diff options
Diffstat (limited to 'classes/handler/public.php')
| -rwxr-xr-x | classes/handler/public.php | 75 |
1 files changed, 51 insertions, 24 deletions
diff --git a/classes/handler/public.php b/classes/handler/public.php index 4da32e90d..3fef4c2b9 100755 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -1,10 +1,12 @@ <?php class Handler_Public extends Handler { - // $feed may be a tag + /** + * @param string $feed may be a feed ID or tag + */ private function generate_syndicated_feed(int $owner_uid, string $feed, bool $is_cat, int $limit, int $offset, string $search, string $view_mode = "", - string $format = 'atom', string $order = "", string $orig_guid = "", string $start_ts = "") { + string $format = 'atom', string $order = "", string $orig_guid = "", string $start_ts = ""): void { $note_style = "background-color : #fff7d5; border-width : 1px; ". @@ -52,7 +54,13 @@ class Handler_Public extends Handler { PluginHost::feed_to_pfeed_id((int)$feed)); if ($handler) { + // 'get_headlines' is implemented by the plugin. + // @phpstan-ignore-next-line $qfh_ret = $handler->get_headlines(PluginHost::feed_to_pfeed_id((int)$feed), $params); + } else { + user_error("Failed to find handler for plugin feed ID: $feed", E_USER_ERROR); + + return; } } else { @@ -85,11 +93,13 @@ class Handler_Public extends Handler { $line["content_preview"] = Sanitizer::sanitize(truncate_string(strip_tags($line["content"]), 100, '...')); $line["tags"] = Article::_get_tags($line["id"], $owner_uid); + $max_excerpt_length = 250; + PluginHost::getInstance()->chain_hooks_callback(PluginHost::HOOK_QUERY_HEADLINES, function ($result) use (&$line) { $line = $result; }, - $line); + $line, $max_excerpt_length); PluginHost::getInstance()->chain_hooks_callback(PluginHost::HOOK_ARTICLE_EXPORT_FEED, function ($result) use (&$line) { @@ -105,7 +115,7 @@ class Handler_Public extends Handler { $tpl->setVariable('ARTICLE_EXCERPT', $line["content_preview"], true); $content = Sanitizer::sanitize($line["content"], false, $owner_uid, - $feed_site_url, false, $line["id"]); + $feed_site_url, null, $line["id"]); $content = DiskCache::rewrite_urls($content); @@ -203,7 +213,7 @@ class Handler_Public extends Handler { $article['link'] = $line['link']; $article['title'] = $line['title']; $article['excerpt'] = $line["content_preview"]; - $article['content'] = Sanitizer::sanitize($line["content"], false, $owner_uid, $feed_site_url, false, $line["id"]); + $article['content'] = Sanitizer::sanitize($line["content"], false, $owner_uid, $feed_site_url, null, $line["id"]); $article['updated'] = date('c', strtotime($line["updated"])); if (!empty($line['note'])) $article['note'] = $line['note']; @@ -243,7 +253,7 @@ class Handler_Public extends Handler { } } - function getUnread() { + function getUnread(): void { $login = clean($_REQUEST["login"]); $fresh = clean($_REQUEST["fresh"]) == "1"; @@ -261,7 +271,7 @@ class Handler_Public extends Handler { } } - function getProfiles() { + function getProfiles(): void { $login = clean($_REQUEST["login"]); $rv = []; @@ -284,20 +294,37 @@ class Handler_Public extends Handler { print json_encode($rv); } - function logout() { + function logout(): void { if (validate_csrf($_POST["csrf_token"])) { + + $login = $_SESSION["name"]; + $user_id = $_SESSION["uid"]; + UserHelper::logout(); - header("Location: index.php"); + + $redirect_url = ""; + + PluginHost::getInstance()->run_hooks_callback(PluginHost::HOOK_POST_LOGOUT, + function ($result) use (&$redirect_url) { + if (!empty($result[0])) + $redirect_url = UrlHelper::validate($result[0]); + }, + $login, $user_id); + + if (!$redirect_url) + $redirect_url = get_self_url_prefix() . "/index.php"; + + header("Location: " . $redirect_url); } else { header("Content-Type: text/json"); print Errors::to_json(Errors::E_UNAUTHORIZED); } } - function rss() { + function rss(): void { $feed = clean($_REQUEST["id"]); $key = clean($_REQUEST["key"]); - $is_cat = clean($_REQUEST["is_cat"] ?? false); + $is_cat = self::_param_to_bool($_REQUEST["is_cat"] ?? false); $limit = (int)clean($_REQUEST["limit"] ?? 0); $offset = (int)clean($_REQUEST["offset"] ?? 0); @@ -307,7 +334,7 @@ class Handler_Public extends Handler { $start_ts = clean($_REQUEST["ts"] ?? ""); $format = clean($_REQUEST['format'] ?? "atom"); - $orig_guid = clean($_REQUEST["orig_guid"] ?? false); + $orig_guid = clean($_REQUEST["orig_guid"] ?? ""); if (Config::get(Config::SINGLE_USER_MODE)) { UserHelper::authenticate("admin", null); @@ -329,21 +356,21 @@ class Handler_Public extends Handler { header('HTTP/1.1 403 Forbidden'); } - function updateTask() { + function updateTask(): void { PluginHost::getInstance()->run_hooks(PluginHost::HOOK_UPDATE_TASK); } - function housekeepingTask() { + function housekeepingTask(): void { PluginHost::getInstance()->run_hooks(PluginHost::HOOK_HOUSE_KEEPING); } - function globalUpdateFeeds() { + function globalUpdateFeeds(): void { RPC::updaterandomfeed_real(); PluginHost::getInstance()->run_hooks(PluginHost::HOOK_UPDATE_TASK); } - function login() { + function login(): void { if (!Config::get(Config::SINGLE_USER_MODE)) { $login = clean($_POST["login"]); @@ -399,12 +426,12 @@ class Handler_Public extends Handler { } } - function index() { + function index(): void { header("Content-Type: text/plain"); print Errors::to_json(Errors::E_UNKNOWN_METHOD); } - function forgotpass() { + function forgotpass(): void { startup_gettext(); session_start(); @@ -448,7 +475,7 @@ class Handler_Public extends Handler { if ($login) { $user = ORM::for_table('ttrss_users') - ->select('id', 'resetpass_token') + ->select_many('id', 'resetpass_token') ->where_raw('LOWER(login) = LOWER(?)', [$login]) ->find_one(); @@ -583,7 +610,7 @@ class Handler_Public extends Handler { print "</html>"; } - function dbupdate() { + function dbupdate(): void { startup_gettext(); if (!Config::get(Config::SINGLE_USER_MODE) && ($_SESSION["access_level"] ?? 0) < 10) { @@ -726,7 +753,7 @@ class Handler_Public extends Handler { <?php } - function cached() { + function cached(): void { list ($cache_dir, $filename) = explode("/", $_GET["file"], 2); // we do not allow files with extensions at the moment @@ -742,7 +769,7 @@ class Handler_Public extends Handler { } } - private function _make_article_tag_uri($id, $timestamp) { + private function _make_article_tag_uri(int $id, string $timestamp): string { $timestamp = date("Y-m-d", strtotime($timestamp)); @@ -752,7 +779,7 @@ class Handler_Public extends Handler { // this should be used very carefully because this endpoint is exposed to unauthenticated users // plugin data is not loaded because there's no user context and owner_uid/session may or may not be available // in general, don't do anything user-related in here and do not modify $_SESSION - public function pluginhandler() { + public function pluginhandler(): void { $host = new PluginHost(); $plugin_name = basename(clean($_REQUEST["plugin"])); @@ -784,7 +811,7 @@ class Handler_Public extends Handler { } } - static function _render_login_form(string $return_to = "") { + static function _render_login_form(string $return_to = ""): void { header('Cache-Control: public'); if ($return_to) |