diff options
-rw-r--r-- | backend.php | 2583 | ||||
-rw-r--r-- | modules/help.php | 36 | ||||
-rw-r--r-- | modules/popup-dialog.php | 245 | ||||
-rw-r--r-- | modules/pref-feeds.php | 944 | ||||
-rw-r--r-- | modules/pref-filters.php | 314 | ||||
-rw-r--r-- | modules/pref-labels.php | 289 | ||||
-rw-r--r-- | modules/pref-prefs.php | 387 | ||||
-rw-r--r-- | modules/pref-users.php | 325 | ||||
-rw-r--r-- | sanity_check.php | 27 |
9 files changed, 2583 insertions, 2567 deletions
diff --git a/backend.php b/backend.php index 49ca35c32..ac9847053 100644 --- a/backend.php +++ b/backend.php @@ -1,6 +1,5 @@ <?php require_once "sessions.php"; - require_once "backend-rpc.php"; header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); @@ -25,15 +24,8 @@ require_once "db-prefs.php"; require_once "functions.php"; - $err_msg = check_configuration_variables(); - $print_exec_time = true; - if ($err_msg) { - header("Content-Type: application/xml"); - print_error_xml(9, $err_msg); die; - } - if ((!$op || $op == "rpc" || $op == "rss" || $op == "digestSend" || $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) { header("Content-Type: application/xml"); @@ -88,6 +80,15 @@ 0 => "User", 10 => "Administrator"); + require_once "modules/popup-dialog.php"; + require_once "modules/help.php"; + require_once "modules/pref-feeds.php"; + require_once "modules/pref-filters.php"; + require_once "modules/pref-labels.php"; + require_once "modules/pref-users.php"; + require_once "modules/pref-prefs.php"; + require_once "modules/backend-rpc.php"; + $script_started = getmicrotime(); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); @@ -104,22 +105,6 @@ pg_query("set client_encoding = 'utf-8'"); } - if ($_SESSION["uid"]) { - -// setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH); -// setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON); - -/* if (get_pref($link, "ON_CATCHUP_SHOW_NEXT_FEED")) { - setcookie('ttrss_vf_catchupnext', 1); - } else { - setcookie('ttrss_vf_catchupnext', 0); - } */ - } - - $fetch = $_GET["fetch"]; - -// setcookie("ttrss_icons_url", ICONS_URL); - if (!sanity_check($link)) { return; } if ($op == "rpc") { @@ -583,1550 +568,15 @@ } if ($op == "pref-feeds") { - - $subop = $_REQUEST["subop"]; - $quiet = $_REQUEST["quiet"]; - - if ($subop == "massSubscribe") { - $ids = split(",", db_escape_string($_GET["ids"])); - - $subscribed = array(); - - foreach ($ids as $id) { - $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds - WHERE id = '$id'"); - - $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url")); - $title = db_escape_string(db_fetch_result($result, 0, "title")); - - $title_orig = db_fetch_result($result, 0, "title"); - - $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE - feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); - - if (db_num_rows($result) == 0) { - $result = db_query($link, - "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id) - VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)"); - - array_push($subscribed, $title_orig); - } - } - - if (count($subscribed) > 0) { - print "<div class=\"notice\">"; - print "<b>Subscribed to feeds:</b>"; - print "<ul class=\"nomarks\">"; - foreach ($subscribed as $title) { - print "<li>$title</li>"; - } - print "</ul>"; - print "</div>"; - } - } - - if ($subop == "browse") { - - if (!ENABLE_FEED_BROWSER) { - print "Feed browser is administratively disabled."; - return; - } - - print "<div id=\"infoBoxTitle\">Other feeds: Top 25</div>"; - - print "<div class=\"infoBoxContents\">"; - - print "<p>Showing top 25 registered feeds, sorted by popularity:</p>"; - -# $result = db_query($link, "SELECT feed_url,count(id) AS subscribers -# FROM ttrss_feeds -# WHERE auth_login = '' AND auth_pass = '' AND private = false -# GROUP BY feed_url ORDER BY subscribers DESC LIMIT 25"); - - $owner_uid = $_SESSION["uid"]; - - $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers - FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf - WHERE tf.feed_url = ttrss_feeds.feed_url - AND owner_uid = '$owner_uid') GROUP BY feed_url - ORDER BY subscribers DESC LIMIT 25"); - - print "<ul class='browseFeedList' id='browseFeedList'>"; - - $feedctr = 0; - - while ($line = db_fetch_assoc($result)) { - $feed_url = $line["feed_url"]; - $subscribers = $line["subscribers"]; - - $det_result = db_query($link, "SELECT site_url,title,id - FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1"); - - $details = db_fetch_assoc($det_result); - - $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico"; - - if (file_exists($icon_file) && filesize($icon_file) > 0) { - $feed_icon = "<img class=\"tinyFeedIcon\" src=\"" . ICONS_URL . - "/".$details["id"].".ico\">"; - } else { - $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">"; - } - - $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB' - type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">"; - - $class = ($feedctr % 2) ? "even" : "odd"; - - print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box". - "$feed_icon " . db_unescape_string($details["title"]) . - " <span class='subscribers'>($subscribers)</span></li>"; - - ++$feedctr; - } - - if ($feedctr == 0) { - print "<li>No feeds found to subscribe.</li>"; - } - - print "</ul>"; - - print "<div align='center'> - <input type=\"submit\" class=\"button\" - onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\"> - <input type='submit' class='button' - onclick=\"closeInfoBox()\" value=\"Cancel\"></div>"; - - print "</div>"; - return; - } - - if ($subop == "editfeed") { - $feed_id = db_escape_string($_REQUEST["id"]); - - $result = db_query($link, - "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND - owner_uid = " . $_SESSION["uid"]); - - $title = htmlspecialchars(db_unescape_string(db_fetch_result($result, - 0, "title"))); - - $icon_file = ICONS_DIR . "/$feed_id.ico"; - - if (file_exists($icon_file) && filesize($icon_file) > 0) { - $feed_icon = "<img width=\"16\" height=\"16\" - src=\"" . ICONS_URL . "/$feed_id.ico\">"; - } else { - $feed_icon = ""; - } - - print "<div id=\"infoBoxTitle\">Feed editor</div>"; - - print "<div class=\"infoBoxContents\">"; - - print "<form id=\"edit_feed_form\">"; - - print "<input type=\"hidden\" name=\"id\" value=\"$feed_id\">"; - print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">"; - print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">"; - - print "<table width='100%'>"; - - print "<tr><td>Title:</td>"; - print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event, feedEditSave)\" - name=\"title\" value=\"$title\"></td></tr>"; - - $feed_url = db_fetch_result($result, 0, "feed_url"); - $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result, - 0, "feed_url"))); - - print "<tr><td>Feed URL:</td>"; - print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event, feedEditSave)\" - name=\"feed_url\" value=\"$feed_url\"></td></tr>"; - - if (get_pref($link, 'ENABLE_FEED_CATS')) { - - $cat_id = db_fetch_result($result, 0, "cat_id"); - - print "<tr><td>Category:</td>"; - print "<td>"; - - $parent_feed = db_fetch_result($result, 0, "parent_feed"); - - if (sprintf("%d", $parent_feed) > 0) { - $disabled = "disabled"; - } else { - $disabled = ""; - } - - print_feed_cat_select($link, "cat_id", $cat_id, "class=\"iedit\" $disabled"); - - print "</td>"; - print "</td></tr>"; - - } - - $update_interval = db_fetch_result($result, 0, "update_interval"); - - print "<tr><td>Update Interval:</td>"; - - print "<td>"; - - print_select_hash("update_interval", $update_interval, $update_intervals, - "class=\"iedit\""); - - print "</td>"; - - print "<tr><td>Link to:</td><td>"; - - $tmp_result = db_query($link, "SELECT COUNT(id) AS count - FROM ttrss_feeds WHERE parent_feed = '$feed_id'"); - - $linked_count = db_fetch_result($tmp_result, 0, "count"); - - $parent_feed = db_fetch_result($result, 0, "parent_feed"); - - if ($linked_count > 0) { - $disabled = "disabled"; - } else { - $disabled = ""; - } - - print "<select class=\"iedit\" $disabled name=\"parent_feed\">"; - - print "<option value=\"0\">Not linked</option>"; - - if (get_pref($link, 'ENABLE_FEED_CATS')) { - if ($cat_id) { - $cat_qpart = "AND cat_id = '$cat_id'"; - } else { - $cat_qpart = "AND cat_id IS NULL"; - } - } - - $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds - WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]." AND - (SELECT COUNT(id) FROM ttrss_feeds AS T2 WHERE T2.id = ttrss_feeds.parent_feed) = 0 - $cat_qpart ORDER BY title"); - - if (db_num_rows($tmp_result) > 0) { - print "<option disabled>--------</option>"; - } - - while ($tmp_line = db_fetch_assoc($tmp_result)) { - if ($tmp_line["id"] == $parent_feed) { - $is_selected = "selected"; - } else { - $is_selected = ""; - } - printf("<option $is_selected value='%d'>%s</option>", - $tmp_line["id"], $tmp_line["title"]); - } - - print "</select>"; - print "</td></tr>"; - - $purge_interval = db_fetch_result($result, 0, "purge_interval"); - - print "<tr><td>Article purging:</td>"; - - print "<td>"; - - print_select_hash("purge_interval", $purge_interval, $purge_intervals, - "class=\"iedit\""); - - print "</td>"; - - $auth_login = escape_for_form(db_fetch_result($result, 0, "auth_login")); - - print "<tr><td>Login:</td>"; - print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event, feedEditSave)\" - name=\"auth_login\" value=\"$auth_login\"></td></tr>"; - - $auth_pass = escape_for_form(db_fetch_result($result, 0, "auth_pass")); - - print "<tr><td>Password:</td>"; - print "<td><input class=\"iedit\" type=\"password\" name=\"auth_pass\" - onkeypress=\"return filterCR(event, feedEditSave)\" - value=\"$auth_pass\"></td></tr>"; - - $private = sql_bool_to_bool(db_fetch_result($result, 0, "private")); - - if ($private) { - $checked = "checked"; - } else { - $checked = ""; - } - - print "<tr><td valign='top'>Options:</td>"; - print "<td><input type=\"checkbox\" name=\"private\" id=\"private\" - $checked><label for=\"private\">Hide from \"Other Feeds\"</label>"; - - $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content")); - - if ($rtl_content) { - $checked = "checked"; - } else { - $checked = ""; - } - - print "<br><input type=\"checkbox\" id=\"rtl_content\" name=\"rtl_content\" - $checked><label for=\"rtl_content\">Right-to-left content</label>"; - - $hidden = sql_bool_to_bool(db_fetch_result($result, 0, "hidden")); - - if ($hidden) { - $checked = "checked"; - } else { - $checked = ""; - } - - print "<br><input type=\"checkbox\" id=\"hidden\" name=\"hidden\" - $checked><label for=\"hidden\">Hide from my feed list</label>"; - - $include_in_digest = sql_bool_to_bool(db_fetch_result($result, 0, "include_in_digest")); - - if ($include_in_digest) { - $checked = "checked"; - } else { - $checked = ""; - } - - print "<br><input type=\"checkbox\" id=\"include_in_digest\" - name=\"include_in_digest\" - $checked><label for=\"include_in_digest\">Include in e-mail digest</label>"; - - print "</td></tr>"; - - print "</table>"; - - print "</form>"; - - print "<div align='right'> - <input type=\"submit\" class=\"button\" - onclick=\"return feedEditSave()\" value=\"Save\"> - <input type='submit' class='button' - onclick=\"return feedEditCancel()\" value=\"Cancel\"></div>"; - - print "</div>"; - - return; - } - - if ($subop == "editSave") { - - $feed_title = db_escape_string(trim($_POST["title"])); - $feed_link = db_escape_string(trim($_POST["feed_url"])); - $upd_intl = db_escape_string($_POST["update_interval"]); - $purge_intl = db_escape_string($_POST["purge_interval"]); - $feed_id = db_escape_string($_POST["id"]); - $cat_id = db_escape_string($_POST["cat_id"]); - $auth_login = db_escape_string(trim($_POST["auth_login"])); - $auth_pass = db_escape_string(trim($_POST["auth_pass"])); - $parent_feed = db_escape_string($_POST["parent_feed"]); - $private = checkbox_to_sql_bool(db_escape_string($_POST["private"])); - $rtl_content = checkbox_to_sql_bool(db_escape_string($_POST["rtl_content"])); - $hidden = checkbox_to_sql_bool(db_escape_string($_POST["hidden"])); - $include_in_digest = checkbox_to_sql_bool( - db_escape_string($_POST["include_in_digest"])); - - if (get_pref($link, 'ENABLE_FEED_CATS')) { - if ($cat_id && $cat_id != 0) { - $category_qpart = "cat_id = '$cat_id',"; - $category_qpart_nocomma = "cat_id = '$cat_id'"; - } else { - $category_qpart = 'cat_id = NULL,'; - $category_qpart_nocomma = 'cat_id = NULL'; - } - } else { - $category_qpart = ""; - $category_qpart_nocomma = ""; - } - - if ($parent_feed && $parent_feed != 0) { - $parent_qpart = "parent_feed = '$parent_feed'"; - } else { - $parent_qpart = 'parent_feed = NULL'; - } - - $result = db_query($link, "UPDATE ttrss_feeds SET - $category_qpart $parent_qpart, - title = '$feed_title', feed_url = '$feed_link', - update_interval = '$upd_intl', - purge_interval = '$purge_intl', - auth_login = '$auth_login', - auth_pass = '$auth_pass', - private = $private, - rtl_content = $rtl_content, - hidden = $hidden, - include_in_digest = $include_in_digest - WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); - - if (get_pref($link, 'ENABLE_FEED_CATS')) { - # update linked feed categories - $result = db_query($link, "UPDATE ttrss_feeds SET - $category_qpart_nocomma WHERE parent_feed = '$feed_id' AND - owner_uid = " . $_SESSION["uid"]); - } - } - - if ($subop == "saveCat") { - $cat_title = db_escape_string(trim($_GET["title"])); - $cat_id = db_escape_string($_GET["id"]); - - $result = db_query($link, "UPDATE ttrss_feed_categories SET - title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]); - - } - - if ($subop == "remove") { - - if (!WEB_DEMO_MODE) { - - $ids = split(",", db_escape_string($_GET["ids"])); - - foreach ($ids as $id) { - - if ($id > 0) { - - db_query($link, "DELETE FROM ttrss_feeds - WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); - - $icons_dir = ICONS_DIR; - - if (file_exists($icons_dir . "/$id.ico")) { - unlink($icons_dir . "/$id.ico"); - } - } else if ($id < -10) { - - $label_id = -$id - 11; - - db_query($link, "DELETE FROM ttrss_labels - WHERE id = '$label_id' AND owner_uid = " . $_SESSION["uid"]); - } - } - } - } - - if ($subop == "add") { - - if (!WEB_DEMO_MODE) { - - $feed_url = db_escape_string(trim($_GET["feed_url"])); - $cat_id = db_escape_string($_GET["cat_id"]); - - if (subscribe_to_feed($link, $feed_url, $cat_id)) { - print "Added feed."; - } else { - print "<div class=\"warning\"> - Feed <b>$feed_url</b> already exists in the database. - </div>"; - } - } - } - - if ($subop == "addCat") { - - if (!WEB_DEMO_MODE) { - - $feed_cat = db_escape_string(trim($_GET["cat"])); - - $result = db_query($link, - "SELECT id FROM ttrss_feed_categories - WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]); - - if (db_num_rows($result) == 0) { - - $result = db_query($link, - "INSERT INTO ttrss_feed_categories (owner_uid,title) - VALUES ('".$_SESSION["uid"]."', '$feed_cat')"); - - } else { - - print "<div class=\"warning\"> - Category <b>$feed_cat</b> already exists in the database. - </div>"; - } - - - } - } - - if ($subop == "removeCats") { - - if (!WEB_DEMO_MODE) { - - $ids = split(",", db_escape_string($_GET["ids"])); - - foreach ($ids as $id) { - - db_query($link, "BEGIN"); - - $result = db_query($link, - "SELECT count(id) as num_feeds FROM ttrss_feeds - WHERE cat_id = '$id'"); - - $num_feeds = db_fetch_result($result, 0, "num_feeds"); - - if ($num_feeds == 0) { - db_query($link, "DELETE FROM ttrss_feed_categories - WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); - } else { - - print "<div class=\"warning\"> - Unable to delete non empty feed categories.</div>"; - - } - - db_query($link, "COMMIT"); - } - } - } - - if ($subop == "categorize") { - - if (!WEB_DEMO_MODE) { - - $ids = split(",", db_escape_string($_GET["ids"])); - - $cat_id = db_escape_string($_GET["cat_id"]); - - if ($cat_id == 0) { - $cat_id_qpart = 'NULL'; - } else { - $cat_id_qpart = "'$cat_id'"; - } - - db_query($link, "BEGIN"); - - foreach ($ids as $id) { - - db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart - WHERE id = '$id' AND parent_feed IS NULL - AND owner_uid = " . $_SESSION["uid"]); - - # update linked feed categories - db_query($link, "UPDATE ttrss_feeds SET - cat_id = $cat_id_qpart WHERE parent_feed = '$id' AND - owner_uid = " . $_SESSION["uid"]); - - } - - db_query($link, "COMMIT"); - } - - } - - if ($quiet) return; - -// print "<h3>Edit Feeds</h3>"; - - $result = db_query($link, "SELECT id,title,feed_url,last_error - FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]); - - if (db_num_rows($result) > 0) { - - print "<div class=\"warning\">"; - -// print"<img class=\"closeButton\" -// onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">"; - - print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\"> - <b>Some feeds have update errors (click for details)</b></a>"; - - print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">"; - - while ($line = db_fetch_assoc($result)) { - print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " . - $line["last_error"]; - } - - print "</ul>"; - print "</div>"; - - } - - $feed_search = db_escape_string($_GET["search"]); - - if (array_key_exists("search", $_GET)) { - $_SESSION["prefs_feed_search"] = $feed_search; - } else { - $feed_search = $_SESSION["prefs_feed_search"]; - } - - print "<div class=\"feedEditSearch\"> - <input id=\"feed_search\" size=\"20\" - onchange=\"javascript:updateFeedList()\" value=\"$feed_search\"> - <input type=\"submit\" class=\"button\" - onclick=\"javascript:updateFeedList()\" value=\"Search\"> - </div>"; - - print "<div class=\"prefGenericAddBox\"> - <input id=\"fadd_link\" - onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\" - size=\"40\"> - <input type=\"submit\" class=\"button\" - disabled=\"true\" id=\"fadd_submit_btn\" - onclick=\"addFeed()\" value=\"Subscribe\">"; - - if (ENABLE_FEED_BROWSER && !SINGLE_USER_MODE) { - print " <input type=\"submit\" class=\"button\" - onclick=\"javascript:browseFeeds()\" value=\"Top 25\">"; - } - - print "</div>"; - - $feeds_sort = db_escape_string($_GET["sort"]); - - if (!$feeds_sort || $feeds_sort == "undefined") { - $feeds_sort = $_SESSION["pref_sort_feeds"]; - if (!$feeds_sort) $feeds_sort = "title"; - } - - $_SESSION["pref_sort_feeds"] = $feeds_sort; - - if ($feed_search) { - $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR - UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND"; - } else { - $search_qpart = ""; - } - - if (get_pref($link, 'ENABLE_FEED_CATS')) { - $order_by_qpart = "category,$feeds_sort,title"; - } else { - $order_by_qpart = "$feeds_sort,title"; - } - - $result = db_query($link, "SELECT - F1.id, - F1.title, - F1.feed_url, - substring(F1.last_updated,1,16) AS last_updated, - F1.parent_feed, - F1.update_interval, - F1.purge_interval, - F1.cat_id, - F2.title AS parent_title, - C1.title AS category, - F1.hidden, - F1.include_in_digest, - (SELECT SUBSTRING(MAX(updated),1,16) FROM ttrss_user_entries, - ttrss_entries WHERE ref_id = ttrss_entries.id - AND feed_id = F1.id) AS last_article - FROM - ttrss_feeds AS F1 - LEFT JOIN ttrss_feeds AS F2 - ON (F1.parent_feed = F2.id) - LEFT JOIN ttrss_feed_categories AS C1 - ON (F1.cat_id = C1.id) - WHERE - $search_qpart F1.owner_uid = '".$_SESSION["uid"]."' - ORDER by $order_by_qpart"); - - if (db_num_rows($result) != 0) { - -// print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>"; - - print "<p><table width=\"100%\" cellspacing=\"0\" - class=\"prefFeedList\" id=\"prefFeedList\">"; - print "<tr><td class=\"selectPrompt\" colspan=\"8\"> - Select: - <a href=\"javascript:selectPrefRows('feed', true)\">All</a>, - <a href=\"javascript:selectPrefRows('feed', false)\">None</a> - </td</tr>"; - - if (!get_pref($link, 'ENABLE_FEED_CATS')) { - print "<tr class=\"title\"> - <td width='5%' align='center'> </td>"; - - if (get_pref($link, 'ENABLE_FEED_ICONS')) { - print "<td width='3%'> </td>"; - } - - print " - <td width='35%'><a href=\"javascript:updateFeedList('title')\">Title</a></td> - <td width='35%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td> - <td width='15%'><a href=\"javascript:updateFeedList('last_article')\">Last Article</a></td> - <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>"; - } - - $lnum = 0; - - $cur_cat_id = -1; - - while ($line = db_fetch_assoc($result)) { - - $feed_id = $line["id"]; - $cat_id = $line["cat_id"]; - - $edit_title = htmlspecialchars(db_unescape_string($line["title"])); - $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"])); - $edit_cat = htmlspecialchars(db_unescape_string($line["category"])); - - $hidden = sql_bool_to_bool($line["hidden"]); - - if (!$edit_cat) $edit_cat = "Uncategorized"; - - $last_updated = $line["last_updated"]; - - if (get_pref($link, 'HEADLINES_SMART_DATE')) { - $last_updated = smart_date_time(strtotime($last_updated)); - } else { - $short_date = get_pref($link, 'SHORT_DATE_FORMAT'); - $last_updated = date($short_date, strtotime($last_updated)); - } - - $last_article = $line["last_article"]; - - if (get_pref($link, 'HEADLINES_SMART_DATE')) { - $last_article = smart_date_time(strtotime($last_article)); - } else { - $short_date = get_pref($link, 'SHORT_DATE_FORMAT'); - $last_article = date($short_date, strtotime($last_article)); - } - - if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) { - $lnum = 0; - - print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>"; - - print "<tr class=\"title\"> - <td width='5%'> </td>"; - - if (get_pref($link, 'ENABLE_FEED_ICONS')) { - print "<td width='3%'> </td>"; - } - - print "<td width='35%'><a href=\"javascript:updateFeedList('title')\">Title</a></td> - <td width='35%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td> - <td width='15%'><a href=\"javascript:updateFeedList('last_article')\">Last Article</a></td> - <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>"; - - $cur_cat_id = $cat_id; - } - - $class = ($lnum % 2) ? "even" : "odd"; - $this_row_id = "id=\"FEEDR-$feed_id\""; - - print "<tr class=\"$class\" $this_row_id>"; - - $icon_file = ICONS_DIR . "/$feed_id.ico"; - - if (file_exists($icon_file) && filesize($icon_file) > 0) { - $feed_icon = "<img class=\"tinyFeedIcon\" src=\"" . ICONS_URL . "/$feed_id.ico\">"; - } else { - $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">"; - } - - print "<td class='feedSelect'><input onclick='toggleSelectPrefRow(this, \"feed\");' - type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>"; - - if (get_pref($link, 'ENABLE_FEED_ICONS')) { - print "<td class='feedIcon'>$feed_icon</td>"; - } - - $edit_title = truncate_string($edit_title, 40); - $edit_link = truncate_string($edit_link, 60); - - if ($hidden) { - $edit_title = "<span class=\"insensitive\">$edit_title (Hidden)</span>"; - $edit_link = "<span class=\"insensitive\">$edit_link</span>"; - $last_updated = "<span class=\"insensitive\">$last_updated</span>"; - $last_article = "<span class=\"insensitive\">$last_article</span>"; - } - - $parent_title = $line["parent_title"]; - if ($parent_title) { - $parent_title = "<span class='groupPrompt'>(linked to - $parent_title)</span>"; - } - - print "<td><a href=\"javascript:editFeed($feed_id);\">" . - "$edit_title $parent_title" . "</a></td>"; - - print "<td><a href=\"javascript:editFeed($feed_id);\">" . - $edit_link . "</a></td>"; - - print "<td><a href=\"javascript:editFeed($feed_id);\">" . - "$last_article</a></td>"; - - print "<td align='right'><a href=\"javascript:editFeed($feed_id);\">" . - "$last_updated</a></td>"; - - print "</tr>"; - - ++$lnum; - } - - print "</table>"; - - print "<p><span id=\"feedOpToolbar\">"; - - if ($subop == "edit") { - print "Edit feed: - <input type=\"submit\" class=\"button\" - onclick=\"javascript:feedEditCancel()\" value=\"Cancel\"> - <input type=\"submit\" class=\"button\" - onclick=\"javascript:feedEditSave()\" value=\"Save\">"; - } else { - - print " - Selection: - <input type=\"submit\" class=\"button\" disabled=\"true\" - onclick=\"javascript:editSelectedFeed()\" value=\"Edit\"> - <input type=\"submit\" class=\"button\" disabled=\"true\" - onclick=\"javascript:removeSelectedFeeds()\" value=\"Unsubscribe\">"; - - if (get_pref($link, 'ENABLE_FEED_CATS')) { - - print " | "; - - print_feed_cat_select($link, "sfeed_set_fcat", "", "disabled"); - - print " <input type=\"submit\" class=\"button\" disabled=\"true\" - onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Recategorize\">"; - - } - - print "</span> - All feeds: <input type=\"submit\" - class=\"button\" onclick=\"gotoExportOpml()\" - value=\"Export OPML\">"; - } - } else { - - print "<p>No feeds defined.</p>"; - - } - - if (get_pref($link, 'ENABLE_FEED_CATS')) { - - print "<h3>Edit Categories</h3>"; - - print "<div class=\"prefGenericAddBox\"> - <input id=\"fadd_cat\" - onkeyup=\"toggleSubmitNotEmpty(this, 'catadd_submit_btn')\" - size=\"40\"> - <input - type=\"submit\" class=\"button\" disabled=\"true\" id=\"catadd_submit_btn\" - onclick=\"javascript:addFeedCat()\" value=\"Create category\"></div>"; - - $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories - WHERE owner_uid = ".$_SESSION["uid"]." - ORDER BY title"); - - if (db_num_rows($result) != 0) { - - print "<form id=\"feed_cat_edit_form\">"; - - print "<p><table width=\"100%\" class=\"prefFeedCatList\" - cellspacing=\"0\" id=\"prefFeedCatList\">"; - - print "<tr><td class=\"selectPrompt\" colspan=\"8\"> - Select: - <a href=\"javascript:selectPrefRows('fcat', true)\">All</a>, - <a href=\"javascript:selectPrefRows('fcat', false)\">None</a> - </td</tr>"; - - print "<tr class=\"title\"> - <td width=\"5%\"> </td><td width=\"80%\">Title</td> - </tr>"; - - $lnum = 0; - - while ($line = db_fetch_assoc($result)) { - - $class = ($lnum % 2) ? "even" : "odd"; - - $cat_id = $line["id"]; - - $edit_cat_id = $_GET["id"]; - - if ($subop == "editCat" && $cat_id != $edit_cat_id) { - $class .= "Grayed"; - $this_row_id = ""; - } else { - $this_row_id = "id=\"FCATR-$cat_id\""; - } - - print "<tr class=\"$class\" $this_row_id>"; - - $edit_title = htmlspecialchars(db_unescape_string($line["title"])); - - if (!$edit_cat_id || $subop != "editCat") { - - print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"fcat\");' - type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>"; - - print "<td><a href=\"javascript:editFeedCat($cat_id);\">" . - $edit_title . "</a></td>"; - - } else if ($cat_id != $edit_cat_id) { - - print "<td align='center'><input disabled=\"true\" type=\"checkbox\" - id=\"FRCHK-".$line["id"]."\"></td>"; - - print "<td>$edit_title</td>"; - - } else { - - print "<td align='center'><input disabled=\"true\" type=\"checkbox\" checked>"; - - print "<input type=\"hidden\" name=\"id\" value=\"$cat_id\">"; - print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">"; - print "<input type=\"hidden\" name=\"subop\" value=\"saveCat\">"; - - print "</td>"; - - print "<td><input onkeypress=\"return filterCR(event)\" - name=\"title\" class=\"iedit\" value=\"$edit_title\"></td>"; - - } - - print "</tr>"; - - ++$lnum; - } - - print "</table>"; - - print "</form>"; - - print "<p id=\"catOpToolbar\">"; - - if ($subop == "editCat") { - print "Edit category: - <input type=\"submit\" class=\"button\" - onclick=\"return feedCatEditSave()\" value=\"Save\"> - <input type=\"submit\" class=\"button\" - onclick=\"return feedCatEditCancel()\" value=\"Cancel\">"; - } else { - - print " - Selection: - <input type=\"submit\" class=\"button\" disabled=\"true\" - onclick=\"return editSelectedFeedCat()\" value=\"Edit\"> - <input type=\"submit\" class=\"button\" disabled=\"true\" - onclick=\"return removeSelectedFeedCats()\" value=\"Remove\">"; - - } - - } else { - print "<p>No feed categories defined.</p>"; - } - } - - print "<h3>Import OPML</h3> - <form enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\"> - File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\"> - <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\" - type=\"submit\" value=\"Import\"> - </form>"; - + module_pref_feeds($link); } if ($op == "pref-filters") { - - $subop = $_GET["subop"]; - $quiet = $_GET["quiet"]; - - if ($subop == "edit") { - - $filter_id = db_escape_string($_GET["id"]); - - $result = db_query($link, - "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); - - $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp"))); - $filter_type = db_fetch_result($result, 0, "filter_type"); - $feed_id = db_fetch_result($result, 0, "feed_id"); - $action_id = db_fetch_result($result, 0, "action_id"); - - $enabled = sql_bool_to_bool(db_fetch_result($result, 0, "enabled")); - - print "<div id=\"infoBoxTitle\">Filter editor</div>"; - print "<div class=\"infoBoxContents\">"; - - print "<form id=\"filter_edit_form\">"; - - print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">"; - print "<input type=\"hidden\" name=\"id\" value=\"$filter_id\">"; - print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">"; - -// print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>"; - - $result = db_query($link, "SELECT id,description - FROM ttrss_filter_types ORDER BY description"); - - $filter_types = array(); - - while ($line = db_fetch_assoc($result)) { - //array_push($filter_types, $line["description"]); - $filter_types[$line["id"]] = $line["description"]; - } - - print "<table width='100%'>"; - - print "<tr><td>Match:</td> - <td><input onkeypress=\"return filterCR(event, filterEditSave)\" - onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\" - name=\"reg_exp\" class=\"iedit\" value=\"$reg_exp\">"; - - print "</td><td>"; - - print_select_hash("filter_type", $filter_type, $filter_types, "class=\"iedit\""); - - print "</td></tr>"; - print "<tr><td>Feed:</td><td colspan='2'>"; - - print_feed_select($link, "feed_id", $feed_id); - - print "</td></tr>"; - - print "<tr><td>Action:</td>"; - - print "<td colspan='2'><select name=\"action_id\">"; - - $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions - ORDER BY name"); - - while ($line = db_fetch_assoc($result)) { - $is_sel = ($line["id"] == $action_id) ? "selected" : ""; - printf("<option value='%d' $is_sel>%s</option>", $line["id"], $line["description"]); - } - - print "</select>"; - - print "</td></tr>"; - - if ($enabled) { - $checked = "checked"; - } else { - $checked = ""; - } - - print "<tr><td>Options:</td><td> - <input type=\"checkbox\" name=\"enabled\" id=\"enabled\" $checked> - <label for=\"enabled\">Enabled</label>"; - - print "</td></tr></table>"; - - print "</form>"; - - print "<div align='right'>"; - - print "<input type=\"submit\" - id=\"infobox_submit\" - class=\"button\" onclick=\"return filterEditSave()\" - value=\"Save\"> "; - - print "<input class=\"button\" - type=\"submit\" onclick=\"return filterEditCancel()\" - value=\"Cancel\">"; - - print "</div>"; - - return; - } - - - if ($subop == "editSave") { - - $reg_exp = db_escape_string(trim($_GET["reg_exp"])); - $filter_type = db_escape_string(trim($_GET["filter_type"])); - $filter_id = db_escape_string($_GET["id"]); - $feed_id = db_escape_string($_GET["feed_id"]); - $action_id = db_escape_string($_GET["action_id"]); - $enabled = checkbox_to_sql_bool(db_escape_string($_GET["enabled"])); - - if (!$feed_id) { - $feed_id = 'NULL'; - } else { - $feed_id = sprintf("'%s'", db_escape_string($feed_id)); - } - - $result = db_query($link, "UPDATE ttrss_filters SET - reg_exp = '$reg_exp', - feed_id = $feed_id, - action_id = '$action_id', - filter_type = '$filter_type', - enabled = $enabled - WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); - } - - if ($subop == "remove") { - - if (!WEB_DEMO_MODE) { - - $ids = split(",", db_escape_string($_GET["ids"])); - - foreach ($ids as $id) { - db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); - - } - } - } - - if ($subop == "add") { - - if (!WEB_DEMO_MODE) { - - $regexp = db_escape_string(trim($_GET["reg_exp"])); - $filter_type = db_escape_string(trim($_GET["filter_type"])); - $feed_id = db_escape_string($_GET["feed_id"]); - $action_id = db_escape_string($_GET["action_id"]); - - if (!$regexp) return; - - if (!$feed_id) { - $feed_id = 'NULL'; - } else { - $feed_id = sprintf("'%s'", db_escape_string($feed_id)); - } - - $result = db_query($link, - "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id, - action_id) - VALUES - ('$regexp', '$filter_type','".$_SESSION["uid"]."', - $feed_id, '$action_id')"); - } - } - - if ($quiet) return; - - $sort = db_escape_string($_GET["sort"]); - - if (!$sort || $sort == "undefined") { - $sort = "reg_exp"; - } - -// print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>"; - - $result = db_query($link, "SELECT id,description - FROM ttrss_filter_types ORDER BY description"); - - $filter_types = array(); - - while ($line = db_fetch_assoc($result)) { - //array_push($filter_types, $line["description"]); - $filter_types[$line["id"]] = $line["description"]; - } - - print "<input type=\"submit\" - class=\"button\" - onclick=\"return displayDlg('quickAddFilter', false)\" - id=\"create_filter_btn\" - value=\"Create filter\">"; - - $result = db_query($link, "SELECT - ttrss_filters.id AS id,reg_exp, - ttrss_filter_types.name AS filter_type_name, - ttrss_filter_types.description AS filter_type_descr, - enabled, - feed_id, - ttrss_filter_actions.description AS action_description, - ttrss_feeds.title AS feed_title - FROM - ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN - ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id) - WHERE - filter_type = ttrss_filter_types.id AND - ttrss_filter_actions.id = action_id AND - ttrss_filters.owner_uid = ".$_SESSION["uid"]." - ORDER by $sort"); - - if (db_num_rows($result) != 0) { - - print "<form id=\"filter_edit_form\">"; - - print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\" - id=\"prefFilterList\">"; - - print "<tr><td class=\"selectPrompt\" colspan=\"8\"> - Select: - <a href=\"javascript:selectPrefRows('filter', true)\">All</a>, - <a href=\"javascript:selectPrefRows('filter', false)\">None</a> - </td</tr>"; - - print "<tr class=\"title\"> - <td align='center' width=\"5%\"> </td> - <td width=\"20%\"><a href=\"javascript:updateFilterList('reg_exp')\">Filter expression</a></td> - <td width=\"20%\"><a href=\"javascript:updateFilterList('feed_title')\">Feed</a></td> - <td width=\"15%\"><a href=\"javascript:updateFilterList('filter_type')\">Match</a></td> - <td width=\"15%\"><a href=\"javascript:updateFilterList('action_description')\">Action</a></td>"; - - $lnum = 0; - - while ($line = db_fetch_assoc($result)) { - - $class = ($lnum % 2) ? "even" : "odd"; - - $filter_id = $line["id"]; - $edit_filter_id = $_GET["id"]; - - $enabled = sql_bool_to_bool($line["enabled"]); - - if ($subop == "edit" && $filter_id != $edit_filter_id) { - $class .= "Grayed"; - $this_row_id = ""; - } else { - $this_row_id = "id=\"FILRR-$filter_id\""; - } - - print "<tr class=\"$class\" $this_row_id>"; - - $line["reg_exp"] = htmlspecialchars(db_unescape_string($line["reg_exp"])); - - if (!$line["feed_title"]) $line["feed_title"] = "All feeds"; - - $line["feed_title"] = htmlspecialchars(db_unescape_string($line["feed_title"])); - - print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"filter\");' - type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>"; - - if (!$enabled) { - $line["reg_exp"] = "<span class=\"insensitive\">" . - $line["reg_exp"] . " (Disabled)</span>"; - $line["feed_title"] = "<span class=\"insensitive\">" . - $line["feed_title"] . "</span>"; - $line["filter_type_descr"] = "<span class=\"insensitive\">" . - $line["filter_type_descr"] . "</span>"; - $line["action_description"] = "<span class=\"insensitive\">" . - $line["action_description"] . "</span>"; - } - - print "<td><a href=\"javascript:editFilter($filter_id);\">" . - $line["reg_exp"] . "</td>"; - - print "<td><a href=\"javascript:editFilter($filter_id);\">" . - $line["feed_title"] . "</td>"; - - print "<td><a href=\"javascript:editFilter($filter_id);\">" . - $line["filter_type_descr"] . "</td>"; - - print "<td><a href=\"javascript:editFilter($filter_id);\">" . - $line["action_description"] . "</td>"; - - print "</tr>"; - - ++$lnum; - } - - if ($lnum == 0) { - print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>"; - } - - print "</table>"; - - print "</form>"; - - print "<p id=\"filterOpToolbar\">"; - - print " - Selection: - <input type=\"submit\" class=\"button\" disabled=\"true\" - onclick=\"return editSelectedFilter()\" value=\"Edit\"> - <input type=\"submit\" class=\"button\" disabled=\"true\" - onclick=\"return removeSelectedFilters()\" value=\"Remove\">"; - - print "</p>"; - - } else { - - print "<p>No filters defined.</p>"; - - } + module_pref_filters($link); } - // We need to accept raw SQL data in label queries, so not everything is escaped - // here, this is by design. If you don't like the whole idea, disable labels - // altogether with GLOBAL_ENABLE_LABELS = false - if ($op == "pref-labels") { - - if (!GLOBAL_ENABLE_LABELS) { - - print "<p>Sorry, labels have been administratively disabled for this installation. Please contact instance owner or edit configuration file to enable this functionality.</p>"; - return; - } - - $subop = $_GET["subop"]; - - if ($subop == "edit") { - - $label_id = db_escape_string($_GET["id"]); - - $result = db_query($link, "SELECT sql_exp,description FROM ttrss_labels WHERE - owner_uid = ".$_SESSION["uid"]." AND id = '$label_id' ORDER by description"); - - $line = db_fetch_assoc($result); - - $sql_exp = htmlspecialchars(db_unescape_string($line["sql_exp"])); - $description = htmlspecialchars(db_unescape_string($line["description"])); - - print "<div id=\"infoBoxTitle\">Label editor</div>"; - print "<div class=\"infoBoxContents\">"; - - print "<form id=\"label_edit_form\">"; - - print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">"; - print "<input type=\"hidden\" name=\"id\" value=\"$label_id\">"; - print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">"; - - print "<table width='100%'>"; - - print "<tr><td>Caption:</td> - <td><input onkeypress=\"return filterCR(event, labelEditSave)\" - onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\" - name=\"description\" class=\"iedit\" value=\"$description\">"; - - print "</td></tr>"; - - print "<tr><td colspan=\"2\"> - <p>SQL Expression:</p>"; - - print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\" - rows=\"4\" name=\"sql_exp\" class=\"iedit\">$sql_exp</textarea>"; - - print "</td></tr></table>"; - - print "</form>"; - - print "<div style=\"display : none\" id=\"label_test_result\"></div>"; - - print "<div align='right'>"; - - $is_disabled = (strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') !== FALSE) ? "disabled" : ""; - - print "<input $is_disabled type=\"submit\" onclick=\"return labelTest()\" value=\"Test\"> - "; - - print "<input type=\"submit\" - id=\"infobox_submit\" - class=\"button\" onclick=\"return labelEditSave()\" - value=\"Save\"> "; - - print "<input class=\"button\" - type=\"submit\" onclick=\"return labelEditCancel()\" - value=\"Cancel\">"; - - print "</div>"; - - return; - } - - if ($subop == "test") { - - $expr = db_unescape_string(trim($_GET["expr"])); - $descr = db_unescape_string(trim($_GET["descr"])); - - print "<div>"; - - error_reporting(0); - - - $result = db_query($link, - "SELECT count(ttrss_entries.id) AS num_matches - FROM ttrss_entries,ttrss_user_entries,ttrss_feeds - WHERE ($expr) AND - ttrss_user_entries.ref_id = ttrss_entries.id AND - ttrss_user_entries.feed_id = ttrss_feeds.id AND - ttrss_user_entries.owner_uid = " . $_SESSION["uid"], false); - - error_reporting (DEFAULT_ERROR_LEVEL); - - if (!$result) { - print "<p>" . db_last_error($link) . "</p>"; - print "</div>"; - return; - } - - $num_matches = db_fetch_result($result, 0, "num_matches");; - - if ($num_matches > 0) { - - if ($num_matches > 10) { - $showing_msg = ", showing first 10"; - } - - print "<p>Query returned <b>$num_matches</b> matches$showing_msg:</p>"; - - $result = db_query($link, - "SELECT ttrss_entries.title, - (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title - FROM ttrss_entries,ttrss_user_entries,ttrss_feeds - WHERE ($expr) AND - ttrss_user_entries.ref_id = ttrss_entries.id - AND ttrss_user_entries.feed_id = ttrss_feeds.id - AND ttrss_user_entries.owner_uid = " . $_SESSION["uid"] . " - ORDER BY date_entered DESC LIMIT 10", false); - - print "<ul class=\"labelTestResults\">"; - - $row_class = "even"; - - while ($line = db_fetch_assoc($result)) { - $row_class = toggleEvenOdd($row_class); - - print "<li class=\"$row_class\">".$line["title"]. - " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>"; - } - print "</ul>"; - - } else { - print "<p>Query didn't return any matches.</p>"; - } - - print "</div>"; - - return; - } - - if ($subop == "editSave") { - - $sql_exp = trim($_GET["sql_exp"]); - $descr = db_escape_string(trim($_GET["description"])); - $label_id = db_escape_string($_GET["id"]); - - $result = db_query($link, "UPDATE ttrss_labels SET - sql_exp = '$sql_exp', - description = '$descr' - WHERE id = '$label_id'"); - } - - if ($subop == "remove") { - - if (!WEB_DEMO_MODE) { - - $ids = split(",", db_escape_string($_GET["ids"])); - - foreach ($ids as $id) { - db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'"); - - } - } - } - - if ($subop == "add") { - - if (!WEB_DEMO_MODE) { - - // no escaping is done here on purpose - $sql_exp = trim($_GET["sql_exp"]); - $description = db_escape_string($_GET["description"]); - - if (!$sql_exp || !$description) return; - - $result = db_query($link, - "INSERT INTO ttrss_labels (sql_exp,description,owner_uid) - VALUES ('$sql_exp', '$description', '".$_SESSION["uid"]."')"); - } - } - - $sort = db_escape_string($_GET["sort"]); - - if (!$sort || $sort == "undefined") { - $sort = "description"; - } - - print "<div class=\"prefGenericAddBox\">"; - - print"<input type=\"submit\" class=\"button\" - id=\"label_create_btn\" - onclick=\"return displayDlg('quickAddLabel', false)\" - value=\"Create label\"></div>"; - - $result = db_query($link, "SELECT - id,sql_exp,description - FROM - ttrss_labels - WHERE - owner_uid = ".$_SESSION["uid"]." - ORDER BY $sort"); - -// print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>"; - - if (db_num_rows($result) != 0) { - - print "<form id=\"label_edit_form\">"; - - print "<p><table width=\"100%\" cellspacing=\"0\" - class=\"prefLabelList\" id=\"prefLabelList\">"; - - print "<tr><td class=\"selectPrompt\" colspan=\"8\"> - Select: - <a href=\"javascript:selectPrefRows('label', true)\">All</a>, - <a href=\"javascript:selectPrefRows('label', false)\">None</a> - </td</tr>"; - - print "<tr class=\"title\"> - <td width=\"5%\"> </td> - <td width=\"30%\"><a href=\"javascript:updateLabelList('description')\">Caption</a></td> - <td width=\"50%\"><a href=\"javascript:updateLabelList('sql_exp')\">SQL Expression</a> - <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a> - </td> - </tr>"; - - $lnum = 0; - - while ($line = db_fetch_assoc($result)) { - - $class = ($lnum % 2) ? "even" : "odd"; - - $label_id = $line["id"]; - $edit_label_id = $_GET["id"]; - - if ($subop == "edit" && $label_id != $edit_label_id) { - $class .= "Grayed"; - $this_row_id = ""; - } else { - $this_row_id = "id=\"LILRR-$label_id\""; - } - - print "<tr class=\"$class\" $this_row_id>"; - - $line["sql_exp"] = htmlspecialchars(db_unescape_string($line["sql_exp"])); - $line["description"] = htmlspecialchars( - db_unescape_string($line["description"])); - - if (!$line["description"]) $line["description"] = "[No caption]"; - - print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"label\");' - type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>"; - - print "<td><a href=\"javascript:editLabel($label_id);\">" . - $line["description"] . "</td>"; - - print "<td><a href=\"javascript:editLabel($label_id);\">" . - $line["sql_exp"] . "</td>"; - - print "</tr>"; - - ++$lnum; - } - - if ($lnum == 0) { - print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>"; - } - - print "</table>"; - - print "</form>"; - - print "<p id=\"labelOpToolbar\">"; - - print " - Selection: - <input type=\"submit\" class=\"button\" disabled=\"true\" - onclick=\"javascript:editSelectedLabel()\" value=\"Edit\"> - <input type=\"submit\" class=\"button\" disabled=\"true\" - onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">"; - - } else { - print "<p>No labels defined.</p>"; - } + module_pref_labels($link); } if ($op == "error") { @@ -2137,283 +587,11 @@ } if ($op == "help") { - if (!$_GET["noheaders"]) { - print "<html><head> - <title>Tiny Tiny RSS : Help</title> - <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\"> - <script type=\"text/javascript\" src=\"prototype.js\"></script> - <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script> - <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"> - </head><body>"; - } - - $tid = sprintf("%d", $_GET["tid"]); - - print "<div id=\"infoBoxTitle\">Help</div>"; - - print "<div class='infoBoxContents'>"; - - if (file_exists("help/$tid.php")) { - include("help/$tid.php"); - } else { - print "<p>Help topic not found.</p>"; - } - - print "</div>"; - - print "<div align='center'> - <input type='submit' class='button' - onclick=\"closeInfoBox()\" value=\"Close this window\"></div>"; - - if (!$_GET["noheaders"]) { - print "</body></html>"; - } - + module_help($link); } if ($op == "dlg") { - $id = $_GET["id"]; - $param = $_GET["param"]; - - if ($id == "quickAddFeed") { - - print "<div id=\"infoBoxTitle\">Subscribe to feed</div>"; - print "<div class=\"infoBoxContents\">"; - - print "<form id='feed_add_form'>"; - - print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">"; - print "<input type=\"hidden\" name=\"quiet\" value=\"1\">"; - print "<input type=\"hidden\" name=\"subop\" value=\"add\">"; - - print "<table width='100%'> - <tr><td>Feed URL:</td><td> - <input class=\"iedit\" onblur=\"javascript:enableHotkeys()\" - onkeypress=\"return filterCR(event, qafAdd)\" - onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\" - onfocus=\"javascript:disableHotkeys()\" name=\"feed_url\"></td></tr>"; - - if (get_pref($link, 'ENABLE_FEED_CATS')) { - print "<tr><td>Category:</td><td>"; - print_feed_cat_select($link, "cat_id"); - print "</td></tr>"; - } - - print "</table>"; - print "</form>"; - - print "<div align='right'> - <input class=\"button\" - id=\"fadd_submit_btn\" disabled=\"true\" - type=\"submit\" onclick=\"return qafAdd()\" value=\"Subscribe\"> - <input class=\"button\" - type=\"submit\" onclick=\"return closeInfoBox()\" - value=\"Cancel\"></div>"; - } - - if ($id == "search") { - - print "<div id=\"infoBoxTitle\">Search</div>"; - print "<div class=\"infoBoxContents\">"; - - print "<form id='search_form'>"; - - #$active_feed_id = db_escape_string($_GET["param"]); - - $params = split(":", db_escape_string($_GET["param"])); - - $active_feed_id = sprintf("%d", $params[0]); - $is_cat = $params[1] == "true"; - - print "<table width='100%'><tr><td>Search:</td><td>"; - - print "<input name=\"query\" class=\"iedit\" - onkeypress=\"return filterCR(event, search)\" - onkeyup=\"toggleSubmitNotEmpty(this, 'search_submit_btn')\" - value=\"\"> - </td></tr>"; - - print "<tr><td>Where:</td><td>"; - - print "<select name=\"search_mode\"> - <option value=\"all_feeds\">All feeds</option>"; - - $feed_title = getFeedTitle($link, $active_feed_id); - - if (!$is_cat) { - $feed_cat_title = getFeedCatTitle($link, $active_feed_id); - } else { - $feed_cat_title = getCategoryTitle($link, $active_feed_id); - } - - if ($active_feed_id && !$is_cat) { - print "<option selected value=\"this_feed\">This feed ($feed_title)</option>"; - } else { - print "<option disabled>This feed</option>"; - } - - if ($is_cat) { - $cat_preselected = "selected"; - } - - if (get_pref($link, 'ENABLE_FEED_CATS') && ($active_feed_id > 0 || $is_cat)) { - print "<option $cat_preselected value=\"this_cat\">This category ($feed_cat_title)</option>"; - } else { - print "<option disabled>This category</option>"; - } - - print "</select></td></tr>"; - - print "<tr><td>Match on:</td><td>"; - - $search_fields = array( - "title" => "Title", - "content" => "Content", - "both" => "Title or content"); - - print_select_hash("match_on", 3, $search_fields); - - print "</td></tr></table>"; - - print "</form>"; - - print "<div align=\"right\"> - <input type=\"submit\" - class=\"button\" onclick=\"javascript:search()\" - id=\"search_submit_btn\" disabled=\"true\" - value=\"Search\"> - <input class=\"button\" - type=\"submit\" onclick=\"javascript:searchCancel()\" - value=\"Cancel\"></div>"; - - print "</div>"; - - } - - if ($id == "quickAddLabel") { - print "<div id=\"infoBoxTitle\">Create label</div>"; - print "<div class=\"infoBoxContents\">"; - - print "<form id=\"label_edit_form\">"; - - print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">"; - print "<input type=\"hidden\" name=\"subop\" value=\"add\">"; - - print "<table width='100%'>"; - - print "<tr><td>Caption:</td> - <td><input onkeypress=\"return filterCR(event, addLabel)\" - onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\" - name=\"description\" class=\"iedit\">"; - - print "</td></tr>"; - - print "<tr><td colspan=\"2\"> - <p>SQL Expression:</p>"; - - print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\" - rows=\"4\" name=\"sql_exp\" class=\"iedit\"></textarea>"; - - print "</td></tr></table>"; - - print "</form>"; - - print "<div style=\"display : none\" id=\"label_test_result\"></div>"; - - print "<div align='right'>"; - - print "<input type=\"submit\" onclick=\"labelTest()\" value=\"Test\"> - "; - - print "<input type=\"submit\" - id=\"infobox_submit\" - disabled=\"true\" - class=\"button\" onclick=\"return addLabel()\" - value=\"Create\"> "; - - print "<input class=\"button\" - type=\"submit\" onclick=\"return labelEditCancel()\" - value=\"Cancel\">"; - } - - if ($id == "quickAddFilter") { - - $active_feed_id = db_escape_string($_GET["param"]); - - print "<div id=\"infoBoxTitle\">Create filter</div>"; - print "<div class=\"infoBoxContents\">"; - - print "<form id=\"filter_add_form\">"; - - print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">"; - print "<input type=\"hidden\" name=\"quiet\" value=\"1\">"; - print "<input type=\"hidden\" name=\"subop\" value=\"add\">"; - -// print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>"; - - $result = db_query($link, "SELECT id,description - FROM ttrss_filter_types ORDER BY description"); - - $filter_types = array(); - - while ($line = db_fetch_assoc($result)) { - //array_push($filter_types, $line["description"]); - $filter_types[$line["id"]] = $line["description"]; - } - - print "<table width='100%'>"; - - print "<tr><td>Match:</td> - <td><input onkeypress=\"return filterCR(event, qaddFilter)\" - onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\" - name=\"reg_exp\" class=\"iedit\">"; - print "</td><td>"; - - print_select_hash("filter_type", 1, $filter_types, "class=\"iedit\""); - - print "</td></tr>"; - print "<tr><td>Feed:</td><td colspan='2'>"; - - print_feed_select($link, "feed_id", $active_feed_id); - - print "</td></tr>"; - - print "<tr><td>Action:</td>"; - - print "<td colspan='2'><select name=\"action_id\">"; - - $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions - ORDER BY name"); - - while ($line = db_fetch_assoc($result)) { - printf("<option value='%d'>%s</option>", $line["id"], $line["description"]); - } - - print "</select>"; - - print "</td></tr></table>"; - - print "</form>"; - - print "<div align='right'>"; - - print "<input type=\"submit\" - id=\"infobox_submit\" - class=\"button\" onclick=\"return qaddFilter()\" - disabled=\"true\" value=\"Create\"> "; - - print "<input class=\"button\" - type=\"submit\" onclick=\"return closeInfoBox()\" - value=\"Cancel\">"; - - print "</div>"; - -// print "</td></tr></table>"; - - } - - print "</div>"; - + module_popup_dialog($link); } // update feeds of all users, may be used anonymously @@ -2434,715 +612,11 @@ } if ($op == "pref-prefs") { - - $subop = $_REQUEST["subop"]; - - if ($subop == "Save configuration") { - - if (WEB_DEMO_MODE) { - header("Location: prefs.php"); - return; - } - - $_SESSION["prefs_op_result"] = "save-config"; - - $_SESSION["prefs_cache"] = false; - - foreach (array_keys($_POST) as $pref_name) { - - $pref_name = db_escape_string($pref_name); - $value = db_escape_string($_POST[$pref_name]); - - $result = db_query($link, "SELECT type_name - FROM ttrss_prefs,ttrss_prefs_types - WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id"); - - if (db_num_rows($result) > 0) { - - $type_name = db_fetch_result($result, 0, "type_name"); - -// print "$pref_name : $type_name : $value<br>"; - - if ($type_name == "bool") { - if ($value == "1") { - $value = "true"; - } else { - $value = "false"; - } - } else if ($type_name == "integer") { - $value = sprintf("%d", $value); - } - -// print "$pref_name : $type_name : $value<br>"; - - db_query($link, "UPDATE ttrss_user_prefs SET value = '$value' - WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]); - - } - - header("Location: prefs.php"); - - } - - } else if ($subop == "getHelp") { - - $pref_name = db_escape_string($_GET["pn"]); - - $result = db_query($link, "SELECT help_text FROM ttrss_prefs - WHERE pref_name = '$pref_name'"); - - if (db_num_rows($result) > 0) { - $help_text = db_fetch_result($result, 0, "help_text"); - print $help_text; - } else { - print "Unknown option: $pref_name"; - } - - } else if ($subop == "Change e-mail") { - - if (WEB_DEMO_MODE) { - header("Location: prefs.php"); - return; - } - - $email = db_escape_string($_GET["email"]); - $active_uid = $_SESSION["uid"]; - - if ($email) { - db_query($link, "UPDATE ttrss_users SET email = '$email' - WHERE id = '$active_uid'"); - } - - header("Location: prefs.php"); - - } else if ($subop == "Change password") { - - if (WEB_DEMO_MODE) { - header("Location: prefs.php"); - return; - } - - $old_pw = $_POST["OLD_PASSWORD"]; - $new_pw = $_POST["OLD_PASSWORD"]; - - $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]); - $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]); - - $active_uid = $_SESSION["uid"]; - - if ($old_pw && $new_pw) { - - $login = db_escape_string($_SERVER['PHP_AUTH_USER']); - - $result = db_query($link, "SELECT id FROM ttrss_users WHERE - id = '$active_uid' AND (pwd_hash = '$old_pw' OR - pwd_hash = '$old_pw_hash')"); - - if (db_num_rows($result) == 1) { - db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash' - WHERE id = '$active_uid'"); - - $_SESSION["pwd_change_result"] = "ok"; - } else { - $_SESSION["pwd_change_result"] = "failed"; - } - } - - header("Location: prefs.php"); - - } else if ($subop == "Reset to defaults") { - - if (WEB_DEMO_MODE) { - header("Location: prefs.php"); - return; - } - - $_SESSION["prefs_op_result"] = "reset-to-defaults"; - - if (DB_TYPE == "pgsql") { - db_query($link,"UPDATE ttrss_user_prefs - SET value = ttrss_prefs.def_value - WHERE owner_uid = '".$_SESSION["uid"]."' AND - ttrss_prefs.pref_name = ttrss_user_prefs.pref_name"); - } else { - db_query($link, "DELETE FROM ttrss_user_prefs - WHERE owner_uid = ".$_SESSION["uid"]); - initialize_user_prefs($link, $_SESSION["uid"]); - } - - header("Location: prefs.php"); - - } else if ($subop == "Change theme") { - - $theme = db_escape_string($_POST["theme"]); - - if ($theme == "Default") { - $theme_qpart = 'NULL'; - } else { - $theme_qpart = "'$theme'"; - } - - $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes - WHERE theme_name = '$theme'"); - - if (db_num_rows($result) == 1) { - $theme_id = db_fetch_result($result, 0, "id"); - $theme_path = db_fetch_result($result, 0, "theme_path"); - } else { - $theme_id = "NULL"; - $theme_path = ""; - } - - db_query($link, "UPDATE ttrss_users SET - theme_id = $theme_id WHERE id = " . $_SESSION["uid"]); - - $_SESSION["theme"] = $theme_path; - - header("Location: prefs.php"); - - } else { - - print check_for_update($link); - - if (!SINGLE_USER_MODE) { - - $result = db_query($link, "SELECT id,email FROM ttrss_users - WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR - pwd_hash = 'SHA1:".sha1("password")."')"); - - if (db_num_rows($result) != 0) { - print "<div class=\"warning\"> - Your password is at default value, please change it. - </div>"; - } - - if ($_SESSION["pwd_change_result"] == "failed") { - print "<div class=\"warning\"> - There was an error while changing your password. - </div>"; - } - - if ($_SESSION["pwd_change_result"] == "ok") { - print "<div class=\"notice\"> - Password changed successfully. - </div>"; - } - - $_SESSION["pwd_change_result"] = ""; - - if ($_SESSION["prefs_op_result"] == "reset-to-defaults") { - print "<div class=\"notice\"> - Your configuration was reset to defaults. - </div>"; - } - - if ($_SESSION["prefs_op_result"] == "save-config") { - print "<div class=\"notice\"> - Your configuration was saved successfully. - </div>"; - } - - $_SESSION["prefs_op_result"] = ""; - - print "<form action=\"backend.php\" method=\"GET\">"; - - print "<table width=\"100%\" class=\"prefPrefsList\">"; - print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>"; - - $result = db_query($link, "SELECT email FROM ttrss_users - WHERE id = ".$_SESSION["uid"]); - - $email = db_fetch_result($result, 0, "email"); - - print "<tr><td width=\"40%\">E-mail</td>"; - print "<td><input class=\"editbox\" name=\"email\" - value=\"$email\"></td></tr>"; - - print "</table>"; - - print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">"; - - print "<p><input class=\"button\" type=\"submit\" - value=\"Change e-mail\" name=\"subop\">"; - - print "</form>"; - - print "<form action=\"backend.php\" method=\"POST\" name=\"changePassForm\">"; - - print "<table width=\"100%\" class=\"prefPrefsList\">"; - print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>"; - - print "<tr><td width=\"40%\">Old password</td>"; - print "<td><input class=\"editbox\" type=\"password\" - name=\"OLD_PASSWORD\"></td></tr>"; - - print "<tr><td width=\"40%\">New password</td>"; - - print "<td><input class=\"editbox\" type=\"password\" - name=\"NEW_PASSWORD\"></td></tr>"; - - print "</table>"; - - print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">"; - - print "<p><input class=\"button\" type=\"submit\" - onclick=\"return validateNewPassword(this.form)\" - value=\"Change password\" name=\"subop\">"; - - print "</form>"; - - } - - $result = db_query($link, "SELECT - theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]); - - $user_theme_id = db_fetch_result($result, 0, "theme_id"); - - $result = db_query($link, "SELECT - id,theme_name FROM ttrss_themes ORDER BY theme_name"); - - if (db_num_rows($result) > 0) { - - print "<form action=\"backend.php\" method=\"POST\">"; - print "<table width=\"100%\" class=\"prefPrefsList\">"; - print "<tr><td colspan='3'><h3>Themes</h3></tr></td>"; - print "<tr><td width=\"40%\">Select theme</td>"; - print "<td><select name=\"theme\">"; - print "<option>Default</option>"; - print "<option disabled>--------</option>"; - - while ($line = db_fetch_assoc($result)) { - if ($line["id"] == $user_theme_id) { - $selected = "selected"; - } else { - $selected = ""; - } - print "<option $selected>" . $line["theme_name"] . "</option>"; - } - print "</select></td></tr>"; - print "</table>"; - print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">"; - print "<p><input class=\"button\" type=\"submit\" - value=\"Change theme\" name=\"subop\">"; - print "</form>"; - } - - initialize_user_prefs($link, $_SESSION["uid"]); - - $result = db_query($link, "SELECT - ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name, - section_name,def_value - FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs - WHERE type_id = ttrss_prefs_types.id AND - section_id = ttrss_prefs_sections.id AND - ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND - owner_uid = ".$_SESSION["uid"]." - ORDER BY section_id,short_desc"); - - print "<form action=\"backend.php\" method=\"POST\">"; - - $lnum = 0; - - $active_section = ""; - - while ($line = db_fetch_assoc($result)) { - - if ($active_section != $line["section_name"]) { - - if ($active_section != "") { - print "</table>"; - } - - print "<p><table width=\"100%\" class=\"prefPrefsList\">"; - - $active_section = $line["section_name"]; - - print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>"; -// print "<tr class=\"title\"> -// <td width=\"25%\">Option</td><td>Value</td></tr>"; - - $lnum = 0; - } - -// $class = ($lnum % 2) ? "even" : "odd"; - - print "<tr>"; - - $type_name = $line["type_name"]; - $pref_name = $line["pref_name"]; - $value = $line["value"]; - $def_value = $line["def_value"]; - $help_text = $line["help_text"]; - - print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"]; - - if ($help_text) print "<div class=\"prefHelp\">$help_text</div>"; - - print "</td>"; - - print "<td>"; - - if ($type_name == "bool") { -// print_select($pref_name, $value, array("true", "false")); - - if ($value == "true") { - $value = "Yes"; - } else { - $value = "No"; - } - - print_radio($pref_name, $value, array("Yes", "No")); - - } else { - print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">"; - } - - print "</td>"; - - print "</tr>"; - - $lnum++; - } - - print "</table>"; - - print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">"; - - print "<p><input class=\"button\" type=\"submit\" - name=\"subop\" value=\"Save configuration\">"; - - print " <input class=\"button\" type=\"submit\" - name=\"subop\" onclick=\"return validatePrefsReset()\" - value=\"Reset to defaults\"></p>"; - - print "</form>"; - - } - + module_pref_prefs($link); } if ($op == "pref-users") { - - $subop = $_GET["subop"]; - - if ($subop == "edit") { - - $id = db_escape_string($_GET["id"]); - - print "<div id=\"infoBoxTitle\">User editor</div>"; - - print "<div class=\"infoBoxContents\">"; - - print "<form id=\"user_edit_form\">"; - - print "<input type=\"hidden\" name=\"id\" value=\"$id\">"; - print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">"; - print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">"; - - $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'"); - - $login = db_fetch_result($result, 0, "login"); - $access_level = db_fetch_result($result, 0, "access_level"); - $email = db_fetch_result($result, 0, "email"); - - print "<table width='100%'>"; - print "<tr><td>Login:</td><td> - <input class=\"iedit\" onkeypress=\"return filterCR(event)\" - name=\"login\" value=\"$login\"></td></tr>"; - - print "<tr><td>Change password:</td><td> - <input class=\"iedit\" onkeypress=\"return filterCR(event)\" - name=\"password\"></td></tr>"; - - print "<tr><td>E-mail:</td><td> - <input class=\"iedit\" name=\"email\" onkeypress=\"return filterCR(event)\" - value=\"$email\"></td></tr>"; - - $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : ""; - - print "<tr><td>Access level:</td><td>"; - print_select_hash("access_level", $access_level, $access_level_names, - $sel_disabled); - print "</td></tr>"; - - print "</table>"; - - print "</form>"; - - print "<div align='right'> - <input class=\"button\" - type=\"submit\" onclick=\"return userEditSave()\" - value=\"Save\"> - <input class=\"button\" - type=\"submit\" onclick=\"return userEditCancel()\" - value=\"Cancel\"></div>"; - - print "</div>"; - - return; - } - - if ($subop == "editSave") { - - if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { - - $login = db_escape_string(trim($_GET["login"])); - $uid = db_escape_string($_GET["id"]); - $access_level = sprintf("%d", $_GET["access_level"]); - $email = db_escape_string(trim($_GET["email"])); - $password = db_escape_string(trim($_GET["password"])); - - if ($password) { - $pwd_hash = 'SHA1:' . sha1($password); - $pass_query_part = "pwd_hash = '$pwd_hash', "; - print "<div class='notice'>Changed password for user <b>$login</b>.</div>"; - } else { - $pass_query_part = ""; - } - - db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login', - access_level = '$access_level', email = '$email' WHERE id = '$uid'"); - - } - } else if ($subop == "remove") { - - if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { - - $ids = split(",", db_escape_string($_GET["ids"])); - - foreach ($ids as $id) { - db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]); - - } - } - } else if ($subop == "add") { - - if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { - - $login = db_escape_string(trim($_GET["login"])); - $tmp_user_pwd = make_password(8); - $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd); - - $result = db_query($link, "SELECT id FROM ttrss_users WHERE - login = '$login'"); - - if (db_num_rows($result) == 0) { - - db_query($link, "INSERT INTO ttrss_users - (login,pwd_hash,access_level,last_login) - VALUES ('$login', '$pwd_hash', 0, NOW())"); - - - $result = db_query($link, "SELECT id FROM ttrss_users WHERE - login = '$login' AND pwd_hash = '$pwd_hash'"); - - if (db_num_rows($result) == 1) { - - $new_uid = db_fetch_result($result, 0, "id"); - - print "<div class=\"notice\">Added user <b>".$_GET["login"]. - "</b> with password <b>$tmp_user_pwd</b>.</div>"; - - initialize_user($link, $new_uid); - - } else { - - print "<div class=\"warning\">Could not create user <b>". - $_GET["login"]."</b></div>"; - - } - } else { - print "<div class=\"warning\">User <b>". - $_GET["login"]."</b> already exists.</div>"; - } - } - } else if ($subop == "resetPass") { - - if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { - - $uid = db_escape_string($_GET["id"]); - - $result = db_query($link, "SELECT login,email - FROM ttrss_users WHERE id = '$uid'"); - - $login = db_fetch_result($result, 0, "login"); - $email = db_fetch_result($result, 0, "email"); - $tmp_user_pwd = make_password(8); - $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd); - - db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash' - WHERE id = '$uid'"); - - print "<div class=\"notice\">Changed password of - user <b>$login</b> to <b>$tmp_user_pwd</b>."; - - if (MAIL_RESET_PASS && $email) { - print " Notifying <b>$email</b>."; - - mail("$login <$email>", "Password reset notification", - "Hi, $login.\n". - "\n". - "Your password for this TT-RSS installation was reset by". - " an administrator.\n". - "\n". - "Your new password is $tmp_user_pwd, please remember". - " it for later reference.\n". - "\n". - "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM); - } - - print "</div>"; - - } - } - - $sort = db_escape_string($_GET["sort"]); - - if (!$sort || $sort == "undefined") { - $sort = "login"; - } - - print "<div class=\"prefGenericAddBox\"> - <input id=\"uadd_box\" - onkeyup=\"toggleSubmitNotEmpty(this, 'user_add_btn')\" - size=\"40\"> "; - - print "<input type=\"submit\" class=\"button\" - id=\"user_add_btn\" disabled=\"true\" - onclick=\"javascript:addUser()\" value=\"Create user\"></div>"; - - $result = db_query($link, "SELECT - id,login,access_level,email, - SUBSTRING(last_login,1,16) as last_login - FROM - ttrss_users - ORDER BY $sort"); - -// print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>"; - - print "<p><table width=\"100%\" cellspacing=\"0\" - class=\"prefUserList\" id=\"prefUserList\">"; - - print "<tr><td class=\"selectPrompt\" colspan=\"8\"> - Select: - <a href=\"javascript:selectPrefRows('user', true)\">All</a>, - <a href=\"javascript:selectPrefRows('user', false)\">None</a> - </td</tr>"; - - print "<tr class=\"title\"> - <td align='center' width=\"5%\"> </td> - <td width='40%'><a href=\"javascript:updateUsersList('login')\">Login</a></td> - <td width='40%'><a href=\"javascript:updateUsersList('access_level')\">Access Level</a></td> - <td width='30%'><a href=\"javascript:updateUsersList('last_login')\">Last login</a></td></tr>"; - - $lnum = 0; - - while ($line = db_fetch_assoc($result)) { - - $class = ($lnum % 2) ? "even" : "odd"; - - $uid = $line["id"]; - $edit_uid = $_GET["id"]; - - if ($subop == "edit" && $uid != $edit_uid) { - $class .= "Grayed"; - $this_row_id = ""; - } else { - $this_row_id = "id=\"UMRR-$uid\""; - } - - print "<tr class=\"$class\" $this_row_id>"; - - $line["login"] = htmlspecialchars($line["login"]); - - $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'), - strtotime($line["last_login"])); - - $access_level_names = array(0 => "User", 10 => "Administrator"); - -// if (!$edit_uid || $subop != "edit") { - - print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"user\");' - type=\"checkbox\" id=\"UMCHK-$uid\"></td>"; - - print "<td><a href=\"javascript:editUser($uid);\">" . - $line["login"] . "</td>"; - - if (!$line["email"]) $line["email"] = " "; - - print "<td><a href=\"javascript:editUser($uid);\">" . - $access_level_names[$line["access_level"]] . "</td>"; - -/* } else if ($uid != $edit_uid) { - - if (!$line["email"]) $line["email"] = " "; - - print "<td align='center'><input disabled=\"true\" type=\"checkbox\" - id=\"UMCHK-".$line["id"]."\"></td>"; - - print "<td>".$line["login"]."</td>"; - print "<td>".$line["email"]."</td>"; - print "<td>".$access_level_names[$line["access_level"]]."</td>"; - - } else { - - print "<td align='center'> - <input disabled=\"true\" type=\"checkbox\" checked></td>"; - - print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"]. - "\"></td>"; - - print "<td><input id=\"iedit_email\" value=\"".$line["email"]. - "\"></td>"; - - print "<td>"; - print "<select id=\"iedit_ulevel\">"; - foreach (array_keys($access_level_names) as $al) { - if ($al == $line["access_level"]) { - $selected = "selected"; - } else { - $selected = ""; - } - print "<option $selected id=\"$al\">" . - $access_level_names[$al] . "</option>"; - } - print "</select>"; - print "</td>"; - - } */ - - print "<td>".$line["last_login"]."</td>"; - - print "</tr>"; - - ++$lnum; - } - - print "</table>"; - - print "<p id='userOpToolbar'>"; - -/* if ($subop == "edit") { - print "Edit user: - <input type=\"submit\" class=\"button\" - onclick=\"javascript:userEditSave()\" value=\"Save\"> - <input type=\"submit\" class=\"button\" - onclick=\"javascript:userEditCancel()\" value=\"Cancel\">"; - - } else { */ - - print " - Selection: - <input type=\"submit\" class=\"button\" disabled=\"true\" - onclick=\"javascript:selectedUserDetails()\" value=\"User details\"> - <input type=\"submit\" class=\"button\" disabled=\"true\" - onclick=\"javascript:editSelectedUser()\" value=\"Edit\"> - <input type=\"submit\" class=\"button\" disabled=\"true\" - onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\"> - <input type=\"submit\" class=\"button\" disabled=\"true\" - onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">"; - -// } + module_pref_users($link); } if ($op == "user-details") { @@ -3434,31 +908,6 @@ } } - function check_configuration_variables() { - if (!defined('SESSION_EXPIRE_TIME')) { - return "config: SESSION_EXPIRE_TIME is undefined"; - } - - if (SESSION_EXPIRE_TIME < 60) { - return "config: SESSION_EXPIRE_TIME is too low (less than 60)"; - } - - if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME_REMEMBER) { - return "config: SESSION_EXPIRE_TIME should be greater or equal to" . - "SESSION_COOKIE_LIFETIME_REMEMBER"; - } - - if (defined('DISABLE_SESSIONS')) { - return "config: you have enabled DISABLE_SESSIONS. Please disable this option."; - } - - if (DATABASE_BACKED_SESSIONS && SINGLE_USER_MODE) { - return "config: DATABASE_BACKED_SESSIONS is incompatible with SINGLE_USER_MODE"; - } - - return false; - } - if ($op == "labelFromSearch") { $search = db_escape_string($_GET["search"]); $search_mode = db_escape_string($_GET["smode"]); diff --git a/modules/help.php b/modules/help.php new file mode 100644 index 000000000..90c63cfb8 --- /dev/null +++ b/modules/help.php @@ -0,0 +1,36 @@ +<?php + function module_help($link) { + + if (!$_GET["noheaders"]) { + print "<html><head> + <title>Tiny Tiny RSS : Help</title> + <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\"> + <script type=\"text/javascript\" src=\"prototype.js\"></script> + <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script> + <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"> + </head><body>"; + } + + $tid = sprintf("%d", $_GET["tid"]); + + print "<div id=\"infoBoxTitle\">Help</div>"; + + print "<div class='infoBoxContents'>"; + + if (file_exists("help/$tid.php")) { + include("help/$tid.php"); + } else { + print "<p>Help topic not found.</p>"; + } + + print "</div>"; + + print "<div align='center'> + <input type='submit' class='button' + onclick=\"closeInfoBox()\" value=\"Close this window\"></div>"; + + if (!$_GET["noheaders"]) { + print "</body></html>"; + } + } +?> diff --git a/modules/popup-dialog.php b/modules/popup-dialog.php new file mode 100644 index 000000000..02282f46b --- /dev/null +++ b/modules/popup-dialog.php @@ -0,0 +1,245 @@ +<?php + function module_popup_dialog($link) { + $id = $_GET["id"]; + $param = $_GET["param"]; + + if ($id == "quickAddFeed") { + + print "<div id=\"infoBoxTitle\">Subscribe to feed</div>"; + print "<div class=\"infoBoxContents\">"; + + print "<form id='feed_add_form'>"; + + print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">"; + print "<input type=\"hidden\" name=\"quiet\" value=\"1\">"; + print "<input type=\"hidden\" name=\"subop\" value=\"add\">"; + + print "<table width='100%'> + <tr><td>Feed URL:</td><td> + <input class=\"iedit\" onblur=\"javascript:enableHotkeys()\" + onkeypress=\"return filterCR(event, qafAdd)\" + onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\" + onfocus=\"javascript:disableHotkeys()\" name=\"feed_url\"></td></tr>"; + + if (get_pref($link, 'ENABLE_FEED_CATS')) { + print "<tr><td>Category:</td><td>"; + print_feed_cat_select($link, "cat_id"); + print "</td></tr>"; + } + + print "</table>"; + print "</form>"; + + print "<div align='right'> + <input class=\"button\" + id=\"fadd_submit_btn\" disabled=\"true\" + type=\"submit\" onclick=\"return qafAdd()\" value=\"Subscribe\"> + <input class=\"button\" + type=\"submit\" onclick=\"return closeInfoBox()\" + value=\"Cancel\"></div>"; + } + + if ($id == "search") { + + print "<div id=\"infoBoxTitle\">Search</div>"; + print "<div class=\"infoBoxContents\">"; + + print "<form id='search_form'>"; + + #$active_feed_id = db_escape_string($_GET["param"]); + + $params = split(":", db_escape_string($_GET["param"])); + + $active_feed_id = sprintf("%d", $params[0]); + $is_cat = $params[1] == "true"; + + print "<table width='100%'><tr><td>Search:</td><td>"; + + print "<input name=\"query\" class=\"iedit\" + onkeypress=\"return filterCR(event, search)\" + onkeyup=\"toggleSubmitNotEmpty(this, 'search_submit_btn')\" + value=\"\"> + </td></tr>"; + + print "<tr><td>Where:</td><td>"; + + print "<select name=\"search_mode\"> + <option value=\"all_feeds\">All feeds</option>"; + + $feed_title = getFeedTitle($link, $active_feed_id); + + if (!$is_cat) { + $feed_cat_title = getFeedCatTitle($link, $active_feed_id); + } else { + $feed_cat_title = getCategoryTitle($link, $active_feed_id); + } + + if ($active_feed_id && !$is_cat) { + print "<option selected value=\"this_feed\">This feed ($feed_title)</option>"; + } else { + print "<option disabled>This feed</option>"; + } + + if ($is_cat) { + $cat_preselected = "selected"; + } + + if (get_pref($link, 'ENABLE_FEED_CATS') && ($active_feed_id > 0 || $is_cat)) { + print "<option $cat_preselected value=\"this_cat\">This category ($feed_cat_title)</option>"; + } else { + print "<option disabled>This category</option>"; + } + + print "</select></td></tr>"; + + print "<tr><td>Match on:</td><td>"; + + $search_fields = array( + "title" => "Title", + "content" => "Content", + "both" => "Title or content"); + + print_select_hash("match_on", 3, $search_fields); + + print "</td></tr></table>"; + + print "</form>"; + + print "<div align=\"right\"> + <input type=\"submit\" + class=\"button\" onclick=\"javascript:search()\" + id=\"search_submit_btn\" disabled=\"true\" + value=\"Search\"> + <input class=\"button\" + type=\"submit\" onclick=\"javascript:searchCancel()\" + value=\"Cancel\"></div>"; + + print "</div>"; + + } + + if ($id == "quickAddLabel") { + print "<div id=\"infoBoxTitle\">Create label</div>"; + print "<div class=\"infoBoxContents\">"; + + print "<form id=\"label_edit_form\">"; + + print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">"; + print "<input type=\"hidden\" name=\"subop\" value=\"add\">"; + + print "<table width='100%'>"; + + print "<tr><td>Caption:</td> + <td><input onkeypress=\"return filterCR(event, addLabel)\" + onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\" + name=\"description\" class=\"iedit\">"; + + print "</td></tr>"; + + print "<tr><td colspan=\"2\"> + <p>SQL Expression:</p>"; + + print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\" + rows=\"4\" name=\"sql_exp\" class=\"iedit\"></textarea>"; + + print "</td></tr></table>"; + + print "</form>"; + + print "<div style=\"display : none\" id=\"label_test_result\"></div>"; + + print "<div align='right'>"; + + print "<input type=\"submit\" onclick=\"labelTest()\" value=\"Test\"> + "; + + print "<input type=\"submit\" + id=\"infobox_submit\" + disabled=\"true\" + class=\"button\" onclick=\"return addLabel()\" + value=\"Create\"> "; + + print "<input class=\"button\" + type=\"submit\" onclick=\"return labelEditCancel()\" + value=\"Cancel\">"; + } + + if ($id == "quickAddFilter") { + + $active_feed_id = db_escape_string($_GET["param"]); + + print "<div id=\"infoBoxTitle\">Create filter</div>"; + print "<div class=\"infoBoxContents\">"; + + print "<form id=\"filter_add_form\">"; + + print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">"; + print "<input type=\"hidden\" name=\"quiet\" value=\"1\">"; + print "<input type=\"hidden\" name=\"subop\" value=\"add\">"; + +// print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>"; + + $result = db_query($link, "SELECT id,description + FROM ttrss_filter_types ORDER BY description"); + + $filter_types = array(); + + while ($line = db_fetch_assoc($result)) { + //array_push($filter_types, $line["description"]); + $filter_types[$line["id"]] = $line["description"]; + } + + print "<table width='100%'>"; + + print "<tr><td>Match:</td> + <td><input onkeypress=\"return filterCR(event, qaddFilter)\" + onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\" + name=\"reg_exp\" class=\"iedit\">"; + print "</td><td>"; + + print_select_hash("filter_type", 1, $filter_types, "class=\"iedit\""); + + print "</td></tr>"; + print "<tr><td>Feed:</td><td colspan='2'>"; + + print_feed_select($link, "feed_id", $active_feed_id); + + print "</td></tr>"; + + print "<tr><td>Action:</td>"; + + print "<td colspan='2'><select name=\"action_id\">"; + + $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions + ORDER BY name"); + + while ($line = db_fetch_assoc($result)) { + printf("<option value='%d'>%s</option>", $line["id"], $line["description"]); + } + + print "</select>"; + + print "</td></tr></table>"; + + print "</form>"; + + print "<div align='right'>"; + + print "<input type=\"submit\" + id=\"infobox_submit\" + class=\"button\" onclick=\"return qaddFilter()\" + disabled=\"true\" value=\"Create\"> "; + + print "<input class=\"button\" + type=\"submit\" onclick=\"return closeInfoBox()\" + value=\"Cancel\">"; + + print "</div>"; + +// print "</td></tr></table>"; + + } + + print "</div>"; + } +?> diff --git a/modules/pref-feeds.php b/modules/pref-feeds.php new file mode 100644 index 000000000..454dd1785 --- /dev/null +++ b/modules/pref-feeds.php @@ -0,0 +1,944 @@ +<?php + function module_pref_feeds($link) { + + $subop = $_REQUEST["subop"]; + $quiet = $_REQUEST["quiet"]; + + if ($subop == "massSubscribe") { + $ids = split(",", db_escape_string($_GET["ids"])); + + $subscribed = array(); + + foreach ($ids as $id) { + $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds + WHERE id = '$id'"); + + $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url")); + $title = db_escape_string(db_fetch_result($result, 0, "title")); + + $title_orig = db_fetch_result($result, 0, "title"); + + $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE + feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); + + if (db_num_rows($result) == 0) { + $result = db_query($link, + "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id) + VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)"); + + array_push($subscribed, $title_orig); + } + } + + if (count($subscribed) > 0) { + print "<div class=\"notice\">"; + print "<b>Subscribed to feeds:</b>"; + print "<ul class=\"nomarks\">"; + foreach ($subscribed as $title) { + print "<li>$title</li>"; + } + print "</ul>"; + print "</div>"; + } + } + + if ($subop == "browse") { + + if (!ENABLE_FEED_BROWSER) { + print "Feed browser is administratively disabled."; + return; + } + + print "<div id=\"infoBoxTitle\">Other feeds: Top 25</div>"; + + print "<div class=\"infoBoxContents\">"; + + print "<p>Showing top 25 registered feeds, sorted by popularity:</p>"; + +# $result = db_query($link, "SELECT feed_url,count(id) AS subscribers +# FROM ttrss_feeds +# WHERE auth_login = '' AND auth_pass = '' AND private = false +# GROUP BY feed_url ORDER BY subscribers DESC LIMIT 25"); + + $owner_uid = $_SESSION["uid"]; + + $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers + FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf + WHERE tf.feed_url = ttrss_feeds.feed_url + AND owner_uid = '$owner_uid') GROUP BY feed_url + ORDER BY subscribers DESC LIMIT 25"); + + print "<ul class='browseFeedList' id='browseFeedList'>"; + + $feedctr = 0; + + while ($line = db_fetch_assoc($result)) { + $feed_url = $line["feed_url"]; + $subscribers = $line["subscribers"]; + + $det_result = db_query($link, "SELECT site_url,title,id + FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1"); + + $details = db_fetch_assoc($det_result); + + $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico"; + + if (file_exists($icon_file) && filesize($icon_file) > 0) { + $feed_icon = "<img class=\"tinyFeedIcon\" src=\"" . ICONS_URL . + "/".$details["id"].".ico\">"; + } else { + $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">"; + } + + $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB' + type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">"; + + $class = ($feedctr % 2) ? "even" : "odd"; + + print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box". + "$feed_icon " . db_unescape_string($details["title"]) . + " <span class='subscribers'>($subscribers)</span></li>"; + + ++$feedctr; + } + + if ($feedctr == 0) { + print "<li>No feeds found to subscribe.</li>"; + } + + print "</ul>"; + + print "<div align='center'> + <input type=\"submit\" class=\"button\" + onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\"> + <input type='submit' class='button' + onclick=\"closeInfoBox()\" value=\"Cancel\"></div>"; + + print "</div>"; + return; + } + + if ($subop == "editfeed") { + $feed_id = db_escape_string($_REQUEST["id"]); + + $result = db_query($link, + "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND + owner_uid = " . $_SESSION["uid"]); + + $title = htmlspecialchars(db_unescape_string(db_fetch_result($result, + 0, "title"))); + + $icon_file = ICONS_DIR . "/$feed_id.ico"; + + if (file_exists($icon_file) && filesize($icon_file) > 0) { + $feed_icon = "<img width=\"16\" height=\"16\" + src=\"" . ICONS_URL . "/$feed_id.ico\">"; + } else { + $feed_icon = ""; + } + + print "<div id=\"infoBoxTitle\">Feed editor</div>"; + + print "<div class=\"infoBoxContents\">"; + + print "<form id=\"edit_feed_form\">"; + + print "<input type=\"hidden\" name=\"id\" value=\"$feed_id\">"; + print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">"; + print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">"; + + print "<table width='100%'>"; + + print "<tr><td>Title:</td>"; + print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event, feedEditSave)\" + name=\"title\" value=\"$title\"></td></tr>"; + + $feed_url = db_fetch_result($result, 0, "feed_url"); + $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result, + 0, "feed_url"))); + + print "<tr><td>Feed URL:</td>"; + print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event, feedEditSave)\" + name=\"feed_url\" value=\"$feed_url\"></td></tr>"; + + if (get_pref($link, 'ENABLE_FEED_CATS')) { + + $cat_id = db_fetch_result($result, 0, "cat_id"); + + print "<tr><td>Category:</td>"; + print "<td>"; + + $parent_feed = db_fetch_result($result, 0, "parent_feed"); + + if (sprintf("%d", $parent_feed) > 0) { + $disabled = "disabled"; + } else { + $disabled = ""; + } + + print_feed_cat_select($link, "cat_id", $cat_id, "class=\"iedit\" $disabled"); + + print "</td>"; + print "</td></tr>"; + + } + + $update_interval = db_fetch_result($result, 0, "update_interval"); + + print "<tr><td>Update Interval:</td>"; + + print "<td>"; + + print_select_hash("update_interval", $update_interval, $update_intervals, + "class=\"iedit\""); + + print "</td>"; + + print "<tr><td>Link to:</td><td>"; + + $tmp_result = db_query($link, "SELECT COUNT(id) AS count + FROM ttrss_feeds WHERE parent_feed = '$feed_id'"); + + $linked_count = db_fetch_result($tmp_result, 0, "count"); + + $parent_feed = db_fetch_result($result, 0, "parent_feed"); + + if ($linked_count > 0) { + $disabled = "disabled"; + } else { + $disabled = ""; + } + + print "<select class=\"iedit\" $disabled name=\"parent_feed\">"; + + print "<option value=\"0\">Not linked</option>"; + + if (get_pref($link, 'ENABLE_FEED_CATS')) { + if ($cat_id) { + $cat_qpart = "AND cat_id = '$cat_id'"; + } else { + $cat_qpart = "AND cat_id IS NULL"; + } + } + + $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds + WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]." AND + (SELECT COUNT(id) FROM ttrss_feeds AS T2 WHERE T2.id = ttrss_feeds.parent_feed) = 0 + $cat_qpart ORDER BY title"); + + if (db_num_rows($tmp_result) > 0) { + print "<option disabled>--------</option>"; + } + + while ($tmp_line = db_fetch_assoc($tmp_result)) { + if ($tmp_line["id"] == $parent_feed) { + $is_selected = "selected"; + } else { + $is_selected = ""; + } + printf("<option $is_selected value='%d'>%s</option>", + $tmp_line["id"], $tmp_line["title"]); + } + + print "</select>"; + print "</td></tr>"; + + $purge_interval = db_fetch_result($result, 0, "purge_interval"); + + print "<tr><td>Article purging:</td>"; + + print "<td>"; + + print_select_hash("purge_interval", $purge_interval, $purge_intervals, + "class=\"iedit\""); + + print "</td>"; + + $auth_login = escape_for_form(db_fetch_result($result, 0, "auth_login")); + + print "<tr><td>Login:</td>"; + print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event, feedEditSave)\" + name=\"auth_login\" value=\"$auth_login\"></td></tr>"; + + $auth_pass = escape_for_form(db_fetch_result($result, 0, "auth_pass")); + + print "<tr><td>Password:</td>"; + print "<td><input class=\"iedit\" type=\"password\" name=\"auth_pass\" + onkeypress=\"return filterCR(event, feedEditSave)\" + value=\"$auth_pass\"></td></tr>"; + + $private = sql_bool_to_bool(db_fetch_result($result, 0, "private")); + + if ($private) { + $checked = "checked"; + } else { + $checked = ""; + } + + print "<tr><td valign='top'>Options:</td>"; + print "<td><input type=\"checkbox\" name=\"private\" id=\"private\" + $checked><label for=\"private\">Hide from \"Other Feeds\"</label>"; + + $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content")); + + if ($rtl_content) { + $checked = "checked"; + } else { + $checked = ""; + } + + print "<br><input type=\"checkbox\" id=\"rtl_content\" name=\"rtl_content\" + $checked><label for=\"rtl_content\">Right-to-left content</label>"; + + $hidden = sql_bool_to_bool(db_fetch_result($result, 0, "hidden")); + + if ($hidden) { + $checked = "checked"; + } else { + $checked = ""; + } + + print "<br><input type=\"checkbox\" id=\"hidden\" name=\"hidden\" + $checked><label for=\"hidden\">Hide from my feed list</label>"; + + $include_in_digest = sql_bool_to_bool(db_fetch_result($result, 0, "include_in_digest")); + + if ($include_in_digest) { + $checked = "checked"; + } else { + $checked = ""; + } + + print "<br><input type=\"checkbox\" id=\"include_in_digest\" + name=\"include_in_digest\" + $checked><label for=\"include_in_digest\">Include in e-mail digest</label>"; + + print "</td></tr>"; + + print "</table>"; + + print "</form>"; + + print "<div align='right'> + <input type=\"submit\" class=\"button\" + onclick=\"return feedEditSave()\" value=\"Save\"> + <input type='submit' class='button' + onclick=\"return feedEditCancel()\" value=\"Cancel\"></div>"; + + print "</div>"; + + return; + } + + if ($subop == "editSave") { + + $feed_title = db_escape_string(trim($_POST["title"])); + $feed_link = db_escape_string(trim($_POST["feed_url"])); + $upd_intl = db_escape_string($_POST["update_interval"]); + $purge_intl = db_escape_string($_POST["purge_interval"]); + $feed_id = db_escape_string($_POST["id"]); + $cat_id = db_escape_string($_POST["cat_id"]); + $auth_login = db_escape_string(trim($_POST["auth_login"])); + $auth_pass = db_escape_string(trim($_POST["auth_pass"])); + $parent_feed = db_escape_string($_POST["parent_feed"]); + $private = checkbox_to_sql_bool(db_escape_string($_POST["private"])); + $rtl_content = checkbox_to_sql_bool(db_escape_string($_POST["rtl_content"])); + $hidden = checkbox_to_sql_bool(db_escape_string($_POST["hidden"])); + $include_in_digest = checkbox_to_sql_bool( + db_escape_string($_POST["include_in_digest"])); + + if (get_pref($link, 'ENABLE_FEED_CATS')) { + if ($cat_id && $cat_id != 0) { + $category_qpart = "cat_id = '$cat_id',"; + $category_qpart_nocomma = "cat_id = '$cat_id'"; + } else { + $category_qpart = 'cat_id = NULL,'; + $category_qpart_nocomma = 'cat_id = NULL'; + } + } else { + $category_qpart = ""; + $category_qpart_nocomma = ""; + } + + if ($parent_feed && $parent_feed != 0) { + $parent_qpart = "parent_feed = '$parent_feed'"; + } else { + $parent_qpart = 'parent_feed = NULL'; + } + + $result = db_query($link, "UPDATE ttrss_feeds SET + $category_qpart $parent_qpart, + title = '$feed_title', feed_url = '$feed_link', + update_interval = '$upd_intl', + purge_interval = '$purge_intl', + auth_login = '$auth_login', + auth_pass = '$auth_pass', + private = $private, + rtl_content = $rtl_content, + hidden = $hidden, + include_in_digest = $include_in_digest + WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); + + if (get_pref($link, 'ENABLE_FEED_CATS')) { + # update linked feed categories + $result = db_query($link, "UPDATE ttrss_feeds SET + $category_qpart_nocomma WHERE parent_feed = '$feed_id' AND + owner_uid = " . $_SESSION["uid"]); + } + } + + if ($subop == "saveCat") { + $cat_title = db_escape_string(trim($_GET["title"])); + $cat_id = db_escape_string($_GET["id"]); + + $result = db_query($link, "UPDATE ttrss_feed_categories SET + title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]); + + } + + if ($subop == "remove") { + + if (!WEB_DEMO_MODE) { + + $ids = split(",", db_escape_string($_GET["ids"])); + + foreach ($ids as $id) { + + if ($id > 0) { + + db_query($link, "DELETE FROM ttrss_feeds + WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); + + $icons_dir = ICONS_DIR; + + if (file_exists($icons_dir . "/$id.ico")) { + unlink($icons_dir . "/$id.ico"); + } + } else if ($id < -10) { + + $label_id = -$id - 11; + + db_query($link, "DELETE FROM ttrss_labels + WHERE id = '$label_id' AND owner_uid = " . $_SESSION["uid"]); + } + } + } + } + + if ($subop == "add") { + + if (!WEB_DEMO_MODE) { + + $feed_url = db_escape_string(trim($_GET["feed_url"])); + $cat_id = db_escape_string($_GET["cat_id"]); + + if (subscribe_to_feed($link, $feed_url, $cat_id)) { + print "Added feed."; + } else { + print "<div class=\"warning\"> + Feed <b>$feed_url</b> already exists in the database. + </div>"; + } + } + } + + if ($subop == "addCat") { + + if (!WEB_DEMO_MODE) { + + $feed_cat = db_escape_string(trim($_GET["cat"])); + + $result = db_query($link, + "SELECT id FROM ttrss_feed_categories + WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]); + + if (db_num_rows($result) == 0) { + + $result = db_query($link, + "INSERT INTO ttrss_feed_categories (owner_uid,title) + VALUES ('".$_SESSION["uid"]."', '$feed_cat')"); + + } else { + + print "<div class=\"warning\"> + Category <b>$feed_cat</b> already exists in the database. + </div>"; + } + + + } + } + + if ($subop == "removeCats") { + + if (!WEB_DEMO_MODE) { + + $ids = split(",", db_escape_string($_GET["ids"])); + + foreach ($ids as $id) { + + db_query($link, "BEGIN"); + + $result = db_query($link, + "SELECT count(id) as num_feeds FROM ttrss_feeds + WHERE cat_id = '$id'"); + + $num_feeds = db_fetch_result($result, 0, "num_feeds"); + + if ($num_feeds == 0) { + db_query($link, "DELETE FROM ttrss_feed_categories + WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); + } else { + + print "<div class=\"warning\"> + Unable to delete non empty feed categories.</div>"; + + } + + db_query($link, "COMMIT"); + } + } + } + + if ($subop == "categorize") { + + if (!WEB_DEMO_MODE) { + + $ids = split(",", db_escape_string($_GET["ids"])); + + $cat_id = db_escape_string($_GET["cat_id"]); + + if ($cat_id == 0) { + $cat_id_qpart = 'NULL'; + } else { + $cat_id_qpart = "'$cat_id'"; + } + + db_query($link, "BEGIN"); + + foreach ($ids as $id) { + + db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart + WHERE id = '$id' AND parent_feed IS NULL + AND owner_uid = " . $_SESSION["uid"]); + + # update linked feed categories + db_query($link, "UPDATE ttrss_feeds SET + cat_id = $cat_id_qpart WHERE parent_feed = '$id' AND + owner_uid = " . $_SESSION["uid"]); + + } + + db_query($link, "COMMIT"); + } + + } + + if ($quiet) return; + +// print "<h3>Edit Feeds</h3>"; + + $result = db_query($link, "SELECT id,title,feed_url,last_error + FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]); + + if (db_num_rows($result) > 0) { + + print "<div class=\"warning\">"; + +// print"<img class=\"closeButton\" +// onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">"; + + print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\"> + <b>Some feeds have update errors (click for details)</b></a>"; + + print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">"; + + while ($line = db_fetch_assoc($result)) { + print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " . + $line["last_error"]; + } + + print "</ul>"; + print "</div>"; + + } + + $feed_search = db_escape_string($_GET["search"]); + + if (array_key_exists("search", $_GET)) { + $_SESSION["prefs_feed_search"] = $feed_search; + } else { + $feed_search = $_SESSION["prefs_feed_search"]; + } + + print "<div class=\"feedEditSearch\"> + <input id=\"feed_search\" size=\"20\" + onchange=\"javascript:updateFeedList()\" value=\"$feed_search\"> + <input type=\"submit\" class=\"button\" + onclick=\"javascript:updateFeedList()\" value=\"Search\"> + </div>"; + + print "<div class=\"prefGenericAddBox\"> + <input id=\"fadd_link\" + onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\" + size=\"40\"> + <input type=\"submit\" class=\"button\" + disabled=\"true\" id=\"fadd_submit_btn\" + onclick=\"addFeed()\" value=\"Subscribe\">"; + + if (ENABLE_FEED_BROWSER && !SINGLE_USER_MODE) { + print " <input type=\"submit\" class=\"button\" + onclick=\"javascript:browseFeeds()\" value=\"Top 25\">"; + } + + print "</div>"; + + $feeds_sort = db_escape_string($_GET["sort"]); + + if (!$feeds_sort || $feeds_sort == "undefined") { + $feeds_sort = $_SESSION["pref_sort_feeds"]; + if (!$feeds_sort) $feeds_sort = "title"; + } + + $_SESSION["pref_sort_feeds"] = $feeds_sort; + + if ($feed_search) { + $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR + UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND"; + } else { + $search_qpart = ""; + } + + if (get_pref($link, 'ENABLE_FEED_CATS')) { + $order_by_qpart = "category,$feeds_sort,title"; + } else { + $order_by_qpart = "$feeds_sort,title"; + } + + $result = db_query($link, "SELECT + F1.id, + F1.title, + F1.feed_url, + substring(F1.last_updated,1,16) AS last_updated, + F1.parent_feed, + F1.update_interval, + F1.purge_interval, + F1.cat_id, + F2.title AS parent_title, + C1.title AS category, + F1.hidden, + F1.include_in_digest, + (SELECT SUBSTRING(MAX(updated),1,16) FROM ttrss_user_entries, + ttrss_entries WHERE ref_id = ttrss_entries.id + AND feed_id = F1.id) AS last_article + FROM + ttrss_feeds AS F1 + LEFT JOIN ttrss_feeds AS F2 + ON (F1.parent_feed = F2.id) + LEFT JOIN ttrss_feed_categories AS C1 + ON (F1.cat_id = C1.id) + WHERE + $search_qpart F1.owner_uid = '".$_SESSION["uid"]."' + ORDER by $order_by_qpart"); + + if (db_num_rows($result) != 0) { + +// print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>"; + + print "<p><table width=\"100%\" cellspacing=\"0\" + class=\"prefFeedList\" id=\"prefFeedList\">"; + print "<tr><td class=\"selectPrompt\" colspan=\"8\"> + Select: + <a href=\"javascript:selectPrefRows('feed', true)\">All</a>, + <a href=\"javascript:selectPrefRows('feed', false)\">None</a> + </td</tr>"; + + if (!get_pref($link, 'ENABLE_FEED_CATS')) { + print "<tr class=\"title\"> + <td width='5%' align='center'> </td>"; + + if (get_pref($link, 'ENABLE_FEED_ICONS')) { + print "<td width='3%'> </td>"; + } + + print " + <td width='35%'><a href=\"javascript:updateFeedList('title')\">Title</a></td> + <td width='35%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td> + <td width='15%'><a href=\"javascript:updateFeedList('last_article')\">Last Article</a></td> + <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>"; + } + + $lnum = 0; + + $cur_cat_id = -1; + + while ($line = db_fetch_assoc($result)) { + + $feed_id = $line["id"]; + $cat_id = $line["cat_id"]; + + $edit_title = htmlspecialchars(db_unescape_string($line["title"])); + $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"])); + $edit_cat = htmlspecialchars(db_unescape_string($line["category"])); + + $hidden = sql_bool_to_bool($line["hidden"]); + + if (!$edit_cat) $edit_cat = "Uncategorized"; + + $last_updated = $line["last_updated"]; + + if (get_pref($link, 'HEADLINES_SMART_DATE')) { + $last_updated = smart_date_time(strtotime($last_updated)); + } else { + $short_date = get_pref($link, 'SHORT_DATE_FORMAT'); + $last_updated = date($short_date, strtotime($last_updated)); + } + + $last_article = $line["last_article"]; + + if (get_pref($link, 'HEADLINES_SMART_DATE')) { + $last_article = smart_date_time(strtotime($last_article)); + } else { + $short_date = get_pref($link, 'SHORT_DATE_FORMAT'); + $last_article = date($short_date, strtotime($last_article)); + } + + if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) { + $lnum = 0; + + print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>"; + + print "<tr class=\"title\"> + <td width='5%'> </td>"; + + if (get_pref($link, 'ENABLE_FEED_ICONS')) { + print "<td width='3%'> </td>"; + } + + print "<td width='35%'><a href=\"javascript:updateFeedList('title')\">Title</a></td> + <td width='35%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td> + <td width='15%'><a href=\"javascript:updateFeedList('last_article')\">Last Article</a></td> + <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>"; + + $cur_cat_id = $cat_id; + } + + $class = ($lnum % 2) ? "even" : "odd"; + $this_row_id = "id=\"FEEDR-$feed_id\""; + + print "<tr class=\"$class\" $this_row_id>"; + + $icon_file = ICONS_DIR . "/$feed_id.ico"; + + if (file_exists($icon_file) && filesize($icon_file) > 0) { + $feed_icon = "<img class=\"tinyFeedIcon\" src=\"" . ICONS_URL . "/$feed_id.ico\">"; + } else { + $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">"; + } + + print "<td class='feedSelect'><input onclick='toggleSelectPrefRow(this, \"feed\");' + type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>"; + + if (get_pref($link, 'ENABLE_FEED_ICONS')) { + print "<td class='feedIcon'>$feed_icon</td>"; + } + + $edit_title = truncate_string($edit_title, 40); + $edit_link = truncate_string($edit_link, 60); + + if ($hidden) { + $edit_title = "<span class=\"insensitive\">$edit_title (Hidden)</span>"; + $edit_link = "<span class=\"insensitive\">$edit_link</span>"; + $last_updated = "<span class=\"insensitive\">$last_updated</span>"; + $last_article = "<span class=\"insensitive\">$last_article</span>"; + } + + $parent_title = $line["parent_title"]; + if ($parent_title) { + $parent_title = "<span class='groupPrompt'>(linked to + $parent_title)</span>"; + } + + print "<td><a href=\"javascript:editFeed($feed_id);\">" . + "$edit_title $parent_title" . "</a></td>"; + + print "<td><a href=\"javascript:editFeed($feed_id);\">" . + $edit_link . "</a></td>"; + + print "<td><a href=\"javascript:editFeed($feed_id);\">" . + "$last_article</a></td>"; + + print "<td align='right'><a href=\"javascript:editFeed($feed_id);\">" . + "$last_updated</a></td>"; + + print "</tr>"; + + ++$lnum; + } + + print "</table>"; + + print "<p><span id=\"feedOpToolbar\">"; + + if ($subop == "edit") { + print "Edit feed: + <input type=\"submit\" class=\"button\" + onclick=\"javascript:feedEditCancel()\" value=\"Cancel\"> + <input type=\"submit\" class=\"button\" + onclick=\"javascript:feedEditSave()\" value=\"Save\">"; + } else { + + print " + Selection: + <input type=\"submit\" class=\"button\" disabled=\"true\" + onclick=\"javascript:editSelectedFeed()\" value=\"Edit\"> + <input type=\"submit\" class=\"button\" disabled=\"true\" + onclick=\"javascript:removeSelectedFeeds()\" value=\"Unsubscribe\">"; + + if (get_pref($link, 'ENABLE_FEED_CATS')) { + + print " | "; + + print_feed_cat_select($link, "sfeed_set_fcat", "", "disabled"); + + print " <input type=\"submit\" class=\"button\" disabled=\"true\" + onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Recategorize\">"; + + } + + print "</span> + All feeds: <input type=\"submit\" + class=\"button\" onclick=\"gotoExportOpml()\" + value=\"Export OPML\">"; + } + } else { + + print "<p>No feeds defined.</p>"; + + } + + if (get_pref($link, 'ENABLE_FEED_CATS')) { + + print "<h3>Edit Categories</h3>"; + + print "<div class=\"prefGenericAddBox\"> + <input id=\"fadd_cat\" + onkeyup=\"toggleSubmitNotEmpty(this, 'catadd_submit_btn')\" + size=\"40\"> + <input + type=\"submit\" class=\"button\" disabled=\"true\" id=\"catadd_submit_btn\" + onclick=\"javascript:addFeedCat()\" value=\"Create category\"></div>"; + + $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories + WHERE owner_uid = ".$_SESSION["uid"]." + ORDER BY title"); + + if (db_num_rows($result) != 0) { + + print "<form id=\"feed_cat_edit_form\">"; + + print "<p><table width=\"100%\" class=\"prefFeedCatList\" + cellspacing=\"0\" id=\"prefFeedCatList\">"; + + print "<tr><td class=\"selectPrompt\" colspan=\"8\"> + Select: + <a href=\"javascript:selectPrefRows('fcat', true)\">All</a>, + <a href=\"javascript:selectPrefRows('fcat', false)\">None</a> + </td</tr>"; + + print "<tr class=\"title\"> + <td width=\"5%\"> </td><td width=\"80%\">Title</td> + </tr>"; + + $lnum = 0; + + while ($line = db_fetch_assoc($result)) { + + $class = ($lnum % 2) ? "even" : "odd"; + + $cat_id = $line["id"]; + + $edit_cat_id = $_GET["id"]; + + if ($subop == "editCat" && $cat_id != $edit_cat_id) { + $class .= "Grayed"; + $this_row_id = ""; + } else { + $this_row_id = "id=\"FCATR-$cat_id\""; + } + + print "<tr class=\"$class\" $this_row_id>"; + + $edit_title = htmlspecialchars(db_unescape_string($line["title"])); + + if (!$edit_cat_id || $subop != "editCat") { + + print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"fcat\");' + type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>"; + + print "<td><a href=\"javascript:editFeedCat($cat_id);\">" . + $edit_title . "</a></td>"; + + } else if ($cat_id != $edit_cat_id) { + + print "<td align='center'><input disabled=\"true\" type=\"checkbox\" + id=\"FRCHK-".$line["id"]."\"></td>"; + + print "<td>$edit_title</td>"; + + } else { + + print "<td align='center'><input disabled=\"true\" type=\"checkbox\" checked>"; + + print "<input type=\"hidden\" name=\"id\" value=\"$cat_id\">"; + print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">"; + print "<input type=\"hidden\" name=\"subop\" value=\"saveCat\">"; + + print "</td>"; + + print "<td><input onkeypress=\"return filterCR(event)\" + name=\"title\" class=\"iedit\" value=\"$edit_title\"></td>"; + + } + + print "</tr>"; + + ++$lnum; + } + + print "</table>"; + + print "</form>"; + + print "<p id=\"catOpToolbar\">"; + + if ($subop == "editCat") { + print "Edit category: + <input type=\"submit\" class=\"button\" + onclick=\"return feedCatEditSave()\" value=\"Save\"> + <input type=\"submit\" class=\"button\" + onclick=\"return feedCatEditCancel()\" value=\"Cancel\">"; + } else { + + print " + Selection: + <input type=\"submit\" class=\"button\" disabled=\"true\" + onclick=\"return editSelectedFeedCat()\" value=\"Edit\"> + <input type=\"submit\" class=\"button\" disabled=\"true\" + onclick=\"return removeSelectedFeedCats()\" value=\"Remove\">"; + + } + + } else { + print "<p>No feed categories defined.</p>"; + } + } + + print "<h3>Import OPML</h3> + <form enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\"> + File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\"> + <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\" + type=\"submit\" value=\"Import\"> + </form>"; + } +?> diff --git a/modules/pref-filters.php b/modules/pref-filters.php new file mode 100644 index 000000000..0570b7ac5 --- /dev/null +++ b/modules/pref-filters.php @@ -0,0 +1,314 @@ +<?php + function module_pref_filters($link) { + $subop = $_GET["subop"]; + $quiet = $_GET["quiet"]; + + if ($subop == "edit") { + + $filter_id = db_escape_string($_GET["id"]); + + $result = db_query($link, + "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); + + $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp"))); + $filter_type = db_fetch_result($result, 0, "filter_type"); + $feed_id = db_fetch_result($result, 0, "feed_id"); + $action_id = db_fetch_result($result, 0, "action_id"); + + $enabled = sql_bool_to_bool(db_fetch_result($result, 0, "enabled")); + + print "<div id=\"infoBoxTitle\">Filter editor</div>"; + print "<div class=\"infoBoxContents\">"; + + print "<form id=\"filter_edit_form\">"; + + print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">"; + print "<input type=\"hidden\" name=\"id\" value=\"$filter_id\">"; + print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">"; + +// print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>"; + + $result = db_query($link, "SELECT id,description + FROM ttrss_filter_types ORDER BY description"); + + $filter_types = array(); + + while ($line = db_fetch_assoc($result)) { + //array_push($filter_types, $line["description"]); + $filter_types[$line["id"]] = $line["description"]; + } + + print "<table width='100%'>"; + + print "<tr><td>Match:</td> + <td><input onkeypress=\"return filterCR(event, filterEditSave)\" + onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\" + name=\"reg_exp\" class=\"iedit\" value=\"$reg_exp\">"; + + print "</td><td>"; + + print_select_hash("filter_type", $filter_type, $filter_types, "class=\"iedit\""); + + print "</td></tr>"; + print "<tr><td>Feed:</td><td colspan='2'>"; + + print_feed_select($link, "feed_id", $feed_id); + + print "</td></tr>"; + + print "<tr><td>Action:</td>"; + + print "<td colspan='2'><select name=\"action_id\">"; + + $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions + ORDER BY name"); + + while ($line = db_fetch_assoc($result)) { + $is_sel = ($line["id"] == $action_id) ? "selected" : ""; + printf("<option value='%d' $is_sel>%s</option>", $line["id"], $line["description"]); + } + + print "</select>"; + + print "</td></tr>"; + + if ($enabled) { + $checked = "checked"; + } else { + $checked = ""; + } + + print "<tr><td>Options:</td><td> + <input type=\"checkbox\" name=\"enabled\" id=\"enabled\" $checked> + <label for=\"enabled\">Enabled</label>"; + + print "</td></tr></table>"; + + print "</form>"; + + print "<div align='right'>"; + + print "<input type=\"submit\" + id=\"infobox_submit\" + class=\"button\" onclick=\"return filterEditSave()\" + value=\"Save\"> "; + + print "<input class=\"button\" + type=\"submit\" onclick=\"return filterEditCancel()\" + value=\"Cancel\">"; + + print "</div>"; + + return; + } + + + if ($subop == "editSave") { + + $reg_exp = db_escape_string(trim($_GET["reg_exp"])); + $filter_type = db_escape_string(trim($_GET["filter_type"])); + $filter_id = db_escape_string($_GET["id"]); + $feed_id = db_escape_string($_GET["feed_id"]); + $action_id = db_escape_string($_GET["action_id"]); + $enabled = checkbox_to_sql_bool(db_escape_string($_GET["enabled"])); + + if (!$feed_id) { + $feed_id = 'NULL'; + } else { + $feed_id = sprintf("'%s'", db_escape_string($feed_id)); + } + + $result = db_query($link, "UPDATE ttrss_filters SET + reg_exp = '$reg_exp', + feed_id = $feed_id, + action_id = '$action_id', + filter_type = '$filter_type', + enabled = $enabled + WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); + } + + if ($subop == "remove") { + + if (!WEB_DEMO_MODE) { + + $ids = split(",", db_escape_string($_GET["ids"])); + + foreach ($ids as $id) { + db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); + + } + } + } + + if ($subop == "add") { + + if (!WEB_DEMO_MODE) { + + $regexp = db_escape_string(trim($_GET["reg_exp"])); + $filter_type = db_escape_string(trim($_GET["filter_type"])); + $feed_id = db_escape_string($_GET["feed_id"]); + $action_id = db_escape_string($_GET["action_id"]); + + if (!$regexp) return; + + if (!$feed_id) { + $feed_id = 'NULL'; + } else { + $feed_id = sprintf("'%s'", db_escape_string($feed_id)); + } + + $result = db_query($link, + "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id, + action_id) + VALUES + ('$regexp', '$filter_type','".$_SESSION["uid"]."', + $feed_id, '$action_id')"); + } + } + + if ($quiet) return; + + $sort = db_escape_string($_GET["sort"]); + + if (!$sort || $sort == "undefined") { + $sort = "reg_exp"; + } + +// print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>"; + + $result = db_query($link, "SELECT id,description + FROM ttrss_filter_types ORDER BY description"); + + $filter_types = array(); + + while ($line = db_fetch_assoc($result)) { + //array_push($filter_types, $line["description"]); + $filter_types[$line["id"]] = $line["description"]; + } + + print "<input type=\"submit\" + class=\"button\" + onclick=\"return displayDlg('quickAddFilter', false)\" + id=\"create_filter_btn\" + value=\"Create filter\">"; + + $result = db_query($link, "SELECT + ttrss_filters.id AS id,reg_exp, + ttrss_filter_types.name AS filter_type_name, + ttrss_filter_types.description AS filter_type_descr, + enabled, + feed_id, + ttrss_filter_actions.description AS action_description, + ttrss_feeds.title AS feed_title + FROM + ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN + ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id) + WHERE + filter_type = ttrss_filter_types.id AND + ttrss_filter_actions.id = action_id AND + ttrss_filters.owner_uid = ".$_SESSION["uid"]." + ORDER by $sort"); + + if (db_num_rows($result) != 0) { + + print "<form id=\"filter_edit_form\">"; + + print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\" + id=\"prefFilterList\">"; + + print "<tr><td class=\"selectPrompt\" colspan=\"8\"> + Select: + <a href=\"javascript:selectPrefRows('filter', true)\">All</a>, + <a href=\"javascript:selectPrefRows('filter', false)\">None</a> + </td</tr>"; + + print "<tr class=\"title\"> + <td align='center' width=\"5%\"> </td> + <td width=\"20%\"><a href=\"javascript:updateFilterList('reg_exp')\">Filter expression</a></td> + <td width=\"20%\"><a href=\"javascript:updateFilterList('feed_title')\">Feed</a></td> + <td width=\"15%\"><a href=\"javascript:updateFilterList('filter_type')\">Match</a></td> + <td width=\"15%\"><a href=\"javascript:updateFilterList('action_description')\">Action</a></td>"; + + $lnum = 0; + + while ($line = db_fetch_assoc($result)) { + + $class = ($lnum % 2) ? "even" : "odd"; + + $filter_id = $line["id"]; + $edit_filter_id = $_GET["id"]; + + $enabled = sql_bool_to_bool($line["enabled"]); + + if ($subop == "edit" && $filter_id != $edit_filter_id) { + $class .= "Grayed"; + $this_row_id = ""; + } else { + $this_row_id = "id=\"FILRR-$filter_id\""; + } + + print "<tr class=\"$class\" $this_row_id>"; + + $line["reg_exp"] = htmlspecialchars(db_unescape_string($line["reg_exp"])); + + if (!$line["feed_title"]) $line["feed_title"] = "All feeds"; + + $line["feed_title"] = htmlspecialchars(db_unescape_string($line["feed_title"])); + + print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"filter\");' + type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>"; + + if (!$enabled) { + $line["reg_exp"] = "<span class=\"insensitive\">" . + $line["reg_exp"] . " (Disabled)</span>"; + $line["feed_title"] = "<span class=\"insensitive\">" . + $line["feed_title"] . "</span>"; + $line["filter_type_descr"] = "<span class=\"insensitive\">" . + $line["filter_type_descr"] . "</span>"; + $line["action_description"] = "<span class=\"insensitive\">" . + $line["action_description"] . "</span>"; + } + + print "<td><a href=\"javascript:editFilter($filter_id);\">" . + $line["reg_exp"] . "</td>"; + + print "<td><a href=\"javascript:editFilter($filter_id);\">" . + $line["feed_title"] . "</td>"; + + print "<td><a href=\"javascript:editFilter($filter_id);\">" . + $line["filter_type_descr"] . "</td>"; + + print "<td><a href=\"javascript:editFilter($filter_id);\">" . + $line["action_description"] . "</td>"; + + print "</tr>"; + + ++$lnum; + } + + if ($lnum == 0) { + print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>"; + } + + print "</table>"; + + print "</form>"; + + print "<p id=\"filterOpToolbar\">"; + + print " + Selection: + <input type=\"submit\" class=\"button\" disabled=\"true\" + onclick=\"return editSelectedFilter()\" value=\"Edit\"> + <input type=\"submit\" class=\"button\" disabled=\"true\" + onclick=\"return removeSelectedFilters()\" value=\"Remove\">"; + + print "</p>"; + + } else { + + print "<p>No filters defined.</p>"; + + } + } +?> diff --git a/modules/pref-labels.php b/modules/pref-labels.php new file mode 100644 index 000000000..8f1bab7af --- /dev/null +++ b/modules/pref-labels.php @@ -0,0 +1,289 @@ +<?php + // We need to accept raw SQL data in label queries, so not everything is escaped + // here, this is by design. If you don't like it, disable labels + // altogether with GLOBAL_ENABLE_LABELS = false + + function module_pref_labels($link) { + if (!GLOBAL_ENABLE_LABELS) { + + print "<p>Sorry, labels have been administratively disabled for this installation. Please contact instance owner or edit configuration file to enable this functionality.</p>"; + return; + } + + $subop = $_GET["subop"]; + + if ($subop == "edit") { + + $label_id = db_escape_string($_GET["id"]); + + $result = db_query($link, "SELECT sql_exp,description FROM ttrss_labels WHERE + owner_uid = ".$_SESSION["uid"]." AND id = '$label_id' ORDER by description"); + + $line = db_fetch_assoc($result); + + $sql_exp = htmlspecialchars(db_unescape_string($line["sql_exp"])); + $description = htmlspecialchars(db_unescape_string($line["description"])); + + print "<div id=\"infoBoxTitle\">Label editor</div>"; + print "<div class=\"infoBoxContents\">"; + + print "<form id=\"label_edit_form\">"; + + print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">"; + print "<input type=\"hidden\" name=\"id\" value=\"$label_id\">"; + print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">"; + + print "<table width='100%'>"; + + print "<tr><td>Caption:</td> + <td><input onkeypress=\"return filterCR(event, labelEditSave)\" + onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\" + name=\"description\" class=\"iedit\" value=\"$description\">"; + + print "</td></tr>"; + + print "<tr><td colspan=\"2\"> + <p>SQL Expression:</p>"; + + print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\" + rows=\"4\" name=\"sql_exp\" class=\"iedit\">$sql_exp</textarea>"; + + print "</td></tr></table>"; + + print "</form>"; + + print "<div style=\"display : none\" id=\"label_test_result\"></div>"; + + print "<div align='right'>"; + + $is_disabled = (strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') !== FALSE) ? "disabled" : ""; + + print "<input $is_disabled type=\"submit\" onclick=\"return labelTest()\" value=\"Test\"> + "; + + print "<input type=\"submit\" + id=\"infobox_submit\" + class=\"button\" onclick=\"return labelEditSave()\" + value=\"Save\"> "; + + print "<input class=\"button\" + type=\"submit\" onclick=\"return labelEditCancel()\" + value=\"Cancel\">"; + + print "</div>"; + + return; + } + + if ($subop == "test") { + + $expr = db_unescape_string(trim($_GET["expr"])); + $descr = db_unescape_string(trim($_GET["descr"])); + + print "<div>"; + + error_reporting(0); + + + $result = db_query($link, + "SELECT count(ttrss_entries.id) AS num_matches + FROM ttrss_entries,ttrss_user_entries,ttrss_feeds + WHERE ($expr) AND + ttrss_user_entries.ref_id = ttrss_entries.id AND + ttrss_user_entries.feed_id = ttrss_feeds.id AND + ttrss_user_entries.owner_uid = " . $_SESSION["uid"], false); + + error_reporting (DEFAULT_ERROR_LEVEL); + + if (!$result) { + print "<p>" . db_last_error($link) . "</p>"; + print "</div>"; + return; + } + + $num_matches = db_fetch_result($result, 0, "num_matches");; + + if ($num_matches > 0) { + + if ($num_matches > 10) { + $showing_msg = ", showing first 10"; + } + + print "<p>Query returned <b>$num_matches</b> matches$showing_msg:</p>"; + + $result = db_query($link, + "SELECT ttrss_entries.title, + (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title + FROM ttrss_entries,ttrss_user_entries,ttrss_feeds + WHERE ($expr) AND + ttrss_user_entries.ref_id = ttrss_entries.id + AND ttrss_user_entries.feed_id = ttrss_feeds.id + AND ttrss_user_entries.owner_uid = " . $_SESSION["uid"] . " + ORDER BY date_entered DESC LIMIT 10", false); + + print "<ul class=\"labelTestResults\">"; + + $row_class = "even"; + + while ($line = db_fetch_assoc($result)) { + $row_class = toggleEvenOdd($row_class); + + print "<li class=\"$row_class\">".$line["title"]. + " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>"; + } + print "</ul>"; + + } else { + print "<p>Query didn't return any matches.</p>"; + } + + print "</div>"; + + return; + } + + if ($subop == "editSave") { + + $sql_exp = trim($_GET["sql_exp"]); + $descr = db_escape_string(trim($_GET["description"])); + $label_id = db_escape_string($_GET["id"]); + + $result = db_query($link, "UPDATE ttrss_labels SET + sql_exp = '$sql_exp', + description = '$descr' + WHERE id = '$label_id'"); + } + + if ($subop == "remove") { + + if (!WEB_DEMO_MODE) { + + $ids = split(",", db_escape_string($_GET["ids"])); + + foreach ($ids as $id) { + db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'"); + + } + } + } + + if ($subop == "add") { + + if (!WEB_DEMO_MODE) { + + // no escaping is done here on purpose + $sql_exp = trim($_GET["sql_exp"]); + $description = db_escape_string($_GET["description"]); + + if (!$sql_exp || !$description) return; + + $result = db_query($link, + "INSERT INTO ttrss_labels (sql_exp,description,owner_uid) + VALUES ('$sql_exp', '$description', '".$_SESSION["uid"]."')"); + } + } + + $sort = db_escape_string($_GET["sort"]); + + if (!$sort || $sort == "undefined") { + $sort = "description"; + } + + print "<div class=\"prefGenericAddBox\">"; + + print"<input type=\"submit\" class=\"button\" + id=\"label_create_btn\" + onclick=\"return displayDlg('quickAddLabel', false)\" + value=\"Create label\"></div>"; + + $result = db_query($link, "SELECT + id,sql_exp,description + FROM + ttrss_labels + WHERE + owner_uid = ".$_SESSION["uid"]." + ORDER BY $sort"); + +// print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>"; + + if (db_num_rows($result) != 0) { + + print "<form id=\"label_edit_form\">"; + + print "<p><table width=\"100%\" cellspacing=\"0\" + class=\"prefLabelList\" id=\"prefLabelList\">"; + + print "<tr><td class=\"selectPrompt\" colspan=\"8\"> + Select: + <a href=\"javascript:selectPrefRows('label', true)\">All</a>, + <a href=\"javascript:selectPrefRows('label', false)\">None</a> + </td</tr>"; + + print "<tr class=\"title\"> + <td width=\"5%\"> </td> + <td width=\"30%\"><a href=\"javascript:updateLabelList('description')\">Caption</a></td> + <td width=\"50%\"><a href=\"javascript:updateLabelList('sql_exp')\">SQL Expression</a> + <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a> + </td> + </tr>"; + + $lnum = 0; + + while ($line = db_fetch_assoc($result)) { + + $class = ($lnum % 2) ? "even" : "odd"; + + $label_id = $line["id"]; + $edit_label_id = $_GET["id"]; + + if ($subop == "edit" && $label_id != $edit_label_id) { + $class .= "Grayed"; + $this_row_id = ""; + } else { + $this_row_id = "id=\"LILRR-$label_id\""; + } + + print "<tr class=\"$class\" $this_row_id>"; + + $line["sql_exp"] = htmlspecialchars(db_unescape_string($line["sql_exp"])); + $line["description"] = htmlspecialchars( + db_unescape_string($line["description"])); + + if (!$line["description"]) $line["description"] = "[No caption]"; + + print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"label\");' + type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>"; + + print "<td><a href=\"javascript:editLabel($label_id);\">" . + $line["description"] . "</td>"; + + print "<td><a href=\"javascript:editLabel($label_id);\">" . + $line["sql_exp"] . "</td>"; + + print "</tr>"; + + ++$lnum; + } + + if ($lnum == 0) { + print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>"; + } + + print "</table>"; + + print "</form>"; + + print "<p id=\"labelOpToolbar\">"; + + print " + Selection: + <input type=\"submit\" class=\"button\" disabled=\"true\" + onclick=\"javascript:editSelectedLabel()\" value=\"Edit\"> + <input type=\"submit\" class=\"button\" disabled=\"true\" + onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">"; + + } else { + print "<p>No labels defined.</p>"; + } + } +?> diff --git a/modules/pref-prefs.php b/modules/pref-prefs.php new file mode 100644 index 000000000..8573b4c1c --- /dev/null +++ b/modules/pref-prefs.php @@ -0,0 +1,387 @@ +<?php + function module_pref_prefs($link) { + $subop = $_REQUEST["subop"]; + + if ($subop == "Save configuration") { + + if (WEB_DEMO_MODE) { + header("Location: prefs.php"); + return; + } + + $_SESSION["prefs_op_result"] = "save-config"; + + $_SESSION["prefs_cache"] = false; + + foreach (array_keys($_POST) as $pref_name) { + + $pref_name = db_escape_string($pref_name); + $value = db_escape_string($_POST[$pref_name]); + + $result = db_query($link, "SELECT type_name + FROM ttrss_prefs,ttrss_prefs_types + WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id"); + + if (db_num_rows($result) > 0) { + + $type_name = db_fetch_result($result, 0, "type_name"); + +// print "$pref_name : $type_name : $value<br>"; + + if ($type_name == "bool") { + if ($value == "1") { + $value = "true"; + } else { + $value = "false"; + } + } else if ($type_name == "integer") { + $value = sprintf("%d", $value); + } + +// print "$pref_name : $type_name : $value<br>"; + + db_query($link, "UPDATE ttrss_user_prefs SET value = '$value' + WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]); + + } + + header("Location: prefs.php"); + + } + + } else if ($subop == "getHelp") { + + $pref_name = db_escape_string($_GET["pn"]); + + $result = db_query($link, "SELECT help_text FROM ttrss_prefs + WHERE pref_name = '$pref_name'"); + + if (db_num_rows($result) > 0) { + $help_text = db_fetch_result($result, 0, "help_text"); + print $help_text; + } else { + print "Unknown option: $pref_name"; + } + + } else if ($subop == "Change e-mail") { + + if (WEB_DEMO_MODE) { + header("Location: prefs.php"); + return; + } + + $email = db_escape_string($_GET["email"]); + $active_uid = $_SESSION["uid"]; + + if ($email) { + db_query($link, "UPDATE ttrss_users SET email = '$email' + WHERE id = '$active_uid'"); + } + + header("Location: prefs.php"); + + } else if ($subop == "Change password") { + + if (WEB_DEMO_MODE) { + header("Location: prefs.php"); + return; + } + + $old_pw = $_POST["OLD_PASSWORD"]; + $new_pw = $_POST["OLD_PASSWORD"]; + + $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]); + $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]); + + $active_uid = $_SESSION["uid"]; + + if ($old_pw && $new_pw) { + + $login = db_escape_string($_SERVER['PHP_AUTH_USER']); + + $result = db_query($link, "SELECT id FROM ttrss_users WHERE + id = '$active_uid' AND (pwd_hash = '$old_pw' OR + pwd_hash = '$old_pw_hash')"); + + if (db_num_rows($result) == 1) { + db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash' + WHERE id = '$active_uid'"); + + $_SESSION["pwd_change_result"] = "ok"; + } else { + $_SESSION["pwd_change_result"] = "failed"; + } + } + + header("Location: prefs.php"); + + } else if ($subop == "Reset to defaults") { + + if (WEB_DEMO_MODE) { + header("Location: prefs.php"); + return; + } + + $_SESSION["prefs_op_result"] = "reset-to-defaults"; + + if (DB_TYPE == "pgsql") { + db_query($link,"UPDATE ttrss_user_prefs + SET value = ttrss_prefs.def_value + WHERE owner_uid = '".$_SESSION["uid"]."' AND + ttrss_prefs.pref_name = ttrss_user_prefs.pref_name"); + } else { + db_query($link, "DELETE FROM ttrss_user_prefs + WHERE owner_uid = ".$_SESSION["uid"]); + initialize_user_prefs($link, $_SESSION["uid"]); + } + + header("Location: prefs.php"); + + } else if ($subop == "Change theme") { + + $theme = db_escape_string($_POST["theme"]); + + if ($theme == "Default") { + $theme_qpart = 'NULL'; + } else { + $theme_qpart = "'$theme'"; + } + + $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes + WHERE theme_name = '$theme'"); + + if (db_num_rows($result) == 1) { + $theme_id = db_fetch_result($result, 0, "id"); + $theme_path = db_fetch_result($result, 0, "theme_path"); + } else { + $theme_id = "NULL"; + $theme_path = ""; + } + + db_query($link, "UPDATE ttrss_users SET + theme_id = $theme_id WHERE id = " . $_SESSION["uid"]); + + $_SESSION["theme"] = $theme_path; + + header("Location: prefs.php"); + + } else { + + print check_for_update($link); + + if (!SINGLE_USER_MODE) { + + $result = db_query($link, "SELECT id,email FROM ttrss_users + WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR + pwd_hash = 'SHA1:".sha1("password")."')"); + + if (db_num_rows($result) != 0) { + print "<div class=\"warning\"> + Your password is at default value, please change it. + </div>"; + } + + if ($_SESSION["pwd_change_result"] == "failed") { + print "<div class=\"warning\"> + There was an error while changing your password. + </div>"; + } + + if ($_SESSION["pwd_change_result"] == "ok") { + print "<div class=\"notice\"> + Password changed successfully. + </div>"; + } + + $_SESSION["pwd_change_result"] = ""; + + if ($_SESSION["prefs_op_result"] == "reset-to-defaults") { + print "<div class=\"notice\"> + Your configuration was reset to defaults. + </div>"; + } + + if ($_SESSION["prefs_op_result"] == "save-config") { + print "<div class=\"notice\"> + Your configuration was saved successfully. + </div>"; + } + + $_SESSION["prefs_op_result"] = ""; + + print "<form action=\"backend.php\" method=\"GET\">"; + + print "<table width=\"100%\" class=\"prefPrefsList\">"; + print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>"; + + $result = db_query($link, "SELECT email FROM ttrss_users + WHERE id = ".$_SESSION["uid"]); + + $email = db_fetch_result($result, 0, "email"); + + print "<tr><td width=\"40%\">E-mail</td>"; + print "<td><input class=\"editbox\" name=\"email\" + value=\"$email\"></td></tr>"; + + print "</table>"; + + print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">"; + + print "<p><input class=\"button\" type=\"submit\" + value=\"Change e-mail\" name=\"subop\">"; + + print "</form>"; + + print "<form action=\"backend.php\" method=\"POST\" name=\"changePassForm\">"; + + print "<table width=\"100%\" class=\"prefPrefsList\">"; + print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>"; + + print "<tr><td width=\"40%\">Old password</td>"; + print "<td><input class=\"editbox\" type=\"password\" + name=\"OLD_PASSWORD\"></td></tr>"; + + print "<tr><td width=\"40%\">New password</td>"; + + print "<td><input class=\"editbox\" type=\"password\" + name=\"NEW_PASSWORD\"></td></tr>"; + + print "</table>"; + + print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">"; + + print "<p><input class=\"button\" type=\"submit\" + onclick=\"return validateNewPassword(this.form)\" + value=\"Change password\" name=\"subop\">"; + + print "</form>"; + + } + + $result = db_query($link, "SELECT + theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]); + + $user_theme_id = db_fetch_result($result, 0, "theme_id"); + + $result = db_query($link, "SELECT + id,theme_name FROM ttrss_themes ORDER BY theme_name"); + + if (db_num_rows($result) > 0) { + + print "<form action=\"backend.php\" method=\"POST\">"; + print "<table width=\"100%\" class=\"prefPrefsList\">"; + print "<tr><td colspan='3'><h3>Themes</h3></tr></td>"; + print "<tr><td width=\"40%\">Select theme</td>"; + print "<td><select name=\"theme\">"; + print "<option>Default</option>"; + print "<option disabled>--------</option>"; + + while ($line = db_fetch_assoc($result)) { + if ($line["id"] == $user_theme_id) { + $selected = "selected"; + } else { + $selected = ""; + } + print "<option $selected>" . $line["theme_name"] . "</option>"; + } + print "</select></td></tr>"; + print "</table>"; + print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">"; + print "<p><input class=\"button\" type=\"submit\" + value=\"Change theme\" name=\"subop\">"; + print "</form>"; + } + + initialize_user_prefs($link, $_SESSION["uid"]); + + $result = db_query($link, "SELECT + ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name, + section_name,def_value + FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs + WHERE type_id = ttrss_prefs_types.id AND + section_id = ttrss_prefs_sections.id AND + ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND + owner_uid = ".$_SESSION["uid"]." + ORDER BY section_id,short_desc"); + + print "<form action=\"backend.php\" method=\"POST\">"; + + $lnum = 0; + + $active_section = ""; + + while ($line = db_fetch_assoc($result)) { + + if ($active_section != $line["section_name"]) { + + if ($active_section != "") { + print "</table>"; + } + + print "<p><table width=\"100%\" class=\"prefPrefsList\">"; + + $active_section = $line["section_name"]; + + print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>"; +// print "<tr class=\"title\"> +// <td width=\"25%\">Option</td><td>Value</td></tr>"; + + $lnum = 0; + } + +// $class = ($lnum % 2) ? "even" : "odd"; + + print "<tr>"; + + $type_name = $line["type_name"]; + $pref_name = $line["pref_name"]; + $value = $line["value"]; + $def_value = $line["def_value"]; + $help_text = $line["help_text"]; + + print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"]; + + if ($help_text) print "<div class=\"prefHelp\">$help_text</div>"; + + print "</td>"; + + print "<td>"; + + if ($type_name == "bool") { +// print_select($pref_name, $value, array("true", "false")); + + if ($value == "true") { + $value = "Yes"; + } else { + $value = "No"; + } + + print_radio($pref_name, $value, array("Yes", "No")); + + } else { + print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">"; + } + + print "</td>"; + + print "</tr>"; + + $lnum++; + } + + print "</table>"; + + print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">"; + + print "<p><input class=\"button\" type=\"submit\" + name=\"subop\" value=\"Save configuration\">"; + + print " <input class=\"button\" type=\"submit\" + name=\"subop\" onclick=\"return validatePrefsReset()\" + value=\"Reset to defaults\"></p>"; + + print "</form>"; + + } + } +?> diff --git a/modules/pref-users.php b/modules/pref-users.php new file mode 100644 index 000000000..6779bc033 --- /dev/null +++ b/modules/pref-users.php @@ -0,0 +1,325 @@ +<?php + function module_pref_users($link) { + + $subop = $_GET["subop"]; + + if ($subop == "edit") { + + $id = db_escape_string($_GET["id"]); + + print "<div id=\"infoBoxTitle\">User editor</div>"; + + print "<div class=\"infoBoxContents\">"; + + print "<form id=\"user_edit_form\">"; + + print "<input type=\"hidden\" name=\"id\" value=\"$id\">"; + print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">"; + print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">"; + + $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'"); + + $login = db_fetch_result($result, 0, "login"); + $access_level = db_fetch_result($result, 0, "access_level"); + $email = db_fetch_result($result, 0, "email"); + + print "<table width='100%'>"; + print "<tr><td>Login:</td><td> + <input class=\"iedit\" onkeypress=\"return filterCR(event)\" + name=\"login\" value=\"$login\"></td></tr>"; + + print "<tr><td>Change password:</td><td> + <input class=\"iedit\" onkeypress=\"return filterCR(event)\" + name=\"password\"></td></tr>"; + + print "<tr><td>E-mail:</td><td> + <input class=\"iedit\" name=\"email\" onkeypress=\"return filterCR(event)\" + value=\"$email\"></td></tr>"; + + $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : ""; + + print "<tr><td>Access level:</td><td>"; + print_select_hash("access_level", $access_level, $access_level_names, + $sel_disabled); + print "</td></tr>"; + + print "</table>"; + + print "</form>"; + + print "<div align='right'> + <input class=\"button\" + type=\"submit\" onclick=\"return userEditSave()\" + value=\"Save\"> + <input class=\"button\" + type=\"submit\" onclick=\"return userEditCancel()\" + value=\"Cancel\"></div>"; + + print "</div>"; + + return; + } + + if ($subop == "editSave") { + + if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { + + $login = db_escape_string(trim($_GET["login"])); + $uid = db_escape_string($_GET["id"]); + $access_level = sprintf("%d", $_GET["access_level"]); + $email = db_escape_string(trim($_GET["email"])); + $password = db_escape_string(trim($_GET["password"])); + + if ($password) { + $pwd_hash = 'SHA1:' . sha1($password); + $pass_query_part = "pwd_hash = '$pwd_hash', "; + print "<div class='notice'>Changed password for user <b>$login</b>.</div>"; + } else { + $pass_query_part = ""; + } + + db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login', + access_level = '$access_level', email = '$email' WHERE id = '$uid'"); + + } + } else if ($subop == "remove") { + + if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { + + $ids = split(",", db_escape_string($_GET["ids"])); + + foreach ($ids as $id) { + db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]); + + } + } + } else if ($subop == "add") { + + if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { + + $login = db_escape_string(trim($_GET["login"])); + $tmp_user_pwd = make_password(8); + $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd); + + $result = db_query($link, "SELECT id FROM ttrss_users WHERE + login = '$login'"); + + if (db_num_rows($result) == 0) { + + db_query($link, "INSERT INTO ttrss_users + (login,pwd_hash,access_level,last_login) + VALUES ('$login', '$pwd_hash', 0, NOW())"); + + + $result = db_query($link, "SELECT id FROM ttrss_users WHERE + login = '$login' AND pwd_hash = '$pwd_hash'"); + + if (db_num_rows($result) == 1) { + + $new_uid = db_fetch_result($result, 0, "id"); + + print "<div class=\"notice\">Added user <b>".$_GET["login"]. + "</b> with password <b>$tmp_user_pwd</b>.</div>"; + + initialize_user($link, $new_uid); + + } else { + + print "<div class=\"warning\">Could not create user <b>". + $_GET["login"]."</b></div>"; + + } + } else { + print "<div class=\"warning\">User <b>". + $_GET["login"]."</b> already exists.</div>"; + } + } + } else if ($subop == "resetPass") { + + if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { + + $uid = db_escape_string($_GET["id"]); + + $result = db_query($link, "SELECT login,email + FROM ttrss_users WHERE id = '$uid'"); + + $login = db_fetch_result($result, 0, "login"); + $email = db_fetch_result($result, 0, "email"); + $tmp_user_pwd = make_password(8); + $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd); + + db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash' + WHERE id = '$uid'"); + + print "<div class=\"notice\">Changed password of + user <b>$login</b> to <b>$tmp_user_pwd</b>."; + + if (MAIL_RESET_PASS && $email) { + print " Notifying <b>$email</b>."; + + mail("$login <$email>", "Password reset notification", + "Hi, $login.\n". + "\n". + "Your password for this TT-RSS installation was reset by". + " an administrator.\n". + "\n". + "Your new password is $tmp_user_pwd, please remember". + " it for later reference.\n". + "\n". + "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM); + } + + print "</div>"; + + } + } + + $sort = db_escape_string($_GET["sort"]); + + if (!$sort || $sort == "undefined") { + $sort = "login"; + } + + print "<div class=\"prefGenericAddBox\"> + <input id=\"uadd_box\" + onkeyup=\"toggleSubmitNotEmpty(this, 'user_add_btn')\" + size=\"40\"> "; + + print "<input type=\"submit\" class=\"button\" + id=\"user_add_btn\" disabled=\"true\" + onclick=\"javascript:addUser()\" value=\"Create user\"></div>"; + + $result = db_query($link, "SELECT + id,login,access_level,email, + SUBSTRING(last_login,1,16) as last_login + FROM + ttrss_users + ORDER BY $sort"); + +// print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>"; + + print "<p><table width=\"100%\" cellspacing=\"0\" + class=\"prefUserList\" id=\"prefUserList\">"; + + print "<tr><td class=\"selectPrompt\" colspan=\"8\"> + Select: + <a href=\"javascript:selectPrefRows('user', true)\">All</a>, + <a href=\"javascript:selectPrefRows('user', false)\">None</a> + </td</tr>"; + + print "<tr class=\"title\"> + <td align='center' width=\"5%\"> </td> + <td width='40%'><a href=\"javascript:updateUsersList('login')\">Login</a></td> + <td width='40%'><a href=\"javascript:updateUsersList('access_level')\">Access Level</a></td> + <td width='30%'><a href=\"javascript:updateUsersList('last_login')\">Last login</a></td></tr>"; + + $lnum = 0; + + while ($line = db_fetch_assoc($result)) { + + $class = ($lnum % 2) ? "even" : "odd"; + + $uid = $line["id"]; + $edit_uid = $_GET["id"]; + + if ($subop == "edit" && $uid != $edit_uid) { + $class .= "Grayed"; + $this_row_id = ""; + } else { + $this_row_id = "id=\"UMRR-$uid\""; + } + + print "<tr class=\"$class\" $this_row_id>"; + + $line["login"] = htmlspecialchars($line["login"]); + + $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'), + strtotime($line["last_login"])); + + $access_level_names = array(0 => "User", 10 => "Administrator"); + +// if (!$edit_uid || $subop != "edit") { + + print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"user\");' + type=\"checkbox\" id=\"UMCHK-$uid\"></td>"; + + print "<td><a href=\"javascript:editUser($uid);\">" . + $line["login"] . "</td>"; + + if (!$line["email"]) $line["email"] = " "; + + print "<td><a href=\"javascript:editUser($uid);\">" . + $access_level_names[$line["access_level"]] . "</td>"; + +/* } else if ($uid != $edit_uid) { + + if (!$line["email"]) $line["email"] = " "; + + print "<td align='center'><input disabled=\"true\" type=\"checkbox\" + id=\"UMCHK-".$line["id"]."\"></td>"; + + print "<td>".$line["login"]."</td>"; + print "<td>".$line["email"]."</td>"; + print "<td>".$access_level_names[$line["access_level"]]."</td>"; + + } else { + + print "<td align='center'> + <input disabled=\"true\" type=\"checkbox\" checked></td>"; + + print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"]. + "\"></td>"; + + print "<td><input id=\"iedit_email\" value=\"".$line["email"]. + "\"></td>"; + + print "<td>"; + print "<select id=\"iedit_ulevel\">"; + foreach (array_keys($access_level_names) as $al) { + if ($al == $line["access_level"]) { + $selected = "selected"; + } else { + $selected = ""; + } + print "<option $selected id=\"$al\">" . + $access_level_names[$al] . "</option>"; + } + print "</select>"; + print "</td>"; + + } */ + + print "<td>".$line["last_login"]."</td>"; + + print "</tr>"; + + ++$lnum; + } + + print "</table>"; + + print "<p id='userOpToolbar'>"; + +/* if ($subop == "edit") { + print "Edit user: + <input type=\"submit\" class=\"button\" + onclick=\"javascript:userEditSave()\" value=\"Save\"> + <input type=\"submit\" class=\"button\" + onclick=\"javascript:userEditCancel()\" value=\"Cancel\">"; + + } else { */ + + print " + Selection: + <input type=\"submit\" class=\"button\" disabled=\"true\" + onclick=\"javascript:selectedUserDetails()\" value=\"User details\"> + <input type=\"submit\" class=\"button\" disabled=\"true\" + onclick=\"javascript:editSelectedUser()\" value=\"Edit\"> + <input type=\"submit\" class=\"button\" disabled=\"true\" + onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\"> + <input type=\"submit\" class=\"button\" disabled=\"true\" + onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">"; + +// } + } +?> diff --git a/sanity_check.php b/sanity_check.php index f12053522..638ba1e0f 100644 --- a/sanity_check.php +++ b/sanity_check.php @@ -72,4 +72,31 @@ doesn't seem to support CURL functions."; exit; } + + if (!defined('SESSION_EXPIRE_TIME')) { + $err_msg = "config: SESSION_EXPIRE_TIME is undefined"; + } + + if (SESSION_EXPIRE_TIME < 60) { + $err_msg = "config: SESSION_EXPIRE_TIME is too low (less than 60)"; + } + + if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME_REMEMBER) { + $err_msg = "config: SESSION_EXPIRE_TIME should be greater or equal to" . + "SESSION_COOKIE_LIFETIME_REMEMBER"; + } + + if (defined('DISABLE_SESSIONS')) { + $err_msg = "config: you have enabled DISABLE_SESSIONS. Please disable this option."; + } + + if (DATABASE_BACKED_SESSIONS && SINGLE_USER_MODE) { + $err_msg = "config: DATABASE_BACKED_SESSIONS is incompatible with SINGLE_USER_MODE"; + } + + if ($err_msg) { + print "<b>Fatal Error</b>: $err_msg"; + exit; + } + ?> |