diff options
Diffstat (limited to 'classes/pref/filters.php')
-rw-r--r-- | classes/pref/filters.php | 82 |
1 files changed, 54 insertions, 28 deletions
diff --git a/classes/pref/filters.php b/classes/pref/filters.php index 74a29c619..883ff0ebd 100644 --- a/classes/pref/filters.php +++ b/classes/pref/filters.php @@ -13,7 +13,10 @@ class Pref_Filters extends Handler_Protected { $filter["enabled"] = true; $filter["match_any_rule"] = sql_bool_to_bool( - checkbox_to_sql_bool(db_escape_string($_REQUEST["match_any_rule"]))); + checkbox_to_sql_bool(db_escape_string($this->link, $_REQUEST["match_any_rule"]))); + $filter["inverse"] = sql_bool_to_bool( + checkbox_to_sql_bool(db_escape_string($this->link, $_REQUEST["inverse"]))); + $filter["rules"] = array(); $result = db_query($this->link, "SELECT id,name FROM ttrss_filter_types"); @@ -47,7 +50,7 @@ class Pref_Filters extends Handler_Protected { $feed_title = getFeedTitle($this->link, $feed); $qfh_ret = queryFeedHeadlines($this->link, -4, 30, "", false, false, false, - false, "date_entered DESC", 0, $_SESSION["uid"], $filter); + "date_entered DESC", 0, $_SESSION["uid"], $filter); $result = $qfh_ret[0]; @@ -168,7 +171,7 @@ class Pref_Filters extends Handler_Protected { if ($line['action_id'] == 7) { $label_result = db_query($this->link, "SELECT fg_color, bg_color - FROM ttrss_labels2 WHERE caption = '".db_escape_string($line['action_param'])."' AND + FROM ttrss_labels2 WHERE caption = '".db_escape_string($this->link, $line['action_param'])."' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($label_result) > 0) { @@ -207,13 +210,14 @@ class Pref_Filters extends Handler_Protected { function edit() { - $filter_id = db_escape_string($_REQUEST["id"]); + $filter_id = db_escape_string($this->link, $_REQUEST["id"]); $result = db_query($this->link, "SELECT * FROM ttrss_filters2 WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); $enabled = sql_bool_to_bool(db_fetch_result($result, 0, "enabled")); $match_any_rule = sql_bool_to_bool(db_fetch_result($result, 0, "match_any_rule")); + $inverse = sql_bool_to_bool(db_fetch_result($result, 0, "inverse")); print "<form id=\"filter_edit_form\" onsubmit='return false'>"; @@ -257,6 +261,7 @@ class Pref_Filters extends Handler_Protected { unset($line["cat_id"]); unset($line["filter_id"]); unset($line["id"]); + if (!sql_bool_to_bool($line["inverse"])) unset($line["inverse"]); $data = htmlspecialchars(json_encode($line)); @@ -330,6 +335,15 @@ class Pref_Filters extends Handler_Protected { print "<br/><input dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" name=\"match_any_rule\" id=\"match_any_rule\" $checked> <label for=\"match_any_rule\">".__('Match any rule')."</label>"; + if ($inverse) { + $checked = "checked=\"1\""; + } else { + $checked = ""; + } + + print "<br/><input dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" name=\"inverse\" id=\"inverse\" $checked> + <label for=\"inverse\">".__('Inverse matching')."</label>"; + print "<p/>"; print "<div class=\"dlgButtons\">"; @@ -370,9 +384,10 @@ class Pref_Filters extends Handler_Protected { $result = db_query($this->link, "SELECT description FROM ttrss_filter_types WHERE id = ".(int)$rule["filter_type"]); - $match_on = db_fetch_result($result, 0, "description"); + $filter_type = db_fetch_result($result, 0, "description"); - return T_sprintf("%s on %s in %s", $rule["reg_exp"], $match_on, $feed); + return T_sprintf("%s on %s in %s %s", strip_tags($rule["reg_exp"]), + $filter_type, $feed, isset($rule["inverse"]) ? __("(inverse)") : ""); } function printRuleName() { @@ -403,12 +418,14 @@ class Pref_Filters extends Handler_Protected { # print_r($_REQUEST); - $filter_id = db_escape_string($_REQUEST["id"]); - $enabled = checkbox_to_sql_bool(db_escape_string($_REQUEST["enabled"])); - $match_any_rule = checkbox_to_sql_bool(db_escape_string($_REQUEST["match_any_rule"])); + $filter_id = db_escape_string($this->link, $_REQUEST["id"]); + $enabled = checkbox_to_sql_bool(db_escape_string($this->link, $_REQUEST["enabled"])); + $match_any_rule = checkbox_to_sql_bool(db_escape_string($this->link, $_REQUEST["match_any_rule"])); + $inverse = checkbox_to_sql_bool(db_escape_string($this->link, $_REQUEST["inverse"])); $result = db_query($this->link, "UPDATE ttrss_filters2 SET enabled = $enabled, - match_any_rule = $match_any_rule + match_any_rule = $match_any_rule, + inverse = $inverse WHERE id = '$filter_id' AND owner_uid = ". $_SESSION["uid"]); @@ -418,7 +435,7 @@ class Pref_Filters extends Handler_Protected { function remove() { - $ids = split(",", db_escape_string($_REQUEST["ids"])); + $ids = split(",", db_escape_string($this->link, $_REQUEST["ids"])); foreach ($ids as $id) { db_query($this->link, "DELETE FROM ttrss_filters2 WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); @@ -457,9 +474,11 @@ class Pref_Filters extends Handler_Protected { foreach ($rules as $rule) { if ($rule) { - $reg_exp = strip_tags(db_escape_string(trim($rule["reg_exp"]))); - $filter_type = (int) db_escape_string(trim($rule["filter_type"])); - $feed_id = db_escape_string(trim($rule["feed_id"])); + $reg_exp = strip_tags(db_escape_string($this->link, trim($rule["reg_exp"]))); + $inverse = isset($rule["inverse"]) ? "true" : "false"; + + $filter_type = (int) db_escape_string($this->link, trim($rule["filter_type"])); + $feed_id = db_escape_string($this->link, trim($rule["feed_id"])); if (strpos($feed_id, "CAT:") === 0) { @@ -477,8 +496,8 @@ class Pref_Filters extends Handler_Protected { } $query = "INSERT INTO ttrss_filters2_rules - (filter_id, reg_exp,filter_type,feed_id,cat_id,cat_filter) VALUES - ('$filter_id', '$reg_exp', '$filter_type', $feed_id, $cat_id, $cat_filter)"; + (filter_id, reg_exp,filter_type,feed_id,cat_id,cat_filter,inverse) VALUES + ('$filter_id', '$reg_exp', '$filter_type', $feed_id, $cat_id, $cat_filter, $inverse)"; db_query($this->link, $query); } @@ -487,9 +506,9 @@ class Pref_Filters extends Handler_Protected { foreach ($actions as $action) { if ($action) { - $action_id = (int) db_escape_string($action["action_id"]); - $action_param = db_escape_string($action["action_param"]); - $action_param_label = db_escape_string($action["action_param_label"]); + $action_id = (int) db_escape_string($this->link, $action["action_id"]); + $action_param = db_escape_string($this->link, $action["action_param"]); + $action_param_label = db_escape_string($this->link, $action["action_param_label"]); if ($action_id == 7) { $action_param = $action_param_label; @@ -541,13 +560,13 @@ class Pref_Filters extends Handler_Protected { function index() { - $sort = db_escape_string($_REQUEST["sort"]); + $sort = db_escape_string($this->link, $_REQUEST["sort"]); if (!$sort || $sort == "undefined") { $sort = "reg_exp"; } - $filter_search = db_escape_string($_REQUEST["search"]); + $filter_search = db_escape_string($this->link, $_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_filter_search"] = $filter_search; @@ -559,7 +578,7 @@ class Pref_Filters extends Handler_Protected { print "<div id=\"pref-filter-header\" dojoType=\"dijit.layout.ContentPane\" region=\"top\">"; print "<div id=\"pref-filter-toolbar\" dojoType=\"dijit.Toolbar\">"; - $filter_search = db_escape_string($_REQUEST["search"]); + $filter_search = db_escape_string($this->link, $_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_filter_search"] = $filter_search; @@ -710,10 +729,8 @@ class Pref_Filters extends Handler_Protected { print "<br/><input dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" name=\"match_any_rule\" id=\"match_any_rule\"> <label for=\"match_any_rule\">".__('Match any rule')."</label>"; - print "<p/>"; - -/* print "<input dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" name=\"inverse\" id=\"inverse\"> - <label for=\"inverse\">".__('Inverse match')."</label><hr/>"; */ + print "<br/><input dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" name=\"inverse\" id=\"inverse\"> + <label for=\"inverse\">".__('Inverse matching')."</label>"; // print "</div>"; @@ -739,10 +756,12 @@ class Pref_Filters extends Handler_Protected { $reg_exp = htmlspecialchars($rule["reg_exp"]); $filter_type = $rule["filter_type"]; $feed_id = $rule["feed_id"]; + $inverse_checked = isset($rule["inverse"]) ? "checked" : ""; } else { $reg_exp = ""; $filter_type = 1; $feed_id = 0; + $inverse_checked = ""; } if (strpos($feed_id, "CAT:") === 0) { @@ -773,6 +792,11 @@ class Pref_Filters extends Handler_Protected { style=\"font-size : 16px; width : 20em;\" name=\"reg_exp\" value=\"$reg_exp\"/>"; + print "<hr/>"; + print "<input id=\"filterDlg_inverse\" dojoType=\"dijit.form.CheckBox\" + name=\"inverse\" $inverse_checked/>"; + print "<label for=\"filterDlg_inverse\">".__("Inverse regular expression matching")."</label>"; + print "<hr/>" . __("on field") . " "; print_select_hash("filter_type", $filter_type, $filter_types, 'dojoType="dijit.form.Select"'); @@ -806,7 +830,7 @@ class Pref_Filters extends Handler_Protected { $action = json_decode($_REQUEST["action"], true); if ($action) { - $action_param = db_escape_string($action["action_param"]); + $action_param = db_escape_string($this->link, $action["action_param"]); $action_id = (int)$action["action_id"]; } else { $action_param = ""; @@ -885,6 +909,8 @@ class Pref_Filters extends Handler_Protected { unset($line["cat_id"]); } + if (!sql_bool_to_bool($line["inverse"])) unset($line["inverse"]); + if ($count < 2) { array_push($titles, $this->getRuleName($line)); } else { @@ -914,7 +940,7 @@ class Pref_Filters extends Handler_Protected { } function join() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", db_escape_string($this->link, $_REQUEST["ids"])); if (count($ids) > 1) { $base_id = array_shift($ids); |