id) VALUES ('$feed_title', '$feed_url', '$owner_uid', $cat_id, '$site_url', 0)"; - db_query( $query); + db_query($query); } else { $this->opml_notice(T_sprintf("Duplicate feed: %s", $feed_title)); @@ -285,15 +285,15 @@ class Opml extends Handler_Protected { private function opml_import_label($doc, $node, $owner_uid) { $attrs = $node->attributes; - $label_name = db_escape_string( $attrs->getNamedItem('label-name')->nodeValue); + $label_name = db_escape_string($attrs->getNamedItem('label-name')->nodeValue); if ($label_name) { - $fg_color = db_escape_string( $attrs->getNamedItem('label-fg-color')->nodeValue); - $bg_color = db_escape_string( $attrs->getNamedItem('label-bg-color')->nodeValue); + $fg_color = db_escape_string($attrs->getNamedItem('label-fg-color')->nodeValue); + $bg_color = db_escape_string($attrs->getNamedItem('label-bg-color')->nodeValue); - if (!label_find_id( $label_name, $_SESSION['uid'])) { + if (!label_find_id($label_name, $_SESSION['uid'])) { $this->opml_notice(T_sprintf("Adding label %s", htmlspecialchars($label_name))); - label_create( $label_name, $fg_color, $bg_color, $owner_uid); + label_create($label_name, $fg_color, $bg_color, $owner_uid); } else { $this->opml_notice(T_sprintf("Duplicate label: %s", htmlspecialchars($label_name))); } @@ -302,22 +302,22 @@ class Opml extends Handler_Protected { private function opml_import_preference($doc, $node, $owner_uid) { $attrs = $node->attributes; - $pref_name = db_escape_string( $attrs->getNamedItem('pref-name')->nodeValue); + $pref_name = db_escape_string($attrs->getNamedItem('pref-name')->nodeValue); if ($pref_name) { - $pref_value = db_escape_string( $attrs->getNamedItem('value')->nodeValue); + $pref_value = db_escape_string($attrs->getNamedItem('value')->nodeValue); $this->opml_notice(T_sprintf("Setting preference key %s to %s", $pref_name, $pref_value)); - set_pref( $pref_name, $pref_value); + set_pref($pref_name, $pref_value); } } private function opml_import_filter($doc, $node, $owner_uid) { $attrs = $node->attributes; - $filter_type = db_escape_string( $attrs->getNamedItem('filter-type')->nodeValue); + $filter_type = db_escape_string($attrs->getNamedItem('filter-type')->nodeValue); if ($filter_type == '2') { $filter = json_decode($node->nodeValue, true); @@ -326,12 +326,12 @@ class Opml extends Handler_Protected { $match_any_rule = bool_to_sql_bool($filter["match_any_rule"]); $enabled = bool_to_sql_bool($filter["enabled"]); - db_query( "BEGIN"); + db_query("BEGIN"); - db_query( "INSERT INTO ttrss_filters2 (match_any_rule,enabled,owner_uid) + db_query("INSERT INTO ttrss_filters2 (match_any_rule,enabled,owner_uid) VALUES ($match_any_rule, $enabled,".$_SESSION["uid"].")"); - $result = db_query( "SELECT MAX(id) AS id FROM ttrss_filters2 WHERE + $result = db_query("SELECT MAX(id) AS id FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"]); $filter_id = db_fetch_result($result, 0, "id"); @@ -343,14 +343,14 @@ class Opml extends Handler_Protected { $cat_id = "NULL"; if (!$rule["cat_filter"]) { - $tmp_result = db_query( "SELECT id FROM ttrss_feeds - WHERE title = '".db_escape_string( $rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); + $tmp_result = db_query("SELECT id FROM ttrss_feeds + WHERE title = '".db_escape_string($rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); if (db_num_rows($tmp_result) > 0) { $feed_id = db_fetch_result($tmp_result, 0, "id"); } } else { - $tmp_result = db_query( "SELECT id FROM ttrss_feed_categories - WHERE title = '".db_escape_string( $rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); + $tmp_result = db_query("SELECT id FROM ttrss_feed_categories + WHERE title = '".db_escape_string($rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); if (db_num_rows($tmp_result) > 0) { $cat_id = db_fetch_result($tmp_result, 0, "id"); @@ -358,24 +358,24 @@ class Opml extends Handler_Protected { } $cat_filter = bool_to_sql_bool($rule["cat_filter"]); - $reg_exp = db_escape_string( $rule["reg_exp"]); + $reg_exp = db_escape_string($rule["reg_exp"]); $filter_type = (int)$rule["filter_type"]; - db_query( "INSERT INTO ttrss_filters2_rules (feed_id,cat_id,filter_id,filter_type,reg_exp,cat_filter) + db_query("INSERT INTO ttrss_filters2_rules (feed_id,cat_id,filter_id,filter_type,reg_exp,cat_filter) VALUES ($feed_id, $cat_id, $filter_id, $filter_type, '$reg_exp', $cat_filter)"); } foreach ($filter["actions"] as $action) { $action_id = (int)$action["action_id"]; - $action_param = db_escape_string( $action["action_param"]); + $action_param = db_escape_string($action["action_param"]); - db_query( "INSERT INTO ttrss_filters2_actions (filter_id,action_id,action_param) + db_query("INSERT INTO ttrss_filters2_actions (filter_id,action_id,action_param) VALUES ($filter_id, $action_id, '$action_param')"); } } - db_query( "COMMIT"); + db_query("COMMIT"); } } } @@ -383,22 +383,22 @@ class Opml extends Handler_Protected { private function opml_import_category($doc, $root_node, $owner_uid, $parent_id) { $body = $doc->getElementsByTagName('body'); - $default_cat_id = (int) get_feed_category( 'Imported feeds', false); + $default_cat_id = (int) get_feed_category('Imported feeds', false); if ($root_node) { - $cat_title = db_escape_string( mb_substr($root_node->attributes->getNamedItem('text')->nodeValue, 0, 250)); + $cat_title = db_escape_string(mb_substr($root_node->attributes->getNamedItem('text')->nodeValue, 0, 250)); if (!$cat_title) - $cat_title = db_escape_string( mb_substr($root_node->attributes->getNamedItem('title')->nodeValue, 0, 250)); + $cat_title = db_escape_string(mb_substr($root_node->attributes->getNamedItem('title')->nodeValue, 0, 250)); if (!in_array($cat_title, array("tt-rss-filters", "tt-rss-labels", "tt-rss-prefs"))) { - $cat_id = get_feed_category( $cat_title, $parent_id); - db_query( "BEGIN"); + $cat_id = get_feed_category($cat_title, $parent_id); + db_query("BEGIN"); if ($cat_id === false) { - add_feed_category( $cat_title, $parent_id); - $cat_id = get_feed_category( $cat_title, $parent_id); + add_feed_category($cat_title, $parent_id); + $cat_id = get_feed_category($cat_title, $parent_id); } - db_query( "COMMIT"); + db_query("COMMIT"); } else { $cat_id = 0; } @@ -418,12 +418,12 @@ class Opml extends Handler_Protected { foreach ($outlines as $node) { if ($node->hasAttributes() && strtolower($node->tagName) == "outline") { $attrs = $node->attributes; - $node_cat_title = db_escape_string( $attrs->getNamedItem('text')->nodeValue); + $node_cat_title = db_escape_string($attrs->getNamedItem('text')->nodeValue); if (!$node_cat_title) - $node_cat_title = db_escape_string( $attrs->getNamedItem('title')->nodeValue); + $node_cat_title = db_escape_string($attrs->getNamedItem('title')->nodeValue); - $node_feed_url = db_escape_string( $attrs->getNamedItem('xmlUrl')->nodeValue); + $node_feed_url = db_escape_string($attrs->getNamedItem('xmlUrl')->nodeValue); if ($node_cat_title && !$node_feed_url) { $this->opml_import_category($doc, $node, $owner_uid, $cat_id); @@ -508,7 +508,7 @@ class Opml extends Handler_Protected { $url_path = get_self_url_prefix(); $url_path .= "/opml.php?op=publish&key=" . - get_feed_access_key( 'OPML:Publish', false, $_SESSION["uid"]); + get_feed_access_key('OPML:Publish', false, $_SESSION["uid"]); return $url_path; } diff --git a/classes/pluginhost.php b/classes/pluginhost.php index 36c3dfbb3..0fbf0422e 100644 --- a/classes/pluginhost.php +++ b/classes/pluginhost.php @@ -222,9 +222,9 @@ class PluginHost { function load_data($force = false) { if ($this->owner_uid && (!$_SESSION["plugin_storage"] || $force)) { - $plugin = db_escape_string( $plugin); + $plugin = db_escape_string($plugin); - $result = db_query( "SELECT name, content FROM ttrss_plugin_storage + $result = db_query("SELECT name, content FROM ttrss_plugin_storage WHERE owner_uid = '".$this->owner_uid."'"); while ($line = db_fetch_assoc($result)) { @@ -237,9 +237,9 @@ class PluginHost { private function save_data($plugin) { if ($this->owner_uid) { - $plugin = db_escape_string( $plugin); + $plugin = db_escape_string($plugin); - db_query( "BEGIN"); + db_query("BEGIN"); $result = db_query("SELECT id FROM ttrss_plugin_storage WHERE owner_uid= '".$this->owner_uid."' AND name = '$plugin'"); @@ -247,19 +247,19 @@ class PluginHost { if (!isset($this->storage[$plugin])) $this->storage[$plugin] = array(); - $content = db_escape_string( serialize($this->storage[$plugin])); + $content = db_escape_string(serialize($this->storage[$plugin])); if (db_num_rows($result) != 0) { - db_query( "UPDATE ttrss_plugin_storage SET content = '$content' + db_query("UPDATE ttrss_plugin_storage SET content = '$content' WHERE owner_uid= '".$this->owner_uid."' AND name = '$plugin'"); } else { - db_query( "INSERT INTO ttrss_plugin_storage + db_query("INSERT INTO ttrss_plugin_storage (name,owner_uid,content) VALUES ('$plugin','".$this->owner_uid."','$content')"); } - db_query( "COMMIT"); + db_query("COMMIT"); } } @@ -298,7 +298,7 @@ class PluginHost { unset($this->storage[$idx]); - db_query( "DELETE FROM ttrss_plugin_storage WHERE name = '$idx' + db_query("DELETE FROM ttrss_plugin_storage WHERE name = '$idx' AND owner_uid = " . $this->owner_uid); $_SESSION["plugin_storage"] = $this->storage; diff --git a/classes/pref/feeds.php b/classes/pref/feeds.php index 27e03f0e2..970b88822 100644 --- a/classes/pref/feeds.php +++ b/classes/pref/feeds.php @@ -15,11 +15,11 @@ class Pref_Feeds extends Handler_Protected { } function renamecat() { - $title = db_escape_string( $_REQUEST['title']); - $id = db_escape_string( $_REQUEST['id']); + $title = db_escape_string($_REQUEST['title']); + $id = db_escape_string($_REQUEST['id']); if ($title) { - db_query( "UPDATE ttrss_feed_categories SET + db_query("UPDATE ttrss_feed_categories SET title = '$title' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } return; @@ -37,11 +37,11 @@ class Pref_Feeds extends Handler_Protected { // first one is set by API $show_empty_cats = $_REQUEST['force_show_empty'] || ($_REQUEST['mode'] != 2 && !$search && - get_pref( '_PREFS_SHOW_EMPTY_CATS')); + get_pref('_PREFS_SHOW_EMPTY_CATS')); $items = array(); - $result = db_query( "SELECT id, title FROM ttrss_feed_categories + $result = db_query("SELECT id, title FROM ttrss_feed_categories WHERE owner_uid = " . $_SESSION["uid"] . " AND parent_cat = '$cat_id' ORDER BY order_id, title"); while ($line = db_fetch_assoc($result)) { @@ -65,7 +65,7 @@ class Pref_Feeds extends Handler_Protected { } - $feed_result = db_query( "SELECT id, title, last_error, + $feed_result = db_query("SELECT id, title, last_error, ".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated FROM ttrss_feeds WHERE cat_id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]. @@ -108,7 +108,7 @@ class Pref_Feeds extends Handler_Protected { $root['items'] = array(); $root['type'] = 'category'; - $enable_cats = get_pref( 'ENABLE_FEED_CATS'); + $enable_cats = get_pref('ENABLE_FEED_CATS'); if ($_REQUEST['mode'] == 2) { @@ -154,12 +154,12 @@ class Pref_Feeds extends Handler_Protected { $root['items'] = array_merge($root['items'], $cat['items']); } - $result = db_query( "SELECT * FROM + $result = db_query("SELECT * FROM ttrss_labels2 WHERE owner_uid = ".$_SESSION['uid']." ORDER by caption"); if (db_num_rows($result) > 0) { - if (get_pref( 'ENABLE_FEED_CATS')) { + if (get_pref('ENABLE_FEED_CATS')) { $cat = $this->feedlist_init_cat(-2); } else { $cat['items'] = array(); @@ -188,9 +188,9 @@ class Pref_Feeds extends Handler_Protected { if ($enable_cats) { $show_empty_cats = $_REQUEST['force_show_empty'] || ($_REQUEST['mode'] != 2 && !$search && - get_pref( '_PREFS_SHOW_EMPTY_CATS')); + get_pref('_PREFS_SHOW_EMPTY_CATS')); - $result = db_query( "SELECT id, title FROM ttrss_feed_categories + $result = db_query("SELECT id, title FROM ttrss_feed_categories WHERE owner_uid = " . $_SESSION["uid"] . " AND parent_cat IS NULL ORDER BY order_id, title"); while ($line = db_fetch_assoc($result)) { @@ -226,7 +226,7 @@ class Pref_Feeds extends Handler_Protected { $cat['unread'] = 0; $cat['child_unread'] = 0; - $feed_result = db_query( "SELECT id, title,last_error, + $feed_result = db_query("SELECT id, title,last_error, ".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated FROM ttrss_feeds WHERE cat_id IS NULL AND owner_uid = ".$_SESSION["uid"]. @@ -257,7 +257,7 @@ class Pref_Feeds extends Handler_Protected { $root['param'] = vsprintf(_ngettext('(%d feed)', '(%d feeds)', count($cat['items'])), count($cat['items'])); } else { - $feed_result = db_query( "SELECT id, title, last_error, + $feed_result = db_query("SELECT id, title, last_error, ".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated FROM ttrss_feeds WHERE owner_uid = ".$_SESSION["uid"]. @@ -296,20 +296,20 @@ class Pref_Feeds extends Handler_Protected { } function catsortreset() { - db_query( "UPDATE ttrss_feed_categories + db_query("UPDATE ttrss_feed_categories SET order_id = 0 WHERE owner_uid = " . $_SESSION["uid"]); return; } function feedsortreset() { - db_query( "UPDATE ttrss_feeds + db_query("UPDATE ttrss_feeds SET order_id = 0 WHERE owner_uid = " . $_SESSION["uid"]); return; } function togglehiddenfeedcats() { - set_pref( '_PREFS_SHOW_EMPTY_CATS', - (get_pref( '_PREFS_SHOW_EMPTY_CATS') ? 'false' : 'true')); + set_pref('_PREFS_SHOW_EMPTY_CATS', + (get_pref('_PREFS_SHOW_EMPTY_CATS') ? 'false' : 'true')); } private function process_category_order(&$data_map, $item_id, $parent_id = false, $nest_level = 0) { @@ -326,12 +326,12 @@ class Pref_Feeds extends Handler_Protected { if ($item_id != 'root') { if ($parent_id && $parent_id != 'root') { $parent_bare_id = substr($parent_id, strpos($parent_id, ':')+1); - $parent_qpart = db_escape_string( $parent_bare_id); + $parent_qpart = db_escape_string($parent_bare_id); } else { $parent_qpart = 'NULL'; } - db_query( "UPDATE ttrss_feed_categories + db_query("UPDATE ttrss_feed_categories SET parent_cat = $parent_qpart WHERE id = '$bare_item_id' AND owner_uid = " . $_SESSION["uid"]); } @@ -352,12 +352,12 @@ class Pref_Feeds extends Handler_Protected { if (strpos($id, "FEED") === 0) { $cat_id = ($item_id != "root") ? - db_escape_string( $bare_item_id) : "NULL"; + db_escape_string($bare_item_id) : "NULL"; $cat_qpart = ($cat_id != 0) ? "cat_id = '$cat_id'" : "cat_id = NULL"; - db_query( "UPDATE ttrss_feeds + db_query("UPDATE ttrss_feeds SET order_id = $order_id, $cat_qpart WHERE id = '$bare_id' AND owner_uid = " . $_SESSION["uid"]); @@ -367,12 +367,12 @@ class Pref_Feeds extends Handler_Protected { $nest_level+1); if ($item_id != 'root') { - $parent_qpart = db_escape_string( $bare_id); + $parent_qpart = db_escape_string($bare_id); } else { $parent_qpart = 'NULL'; } - db_query( "UPDATE ttrss_feed_categories + db_query("UPDATE ttrss_feed_categories SET order_id = '$order_id' WHERE id = '$bare_id' AND owner_uid = " . $_SESSION["uid"]); } @@ -424,7 +424,7 @@ class Pref_Feeds extends Handler_Protected { ++$cat_order_id; if ($bare_id > 0) { - db_query( "UPDATE ttrss_feed_categories + db_query("UPDATE ttrss_feed_categories SET order_id = '$cat_order_id' WHERE id = '$bare_id' AND owner_uid = " . $_SESSION["uid"]); } @@ -441,7 +441,7 @@ class Pref_Feeds extends Handler_Protected { else $cat_query = "cat_id = NULL"; - db_query( "UPDATE ttrss_feeds + db_query("UPDATE ttrss_feeds SET order_id = '$feed_order_id', $cat_query WHERE id = '$feed_id' AND @@ -457,15 +457,15 @@ class Pref_Feeds extends Handler_Protected { } function removeicon() { - $feed_id = db_escape_string( $_REQUEST["feed_id"]); + $feed_id = db_escape_string($_REQUEST["feed_id"]); - $result = db_query( "SELECT id FROM ttrss_feeds + $result = db_query("SELECT id FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = ". $_SESSION["uid"]); if (db_num_rows($result) != 0) { @unlink(ICONS_DIR . "/$feed_id.ico"); - db_query( "UPDATE ttrss_feeds SET favicon_avg_color = NULL + db_query("UPDATE ttrss_feeds SET favicon_avg_color = NULL where id = '$feed_id'"); } @@ -491,12 +491,12 @@ class Pref_Feeds extends Handler_Protected { } $icon_file = $tmp_file; - $feed_id = db_escape_string( $_REQUEST["feed_id"]); + $feed_id = db_escape_string($_REQUEST["feed_id"]); if (is_file($icon_file) && $feed_id) { if (filesize($icon_file) < 20000) { - $result = db_query( "SELECT id FROM ttrss_feeds + $result = db_query("SELECT id FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = ". $_SESSION["uid"]); if (db_num_rows($result) != 0) { @@ -508,7 +508,7 @@ class Pref_Feeds extends Handler_Protected { $favicon_color = db_escape_string( calculate_avg_color(ICONS_DIR . "/$feed_id.ico")); - db_query( "UPDATE ttrss_feeds SET + db_query("UPDATE ttrss_feeds SET favicon_avg_color = '$favicon_color' WHERE id = '$feed_id'"); @@ -536,7 +536,7 @@ class Pref_Feeds extends Handler_Protected { global $purge_intervals; global $update_intervals; - $feed_id = db_escape_string( $_REQUEST["id"]); + $feed_id = db_escape_string($_REQUEST["id"]); $result = db_query( "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND @@ -585,7 +585,7 @@ class Pref_Feeds extends Handler_Protected { /* Category */ - if (get_pref( 'ENABLE_FEED_CATS')) { + if (get_pref('ENABLE_FEED_CATS')) { $cat_id = db_fetch_result($result, 0, "cat_id"); @@ -593,7 +593,7 @@ class Pref_Feeds extends Handler_Protected { print __('Place in category:') . " "; - print_feed_cat_select( "cat_id", $cat_id, + print_feed_cat_select("cat_id", $cat_id, 'dojoType="dijit.form.Select"'); } @@ -782,7 +782,7 @@ class Pref_Feeds extends Handler_Protected { global $purge_intervals; global $update_intervals; - $feed_ids = db_escape_string( $_REQUEST["ids"]); + $feed_ids = db_escape_string($_REQUEST["ids"]); print_notice("Enable the options you wish to apply using checkboxes on the right:"); @@ -816,13 +816,13 @@ class Pref_Feeds extends Handler_Protected { /* Category */ - if (get_pref( 'ENABLE_FEED_CATS')) { + if (get_pref('ENABLE_FEED_CATS')) { print "<br/>"; print __('Place in category:') . " "; - print_feed_cat_select( "cat_id", $cat_id, + print_feed_cat_select("cat_id", $cat_id, 'disabled="1" dojoType="dijit.form.Select"'); $this->batch_edit_cbox("cat_id"); @@ -938,27 +938,27 @@ class Pref_Feeds extends Handler_Protected { function editsaveops($batch) { - $feed_title = db_escape_string( trim($_POST["title"])); - $feed_link = db_escape_string( trim($_POST["feed_url"])); - $upd_intl = (int) db_escape_string( $_POST["update_interval"]); - $purge_intl = (int) db_escape_string( $_POST["purge_interval"]); - $feed_id = (int) db_escape_string( $_POST["id"]); /* editSave */ - $feed_ids = db_escape_string( $_POST["ids"]); /* batchEditSave */ - $cat_id = (int) db_escape_string( $_POST["cat_id"]); - $auth_login = db_escape_string( trim($_POST["auth_login"])); + $feed_title = db_escape_string(trim($_POST["title"])); + $feed_link = db_escape_string(trim($_POST["feed_url"])); + $upd_intl = (int) db_escape_string($_POST["update_interval"]); + $purge_intl = (int) db_escape_string($_POST["purge_interval"]); + $feed_id = (int) db_escape_string($_POST["id"]); /* editSave */ + $feed_ids = db_escape_string($_POST["ids"]); /* batchEditSave */ + $cat_id = (int) db_escape_string($_POST["cat_id"]); + $auth_login = db_escape_string(trim($_POST["auth_login"])); $auth_pass = trim($_POST["auth_pass"]); - $private = checkbox_to_sql_bool(db_escape_string( $_POST["private"])); + $private = checkbox_to_sql_bool(db_escape_string($_POST["private"])); $include_in_digest = checkbox_to_sql_bool( - db_escape_string( $_POST["include_in_digest"])); + db_escape_string($_POST["include_in_digest"])); $cache_images = checkbox_to_sql_bool( - db_escape_string( $_POST["cache_images"])); + db_escape_string($_POST["cache_images"])); $hide_images = checkbox_to_sql_bool( - db_escape_string( $_POST["hide_images"])); + db_escape_string($_POST["hide_images"])); $always_display_enclosures = checkbox_to_sql_bool( - db_escape_string( $_POST["always_display_enclosures"])); + db_escape_string($_POST["always_display_enclosures"])); $mark_unread_on_update = checkbox_to_sql_bool( - db_escape_string( $_POST["mark_unread_on_update"])); + db_escape_string($_POST["mark_unread_on_update"])); if (strlen(FEED_CRYPT_KEY) > 0) { require_once "crypt.php"; @@ -968,9 +968,9 @@ class Pref_Feeds extends Handler_Protected { $auth_pass_encrypted = 'false'; } - $auth_pass = db_escape_string( $auth_pass); + $auth_pass = db_escape_string($auth_pass); - if (get_pref( 'ENABLE_FEED_CATS')) { + if (get_pref('ENABLE_FEED_CATS')) { if ($cat_id && $cat_id != 0) { $category_qpart = "cat_id = '$cat_id',"; $category_qpart_nocomma = "cat_id = '$cat_id'"; @@ -985,7 +985,7 @@ class Pref_Feeds extends Handler_Protected { if (!$batch) { - $result = db_query( "UPDATE ttrss_feeds SET + $result = db_query("UPDATE ttrss_feeds SET $category_qpart title = '$feed_title', feed_url = '$feed_link', update_interval = '$upd_intl', @@ -1010,7 +1010,7 @@ class Pref_Feeds extends Handler_Protected { } } - db_query( "BEGIN"); + db_query("BEGIN"); foreach (array_keys($feed_data) as $k) { @@ -1080,16 +1080,16 @@ class Pref_Feeds extends Handler_Protected { } } - db_query( "COMMIT"); + db_query("COMMIT"); } return; } function resetPubSub() { - $ids = db_escape_string( $_REQUEST["ids"]); + $ids = db_escape_string($_REQUEST["ids"]); - db_query( "UPDATE ttrss_feeds SET pubsub_state = 0 WHERE id IN ($ids) + db_query("UPDATE ttrss_feeds SET pubsub_state = 0 WHERE id IN ($ids) AND owner_uid = " . $_SESSION["uid"]); return; @@ -1097,30 +1097,30 @@ class Pref_Feeds extends Handler_Protected { function remove() { - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - Pref_Feeds::remove_feed( $id, $_SESSION["uid"]); + Pref_Feeds::remove_feed($id, $_SESSION["uid"]); } return; } function clear() { - $id = db_escape_string( $_REQUEST["id"]); - $this->clear_feed_articles( $id); + $id = db_escape_string($_REQUEST["id"]); + $this->clear_feed_articles($id); } function rescore() { require_once "rssfuncs.php"; - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - $filters = load_filters( $id, $_SESSION["uid"], 6); + $filters = load_filters($id, $_SESSION["uid"], 6); - $result = db_query( "SELECT + $result = db_query("SELECT title, content, link, ref_id, author,". SUBSTRING_FOR_DATE."(updated, 1, 19) AS updated FROM @@ -1133,7 +1133,7 @@ class Pref_Feeds extends Handler_Protected { while ($line = db_fetch_assoc($result)) { - $tags = get_article_tags( $line["ref_id"]); + $tags = get_article_tags($line["ref_id"]); $article_filters = get_article_filters($filters, $line['title'], $line['content'], $line['link'], strtotime($line['updated']), @@ -1148,15 +1148,15 @@ class Pref_Feeds extends Handler_Protected { foreach (array_keys($scores) as $s) { if ($s > 1000) { - db_query( "UPDATE ttrss_user_entries SET score = '$s', + db_query("UPDATE ttrss_user_entries SET score = '$s', marked = true WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } else if ($s < -500) { - db_query( "UPDATE ttrss_user_entries SET score = '$s', + db_query("UPDATE ttrss_user_entries SET score = '$s', unread = false WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } else { - db_query( "UPDATE ttrss_user_entries SET score = '$s' WHERE + db_query("UPDATE ttrss_user_entries SET score = '$s' WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } } @@ -1175,9 +1175,9 @@ class Pref_Feeds extends Handler_Protected { $id = $feed_line["id"]; - $filters = load_filters( $id, $_SESSION["uid"], 6); + $filters = load_filters($id, $_SESSION["uid"], 6); - $tmp_result = db_query( "SELECT + $tmp_result = db_query("SELECT title, content, link, ref_id, author,". SUBSTRING_FOR_DATE."(updated, 1, 19) AS updated FROM @@ -1190,7 +1190,7 @@ class Pref_Feeds extends Handler_Protected { while ($line = db_fetch_assoc($tmp_result)) { - $tags = get_article_tags( $line["ref_id"]); + $tags = get_article_tags($line["ref_id"]); $article_filters = get_article_filters($filters, $line['title'], $line['content'], $line['link'], strtotime($line['updated']), @@ -1205,11 +1205,11 @@ class Pref_Feeds extends Handler_Protected { foreach (array_keys($scores) as $s) { if ($s > 1000) { - db_query( "UPDATE ttrss_user_entries SET score = '$s', + db_query("UPDATE ttrss_user_entries SET score = '$s', marked = true WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } else { - db_query( "UPDATE ttrss_user_entries SET score = '$s' WHERE + db_query("UPDATE ttrss_user_entries SET score = '$s' WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } } @@ -1220,9 +1220,9 @@ class Pref_Feeds extends Handler_Protected { } function categorize() { - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); - $cat_id = db_escape_string( $_REQUEST["cat_id"]); + $cat_id = db_escape_string($_REQUEST["cat_id"]); if ($cat_id == 0) { $cat_id_qpart = 'NULL'; @@ -1230,30 +1230,30 @@ class Pref_Feeds extends Handler_Protected { $cat_id_qpart = "'$cat_id'"; } - db_query( "BEGIN"); + db_query("BEGIN"); foreach ($ids as $id) { - db_query( "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart + db_query("UPDATE ttrss_feeds SET cat_id = $cat_id_qpart WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } - db_query( "COMMIT"); + db_query("COMMIT"); } function removeCat() { - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - $this->remove_feed_category( $id, $_SESSION["uid"]); + $this->remove_feed_category($id, $_SESSION["uid"]); } } function addCat() { - $feed_cat = db_escape_string( trim($_REQUEST["cat"])); + $feed_cat = db_escape_string(trim($_REQUEST["cat"])); - add_feed_category( $feed_cat); + add_feed_category($feed_cat); } function index() { @@ -1261,7 +1261,7 @@ class Pref_Feeds extends Handler_Protected { print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">"; print "<div id=\"pref-feeds-feeds\" dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Feeds')."\">"; - $result = db_query( "SELECT COUNT(id) AS num_errors + $result = db_query("SELECT COUNT(id) AS num_errors FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]); $num_errors = db_fetch_result($result, 0, "num_errors"); @@ -1279,7 +1279,7 @@ class Pref_Feeds extends Handler_Protected { $interval_qpart = "DATE_SUB(NOW(), INTERVAL 3 MONTH)"; } - $result = db_query( "SELECT COUNT(*) AS num_inactive FROM ttrss_feeds WHERE + $result = db_query("SELECT COUNT(*) AS num_inactive FROM ttrss_feeds WHERE (SELECT MAX(updated) FROM ttrss_entries, ttrss_user_entries WHERE ttrss_entries.id = ref_id AND ttrss_user_entries.feed_id = ttrss_feeds.id) < $interval_qpart AND @@ -1293,7 +1293,7 @@ class Pref_Feeds extends Handler_Protected { __("Inactive feeds") . "</button>"; } - $feed_search = db_escape_string( $_REQUEST["search"]); + $feed_search = db_escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_feed_search"] = $feed_search; @@ -1336,7 +1336,7 @@ class Pref_Feeds extends Handler_Protected { .__('Unsubscribe')."</div> "; print "</div></div>"; - if (get_pref( 'ENABLE_FEED_CATS')) { + if (get_pref('ENABLE_FEED_CATS')) { print "<div dojoType=\"dijit.form.DropDownButton\">". "<span>" . __('Categories')."</span>"; print "<div dojoType=\"dijit.Menu\" style=\"display: none;\">"; @@ -1522,14 +1522,14 @@ class Pref_Feeds extends Handler_Protected { $cat_id = (int) $cat_id; if ($cat_id > 0) { - $cat_unread = ccache_find( $cat_id, $_SESSION["uid"], true); + $cat_unread = ccache_find($cat_id, $_SESSION["uid"], true); } else if ($cat_id == 0 || $cat_id == -2) { - $cat_unread = getCategoryUnread( $cat_id); + $cat_unread = getCategoryUnread($cat_id); } $obj['id'] = 'CAT:' . $cat_id; $obj['items'] = array(); - $obj['name'] = getCategoryTitle( $cat_id); + $obj['name'] = getCategoryTitle($cat_id); $obj['type'] = 'category'; $obj['unread'] = (int) $cat_unread; $obj['bare_id'] = $cat_id; @@ -1542,10 +1542,10 @@ class Pref_Feeds extends Handler_Protected { $feed_id = (int) $feed_id; if (!$title) - $title = getFeedTitle( $feed_id, false); + $title = getFeedTitle($feed_id, false); if ($unread === false) - $unread = getFeedUnread( $feed_id, false); + $unread = getFeedUnread($feed_id, false); $obj['id'] = 'FEED:' . $feed_id; $obj['name'] = $title; @@ -1567,7 +1567,7 @@ class Pref_Feeds extends Handler_Protected { $interval_qpart = "DATE_SUB(NOW(), INTERVAL 3 MONTH)"; } - $result = db_query( "SELECT ttrss_feeds.title, ttrss_feeds.site_url, + $result = db_query("SELECT ttrss_feeds.title, ttrss_feeds.site_url, ttrss_feeds.feed_url, ttrss_feeds.id, MAX(updated) AS last_article FROM ttrss_feeds, ttrss_entries, ttrss_user_entries WHERE (SELECT MAX(updated) FROM ttrss_entries, ttrss_user_entries WHERE @@ -1621,7 +1621,7 @@ class Pref_Feeds extends Handler_Protected { htmlspecialchars($line["title"])."</a>"; print "</td><td class=\"insensitive\" align='right'>"; - print make_local_datetime( $line['last_article'], false); + print make_local_datetime($line['last_article'], false); print "</td>"; print "</tr>"; @@ -1648,7 +1648,7 @@ class Pref_Feeds extends Handler_Protected { print "<h2>" . __("These feeds have not been updated because of errors:") . "</h2>"; - $result = db_query( "SELECT id,title,feed_url,last_error,site_url + $result = db_query("SELECT id,title,feed_url,last_error,site_url FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]); print "<div dojoType=\"dijit.Toolbar\">"; @@ -1725,50 +1725,50 @@ class Pref_Feeds extends Handler_Protected { private function clear_feed_articles($id) { if ($id != 0) { - $result = db_query( "DELETE FROM ttrss_user_entries + $result = db_query("DELETE FROM ttrss_user_entries WHERE feed_id = '$id' AND marked = false AND owner_uid = " . $_SESSION["uid"]); } else { - $result = db_query( "DELETE FROM ttrss_user_entries + $result = db_query("DELETE FROM ttrss_user_entries WHERE feed_id IS NULL AND marked = false AND owner_uid = " . $_SESSION["uid"]); } - $result = db_query( "DELETE FROM ttrss_entries WHERE + $result = db_query("DELETE FROM ttrss_entries WHERE (SELECT COUNT(int_id) FROM ttrss_user_entries WHERE ref_id = id) = 0"); - ccache_update( $id, $_SESSION['uid']); + ccache_update($id, $_SESSION['uid']); } // function clear_feed_articles - private function remove_feed_category( $id, $owner_uid) { + private function remove_feed_category($id, $owner_uid) { - db_query( "DELETE FROM ttrss_feed_categories + db_query("DELETE FROM ttrss_feed_categories WHERE id = '$id' AND owner_uid = $owner_uid"); - ccache_remove( $id, $owner_uid, true); + ccache_remove($id, $owner_uid, true); } - static function remove_feed( $id, $owner_uid) { + static function remove_feed($id, $owner_uid) { if ($id > 0) { /* save starred articles in Archived feed */ - db_query( "BEGIN"); + db_query("BEGIN"); /* prepare feed if necessary */ - $result = db_query( "SELECT feed_url FROM ttrss_feeds WHERE id = $id + $result = db_query("SELECT feed_url FROM ttrss_feeds WHERE id = $id AND owner_uid = $owner_uid"); - $feed_url = db_escape_string( db_fetch_result($result, 0, "feed_url")); + $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url")); - $result = db_query( "SELECT id FROM ttrss_archived_feeds + $result = db_query("SELECT id FROM ttrss_archived_feeds WHERE feed_url = '$feed_url' AND owner_uid = $owner_uid"); if (db_num_rows($result) == 0) { - $result = db_query( "SELECT MAX(id) AS id FROM ttrss_archived_feeds"); + $result = db_query("SELECT MAX(id) AS id FROM ttrss_archived_feeds"); $new_feed_id = (int)db_fetch_result($result, 0, "id") + 1; - db_query( "INSERT INTO ttrss_archived_feeds + db_query("INSERT INTO ttrss_archived_feeds (id, owner_uid, title, feed_url, site_url) SELECT $new_feed_id, owner_uid, title, feed_url, site_url from ttrss_feeds WHERE id = '$id'"); @@ -1778,31 +1778,31 @@ class Pref_Feeds extends Handler_Protected { $archive_id = db_fetch_result($result, 0, "id"); } - db_query( "UPDATE ttrss_user_entries SET feed_id = NULL, + db_query("UPDATE ttrss_user_entries SET feed_id = NULL, orig_feed_id = '$archive_id' WHERE feed_id = '$id' AND marked = true AND owner_uid = $owner_uid"); /* Remove access key for the feed */ - db_query( "DELETE FROM ttrss_access_keys WHERE + db_query("DELETE FROM ttrss_access_keys WHERE feed_id = '$id' AND owner_uid = $owner_uid"); /* remove the feed */ - db_query( "DELETE FROM ttrss_feeds + db_query("DELETE FROM ttrss_feeds WHERE id = '$id' AND owner_uid = $owner_uid"); - db_query( "COMMIT"); + db_query("COMMIT"); if (file_exists(ICONS_DIR . "/$id.ico")) { unlink(ICONS_DIR . "/$id.ico"); } - ccache_remove( $id, $owner_uid); + ccache_remove($id, $owner_uid); } else { - label_remove( feed_to_label_id($id), $owner_uid); - //ccache_remove( $id, $owner_uid); don't think labels are cached + label_remove(feed_to_label_id($id), $owner_uid); + //ccache_remove($id, $owner_uid); don't think labels are cached } } @@ -1813,9 +1813,9 @@ class Pref_Feeds extends Handler_Protected { print "<table width='100%'><tr><td> ".__("Add one valid RSS feed per line (no feed detection is done)")." </td><td align='right'>"; - if (get_pref( 'ENABLE_FEED_CATS')) { + if (get_pref('ENABLE_FEED_CATS')) { print __('Place in category:') . " "; - print_feed_cat_select( "cat", false, 'dojoType="dijit.form.Select"'); + print_feed_cat_select("cat", false, 'dojoType="dijit.form.Select"'); } print "</td></tr><tr><td colspan='2'>"; print "<textarea @@ -1855,17 +1855,17 @@ class Pref_Feeds extends Handler_Protected { } function batchAddFeeds() { - $cat_id = db_escape_string( $_REQUEST['cat']); + $cat_id = db_escape_string($_REQUEST['cat']); $feeds = explode("\n", $_REQUEST['feeds']); - $login = db_escape_string( $_REQUEST['login']); + $login = db_escape_string($_REQUEST['login']); $pass = trim($_REQUEST['pass']); foreach ($feeds as $feed) { - $feed = db_escape_string( trim($feed)); + $feed = db_escape_string(trim($feed)); if (validate_feed_url($feed)) { - db_query( "BEGIN"); + db_query("BEGIN"); if ($cat_id == "0" || !$cat_id) { $cat_qpart = "NULL"; @@ -1885,7 +1885,7 @@ class Pref_Feeds extends Handler_Protected { $auth_pass_encrypted = 'false'; } - $pass = db_escape_string( $pass); + $pass = db_escape_string($pass); if (db_num_rows($result) == 0) { $result = db_query( @@ -1895,13 +1895,13 @@ class Pref_Feeds extends Handler_Protected { '[Unknown]', $cat_qpart, '$login', '$pass', 0, $auth_pass_encrypted)"); } - db_query( "COMMIT"); + db_query("COMMIT"); } } } function regenOPMLKey() { - $this->update_feed_access_key( 'OPML:Publish', + $this->update_feed_access_key('OPML:Publish', false, $_SESSION["uid"]); $new_link = Opml::opml_publish_url(); @@ -1910,41 +1910,41 @@ class Pref_Feeds extends Handler_Protected { } function regenFeedKey() { - $feed_id = db_escape_string( $_REQUEST['id']); - $is_cat = db_escape_string( $_REQUEST['is_cat']) == "true"; + $feed_id = db_escape_string($_REQUEST['id']); + $is_cat = db_escape_string($_REQUEST['is_cat']) == "true"; - $new_key = $this->update_feed_access_key( $feed_id, $is_cat); + $new_key = $this->update_feed_access_key($feed_id, $is_cat); print json_encode(array("link" => $new_key)); } - private function update_feed_access_key( $feed_id, $is_cat, $owner_uid = false) { + private function update_feed_access_key($feed_id, $is_cat, $owner_uid = false) { if (!$owner_uid) $owner_uid = $_SESSION["uid"]; $sql_is_cat = bool_to_sql_bool($is_cat); - $result = db_query( "SELECT access_key FROM ttrss_access_keys + $result = db_query("SELECT access_key FROM ttrss_access_keys WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat AND owner_uid = " . $owner_uid); if (db_num_rows($result) == 1) { - $key = db_escape_string( sha1(uniqid(rand(), true))); + $key = db_escape_string(sha1(uniqid(rand(), true))); - db_query( "UPDATE ttrss_access_keys SET access_key = '$key' + db_query("UPDATE ttrss_access_keys SET access_key = '$key' WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat AND owner_uid = " . $owner_uid); return $key; } else { - return get_feed_access_key( $feed_id, $is_cat, $owner_uid); + return get_feed_access_key($feed_id, $is_cat, $owner_uid); } } // Silent function clearKeys() { - db_query( "DELETE FROM ttrss_access_keys WHERE + db_query("DELETE FROM ttrss_access_keys WHERE owner_uid = " . $_SESSION["uid"]); } diff --git a/classes/pref/filters.php b/classes/pref/filters.php index 12c2f271c..18a830f4b 100644 --- a/classes/pref/filters.php +++ b/classes/pref/filters.php @@ -9,7 +9,7 @@ class Pref_Filters extends Handler_Protected { } function filtersortreset() { - db_query( "UPDATE ttrss_filters2 + db_query("UPDATE ttrss_filters2 SET order_id = 0 WHERE owner_uid = " . $_SESSION["uid"]); return; } @@ -31,7 +31,7 @@ class Pref_Filters extends Handler_Protected { if ($filter_id > 0) { - db_query( "UPDATE ttrss_filters2 SET + db_query("UPDATE ttrss_filters2 SET order_id = $index WHERE id = '$filter_id' AND owner_uid = " .$_SESSION["uid"]); @@ -49,13 +49,13 @@ class Pref_Filters extends Handler_Protected { $filter["enabled"] = true; $filter["match_any_rule"] = sql_bool_to_bool( - checkbox_to_sql_bool(db_escape_string( $_REQUEST["match_any_rule"]))); + checkbox_to_sql_bool(db_escape_string($_REQUEST["match_any_rule"]))); $filter["inverse"] = sql_bool_to_bool( - checkbox_to_sql_bool(db_escape_string( $_REQUEST["inverse"]))); + checkbox_to_sql_bool(db_escape_string($_REQUEST["inverse"]))); $filter["rules"] = array(); - $result = db_query( "SELECT id,name FROM ttrss_filter_types"); + $result = db_query("SELECT id,name FROM ttrss_filter_types"); $filter_types = array(); while ($line = db_fetch_assoc($result)) { @@ -83,9 +83,9 @@ class Pref_Filters extends Handler_Protected { } } - $feed_title = getFeedTitle( $feed); + $feed_title = getFeedTitle($feed); - $qfh_ret = queryFeedHeadlines( -4, 30, "", false, false, false, + $qfh_ret = queryFeedHeadlines(-4, 30, "", false, false, false, "date_entered DESC", 0, $_SESSION["uid"], $filter); $result = $qfh_ret[0]; @@ -101,7 +101,7 @@ class Pref_Filters extends Handler_Protected { while ($line = db_fetch_assoc($result)) { $entry_timestamp = strtotime($line["updated"]); - $entry_tags = get_article_tags( $line["id"], $_SESSION["uid"]); + $entry_tags = get_article_tags($line["id"], $_SESSION["uid"]); $content_preview = truncate_string( strip_tags($line["content_preview"]), 100, '...'); @@ -158,7 +158,7 @@ class Pref_Filters extends Handler_Protected { $filter_search = $_SESSION["prefs_filter_search"]; - $result = db_query( "SELECT *, + $result = db_query("SELECT *, (SELECT action_param FROM ttrss_filters2_actions WHERE filter_id = ttrss_filters2.id ORDER BY id LIMIT 1) AS action_param, (SELECT action_id FROM ttrss_filters2_actions @@ -206,8 +206,8 @@ class Pref_Filters extends Handler_Protected { } if ($line['action_id'] == 7) { - $label_result = db_query( "SELECT fg_color, bg_color - FROM ttrss_labels2 WHERE caption = '".db_escape_string( $line['action_param'])."' AND + $label_result = db_query("SELECT fg_color, bg_color + FROM ttrss_labels2 WHERE caption = '".db_escape_string($line['action_param'])."' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($label_result) > 0) { @@ -248,7 +248,7 @@ class Pref_Filters extends Handler_Protected { function edit() { - $filter_id = db_escape_string( $_REQUEST["id"]); + $filter_id = db_escape_string($_REQUEST["id"]); $result = db_query( "SELECT * FROM ttrss_filters2 WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); @@ -294,7 +294,7 @@ class Pref_Filters extends Handler_Protected { print "<ul id='filterDlg_Matches'>"; - $rules_result = db_query( "SELECT * FROM ttrss_filters2_rules + $rules_result = db_query("SELECT * FROM ttrss_filters2_rules WHERE filter_id = '$filter_id' ORDER BY reg_exp, id"); while ($line = db_fetch_assoc($rules_result)) { @@ -342,7 +342,7 @@ class Pref_Filters extends Handler_Protected { print "<ul id='filterDlg_Actions'>"; - $actions_result = db_query( "SELECT * FROM ttrss_filters2_actions + $actions_result = db_query("SELECT * FROM ttrss_filters2_actions WHERE filter_id = '$filter_id' ORDER BY id"); while ($line = db_fetch_assoc($actions_result)) { @@ -417,17 +417,17 @@ class Pref_Filters extends Handler_Protected { if (strpos($feed_id, "CAT:") === 0) { $feed_id = (int) substr($feed_id, 4); - $feed = getCategoryTitle( $feed_id); + $feed = getCategoryTitle($feed_id); } else { $feed_id = (int) $feed_id; if ($rule["feed_id"]) - $feed = getFeedTitle( (int)$rule["feed_id"]); + $feed = getFeedTitle((int)$rule["feed_id"]); else $feed = __("All feeds"); } - $result = db_query( "SELECT description FROM ttrss_filter_types + $result = db_query("SELECT description FROM ttrss_filter_types WHERE id = ".(int)$rule["filter_type"]); $filter_type = db_fetch_result($result, 0, "description"); @@ -440,7 +440,7 @@ class Pref_Filters extends Handler_Protected { } private function getActionName($action) { - $result = db_query( "SELECT description FROM + $result = db_query("SELECT description FROM ttrss_filter_actions WHERE id = " .(int)$action["action_id"]); $title = __(db_fetch_result($result, 0, "description")); @@ -463,13 +463,13 @@ class Pref_Filters extends Handler_Protected { # print_r($_REQUEST); - $filter_id = db_escape_string( $_REQUEST["id"]); - $enabled = checkbox_to_sql_bool(db_escape_string( $_REQUEST["enabled"])); - $match_any_rule = checkbox_to_sql_bool(db_escape_string( $_REQUEST["match_any_rule"])); - $inverse = checkbox_to_sql_bool(db_escape_string( $_REQUEST["inverse"])); - $title = db_escape_string( $_REQUEST["title"]); + $filter_id = db_escape_string($_REQUEST["id"]); + $enabled = checkbox_to_sql_bool(db_escape_string($_REQUEST["enabled"])); + $match_any_rule = checkbox_to_sql_bool(db_escape_string($_REQUEST["match_any_rule"])); + $inverse = checkbox_to_sql_bool(db_escape_string($_REQUEST["inverse"])); + $title = db_escape_string($_REQUEST["title"]); - $result = db_query( "UPDATE ttrss_filters2 SET enabled = $enabled, + $result = db_query("UPDATE ttrss_filters2 SET enabled = $enabled, match_any_rule = $match_any_rule, inverse = $inverse, title = '$title' @@ -482,17 +482,17 @@ class Pref_Filters extends Handler_Protected { function remove() { - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - db_query( "DELETE FROM ttrss_filters2 WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); + db_query("DELETE FROM ttrss_filters2 WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); } } private function saveRulesAndActions($filter_id) { - db_query( "DELETE FROM ttrss_filters2_rules WHERE filter_id = '$filter_id'"); - db_query( "DELETE FROM ttrss_filters2_actions WHERE filter_id = '$filter_id'"); + db_query("DELETE FROM ttrss_filters2_rules WHERE filter_id = '$filter_id'"); + db_query("DELETE FROM ttrss_filters2_actions WHERE filter_id = '$filter_id'"); if ($filter_id) { /* create rules */ @@ -521,11 +521,11 @@ class Pref_Filters extends Handler_Protected { foreach ($rules as $rule) { if ($rule) { - $reg_exp = strip_tags(db_escape_string( trim($rule["reg_exp"]))); + $reg_exp = strip_tags(db_escape_string(trim($rule["reg_exp"]))); $inverse = isset($rule["inverse"]) ? "true" : "false"; - $filter_type = (int) db_escape_string( trim($rule["filter_type"])); - $feed_id = db_escape_string( trim($rule["feed_id"])); + $filter_type = (int) db_escape_string(trim($rule["filter_type"])); + $feed_id = db_escape_string(trim($rule["feed_id"])); if (strpos($feed_id, "CAT:") === 0) { @@ -546,16 +546,16 @@ class Pref_Filters extends Handler_Protected { (filter_id, reg_exp,filter_type,feed_id,cat_id,cat_filter,inverse) VALUES ('$filter_id', '$reg_exp', '$filter_type', $feed_id, $cat_id, $cat_filter, $inverse)"; - db_query( $query); + db_query($query); } } foreach ($actions as $action) { if ($action) { - $action_id = (int) db_escape_string( $action["action_id"]); - $action_param = db_escape_string( $action["action_param"]); - $action_param_label = db_escape_string( $action["action_param_label"]); + $action_id = (int) db_escape_string($action["action_id"]); + $action_param = db_escape_string($action["action_param"]); + $action_param_label = db_escape_string($action["action_param_label"]); if ($action_id == 7) { $action_param = $action_param_label; @@ -569,7 +569,7 @@ class Pref_Filters extends Handler_Protected { (filter_id, action_id, action_param) VALUES ('$filter_id', '$action_id', '$action_param')"; - db_query( $query); + db_query($query); } } } @@ -586,35 +586,35 @@ class Pref_Filters extends Handler_Protected { $enabled = checkbox_to_sql_bool($_REQUEST["enabled"]); $match_any_rule = checkbox_to_sql_bool($_REQUEST["match_any_rule"]); - $title = db_escape_string( $_REQUEST["title"]); + $title = db_escape_string($_REQUEST["title"]); - db_query( "BEGIN"); + db_query("BEGIN"); /* create base filter */ - $result = db_query( "INSERT INTO ttrss_filters2 + $result = db_query("INSERT INTO ttrss_filters2 (owner_uid, match_any_rule, enabled, title) VALUES (".$_SESSION["uid"].",$match_any_rule,$enabled, '$title')"); - $result = db_query( "SELECT MAX(id) AS id FROM ttrss_filters2 + $result = db_query("SELECT MAX(id) AS id FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"]); $filter_id = db_fetch_result($result, 0, "id"); $this->saveRulesAndActions($filter_id); - db_query( "COMMIT"); + db_query("COMMIT"); } function index() { - $sort = db_escape_string( $_REQUEST["sort"]); + $sort = db_escape_string($_REQUEST["sort"]); if (!$sort || $sort == "undefined") { $sort = "reg_exp"; } - $filter_search = db_escape_string( $_REQUEST["search"]); + $filter_search = db_escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_filter_search"] = $filter_search; @@ -626,7 +626,7 @@ class Pref_Filters extends Handler_Protected { print "<div id=\"pref-filter-header\" dojoType=\"dijit.layout.ContentPane\" region=\"top\">"; print "<div id=\"pref-filter-toolbar\" dojoType=\"dijit.Toolbar\">"; - $filter_search = db_escape_string( $_REQUEST["search"]); + $filter_search = db_escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_filter_search"] = $filter_search; @@ -832,7 +832,7 @@ class Pref_Filters extends Handler_Protected { print "<form name='filter_new_rule_form' id='filter_new_rule_form'>"; - $result = db_query( "SELECT id,description + $result = db_query("SELECT id,description FROM ttrss_filter_types WHERE id != 5 ORDER BY description"); $filter_types = array(); @@ -864,7 +864,7 @@ class Pref_Filters extends Handler_Protected { print __("in") . " "; print "<span id='filterDlg_feeds'>"; - print_feed_select( "feed_id", + print_feed_select("feed_id", $cat_filter ? "CAT:$feed_id" : $feed_id, 'dojoType="dijit.form.FilteringSelect"'); print "</span>"; @@ -888,7 +888,7 @@ class Pref_Filters extends Handler_Protected { $action = json_decode($_REQUEST["action"], true); if ($action) { - $action_param = db_escape_string( $action["action_param"]); + $action_param = db_escape_string($action["action_param"]); $action_id = (int)$action["action_id"]; } else { $action_param = ""; @@ -904,7 +904,7 @@ class Pref_Filters extends Handler_Protected { print "<select name=\"action_id\" dojoType=\"dijit.form.Select\" onchange=\"filterDlgCheckAction(this)\">"; - $result = db_query( "SELECT id,description FROM ttrss_filter_actions + $result = db_query("SELECT id,description FROM ttrss_filter_actions ORDER BY name"); while ($line = db_fetch_assoc($result)) { @@ -928,7 +928,7 @@ class Pref_Filters extends Handler_Protected { id=\"filterDlg_actionParam\" style=\"$param_hidden\" name=\"action_param\" value=\"$action_param\">"; - print_label_select( "action_param_label", $action_param, + print_label_select("action_param_label", $action_param, "id=\"filterDlg_actionParamLabel\" style=\"$label_param_hidden\" dojoType=\"dijit.form.Select\""); @@ -987,22 +987,22 @@ class Pref_Filters extends Handler_Protected { } function join() { - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); if (count($ids) > 1) { $base_id = array_shift($ids); $ids_str = join(",", $ids); - db_query( "BEGIN"); - db_query( "UPDATE ttrss_filters2_rules + db_query("BEGIN"); + db_query("UPDATE ttrss_filters2_rules SET filter_id = '$base_id' WHERE filter_id IN ($ids_str)"); - db_query( "UPDATE ttrss_filters2_actions + db_query("UPDATE ttrss_filters2_actions SET filter_id = '$base_id' WHERE filter_id IN ($ids_str)"); - db_query( "DELETE FROM ttrss_filters2 WHERE id IN ($ids_str)"); - db_query( "UPDATE ttrss_filters2 SET match_any_rule = true WHERE id = '$base_id'"); + db_query("DELETE FROM ttrss_filters2 WHERE id IN ($ids_str)"); + db_query("UPDATE ttrss_filters2 SET match_any_rule = true WHERE id = '$base_id'"); - db_query( "COMMIT"); + db_query("COMMIT"); $this->optimizeFilter($base_id); @@ -1010,8 +1010,8 @@ class Pref_Filters extends Handler_Protected { } private function optimizeFilter($id) { - db_query( "BEGIN"); - $result = db_query( "SELECT * FROM ttrss_filters2_actions + db_query("BEGIN"); + $result = db_query("SELECT * FROM ttrss_filters2_actions WHERE filter_id = '$id'"); $tmp = array(); @@ -1030,11 +1030,11 @@ class Pref_Filters extends Handler_Protected { if (count($dupe_ids) > 0) { $ids_str = join(",", $dupe_ids); - db_query( "DELETE FROM ttrss_filters2_actions + db_query("DELETE FROM ttrss_filters2_actions WHERE id IN ($ids_str)"); } - $result = db_query( "SELECT * FROM ttrss_filters2_rules + $result = db_query("SELECT * FROM ttrss_filters2_rules WHERE filter_id = '$id'"); $tmp = array(); @@ -1053,11 +1053,11 @@ class Pref_Filters extends Handler_Protected { if (count($dupe_ids) > 0) { $ids_str = join(",", $dupe_ids); - db_query( "DELETE FROM ttrss_filters2_rules + db_query("DELETE FROM ttrss_filters2_rules WHERE id IN ($ids_str)"); } - db_query( "COMMIT"); + db_query("COMMIT"); } } ?> diff --git a/classes/pref/labels.php b/classes/pref/labels.php index e0b118e81..38056ed6c 100644 --- a/classes/pref/labels.php +++ b/classes/pref/labels.php @@ -8,9 +8,9 @@ class Pref_Labels extends Handler_Protected { } function edit() { - $label_id = db_escape_string( $_REQUEST['id']); + $label_id = db_escape_string($_REQUEST['id']); - $result = db_query( "SELECT * FROM ttrss_labels2 WHERE + $result = db_query("SELECT * FROM ttrss_labels2 WHERE id = '$label_id' AND owner_uid = " . $_SESSION["uid"]); $line = db_fetch_assoc($result); @@ -90,7 +90,7 @@ class Pref_Labels extends Handler_Protected { $root['name'] = __('Labels'); $root['items'] = array(); - $result = db_query( "SELECT * + $result = db_query("SELECT * FROM ttrss_labels2 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY caption"); @@ -118,29 +118,29 @@ class Pref_Labels extends Handler_Protected { } function colorset() { - $kind = db_escape_string( $_REQUEST["kind"]); - $ids = explode(',', db_escape_string( $_REQUEST["ids"])); - $color = db_escape_string( $_REQUEST["color"]); - $fg = db_escape_string( $_REQUEST["fg"]); - $bg = db_escape_string( $_REQUEST["bg"]); + $kind = db_escape_string($_REQUEST["kind"]); + $ids = explode(',', db_escape_string($_REQUEST["ids"])); + $color = db_escape_string($_REQUEST["color"]); + $fg = db_escape_string($_REQUEST["fg"]); + $bg = db_escape_string($_REQUEST["bg"]); foreach ($ids as $id) { if ($kind == "fg" || $kind == "bg") { - db_query( "UPDATE ttrss_labels2 SET + db_query("UPDATE ttrss_labels2 SET ${kind}_color = '$color' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } else { - db_query( "UPDATE ttrss_labels2 SET + db_query("UPDATE ttrss_labels2 SET fg_color = '$fg', bg_color = '$bg' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } - $caption = db_escape_string( label_find_caption($id, $_SESSION["uid"])); + $caption = db_escape_string(label_find_caption($id, $_SESSION["uid"])); /* Remove cached data */ - db_query( "UPDATE ttrss_user_entries SET label_cache = '' + db_query("UPDATE ttrss_user_entries SET label_cache = '' WHERE label_cache LIKE '%$caption%' AND owner_uid = " . $_SESSION["uid"]); } @@ -149,18 +149,18 @@ class Pref_Labels extends Handler_Protected { } function colorreset() { - $ids = explode(',', db_escape_string( $_REQUEST["ids"])); + $ids = explode(',', db_escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - db_query( "UPDATE ttrss_labels2 SET + db_query("UPDATE ttrss_labels2 SET fg_color = '', bg_color = '' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); - $caption = db_escape_string( label_find_caption($id, $_SESSION["uid"])); + $caption = db_escape_string(label_find_caption($id, $_SESSION["uid"])); /* Remove cached data */ - db_query( "UPDATE ttrss_user_entries SET label_cache = '' + db_query("UPDATE ttrss_user_entries SET label_cache = '' WHERE label_cache LIKE '%$caption%' AND owner_uid = " . $_SESSION["uid"]); } @@ -168,31 +168,31 @@ class Pref_Labels extends Handler_Protected { function save() { - $id = db_escape_string( $_REQUEST["id"]); - $caption = db_escape_string( trim($_REQUEST["caption"])); + $id = db_escape_string($_REQUEST["id"]); + $caption = db_escape_string(trim($_REQUEST["caption"])); - db_query( "BEGIN"); + db_query("BEGIN"); - $result = db_query( "SELECT caption FROM ttrss_labels2 + $result = db_query("SELECT caption FROM ttrss_labels2 WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); if (db_num_rows($result) != 0) { $old_caption = db_fetch_result($result, 0, "caption"); - $result = db_query( "SELECT id FROM ttrss_labels2 + $result = db_query("SELECT id FROM ttrss_labels2 WHERE caption = '$caption' AND owner_uid = ". $_SESSION["uid"]); if (db_num_rows($result) == 0) { if ($caption) { - $result = db_query( "UPDATE ttrss_labels2 SET + $result = db_query("UPDATE ttrss_labels2 SET caption = '$caption' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); /* Update filters that reference label being renamed */ - $old_caption = db_escape_string( $old_caption); + $old_caption = db_escape_string($old_caption); - db_query( "UPDATE ttrss_filters2_actions SET + db_query("UPDATE ttrss_filters2_actions SET action_param = '$caption' WHERE action_param = '$old_caption' AND action_id = 7 AND filter_id IN (SELECT id FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"].")"); @@ -206,28 +206,28 @@ class Pref_Labels extends Handler_Protected { } } - db_query( "COMMIT"); + db_query("COMMIT"); return; } function remove() { - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - label_remove( $id, $_SESSION["uid"]); + label_remove($id, $_SESSION["uid"]); } } function add() { - $caption = db_escape_string( $_REQUEST["caption"]); - $output = db_escape_string( $_REQUEST["output"]); + $caption = db_escape_string($_REQUEST["caption"]); + $output = db_escape_string($_REQUEST["output"]); if ($caption) { - if (label_create( $caption)) { + if (label_create($caption)) { if (!$output) { print T_sprintf("Created label <b>%s</b>", htmlspecialchars($caption)); } @@ -238,7 +238,7 @@ class Pref_Labels extends Handler_Protected { print "<rpc-reply><payload>"; - print_label_select( "select_label", + print_label_select("select_label", $caption, ""); print "</payload></rpc-reply>"; @@ -250,13 +250,13 @@ class Pref_Labels extends Handler_Protected { function index() { - $sort = db_escape_string( $_REQUEST["sort"]); + $sort = db_escape_string($_REQUEST["sort"]); if (!$sort || $sort == "undefined") { $sort = "caption"; } - $label_search = db_escape_string( $_REQUEST["search"]); + $label_search = db_escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_label_search"] = $label_search; diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index 514f0a2e3..8e8abb5eb 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -103,13 +103,13 @@ class Pref_Prefs extends Handler_Protected { foreach (array_keys($_POST) as $pref_name) { - $pref_name = db_escape_string( $pref_name); - $value = db_escape_string( $_POST[$pref_name]); + $pref_name = db_escape_string($pref_name); + $value = db_escape_string($_POST[$pref_name]); if ($pref_name == 'DIGEST_PREFERRED_TIME') { - if (get_pref( 'DIGEST_PREFERRED_TIME') != $value) { + if (get_pref('DIGEST_PREFERRED_TIME') != $value) { - db_query( "UPDATE ttrss_users SET + db_query("UPDATE ttrss_users SET last_digest_sent = NULL WHERE id = " . $_SESSION['uid']); } @@ -124,7 +124,7 @@ class Pref_Prefs extends Handler_Protected { $need_reload = true; } } else { - set_pref( $pref_name, $value); + set_pref($pref_name, $value); } } @@ -138,9 +138,9 @@ class Pref_Prefs extends Handler_Protected { function getHelp() { - $pref_name = db_escape_string( $_REQUEST["pn"]); + $pref_name = db_escape_string($_REQUEST["pn"]); - $result = db_query( "SELECT help_text FROM ttrss_prefs + $result = db_query("SELECT help_text FROM ttrss_prefs WHERE pref_name = '$pref_name'"); if (db_num_rows($result) > 0) { @@ -153,12 +153,12 @@ class Pref_Prefs extends Handler_Protected { function changeemail() { - $email = db_escape_string( $_POST["email"]); - $full_name = db_escape_string( $_POST["full_name"]); + $email = db_escape_string($_POST["email"]); + $full_name = db_escape_string($_POST["full_name"]); $active_uid = $_SESSION["uid"]; - db_query( "UPDATE ttrss_users SET email = '$email', + db_query("UPDATE ttrss_users SET email = '$email', full_name = '$full_name' WHERE id = '$active_uid'"); print __("Your personal data has been saved."); @@ -176,10 +176,10 @@ class Pref_Prefs extends Handler_Protected { $profile_qpart = "profile IS NULL"; } - db_query( "DELETE FROM ttrss_user_prefs + db_query("DELETE FROM ttrss_user_prefs WHERE $profile_qpart AND owner_uid = ".$_SESSION["uid"]); - initialize_user_prefs( $_SESSION["uid"], $_SESSION["profile"]); + initialize_user_prefs($_SESSION["uid"], $_SESSION["profile"]); echo __("Your preferences are now set to default values."); } @@ -225,7 +225,7 @@ class Pref_Prefs extends Handler_Protected { print "<h2>" . __("Personal data") . "</h2>"; - $result = db_query( "SELECT email,full_name,otp_enabled, + $result = db_query("SELECT email,full_name,otp_enabled, access_level FROM ttrss_users WHERE id = ".$_SESSION["uid"]); @@ -270,7 +270,7 @@ class Pref_Prefs extends Handler_Protected { print "<h2>" . __("Password") . "</h2>"; - $result = db_query( "SELECT id FROM ttrss_users + $result = db_query("SELECT id FROM ttrss_users WHERE id = ".$_SESSION["uid"]." AND pwd_hash = 'SHA1:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8'"); @@ -480,10 +480,10 @@ class Pref_Prefs extends Handler_Protected { } if ($_SESSION["profile"]) { - initialize_user_prefs( $_SESSION["uid"], $_SESSION["profile"]); + initialize_user_prefs($_SESSION["uid"], $_SESSION["profile"]); $profile_qpart = "profile = '" . $_SESSION["profile"] . "'"; } else { - initialize_user_prefs( $_SESSION["uid"]); + initialize_user_prefs($_SESSION["uid"]); $profile_qpart = "profile IS NULL"; } @@ -494,7 +494,7 @@ class Pref_Prefs extends Handler_Protected { $access_query = 'true'; - $result = db_query( "SELECT DISTINCT + $result = db_query("SELECT DISTINCT ttrss_user_prefs.pref_name,value,type_name, ttrss_prefs_sections.order_id, def_value,section_id @@ -767,7 +767,7 @@ class Pref_Prefs extends Handler_Protected { <td width='10%'>".__('Author')."</td></tr>"; $system_enabled = array_map("trim", explode(",", PLUGINS)); - $user_enabled = array_map("trim", explode(",", get_pref( "_ENABLED_PLUGINS"))); + $user_enabled = array_map("trim", explode(",", get_pref("_ENABLED_PLUGINS"))); $tmppluginhost = new PluginHost(Db::get()); $tmppluginhost->load_all($tmppluginhost::KIND_ALL, $_SESSION["uid"]); @@ -897,7 +897,7 @@ class Pref_Prefs extends Handler_Protected { require_once "lib/otphp/lib/totp.php"; require_once "lib/phpqrcode/phpqrcode.php"; - $result = db_query( "SELECT login,salt,otp_enabled + $result = db_query("SELECT login,salt,otp_enabled FROM ttrss_users WHERE id = ".$_SESSION["uid"]); @@ -926,7 +926,7 @@ class Pref_Prefs extends Handler_Protected { if ($authenticator->check_password($_SESSION["uid"], $password)) { - $result = db_query( "SELECT salt + $result = db_query("SELECT salt FROM ttrss_users WHERE id = ".$_SESSION["uid"]); @@ -938,7 +938,7 @@ class Pref_Prefs extends Handler_Protected { $otp_check = $topt->now(); if ($otp == $otp_check) { - db_query( "UPDATE ttrss_users SET otp_enabled = true WHERE + db_query("UPDATE ttrss_users SET otp_enabled = true WHERE id = " . $_SESSION["uid"]); print "OK"; @@ -952,14 +952,14 @@ class Pref_Prefs extends Handler_Protected { } function otpdisable() { - $password = db_escape_string( $_REQUEST["password"]); + $password = db_escape_string($_REQUEST["password"]); global $pluginhost; $authenticator = $pluginhost->get_plugin($_SESSION["auth_module"]); if ($authenticator->check_password($_SESSION["uid"], $password)) { - db_query( "UPDATE ttrss_users SET otp_enabled = false WHERE + db_query("UPDATE ttrss_users SET otp_enabled = false WHERE id = " . $_SESSION["uid"]); print "OK"; @@ -975,18 +975,18 @@ class Pref_Prefs extends Handler_Protected { else $plugins = ""; - set_pref( "_ENABLED_PLUGINS", $plugins); + set_pref("_ENABLED_PLUGINS", $plugins); } function clearplugindata() { - $name = db_escape_string( $_REQUEST["name"]); + $name = db_escape_string($_REQUEST["name"]); global $pluginhost; $pluginhost->clear_data($pluginhost->get_plugin($name)); } function customizeCSS() { - $value = get_pref( "USER_STYLESHEET"); + $value = get_pref("USER_STYLESHEET"); $value = str_replace("<br/>", "\n", $value); @@ -1034,7 +1034,7 @@ class Pref_Prefs extends Handler_Protected { print "</div>"; - $result = db_query( "SELECT title,id FROM ttrss_settings_profiles + $result = db_query("SELECT title,id FROM ttrss_settings_profiles WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title"); print "<div class=\"prefProfileHolder\">"; diff --git a/classes/pref/system.php b/classes/pref/system.php index 0282b2d73..6d44fd2ea 100644 --- a/classes/pref/system.php +++ b/classes/pref/system.php @@ -24,7 +24,7 @@ class Pref_System extends Handler_Protected { print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">"; print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Error Log')."\">"; - $result = db_query( "SELECT errno, errstr, filename, lineno, + $result = db_query("SELECT errno, errstr, filename, lineno, created_at, login FROM ttrss_error_log LEFT JOIN ttrss_users ON (owner_uid = ttrss_users.id) ORDER BY ttrss_error_log.id DESC diff --git a/classes/pref/users.php b/classes/pref/users.php index a9c3689fd..7541625fd 100644 --- a/classes/pref/users.php +++ b/classes/pref/users.php @@ -21,7 +21,7 @@ class Pref_Users extends Handler_Protected { $uid = sprintf("%d", $_REQUEST["id"]); - $result = db_query( "SELECT login, + $result = db_query("SELECT login, ".SUBSTRING_FOR_DATE."(last_login,1,16) AS last_login, access_level, (SELECT COUNT(int_id) FROM ttrss_user_entries @@ -53,7 +53,7 @@ class Pref_Users extends Handler_Protected { print "<tr><td>".__('Registered')."</td><td>$created</td></tr>"; print "<tr><td>".__('Last logged in')."</td><td>$last_login</td></tr>"; - $result = db_query( "SELECT COUNT(id) as num_feeds FROM ttrss_feeds + $result = db_query("SELECT COUNT(id) as num_feeds FROM ttrss_feeds WHERE owner_uid = '$uid'"); $num_feeds = db_fetch_result($result, 0, "num_feeds"); @@ -64,7 +64,7 @@ class Pref_Users extends Handler_Protected { print "<h1>".__('Subscribed feeds')."</h1>"; - $result = db_query( "SELECT id,title,site_url FROM ttrss_feeds + $result = db_query("SELECT id,title,site_url FROM ttrss_feeds WHERE owner_uid = '$uid' ORDER BY title"); print "<ul class=\"userFeedList\">"; @@ -105,14 +105,14 @@ class Pref_Users extends Handler_Protected { function edit() { global $access_level_names; - $id = db_escape_string( $_REQUEST["id"]); + $id = db_escape_string($_REQUEST["id"]); print "<form id=\"user_edit_form\" onsubmit='return false'>"; print "<input type=\"hidden\" name=\"id\" value=\"$id\">"; print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">"; print "<input type=\"hidden\" name=\"method\" value=\"editSave\">"; - $result = db_query( "SELECT * FROM ttrss_users WHERE id = '$id'"); + $result = db_query("SELECT * FROM ttrss_users WHERE id = '$id'"); $login = db_fetch_result($result, 0, "login"); $access_level = db_fetch_result($result, 0, "access_level"); @@ -181,10 +181,10 @@ class Pref_Users extends Handler_Protected { } function editSave() { - $login = db_escape_string( trim($_REQUEST["login"])); - $uid = db_escape_string( $_REQUEST["id"]); + $login = db_escape_string(trim($_REQUEST["login"])); + $uid = db_escape_string($_REQUEST["id"]); $access_level = (int) $_REQUEST["access_level"]; - $email = db_escape_string( trim($_REQUEST["email"])); + $email = db_escape_string(trim($_REQUEST["email"])); $password = $_REQUEST["password"]; if ($password) { @@ -195,42 +195,42 @@ class Pref_Users extends Handler_Protected { $pass_query_part = ""; } - db_query( "UPDATE ttrss_users SET $pass_query_part login = '$login', + db_query("UPDATE ttrss_users SET $pass_query_part login = '$login', access_level = '$access_level', email = '$email', otp_enabled = false WHERE id = '$uid'"); } function remove() { - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); foreach ($ids as $id) { if ($id != $_SESSION["uid"] && $id != 1) { - db_query( "DELETE FROM ttrss_tags WHERE owner_uid = '$id'"); - db_query( "DELETE FROM ttrss_feeds WHERE owner_uid = '$id'"); - db_query( "DELETE FROM ttrss_users WHERE id = '$id'"); + db_query("DELETE FROM ttrss_tags WHERE owner_uid = '$id'"); + db_query("DELETE FROM ttrss_feeds WHERE owner_uid = '$id'"); + db_query("DELETE FROM ttrss_users WHERE id = '$id'"); } } } function add() { - $login = db_escape_string( trim($_REQUEST["login"])); + $login = db_escape_string(trim($_REQUEST["login"])); $tmp_user_pwd = make_password(8); $salt = substr(bin2hex(get_random_bytes(125)), 0, 250); $pwd_hash = encrypt_password($tmp_user_pwd, $salt, true); - $result = db_query( "SELECT id FROM ttrss_users WHERE + $result = db_query("SELECT id FROM ttrss_users WHERE login = '$login'"); if (db_num_rows($result) == 0) { - db_query( "INSERT INTO ttrss_users + db_query("INSERT INTO ttrss_users (login,pwd_hash,access_level,last_login,created, salt) VALUES ('$login', '$pwd_hash', 0, null, NOW(), '$salt')"); - $result = db_query( "SELECT id FROM ttrss_users WHERE + $result = db_query("SELECT id FROM ttrss_users WHERE login = '$login' AND pwd_hash = '$pwd_hash'"); if (db_num_rows($result) == 1) { @@ -240,7 +240,7 @@ class Pref_Users extends Handler_Protected { print format_notice(T_sprintf("Added user <b>%s</b> with password <b>%s</b>", $login, $tmp_user_pwd)); - initialize_user( $new_uid); + initialize_user($new_uid); } else { @@ -304,8 +304,8 @@ class Pref_Users extends Handler_Protected { } function resetPass() { - $uid = db_escape_string( $_REQUEST["id"]); - Pref_Users::resetUserPassword( $uid, true); + $uid = db_escape_string($_REQUEST["id"]); + Pref_Users::resetUserPassword($uid, true); } function index() { @@ -317,7 +317,7 @@ class Pref_Users extends Handler_Protected { print "<div id=\"pref-user-toolbar\" dojoType=\"dijit.Toolbar\">"; - $user_search = db_escape_string( $_REQUEST["search"]); + $user_search = db_escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_user_search"] = $user_search; @@ -332,7 +332,7 @@ class Pref_Users extends Handler_Protected { __('Search')."</button> </div>"; - $sort = db_escape_string( $_REQUEST["sort"]); + $sort = db_escape_string($_REQUEST["sort"]); if (!$sort || $sort == "undefined") { $sort = "login"; @@ -381,7 +381,7 @@ class Pref_Users extends Handler_Protected { $user_search_query = ""; } - $result = db_query( "SELECT + $result = db_query("SELECT id,login,access_level,email, ".SUBSTRING_FOR_DATE."(last_login,1,16) as last_login, ".SUBSTRING_FOR_DATE."(created,1,16) as created @@ -416,8 +416,8 @@ class Pref_Users extends Handler_Protected { $line["login"] = htmlspecialchars($line["login"]); - $line["created"] = make_local_datetime( $line["created"], false); - $line["last_login"] = make_local_datetime( $line["last_login"], false); + $line["created"] = make_local_datetime($line["created"], false); + $line["last_login"] = make_local_datetime($line["last_login"], false); print "<td align='center'><input onclick='toggleSelectRow2(this);' dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" diff --git a/classes/rpc.php b/classes/rpc.php index c46d61d30..3b753f118 100644 --- a/classes/rpc.php +++ b/classes/rpc.php @@ -8,18 +8,18 @@ class RPC extends Handler_Protected { } function setprofile() { - $id = db_escape_string( $_REQUEST["id"]); + $id = db_escape_string($_REQUEST["id"]); $_SESSION["profile"] = $id; $_SESSION["prefs_cache"] = array(); } function remprofiles() { - $ids = explode(",", db_escape_string( trim($_REQUEST["ids"]))); + $ids = explode(",", db_escape_string(trim($_REQUEST["ids"]))); foreach ($ids as $id) { if ($_SESSION["profile"] != $id) { - db_query( "DELETE FROM ttrss_settings_profiles WHERE id = '$id' AND + db_query("DELETE FROM ttrss_settings_profiles WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } } @@ -27,38 +27,38 @@ class RPC extends Handler_Protected { // Silent function addprofile() { - $title = db_escape_string( trim($_REQUEST["title"])); + $title = db_escape_string(trim($_REQUEST["title"])); if ($title) { - db_query( "BEGIN"); + db_query("BEGIN"); - $result = db_query( "SELECT id FROM ttrss_settings_profiles + $result = db_query("SELECT id FROM ttrss_settings_profiles WHERE title = '$title' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) == 0) { - db_query( "INSERT INTO ttrss_settings_profiles (title, owner_uid) + db_query("INSERT INTO ttrss_settings_profiles (title, owner_uid) VALUES ('$title', ".$_SESSION["uid"] .")"); - $result = db_query( "SELECT id FROM ttrss_settings_profiles WHERE + $result = db_query("SELECT id FROM ttrss_settings_profiles WHERE title = '$title'"); if (db_num_rows($result) != 0) { $profile_id = db_fetch_result($result, 0, "id"); if ($profile_id) { - initialize_user_prefs( $_SESSION["uid"], $profile_id); + initialize_user_prefs($_SESSION["uid"], $profile_id); } } } - db_query( "COMMIT"); + db_query("COMMIT"); } } // Silent function saveprofile() { - $id = db_escape_string( $_REQUEST["id"]); - $title = db_escape_string( trim($_REQUEST["value"])); + $id = db_escape_string($_REQUEST["id"]); + $title = db_escape_string(trim($_REQUEST["value"])); if ($id == 0) { print __("Default profile"); @@ -66,55 +66,55 @@ class RPC extends Handler_Protected { } if ($title) { - db_query( "BEGIN"); + db_query("BEGIN"); - $result = db_query( "SELECT id FROM ttrss_settings_profiles + $result = db_query("SELECT id FROM ttrss_settings_profiles WHERE title = '$title' AND owner_uid =" . $_SESSION["uid"]); if (db_num_rows($result) == 0) { - db_query( "UPDATE ttrss_settings_profiles + db_query("UPDATE ttrss_settings_profiles SET title = '$title' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); print $title; } else { - $result = db_query( "SELECT title FROM ttrss_settings_profiles + $result = db_query("SELECT title FROM ttrss_settings_profiles WHERE id = '$id' AND owner_uid =" . $_SESSION["uid"]); print db_fetch_result($result, 0, "title"); } - db_query( "COMMIT"); + db_query("COMMIT"); } } // Silent function remarchive() { - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - $result = db_query( "DELETE FROM ttrss_archived_feeds WHERE + $result = db_query("DELETE FROM ttrss_archived_feeds WHERE (SELECT COUNT(*) FROM ttrss_user_entries WHERE orig_feed_id = '$id') = 0 AND id = '$id' AND owner_uid = ".$_SESSION["uid"]); - $rc = db_affected_rows( $result); + $rc = db_affected_rows($result); } } function addfeed() { - $feed = db_escape_string( $_REQUEST['feed']); - $cat = db_escape_string( $_REQUEST['cat']); - $login = db_escape_string( $_REQUEST['login']); + $feed = db_escape_string($_REQUEST['feed']); + $cat = db_escape_string($_REQUEST['cat']); + $login = db_escape_string($_REQUEST['login']); $pass = trim($_REQUEST['pass']); // escaped later - $rc = subscribe_to_feed( $feed, $cat, $login, $pass); + $rc = subscribe_to_feed($feed, $cat, $login, $pass); print json_encode(array("result" => $rc)); } function togglepref() { - $key = db_escape_string( $_REQUEST["key"]); - set_pref( $key, !get_pref( $key)); - $value = get_pref( $key); + $key = db_escape_string($_REQUEST["key"]); + set_pref($key, !get_pref($key)); + $value = get_pref($key); print json_encode(array("param" =>$key, "value" => $value)); } @@ -124,14 +124,14 @@ class RPC extends Handler_Protected { $key = $_REQUEST['key']; $value = str_replace("\n", "<br/>", $_REQUEST['value']); - set_pref( $key, $value, $_SESSION['uid'], $key != 'USER_STYLESHEET'); + set_pref($key, $value, $_SESSION['uid'], $key != 'USER_STYLESHEET'); print json_encode(array("param" =>$key, "value" => $value)); } function mark() { $mark = $_REQUEST["mark"]; - $id = db_escape_string( $_REQUEST["id"]); + $id = db_escape_string($_REQUEST["id"]); if ($mark == "1") { $mark = "true"; @@ -139,7 +139,7 @@ class RPC extends Handler_Protected { $mark = "false"; } - $result = db_query( "UPDATE ttrss_user_entries SET marked = $mark, + $result = db_query("UPDATE ttrss_user_entries SET marked = $mark, last_marked = NOW() WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); @@ -147,9 +147,9 @@ class RPC extends Handler_Protected { } function delete() { - $ids = db_escape_string( $_REQUEST["ids"]); + $ids = db_escape_string($_REQUEST["ids"]); - $result = db_query( "DELETE FROM ttrss_user_entries + $result = db_query("DELETE FROM ttrss_user_entries WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]); purge_orphans(); @@ -161,19 +161,19 @@ class RPC extends Handler_Protected { $ids = explode(",", $_REQUEST["ids"]); foreach ($ids as $id) { - $id = db_escape_string( trim($id)); - db_query( "BEGIN"); + $id = db_escape_string(trim($id)); + db_query("BEGIN"); - $result = db_query( "SELECT feed_url,site_url,title FROM ttrss_archived_feeds + $result = db_query("SELECT feed_url,site_url,title FROM ttrss_archived_feeds WHERE id = (SELECT orig_feed_id FROM ttrss_user_entries WHERE ref_id = $id AND owner_uid = ".$_SESSION["uid"].")"); if (db_num_rows($result) != 0) { - $feed_url = db_escape_string( db_fetch_result($result, 0, "feed_url")); - $site_url = db_escape_string( db_fetch_result($result, 0, "site_url")); - $title = db_escape_string( db_fetch_result($result, 0, "title")); + $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url")); + $site_url = db_escape_string(db_fetch_result($result, 0, "site_url")); + $title = db_escape_string(db_fetch_result($result, 0, "title")); - $result = db_query( "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' + $result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " .$_SESSION["uid"]); if (db_num_rows($result) == 0) { @@ -202,32 +202,32 @@ class RPC extends Handler_Protected { } if ($feed_id) { - $result = db_query( "UPDATE ttrss_user_entries + $result = db_query("UPDATE ttrss_user_entries SET feed_id = '$feed_id', orig_feed_id = NULL WHERE ref_id = $id AND owner_uid = " . $_SESSION["uid"]); } } - db_query( "COMMIT"); + db_query("COMMIT"); } print json_encode(array("message" => "UPDATE_COUNTERS")); } function archive() { - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - $this->archive_article( $id, $_SESSION["uid"]); + $this->archive_article($id, $_SESSION["uid"]); } print json_encode(array("message" => "UPDATE_COUNTERS")); } - private function archive_article( $id, $owner_uid) { - db_query( "BEGIN"); + private function archive_article($id, $owner_uid) { + db_query("BEGIN"); - $result = db_query( "SELECT feed_id FROM ttrss_user_entries + $result = db_query("SELECT feed_id FROM ttrss_user_entries WHERE ref_id = '$id' AND owner_uid = $owner_uid"); if (db_num_rows($result) != 0) { @@ -237,29 +237,29 @@ class RPC extends Handler_Protected { $feed_id = (int) db_fetch_result($result, 0, "feed_id"); if ($feed_id) { - $result = db_query( "SELECT id FROM ttrss_archived_feeds + $result = db_query("SELECT id FROM ttrss_archived_feeds WHERE id = '$feed_id'"); if (db_num_rows($result) == 0) { - db_query( "INSERT INTO ttrss_archived_feeds + db_query("INSERT INTO ttrss_archived_feeds (id, owner_uid, title, feed_url, site_url) SELECT id, owner_uid, title, feed_url, site_url from ttrss_feeds WHERE id = '$feed_id'"); } - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET orig_feed_id = feed_id, feed_id = NULL WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); } } - db_query( "COMMIT"); + db_query("COMMIT"); } function publ() { $pub = $_REQUEST["pub"]; - $id = db_escape_string( $_REQUEST["id"]); - $note = trim(strip_tags(db_escape_string( $_REQUEST["note"]))); + $id = db_escape_string($_REQUEST["id"]); + $note = trim(strip_tags(db_escape_string($_REQUEST["note"]))); if ($pub == "1") { $pub = "true"; @@ -267,7 +267,7 @@ class RPC extends Handler_Protected { $pub = "false"; } - $result = db_query( "UPDATE ttrss_user_entries SET + $result = db_query("UPDATE ttrss_user_entries SET published = $pub, last_published = NOW() WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); @@ -276,7 +276,7 @@ class RPC extends Handler_Protected { if (PUBSUBHUBBUB_HUB) { $rss_link = get_self_url_prefix() . "/public.php?op=rss&id=-2&key=" . - get_feed_access_key( -2, false); + get_feed_access_key(-2, false); $p = new Publisher(PUBSUBHUBBUB_HUB); @@ -305,28 +305,28 @@ class RPC extends Handler_Protected { /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */ function catchupSelected() { - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); $cmode = sprintf("%d", $_REQUEST["cmode"]); - catchupArticlesById( $ids, $cmode); + catchupArticlesById($ids, $cmode); print json_encode(array("message" => "UPDATE_COUNTERS", "ids" => $ids)); } function markSelected() { - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); $cmode = sprintf("%d", $_REQUEST["cmode"]); - $this->markArticlesById( $ids, $cmode); + $this->markArticlesById($ids, $cmode); print json_encode(array("message" => "UPDATE_COUNTERS")); } function publishSelected() { - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); $cmode = sprintf("%d", $_REQUEST["cmode"]); - $this->publishArticlesById( $ids, $cmode); + $this->publishArticlesById($ids, $cmode); print json_encode(array("message" => "UPDATE_COUNTERS")); } @@ -349,9 +349,9 @@ class RPC extends Handler_Protected { } function completeLabels() { - $search = db_escape_string( $_REQUEST["search"]); + $search = db_escape_string($_REQUEST["search"]); - $result = db_query( "SELECT DISTINCT caption FROM + $result = db_query("SELECT DISTINCT caption FROM ttrss_labels2 WHERE owner_uid = '".$_SESSION["uid"]."' AND LOWER(caption) LIKE LOWER('$search%') ORDER BY caption @@ -365,29 +365,29 @@ class RPC extends Handler_Protected { } function purge() { - $ids = explode(",", db_escape_string( $_REQUEST["ids"])); + $ids = explode(",", db_escape_string($_REQUEST["ids"])); $days = sprintf("%d", $_REQUEST["days"]); foreach ($ids as $id) { - $result = db_query( "SELECT id FROM ttrss_feeds WHERE + $result = db_query("SELECT id FROM ttrss_feeds WHERE id = '$id' AND owner_uid = ".$_SESSION["uid"]); if (db_num_rows($result) == 1) { - purge_feed( $id, $days); + purge_feed($id, $days); } } } function updateFeedBrowser() { - $search = db_escape_string( $_REQUEST["search"]); - $limit = db_escape_string( $_REQUEST["limit"]); - $mode = (int) db_escape_string( $_REQUEST["mode"]); + $search = db_escape_string($_REQUEST["search"]); + $limit = db_escape_string($_REQUEST["limit"]); + $mode = (int) db_escape_string($_REQUEST["mode"]); require_once "feedbrowser.php"; print json_encode(array("content" => - make_feed_browser( $search, $limit, $mode), + make_feed_browser($search, $limit, $mode), "mode" => $mode)); } @@ -402,14 +402,14 @@ class RPC extends Handler_Protected { if ($mode == 1) { foreach ($payload as $feed) { - $title = db_escape_string( $feed[0]); - $feed_url = db_escape_string( $feed[1]); + $title = db_escape_string($feed[0]); + $feed_url = db_escape_string($feed[1]); - $result = db_query( "SELECT id FROM ttrss_feeds WHERE + $result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) == 0) { - $result = db_query( "INSERT INTO ttrss_feeds + $result = db_query("INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id,site_url) VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL, '')"); @@ -418,19 +418,19 @@ class RPC extends Handler_Protected { } else if ($mode == 2) { // feed archive foreach ($payload as $id) { - $result = db_query( "SELECT * FROM ttrss_archived_feeds + $result = db_query("SELECT * FROM ttrss_archived_feeds WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) != 0) { - $site_url = db_escape_string( db_fetch_result($result, 0, "site_url")); - $feed_url = db_escape_string( db_fetch_result($result, 0, "feed_url")); - $title = db_escape_string( db_fetch_result($result, 0, "title")); + $site_url = db_escape_string(db_fetch_result($result, 0, "site_url")); + $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url")); + $title = db_escape_string(db_fetch_result($result, 0, "title")); - $result = db_query( "SELECT id FROM ttrss_feeds WHERE + $result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) == 0) { - $result = db_query( "INSERT INTO ttrss_feeds + $result = db_query("INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id,site_url) VALUES ('$id','".$_SESSION["uid"]."', '$feed_url', '$title', NULL, '$site_url')"); @@ -441,21 +441,21 @@ class RPC extends Handler_Protected { } function catchupFeed() { - $feed_id = db_escape_string( $_REQUEST['feed_id']); - $is_cat = db_escape_string( $_REQUEST['is_cat']) == "true"; - $mode = db_escape_string( $_REQUEST['mode']); + $feed_id = db_escape_string($_REQUEST['feed_id']); + $is_cat = db_escape_string($_REQUEST['is_cat']) == "true"; + $mode = db_escape_string($_REQUEST['mode']); - catchup_feed( $feed_id, $is_cat, false, false, $mode); + catchup_feed($feed_id, $is_cat, false, false, $mode); print json_encode(array("message" => "UPDATE_COUNTERS")); } function quickAddCat() { - $cat = db_escape_string( $_REQUEST["cat"]); + $cat = db_escape_string($_REQUEST["cat"]); - add_feed_category( $cat); + add_feed_category($cat); - $result = db_query( "SELECT id FROM ttrss_feed_categories WHERE + $result = db_query("SELECT id FROM ttrss_feed_categories WHERE title = '$cat' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) == 1) { @@ -464,12 +464,12 @@ class RPC extends Handler_Protected { $id = 0; } - print_feed_cat_select( "cat_id", $id); + print_feed_cat_select("cat_id", $id); } // Silent function clearArticleKeys() { - db_query( "UPDATE ttrss_user_entries SET uuid = '' WHERE + db_query("UPDATE ttrss_user_entries SET uuid = '' WHERE owner_uid = " . $_SESSION["uid"]); return; @@ -516,7 +516,7 @@ class RPC extends Handler_Protected { $random_qpart = sql_random_function(); // We search for feed needing update. - $result = db_query( "SELECT ttrss_feeds.feed_url,ttrss_feeds.id + $result = db_query("SELECT ttrss_feeds.feed_url,ttrss_feeds.id FROM ttrss_feeds, ttrss_users, ttrss_user_prefs WHERE @@ -539,7 +539,7 @@ class RPC extends Handler_Protected { $feed_id = $line["id"]; if (time() - $tstart < ini_get("max_execution_time") * 0.7) { - update_rss_feed( $feed_id, true); + update_rss_feed($feed_id, true); ++$num_updated; } else { break; @@ -548,7 +548,7 @@ class RPC extends Handler_Protected { // Purge orphans and cleanup tags purge_orphans(); - cleanup_tags( 14, 50000); + cleanup_tags(14, 50000); if ($num_updated > 0) { print json_encode(array("message" => "UPDATE_COUNTERS", @@ -559,7 +559,7 @@ class RPC extends Handler_Protected { } - private function markArticlesById( $ids, $cmode) { + private function markArticlesById($ids, $cmode) { $tmp_ids = array(); @@ -570,21 +570,21 @@ class RPC extends Handler_Protected { $ids_qpart = join(" OR ", $tmp_ids); if ($cmode == 0) { - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET marked = false, last_marked = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } else if ($cmode == 1) { - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET marked = true, last_marked = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } else { - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET marked = NOT marked,last_marked = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } } - private function publishArticlesById( $ids, $cmode) { + private function publishArticlesById($ids, $cmode) { $tmp_ids = array(); @@ -595,15 +595,15 @@ class RPC extends Handler_Protected { $ids_qpart = join(" OR ", $tmp_ids); if ($cmode == 0) { - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET published = false,last_published = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } else if ($cmode == 1) { - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET published = true,last_published = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } else { - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET published = NOT published,last_published = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } @@ -611,7 +611,7 @@ class RPC extends Handler_Protected { if (PUBSUBHUBBUB_HUB) { $rss_link = get_self_url_prefix() . "/public.php?op=rss&id=-2&key=" . - get_feed_access_key( -2, false); + get_feed_access_key(-2, false); $p = new Publisher(PUBSUBHUBBUB_HUB); @@ -620,9 +620,9 @@ class RPC extends Handler_Protected { } function getlinktitlebyid() { - $id = db_escape_string( $_REQUEST['id']); + $id = db_escape_string($_REQUEST['id']); - $result = db_query( "SELECT link, title FROM ttrss_entries, ttrss_user_entries + $result = db_query("SELECT link, title FROM ttrss_entries, ttrss_user_entries WHERE ref_id = '$id' AND ref_id = id AND owner_uid = ". $_SESSION["uid"]); if (db_num_rows($result) != 0) { diff --git a/classes/sessionhandler.php b/classes/sessionhandler.php index 66d8dd86c..5b072343a 100644 --- a/classes/sessionhandler.php +++ b/classes/sessionhandler.php @@ -46,14 +46,14 @@ class SessionHandler implements SessionHandlerInterface { return false; } - $data = $this->db->escape_string( base64_encode($data), false); + $data = $this->db->escape_string(base64_encode($data), false); $expire = time() + max(SESSION_COOKIE_LIFETIME, 86400); $query = "UPDATE ttrss_sessions SET data='$data', expire = '$expire' WHERE id='$id'"; - $this->db->query( $query); + $this->db->query($query); return true; } diff --git a/include/ccache.php b/include/ccache.php index 10e70ffe3..d89b9efe0 100644 --- a/include/ccache.php +++ b/include/ccache.php @@ -1,19 +1,19 @@ <?php - /* function ccache_zero( $feed_id, $owner_uid) { - db_query( "UPDATE ttrss_counters_cache SET + /* function ccache_zero($feed_id, $owner_uid) { + db_query("UPDATE ttrss_counters_cache SET value = 0, updated = NOW() WHERE feed_id = '$feed_id' AND owner_uid = '$owner_uid'"); } */ - function ccache_zero_all( $owner_uid) { - db_query( "UPDATE ttrss_counters_cache SET + function ccache_zero_all($owner_uid) { + db_query("UPDATE ttrss_counters_cache SET value = 0 WHERE owner_uid = '$owner_uid'"); - db_query( "UPDATE ttrss_cat_counters_cache SET + db_query("UPDATE ttrss_cat_counters_cache SET value = 0 WHERE owner_uid = '$owner_uid'"); } - function ccache_remove( $feed_id, $owner_uid, $is_cat = false) { + function ccache_remove($feed_id, $owner_uid, $is_cat = false) { if (!$is_cat) { $table = "ttrss_counters_cache"; @@ -21,39 +21,39 @@ $table = "ttrss_cat_counters_cache"; } - db_query( "DELETE FROM $table WHERE + db_query("DELETE FROM $table WHERE feed_id = '$feed_id' AND owner_uid = '$owner_uid'"); } - function ccache_update_all( $owner_uid) { + function ccache_update_all($owner_uid) { - if (get_pref( 'ENABLE_FEED_CATS', $owner_uid)) { + if (get_pref('ENABLE_FEED_CATS', $owner_uid)) { - $result = db_query( "SELECT feed_id FROM ttrss_cat_counters_cache + $result = db_query("SELECT feed_id FROM ttrss_cat_counters_cache WHERE feed_id > 0 AND owner_uid = '$owner_uid'"); while ($line = db_fetch_assoc($result)) { - ccache_update( $line["feed_id"], $owner_uid, true); + ccache_update($line["feed_id"], $owner_uid, true); } /* We have to manually include category 0 */ - ccache_update( 0, $owner_uid, true); + ccache_update(0, $owner_uid, true); } else { - $result = db_query( "SELECT feed_id FROM ttrss_counters_cache + $result = db_query("SELECT feed_id FROM ttrss_counters_cache WHERE feed_id > 0 AND owner_uid = '$owner_uid'"); while ($line = db_fetch_assoc($result)) { - print ccache_update( $line["feed_id"], $owner_uid); + print ccache_update($line["feed_id"], $owner_uid); } } } - function ccache_find( $feed_id, $owner_uid, $is_cat = false, + function ccache_find($feed_id, $owner_uid, $is_cat = false, $no_update = false) { if (!is_numeric($feed_id)) return; @@ -61,7 +61,7 @@ if (!$is_cat) { $table = "ttrss_counters_cache"; /* if ($feed_id > 0) { - $tmp_result = db_query( "SELECT owner_uid FROM ttrss_feeds + $tmp_result = db_query("SELECT owner_uid FROM ttrss_feeds WHERE id = '$feed_id'"); $owner_uid = db_fetch_result($tmp_result, 0, "owner_uid"); } */ @@ -75,7 +75,7 @@ $date_qpart = "updated > DATE_SUB(NOW(), INTERVAL 15 MINUTE)"; } - $result = db_query( "SELECT value FROM $table + $result = db_query("SELECT value FROM $table WHERE owner_uid = '$owner_uid' AND feed_id = '$feed_id' LIMIT 1"); @@ -85,30 +85,30 @@ if ($no_update) { return -1; } else { - return ccache_update( $feed_id, $owner_uid, $is_cat); + return ccache_update($feed_id, $owner_uid, $is_cat); } } } - function ccache_update( $feed_id, $owner_uid, $is_cat = false, + function ccache_update($feed_id, $owner_uid, $is_cat = false, $update_pcat = true) { if (!is_numeric($feed_id)) return; /* if (!$is_cat && $feed_id > 0) { - $tmp_result = db_query( "SELECT owner_uid FROM ttrss_feeds + $tmp_result = db_query("SELECT owner_uid FROM ttrss_feeds WHERE id = '$feed_id'"); $owner_uid = db_fetch_result($tmp_result, 0, "owner_uid"); } */ - $prev_unread = ccache_find( $feed_id, $owner_uid, $is_cat, true); + $prev_unread = ccache_find($feed_id, $owner_uid, $is_cat, true); /* When updating a label, all we need to do is recalculate feed counters * because labels are not cached */ if ($feed_id < 0) { - ccache_update_all( $owner_uid); + ccache_update_all($owner_uid); return; } @@ -127,14 +127,14 @@ /* Recalculate counters for child feeds */ - $result = db_query( "SELECT id FROM ttrss_feeds + $result = db_query("SELECT id FROM ttrss_feeds WHERE owner_uid = '$owner_uid' AND $cat_qpart"); while ($line = db_fetch_assoc($result)) { - ccache_update( $line["id"], $owner_uid, false, false); + ccache_update($line["id"], $owner_uid, false, false); } - $result = db_query( "SELECT SUM(value) AS sv + $result = db_query("SELECT SUM(value) AS sv FROM ttrss_counters_cache, ttrss_feeds WHERE id = feed_id AND $cat_qpart AND ttrss_feeds.owner_uid = '$owner_uid'"); @@ -142,27 +142,27 @@ $unread = (int) db_fetch_result($result, 0, "sv"); } else { - $unread = (int) getFeedArticles( $feed_id, $is_cat, true, $owner_uid); + $unread = (int) getFeedArticles($feed_id, $is_cat, true, $owner_uid); } - db_query( "BEGIN"); + db_query("BEGIN"); - $result = db_query( "SELECT feed_id FROM $table + $result = db_query("SELECT feed_id FROM $table WHERE owner_uid = '$owner_uid' AND feed_id = '$feed_id' LIMIT 1"); if (db_num_rows($result) == 1) { - db_query( "UPDATE $table SET + db_query("UPDATE $table SET value = '$unread', updated = NOW() WHERE feed_id = '$feed_id' AND owner_uid = '$owner_uid'"); } else { - db_query( "INSERT INTO $table + db_query("INSERT INTO $table (feed_id, value, owner_uid, updated) VALUES ($feed_id, $unread, $owner_uid, NOW())"); } - db_query( "COMMIT"); + db_query("COMMIT"); if ($feed_id > 0 && $prev_unread != $unread) { @@ -172,36 +172,36 @@ if ($update_pcat) { - $result = db_query( "SELECT cat_id FROM ttrss_feeds + $result = db_query("SELECT cat_id FROM ttrss_feeds WHERE owner_uid = '$owner_uid' AND id = '$feed_id'"); $cat_id = (int) db_fetch_result($result, 0, "cat_id"); - ccache_update( $cat_id, $owner_uid, true); + ccache_update($cat_id, $owner_uid, true); } } } else if ($feed_id < 0) { - ccache_update_all( $owner_uid); + ccache_update_all($owner_uid); } return $unread; } - /* function ccache_cleanup( $owner_uid) { + /* function ccache_cleanup($owner_uid) { if (DB_TYPE == "pgsql") { - db_query( "DELETE FROM ttrss_counters_cache AS c1 WHERE + db_query("DELETE FROM ttrss_counters_cache AS c1 WHERE (SELECT count(*) FROM ttrss_counters_cache AS c2 WHERE c1.feed_id = c2.feed_id AND c2.owner_uid = c1.owner_uid) > 1 AND owner_uid = '$owner_uid'"); - db_query( "DELETE FROM ttrss_cat_counters_cache AS c1 WHERE + db_query("DELETE FROM ttrss_cat_counters_cache AS c1 WHERE (SELECT count(*) FROM ttrss_cat_counters_cache AS c2 WHERE c1.feed_id = c2.feed_id AND c2.owner_uid = c1.owner_uid) > 1 AND owner_uid = '$owner_uid'"); } else { - db_query( "DELETE c1 FROM + db_query("DELETE c1 FROM ttrss_counters_cache AS c1, ttrss_counters_cache AS c2 WHERE @@ -209,7 +209,7 @@ c1.owner_uid = c2.owner_uid AND c1.feed_id = c2.feed_id"); - db_query( "DELETE c1 FROM + db_query("DELETE c1 FROM ttrss_cat_counters_cache AS c1, ttrss_cat_counters_cache AS c2 WHERE diff --git a/include/colors.php b/include/colors.php index 1359b9e2d..b20c34c41 100644 --- a/include/colors.php +++ b/include/colors.php @@ -237,13 +237,13 @@ function rgb2hsl($arr) { } else { $s = $del_Max / $var_Max; - $del_R = ( ( ( $max - $var_R ) / 6 ) + ( $del_Max / 2 ) ) / $del_Max; - $del_G = ( ( ( $max - $var_G ) / 6 ) + ( $del_Max / 2 ) ) / $del_Max; - $del_B = ( ( ( $max - $var_B ) / 6 ) + ( $del_Max / 2 ) ) / $del_Max; + $del_R = ((($max - $var_R ) / 6 ) + ($del_Max / 2 ) ) / $del_Max; + $del_G = ((($max - $var_G ) / 6 ) + ($del_Max / 2 ) ) / $del_Max; + $del_B = ((($max - $var_B ) / 6 ) + ($del_Max / 2 ) ) / $del_Max; if ($var_R == $var_Max) $h = $del_B - $del_G; - else if ($var_G == $var_Max) $h = ( 1 / 3 ) + $del_R - $del_B; - else if ($var_B == $var_Max) $h = ( 2 / 3 ) + $del_G - $del_R; + else if ($var_G == $var_Max) $h = (1 / 3 ) + $del_R - $del_B; + else if ($var_B == $var_Max) $h = (2 / 3 ) + $del_G - $del_R; if ($H < 0) $h++; if ($H > 1) $h--; @@ -261,10 +261,10 @@ function hsl2rgb($arr) { $r = $g = $B = $v * 255; } else { $var_H = $h * 6; - $var_i = floor( $var_H ); - $var_1 = $v * ( 1 - $s ); - $var_2 = $v * ( 1 - $s * ( $var_H - $var_i ) ); - $var_3 = $v * ( 1 - $s * (1 - ( $var_H - $var_i ) ) ); + $var_i = floor($var_H ); + $var_1 = $v * (1 - $s ); + $var_2 = $v * (1 - $s * ($var_H - $var_i ) ); + $var_3 = $v * (1 - $s * (1 - ($var_H - $var_i ) ) ); if ($var_i == 0) { $var_R = $v ; $var_G = $var_3 ; $var_B = $var_1 ; } else if ($var_i == 1) { $var_R = $var_2 ; $var_G = $v ; $var_B = $var_1 ; } diff --git a/include/db-prefs.php b/include/db-prefs.php index d786e5349..125f1caaa 100644 --- a/include/db-prefs.php +++ b/include/db-prefs.php @@ -21,7 +21,7 @@ if (get_schema_version() < 63) $profile_qpart = ""; - $result = db_query( "SELECT + $result = db_query("SELECT value,ttrss_prefs_types.type_name as type_name,ttrss_prefs.pref_name AS pref_name FROM ttrss_user_prefs,ttrss_prefs,ttrss_prefs_types @@ -42,9 +42,9 @@ } } - function get_pref( $pref_name, $user_id = false, $die_on_error = false) { + function get_pref($pref_name, $user_id = false, $die_on_error = false) { - $pref_name = db_escape_string( $pref_name); + $pref_name = db_escape_string($pref_name); $prefs_cache = true; $profile = false; @@ -71,7 +71,7 @@ if (get_schema_version() < 63) $profile_qpart = ""; - $result = db_query( "SELECT + $result = db_query("SELECT value,ttrss_prefs_types.type_name as type_name FROM ttrss_user_prefs,ttrss_prefs,ttrss_prefs_types @@ -114,9 +114,9 @@ } } - function set_pref( $pref_name, $value, $user_id = false, $strip_tags = true) { - $pref_name = db_escape_string( $pref_name); - $value = db_escape_string( $value, $strip_tags); + function set_pref($pref_name, $value, $user_id = false, $strip_tags = true) { + $pref_name = db_escape_string($pref_name); + $value = db_escape_string($value, $strip_tags); if (!$user_id) { $user_id = $_SESSION["uid"]; @@ -145,7 +145,7 @@ } if (!$type_name) { - $result = db_query( "SELECT type_name + $result = db_query("SELECT type_name FROM ttrss_prefs,ttrss_prefs_types WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id"); @@ -170,7 +170,7 @@ $value = 'UTC'; } - db_query( "UPDATE ttrss_user_prefs SET + db_query("UPDATE ttrss_user_prefs SET value = '$value' WHERE pref_name = '$pref_name' $profile_qpart AND owner_uid = " . $_SESSION["uid"]); diff --git a/include/db.php b/include/db.php index 72c78474a..55d1d654e 100644 --- a/include/db.php +++ b/include/db.php @@ -1,10 +1,10 @@ <?php -function db_escape_string( $s, $strip_tags = true) { +function db_escape_string($s, $strip_tags = true) { return Db::get()->escape_string($s, $strip_tags); } -function db_query( $query, $die_on_error = true) { +function db_query($query, $die_on_error = true) { return Db::get()->query($query, $die_on_error); } @@ -21,7 +21,7 @@ function db_fetch_result($result, $row, $param) { return Db::get()->fetch_result($result, $row, $param); } -function db_affected_rows( $result) { +function db_affected_rows($result) { return Db::get()->affected_rows($result); } diff --git a/include/digest.php b/include/digest.php index a3f414271..965fd1a79 100644 --- a/include/digest.php +++ b/include/digest.php @@ -6,7 +6,7 @@ * @param integer $limit The maximum number of articles by digest. * @return boolean Return false if digests are not enabled. */ - function send_headlines_digests( $debug = false) { + function send_headlines_digests($debug = false) { require_once 'classes/ttrssmailer.php'; @@ -21,13 +21,13 @@ $interval_query = "last_digest_sent < DATE_SUB(NOW(), INTERVAL 1 DAY)"; } - $result = db_query( "SELECT id,email FROM ttrss_users + $result = db_query("SELECT id,email FROM ttrss_users WHERE email != '' AND (last_digest_sent IS NULL OR $interval_query)"); while ($line = db_fetch_assoc($result)) { - if (get_pref( 'DIGEST_ENABLE', $line['id'], false)) { - $preferred_ts = strtotime(get_pref( 'DIGEST_PREFERRED_TIME', $line['id'], '00:00')); + if (get_pref('DIGEST_ENABLE', $line['id'], false)) { + $preferred_ts = strtotime(get_pref('DIGEST_PREFERRED_TIME', $line['id'], '00:00')); // try to send digests within 2 hours of preferred time if ($preferred_ts && time() >= $preferred_ts && @@ -35,14 +35,14 @@ if ($debug) _debug("Sending digest for UID:" . $line['id'] . " - " . $line["email"]); - $do_catchup = get_pref( 'DIGEST_CATCHUP', $line['id'], false); + $do_catchup = get_pref('DIGEST_CATCHUP', $line['id'], false); global $tz_offset; // reset tz_offset global to prevent tz cache clash between users $tz_offset = -1; - $tuple = prepare_headlines_digest( $line["id"], 1, $limit); + $tuple = prepare_headlines_digest($line["id"], 1, $limit); $digest = $tuple[0]; $headlines_count = $tuple[1]; $affected_ids = $tuple[2]; @@ -60,13 +60,13 @@ if ($rc && $do_catchup) { if ($debug) _debug("Marking affected articles as read..."); - catchupArticlesById( $affected_ids, 0, $line["id"]); + catchupArticlesById($affected_ids, 0, $line["id"]); } } else { if ($debug) _debug("No headlines"); } - db_query( "UPDATE ttrss_users SET last_digest_sent = NOW() + db_query("UPDATE ttrss_users SET last_digest_sent = NOW() WHERE id = " . $line["id"]); } @@ -77,7 +77,7 @@ } - function prepare_headlines_digest( $user_id, $days = 1, $limit = 1000) { + function prepare_headlines_digest($user_id, $days = 1, $limit = 1000) { require_once "lib/MiniTemplator.class.php"; @@ -87,7 +87,7 @@ $tpl->readTemplateFromFile("templates/digest_template_html.txt"); $tpl_t->readTemplateFromFile("templates/digest_template.txt"); - $user_tz_string = get_pref( 'USER_TIMEZONE', $user_id); + $user_tz_string = get_pref('USER_TIMEZONE', $user_id); $local_ts = convert_timestamp(time(), 'UTC', $user_tz_string); $tpl->setVariable('CUR_DATE', date('Y/m/d', $local_ts)); @@ -104,7 +104,7 @@ $interval_query = "ttrss_entries.date_updated > DATE_SUB(NOW(), INTERVAL $days DAY)"; } - $result = db_query( "SELECT ttrss_entries.title, + $result = db_query("SELECT ttrss_entries.title, ttrss_feeds.title AS feed_title, COALESCE(ttrss_feed_categories.title, '".__('Uncategorized')."') AS cat_title, date_updated, @@ -143,7 +143,7 @@ array_push($affected_ids, $line["ref_id"]); - $updated = make_local_datetime( $line['last_updated'], false, + $updated = make_local_datetime($line['last_updated'], false, $user_id); /* if ($line["score"] != 0) { @@ -152,7 +152,7 @@ $line["title"] .= " (".$line['score'].")"; } */ - if (get_pref( 'ENABLE_FEED_CATS', $user_id)) { + if (get_pref('ENABLE_FEED_CATS', $user_id)) { $line['feed_title'] = $line['cat_title'] . " / " . $line['feed_title']; } diff --git a/include/feedbrowser.php b/include/feedbrowser.php index 7bafe68ac..6c245121f 100644 --- a/include/feedbrowser.php +++ b/include/feedbrowser.php @@ -1,5 +1,5 @@ <?php - function make_feed_browser( $search, $limit, $mode = 1) { + function make_feed_browser($search, $limit, $mode = 1) { $owner_uid = $_SESSION["uid"]; $rv = ''; @@ -12,13 +12,13 @@ } if ($mode == 1) { - /* $result = db_query( "SELECT feed_url, subscribers FROM + /* $result = db_query("SELECT feed_url, subscribers FROM ttrss_feedbrowser_cache WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf WHERE tf.feed_url = ttrss_feedbrowser_cache.feed_url AND owner_uid = '$owner_uid') $search_qpart ORDER BY subscribers DESC LIMIT $limit"); */ - $result = db_query( "SELECT feed_url, site_url, title, SUM(subscribers) AS subscribers FROM + $result = db_query("SELECT feed_url, site_url, title, SUM(subscribers) AS subscribers FROM (SELECT feed_url, site_url, title, subscribers FROM ttrss_feedbrowser_cache UNION ALL SELECT feed_url, site_url, title, subscribers FROM ttrss_linked_feeds) AS qqq WHERE @@ -28,7 +28,7 @@ GROUP BY feed_url, site_url, title ORDER BY subscribers DESC LIMIT $limit"); } else if ($mode == 2) { - $result = db_query( "SELECT *, + $result = db_query("SELECT *, (SELECT COUNT(*) FROM ttrss_user_entries WHERE orig_feed_id = ttrss_archived_feeds.id) AS articles_archived FROM diff --git a/include/functions.php b/include/functions.php index 971c61e2f..66d5896d1 100644 --- a/include/functions.php +++ b/include/functions.php @@ -166,9 +166,9 @@ * @access public * @return void */ - function purge_feed( $feed_id, $purge_interval, $debug = false) { + function purge_feed($feed_id, $purge_interval, $debug = false) { - if (!$purge_interval) $purge_interval = feed_purge_interval( $feed_id); + if (!$purge_interval) $purge_interval = feed_purge_interval($feed_id); $rows = -1; @@ -183,7 +183,7 @@ if ($purge_interval == -1 || !$purge_interval) { if ($owner_uid) { - ccache_update( $feed_id, $owner_uid); + ccache_update($feed_id, $owner_uid); } return; } @@ -191,7 +191,7 @@ if (!$owner_uid) return; if (FORCE_ARTICLE_PURGE == 0) { - $purge_unread = get_pref( "PURGE_UNREAD_ARTICLES", + $purge_unread = get_pref("PURGE_UNREAD_ARTICLES", $owner_uid, false); } else { $purge_unread = true; @@ -205,7 +205,7 @@ if (preg_match("/^7\./", $pg_version) || preg_match("/^8\.0/", $pg_version)) { - $result = db_query( "DELETE FROM ttrss_user_entries WHERE + $result = db_query("DELETE FROM ttrss_user_entries WHERE ttrss_entries.id = ref_id AND marked = false AND feed_id = '$feed_id' AND @@ -214,7 +214,7 @@ } else { - $result = db_query( "DELETE FROM ttrss_user_entries + $result = db_query("DELETE FROM ttrss_user_entries USING ttrss_entries WHERE ttrss_entries.id = ref_id AND marked = false AND @@ -227,12 +227,12 @@ } else { -/* $result = db_query( "DELETE FROM ttrss_user_entries WHERE +/* $result = db_query("DELETE FROM ttrss_user_entries WHERE marked = false AND feed_id = '$feed_id' AND (SELECT date_updated FROM ttrss_entries WHERE id = ref_id) < DATE_SUB(NOW(), INTERVAL $purge_interval DAY)"); */ - $result = db_query( "DELETE FROM ttrss_user_entries + $result = db_query("DELETE FROM ttrss_user_entries USING ttrss_user_entries, ttrss_entries WHERE ttrss_entries.id = ref_id AND marked = false AND @@ -244,7 +244,7 @@ } - ccache_update( $feed_id, $owner_uid); + ccache_update($feed_id, $owner_uid); if ($debug) { _debug("Purged feed $feed_id ($purge_interval): deleted $rows articles"); @@ -253,9 +253,9 @@ return $rows; } // function purge_feed - function feed_purge_interval( $feed_id) { + function feed_purge_interval($feed_id) { - $result = db_query( "SELECT purge_interval, owner_uid FROM ttrss_feeds + $result = db_query("SELECT purge_interval, owner_uid FROM ttrss_feeds WHERE id = '$feed_id'"); if (db_num_rows($result) == 1) { @@ -272,20 +272,20 @@ } } - function purge_orphans( $do_output = false) { + function purge_orphans($do_output = false) { // purge orphaned posts in main content table - $result = db_query( "DELETE FROM ttrss_entries WHERE + $result = db_query("DELETE FROM ttrss_entries WHERE (SELECT COUNT(int_id) FROM ttrss_user_entries WHERE ref_id = id) = 0"); if ($do_output) { - $rows = db_affected_rows( $result); + $rows = db_affected_rows($result); _debug("Purged $rows orphaned posts."); } } - function get_feed_update_interval( $feed_id) { - $result = db_query( "SELECT owner_uid, update_interval FROM + function get_feed_update_interval($feed_id) { + $result = db_query("SELECT owner_uid, update_interval FROM ttrss_feeds WHERE id = '$feed_id'"); if (db_num_rows($result) == 1) { @@ -295,7 +295,7 @@ if ($update_interval != 0) { return $update_interval; } else { - return get_pref( 'DEFAULT_UPDATE_INTERVAL', $owner_uid, false); + return get_pref('DEFAULT_UPDATE_INTERVAL', $owner_uid, false); } } else { @@ -552,9 +552,9 @@ } } - function initialize_user_prefs( $uid, $profile = false) { + function initialize_user_prefs($uid, $profile = false) { - $uid = db_escape_string( $uid); + $uid = db_escape_string($uid); if (!$profile) { $profile = "NULL"; @@ -565,11 +565,11 @@ if (get_schema_version() < 63) $profile_qpart = ""; - db_query( "BEGIN"); + db_query("BEGIN"); - $result = db_query( "SELECT pref_name,def_value FROM ttrss_prefs"); + $result = db_query("SELECT pref_name,def_value FROM ttrss_prefs"); - $u_result = db_query( "SELECT pref_name + $u_result = db_query("SELECT pref_name FROM ttrss_user_prefs WHERE owner_uid = '$uid' $profile_qpart"); $active_prefs = array(); @@ -582,16 +582,16 @@ if (array_search($line["pref_name"], $active_prefs) === FALSE) { // print "adding " . $line["pref_name"] . "<br>"; - $line["def_value"] = db_escape_string( $line["def_value"]); - $line["pref_name"] = db_escape_string( $line["pref_name"]); + $line["def_value"] = db_escape_string($line["def_value"]); + $line["pref_name"] = db_escape_string($line["pref_name"]); if (get_schema_version() < 63) { - db_query( "INSERT INTO ttrss_user_prefs + db_query("INSERT INTO ttrss_user_prefs (owner_uid,pref_name,value) VALUES ('$uid', '".$line["pref_name"]."','".$line["def_value"]."')"); } else { - db_query( "INSERT INTO ttrss_user_prefs + db_query("INSERT INTO ttrss_user_prefs (owner_uid,pref_name,value, profile) VALUES ('$uid', '".$line["pref_name"]."','".$line["def_value"]."', $profile)"); } @@ -599,7 +599,7 @@ } } - db_query( "COMMIT"); + db_query("COMMIT"); } @@ -613,7 +613,7 @@ return ""; } - function authenticate_user( $login, $password, $check_only = false) { + function authenticate_user($login, $password, $check_only = false) { if (!SINGLE_USER_MODE) { $user_id = false; @@ -635,14 +635,14 @@ $_SESSION["uid"] = $user_id; $_SESSION["version"] = VERSION; - $result = db_query( "SELECT login,access_level,pwd_hash FROM ttrss_users + $result = db_query("SELECT login,access_level,pwd_hash FROM ttrss_users WHERE id = '$user_id'"); $_SESSION["name"] = db_fetch_result($result, 0, "login"); $_SESSION["access_level"] = db_fetch_result($result, 0, "access_level"); $_SESSION["csrf_token"] = sha1(uniqid(rand(), true)); - db_query( "UPDATE ttrss_users SET last_login = NOW() WHERE id = " . + db_query("UPDATE ttrss_users SET last_login = NOW() WHERE id = " . $_SESSION["uid"]); $_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"]; @@ -651,7 +651,7 @@ $_SESSION["last_version_check"] = time(); - initialize_user_prefs( $_SESSION["uid"]); + initialize_user_prefs($_SESSION["uid"]); return true; } @@ -675,7 +675,7 @@ $_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"]; - initialize_user_prefs( $_SESSION["uid"]); + initialize_user_prefs($_SESSION["uid"]); return true; } @@ -704,13 +704,13 @@ // user preferences are checked on every login, not here - function initialize_user( $uid) { + function initialize_user($uid) { - db_query( "insert into ttrss_feeds (owner_uid,title,feed_url) + db_query("insert into ttrss_feeds (owner_uid,title,feed_url) values ('$uid', 'Tiny Tiny RSS: New Releases', 'http://tt-rss.org/releases.rss')"); - db_query( "insert into ttrss_feeds (owner_uid,title,feed_url) + db_query("insert into ttrss_feeds (owner_uid,title,feed_url) values ('$uid', 'Tiny Tiny RSS: Forum', 'http://tt-rss.org/forum/rss.php')"); } @@ -726,9 +726,9 @@ return $csrf_token == $_SESSION['csrf_token']; } - function load_user_plugins( $owner_uid) { + function load_user_plugins($owner_uid) { if ($owner_uid) { - $plugins = get_pref( "_ENABLED_PLUGINS", $owner_uid); + $plugins = get_pref("_ENABLED_PLUGINS", $owner_uid); global $pluginhost; $pluginhost->load($plugins, $pluginhost::KIND_USER, $owner_uid); @@ -744,18 +744,18 @@ if (SINGLE_USER_MODE) { @session_start(); - authenticate_user( "admin", null); + authenticate_user("admin", null); cache_prefs(); - load_user_plugins( $_SESSION["uid"]); + load_user_plugins($_SESSION["uid"]); } else { if (!validate_session()) $_SESSION["uid"] = false; if (!$_SESSION["uid"]) { - if (AUTH_AUTO_LOGIN && authenticate_user( null, null)) { - $_SESSION["ref_schema_version"] = get_schema_version( true); + if (AUTH_AUTO_LOGIN && authenticate_user(null, null)) { + $_SESSION["ref_schema_version"] = get_schema_version(true); } else { - authenticate_user( null, null, true); + authenticate_user(null, null, true); } if (!$_SESSION["uid"]) { @@ -768,7 +768,7 @@ } else { /* bump login timestamp */ - db_query( "UPDATE ttrss_users SET last_login = NOW() WHERE id = " . + db_query("UPDATE ttrss_users SET last_login = NOW() WHERE id = " . $_SESSION["uid"]); $_SESSION["last_login_update"] = time(); } @@ -780,16 +780,16 @@ if ($_SESSION["uid"]) { cache_prefs(); - load_user_plugins( $_SESSION["uid"]); + load_user_plugins($_SESSION["uid"]); /* cleanup ccache */ - db_query( "DELETE FROM ttrss_counters_cache WHERE owner_uid = ". + db_query("DELETE FROM ttrss_counters_cache WHERE owner_uid = ". $_SESSION["uid"] . " AND (SELECT COUNT(id) FROM ttrss_feeds WHERE ttrss_feeds.id = feed_id) = 0"); - db_query( "DELETE FROM ttrss_cat_counters_cache WHERE owner_uid = ". + db_query("DELETE FROM ttrss_cat_counters_cache WHERE owner_uid = ". $_SESSION["uid"] . " AND (SELECT COUNT(id) FROM ttrss_feed_categories WHERE ttrss_feed_categories.id = feed_id) = 0"); @@ -825,7 +825,7 @@ return $dt->format('U') + $dest_tz->getOffset($dt); } - function make_local_datetime( $timestamp, $long, $owner_uid = false, + function make_local_datetime($timestamp, $long, $owner_uid = false, $no_smart_dt = false) { if (!$owner_uid) $owner_uid = $_SESSION['uid']; @@ -839,7 +839,7 @@ if ($tz_offset == -1) { - $user_tz_string = get_pref( 'USER_TIMEZONE', $owner_uid); + $user_tz_string = get_pref('USER_TIMEZONE', $owner_uid); try { $user_tz = new DateTimeZone($user_tz_string); @@ -853,28 +853,28 @@ $user_timestamp = $dt->format('U') + $tz_offset; if (!$no_smart_dt) { - return smart_date_time( $user_timestamp, + return smart_date_time($user_timestamp, $tz_offset, $owner_uid); } else { if ($long) - $format = get_pref( 'LONG_DATE_FORMAT', $owner_uid); + $format = get_pref('LONG_DATE_FORMAT', $owner_uid); else - $format = get_pref( 'SHORT_DATE_FORMAT', $owner_uid); + $format = get_pref('SHORT_DATE_FORMAT', $owner_uid); return date($format, $user_timestamp); } } - function smart_date_time( $timestamp, $tz_offset = 0, $owner_uid = false) { + function smart_date_time($timestamp, $tz_offset = 0, $owner_uid = false) { if (!$owner_uid) $owner_uid = $_SESSION['uid']; if (date("Y.m.d", $timestamp) == date("Y.m.d", time() + $tz_offset)) { return date("G:i", $timestamp); } else if (date("Y", $timestamp) == date("Y", time() + $tz_offset)) { - $format = get_pref( 'SHORT_DATE_FORMAT', $owner_uid); + $format = get_pref('SHORT_DATE_FORMAT', $owner_uid); return date($format, $timestamp); } else { - $format = get_pref( 'LONG_DATE_FORMAT', $owner_uid); + $format = get_pref('LONG_DATE_FORMAT', $owner_uid); return date($format, $timestamp); } } @@ -898,11 +898,11 @@ // Session caching removed due to causing wrong redirects to upgrade // script when get_schema_version() is called on an obsolete session // created on a previous schema version. - function get_schema_version( $nocache = false) { + function get_schema_version($nocache = false) { global $schema_version; if (!$schema_version) { - $result = db_query( "SELECT schema_version FROM ttrss_version"); + $result = db_query("SELECT schema_version FROM ttrss_version"); $version = db_fetch_result($result, 0, "schema_version"); $schema_version = $version; return $version; @@ -915,20 +915,20 @@ require_once 'errors.php'; $error_code = 0; - $schema_version = get_schema_version( true); + $schema_version = get_schema_version(true); if ($schema_version != SCHEMA_VERSION) { $error_code = 5; } if (DB_TYPE == "mysql") { - $result = db_query( "SELECT true", false); + $result = db_query("SELECT true", false); if (db_num_rows($result) != 1) { $error_code = 10; } } - if (db_escape_string( "testTEST") != "testTEST") { + if (db_escape_string("testTEST") != "testTEST") { $error_code = 12; } @@ -987,7 +987,7 @@ } } - function catchup_feed( $feed, $cat_view, $owner_uid = false, $max_id = false, $mode = 'all') { + function catchup_feed($feed, $cat_view, $owner_uid = false, $max_id = false, $mode = 'all') { if (!$owner_uid) $owner_uid = $_SESSION['uid']; @@ -1029,7 +1029,7 @@ if ($feed >= 0) { if ($feed > 0) { - $children = getChildCategories( $feed, $owner_uid); + $children = getChildCategories($feed, $owner_uid); array_push($children, $feed); $children = join(",", $children); @@ -1039,7 +1039,7 @@ $cat_qpart = "cat_id IS NULL"; } - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET unread = false, last_read = NOW() WHERE ref_id IN (SELECT id FROM (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id @@ -1048,7 +1048,7 @@ } else if ($feed == -2) { - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET unread = false,last_read = NOW() WHERE (SELECT COUNT(*) FROM ttrss_user_labels2 WHERE article_id = ref_id) > 0 AND unread = true AND $date_qpart AND owner_uid = $owner_uid"); @@ -1056,7 +1056,7 @@ } else if ($feed > 0) { - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET unread = false, last_read = NOW() WHERE ref_id IN (SELECT id FROM (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id @@ -1065,7 +1065,7 @@ } else if ($feed < 0 && $feed > LABEL_BASE_INDEX) { // special, like starred if ($feed == -1) { - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET unread = false, last_read = NOW() WHERE ref_id IN (SELECT id FROM (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id @@ -1073,7 +1073,7 @@ } if ($feed == -2) { - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET unread = false, last_read = NOW() WHERE ref_id IN (SELECT id FROM (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id @@ -1082,7 +1082,7 @@ if ($feed == -3) { - $intl = get_pref( "FRESH_ARTICLE_MAX_AGE"); + $intl = get_pref("FRESH_ARTICLE_MAX_AGE"); if (DB_TYPE == "pgsql") { $match_part = "date_entered > NOW() - INTERVAL '$intl hour' "; @@ -1091,7 +1091,7 @@ INTERVAL $intl HOUR) "; } - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET unread = false, last_read = NOW() WHERE ref_id IN (SELECT id FROM (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id @@ -1099,7 +1099,7 @@ } if ($feed == -4) { - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET unread = false, last_read = NOW() WHERE ref_id IN (SELECT id FROM (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id @@ -1110,7 +1110,7 @@ $label_id = feed_to_label_id($feed); - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET unread = false, last_read = NOW() WHERE ref_id IN (SELECT id FROM (SELECT ttrss_entries.id FROM ttrss_entries, ttrss_user_entries, ttrss_user_labels2 WHERE ref_id = id @@ -1119,10 +1119,10 @@ } - ccache_update( $feed, $owner_uid, $cat_view); + ccache_update($feed, $owner_uid, $cat_view); } else { // tag - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET unread = false, last_read = NOW() WHERE ref_id IN (SELECT id FROM (SELECT ttrss_entries.id FROM ttrss_entries, ttrss_user_entries, ttrss_tags WHERE ref_id = ttrss_entries.id @@ -1137,13 +1137,13 @@ $data = array_merge($data, getVirtCounters()); $data = array_merge($data, getLabelCounters()); - $data = array_merge($data, getFeedCounters( $active_feed)); + $data = array_merge($data, getFeedCounters($active_feed)); $data = array_merge($data, getCategoryCounters()); return $data; } - function getCategoryTitle( $cat_id) { + function getCategoryTitle($cat_id) { if ($cat_id == -1) { return __("Special"); @@ -1151,7 +1151,7 @@ return __("Labels"); } else { - $result = db_query( "SELECT title FROM ttrss_feed_categories WHERE + $result = db_query("SELECT title FROM ttrss_feed_categories WHERE id = '$cat_id'"); if (db_num_rows($result) == 1) { @@ -1169,11 +1169,11 @@ /* Labels category */ $cv = array("id" => -2, "kind" => "cat", - "counter" => getCategoryUnread( -2)); + "counter" => getCategoryUnread(-2)); array_push($ret_arr, $cv); - $result = db_query( "SELECT id AS cat_id, value AS unread, + $result = db_query("SELECT id AS cat_id, value AS unread, (SELECT COUNT(id) FROM ttrss_feed_categories AS c2 WHERE c2.parent_cat = ttrss_feed_categories.id) AS num_children FROM ttrss_feed_categories, ttrss_cat_counters_cache @@ -1185,7 +1185,7 @@ $line["cat_id"] = (int) $line["cat_id"]; if ($line["num_children"] > 0) { - $child_counter = getCategoryChildrenUnread( $line["cat_id"], $_SESSION["uid"]); + $child_counter = getCategoryChildrenUnread($line["cat_id"], $_SESSION["uid"]); } else { $child_counter = 0; } @@ -1199,7 +1199,7 @@ /* Special case: NULL category doesn't actually exist in the DB */ $cv = array("id" => 0, "kind" => "cat", - "counter" => (int) ccache_find( 0, $_SESSION["uid"], true)); + "counter" => (int) ccache_find(0, $_SESSION["uid"], true)); array_push($ret_arr, $cv); @@ -1207,23 +1207,23 @@ } // only accepts real cats (>= 0) - function getCategoryChildrenUnread( $cat, $owner_uid = false) { + function getCategoryChildrenUnread($cat, $owner_uid = false) { if (!$owner_uid) $owner_uid = $_SESSION["uid"]; - $result = db_query( "SELECT id FROM ttrss_feed_categories WHERE parent_cat = '$cat' + $result = db_query("SELECT id FROM ttrss_feed_categories WHERE parent_cat = '$cat' AND owner_uid = $owner_uid"); $unread = 0; while ($line = db_fetch_assoc($result)) { - $unread += getCategoryUnread( $line["id"], $owner_uid); - $unread += getCategoryChildrenUnread( $line["id"], $owner_uid); + $unread += getCategoryUnread($line["id"], $owner_uid); + $unread += getCategoryChildrenUnread($line["id"], $owner_uid); } return $unread; } - function getCategoryUnread( $cat, $owner_uid = false) { + function getCategoryUnread($cat, $owner_uid = false) { if (!$owner_uid) $owner_uid = $_SESSION["uid"]; @@ -1235,7 +1235,7 @@ $cat_query = "cat_id IS NULL"; } - $result = db_query( "SELECT id FROM ttrss_feeds WHERE $cat_query + $result = db_query("SELECT id FROM ttrss_feeds WHERE $cat_query AND owner_uid = " . $owner_uid); $cat_feeds = array(); @@ -1247,7 +1247,7 @@ $match_part = implode(" OR ", $cat_feeds); - $result = db_query( "SELECT COUNT(int_id) AS unread + $result = db_query("SELECT COUNT(int_id) AS unread FROM ttrss_user_entries WHERE unread = true AND ($match_part) AND owner_uid = " . $owner_uid); @@ -1261,10 +1261,10 @@ return $unread; } else if ($cat == -1) { - return getFeedUnread( -1) + getFeedUnread($link, -2) + getFeedUnread($link, -3) + getFeedUnread($link, 0); + return getFeedUnread(-1) + getFeedUnread($link, -2) + getFeedUnread($link, -3) + getFeedUnread($link, 0); } else if ($cat == -2) { - $result = db_query( " + $result = db_query(" SELECT COUNT(unread) AS unread FROM ttrss_user_entries, ttrss_user_labels2 WHERE article_id = ref_id AND unread = true @@ -1277,14 +1277,14 @@ } } - function getFeedUnread( $feed, $is_cat = false) { - return getFeedArticles( $feed, $is_cat, true, $_SESSION["uid"]); + function getFeedUnread($feed, $is_cat = false) { + return getFeedArticles($feed, $is_cat, true, $_SESSION["uid"]); } - function getLabelUnread( $label_id, $owner_uid = false) { + function getLabelUnread($label_id, $owner_uid = false) { if (!$owner_uid) $owner_uid = $_SESSION["uid"]; - $result = db_query( "SELECT COUNT(ref_id) AS unread FROM ttrss_user_entries, ttrss_user_labels2 + $result = db_query("SELECT COUNT(ref_id) AS unread FROM ttrss_user_entries, ttrss_user_labels2 WHERE owner_uid = '$owner_uid' AND unread = true AND label_id = '$label_id' AND article_id = ref_id"); if (db_num_rows($result) != 0) { @@ -1294,7 +1294,7 @@ } } - function getFeedArticles( $feed, $is_cat = false, $unread_only = false, + function getFeedArticles($feed, $is_cat = false, $unread_only = false, $owner_uid = false) { $n_feed = (int) $feed; @@ -1309,14 +1309,14 @@ } if ($is_cat) { - return getCategoryUnread( $n_feed, $owner_uid); + return getCategoryUnread($n_feed, $owner_uid); } else if ($n_feed == -6) { return 0; } else if ($feed != "0" && $n_feed == 0) { - $feed = db_escape_string( $feed); + $feed = db_escape_string($feed); - $result = db_query( "SELECT SUM((SELECT COUNT(int_id) + $result = db_query("SELECT SUM((SELECT COUNT(int_id) FROM ttrss_user_entries,ttrss_entries WHERE int_id = post_int_id AND ref_id = id AND $unread_qpart)) AS count FROM ttrss_tags WHERE owner_uid = $owner_uid AND tag_name = '$feed'"); @@ -1329,7 +1329,7 @@ } else if ($n_feed == -3) { $match_part = "unread = true AND score >= 0"; - $intl = get_pref( "FRESH_ARTICLE_MAX_AGE", $owner_uid); + $intl = get_pref("FRESH_ARTICLE_MAX_AGE", $owner_uid); if (DB_TYPE == "pgsql") { $match_part .= " AND updated > NOW() - INTERVAL '$intl hour' "; @@ -1353,7 +1353,7 @@ $label_id = feed_to_label_id($feed); - return getLabelUnread( $label_id, $owner_uid); + return getLabelUnread($label_id, $owner_uid); } @@ -1372,11 +1372,11 @@ //echo "[$feed/$query]\n"; - $result = db_query( $query); + $result = db_query($query); } else { - $result = db_query( "SELECT COUNT(post_int_id) AS unread + $result = db_query("SELECT COUNT(post_int_id) AS unread FROM ttrss_tags,ttrss_user_entries,ttrss_entries WHERE tag_name = '$feed' AND post_int_id = int_id AND ref_id = ttrss_entries.id AND $unread_qpart AND ttrss_tags.owner_uid = " . $owner_uid); @@ -1387,13 +1387,13 @@ return $unread; } - function getGlobalUnread( $user_id = false) { + function getGlobalUnread($user_id = false) { if (!$user_id) { $user_id = $_SESSION["uid"]; } - $result = db_query( "SELECT SUM(value) AS c_id FROM ttrss_counters_cache + $result = db_query("SELECT SUM(value) AS c_id FROM ttrss_counters_cache WHERE owner_uid = '$user_id' AND feed_id > 0"); $c_id = db_fetch_result($result, 0, "c_id"); @@ -1401,7 +1401,7 @@ return $c_id; } - function getGlobalCounters( $global_unread = -1) { + function getGlobalCounters($global_unread = -1) { $ret_arr = array(); if ($global_unread == -1) { @@ -1413,7 +1413,7 @@ array_push($ret_arr, $cv); - $result = db_query( "SELECT COUNT(id) AS fn FROM + $result = db_query("SELECT COUNT(id) AS fn FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]); $subscribed_feeds = db_fetch_result($result, 0, "fn"); @@ -1432,13 +1432,13 @@ for ($i = 0; $i >= -4; $i--) { - $count = getFeedUnread( $i); + $count = getFeedUnread($i); $cv = array("id" => $i, "counter" => (int) $count); -// if (get_pref( 'EXTENDED_FEEDLIST')) -// $cv["xmsg"] = getFeedArticles( $i)." ".__("total"); +// if (get_pref('EXTENDED_FEEDLIST')) +// $cv["xmsg"] = getFeedArticles($i)." ".__("total"); array_push($ret_arr, $cv); } @@ -1461,13 +1461,13 @@ return $ret_arr; } - function getLabelCounters( $descriptions = false) { + function getLabelCounters($descriptions = false) { $ret_arr = array(); $owner_uid = $_SESSION["uid"]; - $result = db_query( "SELECT id,caption,COUNT(unread) AS unread + $result = db_query("SELECT id,caption,COUNT(unread) AS unread FROM ttrss_labels2 LEFT JOIN ttrss_user_labels2 ON (ttrss_labels2.id = label_id) LEFT JOIN ttrss_user_entries ON (ref_id = article_id AND unread = true @@ -1488,8 +1488,8 @@ if ($descriptions) $cv["description"] = $label_name; -// if (get_pref( 'EXTENDED_FEEDLIST')) -// $cv["xmsg"] = getFeedArticles( $id)." ".__("total"); +// if (get_pref('EXTENDED_FEEDLIST')) +// $cv["xmsg"] = getFeedArticles($id)." ".__("total"); array_push($ret_arr, $cv); } @@ -1497,7 +1497,7 @@ return $ret_arr; } - function getFeedCounters( $active_feed = false) { + function getFeedCounters($active_feed = false) { $ret_arr = array(); @@ -1510,7 +1510,7 @@ AND ttrss_counters_cache.owner_uid = ttrss_feeds.owner_uid AND ttrss_counters_cache.feed_id = id"; - $result = db_query( $query); + $result = db_query($query); $fctrs_modified = false; while ($line = db_fetch_assoc($result)) { @@ -1519,7 +1519,7 @@ $count = $line["count"]; $last_error = htmlspecialchars($line["last_error"]); - $last_updated = make_local_datetime( $line['last_updated'], false); + $last_updated = make_local_datetime($line['last_updated'], false); $has_img = feed_has_icon($id); @@ -1534,8 +1534,8 @@ if ($last_error) $cv["error"] = $last_error; -// if (get_pref( 'EXTENDED_FEEDLIST')) -// $cv["xmsg"] = getFeedArticles( $id)." ".__("total"); +// if (get_pref('EXTENDED_FEEDLIST')) +// $cv["xmsg"] = getFeedArticles($id)." ".__("total"); if ($active_feed && $id == $active_feed) $cv["title"] = truncate_string($line["title"], 30); @@ -1548,7 +1548,7 @@ } function get_pgsql_version() { - $result = db_query( "SELECT version() AS version"); + $result = db_query("SELECT version() AS version"); $version = explode(" ", db_fetch_result($result, 0, "version")); return $version[1]; } @@ -1565,7 +1565,7 @@ * to get all possible feeds. * 5 - Couldn't download the URL content. */ - function subscribe_to_feed( $url, $cat_id = 0, + function subscribe_to_feed($url, $cat_id = 0, $auth_login = '', $auth_pass = '') { global $fetch_last_error; @@ -1612,7 +1612,7 @@ $auth_pass_encrypted = 'false'; } - $auth_pass = db_escape_string( $auth_pass); + $auth_pass = db_escape_string($auth_pass); if (db_num_rows($result) == 0) { $result = db_query( @@ -1628,7 +1628,7 @@ $feed_id = db_fetch_result($result, 0, "id"); if ($feed_id) { - update_rss_feed( $feed_id, true); + update_rss_feed($feed_id, true); } return array("code" => 1); @@ -1637,7 +1637,7 @@ } } - function print_feed_select( $id, $default_id = "", + function print_feed_select($id, $default_id = "", $attributes = "", $include_all_feeds = true, $root_id = false, $nest_level = 0) { @@ -1649,14 +1649,14 @@ } } - if (get_pref( 'ENABLE_FEED_CATS')) { + if (get_pref('ENABLE_FEED_CATS')) { if ($root_id) $parent_qpart = "parent_cat = '$root_id'"; else $parent_qpart = "parent_cat IS NULL"; - $result = db_query( "SELECT id,title, + $result = db_query("SELECT id,title, (SELECT COUNT(id) FROM ttrss_feed_categories AS c2 WHERE c2.parent_cat = ttrss_feed_categories.id) AS num_children FROM ttrss_feed_categories @@ -1673,10 +1673,10 @@ $line["id"], htmlspecialchars($line["title"])); if ($line["num_children"] > 0) - print_feed_select( $id, $default_id, $attributes, + print_feed_select($id, $default_id, $attributes, $include_all_feeds, $line["id"], $nest_level+1); - $feed_result = db_query( "SELECT id,title FROM ttrss_feeds + $feed_result = db_query("SELECT id,title FROM ttrss_feeds WHERE cat_id = '".$line["id"]."' AND owner_uid = ".$_SESSION["uid"] . " ORDER BY title"); while ($fline = db_fetch_assoc($feed_result)) { @@ -1698,7 +1698,7 @@ printf("<option $is_selected value='CAT:0'>%s</option>", __("Uncategorized")); - $feed_result = db_query( "SELECT id,title FROM ttrss_feeds + $feed_result = db_query("SELECT id,title FROM ttrss_feeds WHERE cat_id IS NULL AND owner_uid = ".$_SESSION["uid"] . " ORDER BY title"); while ($fline = db_fetch_assoc($feed_result)) { @@ -1715,7 +1715,7 @@ } } else { - $result = db_query( "SELECT id,title FROM ttrss_feeds + $result = db_query("SELECT id,title FROM ttrss_feeds WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title"); while ($line = db_fetch_assoc($result)) { @@ -1732,7 +1732,7 @@ } } - function print_feed_cat_select( $id, $default_id, + function print_feed_cat_select($id, $default_id, $attributes, $include_all_cats = true, $root_id = false, $nest_level = 0) { if (!$root_id) { @@ -1744,7 +1744,7 @@ else $parent_qpart = "parent_cat IS NULL"; - $result = db_query( "SELECT id,title, + $result = db_query("SELECT id,title, (SELECT COUNT(id) FROM ttrss_feed_categories AS c2 WHERE c2.parent_cat = ttrss_feed_categories.id) AS num_children FROM ttrss_feed_categories @@ -1765,7 +1765,7 @@ $line["id"], htmlspecialchars($line["title"])); if ($line["num_children"] > 0) - print_feed_cat_select( $id, $default_id, $attributes, + print_feed_cat_select($id, $default_id, $attributes, $include_all_cats, $line["id"], $nest_level+1); } @@ -1791,13 +1791,13 @@ return ($val == "on") ? "true" : "false"; } - function getFeedCatTitle( $id) { + function getFeedCatTitle($id) { if ($id == -1) { return __("Special"); } else if ($id < LABEL_BASE_INDEX) { return __("Labels"); } else if ($id > 0) { - $result = db_query( "SELECT ttrss_feed_categories.title + $result = db_query("SELECT ttrss_feed_categories.title FROM ttrss_feeds, ttrss_feed_categories WHERE ttrss_feeds.id = '$id' AND cat_id = ttrss_feed_categories.id"); if (db_num_rows($result) == 1) { @@ -1844,9 +1844,9 @@ return false; } - function getFeedTitle( $id, $cat = false) { + function getFeedTitle($id, $cat = false) { if ($cat) { - return getCategoryTitle( $id); + return getCategoryTitle($id); } else if ($id == -1) { return __("Starred articles"); } else if ($id == -2) { @@ -1861,7 +1861,7 @@ return __("Recently read"); } else if ($id < LABEL_BASE_INDEX) { $label_id = feed_to_label_id($id); - $result = db_query( "SELECT caption FROM ttrss_labels2 WHERE id = '$label_id'"); + $result = db_query("SELECT caption FROM ttrss_labels2 WHERE id = '$label_id'"); if (db_num_rows($result) == 1) { return db_fetch_result($result, 0, "caption"); } else { @@ -1869,7 +1869,7 @@ } } else if (is_numeric($id) && $id > 0) { - $result = db_query( "SELECT title FROM ttrss_feeds WHERE id = '$id'"); + $result = db_query("SELECT title FROM ttrss_feeds WHERE id = '$id'"); if (db_num_rows($result) == 1) { return db_fetch_result($result, 0, "title"); } else { @@ -1888,18 +1888,18 @@ "CDM_AUTO_CATCHUP", "FRESH_ARTICLE_MAX_AGE", "HIDE_READ_SHOWS_SPECIAL", "COMBINED_DISPLAY_MODE") as $param) { - $params[strtolower($param)] = (int) get_pref( $param); + $params[strtolower($param)] = (int) get_pref($param); } $params["icons_url"] = ICONS_URL; $params["cookie_lifetime"] = SESSION_COOKIE_LIFETIME; - $params["default_view_mode"] = get_pref( "_DEFAULT_VIEW_MODE"); - $params["default_view_limit"] = (int) get_pref( "_DEFAULT_VIEW_LIMIT"); - $params["default_view_order_by"] = get_pref( "_DEFAULT_VIEW_ORDER_BY"); + $params["default_view_mode"] = get_pref("_DEFAULT_VIEW_MODE"); + $params["default_view_limit"] = (int) get_pref("_DEFAULT_VIEW_LIMIT"); + $params["default_view_order_by"] = get_pref("_DEFAULT_VIEW_ORDER_BY"); $params["bw_limit"] = (int) $_SESSION["bw_limit"]; $params["label_base_index"] = (int) LABEL_BASE_INDEX; - $result = db_query( "SELECT MAX(id) AS mid, COUNT(*) AS nf FROM + $result = db_query("SELECT MAX(id) AS mid, COUNT(*) AS nf FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]); $max_feed_id = db_fetch_result($result, 0, "mid"); @@ -1908,7 +1908,7 @@ $params["max_feed_id"] = (int) $max_feed_id; $params["num_feeds"] = (int) $num_feeds; - $params["collapsed_feedlist"] = (int) get_pref( "_COLLAPSED_FEEDLIST"); + $params["collapsed_feedlist"] = (int) get_pref("_COLLAPSED_FEEDLIST"); $params["hotkeys"] = get_hotkeys_map(); $params["csrf_token"] = $_SESSION["csrf_token"]; @@ -2054,7 +2054,7 @@ "^(191)|Ctrl+/" => "help_dialog", ); - if (get_pref( 'COMBINED_DISPLAY_MODE')) { + if (get_pref('COMBINED_DISPLAY_MODE')) { $hotkeys["^(38)|Ctrl-up"] = "prev_article_noscroll"; $hotkeys["^(40)|Ctrl-down"] = "next_article_noscroll"; } @@ -2080,7 +2080,7 @@ function make_runtime_info() { $data = array(); - $result = db_query( "SELECT MAX(id) AS mid, COUNT(*) AS nf FROM + $result = db_query("SELECT MAX(id) AS mid, COUNT(*) AS nf FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]); $max_feed_id = db_fetch_result($result, 0, "mid"); @@ -2090,7 +2090,7 @@ $data["num_feeds"] = (int) $num_feeds; $data['last_article_id'] = getLastArticleId(); - $data['cdm_expanded'] = get_pref( 'CDM_EXPANDED'); + $data['cdm_expanded'] = get_pref('CDM_EXPANDED'); $data['dep_ts'] = calculate_dep_timestamp(); $data['reload_on_ts_change'] = !defined('_NO_RELOAD_ON_TS_CHANGE'); @@ -2134,7 +2134,7 @@ return $data; } - function search_to_sql( $search) { + function search_to_sql($search) { $search_query_part = ""; @@ -2155,7 +2155,7 @@ case "title": if ($commandpair[1]) { array_push($query_keywords, "($not (LOWER(ttrss_entries.title) LIKE '%". - db_escape_string( mb_strtolower($commandpair[1]))."%'))"); + db_escape_string(mb_strtolower($commandpair[1]))."%'))"); } else { array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%') OR UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))"); @@ -2164,7 +2164,7 @@ case "author": if ($commandpair[1]) { array_push($query_keywords, "($not (LOWER(author) LIKE '%". - db_escape_string( mb_strtolower($commandpair[1]))."%'))"); + db_escape_string(mb_strtolower($commandpair[1]))."%'))"); } else { array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%') OR UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))"); @@ -2178,7 +2178,7 @@ array_push($query_keywords, "($not (note IS NULL OR note = ''))"); else array_push($query_keywords, "($not (LOWER(note) LIKE '%". - db_escape_string( mb_strtolower($commandpair[1]))."%'))"); + db_escape_string(mb_strtolower($commandpair[1]))."%'))"); } else { array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%') OR UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))"); @@ -2211,7 +2211,7 @@ default: if (strpos($k, "@") === 0) { - $user_tz_string = get_pref( 'USER_TIMEZONE', $_SESSION['uid']); + $user_tz_string = get_pref('USER_TIMEZONE', $_SESSION['uid']); $orig_ts = strtotime(substr($k, 1)); $k = date("Y-m-d", convert_timestamp($orig_ts, $user_tz_string, 'UTC')); @@ -2230,35 +2230,35 @@ return $search_query_part; } - function getParentCategories( $cat, $owner_uid) { + function getParentCategories($cat, $owner_uid) { $rv = array(); - $result = db_query( "SELECT parent_cat FROM ttrss_feed_categories + $result = db_query("SELECT parent_cat FROM ttrss_feed_categories WHERE id = '$cat' AND parent_cat IS NOT NULL AND owner_uid = $owner_uid"); while ($line = db_fetch_assoc($result)) { array_push($rv, $line["parent_cat"]); - $rv = array_merge($rv, getParentCategories( $line["parent_cat"], $owner_uid)); + $rv = array_merge($rv, getParentCategories($line["parent_cat"], $owner_uid)); } return $rv; } - function getChildCategories( $cat, $owner_uid) { + function getChildCategories($cat, $owner_uid) { $rv = array(); - $result = db_query( "SELECT id FROM ttrss_feed_categories + $result = db_query("SELECT id FROM ttrss_feed_categories WHERE parent_cat = '$cat' AND owner_uid = $owner_uid"); while ($line = db_fetch_assoc($result)) { array_push($rv, $line["id"]); - $rv = array_merge($rv, getChildCategories( $line["id"], $owner_uid)); + $rv = array_merge($rv, getChildCategories($line["id"], $owner_uid)); } return $rv; } - function queryFeedHeadlines( $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $override_order = false, $offset = 0, $owner_uid = 0, $filter = false, $since_id = 0, $include_children = false, $ignore_vfeed_group = false) { + function queryFeedHeadlines($feed, $limit, $view_mode, $cat_view, $search, $search_mode, $override_order = false, $offset = 0, $owner_uid = 0, $filter = false, $since_id = 0, $include_children = false, $ignore_vfeed_group = false) { if (!$owner_uid) $owner_uid = $_SESSION["uid"]; @@ -2275,7 +2275,7 @@ $search_query_part = "ref_id = -1 AND "; } else { - $search_query_part = search_to_sql( $search); + $search_query_part = search_to_sql($search); $search_query_part .= " AND "; } @@ -2293,10 +2293,10 @@ $override_order = "updated DESC"; - $filter_query_part = filter_to_sql( $filter, $owner_uid); + $filter_query_part = filter_to_sql($filter, $owner_uid); // Try to check if SQL regexp implementation chokes on a valid regexp - $result = db_query( "SELECT true AS true_val FROM ttrss_entries, + $result = db_query("SELECT true AS true_val FROM ttrss_entries, ttrss_user_entries, ttrss_feeds, ttrss_feed_categories WHERE $filter_query_part LIMIT 1", false); @@ -2329,10 +2329,10 @@ $view_query_part = " "; } else if ($feed != -1) { - $unread = getFeedUnread( $feed, $cat_view); + $unread = getFeedUnread($feed, $cat_view); if ($cat_view && $feed > 0 && $include_children) - $unread += getCategoryChildrenUnread( $feed); + $unread += getCategoryChildrenUnread($feed); if ($unread > 0) $view_query_part = " unread = true AND "; @@ -2378,7 +2378,7 @@ if ($feed > 0) { if ($include_children) { - $subcats = getChildCategories( $feed, $owner_uid); + $subcats = getChildCategories($feed, $owner_uid); array_push($subcats, $feed); $cats_qpart = join(",", $subcats); } else { @@ -2398,7 +2398,7 @@ if ($feed > 0) { if ($include_children) { # sub-cats - $subcats = getChildCategories( $feed, $owner_uid); + $subcats = getChildCategories($feed, $owner_uid); array_push($subcats, $feed); $query_strategy_part = "cat_id IN (". @@ -2461,7 +2461,7 @@ } else if ($feed == -3) { // fresh virtual feed $query_strategy_part = "unread = true AND score >= 0"; - $intl = get_pref( "FRESH_ARTICLE_MAX_AGE", $owner_uid); + $intl = get_pref("FRESH_ARTICLE_MAX_AGE", $owner_uid); if (DB_TYPE == "pgsql") { $query_strategy_part .= " AND date_entered > NOW() - INTERVAL '$intl hour' "; @@ -2505,17 +2505,17 @@ $feed_title = T_sprintf("Search results: %s", $search); } else { if ($cat_view) { - $feed_title = getCategoryTitle( $feed); + $feed_title = getCategoryTitle($feed); } else { if (is_numeric($feed) && $feed > 0) { - $result = db_query( "SELECT title,site_url,last_error + $result = db_query("SELECT title,site_url,last_error FROM ttrss_feeds WHERE id = '$feed' AND owner_uid = $owner_uid"); $feed_title = db_fetch_result($result, 0, "title"); $feed_site_url = db_fetch_result($result, 0, "site_url"); $last_error = db_fetch_result($result, 0, "last_error"); } else { - $feed_title = getFeedTitle( $feed); + $feed_title = getFeedTitle($feed); } } } @@ -2535,7 +2535,7 @@ } // proper override_order applied above - if ($vfeed_query_part && !$ignore_vfeed_group && get_pref( 'VFEED_GROUP_BY_FEED', $owner_uid)) { + if ($vfeed_query_part && !$ignore_vfeed_group && get_pref('VFEED_GROUP_BY_FEED', $owner_uid)) { if (!$override_order) { $order_by = "ttrss_feeds.title, $order_by"; } else { @@ -2589,7 +2589,7 @@ if ($_REQUEST["debug"]) print $query; - $result = db_query( $query); + $result = db_query($query); } else { // browsing by tag @@ -2658,14 +2658,14 @@ // $tag_sql = "tag_name = '$feed'"; DEFAULT way // error_log("[". $select_qpart . "][" . $from_qpart . "][" .$where_qpart . "]"); - $result = db_query( $select_qpart . $from_qpart . $where_qpart); + $result = db_query($select_qpart . $from_qpart . $where_qpart); } return array($result, $feed_title, $feed_site_url, $last_error); } - function sanitize( $str, $force_remove_images = false, $owner = false, $site_url = false) { + function sanitize($str, $force_remove_images = false, $owner = false, $site_url = false) { if (!$owner) $owner = $_SESSION["uid"]; $res = trim($str); if (!$res) return ''; @@ -2708,7 +2708,7 @@ } if ($entry->nodeName == 'img') { - if (($owner && get_pref( "STRIP_IMAGES", $owner)) || + if (($owner && get_pref("STRIP_IMAGES", $owner)) || $force_remove_images || $_SESSION["bw_limit"]) { $p = $doc->createElement('p'); @@ -2825,7 +2825,7 @@ return false; } - function catchupArticlesById( $ids, $cmode, $owner_uid = false) { + function catchupArticlesById($ids, $cmode, $owner_uid = false) { if (!$owner_uid) $owner_uid = $_SESSION["uid"]; if (count($ids) == 0) return; @@ -2839,32 +2839,32 @@ $ids_qpart = join(" OR ", $tmp_ids); if ($cmode == 0) { - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET unread = false,last_read = NOW() WHERE ($ids_qpart) AND owner_uid = $owner_uid"); } else if ($cmode == 1) { - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET unread = true WHERE ($ids_qpart) AND owner_uid = $owner_uid"); } else { - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET unread = NOT unread,last_read = NOW() WHERE ($ids_qpart) AND owner_uid = $owner_uid"); } /* update ccache */ - $result = db_query( "SELECT DISTINCT feed_id FROM ttrss_user_entries + $result = db_query("SELECT DISTINCT feed_id FROM ttrss_user_entries WHERE ($ids_qpart) AND owner_uid = $owner_uid"); while ($line = db_fetch_assoc($result)) { - ccache_update( $line["feed_id"], $owner_uid); + ccache_update($line["feed_id"], $owner_uid); } } - function get_article_tags( $id, $owner_uid = 0, $tag_cache = false) { + function get_article_tags($id, $owner_uid = 0, $tag_cache = false) { - $a_id = db_escape_string( $id); + $a_id = db_escape_string($id); if (!$owner_uid) $owner_uid = $_SESSION["uid"]; @@ -2879,7 +2879,7 @@ /* check cache first */ if ($tag_cache === false) { - $result = db_query( "SELECT tag_cache FROM ttrss_user_entries + $result = db_query("SELECT tag_cache FROM ttrss_user_entries WHERE ref_id = '$id' AND owner_uid = $owner_uid"); $tag_cache = db_fetch_result($result, 0, "tag_cache"); @@ -2891,7 +2891,7 @@ /* do it the hard way */ - $tmp_result = db_query( $query); + $tmp_result = db_query($query); while ($tmp_line = db_fetch_assoc($tmp_result)) { array_push($tags, $tmp_line["tag_name"]); @@ -2899,9 +2899,9 @@ /* update the cache */ - $tags_str = db_escape_string( join(",", $tags)); + $tags_str = db_escape_string(join(",", $tags)); - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET tag_cache = '$tags_str' WHERE ref_id = '$id' AND owner_uid = $owner_uid"); } @@ -2972,7 +2972,7 @@ return vsprintf(__(array_shift($args)), $args); } - function format_inline_player( $url, $ctype) { + function format_inline_player($url, $ctype) { $entry = ""; @@ -3013,7 +3013,7 @@ } - function format_article( $id, $mark_as_read = true, $zoom_mode = false, $owner_uid = false) { + function format_article($id, $mark_as_read = true, $zoom_mode = false, $owner_uid = false) { if (!$owner_uid) $owner_uid = $_SESSION["uid"]; $rv = array(); @@ -3021,9 +3021,9 @@ $rv['id'] = $id; /* we can figure out feed_id from article id anyway, why do we - * pass feed_id here? let's ignore the argument :( */ + * pass feed_id here? let's ignore the argument :(*/ - $result = db_query( "SELECT feed_id FROM ttrss_user_entries + $result = db_query("SELECT feed_id FROM ttrss_user_entries WHERE ref_id = '$id'"); $feed_id = (int) db_fetch_result($result, 0, "feed_id"); @@ -3033,14 +3033,14 @@ //if (!$zoom_mode) { print "<article id='$id'><![CDATA["; }; if ($mark_as_read) { - $result = db_query( "UPDATE ttrss_user_entries + $result = db_query("UPDATE ttrss_user_entries SET unread = false,last_read = NOW() WHERE ref_id = '$id' AND owner_uid = $owner_uid"); - ccache_update( $feed_id, $owner_uid); + ccache_update($feed_id, $owner_uid); } - $result = db_query( "SELECT id,title,link,content,feed_id,comments,int_id, + $result = db_query("SELECT id,title,link,content,feed_id,comments,int_id, ".SUBSTRING_FOR_DATE."(updated,1,16) as updated, (SELECT site_url FROM ttrss_feeds WHERE id = feed_id) as site_url, (SELECT hide_images FROM ttrss_feeds WHERE id = feed_id) as hide_images, @@ -3060,10 +3060,10 @@ $tag_cache = $line["tag_cache"]; - $line["tags"] = get_article_tags( $id, $owner_uid, $line["tag_cache"]); + $line["tags"] = get_article_tags($id, $owner_uid, $line["tag_cache"]); unset($line["tag_cache"]); - $line["content"] = sanitize( $line["content"], false, $owner_uid, $line["site_url"]); + $line["content"] = sanitize($line["content"], false, $owner_uid, $line["site_url"]); global $pluginhost; @@ -3106,7 +3106,7 @@ $entry_author = __(" - ") . $entry_author; } - $parsed_updated = make_local_datetime( $line["updated"], true, + $parsed_updated = make_local_datetime($line["updated"], true, $owner_uid, true); $rv['content'] .= "<div class=\"postDate\">$parsed_updated</div>"; @@ -3163,7 +3163,7 @@ if ($line["orig_feed_id"]) { - $tmp_result = db_query( "SELECT * FROM ttrss_archived_feeds + $tmp_result = db_query("SELECT * FROM ttrss_archived_feeds WHERE id = ".$line["orig_feed_id"]); if (db_num_rows($tmp_result) != 0) { @@ -3199,7 +3199,7 @@ $rv['content'] .= "<div class=\"postContent\">"; $rv['content'] .= $line["content"]; - $rv['content'] .= format_article_enclosures( $id, + $rv['content'] .= format_article_enclosures($id, sql_bool_to_bool($line["always_display_enclosures"]), $line["content"], sql_bool_to_bool($line["hide_images"])); @@ -3273,22 +3273,22 @@ } } // function encrypt_password - function load_filters( $feed_id, $owner_uid, $action_id = false) { + function load_filters($feed_id, $owner_uid, $action_id = false) { $filters = array(); - $cat_id = (int)getFeedCategory( $feed_id); + $cat_id = (int)getFeedCategory($feed_id); - $result = db_query( "SELECT * FROM ttrss_filters2 WHERE + $result = db_query("SELECT * FROM ttrss_filters2 WHERE owner_uid = $owner_uid AND enabled = true ORDER BY order_id, title"); $check_cats = join(",", array_merge( - getParentCategories( $cat_id, $owner_uid), + getParentCategories($cat_id, $owner_uid), array($cat_id))); while ($line = db_fetch_assoc($result)) { $filter_id = $line["id"]; - $result2 = db_query( "SELECT + $result2 = db_query("SELECT r.reg_exp, r.inverse, r.feed_id, r.cat_id, r.cat_filter, t.name AS type_name FROM ttrss_filters2_rules AS r, ttrss_filter_types AS t @@ -3311,7 +3311,7 @@ array_push($rules, $rule); } - $result2 = db_query( "SELECT a.action_param,t.name AS type_name + $result2 = db_query("SELECT a.action_param,t.name AS type_name FROM ttrss_filters2_actions AS a, ttrss_filter_actions AS t WHERE @@ -3439,7 +3439,7 @@ } - function get_feed_category( $feed_cat, $parent_cat_id = false) { + function get_feed_category($feed_cat, $parent_cat_id = false) { if ($parent_cat_id) { $parent_qpart = "parent_cat = '$parent_cat_id'"; $parent_insert = "'$parent_cat_id'"; @@ -3459,11 +3459,11 @@ } } - function add_feed_category( $feed_cat, $parent_cat_id = false) { + function add_feed_category($feed_cat, $parent_cat_id = false) { if (!$feed_cat) return false; - db_query( "BEGIN"); + db_query("BEGIN"); if ($parent_cat_id) { $parent_qpart = "parent_cat = '$parent_cat_id'"; @@ -3485,7 +3485,7 @@ "INSERT INTO ttrss_feed_categories (owner_uid,title,parent_cat) VALUES ('".$_SESSION["uid"]."', '$feed_cat', $parent_insert)"); - db_query( "COMMIT"); + db_query("COMMIT"); return true; } @@ -3493,8 +3493,8 @@ return false; } - function getArticleFeed( $id) { - $result = db_query( "SELECT feed_id FROM ttrss_user_entries + function getArticleFeed($id) { + $result = db_query("SELECT feed_id FROM ttrss_user_entries WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) != 0) { @@ -3539,14 +3539,14 @@ } - function get_article_enclosures( $id) { + function get_article_enclosures($id) { $query = "SELECT * FROM ttrss_enclosures WHERE post_id = '$id' AND content_url != ''"; $rv = array(); - $result = db_query( $query); + $result = db_query($query); if (db_num_rows($result) > 0) { while ($line = db_fetch_assoc($result)) { @@ -3557,7 +3557,7 @@ return $rv; } - function save_email_address( $email) { + function save_email_address($email) { // FIXME: implement persistent storage of emails if (!$_SESSION['stored_emails']) @@ -3568,22 +3568,22 @@ } - function get_feed_access_key( $feed_id, $is_cat, $owner_uid = false) { + function get_feed_access_key($feed_id, $is_cat, $owner_uid = false) { if (!$owner_uid) $owner_uid = $_SESSION["uid"]; $sql_is_cat = bool_to_sql_bool($is_cat); - $result = db_query( "SELECT access_key FROM ttrss_access_keys + $result = db_query("SELECT access_key FROM ttrss_access_keys WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat AND owner_uid = " . $owner_uid); if (db_num_rows($result) == 1) { return db_fetch_result($result, 0, "access_key"); } else { - $key = db_escape_string( sha1(uniqid(rand(), true))); + $key = db_escape_string(sha1(uniqid(rand(), true))); - $result = db_query( "INSERT INTO ttrss_access_keys + $result = db_query("INSERT INTO ttrss_access_keys (access_key, feed_id, is_cat, owner_uid) VALUES ('$key', '$feed_id', $sql_is_cat, '$owner_uid')"); @@ -3627,9 +3627,9 @@ return is_html(fetch_file_contents($url, false, $login, $pass)); } - function print_label_select( $name, $value, $attributes = "") { + function print_label_select($name, $value, $attributes = "") { - $result = db_query( "SELECT caption FROM ttrss_labels2 + $result = db_query("SELECT caption FROM ttrss_labels2 WHERE owner_uid = '".$_SESSION["uid"]."' ORDER BY caption"); print "<select default=\"$value\" name=\"" . htmlspecialchars($name) . @@ -3651,10 +3651,10 @@ } - function format_article_enclosures( $id, $always_display_enclosures, + function format_article_enclosures($id, $always_display_enclosures, $article_content, $hide_images = false) { - $result = get_article_enclosures( $id); + $result = get_article_enclosures($id); $rv = ''; if (count($result) > 0) { @@ -3672,7 +3672,7 @@ $filename = substr($url, strrpos($url, "/")+1); - $player = format_inline_player( $url, $ctype); + $player = format_inline_player($url, $ctype); if ($player) array_push($entries_inline, $player); @@ -3693,7 +3693,7 @@ array_push($entries, $entry); } - if ($_SESSION['uid'] && !get_pref( "STRIP_IMAGES") && !$_SESSION["bw_limit"]) { + if ($_SESSION['uid'] && !get_pref("STRIP_IMAGES") && !$_SESSION["bw_limit"]) { if ($always_display_enclosures || !preg_match("/<img/i", $article_content)) { @@ -3738,7 +3738,7 @@ } function getLastArticleId() { - $result = db_query( "SELECT MAX(ref_id) AS id FROM ttrss_user_entries + $result = db_query("SELECT MAX(ref_id) AS id FROM ttrss_user_entries WHERE owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) == 1) { @@ -3824,7 +3824,7 @@ return $ids; } - function cleanup_tags( $days = 14, $limit = 1000) { + function cleanup_tags($days = 14, $limit = 1000) { if (DB_TYPE == "pgsql") { $interval_query = "date_updated < NOW() - INTERVAL '$days days'"; @@ -3842,7 +3842,7 @@ WHERE post_int_id = int_id AND $interval_query AND ref_id = ttrss_entries.id AND tag_cache != '' LIMIT $limit_part"; - $result = db_query( $query); + $result = db_query($query); $ids = array(); @@ -3853,8 +3853,8 @@ if (count($ids) > 0) { $ids = join(",", $ids); - $tmp_result = db_query( "DELETE FROM ttrss_tags WHERE id IN ($ids)"); - $tags_deleted += db_affected_rows( $tmp_result); + $tmp_result = db_query("DELETE FROM ttrss_tags WHERE id IN ($ids)"); + $tags_deleted += db_affected_rows($tmp_result); } else { break; } @@ -3866,7 +3866,7 @@ } function print_user_stylesheet() { - $value = get_pref( 'USER_STYLESHEET'); + $value = get_pref('USER_STYLESHEET'); if ($value) { print "<style type=\"text/css\">"; @@ -3922,7 +3922,7 @@ return $html; } - function filter_to_sql( $filter, $owner_uid) { + function filter_to_sql($filter, $owner_uid) { $query = array(); if (DB_TYPE == "pgsql") @@ -3936,7 +3936,7 @@ if ($regexp_valid) { - $rule['reg_exp'] = db_escape_string( $rule['reg_exp']); + $rule['reg_exp'] = db_escape_string($rule['reg_exp']); switch ($rule["type"]) { case "title": @@ -3969,13 +3969,13 @@ if (isset($rule['inverse'])) $qpart = "NOT ($qpart)"; if (isset($rule["feed_id"]) && $rule["feed_id"] > 0) { - $qpart .= " AND feed_id = " . db_escape_string( $rule["feed_id"]); + $qpart .= " AND feed_id = " . db_escape_string($rule["feed_id"]); } if (isset($rule["cat_id"])) { if ($rule["cat_id"] > 0) { - $children = getChildCategories( $rule["cat_id"], $owner_uid); + $children = getChildCategories($rule["cat_id"], $owner_uid); array_push($children, $rule["cat_id"]); $children = join(",", $children); @@ -4049,8 +4049,8 @@ return $tempname; } - function getFeedCategory( $feed) { - $result = db_query( "SELECT cat_id FROM ttrss_feeds + function getFeedCategory($feed) { + $result = db_query("SELECT cat_id FROM ttrss_feeds WHERE id = '$feed'"); if (db_num_rows($result) > 0) { diff --git a/include/labels.php b/include/labels.php index fc23fca93..c2a48a338 100644 --- a/include/labels.php +++ b/include/labels.php @@ -1,5 +1,5 @@ <?php - function label_find_id( $label, $owner_uid) { + function label_find_id($label, $owner_uid) { $result = db_query( "SELECT id FROM ttrss_labels2 WHERE caption = '$label' AND owner_uid = '$owner_uid' LIMIT 1"); @@ -11,12 +11,12 @@ } } - function get_article_labels( $id, $owner_uid = false) { + function get_article_labels($id, $owner_uid = false) { $rv = array(); if (!$owner_uid) $owner_uid = $_SESSION["uid"]; - $result = db_query( "SELECT label_cache FROM + $result = db_query("SELECT label_cache FROM ttrss_user_entries WHERE ref_id = '$id' AND owner_uid = " . $owner_uid); @@ -48,15 +48,15 @@ } if (count($rv) > 0) - label_update_cache( $owner_uid, $id, $rv); + label_update_cache($owner_uid, $id, $rv); else - label_update_cache( $owner_uid, $id, array("no-labels" => 1)); + label_update_cache($owner_uid, $id, array("no-labels" => 1)); return $rv; } - function label_find_caption( $label, $owner_uid) { + function label_find_caption($label, $owner_uid) { $result = db_query( "SELECT caption FROM ttrss_labels2 WHERE id = '$label' AND owner_uid = '$owner_uid' LIMIT 1"); @@ -68,10 +68,10 @@ } } - function get_all_labels( $owner_uid) { + function get_all_labels($owner_uid) { $rv = array(); - $result = db_query( "SELECT fg_color, bg_color, caption FROM ttrss_labels2 WHERE owner_uid = " . $owner_uid); + $result = db_query("SELECT fg_color, bg_color, caption FROM ttrss_labels2 WHERE owner_uid = " . $owner_uid); while ($line = db_fetch_assoc($result)) { array_push($rv, $line); @@ -80,31 +80,31 @@ return $rv; } - function label_update_cache( $owner_uid, $id, $labels = false, $force = false) { + function label_update_cache($owner_uid, $id, $labels = false, $force = false) { if ($force) - label_clear_cache( $id); + label_clear_cache($id); if (!$labels) - $labels = get_article_labels( $id); + $labels = get_article_labels($id); - $labels = db_escape_string( json_encode($labels)); + $labels = db_escape_string(json_encode($labels)); - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET label_cache = '$labels' WHERE ref_id = '$id' AND owner_uid = '$owner_uid'"); } - function label_clear_cache( $id) { + function label_clear_cache($id) { - db_query( "UPDATE ttrss_user_entries SET + db_query("UPDATE ttrss_user_entries SET label_cache = '' WHERE ref_id = '$id'"); } - function label_remove_article( $id, $label, $owner_uid) { + function label_remove_article($id, $label, $owner_uid) { - $label_id = label_find_id( $label, $owner_uid); + $label_id = label_find_id($label, $owner_uid); if (!$label_id) return; @@ -114,12 +114,12 @@ label_id = '$label_id' AND article_id = '$id'"); - label_clear_cache( $id); + label_clear_cache($id); } - function label_add_article( $id, $label, $owner_uid) { + function label_add_article($id, $label, $owner_uid) { - $label_id = label_find_id( $label, $owner_uid); + $label_id = label_find_id($label, $owner_uid); if (!$label_id) return; @@ -133,55 +133,55 @@ LIMIT 1"); if (db_num_rows($result) == 0) { - db_query( "INSERT INTO ttrss_user_labels2 + db_query("INSERT INTO ttrss_user_labels2 (label_id, article_id) VALUES ('$label_id', '$id')"); } - label_clear_cache( $id); + label_clear_cache($id); } - function label_remove( $id, $owner_uid) { + function label_remove($id, $owner_uid) { if (!$owner_uid) $owner_uid = $_SESSION["uid"]; - db_query( "BEGIN"); + db_query("BEGIN"); - $result = db_query( "SELECT caption FROM ttrss_labels2 + $result = db_query("SELECT caption FROM ttrss_labels2 WHERE id = '$id'"); $caption = db_fetch_result($result, 0, "caption"); - $result = db_query( "DELETE FROM ttrss_labels2 WHERE id = '$id' + $result = db_query("DELETE FROM ttrss_labels2 WHERE id = '$id' AND owner_uid = " . $owner_uid); - if (db_affected_rows( $result) != 0 && $caption) { + if (db_affected_rows($result) != 0 && $caption) { /* Remove access key for the label */ $ext_id = LABEL_BASE_INDEX - 1 - $id; - db_query( "DELETE FROM ttrss_access_keys WHERE + db_query("DELETE FROM ttrss_access_keys WHERE feed_id = '$ext_id' AND owner_uid = $owner_uid"); /* Remove cached data */ - db_query( "UPDATE ttrss_user_entries SET label_cache = '' + db_query("UPDATE ttrss_user_entries SET label_cache = '' WHERE label_cache LIKE '%$caption%' AND owner_uid = " . $owner_uid); } - db_query( "COMMIT"); + db_query("COMMIT"); } - function label_create( $caption, $fg_color = '', $bg_color = '', $owner_uid = false) { + function label_create($caption, $fg_color = '', $bg_color = '', $owner_uid = false) { if (!$owner_uid) $owner_uid = $_SESSION['uid']; - db_query( "BEGIN"); + db_query("BEGIN"); $result = false; - $result = db_query( "SELECT id FROM ttrss_labels2 + $result = db_query("SELECT id FROM ttrss_labels2 WHERE caption = '$caption' AND owner_uid = $owner_uid"); if (db_num_rows($result) == 0) { @@ -189,10 +189,10 @@ "INSERT INTO ttrss_labels2 (caption,owner_uid,fg_color,bg_color) VALUES ('$caption', '$owner_uid', '$fg_color', '$bg_color')"); - $result = db_affected_rows( $result) != 0; + $result = db_affected_rows($result) != 0; } - db_query( "COMMIT"); + db_query("COMMIT"); return $result; } diff --git a/include/rssfuncs.php b/include/rssfuncs.php index ba2890669..bebc1c1f9 100644 --- a/include/rssfuncs.php +++ b/include/rssfuncs.php @@ -5,30 +5,30 @@ function update_feedbrowser_cache() { - $result = db_query( "SELECT feed_url, site_url, title, COUNT(id) AS subscribers + $result = db_query("SELECT feed_url, site_url, title, COUNT(id) AS subscribers FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf WHERE tf.feed_url = ttrss_feeds.feed_url AND (private IS true OR auth_login != '' OR auth_pass != '' OR feed_url LIKE '%:%@%/%')) GROUP BY feed_url, site_url, title ORDER BY subscribers DESC LIMIT 1000"); - db_query( "BEGIN"); + db_query("BEGIN"); - db_query( "DELETE FROM ttrss_feedbrowser_cache"); + db_query("DELETE FROM ttrss_feedbrowser_cache"); $count = 0; while ($line = db_fetch_assoc($result)) { - $subscribers = db_escape_string( $line["subscribers"]); - $feed_url = db_escape_string( $line["feed_url"]); - $title = db_escape_string( $line["title"]); - $site_url = db_escape_string( $line["site_url"]); + $subscribers = db_escape_string($line["subscribers"]); + $feed_url = db_escape_string($line["feed_url"]); + $title = db_escape_string($line["title"]); + $site_url = db_escape_string($line["site_url"]); - $tmp_result = db_query( "SELECT subscribers FROM + $tmp_result = db_query("SELECT subscribers FROM ttrss_feedbrowser_cache WHERE feed_url = '$feed_url'"); if (db_num_rows($tmp_result) == 0) { - db_query( "INSERT INTO ttrss_feedbrowser_cache + db_query("INSERT INTO ttrss_feedbrowser_cache (feed_url, site_url, title, subscribers) VALUES ('$feed_url', '$site_url', '$title', '$subscribers')"); @@ -38,7 +38,7 @@ } - db_query( "COMMIT"); + db_query("COMMIT"); return $count; @@ -57,7 +57,7 @@ * @param boolean $debug Set to false to disable debug output. Default to true. * @return void */ - function update_daemon_common( $limit = DAEMON_FEED_LIMIT, $from_http = false, $debug = true) { + function update_daemon_common($limit = DAEMON_FEED_LIMIT, $from_http = false, $debug = true) { // Process all other feeds using last_updated and interval parameters $schema_version = get_schema_version(); @@ -116,7 +116,7 @@ $random_qpart = sql_random_function(); // We search for feed needing update. - $result = db_query( "SELECT DISTINCT ttrss_feeds.feed_url,$random_qpart + $result = db_query("SELECT DISTINCT ttrss_feeds.feed_url,$random_qpart FROM ttrss_feeds, ttrss_users, ttrss_user_prefs WHERE @@ -134,7 +134,7 @@ // Here is a little cache magic in order to minimize risk of double feed updates. $feeds_to_update = array(); while ($line = db_fetch_assoc($result)) { - array_push($feeds_to_update, db_escape_string( $line['feed_url'])); + array_push($feeds_to_update, db_escape_string($line['feed_url'])); } // We update the feed last update started date before anything else. @@ -145,16 +145,16 @@ $feeds_quoted = array(); foreach ($feeds_to_update as $feed) { - array_push($feeds_quoted, "'" . db_escape_string( $feed) . "'"); + array_push($feeds_quoted, "'" . db_escape_string($feed) . "'"); } - db_query( sprintf("UPDATE ttrss_feeds SET last_update_started = NOW() + db_query(sprintf("UPDATE ttrss_feeds SET last_update_started = NOW() WHERE feed_url IN (%s)", implode(',', $feeds_quoted))); } expire_cached_files($debug); expire_lock_files($debug); - expire_error_log( $debug); + expire_error_log($debug); $nf = 0; @@ -162,16 +162,16 @@ foreach ($feeds_to_update as $feed) { if($debug) _debug("Base feed: $feed"); - //update_rss_feed( $line["id"], true); + //update_rss_feed($line["id"], true); // since we have the data cached, we can deal with other feeds with the same url - $tmp_result = db_query( "SELECT DISTINCT ttrss_feeds.id,last_updated + $tmp_result = db_query("SELECT DISTINCT ttrss_feeds.id,last_updated FROM ttrss_feeds, ttrss_users, ttrss_user_prefs WHERE ttrss_user_prefs.owner_uid = ttrss_feeds.owner_uid AND ttrss_users.id = ttrss_user_prefs.owner_uid AND ttrss_user_prefs.pref_name = 'DEFAULT_UPDATE_INTERVAL' AND - feed_url = '".db_escape_string( $feed)."' AND + feed_url = '".db_escape_string($feed)."' AND (ttrss_feeds.update_interval > 0 OR ttrss_user_prefs.value != '-1') $login_thresh_qpart @@ -180,7 +180,7 @@ if (db_num_rows($tmp_result) > 0) { while ($tline = db_fetch_assoc($tmp_result)) { if($debug) _debug(" => " . $tline["last_updated"] . ", " . $tline["id"]); - update_rss_feed( $tline["id"], true); + update_rss_feed($tline["id"], true); ++$nf; } } @@ -189,14 +189,14 @@ require_once "digest.php"; // Send feed digests by email if needed. - send_headlines_digests( $debug); + send_headlines_digests($debug); return $nf; } // function update_daemon_common // ignore_daemon is not used - function update_rss_feed( $feed, $ignore_daemon = false, $no_cache = false, + function update_rss_feed($feed, $ignore_daemon = false, $no_cache = false, $override_url = false) { require_once "lib/simplepie/simplepie.inc"; @@ -207,7 +207,7 @@ _debug("update_rss_feed: start"); } - $result = db_query( "SELECT id,update_interval,auth_login, + $result = db_query("SELECT id,update_interval,auth_login, feed_url,auth_pass,cache_images,last_updated, mark_unread_on_update, owner_uid, pubsub_state, auth_pass_encrypted @@ -228,7 +228,7 @@ $auth_pass_encrypted = sql_bool_to_bool(db_fetch_result($result, 0, "auth_pass_encrypted")); - db_query( "UPDATE ttrss_feeds SET last_update_started = NOW() + db_query("UPDATE ttrss_feeds SET last_update_started = NOW() WHERE id = '$feed'"); $auth_login = db_fetch_result($result, 0, "auth_login"); @@ -242,7 +242,7 @@ $cache_images = sql_bool_to_bool(db_fetch_result($result, 0, "cache_images")); $fetch_url = db_fetch_result($result, 0, "feed_url"); - $feed = db_escape_string( $feed); + $feed = db_escape_string($feed); if ($override_url) $fetch_url = $override_url; @@ -252,7 +252,7 @@ // Ignore cache if new feed or manual update. $cache_age = ($no_cache || is_null($last_updated) || $last_updated == '1970-01-01 00:00:00') ? - 30 : get_feed_update_interval( $feed) * 60; + 30 : get_feed_update_interval($feed) * 60; if ($debug_enabled) { _debug("update_rss_feed: cache filename: $cache_filename exists: " . file_exists($cache_filename)); @@ -322,7 +322,7 @@ // If-Modified-Since if ($fetch_last_error_code != 304) { - $error_escaped = db_escape_string( $fetch_last_error); + $error_escaped = db_escape_string($fetch_last_error); } else { if ($debug_enabled) { _debug("update_rss_feed: source claims data not modified, nothing to do."); @@ -339,7 +339,7 @@ $pluginhost = new PluginHost(Db::get()); $pluginhost->set_debug($debug_enabled); - $user_plugins = get_pref( "_ENABLED_PLUGINS", $owner_uid); + $user_plugins = get_pref("_ENABLED_PLUGINS", $owner_uid); $pluginhost->load(PLUGINS, $pluginhost::KIND_ALL); $pluginhost->load($user_plugins, $pluginhost::KIND_USER, $owner_uid); @@ -364,7 +364,7 @@ // print_r($rss); - $feed = db_escape_string( $feed); + $feed = db_escape_string($feed); if (!$rss->error()) { @@ -388,7 +388,7 @@ _debug("update_rss_feed: processing feed data..."); } -// db_query( "BEGIN"); +// db_query("BEGIN"); if (DB_TYPE == "pgsql") { $favicon_interval_qpart = "favicon_last_checked < NOW() - INTERVAL '12 hour'"; @@ -396,7 +396,7 @@ $favicon_interval_qpart = "favicon_last_checked < DATE_SUB(NOW(), INTERVAL 12 HOUR)"; } - $result = db_query( "SELECT title,site_url,owner_uid, + $result = db_query("SELECT title,site_url,owner_uid, (favicon_last_checked IS NULL OR $favicon_interval_qpart) AS favicon_needs_check FROM ttrss_feeds WHERE id = '$feed'"); @@ -408,7 +408,7 @@ $owner_uid = db_fetch_result($result, 0, "owner_uid"); - $site_url = db_escape_string( mb_substr(rewrite_relative_url($fetch_url, $rss->get_link()), 0, 245)); + $site_url = db_escape_string(mb_substr(rewrite_relative_url($fetch_url, $rss->get_link()), 0, 245)); if ($favicon_needs_check || $force_refetch) { if ($debug_enabled) { @@ -427,25 +427,25 @@ $favicon_colorstring = ",favicon_avg_color = '".$favicon_color."'"; } - db_query( "UPDATE ttrss_feeds SET favicon_last_checked = NOW() + db_query("UPDATE ttrss_feeds SET favicon_last_checked = NOW() $favicon_colorstring WHERE id = '$feed'"); } if (!$registered_title || $registered_title == "[Unknown]") { - $feed_title = db_escape_string( $rss->get_title()); + $feed_title = db_escape_string($rss->get_title()); if ($debug_enabled) { _debug("update_rss_feed: registering title: $feed_title"); } - db_query( "UPDATE ttrss_feeds SET + db_query("UPDATE ttrss_feeds SET title = '$feed_title' WHERE id = '$feed'"); } if ($site_url && $orig_site_url != $site_url) { - db_query( "UPDATE ttrss_feeds SET + db_query("UPDATE ttrss_feeds SET site_url = '$site_url' WHERE id = '$feed'"); } @@ -453,8 +453,8 @@ _debug("update_rss_feed: loading filters & labels..."); } - $filters = load_filters( $feed, $owner_uid); - $labels = get_all_labels( $owner_uid); + $filters = load_filters($feed, $owner_uid); + $labels = get_all_labels($owner_uid); if ($debug_enabled) { //print_r($filters); @@ -468,7 +468,7 @@ _debug("update_rss_feed: no articles found."); } - db_query( "UPDATE ttrss_feeds + db_query("UPDATE ttrss_feeds SET last_updated = NOW(), last_error = '' WHERE id = '$feed'"); return; // no articles @@ -506,7 +506,7 @@ if ($debug_enabled) _debug("update_rss_feed: feed hub url found, subscribe request sent."); - db_query( "UPDATE ttrss_feeds SET pubsub_state = 1 + db_query("UPDATE ttrss_feeds SET pubsub_state = 1 WHERE id = '$feed'"); } } @@ -528,7 +528,7 @@ $entry_guid = "$owner_uid,$entry_guid"; - $entry_guid_hashed = db_escape_string( 'SHA1:' . sha1($entry_guid)); + $entry_guid_hashed = db_escape_string('SHA1:' . sha1($entry_guid)); if ($debug_enabled) { _debug("update_rss_feed: guid $entry_guid / $entry_guid_hashed"); @@ -578,13 +578,13 @@ $entry_author = $entry_author_item->get_name(); if (!$entry_author) $entry_author = $entry_author_item->get_email(); - $entry_author = db_escape_string( $entry_author); + $entry_author = db_escape_string($entry_author); } - $entry_guid = db_escape_string( mb_substr($entry_guid, 0, 245)); + $entry_guid = db_escape_string(mb_substr($entry_guid, 0, 245)); - $entry_comments = db_escape_string( mb_substr($entry_comments, 0, 245)); - $entry_author = db_escape_string( mb_substr($entry_author, 0, 245)); + $entry_comments = db_escape_string(mb_substr($entry_comments, 0, 245)); + $entry_author = db_escape_string(mb_substr($entry_author, 0, 245)); $num_comments = $item->get_item_tags('http://purl.org/rss/1.0/modules/slash/', 'comments'); @@ -641,8 +641,8 @@ } // FIXME not sure if owner_uid is a good idea here, we may have a base entry without user entry (?) - $result = db_query( "SELECT plugin_data,title,content,link,tag_cache,author FROM ttrss_entries, ttrss_user_entries - WHERE ref_id = id AND (guid = '".db_escape_string( $entry_guid)."' OR guid = '$entry_guid_hashed') AND owner_uid = $owner_uid"); + $result = db_query("SELECT plugin_data,title,content,link,tag_cache,author FROM ttrss_entries, ttrss_user_entries + WHERE ref_id = id AND (guid = '".db_escape_string($entry_guid)."' OR guid = '$entry_guid_hashed') AND owner_uid = $owner_uid"); if (db_num_rows($result) != 0) { $entry_plugin_data = db_fetch_result($result, 0, "plugin_data"); @@ -671,11 +671,11 @@ } $entry_tags = $article["tags"]; - $entry_guid = db_escape_string( $entry_guid); - $entry_title = db_escape_string( $article["title"]); - $entry_author = db_escape_string( $article["author"]); - $entry_link = db_escape_string( $article["link"]); - $entry_plugin_data = db_escape_string( $article["plugin_data"]); + $entry_guid = db_escape_string($entry_guid); + $entry_title = db_escape_string($article["title"]); + $entry_author = db_escape_string($article["author"]); + $entry_link = db_escape_string($article["link"]); + $entry_plugin_data = db_escape_string($article["plugin_data"]); $entry_content = $article["content"]; // escaped below @@ -686,13 +686,13 @@ if ($cache_images && is_writable(CACHE_DIR . '/images')) cache_images($entry_content, $site_url, $debug_enabled); - $entry_content = db_escape_string( $entry_content, false); + $entry_content = db_escape_string($entry_content, false); $content_hash = "SHA1:" . sha1($entry_content); - db_query( "BEGIN"); + db_query("BEGIN"); - $result = db_query( "SELECT id FROM ttrss_entries + $result = db_query("SELECT id FROM ttrss_entries WHERE (guid = '$entry_guid' OR guid = '$entry_guid_hashed')"); if (db_num_rows($result) == 0) { @@ -745,15 +745,15 @@ $base_entry_id = db_fetch_result($result, 0, "id"); - db_query( "UPDATE ttrss_entries SET date_updated = NOW() + db_query("UPDATE ttrss_entries SET date_updated = NOW() WHERE id = '$base_entry_id'"); - $article_labels = get_article_labels( $base_entry_id, $owner_uid); + $article_labels = get_article_labels($base_entry_id, $owner_uid); } // now it should exist, if not - bad luck then - $result = db_query( "SELECT + $result = db_query("SELECT id,content_hash,no_orig_date,title,plugin_data,guid, ".SUBSTRING_FOR_DATE."(date_updated,1,19) as date_updated, ".SUBSTRING_FOR_DATE."(updated,1,19) as updated, @@ -786,14 +786,14 @@ if ($stored_guid != $entry_guid_hashed) { if ($debug_enabled) _debug("upgrading compat guid to hashed one"); - db_query( "UPDATE ttrss_entries SET guid = '$entry_guid_hashed' WHERE + db_query("UPDATE ttrss_entries SET guid = '$entry_guid_hashed' WHERE id = '$ref_id'"); } */ // check for user post link to main table // do we allow duplicate posts with same GUID in different feeds? - if (get_pref( "ALLOW_DUPLICATE_POSTS", $owner_uid, false)) { + if (get_pref("ALLOW_DUPLICATE_POSTS", $owner_uid, false)) { $dupcheck_qpart = "AND (feed_id = '$feed' OR feed_id IS NULL)"; } else { $dupcheck_qpart = ""; @@ -813,7 +813,7 @@ } if (find_article_filter($article_filters, "filter")) { - db_query( "COMMIT"); // close transaction in progress + db_query("COMMIT"); // close transaction in progress continue; } @@ -829,7 +829,7 @@ // if ($_REQUEST["xdebug"]) print "$query\n"; - $result = db_query( $query); + $result = db_query($query); // okay it doesn't exist - create user entry if (db_num_rows($result) == 0) { @@ -862,7 +862,7 @@ if (DB_TYPE == "pgsql" and defined('_NGRAM_TITLE_DUPLICATE_THRESHOLD')) { - $result = db_query( "SELECT COUNT(*) AS similar FROM + $result = db_query("SELECT COUNT(*) AS similar FROM ttrss_entries,ttrss_user_entries WHERE ref_id = id AND updated >= NOW() - INTERVAL '7 day' AND similarity(title, '$entry_title') >= "._NGRAM_TITLE_DUPLICATE_THRESHOLD." @@ -894,7 +894,7 @@ if (PUBSUBHUBBUB_HUB && $published == 'true') { $rss_link = get_self_url_prefix() . "/public.php?op=rss&id=-2&key=" . - get_feed_access_key( -2, false, $owner_uid); + get_feed_access_key(-2, false, $owner_uid); $p = new Publisher(PUBSUBHUBBUB_HUB); @@ -940,7 +940,7 @@ $update_insignificant = false; } - if (db_escape_string( $orig_title) != $entry_title) { + if (db_escape_string($orig_title) != $entry_title) { $post_needs_update = true; $update_insignificant = false; } @@ -955,7 +955,7 @@ // print "<!-- post $orig_title needs update : $post_needs_update -->"; - db_query( "UPDATE ttrss_entries + db_query("UPDATE ttrss_entries SET title = '$entry_title', content = '$entry_content', content_hash = '$content_hash', updated = '$entry_timestamp_fmt', @@ -965,20 +965,20 @@ if (!$update_insignificant) { if ($mark_unread_on_update) { - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET last_read = null, unread = true WHERE ref_id = '$ref_id'"); } } } } - db_query( "COMMIT"); + db_query("COMMIT"); if ($debug_enabled) { _debug("update_rss_feed: assigning labels..."); } - assign_article_to_label_filters( $entry_ref_id, $article_filters, + assign_article_to_label_filters($entry_ref_id, $article_filters, $owner_uid, $article_labels); if ($debug_enabled) { @@ -1004,24 +1004,24 @@ print_r($enclosures); } - db_query( "BEGIN"); + db_query("BEGIN"); foreach ($enclosures as $enc) { - $enc_url = db_escape_string( $enc[0]); - $enc_type = db_escape_string( $enc[1]); - $enc_dur = db_escape_string( $enc[2]); + $enc_url = db_escape_string($enc[0]); + $enc_type = db_escape_string($enc[1]); + $enc_dur = db_escape_string($enc[2]); - $result = db_query( "SELECT id FROM ttrss_enclosures + $result = db_query("SELECT id FROM ttrss_enclosures WHERE content_url = '$enc_url' AND post_id = '$entry_ref_id'"); if (db_num_rows($result) == 0) { - db_query( "INSERT INTO ttrss_enclosures + db_query("INSERT INTO ttrss_enclosures (content_url, content_type, title, duration, post_id) VALUES ('$enc_url', '$enc_type', '', '$enc_dur', '$entry_ref_id')"); } } - db_query( "COMMIT"); + db_query("COMMIT"); // check for manual tags (we have to do it here since they're loaded from filters) @@ -1065,22 +1065,22 @@ if (count($filtered_tags) > 0) { - db_query( "BEGIN"); + db_query("BEGIN"); foreach ($filtered_tags as $tag) { $tag = sanitize_tag($tag); - $tag = db_escape_string( $tag); + $tag = db_escape_string($tag); if (!tag_is_valid($tag)) continue; - $result = db_query( "SELECT id FROM ttrss_tags + $result = db_query("SELECT id FROM ttrss_tags WHERE tag_name = '$tag' AND post_int_id = '$entry_int_id' AND owner_uid = '$owner_uid' LIMIT 1"); if ($result && db_num_rows($result) == 0) { - db_query( "INSERT INTO ttrss_tags + db_query("INSERT INTO ttrss_tags (owner_uid,tag_name,post_int_id) VALUES ('$owner_uid','$tag', '$entry_int_id')"); } @@ -1092,16 +1092,16 @@ $tags_to_cache = array_unique($tags_to_cache); - $tags_str = db_escape_string( join(",", $tags_to_cache)); + $tags_str = db_escape_string(join(",", $tags_to_cache)); - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET tag_cache = '$tags_str' WHERE ref_id = '$entry_ref_id' AND owner_uid = $owner_uid"); - db_query( "COMMIT"); + db_query("COMMIT"); } - if (get_pref( "AUTO_ASSIGN_LABELS", $owner_uid, false)) { + if (get_pref("AUTO_ASSIGN_LABELS", $owner_uid, false)) { if ($debug_enabled) { _debug("update_rss_feed: auto-assigning labels..."); } @@ -1111,7 +1111,7 @@ if ($caption && preg_match("/\b$caption\b/i", "$tags_str " . strip_tags($entry_content) . " $entry_title")) { if (!labels_contains_caption($article_labels, $caption)) { - label_add_article( $entry_ref_id, $caption, $owner_uid); + label_add_article($entry_ref_id, $caption, $owner_uid); } } } @@ -1126,23 +1126,23 @@ if ($debug_enabled) { _debug("update_rss_feed: new feed, catching it up..."); } - catchup_feed( $feed, false, $owner_uid); + catchup_feed($feed, false, $owner_uid); } if ($debug_enabled) { _debug("purging feed..."); } - purge_feed( $feed, 0, $debug_enabled); + purge_feed($feed, 0, $debug_enabled); - db_query( "UPDATE ttrss_feeds + db_query("UPDATE ttrss_feeds SET last_updated = NOW(), last_error = '' WHERE id = '$feed'"); -// db_query( "COMMIT"); +// db_query("COMMIT"); } else { - $error_msg = db_escape_string( mb_substr($rss->error(), 0, 245)); + $error_msg = db_escape_string(mb_substr($rss->error(), 0, 245)); if ($debug_enabled) { _debug("update_rss_feed: error fetching feed: $error_msg"); @@ -1204,14 +1204,14 @@ return $doc->saveXML($node); } - function expire_error_log( $debug) { + function expire_error_log($debug) { if ($debug) _debug("Removing old error log entries..."); if (DB_TYPE == "pgsql") { - db_query( "DELETE FROM ttrss_error_log + db_query("DELETE FROM ttrss_error_log WHERE created_at < NOW() - INTERVAL '7 days'"); } else { - db_query( "DELETE FROM ttrss_error_log + db_query("DELETE FROM ttrss_error_log WHERE created_at < DATE_SUB(NOW(), INTERVAL 7 DAY)"); } @@ -1399,11 +1399,11 @@ return false; } - function assign_article_to_label_filters( $id, $filters, $owner_uid, $article_labels) { + function assign_article_to_label_filters($id, $filters, $owner_uid, $article_labels) { foreach ($filters as $f) { if ($f["type"] == "label") { if (!labels_contains_caption($article_labels, $f["param"])) { - label_add_article( $id, $f["param"], $owner_uid); + label_add_article($id, $f["param"], $owner_uid); } } } diff --git a/include/sanity_check.php b/include/sanity_check.php index 0477efd50..a5c682be8 100644 --- a/include/sanity_check.php +++ b/include/sanity_check.php @@ -88,7 +88,7 @@ } if (SINGLE_USER_MODE) { - $result = db_query( "SELECT id FROM ttrss_users WHERE id = 1"); + $result = db_query("SELECT id FROM ttrss_users WHERE id = 1"); if (db_num_rows($result) != 1) { array_push($errors, "SINGLE_USER_MODE is enabled in config.php but default admin account is not found."); diff --git a/include/sanity_config.php b/include/sanity_config.php index 398c979fe..d5cfd2d78 100644 --- a/include/sanity_config.php +++ b/include/sanity_config.php @@ -1,3 +1,3 @@ <?php # This file has been generated at: Tue Apr 16 16:41:13 MSK 2013 define('GENERATED_CONFIG_CHECK', 26); -$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'FEED_CRYPT_KEY', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'PUBSUBHUBBUB_HUB', 'PUBSUBHUBBUB_ENABLED', 'SPHINX_ENABLED', 'SPHINX_SERVER', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SESSION_CHECK_ADDRESS', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_SERVER', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'CHECK_FOR_NEW_VERSION', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'CONFIG_VERSION'); ?> +$requred_defines = array('DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'FEED_CRYPT_KEY', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'PUBSUBHUBBUB_HUB', 'PUBSUBHUBBUB_ENABLED', 'SPHINX_ENABLED', 'SPHINX_SERVER', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SESSION_CHECK_ADDRESS', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_SERVER', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'CHECK_FOR_NEW_VERSION', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'CONFIG_VERSION'); ?> diff --git a/plugins/auth_internal/init.php b/plugins/auth_internal/init.php index b6d8e97dc..c6f075036 100644 --- a/plugins/auth_internal/init.php +++ b/plugins/auth_internal/init.php @@ -19,12 +19,12 @@ class Auth_Internal extends Plugin implements IAuthModule { $pwd_hash1 = encrypt_password($password); $pwd_hash2 = encrypt_password($password, $login); - $login = db_escape_string( $login); - $otp = db_escape_string( $_REQUEST["otp"]); + $login = db_escape_string($login); + $otp = db_escape_string($_REQUEST["otp"]); if (get_schema_version() > 96) { if (!defined('AUTH_DISABLE_OTP') || !AUTH_DISABLE_OTP) { - $result = db_query( "SELECT otp_enabled,salt FROM ttrss_users WHERE + $result = db_query("SELECT otp_enabled,salt FROM ttrss_users WHERE login = '$login'"); if (db_num_rows($result) > 0) { @@ -74,7 +74,7 @@ class Auth_Internal extends Plugin implements IAuthModule { if (get_schema_version() > 87) { - $result = db_query( "SELECT salt FROM ttrss_users WHERE + $result = db_query("SELECT salt FROM ttrss_users WHERE login = '$login'"); if (db_num_rows($result) != 1) { @@ -92,7 +92,7 @@ class Auth_Internal extends Plugin implements IAuthModule { // verify and upgrade password to new salt base - $result = db_query( $query); + $result = db_query($query); if (db_num_rows($result) == 1) { // upgrade password to MODE2 @@ -100,7 +100,7 @@ class Auth_Internal extends Plugin implements IAuthModule { $salt = substr(bin2hex(get_random_bytes(125)), 0, 250); $pwd_hash = encrypt_password($password, $salt, true); - db_query( "UPDATE ttrss_users SET + db_query("UPDATE ttrss_users SET pwd_hash = '$pwd_hash', salt = '$salt' WHERE login = '$login'"); $query = "SELECT id @@ -128,7 +128,7 @@ class Auth_Internal extends Plugin implements IAuthModule { pwd_hash = '$pwd_hash2')"; } - $result = db_query( $query); + $result = db_query($query); if (db_num_rows($result) == 1) { return db_fetch_result($result, 0, "id"); @@ -138,9 +138,9 @@ class Auth_Internal extends Plugin implements IAuthModule { } function check_password($owner_uid, $password) { - $owner_uid = db_escape_string( $owner_uid); + $owner_uid = db_escape_string($owner_uid); - $result = db_query( "SELECT salt,login FROM ttrss_users WHERE + $result = db_query("SELECT salt,login FROM ttrss_users WHERE id = '$owner_uid'"); $salt = db_fetch_result($result, 0, "salt"); @@ -161,20 +161,20 @@ class Auth_Internal extends Plugin implements IAuthModule { id = '$owner_uid' AND pwd_hash = '$password_hash'"; } - $result = db_query( $query); + $result = db_query($query); return db_num_rows($result) != 0; } function change_password($owner_uid, $old_password, $new_password) { - $owner_uid = db_escape_string( $owner_uid); + $owner_uid = db_escape_string($owner_uid); if ($this->check_password($owner_uid, $old_password)) { $new_salt = substr(bin2hex(get_random_bytes(125)), 0, 250); $new_password_hash = encrypt_password($new_password, $new_salt, true); - db_query( "UPDATE ttrss_users SET + db_query("UPDATE ttrss_users SET pwd_hash = '$new_password_hash', salt = '$new_salt', otp_enabled = false WHERE id = '$owner_uid'"); diff --git a/plugins/auth_remote/init.php b/plugins/auth_remote/init.php index f0da1afc8..a551c6bd0 100644 --- a/plugins/auth_remote/init.php +++ b/plugins/auth_remote/init.php @@ -19,15 +19,15 @@ class Auth_Remote extends Plugin implements IAuthModule { } function get_login_by_ssl_certificate() { - $cert_serial = db_escape_string( get_ssl_certificate_id()); + $cert_serial = db_escape_string(get_ssl_certificate_id()); if ($cert_serial) { - $result = db_query( "SELECT login FROM ttrss_user_prefs, ttrss_users + $result = db_query("SELECT login FROM ttrss_user_prefs, ttrss_users WHERE pref_name = 'SSL_CERT_SERIAL' AND value = '$cert_serial' AND owner_uid = ttrss_users.id"); if (db_num_rows($result) != 0) { - return db_escape_string( db_fetch_result($result, 0, "login")); + return db_escape_string(db_fetch_result($result, 0, "login")); } } @@ -36,10 +36,10 @@ class Auth_Remote extends Plugin implements IAuthModule { function authenticate($login, $password) { - $try_login = db_escape_string( $_SERVER["REMOTE_USER"]); + $try_login = db_escape_string($_SERVER["REMOTE_USER"]); // php-cgi - if (!$try_login) $try_login = db_escape_string( $_SERVER["REDIRECT_REMOTE_USER"]); + if (!$try_login) $try_login = db_escape_string($_SERVER["REDIRECT_REMOTE_USER"]); if (!$try_login) $try_login = $this->get_login_by_ssl_certificate(); # if (!$try_login) $try_login = "test_qqq"; @@ -58,15 +58,15 @@ class Auth_Remote extends Plugin implements IAuthModule { // update user name $fullname = $_SERVER['HTTP_USER_NAME'] ? $_SERVER['HTTP_USER_NAME'] : $_SERVER['AUTHENTICATE_CN']; if ($fullname){ - $fullname = db_escape_string( $fullname); - db_query( "UPDATE ttrss_users SET full_name = '$fullname' WHERE id = " . + $fullname = db_escape_string($fullname); + db_query("UPDATE ttrss_users SET full_name = '$fullname' WHERE id = " . $user_id); } // update user mail $email = $_SERVER['HTTP_USER_MAIL'] ? $_SERVER['HTTP_USER_MAIL'] : $_SERVER['AUTHENTICATE_MAIL']; if ($email){ - $email = db_escape_string( $email); - db_query( "UPDATE ttrss_users SET email = '$email' WHERE id = " . + $email = db_escape_string($email); + db_query("UPDATE ttrss_users SET email = '$email' WHERE id = " . $user_id); } } diff --git a/plugins/close_button/init.php b/plugins/close_button/init.php index 6fdd96f55..78f2edd2a 100644 --- a/plugins/close_button/init.php +++ b/plugins/close_button/init.php @@ -15,7 +15,7 @@ class Close_Button extends Plugin { } function hook_article_button($line) { - if (!get_pref( "COMBINED_DISPLAY_MODE")) { + if (!get_pref("COMBINED_DISPLAY_MODE")) { $rv = "<img src=\"plugins/close_button/button.png\" class='tagsPic' style=\"cursor : pointer\" onclick=\"closeArticlePanel()\" diff --git a/plugins/digest/init.php b/plugins/digest/init.php index 5b84fec16..b06097171 100644 --- a/plugins/digest/init.php +++ b/plugins/digest/init.php @@ -41,13 +41,13 @@ class Digest extends Plugin implements IHandler { } function digestgetcontents() { - $article_id = db_escape_string( $_REQUEST['article_id']); + $article_id = db_escape_string($_REQUEST['article_id']); - $result = db_query( "SELECT content,title,link,marked,published + $result = db_query("SELECT content,title,link,marked,published FROM ttrss_entries, ttrss_user_entries WHERE id = '$article_id' AND ref_id = id AND owner_uid = ".$_SESSION['uid']); - $content = sanitize( db_fetch_result($result, 0, "content")); + $content = sanitize(db_fetch_result($result, 0, "content")); $title = strip_tags(db_fetch_result($result, 0, "title")); $article_url = htmlspecialchars(db_fetch_result($result, 0, "link")); $marked = sql_bool_to_bool(db_fetch_result($result, 0, "marked")); @@ -55,15 +55,15 @@ class Digest extends Plugin implements IHandler { print json_encode(array("article" => array("id" => $article_id, "url" => $article_url, - "tags" => get_article_tags( $article_id), + "tags" => get_article_tags($article_id), "marked" => $marked, "published" => $published, "title" => $title, "content" => $content))); } function digestupdate() { - $feed_id = db_escape_string( $_REQUEST['feed_id']); - $offset = db_escape_string( $_REQUEST['offset']); - $seq = db_escape_string( $_REQUEST['seq']); + $feed_id = db_escape_string($_REQUEST['feed_id']); + $offset = db_escape_string($_REQUEST['offset']); + $seq = db_escape_string($_REQUEST['seq']); if (!$feed_id) $feed_id = -4; if (!$offset) $offset = 0; @@ -72,18 +72,18 @@ class Digest extends Plugin implements IHandler { $reply['seq'] = $seq; - $headlines = API::api_get_headlines( $feed_id, 30, $offset, + $headlines = API::api_get_headlines($feed_id, 30, $offset, '', ($feed_id == -4), true, false, "unread", "updated DESC", 0, 0); $reply['headlines'] = array(); - $reply['headlines']['title'] = getFeedTitle( $feed_id); + $reply['headlines']['title'] = getFeedTitle($feed_id); $reply['headlines']['content'] = $headlines; print json_encode($reply); } function digestinit() { - $tmp_feeds = API::api_get_feeds( -4, true, false, 0); + $tmp_feeds = API::api_get_feeds(-4, true, false, 0); $params = array(); $feeds = array(); diff --git a/plugins/embed_original/init.php b/plugins/embed_original/init.php index f91acda7c..c65793e16 100644 --- a/plugins/embed_original/init.php +++ b/plugins/embed_original/init.php @@ -34,9 +34,9 @@ class Embed_Original extends Plugin { } function getUrl() { - $id = db_escape_string( $_REQUEST['id']); + $id = db_escape_string($_REQUEST['id']); - $result = db_query( "SELECT link + $result = db_query("SELECT link FROM ttrss_entries, ttrss_user_entries WHERE id = '$id' AND ref_id = id AND owner_uid = " .$_SESSION['uid']); diff --git a/plugins/example/init.php b/plugins/example/init.php index 8deee84b4..8f4e8abf4 100644 --- a/plugins/example/init.php +++ b/plugins/example/init.php @@ -19,7 +19,7 @@ class Example extends Plugin { } function save() { - $example_value = db_escape_string( $_POST["example_value"]); + $example_value = db_escape_string($_POST["example_value"]); $this->host->set($this, "example", $example_value); diff --git a/plugins/example_vfeed/init.php b/plugins/example_vfeed/init.php index e7efa757b..b137fd0f9 100644 --- a/plugins/example_vfeed/init.php +++ b/plugins/example_vfeed/init.php @@ -27,7 +27,7 @@ class Example_VFeed extends Plugin { } function get_headlines($feed_id, $options) { - $qfh_ret = queryFeedHeadlines( -4, + $qfh_ret = queryFeedHeadlines(-4, $options['limit'], $options['view_mode'], $options['cat_view'], $options['search'], diff --git a/plugins/googlereaderimport/init.php b/plugins/googlereaderimport/init.php index 8986f469c..183875ec8 100644 --- a/plugins/googlereaderimport/init.php +++ b/plugins/googlereaderimport/init.php @@ -30,11 +30,11 @@ class GoogleReaderImport extends Plugin { _debug("please enter your username:"); - $username = db_escape_string( trim(read_stdin())); + $username = db_escape_string(trim(read_stdin())); _debug("looking up user: $username..."); - $result = db_query( "SELECT id FROM ttrss_users + $result = db_query("SELECT id FROM ttrss_users WHERE login = '$username'"); if (db_num_rows($result) == 0) { @@ -111,19 +111,19 @@ class GoogleReaderImport extends Plugin { foreach ($doc['items'] as $item) { // print_r($item); - $guid = db_escape_string( mb_substr($item['id'], 0, 250)); - $title = db_escape_string( $item['title']); + $guid = db_escape_string(mb_substr($item['id'], 0, 250)); + $title = db_escape_string($item['title']); $updated = date('Y-m-d h:i:s', $item['updated']); $link = ''; $content = ''; - $author = db_escape_string( $item['author']); + $author = db_escape_string($item['author']); $tags = array(); $orig_feed_data = array(); if (is_array($item['alternate'])) { foreach ($item['alternate'] as $alt) { if (isset($alt['type']) && $alt['type'] == 'text/html') { - $link = db_escape_string( $alt['href']); + $link = db_escape_string($alt['href']); } } } @@ -206,9 +206,9 @@ class GoogleReaderImport extends Plugin { $content_hash = sha1($content); - if (filter_var( FILTER_VALIDATE_URL) === FALSE) return false; + if (filter_var(FILTER_VALIDATE_URL) === FALSE) return false; - db_query( "BEGIN"); + db_query("BEGIN"); $feed_id = 'NULL'; @@ -254,18 +254,18 @@ class GoogleReaderImport extends Plugin { // locate archived entry to file entries in, we don't want to file them in actual feeds because of purging // maybe file marked in real feeds because eh - $result = db_query( "SELECT id FROM ttrss_archived_feeds WHERE + $result = db_query("SELECT id FROM ttrss_archived_feeds WHERE feed_url = '".$orig_feed_data['feed_url']."' AND owner_uid = $owner_uid"); if (db_num_rows($result) != 0) { $orig_feed_id = db_fetch_result($result, 0, "id"); } else { - db_query( "INSERT INTO ttrss_archived_feeds + db_query("INSERT INTO ttrss_archived_feeds (id, owner_uid, title, feed_url, site_url) SELECT id, owner_uid, title, feed_url, site_url from ttrss_feeds WHERE id = '$feed_id'"); - $result = db_query( "SELECT id FROM ttrss_archived_feeds WHERE + $result = db_query("SELECT id FROM ttrss_archived_feeds WHERE feed_url = '".$orig_feed_data['feed_url']."' AND owner_uid = $owner_uid"); if (db_num_rows($result) != 0) { @@ -276,32 +276,32 @@ class GoogleReaderImport extends Plugin { // delete temporarily inserted feed if ($feed_id && $feed_inserted) { - db_query( "DELETE FROM ttrss_feeds WHERE id = $feed_id"); + db_query("DELETE FROM ttrss_feeds WHERE id = $feed_id"); } if (!$orig_feed_id) $orig_feed_id = 'NULL'; - $result = db_query( "SELECT id FROM ttrss_entries, ttrss_user_entries WHERE + $result = db_query("SELECT id FROM ttrss_entries, ttrss_user_entries WHERE guid = '$guid' AND ref_id = id AND owner_uid = '$owner_uid' LIMIT 1"); if (db_num_rows($result) == 0) { - $result = db_query( "INSERT INTO ttrss_entries + $result = db_query("INSERT INTO ttrss_entries (title, guid, link, updated, content, content_hash, date_entered, date_updated, author) VALUES ('$title', '$guid', '$link', '$updated', '$content', '$content_hash', NOW(), NOW(), '$author')"); - $result = db_query( "SELECT id FROM ttrss_entries WHERE guid = '$guid'"); + $result = db_query("SELECT id FROM ttrss_entries WHERE guid = '$guid'"); if (db_num_rows($result) != 0) { $ref_id = db_fetch_result($result, 0, "id"); - db_query( "INSERT INTO ttrss_user_entries + db_query("INSERT INTO ttrss_user_entries (ref_id, uuid, feed_id, orig_feed_id, owner_uid, marked, tag_cache, label_cache, last_read, note, unread, last_marked) VALUES ('$ref_id', '', NULL, $orig_feed_id, $owner_uid, $marked, '', '', NOW(), '', false, NOW())"); - $result = db_query( "SELECT int_id FROM ttrss_user_entries, ttrss_entries + $result = db_query("SELECT int_id FROM ttrss_user_entries, ttrss_entries WHERE owner_uid = $owner_uid AND ref_id = id AND ref_id = $ref_id"); if (db_num_rows($result) != 0 && is_array($tags)) { @@ -311,16 +311,16 @@ class GoogleReaderImport extends Plugin { foreach ($tags as $tag) { - $tag = db_escape_string( sanitize_tag($tag)); + $tag = db_escape_string(sanitize_tag($tag)); if (!tag_is_valid($tag)) continue; - $result = db_query( "SELECT id FROM ttrss_tags + $result = db_query("SELECT id FROM ttrss_tags WHERE tag_name = '$tag' AND post_int_id = '$entry_int_id' AND owner_uid = '$owner_uid' LIMIT 1"); if ($result && db_num_rows($result) == 0) { - db_query( "INSERT INTO ttrss_tags + db_query("INSERT INTO ttrss_tags (owner_uid,tag_name,post_int_id) VALUES ('$owner_uid','$tag', '$entry_int_id')"); } @@ -331,9 +331,9 @@ class GoogleReaderImport extends Plugin { /* update the cache */ $tags_to_cache = array_unique($tags_to_cache); - $tags_str = db_escape_string( join(",", $tags_to_cache)); + $tags_str = db_escape_string(join(",", $tags_to_cache)); - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET tag_cache = '$tags_str' WHERE ref_id = '$ref_id' AND owner_uid = $owner_uid"); } @@ -342,7 +342,7 @@ class GoogleReaderImport extends Plugin { } } - db_query( "COMMIT"); + db_query("COMMIT"); return $rc; } diff --git a/plugins/import_export/init.php b/plugins/import_export/init.php index 981a2b581..e4e98c036 100644 --- a/plugins/import_export/init.php +++ b/plugins/import_export/init.php @@ -26,11 +26,11 @@ class Import_Export extends Plugin implements IHandler { _debug("please enter your username:"); - $username = db_escape_string( trim(read_stdin())); + $username = db_escape_string(trim(read_stdin())); _debug("importing $filename for user $username...\n"); - $result = db_query( "SELECT id FROM ttrss_users WHERE login = '$username'"); + $result = db_query("SELECT id FROM ttrss_users WHERE login = '$username'"); if (db_num_rows($result) == 0) { print "error: could not find user $username.\n"; @@ -39,11 +39,11 @@ class Import_Export extends Plugin implements IHandler { $owner_uid = db_fetch_result($result, 0, "id"); - $this->perform_data_import( $filename, $owner_uid); + $this->perform_data_import($filename, $owner_uid); } function save() { - $example_value = db_escape_string( $_POST["example_value"]); + $example_value = db_escape_string($_POST["example_value"]); echo "Value set to $example_value (not really)"; } @@ -117,12 +117,12 @@ class Import_Export extends Plugin implements IHandler { } function exportrun() { - $offset = (int) db_escape_string( $_REQUEST['offset']); + $offset = (int) db_escape_string($_REQUEST['offset']); $exported = 0; $limit = 250; if ($offset < 10000 && is_writable(CACHE_DIR . "/export")) { - $result = db_query( "SELECT + $result = db_query("SELECT ttrss_entries.guid, ttrss_entries.title, content, @@ -181,7 +181,7 @@ class Import_Export extends Plugin implements IHandler { print json_encode(array("exported" => $exported)); } - function perform_data_import( $filename, $owner_uid) { + function perform_data_import($filename, $owner_uid) { $num_imported = 0; $num_processed = 0; @@ -234,7 +234,7 @@ class Import_Export extends Plugin implements IHandler { foreach ($article_node->childNodes as $child) { if ($child->nodeName != 'label_cache') - $article[$child->nodeName] = db_escape_string( $child->nodeValue); + $article[$child->nodeName] = db_escape_string($child->nodeValue); else $article[$child->nodeName] = $child->nodeValue; } @@ -245,11 +245,11 @@ class Import_Export extends Plugin implements IHandler { ++$num_processed; - //db_query( "BEGIN"); + //db_query("BEGIN"); //print 'GUID:' . $article['guid'] . "\n"; - $result = db_query( "SELECT id FROM ttrss_entries + $result = db_query("SELECT id FROM ttrss_entries WHERE guid = '".$article['guid']."'"); if (db_num_rows($result) == 0) { @@ -282,7 +282,7 @@ class Import_Export extends Plugin implements IHandler { '0', '')"); - $result = db_query( "SELECT id FROM ttrss_entries + $result = db_query("SELECT id FROM ttrss_entries WHERE guid = '".$article['guid']."'"); if (db_num_rows($result) != 0) { @@ -303,7 +303,7 @@ class Import_Export extends Plugin implements IHandler { $feed = 'NULL'; if ($feed_url && $feed_title) { - $result = db_query( "SELECT id FROM ttrss_feeds + $result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = '$owner_uid'"); if (db_num_rows($result) != 0) { @@ -311,10 +311,10 @@ class Import_Export extends Plugin implements IHandler { } else { // try autocreating feed in Uncategorized... - $result = db_query( "INSERT INTO ttrss_feeds (owner_uid, + $result = db_query("INSERT INTO ttrss_feeds (owner_uid, feed_url, title) VALUES ($owner_uid, '$feed_url', '$feed_title')"); - $result = db_query( "SELECT id FROM ttrss_feeds + $result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = '$owner_uid'"); if (db_num_rows($result) != 0) { @@ -332,7 +332,7 @@ class Import_Export extends Plugin implements IHandler { //print "$ref_id / $feed / " . $article['title'] . "\n"; - $result = db_query( "SELECT int_id FROM ttrss_user_entries + $result = db_query("SELECT int_id FROM ttrss_user_entries WHERE ref_id = '$ref_id' AND owner_uid = '$owner_uid' AND $feed_qpart"); if (db_num_rows($result) == 0) { @@ -342,7 +342,7 @@ class Import_Export extends Plugin implements IHandler { $score = (int) $article['score']; $tag_cache = $article['tag_cache']; - $label_cache = db_escape_string( $article['label_cache']); + $label_cache = db_escape_string($article['label_cache']); $note = $article['note']; //print "Importing " . $article['title'] . "<br/>"; @@ -362,15 +362,15 @@ class Import_Export extends Plugin implements IHandler { if (is_array($label_cache) && $label_cache["no-labels"] != 1) { foreach ($label_cache as $label) { - label_create( $label[1], + label_create($label[1], $label[2], $label[3], $owner_uid); - label_add_article( $ref_id, $label[1], $owner_uid); + label_add_article($ref_id, $label[1], $owner_uid); } } - //db_query( "COMMIT"); + //db_query("COMMIT"); } } } @@ -438,7 +438,7 @@ class Import_Export extends Plugin implements IHandler { } if (is_file($tmp_file)) { - $this->perform_data_import( $tmp_file, $_SESSION['uid']); + $this->perform_data_import($tmp_file, $_SESSION['uid']); unlink($tmp_file); } else { print_error(__('No file uploaded.')); diff --git a/plugins/instances/init.php b/plugins/instances/init.php index 12ae07280..a87684b56 100644 --- a/plugins/instances/init.php +++ b/plugins/instances/init.php @@ -37,7 +37,7 @@ class Instances extends Plugin implements IHandler { // 2 - did not receive valid data // >10 - server error, code + 10 (e.g. 16 means server error 6) - function get_linked_feeds( $instance_id = false) { + function get_linked_feeds($instance_id = false) { if ($instance_id) $instance_qpart = "id = '$instance_id' AND "; else @@ -49,7 +49,7 @@ class Instances extends Plugin implements IHandler { $date_qpart = "last_connected < DATE_SUB(NOW(), INTERVAL 6 HOUR)"; } - $result = db_query( "SELECT id, access_key, access_url FROM ttrss_linked_instances + $result = db_query("SELECT id, access_key, access_url FROM ttrss_linked_instances WHERE $instance_qpart $date_qpart ORDER BY last_connected"); while ($line = db_fetch_assoc($result)) { @@ -77,7 +77,7 @@ class Instances extends Plugin implements IHandler { // access denied if ($status == 16) { - db_query( "DELETE FROM ttrss_linked_feeds + db_query("DELETE FROM ttrss_linked_feeds WHERE instance_id = '$id'"); } } else { @@ -85,16 +85,16 @@ class Instances extends Plugin implements IHandler { if (count($feeds['feeds']) > 0) { - db_query( "DELETE FROM ttrss_linked_feeds + db_query("DELETE FROM ttrss_linked_feeds WHERE instance_id = '$id'"); foreach ($feeds['feeds'] as $feed) { - $feed_url = db_escape_string( $feed['feed_url']); - $title = db_escape_string( $feed['title']); - $subscribers = db_escape_string( $feed['subscribers']); - $site_url = db_escape_string( $feed['site_url']); + $feed_url = db_escape_string($feed['feed_url']); + $title = db_escape_string($feed['title']); + $subscribers = db_escape_string($feed['subscribers']); + $site_url = db_escape_string($feed['site_url']); - db_query( "INSERT INTO ttrss_linked_feeds + db_query("INSERT INTO ttrss_linked_feeds (feed_url, site_url, title, subscribers, instance_id, created, updated) VALUES ('$feed_url', '$site_url', '$title', '$subscribers', '$id', NOW(), NOW())"); @@ -119,7 +119,7 @@ class Instances extends Plugin implements IHandler { _debug("Status: $status"); - db_query( "UPDATE ttrss_linked_instances SET + db_query("UPDATE ttrss_linked_instances SET last_status_out = '$status', last_connected = NOW() WHERE id = '$id'"); } @@ -127,7 +127,7 @@ class Instances extends Plugin implements IHandler { function get_feeds() { - $this->get_linked_feeds( false); + $this->get_linked_feeds(false); } function get_prefs_js() { @@ -164,37 +164,37 @@ class Instances extends Plugin implements IHandler { } function remove() { - $ids = db_escape_string( $_REQUEST['ids']); + $ids = db_escape_string($_REQUEST['ids']); - db_query( "DELETE FROM ttrss_linked_instances WHERE + db_query("DELETE FROM ttrss_linked_instances WHERE id IN ($ids)"); } function add() { - $id = db_escape_string( $_REQUEST["id"]); - $access_url = db_escape_string( $_REQUEST["access_url"]); - $access_key = db_escape_string( $_REQUEST["access_key"]); + $id = db_escape_string($_REQUEST["id"]); + $access_url = db_escape_string($_REQUEST["access_url"]); + $access_key = db_escape_string($_REQUEST["access_key"]); - db_query( "BEGIN"); + db_query("BEGIN"); - $result = db_query( "SELECT id FROM ttrss_linked_instances + $result = db_query("SELECT id FROM ttrss_linked_instances WHERE access_url = '$access_url'"); if (db_num_rows($result) == 0) { - db_query( "INSERT INTO ttrss_linked_instances + db_query("INSERT INTO ttrss_linked_instances (access_url, access_key, last_connected, last_status_in, last_status_out) VALUES ('$access_url', '$access_key', '1970-01-01', -1, -1)"); } - db_query( "COMMIT"); + db_query("COMMIT"); } function edit() { - $id = db_escape_string( $_REQUEST["id"]); + $id = db_escape_string($_REQUEST["id"]); - $result = db_query( "SELECT * FROM ttrss_linked_instances WHERE + $result = db_query("SELECT * FROM ttrss_linked_instances WHERE id = '$id'"); print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"id\" value=\"$id\">"; @@ -250,11 +250,11 @@ class Instances extends Plugin implements IHandler { } function editSave() { - $id = db_escape_string( $_REQUEST["id"]); - $access_url = db_escape_string( $_REQUEST["access_url"]); - $access_key = db_escape_string( $_REQUEST["access_key"]); + $id = db_escape_string($_REQUEST["id"]); + $access_url = db_escape_string($_REQUEST["access_url"]); + $access_key = db_escape_string($_REQUEST["access_key"]); - db_query( "UPDATE ttrss_linked_instances SET + db_query("UPDATE ttrss_linked_instances SET access_key = '$access_key', access_url = '$access_url', last_connected = '1970-01-01' WHERE id = '$id'"); @@ -274,7 +274,7 @@ class Instances extends Plugin implements IHandler { print "<div id=\"pref-instance-toolbar\" dojoType=\"dijit.Toolbar\">"; - $sort = db_escape_string( $_REQUEST["sort"]); + $sort = db_escape_string($_REQUEST["sort"]); if (!$sort || $sort == "undefined") { $sort = "access_url"; @@ -295,7 +295,7 @@ class Instances extends Plugin implements IHandler { print "</div>"; #toolbar - $result = db_query( "SELECT *, + $result = db_query("SELECT *, (SELECT COUNT(*) FROM ttrss_linked_feeds WHERE instance_id = ttrss_linked_instances.id) AS num_feeds FROM ttrss_linked_instances @@ -324,7 +324,7 @@ class Instances extends Plugin implements IHandler { $id = $line['id']; $this_row_id = "id=\"LIRR-$id\""; - $line["last_connected"] = make_local_datetime( $line["last_connected"], false); + $line["last_connected"] = make_local_datetime($line["last_connected"], false); print "<tr class=\"$class\" $this_row_id>"; @@ -361,17 +361,17 @@ class Instances extends Plugin implements IHandler { function fbexport() { - $access_key = db_escape_string( $_POST["key"]); + $access_key = db_escape_string($_POST["key"]); // TODO: rate limit checking using last_connected - $result = db_query( "SELECT id FROM ttrss_linked_instances + $result = db_query("SELECT id FROM ttrss_linked_instances WHERE access_key = '$access_key'"); if (db_num_rows($result) == 1) { $instance_id = db_fetch_result($result, 0, "id"); - $result = db_query( "SELECT feed_url, site_url, title, subscribers + $result = db_query("SELECT feed_url, site_url, title, subscribers FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100"); $feeds = array(); @@ -380,7 +380,7 @@ class Instances extends Plugin implements IHandler { array_push($feeds, $line); } - db_query( "UPDATE ttrss_linked_instances SET + db_query("UPDATE ttrss_linked_instances SET last_status_in = 1 WHERE id = '$instance_id'"); print json_encode(array("feeds" => $feeds)); diff --git a/plugins/mail/init.php b/plugins/mail/init.php index 7adf36fe4..2897068aa 100644 --- a/plugins/mail/init.php +++ b/plugins/mail/init.php @@ -28,13 +28,13 @@ class Mail extends Plugin { function emailArticle() { - $param = db_escape_string( $_REQUEST['param']); + $param = db_escape_string($_REQUEST['param']); print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pluginhandler\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"plugin\" value=\"mail\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"sendEmail\">"; - $result = db_query( "SELECT email, full_name FROM ttrss_users WHERE + $result = db_query("SELECT email, full_name FROM ttrss_users WHERE id = " . $_SESSION["uid"]); $user_email = htmlspecialchars(db_fetch_result($result, 0, "email")); @@ -56,7 +56,7 @@ class Mail extends Plugin { $tpl->setVariable('USER_EMAIL', $user_email, true); $tpl->setVariable('TTRSS_HOST', $_SERVER["HTTP_HOST"], true); - $result = db_query( "SELECT link, content, title + $result = db_query("SELECT link, content, title FROM ttrss_user_entries, ttrss_entries WHERE id = ref_id AND id IN ($param) AND owner_uid = " . $_SESSION["uid"]); @@ -147,7 +147,7 @@ class Mail extends Plugin { if (!$rc) { $reply['error'] = $mail->ErrorInfo; } else { - save_email_address( db_escape_string($destination)); + save_email_address(db_escape_string($destination)); $reply['message'] = "UPDATE_COUNTERS"; } @@ -155,7 +155,7 @@ class Mail extends Plugin { } function completeEmails() { - $search = db_escape_string( $_REQUEST["search"]); + $search = db_escape_string($_REQUEST["search"]); print "<ul>"; diff --git a/plugins/mailto/init.php b/plugins/mailto/init.php index 81b2758b8..c786cf0dc 100644 --- a/plugins/mailto/init.php +++ b/plugins/mailto/init.php @@ -27,7 +27,7 @@ class MailTo extends Plugin { function emailArticle() { - $param = db_escape_string( $_REQUEST['param']); + $param = db_escape_string($_REQUEST['param']); require_once "lib/MiniTemplator.class.php"; @@ -41,7 +41,7 @@ class MailTo extends Plugin { $tpl->setVariable('TTRSS_HOST', $_SERVER["HTTP_HOST"], true); - $result = db_query( "SELECT link, content, title + $result = db_query("SELECT link, content, title FROM ttrss_user_entries, ttrss_entries WHERE id = ref_id AND id IN ($param) AND owner_uid = " . $_SESSION["uid"]); diff --git a/plugins/mark_button/init.php b/plugins/mark_button/init.php index 1ed2ea438..b6a311bc3 100644 --- a/plugins/mark_button/init.php +++ b/plugins/mark_button/init.php @@ -18,7 +18,7 @@ class Mark_Button extends Plugin { $marked_pic = ""; $id = $line["id"]; - if (get_pref( "COMBINED_DISPLAY_MODE")) { + if (get_pref("COMBINED_DISPLAY_MODE")) { if (sql_bool_to_bool($line["marked"])) { $marked_pic = "<img src=\"images/mark_set.svg\" diff --git a/plugins/mobile/article.php b/plugins/mobile/article.php index 17fc39395..f51c8962c 100644 --- a/plugins/mobile/article.php +++ b/plugins/mobile/article.php @@ -20,13 +20,13 @@ init_plugins($link); - login_sequence( true); + login_sequence(true); - $id = db_escape_string( $_REQUEST["id"]); - $feed_id = db_escape_string( $_REQUEST["feed"]); - $cat_id = db_escape_string( $_REQUEST["cat"]); - $is_cat = db_escape_string( $_REQUEST["is_cat"]); + $id = db_escape_string($_REQUEST["id"]); + $feed_id = db_escape_string($_REQUEST["feed"]); + $cat_id = db_escape_string($_REQUEST["cat"]); + $is_cat = db_escape_string($_REQUEST["is_cat"]); - render_article( $id, $feed_id, $cat_id, $is_cat); + render_article($id, $feed_id, $cat_id, $is_cat); ?> diff --git a/plugins/mobile/backend.php b/plugins/mobile/backend.php index a62f462d5..872798814 100644 --- a/plugins/mobile/backend.php +++ b/plugins/mobile/backend.php @@ -31,28 +31,28 @@ switch ($op) { case "toggleMarked": - $cmode = db_escape_string( $_REQUEST["mark"]); - $id = db_escape_string( $_REQUEST["id"]); + $cmode = db_escape_string($_REQUEST["mark"]); + $id = db_escape_string($_REQUEST["id"]); - markArticlesById( array($id), $cmode); + markArticlesById(array($id), $cmode); break; case "togglePublished": - $cmode = db_escape_string( $_REQUEST["pub"]); - $id = db_escape_string( $_REQUEST["id"]); + $cmode = db_escape_string($_REQUEST["pub"]); + $id = db_escape_string($_REQUEST["id"]); - publishArticlesById( array($id), $cmode); + publishArticlesById(array($id), $cmode); break; case "toggleUnread": - $cmode = db_escape_string( $_REQUEST["unread"]); - $id = db_escape_string( $_REQUEST["id"]); + $cmode = db_escape_string($_REQUEST["unread"]); + $id = db_escape_string($_REQUEST["id"]); - catchupArticlesById( array($id), $cmode); + catchupArticlesById(array($id), $cmode); break; case "setPref": - $id = db_escape_string( $_REQUEST["id"]); - $value = db_escape_string( $_REQUEST["to"]); - mobile_set_pref( $id, $value); + $id = db_escape_string($_REQUEST["id"]); + $value = db_escape_string($_REQUEST["to"]); + mobile_set_pref($id, $value); print_r($_SESSION); break; default: diff --git a/plugins/mobile/cat.php b/plugins/mobile/cat.php index ec5bbf3d9..5164d0049 100644 --- a/plugins/mobile/cat.php +++ b/plugins/mobile/cat.php @@ -20,10 +20,10 @@ init_plugins($link); - login_sequence( true); + login_sequence(true); - $cat_id = db_escape_string( $_REQUEST["id"]); + $cat_id = db_escape_string($_REQUEST["id"]); - render_category( $cat_id); + render_category($cat_id); ?> diff --git a/plugins/mobile/feed.php b/plugins/mobile/feed.php index 08e916e21..e09f9432a 100644 --- a/plugins/mobile/feed.php +++ b/plugins/mobile/feed.php @@ -20,14 +20,14 @@ init_plugins($link); - login_sequence( true); + login_sequence(true); - $feed_id = db_escape_string( $_REQUEST["id"]); - $cat_id = db_escape_string( $_REQUEST["cat"]); - $offset = (int) db_escape_string( $_REQUEST["skip"]); - $search = db_escape_string( $_REQUEST["search"]); - $is_cat = (bool) db_escape_string( $_REQUEST["is_cat"]); + $feed_id = db_escape_string($_REQUEST["id"]); + $cat_id = db_escape_string($_REQUEST["cat"]); + $offset = (int) db_escape_string($_REQUEST["skip"]); + $search = db_escape_string($_REQUEST["search"]); + $is_cat = (bool) db_escape_string($_REQUEST["is_cat"]); - render_headlines_list( $feed_id, $cat_id, $offset, $search, $is_cat); + render_headlines_list($feed_id, $cat_id, $offset, $search, $is_cat); ?> diff --git a/plugins/mobile/home.php b/plugins/mobile/home.php index 57b18cd85..71ef81def 100644 --- a/plugins/mobile/home.php +++ b/plugins/mobile/home.php @@ -20,14 +20,14 @@ init_plugins($link); - login_sequence( true); + login_sequence(true); - $use_cats = mobile_get_pref( 'ENABLE_CATS'); - $offset = (int) db_escape_string( $_REQUEST["skip"]); + $use_cats = mobile_get_pref('ENABLE_CATS'); + $offset = (int) db_escape_string($_REQUEST["skip"]); if ($use_cats) { render_categories_list($link); } else { - render_flat_feed_list( $offset); + render_flat_feed_list($offset); } ?> diff --git a/plugins/mobile/index.php b/plugins/mobile/index.php index 8202f4043..7154ebdc2 100644 --- a/plugins/mobile/index.php +++ b/plugins/mobile/index.php @@ -20,7 +20,7 @@ init_plugins($link); - login_sequence( true); + login_sequence(true); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> @@ -76,13 +76,13 @@ </div> <?php - $use_cats = mobile_get_pref( 'ENABLE_CATS'); - $offset = (int) db_escape_string( $_REQUEST["skip"]); + $use_cats = mobile_get_pref('ENABLE_CATS'); + $offset = (int) db_escape_string($_REQUEST["skip"]); if ($use_cats) { render_categories_list($link); } else { - render_flat_feed_list( $offset); + render_flat_feed_list($offset); } ?> diff --git a/plugins/mobile/mobile-functions.php b/plugins/mobile/mobile-functions.php index 0395ee7a5..dd5914516 100644 --- a/plugins/mobile/mobile-functions.php +++ b/plugins/mobile/mobile-functions.php @@ -8,34 +8,34 @@ /* TODO replace with interface to db-prefs */ - function mobile_pref_toggled( $id) { - if (get_pref( "_MOBILE_$id")) + function mobile_pref_toggled($id) { + if (get_pref("_MOBILE_$id")) return "true"; else return ""; } - function mobile_get_pref( $id) { + function mobile_get_pref($id) { //return $_SESSION["mobile-prefs"][$id]; - return get_pref( "_MOBILE_$id"); + return get_pref("_MOBILE_$id"); } - function mobile_set_pref( $id, $value) { + function mobile_set_pref($id, $value) { //$_SESSION["mobile-prefs"][$id] = $value; - return set_pref( "_MOBILE_$id", $value); + return set_pref("_MOBILE_$id", $value); } function mobile_feed_has_icon($id) { return file_exists("../../".ICONS_DIR."/$id.ico"); } - function render_flat_feed_list( $offset) { + function render_flat_feed_list($offset) { $owner_uid = $_SESSION["uid"]; $limit = 0; if (!$offset) $offset = 0; - if (mobile_get_pref( "SORT_FEEDS_UNREAD")) { + if (mobile_get_pref("SORT_FEEDS_UNREAD")) { $order_by = "unread DESC, title"; } else { $order_by = "title"; @@ -47,7 +47,7 @@ $limit_qpart = ""; } - $result = db_query( "SELECT id, + $result = db_query("SELECT id, title, (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries WHERE feed_id = ttrss_feeds.id AND unread = true @@ -85,7 +85,7 @@ $icon_url = "../../images/blank_icon.gif"; } - if ($unread > 0 || !mobile_get_pref( "HIDE_READ")) { + if ($unread > 0 || !mobile_get_pref("HIDE_READ")) { print "<li class='$class'><a href='feed.php?id=$id'>" . "<img class='tinyIcon' src='$icon_url'/>". $line["title"] . "</a></li>"; @@ -103,7 +103,7 @@ } - function render_category( $cat_id, $offset) { + function render_category($cat_id, $offset) { $owner_uid = $_SESSION["uid"]; if ($cat_id >= 0) { @@ -114,13 +114,13 @@ $cat_query = "cat_id IS NULL"; } - if (mobile_get_pref( "SORT_FEEDS_UNREAD")) { + if (mobile_get_pref("SORT_FEEDS_UNREAD")) { $order_by = "unread DESC, title"; } else { $order_by = "title"; } - $result = db_query( "SELECT id, + $result = db_query("SELECT id, title, (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries WHERE feed_id = ttrss_feeds.id AND unread = true @@ -132,7 +132,7 @@ $cat_query ORDER BY $order_by"); - $title = getCategoryTitle( $cat_id); + $title = getCategoryTitle($cat_id); print "<ul id='cat-$cat_id' title='$title' myBackLabel='".__("Home")."' myBackHref='home.php'>"; @@ -158,7 +158,7 @@ $icon_url = "../../images/blank_icon.gif"; } - if ($unread > 0 || !mobile_get_pref( "HIDE_READ")) { + if ($unread > 0 || !mobile_get_pref("HIDE_READ")) { print "<li class='$class'><a href='feed.php?id=$id&cat=$cat_id'>" . "<img class='tinyIcon' src='$icon_url'/>". $line["title"] . "</a></li>"; @@ -174,8 +174,8 @@ myBackHref='home.php'>"; foreach (array(-4, -3, -1, -2, 0) as $id) { - $title = getFeedTitle( $id); - $unread = getFeedUnread( $id, false); + $title = getFeedTitle($id); + $unread = getFeedUnread($id, false); $icon = getFeedIcon($id); if ($unread > 0) { @@ -185,7 +185,7 @@ $class = 'oldItem'; } - if ($unread > 0 || !mobile_get_pref( "HIDE_READ")) { + if ($unread > 0 || !mobile_get_pref("HIDE_READ")) { print "<li class='$class'> <a href='feed.php?id=$id&cat=-1'> <img class='tinyIcon' src='../$icon'/>$title</a></li>"; @@ -200,7 +200,7 @@ print "<ul id='cat--2' title='$title' myBackLabel='".__("Home")."' myBackHref='home.php'>"; - $result = db_query( "SELECT id, caption FROM ttrss_labels2 + $result = db_query("SELECT id, caption FROM ttrss_labels2 WHERE owner_uid = '$owner_uid'"); $label_data = array(); @@ -209,7 +209,7 @@ $id = label_to_feed_id($line["id"]); - $unread = getFeedUnread( $id); + $unread = getFeedUnread($id); $title = $line["caption"]; if ($unread > 0) { @@ -219,7 +219,7 @@ $class = 'oldItem'; } - if ($unread > 0 || !mobile_get_pref( "HIDE_READ")) { + if ($unread > 0 || !mobile_get_pref("HIDE_READ")) { print "<li class='$class'> <a href='feed.php?id=$id&cat=-2'>$title</a></li>"; } @@ -231,7 +231,7 @@ function render_categories_list($link) { $owner_uid = $_SESSION["uid"]; - $cat_browse = mobile_get_pref( "BROWSE_CATS"); + $cat_browse = mobile_get_pref("BROWSE_CATS"); print '<ul id="home" title="'.__('Home').'" selected="true" myBackLabel="'.__('Logout').'" myBackHref="logout.php" myBackTarget="_self">'; @@ -239,8 +239,8 @@ // print "<li><a href='#searchForm'>Search...</a></li>"; foreach (array(-1, -2) as $id) { - $title = getCategoryTitle( $id); - $unread = getFeedUnread( $id, true); + $title = getCategoryTitle($id); + $unread = getFeedUnread($id, true); if ($unread > 0) { $title = $title . " ($unread)"; $class = ''; @@ -254,7 +254,7 @@ print "<li class='$class'><a href='feed.php?id=$id&is_cat=true'>$title</a></li>"; } - $result = db_query( "SELECT + $result = db_query("SELECT ttrss_feed_categories.id, ttrss_feed_categories.title, COUNT(ttrss_feeds.id) AS num_feeds @@ -269,7 +269,7 @@ if ($line["num_feeds"] > 0) { - $unread = getFeedUnread( $line["id"], true); + $unread = getFeedUnread($line["id"], true); $id = $line["id"]; if ($unread > 0) { @@ -279,7 +279,7 @@ $class = 'oldItem'; } - if ($unread > 0 || !mobile_get_pref( "HIDE_READ")) { + if ($unread > 0 || !mobile_get_pref("HIDE_READ")) { if ($cat_browse) print "<li class='$class'><a href='cat.php?id=$id'>" . @@ -292,13 +292,13 @@ } - $result = db_query( "SELECT COUNT(*) AS nf FROM ttrss_feeds WHERE + $result = db_query("SELECT COUNT(*) AS nf FROM ttrss_feeds WHERE cat_id IS NULL and owner_uid = '$owner_uid'"); $num_feeds = db_fetch_result($result, 0, "nf"); if ($num_feeds > 0) { - $unread = getFeedUnread( 0, true); + $unread = getFeedUnread(0, true); $title = "Uncategorized"; if ($unread > 0) { @@ -308,7 +308,7 @@ $class = 'oldItem'; } - if ($unread > 0 || !mobile_get_pref( "HIDE_READ")) { + if ($unread > 0 || !mobile_get_pref("HIDE_READ")) { if ($cat_browse) print "<li class='$class'><a href='cat.php?id=0'>$title</a></li>"; else @@ -320,14 +320,14 @@ print "</ul>"; } - function render_headlines_list( $feed_id, $cat_id, $offset, $search, + function render_headlines_list($feed_id, $cat_id, $offset, $search, $is_cat = false) { $feed_id = $feed_id; $limit = 15; $filter = ''; - if (!mobile_get_pref( "HIDE_READ")) + if (!mobile_get_pref("HIDE_READ")) $view_mode = "all_articles"; else $view_mode = 'adaptive'; @@ -338,9 +338,9 @@ $search_mode = ''; } - $qfh_ret = queryFeedHeadlines( $feed_id, $limit, + $qfh_ret = queryFeedHeadlines($feed_id, $limit, $view_mode, $is_cat, $search, $search_mode, - "score DESC, date_entered ".(mobile_get_pref( 'REVERSE_HEADLINES') ? 'ASC' : 'DESC'), $offset); + "score DESC, date_entered ".(mobile_get_pref('REVERSE_HEADLINES') ? 'ASC' : 'DESC'), $offset); $result = $qfh_ret[0]; $feed_title = $qfh_ret[1]; @@ -364,7 +364,7 @@ </form>"; if ($cat_id) { - $cat_title = getCategoryTitle( $cat_id); + $cat_title = getCategoryTitle($cat_id); print "<ul id=\"feed-$feed_id\" title=\"$feed_title\" selected=\"true\" myBackLabel='$cat_title' myBackHref='cat.php?id=$cat_id'>"; @@ -413,7 +413,7 @@ // print "<a target='_replace' href='feed.php?id=$feed_id&cat=$cat_id&skip=0'>Next $limit articles...</a>"; $next_offset = $offset + $num_headlines; - $num_unread = getFeedUnread( $feed_id, $is_cat); + $num_unread = getFeedUnread($feed_id, $is_cat); /* FIXME needs normal implementation */ @@ -435,7 +435,7 @@ } - function render_article( $id, $feed_id, $cat_id, $is_cat) { + function render_article($id, $feed_id, $cat_id, $is_cat) { $query = "SELECT title,link,content,feed_id,comments,int_id, marked,unread,published, @@ -445,33 +445,33 @@ WHERE id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"] ; - $result = db_query( $query); + $result = db_query($query); if (db_num_rows($result) != 0) { $line = db_fetch_assoc($result); - $tmp_result = db_query( "UPDATE ttrss_user_entries + $tmp_result = db_query("UPDATE ttrss_user_entries SET unread = false,last_read = NOW() WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); - $updated_fmt = make_local_datetime( $line['updated'], false); + $updated_fmt = make_local_datetime($line['updated'], false); $title = $line["title"]; $article_link = $line["link"]; if (!$is_cat) - $feed_title = getFeedTitle( $feed_id); + $feed_title = getFeedTitle($feed_id); else - $feed_title = getCategoryTitle( $feed_id); + $feed_title = getCategoryTitle($feed_id); print "<div class=\"panel\" id=\"article-$id\" title=\"$title\" selected=\"true\" myBackLabel='$feed_title' myBackHref='feed.php?id=$feed_id&cat=$cat_id&is_cat=$is_cat'>"; if ($line['feed_id'] != $feed_id) { - $real_feed_title = getFeedTitle( $line['feed_id']); + $real_feed_title = getFeedTitle($line['feed_id']); $real_feed_id = $line['feed_id']; $feed_link = "(<a href=\"feed.php?id=$real_feed_id\">$real_feed_title</a>)"; } @@ -497,10 +497,10 @@ // print "</fieldset>"; - $content = sanitize( $line["content"]); + $content = sanitize($line["content"]); $content = preg_replace("/href=/i", "target=\"_blank\" href=", $content); - if (!mobile_get_pref( "SHOW_IMAGES")) { + if (!mobile_get_pref("SHOW_IMAGES")) { $content = preg_replace('/<img[^>]+>/is', '', $content); } diff --git a/plugins/mobile/prefs.php b/plugins/mobile/prefs.php index 78b6e8a7b..ac7762fe5 100644 --- a/plugins/mobile/prefs.php +++ b/plugins/mobile/prefs.php @@ -22,7 +22,7 @@ init_plugins($link); - login_sequence( true); + login_sequence(true); ?> <div class="panel" id="prefs" selected="yes" title="Preferences" @@ -32,33 +32,33 @@ <div class="row"> <label><?php echo __('Enable categories') ?></label> - <div class="toggle" id="ENABLE_CATS" onclick="setPref(this)" toggled="<?php echo mobile_pref_toggled( "ENABLE_CATS") ?>"><span class="thumb"></span><span class="toggleOn"><?php echo __('ON') ?></span><span class="toggleOff"><?php echo __('OFF') ?></span></div> + <div class="toggle" id="ENABLE_CATS" onclick="setPref(this)" toggled="<?php echo mobile_pref_toggled("ENABLE_CATS") ?>"><span class="thumb"></span><span class="toggleOn"><?php echo __('ON') ?></span><span class="toggleOff"><?php echo __('OFF') ?></span></div> </div> <div class="row"> <label><?php echo __('Browse categories like folders') ?></label> - <div class="toggle" id="BROWSE_CATS" onclick="setPref(this)" toggled="<?php echo mobile_pref_toggled( "BROWSE_CATS") ?>"><span class="thumb"></span><span class="toggleOn"><?php echo __('ON') ?></span><span class="toggleOff"><?php echo __('OFF') ?></span></div> + <div class="toggle" id="BROWSE_CATS" onclick="setPref(this)" toggled="<?php echo mobile_pref_toggled("BROWSE_CATS") ?>"><span class="thumb"></span><span class="toggleOn"><?php echo __('ON') ?></span><span class="toggleOff"><?php echo __('OFF') ?></span></div> </div> <div class="row"> <label><?php echo __('Show images in posts') ?></label> - <div class="toggle" id="SHOW_IMAGES" onclick="setPref(this)" toggled="<?php echo mobile_pref_toggled( "SHOW_IMAGES") ?>"><span class="thumb"></span><span class="toggleOn"><?php echo __('ON') ?></span><span class="toggleOff"><?php echo __('OFF') ?></span></div> + <div class="toggle" id="SHOW_IMAGES" onclick="setPref(this)" toggled="<?php echo mobile_pref_toggled("SHOW_IMAGES") ?>"><span class="thumb"></span><span class="toggleOn"><?php echo __('ON') ?></span><span class="toggleOff"><?php echo __('OFF') ?></span></div> </div> <div class="row"> <label><?php echo __('Hide read articles and feeds') ?></label> - <div class="toggle" id="HIDE_READ" onclick="setPref(this)" toggled="<?php echo mobile_pref_toggled( "HIDE_READ") ?>"><span class="thumb"></span><span class="toggleOn"><?php echo __('ON') ?></span><span class="toggleOff"><?php echo __('OFF') ?></span></div> + <div class="toggle" id="HIDE_READ" onclick="setPref(this)" toggled="<?php echo mobile_pref_toggled("HIDE_READ") ?>"><span class="thumb"></span><span class="toggleOn"><?php echo __('ON') ?></span><span class="toggleOff"><?php echo __('OFF') ?></span></div> </div> <div class="row"> <label><?php echo __('Sort feeds by unread count') ?></label> - <div class="toggle" id="SORT_FEEDS_UNREAD" onclick="setPref(this)" toggled="<?php echo mobile_pref_toggled( "SORT_FEEDS_UNREAD") ?>"><span class="thumb"></span><span class="toggleOn"><?php echo __('ON') ?></span><span class="toggleOff"><?php echo __('OFF') ?></span></div> + <div class="toggle" id="SORT_FEEDS_UNREAD" onclick="setPref(this)" toggled="<?php echo mobile_pref_toggled("SORT_FEEDS_UNREAD") ?>"><span class="thumb"></span><span class="toggleOn"><?php echo __('ON') ?></span><span class="toggleOff"><?php echo __('OFF') ?></span></div> </div> <div class="row"> <label><?php echo __('Reverse headline order (oldest first)') ?></label> - <div class="toggle" id="REVERSE_HEADLINES" onclick="setPref(this)" toggled="<?php echo mobile_pref_toggled( "REVERSE_HEADLINES") ?>"><span class="thumb"></span><span class="toggleOn"><?php echo __('ON') ?></span><span class="toggleOff"><?php echo __('OFF') ?></span></div> + <div class="toggle" id="REVERSE_HEADLINES" onclick="setPref(this)" toggled="<?php echo mobile_pref_toggled("REVERSE_HEADLINES") ?>"><span class="thumb"></span><span class="toggleOn"><?php echo __('ON') ?></span><span class="toggleOff"><?php echo __('OFF') ?></span></div> </div> </fieldset> diff --git a/plugins/note/init.php b/plugins/note/init.php index a5396e5a4..f5816bc27 100644 --- a/plugins/note/init.php +++ b/plugins/note/init.php @@ -27,9 +27,9 @@ class Note extends Plugin { } function edit() { - $param = db_escape_string( $_REQUEST['param']); + $param = db_escape_string($_REQUEST['param']); - $result = db_query( "SELECT note FROM ttrss_user_entries WHERE + $result = db_query("SELECT note FROM ttrss_user_entries WHERE ref_id = '$param' AND owner_uid = " . $_SESSION['uid']); $note = db_fetch_result($result, 0, "note"); @@ -56,10 +56,10 @@ class Note extends Plugin { } function setNote() { - $id = db_escape_string( $_REQUEST["id"]); - $note = trim(strip_tags(db_escape_string( $_REQUEST["note"]))); + $id = db_escape_string($_REQUEST["id"]); + $note = trim(strip_tags(db_escape_string($_REQUEST["note"]))); - db_query( "UPDATE ttrss_user_entries SET note = '$note' + db_query("UPDATE ttrss_user_entries SET note = '$note' WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); $formatted_note = format_article_note($id, $note); diff --git a/plugins/nsfw/init.php b/plugins/nsfw/init.php index 92b5f65b2..c4182731d 100644 --- a/plugins/nsfw/init.php +++ b/plugins/nsfw/init.php @@ -88,7 +88,7 @@ class NSFW extends Plugin { } function save() { - $tags = explode(",", db_escape_string( $_POST["tags"])); + $tags = explode(",", db_escape_string($_POST["tags"])); $tags = array_map("trim", $tags); $tags = array_map("mb_strtolower", $tags); $tags = join(", ", $tags); diff --git a/plugins/share/init.php b/plugins/share/init.php index b9e030d37..53b9dcdce 100644 --- a/plugins/share/init.php +++ b/plugins/share/init.php @@ -26,9 +26,9 @@ class Share extends Plugin { } function shareArticle() { - $param = db_escape_string( $_REQUEST['param']); + $param = db_escape_string($_REQUEST['param']); - $result = db_query( "SELECT uuid, ref_id FROM ttrss_user_entries WHERE int_id = '$param' + $result = db_query("SELECT uuid, ref_id FROM ttrss_user_entries WHERE int_id = '$param' AND owner_uid = " . $_SESSION['uid']); if (db_num_rows($result) == 0) { @@ -39,8 +39,8 @@ class Share extends Plugin { $ref_id = db_fetch_result($result, 0, "ref_id"); if (!$uuid) { - $uuid = db_escape_string( sha1(uniqid(rand(), true))); - db_query( "UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$param' + $uuid = db_escape_string(sha1(uniqid(rand(), true))); + db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$param' AND owner_uid = " . $_SESSION['uid']); } @@ -53,10 +53,10 @@ class Share extends Plugin { print "<a id='pub_opml_url' href='$url_path' target='_blank'>$url_path</a>"; print "</div>"; - /* if (!label_find_id( __('Shared'), $_SESSION["uid"])) - label_create( __('Shared'), $_SESSION["uid"]); + /* if (!label_find_id(__('Shared'), $_SESSION["uid"])) + label_create(__('Shared'), $_SESSION["uid"]); - label_add_article( $ref_id, __('Shared'), $_SESSION['uid']); */ + label_add_article($ref_id, __('Shared'), $_SESSION['uid']); */ } print "<div align='center'>"; diff --git a/plugins/updater/init.php b/plugins/updater/init.php index 856a0cbf9..2ae4c4109 100644 --- a/plugins/updater/init.php +++ b/plugins/updater/init.php @@ -20,7 +20,7 @@ class Updater extends Plugin { $this); } - function update_self_step( $step, $params, $force = false) { + function update_self_step($step, $params, $force = false) { // __FILE__ is in plugins/updater so we need to go one level up $work_dir = dirname(dirname(dirname(__FILE__))); $parent_dir = dirname($work_dir); @@ -277,13 +277,13 @@ class Updater extends Plugin { return array("step" => $step, "stop" => $stop, "params" => $params, "log" => $log); } - function update_self_cli( $force = false) { + function update_self_cli($force = false) { $step = 0; $stop = false; $params = array(); while (!$stop) { - $rc = $this->update_self_step( $step, $params, $force); + $rc = $this->update_self_step($step, $params, $force); $params = $rc['params']; $stop = $rc['stop']; @@ -307,7 +307,7 @@ class Updater extends Plugin { if ($input != 'yes' && $input != 'force') exit; - $this->update_self_cli( $input == 'force'); + $this->update_self_cli($input == 'force'); } function get_prefs_js() { @@ -376,7 +376,7 @@ class Updater extends Plugin { $force = (bool) $_REQUEST["force"]; if (($_SESSION["access_level"] >= 10 || SINGLE_USER_MODE) && CHECK_FOR_NEW_VERSION) { - print json_encode($this->update_self_step( $step, $params, $force)); + print json_encode($this->update_self_step($step, $params, $force)); } } |