diff options
Diffstat (limited to 'classes/feeds.php')
-rw-r--r-- | classes/feeds.php | 30 |
1 files changed, 17 insertions, 13 deletions
diff --git a/classes/feeds.php b/classes/feeds.php index 779614dce..3657a0564 100644 --- a/classes/feeds.php +++ b/classes/feeds.php @@ -202,13 +202,13 @@ class Feeds extends Handler_Protected { } } - @$search = db_escape_string($_REQUEST["query"]); + @$search = db_escape_string($this->link, $_REQUEST["query"]); if ($search) { $disable_cache = true; } - @$search_mode = db_escape_string($_REQUEST["search_mode"]); + @$search_mode = db_escape_string($this->link, $_REQUEST["search_mode"]); if ($_REQUEST["debug"]) $timing_info = print_checkpoint("H0", $timing_info); @@ -533,9 +533,6 @@ class Feeds extends Handler_Protected { $reply['content'] .= "</div>"; - $reply['content'] .= "<div id=\"PTITLE-FULL-$id\" style=\"display : none\">" . - htmlspecialchars(strip_tags($line['title'])) . "</div>"; - $reply['content'] .= "<span id=\"RTITLE-$id\" onclick=\"return cdmClicked(event, $id);\" class=\"titleWrap$hlc_suffix\"> @@ -757,17 +754,17 @@ class Feeds extends Handler_Protected { if ($_REQUEST["debug"]) $timing_info = print_checkpoint("0", $timing_info); - $omode = db_escape_string($_REQUEST["omode"]); + $omode = db_escape_string($this->link, $_REQUEST["omode"]); - $feed = db_escape_string($_REQUEST["feed"]); - $method = db_escape_string($_REQUEST["m"]); - $view_mode = db_escape_string($_REQUEST["view_mode"]); + $feed = db_escape_string($this->link, $_REQUEST["feed"]); + $method = db_escape_string($this->link, $_REQUEST["m"]); + $view_mode = db_escape_string($this->link, $_REQUEST["view_mode"]); $limit = (int) get_pref($this->link, "DEFAULT_ARTICLE_LIMIT"); @$cat_view = $_REQUEST["cat"] == "true"; - @$next_unread_feed = db_escape_string($_REQUEST["nuf"]); - @$offset = db_escape_string($_REQUEST["skip"]); - @$vgroup_last_feed = db_escape_string($_REQUEST["vgrlf"]); - $order_by = db_escape_string($_REQUEST["order_by"]); + @$next_unread_feed = db_escape_string($this->link, $_REQUEST["nuf"]); + @$offset = db_escape_string($this->link, $_REQUEST["skip"]); + @$vgroup_last_feed = db_escape_string($this->link, $_REQUEST["vgrlf"]); + $order_by = db_escape_string($this->link, $_REQUEST["order_by"]); if (is_numeric($feed)) $feed = (int) $feed; @@ -809,6 +806,13 @@ class Feeds extends Handler_Protected { set_pref($this->link, "_DEFAULT_VIEW_LIMIT", $limit); set_pref($this->link, "_DEFAULT_VIEW_ORDER_BY", $order_by); + /* bump login timestamp if needed */ + if (time() - $_SESSION["last_login_update"] > 3600) { + db_query($this->link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " . + $_SESSION["uid"]); + $_SESSION["last_login_update"] = time(); + } + if (!$cat_view && is_numeric($feed) && $feed > 0) { db_query($this->link, "UPDATE ttrss_feeds SET last_viewed = NOW() WHERE id = '$feed' AND owner_uid = ".$_SESSION["uid"]); |