diff options
Diffstat (limited to 'classes/pref')
-rw-r--r-- | classes/pref/feeds.php | 667 | ||||
-rw-r--r-- | classes/pref/filters.php | 330 | ||||
-rw-r--r-- | classes/pref/labels.php | 79 | ||||
-rw-r--r-- | classes/pref/prefs.php | 519 | ||||
-rw-r--r-- | classes/pref/system.php | 90 | ||||
-rw-r--r-- | classes/pref/users.php | 171 |
6 files changed, 1252 insertions, 604 deletions
diff --git a/classes/pref/feeds.php b/classes/pref/feeds.php index bfcc75f0d..ffe7410fe 100644 --- a/classes/pref/feeds.php +++ b/classes/pref/feeds.php @@ -3,7 +3,8 @@ class Pref_Feeds extends Handler_Protected { function csrf_ignore($method) { $csrf_ignored = array("index", "getfeedtree", "add", "editcats", "editfeed", - "savefeedorder", "uploadicon", "feedswitherrors", "inactivefeeds"); + "savefeedorder", "uploadicon", "feedswitherrors", "inactivefeeds", + "batchsubscribe"); return array_search($method, $csrf_ignored) !== false; } @@ -14,11 +15,11 @@ class Pref_Feeds extends Handler_Protected { } function renamecat() { - $title = db_escape_string($_REQUEST['title']); - $id = db_escape_string($_REQUEST['id']); + $title = $this->dbh->escape_string($_REQUEST['title']); + $id = $this->dbh->escape_string($_REQUEST['id']); if ($title) { - db_query($this->link, "UPDATE ttrss_feed_categories SET + $this->dbh->query("UPDATE ttrss_feed_categories SET title = '$title' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } return; @@ -33,15 +34,16 @@ class Pref_Feeds extends Handler_Protected { if ($search) $search_qpart = " AND LOWER(title) LIKE LOWER('%$search%')"; - $show_empty_cats = $_REQUEST['mode'] != 2 && !$search && - get_pref($this->link, '_PREFS_SHOW_EMPTY_CATS'); + // first one is set by API + $show_empty_cats = $_REQUEST['force_show_empty'] || + ($_REQUEST['mode'] != 2 && !$search); $items = array(); - $result = db_query($this->link, "SELECT id, title FROM ttrss_feed_categories + $result = $this->dbh->query("SELECT id, title FROM ttrss_feed_categories WHERE owner_uid = " . $_SESSION["uid"] . " AND parent_cat = '$cat_id' ORDER BY order_id, title"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $cat = array(); $cat['id'] = 'CAT:' . $line['id']; @@ -55,20 +57,20 @@ class Pref_Feeds extends Handler_Protected { $cat['items'] = $this->get_category_items($line['id']); - $cat['param'] = T_sprintf('(%d feeds)', count($cat['items'])); + $cat['param'] = vsprintf(_ngettext('(%d feed)', '(%d feeds)', count($cat['items'])), count($cat['items'])); if (count($cat['items']) > 0 || $show_empty_cats) array_push($items, $cat); } - $feed_result = db_query($this->link, "SELECT id, title, last_error, + $feed_result = $this->dbh->query("SELECT id, title, last_error, ".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated FROM ttrss_feeds WHERE cat_id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]. "$search_qpart ORDER BY order_id, title"); - while ($feed_line = db_fetch_assoc($feed_result)) { + while ($feed_line = $this->dbh->fetch_assoc($feed_result)) { $feed = array(); $feed['id'] = 'FEED:' . $feed_line['id']; $feed['bare_id'] = (int)$feed_line['id']; @@ -77,7 +79,7 @@ class Pref_Feeds extends Handler_Protected { $feed['unread'] = 0; $feed['error'] = $feed_line['last_error']; $feed['icon'] = getFeedIcon($feed_line['id']); - $feed['param'] = make_local_datetime($this->link, + $feed['param'] = make_local_datetime( $feed_line['last_updated'], true); array_push($items, $feed); @@ -87,6 +89,10 @@ class Pref_Feeds extends Handler_Protected { } function getfeedtree() { + print json_encode($this->makefeedtree()); + } + + function makefeedtree() { if ($_REQUEST['mode'] != 2) $search = $_SESSION["prefs_feed_search"]; @@ -101,7 +107,7 @@ class Pref_Feeds extends Handler_Protected { $root['items'] = array(); $root['type'] = 'category'; - $enable_cats = get_pref($this->link, 'ENABLE_FEED_CATS'); + $enable_cats = get_pref('ENABLE_FEED_CATS'); if ($_REQUEST['mode'] == 2) { @@ -115,26 +121,50 @@ class Pref_Feeds extends Handler_Protected { array_push($cat['items'], $this->feedlist_init_feed($i)); } + /* Plugin feeds for -1 */ + + $feeds = PluginHost::getInstance()->get_feeds(-1); + + if ($feeds) { + foreach ($feeds as $feed) { + $feed_id = PluginHost::pfeed_to_feed_id($feed['id']); + + $item = array(); + $item['id'] = 'FEED:' . $feed_id; + $item['bare_id'] = (int)$feed_id; + $item['name'] = $feed['title']; + $item['checkbox'] = false; + $item['error'] = ''; + $item['icon'] = $feed['icon']; + + $item['param'] = ''; + $item['unread'] = 0; //$feed['sender']->get_unread($feed['id']); + $item['type'] = 'feed'; + + array_push($cat['items'], $item); + } + } + if ($enable_cats) { array_push($root['items'], $cat); } else { $root['items'] = array_merge($root['items'], $cat['items']); } - $result = db_query($this->link, "SELECT * FROM + $result = $this->dbh->query("SELECT * FROM ttrss_labels2 WHERE owner_uid = ".$_SESSION['uid']." ORDER by caption"); - if (db_num_rows($result) > 0) { + if ($this->dbh->num_rows($result) > 0) { - if (get_pref($this->link, 'ENABLE_FEED_CATS')) { + if (get_pref('ENABLE_FEED_CATS')) { $cat = $this->feedlist_init_cat(-2); } else { $cat['items'] = array(); } - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { - $label_id = -$line['id'] - 11; + $label_id = label_to_feed_id($line['id']); $feed = $this->feedlist_init_feed($label_id, false, 0); @@ -153,13 +183,13 @@ class Pref_Feeds extends Handler_Protected { } if ($enable_cats) { - $show_empty_cats = $_REQUEST['mode'] != 2 && !$search && - get_pref($this->link, '_PREFS_SHOW_EMPTY_CATS'); + $show_empty_cats = $_REQUEST['force_show_empty'] || + ($_REQUEST['mode'] != 2 && !$search); - $result = db_query($this->link, "SELECT id, title FROM ttrss_feed_categories + $result = $this->dbh->query("SELECT id, title FROM ttrss_feed_categories WHERE owner_uid = " . $_SESSION["uid"] . " AND parent_cat IS NULL ORDER BY order_id, title"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $cat = array(); $cat['id'] = 'CAT:' . $line['id']; $cat['bare_id'] = (int)$line['id']; @@ -172,7 +202,7 @@ class Pref_Feeds extends Handler_Protected { $cat['items'] = $this->get_category_items($line['id']); - $cat['param'] = T_sprintf('(%d feeds)', count($cat['items'])); + $cat['param'] = vsprintf(_ngettext('(%d feed)', '(%d feeds)', count($cat['items'])), count($cat['items'])); if (count($cat['items']) > 0 || $show_empty_cats) array_push($root['items'], $cat); @@ -192,13 +222,13 @@ class Pref_Feeds extends Handler_Protected { $cat['unread'] = 0; $cat['child_unread'] = 0; - $feed_result = db_query($this->link, "SELECT id, title,last_error, + $feed_result = $this->dbh->query("SELECT id, title,last_error, ".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated FROM ttrss_feeds WHERE cat_id IS NULL AND owner_uid = ".$_SESSION["uid"]. "$search_qpart ORDER BY order_id, title"); - while ($feed_line = db_fetch_assoc($feed_result)) { + while ($feed_line = $this->dbh->fetch_assoc($feed_result)) { $feed = array(); $feed['id'] = 'FEED:' . $feed_line['id']; $feed['bare_id'] = (int)$feed_line['id']; @@ -206,7 +236,7 @@ class Pref_Feeds extends Handler_Protected { $feed['checkbox'] = false; $feed['error'] = $feed_line['last_error']; $feed['icon'] = getFeedIcon($feed_line['id']); - $feed['param'] = make_local_datetime($this->link, + $feed['param'] = make_local_datetime( $feed_line['last_updated'], true); $feed['unread'] = 0; $feed['type'] = 'feed'; @@ -214,22 +244,22 @@ class Pref_Feeds extends Handler_Protected { array_push($cat['items'], $feed); } - $cat['param'] = T_sprintf('(%d feeds)', count($cat['items'])); + $cat['param'] = vsprintf(_ngettext('(%d feed)', '(%d feeds)', count($cat['items'])), count($cat['items'])); if (count($cat['items']) > 0 || $show_empty_cats) array_push($root['items'], $cat); $root['param'] += count($cat['items']); - $root['param'] = T_sprintf('(%d feeds)', $root['param']); + $root['param'] = vsprintf(_ngettext('(%d feed)', '(%d feeds)', count($cat['items'])), count($cat['items'])); } else { - $feed_result = db_query($this->link, "SELECT id, title, last_error, + $feed_result = $this->dbh->query("SELECT id, title, last_error, ".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated FROM ttrss_feeds WHERE owner_uid = ".$_SESSION["uid"]. "$search_qpart ORDER BY order_id, title"); - while ($feed_line = db_fetch_assoc($feed_result)) { + while ($feed_line = $this->dbh->fetch_assoc($feed_result)) { $feed = array(); $feed['id'] = 'FEED:' . $feed_line['id']; $feed['bare_id'] = (int)$feed_line['id']; @@ -237,7 +267,7 @@ class Pref_Feeds extends Handler_Protected { $feed['checkbox'] = false; $feed['error'] = $feed_line['last_error']; $feed['icon'] = getFeedIcon($feed_line['id']); - $feed['param'] = make_local_datetime($this->link, + $feed['param'] = make_local_datetime( $feed_line['last_updated'], true); $feed['unread'] = 0; $feed['type'] = 'feed'; @@ -245,7 +275,7 @@ class Pref_Feeds extends Handler_Protected { array_push($root['items'], $feed); } - $root['param'] = T_sprintf('(%d feeds)', count($root['items'])); + $root['param'] = vsprintf(_ngettext('(%d feed)', '(%d feeds)', count($cat['items'])), count($cat['items'])); } $fl = array(); @@ -258,27 +288,21 @@ class Pref_Feeds extends Handler_Protected { $fl['items'] =& $root['items']; } - print json_encode($fl); - return; + return $fl; } function catsortreset() { - db_query($this->link, "UPDATE ttrss_feed_categories + $this->dbh->query("UPDATE ttrss_feed_categories SET order_id = 0 WHERE owner_uid = " . $_SESSION["uid"]); return; } function feedsortreset() { - db_query($this->link, "UPDATE ttrss_feeds + $this->dbh->query("UPDATE ttrss_feeds SET order_id = 0 WHERE owner_uid = " . $_SESSION["uid"]); return; } - function togglehiddenfeedcats() { - set_pref($this->link, '_PREFS_SHOW_EMPTY_CATS', - (get_pref($this->link, '_PREFS_SHOW_EMPTY_CATS') ? 'false' : 'true')); - } - private function process_category_order(&$data_map, $item_id, $parent_id = false, $nest_level = 0) { $debug = isset($_REQUEST["debug"]); @@ -293,12 +317,12 @@ class Pref_Feeds extends Handler_Protected { if ($item_id != 'root') { if ($parent_id && $parent_id != 'root') { $parent_bare_id = substr($parent_id, strpos($parent_id, ':')+1); - $parent_qpart = db_escape_string($parent_bare_id); + $parent_qpart = $this->dbh->escape_string($parent_bare_id); } else { $parent_qpart = 'NULL'; } - db_query($this->link, "UPDATE ttrss_feed_categories + $this->dbh->query("UPDATE ttrss_feed_categories SET parent_cat = $parent_qpart WHERE id = '$bare_item_id' AND owner_uid = " . $_SESSION["uid"]); } @@ -319,12 +343,12 @@ class Pref_Feeds extends Handler_Protected { if (strpos($id, "FEED") === 0) { $cat_id = ($item_id != "root") ? - db_escape_string($bare_item_id) : "NULL"; + $this->dbh->escape_string($bare_item_id) : "NULL"; $cat_qpart = ($cat_id != 0) ? "cat_id = '$cat_id'" : "cat_id = NULL"; - db_query($this->link, "UPDATE ttrss_feeds + $this->dbh->query("UPDATE ttrss_feeds SET order_id = $order_id, $cat_qpart WHERE id = '$bare_id' AND owner_uid = " . $_SESSION["uid"]); @@ -334,12 +358,12 @@ class Pref_Feeds extends Handler_Protected { $nest_level+1); if ($item_id != 'root') { - $parent_qpart = db_escape_string($bare_id); + $parent_qpart = $this->dbh->escape_string($bare_id); } else { $parent_qpart = 'NULL'; } - db_query($this->link, "UPDATE ttrss_feed_categories + $this->dbh->query("UPDATE ttrss_feed_categories SET order_id = '$order_id' WHERE id = '$bare_id' AND owner_uid = " . $_SESSION["uid"]); } @@ -391,7 +415,7 @@ class Pref_Feeds extends Handler_Protected { ++$cat_order_id; if ($bare_id > 0) { - db_query($this->link, "UPDATE ttrss_feed_categories + $this->dbh->query("UPDATE ttrss_feed_categories SET order_id = '$cat_order_id' WHERE id = '$bare_id' AND owner_uid = " . $_SESSION["uid"]); } @@ -408,7 +432,7 @@ class Pref_Feeds extends Handler_Protected { else $cat_query = "cat_id = NULL"; - db_query($this->link, "UPDATE ttrss_feeds + $this->dbh->query("UPDATE ttrss_feeds SET order_id = '$feed_order_id', $cat_query WHERE id = '$feed_id' AND @@ -424,13 +448,16 @@ class Pref_Feeds extends Handler_Protected { } function removeicon() { - $feed_id = db_escape_string($_REQUEST["feed_id"]); + $feed_id = $this->dbh->escape_string($_REQUEST["feed_id"]); - $result = db_query($this->link, "SELECT id FROM ttrss_feeds + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = ". $_SESSION["uid"]); - if (db_num_rows($result) != 0) { - unlink(ICONS_DIR . "/$feed_id.ico"); + if ($this->dbh->num_rows($result) != 0) { + @unlink(ICONS_DIR . "/$feed_id.ico"); + + $this->dbh->query("UPDATE ttrss_feeds SET favicon_avg_color = NULL + where id = '$feed_id'"); } return; @@ -439,19 +466,39 @@ class Pref_Feeds extends Handler_Protected { function uploadicon() { header("Content-type: text/html"); - $icon_file = $_FILES['icon_file']['tmp_name']; - $feed_id = db_escape_string($_REQUEST["feed_id"]); + $tmp_file = false; + + if (is_uploaded_file($_FILES['icon_file']['tmp_name'])) { + $tmp_file = tempnam(CACHE_DIR . '/upload', 'icon'); + + $result = move_uploaded_file($_FILES['icon_file']['tmp_name'], + $tmp_file); + + if (!$result) { + return; + } + } else { + return; + } + + $icon_file = $tmp_file; + $feed_id = $this->dbh->escape_string($_REQUEST["feed_id"]); if (is_file($icon_file) && $feed_id) { if (filesize($icon_file) < 20000) { - $result = db_query($this->link, "SELECT id FROM ttrss_feeds + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = ". $_SESSION["uid"]); - if (db_num_rows($result) != 0) { - unlink(ICONS_DIR . "/$feed_id.ico"); - move_uploaded_file($icon_file, ICONS_DIR . "/$feed_id.ico"); - $rc = 0; + if ($this->dbh->num_rows($result) != 0) { + @unlink(ICONS_DIR . "/$feed_id.ico"); + if (rename($icon_file, ICONS_DIR . "/$feed_id.ico")) { + $this->dbh->query("UPDATE ttrss_feeds SET + favicon_avg_color = '' + WHERE id = '$feed_id'"); + + $rc = 0; + } } else { $rc = 2; } @@ -462,6 +509,8 @@ class Pref_Feeds extends Handler_Protected { $rc = 2; } + @unlink($icon_file); + print "<script type=\"text/javascript\">"; print "parent.uploadIconHandler($rc);"; print "</script>"; @@ -472,13 +521,16 @@ class Pref_Feeds extends Handler_Protected { global $purge_intervals; global $update_intervals; - $feed_id = db_escape_string($_REQUEST["id"]); + $feed_id = $this->dbh->escape_string($_REQUEST["id"]); - $result = db_query($this->link, + $result = $this->dbh->query( "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); - $title = htmlspecialchars(db_fetch_result($result, + $auth_pass_encrypted = sql_bool_to_bool($this->dbh->fetch_result($result, 0, + "auth_pass_encrypted")); + + $title = htmlspecialchars($this->dbh->fetch_result($result, 0, "title")); print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"id\" value=\"$feed_id\">"; @@ -496,8 +548,8 @@ class Pref_Feeds extends Handler_Protected { /* Feed URL */ - $feed_url = db_fetch_result($result, 0, "feed_url"); - $feed_url = htmlspecialchars(db_fetch_result($result, + $feed_url = $this->dbh->fetch_result($result, 0, "feed_url"); + $feed_url = htmlspecialchars($this->dbh->fetch_result($result, 0, "feed_url")); print "<hr/>"; @@ -508,7 +560,7 @@ class Pref_Feeds extends Handler_Protected { regExp='^(http|https)://.*' style=\"width : 20em\" name=\"feed_url\" value=\"$feed_url\">"; - $last_error = db_fetch_result($result, 0, "last_error"); + $last_error = $this->dbh->fetch_result($result, 0, "last_error"); if ($last_error) { print " <span title=\"".htmlspecialchars($last_error)."\" @@ -518,15 +570,15 @@ class Pref_Feeds extends Handler_Protected { /* Category */ - if (get_pref($this->link, 'ENABLE_FEED_CATS')) { + if (get_pref('ENABLE_FEED_CATS')) { - $cat_id = db_fetch_result($result, 0, "cat_id"); + $cat_id = $this->dbh->fetch_result($result, 0, "cat_id"); print "<hr/>"; print __('Place in category:') . " "; - print_feed_cat_select($this->link, "cat_id", $cat_id, + print_feed_cat_select("cat_id", $cat_id, 'dojoType="dijit.form.Select"'); } @@ -537,14 +589,14 @@ class Pref_Feeds extends Handler_Protected { /* Update Interval */ - $update_interval = db_fetch_result($result, 0, "update_interval"); + $update_interval = $this->dbh->fetch_result($result, 0, "update_interval"); print_select_hash("update_interval", $update_interval, $update_intervals, 'dojoType="dijit.form.Select"'); /* Purge intl */ - $purge_interval = db_fetch_result($result, 0, "purge_interval"); + $purge_interval = $this->dbh->fetch_result($result, 0, "purge_interval"); print "<hr/>"; print __('Article purging:') . " "; @@ -557,13 +609,20 @@ class Pref_Feeds extends Handler_Protected { print "<div class=\"dlgSec\">".__("Authentication")."</div>"; print "<div class=\"dlgSecCont\">"; - $auth_login = htmlspecialchars(db_fetch_result($result, 0, "auth_login")); + $auth_login = htmlspecialchars($this->dbh->fetch_result($result, 0, "auth_login")); print "<input dojoType=\"dijit.form.TextBox\" id=\"feedEditDlg_login\" placeHolder=\"".__("Login")."\" name=\"auth_login\" value=\"$auth_login\"><hr/>"; - $auth_pass = htmlspecialchars(db_fetch_result($result, 0, "auth_pass")); + $auth_pass = $this->dbh->fetch_result($result, 0, "auth_pass"); + + if ($auth_pass_encrypted) { + require_once "crypt.php"; + $auth_pass = decrypt_string($auth_pass); + } + + $auth_pass = htmlspecialchars($auth_pass); print "<input dojoType=\"dijit.form.TextBox\" type=\"password\" name=\"auth_pass\" placeHolder=\"".__("Password")."\" @@ -577,7 +636,7 @@ class Pref_Feeds extends Handler_Protected { print "<div class=\"dlgSec\">".__("Options")."</div>"; print "<div class=\"dlgSecCont\">"; - $private = sql_bool_to_bool(db_fetch_result($result, 0, "private")); + $private = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "private")); if ($private) { $checked = "checked=\"1\""; @@ -588,7 +647,7 @@ class Pref_Feeds extends Handler_Protected { print "<input dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" name=\"private\" id=\"private\" $checked> <label for=\"private\">".__('Hide from Popular feeds')."</label>"; - $include_in_digest = sql_bool_to_bool(db_fetch_result($result, 0, "include_in_digest")); + $include_in_digest = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "include_in_digest")); if ($include_in_digest) { $checked = "checked=\"1\""; @@ -601,7 +660,7 @@ class Pref_Feeds extends Handler_Protected { $checked> <label for=\"include_in_digest\">".__('Include in e-mail digest')."</label>"; - $always_display_enclosures = sql_bool_to_bool(db_fetch_result($result, 0, "always_display_enclosures")); + $always_display_enclosures = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "always_display_enclosures")); if ($always_display_enclosures) { $checked = "checked"; @@ -613,8 +672,20 @@ class Pref_Feeds extends Handler_Protected { name=\"always_display_enclosures\" $checked> <label for=\"always_display_enclosures\">".__('Always display image attachments')."</label>"; + $hide_images = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "hide_images")); - $cache_images = sql_bool_to_bool(db_fetch_result($result, 0, "cache_images")); + if ($hide_images) { + $checked = "checked=\"1\""; + } else { + $checked = ""; + } + + print "<hr/><input dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" id=\"hide_images\" + name=\"hide_images\" + $checked> <label for=\"hide_images\">". + __('Do not embed images')."</label>"; + + $cache_images = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "cache_images")); if ($cache_images) { $checked = "checked=\"1\""; @@ -627,7 +698,7 @@ class Pref_Feeds extends Handler_Protected { $checked> <label for=\"cache_images\">". __('Cache images locally')."</label>"; - $mark_unread_on_update = sql_bool_to_bool(db_fetch_result($result, 0, "mark_unread_on_update")); + $mark_unread_on_update = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "mark_unread_on_update")); if ($mark_unread_on_update) { $checked = "checked"; @@ -664,6 +735,9 @@ class Pref_Feeds extends Handler_Protected { print "</div>"; + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_EDIT_FEED, + "hook_prefs_edit_feed", $feed_id); + $title = htmlspecialchars($title, ENT_QUOTES); print "<div class='dlgButtons'> @@ -672,7 +746,7 @@ class Pref_Feeds extends Handler_Protected { __('Unsubscribe')."</button>"; if (PUBSUBHUBBUB_ENABLED) { - $pubsub_state = db_fetch_result($result, 0, "pubsub_state"); + $pubsub_state = $this->dbh->fetch_result($result, 0, "pubsub_state"); $pubsub_btn_disabled = ($pubsub_state == 2) ? "" : "disabled=\"1\""; print "<button dojoType=\"dijit.form.Button\" id=\"pubsubReset_Btn\" $pubsub_btn_disabled @@ -696,9 +770,11 @@ class Pref_Feeds extends Handler_Protected { global $purge_intervals; global $update_intervals; - $feed_ids = db_escape_string($_REQUEST["ids"]); + $feed_ids = $this->dbh->escape_string($_REQUEST["ids"]); - print "<div class=\"dialogNotice\">" . __("Enable the options you wish to apply using checkboxes on the right:") . "</div>"; + print_notice("Enable the options you wish to apply using checkboxes on the right:"); + + print "<p>"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"ids\" value=\"$feed_ids\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-feeds\">"; @@ -711,7 +787,7 @@ class Pref_Feeds extends Handler_Protected { print "<input dojoType=\"dijit.form.ValidationTextBox\" disabled=\"1\" style=\"font-size : 16px; width : 20em;\" required=\"1\" - name=\"title\" value=\"$title\">"; + name=\"title\" value=\"\">"; $this->batch_edit_cbox("title"); @@ -722,19 +798,19 @@ class Pref_Feeds extends Handler_Protected { print __('URL:') . " "; print "<input dojoType=\"dijit.form.ValidationTextBox\" disabled=\"1\" required=\"1\" regExp='^(http|https)://.*' style=\"width : 20em\" - name=\"feed_url\" value=\"$feed_url\">"; + name=\"feed_url\" value=\"\">"; $this->batch_edit_cbox("feed_url"); /* Category */ - if (get_pref($this->link, 'ENABLE_FEED_CATS')) { + if (get_pref('ENABLE_FEED_CATS')) { print "<br/>"; print __('Place in category:') . " "; - print_feed_cat_select($this->link, "cat_id", $cat_id, + print_feed_cat_select("cat_id", false, 'disabled="1" dojoType="dijit.form.Select"'); $this->batch_edit_cbox("cat_id"); @@ -748,7 +824,7 @@ class Pref_Feeds extends Handler_Protected { /* Update Interval */ - print_select_hash("update_interval", $update_interval, $update_intervals, + print_select_hash("update_interval", "", $update_intervals, 'disabled="1" dojoType="dijit.form.Select"'); $this->batch_edit_cbox("update_interval"); @@ -761,7 +837,7 @@ class Pref_Feeds extends Handler_Protected { print __('Article purging:') . " "; - print_select_hash("purge_interval", $purge_interval, $purge_intervals, + print_select_hash("purge_interval", "", $purge_intervals, 'disabled="1" dojoType="dijit.form.Select"'); $this->batch_edit_cbox("purge_interval"); @@ -773,13 +849,13 @@ class Pref_Feeds extends Handler_Protected { print "<input dojoType=\"dijit.form.TextBox\" placeHolder=\"".__("Login")."\" disabled=\"1\" - name=\"auth_login\" value=\"$auth_login\">"; + name=\"auth_login\" value=\"\">"; $this->batch_edit_cbox("auth_login"); print "<br/><input dojoType=\"dijit.form.TextBox\" type=\"password\" name=\"auth_pass\" placeHolder=\"".__("Password")."\" disabled=\"1\" - value=\"$auth_pass\">"; + value=\"\">"; $this->batch_edit_cbox("auth_pass"); @@ -804,6 +880,14 @@ class Pref_Feeds extends Handler_Protected { print " "; $this->batch_edit_cbox("always_display_enclosures", "always_display_enclosures_l"); + print "<br/><input disabled=\"1\" type=\"checkbox\" id=\"hide_images\" + name=\"hide_images\" + dojoType=\"dijit.form.CheckBox\"> <label class='insensitive' id=\"hide_images_l\" + for=\"hide_images\">". + __('Do not embed images')."</label>"; + + print " "; $this->batch_edit_cbox("hide_images", "hide_images_l"); + print "<br/><input disabled=\"1\" type=\"checkbox\" id=\"cache_images\" name=\"cache_images\" dojoType=\"dijit.form.CheckBox\"> <label class='insensitive' id=\"cache_images_l\" @@ -842,28 +926,39 @@ class Pref_Feeds extends Handler_Protected { function editsaveops($batch) { - $feed_title = db_escape_string(trim($_POST["title"])); - $feed_link = db_escape_string(trim($_POST["feed_url"])); - $upd_intl = (int) db_escape_string($_POST["update_interval"]); - $purge_intl = (int) db_escape_string($_POST["purge_interval"]); - $feed_id = (int) db_escape_string($_POST["id"]); /* editSave */ - $feed_ids = db_escape_string($_POST["ids"]); /* batchEditSave */ - $cat_id = (int) db_escape_string($_POST["cat_id"]); - $auth_login = db_escape_string(trim($_POST["auth_login"])); - $auth_pass = db_escape_string(trim($_POST["auth_pass"])); - $private = checkbox_to_sql_bool(db_escape_string($_POST["private"])); + $feed_title = $this->dbh->escape_string(trim($_POST["title"])); + $feed_link = $this->dbh->escape_string(trim($_POST["feed_url"])); + $upd_intl = (int) $this->dbh->escape_string($_POST["update_interval"]); + $purge_intl = (int) $this->dbh->escape_string($_POST["purge_interval"]); + $feed_id = (int) $this->dbh->escape_string($_POST["id"]); /* editSave */ + $feed_ids = $this->dbh->escape_string($_POST["ids"]); /* batchEditSave */ + $cat_id = (int) $this->dbh->escape_string($_POST["cat_id"]); + $auth_login = $this->dbh->escape_string(trim($_POST["auth_login"])); + $auth_pass = trim($_POST["auth_pass"]); + $private = checkbox_to_sql_bool($this->dbh->escape_string($_POST["private"])); $include_in_digest = checkbox_to_sql_bool( - db_escape_string($_POST["include_in_digest"])); + $this->dbh->escape_string($_POST["include_in_digest"])); $cache_images = checkbox_to_sql_bool( - db_escape_string($_POST["cache_images"])); - + $this->dbh->escape_string($_POST["cache_images"])); + $hide_images = checkbox_to_sql_bool( + $this->dbh->escape_string($_POST["hide_images"])); $always_display_enclosures = checkbox_to_sql_bool( - db_escape_string($_POST["always_display_enclosures"])); + $this->dbh->escape_string($_POST["always_display_enclosures"])); $mark_unread_on_update = checkbox_to_sql_bool( - db_escape_string($_POST["mark_unread_on_update"])); + $this->dbh->escape_string($_POST["mark_unread_on_update"])); - if (get_pref($this->link, 'ENABLE_FEED_CATS')) { + if (strlen(FEED_CRYPT_KEY) > 0) { + require_once "crypt.php"; + $auth_pass = substr(encrypt_string($auth_pass), 0, 250); + $auth_pass_encrypted = 'true'; + } else { + $auth_pass_encrypted = 'false'; + } + + $auth_pass = $this->dbh->escape_string($auth_pass); + + if (get_pref('ENABLE_FEED_CATS')) { if ($cat_id && $cat_id != 0) { $category_qpart = "cat_id = '$cat_id',"; $category_qpart_nocomma = "cat_id = '$cat_id'"; @@ -878,20 +973,25 @@ class Pref_Feeds extends Handler_Protected { if (!$batch) { - $result = db_query($this->link, "UPDATE ttrss_feeds SET + $result = $this->dbh->query("UPDATE ttrss_feeds SET $category_qpart title = '$feed_title', feed_url = '$feed_link', update_interval = '$upd_intl', purge_interval = '$purge_intl', auth_login = '$auth_login', auth_pass = '$auth_pass', + auth_pass_encrypted = $auth_pass_encrypted, private = $private, cache_images = $cache_images, + hide_images = $hide_images, include_in_digest = $include_in_digest, always_display_enclosures = $always_display_enclosures, mark_unread_on_update = $mark_unread_on_update WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_SAVE_FEED, + "hook_prefs_save_feed", $feed_id); + } else { $feed_data = array(); @@ -901,7 +1001,7 @@ class Pref_Feeds extends Handler_Protected { } } - db_query($this->link, "BEGIN"); + $this->dbh->query("BEGIN"); foreach (array_keys($feed_data) as $k) { @@ -929,7 +1029,8 @@ class Pref_Feeds extends Handler_Protected { break; case "auth_pass": - $qpart = "auth_pass = '$auth_pass'"; + $qpart = "auth_pass = '$auth_pass' AND + auth_pass_encrypted = $auth_pass_encrypted"; break; case "private": @@ -952,6 +1053,10 @@ class Pref_Feeds extends Handler_Protected { $qpart = "cache_images = $cache_images"; break; + case "hide_images": + $qpart = "hide_images = $hide_images"; + break; + case "cat_id": $qpart = $category_qpart_nocomma; break; @@ -959,23 +1064,23 @@ class Pref_Feeds extends Handler_Protected { } if ($qpart) { - db_query($this->link, + $this->dbh->query( "UPDATE ttrss_feeds SET $qpart WHERE id IN ($feed_ids) AND owner_uid = " . $_SESSION["uid"]); print "<br/>"; } } - db_query($this->link, "COMMIT"); + $this->dbh->query("COMMIT"); } return; } function resetPubSub() { - $ids = db_escape_string($_REQUEST["ids"]); + $ids = $this->dbh->escape_string($_REQUEST["ids"]); - db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0 WHERE id IN ($ids) + $this->dbh->query("UPDATE ttrss_feeds SET pubsub_state = 0 WHERE id IN ($ids) AND owner_uid = " . $_SESSION["uid"]); return; @@ -983,30 +1088,30 @@ class Pref_Feeds extends Handler_Protected { function remove() { - $ids = split(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - $this->remove_feed($this->link, $id, $_SESSION["uid"]); + Pref_Feeds::remove_feed($id, $_SESSION["uid"]); } return; } function clear() { - $id = db_escape_string($_REQUEST["id"]); - $this->clear_feed_articles($this->link, $id); + $id = $this->dbh->escape_string($_REQUEST["id"]); + $this->clear_feed_articles($id); } function rescore() { require_once "rssfuncs.php"; - $ids = split(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - $filters = load_filters($this->link, $id, $_SESSION["uid"], 6); + $filters = load_filters($id, $_SESSION["uid"], 6); - $result = db_query($this->link, "SELECT + $result = $this->dbh->query("SELECT title, content, link, ref_id, author,". SUBSTRING_FOR_DATE."(updated, 1, 19) AS updated FROM @@ -1017,9 +1122,9 @@ class Pref_Feeds extends Handler_Protected { $scores = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { - $tags = get_article_tags($this->link, $line["ref_id"]); + $tags = get_article_tags($line["ref_id"]); $article_filters = get_article_filters($filters, $line['title'], $line['content'], $line['link'], strtotime($line['updated']), @@ -1034,15 +1139,15 @@ class Pref_Feeds extends Handler_Protected { foreach (array_keys($scores) as $s) { if ($s > 1000) { - db_query($this->link, "UPDATE ttrss_user_entries SET score = '$s', + $this->dbh->query("UPDATE ttrss_user_entries SET score = '$s', marked = true WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } else if ($s < -500) { - db_query($this->link, "UPDATE ttrss_user_entries SET score = '$s', + $this->dbh->query("UPDATE ttrss_user_entries SET score = '$s', unread = false WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } else { - db_query($this->link, "UPDATE ttrss_user_entries SET score = '$s' WHERE + $this->dbh->query("UPDATE ttrss_user_entries SET score = '$s' WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } } @@ -1054,16 +1159,16 @@ class Pref_Feeds extends Handler_Protected { function rescoreAll() { - $result = db_query($this->link, + $result = $this->dbh->query( "SELECT id FROM ttrss_feeds WHERE owner_uid = " . $_SESSION['uid']); - while ($feed_line = db_fetch_assoc($result)) { + while ($feed_line = $this->dbh->fetch_assoc($result)) { $id = $feed_line["id"]; - $filters = load_filters($this->link, $id, $_SESSION["uid"], 6); + $filters = load_filters($id, $_SESSION["uid"], 6); - $tmp_result = db_query($this->link, "SELECT + $tmp_result = $this->dbh->query("SELECT title, content, link, ref_id, author,". SUBSTRING_FOR_DATE."(updated, 1, 19) AS updated FROM @@ -1074,9 +1179,9 @@ class Pref_Feeds extends Handler_Protected { $scores = array(); - while ($line = db_fetch_assoc($tmp_result)) { + while ($line = $this->dbh->fetch_assoc($tmp_result)) { - $tags = get_article_tags($this->link, $line["ref_id"]); + $tags = get_article_tags($line["ref_id"]); $article_filters = get_article_filters($filters, $line['title'], $line['content'], $line['link'], strtotime($line['updated']), @@ -1091,11 +1196,11 @@ class Pref_Feeds extends Handler_Protected { foreach (array_keys($scores) as $s) { if ($s > 1000) { - db_query($this->link, "UPDATE ttrss_user_entries SET score = '$s', + $this->dbh->query("UPDATE ttrss_user_entries SET score = '$s', marked = true WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } else { - db_query($this->link, "UPDATE ttrss_user_entries SET score = '$s' WHERE + $this->dbh->query("UPDATE ttrss_user_entries SET score = '$s' WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } } @@ -1106,9 +1211,9 @@ class Pref_Feeds extends Handler_Protected { } function categorize() { - $ids = split(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); - $cat_id = db_escape_string($_REQUEST["cat_id"]); + $cat_id = $this->dbh->escape_string($_REQUEST["cat_id"]); if ($cat_id == 0) { $cat_id_qpart = 'NULL'; @@ -1116,30 +1221,30 @@ class Pref_Feeds extends Handler_Protected { $cat_id_qpart = "'$cat_id'"; } - db_query($this->link, "BEGIN"); + $this->dbh->query("BEGIN"); foreach ($ids as $id) { - db_query($this->link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart + $this->dbh->query("UPDATE ttrss_feeds SET cat_id = $cat_id_qpart WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } - db_query($this->link, "COMMIT"); + $this->dbh->query("COMMIT"); } function removeCat() { - $ids = split(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - $this->remove_feed_category($this->link, $id, $_SESSION["uid"]); + $this->remove_feed_category($id, $_SESSION["uid"]); } } function addCat() { - $feed_cat = db_escape_string(trim($_REQUEST["cat"])); + $feed_cat = $this->dbh->escape_string(trim($_REQUEST["cat"])); - add_feed_category($this->link, $feed_cat); + add_feed_category($feed_cat); } function index() { @@ -1147,10 +1252,10 @@ class Pref_Feeds extends Handler_Protected { print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">"; print "<div id=\"pref-feeds-feeds\" dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Feeds')."\">"; - $result = db_query($this->link, "SELECT COUNT(id) AS num_errors + $result = $this->dbh->query("SELECT COUNT(id) AS num_errors FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]); - $num_errors = db_fetch_result($result, 0, "num_errors"); + $num_errors = $this->dbh->fetch_result($result, 0, "num_errors"); if ($num_errors > 0) { @@ -1165,13 +1270,13 @@ class Pref_Feeds extends Handler_Protected { $interval_qpart = "DATE_SUB(NOW(), INTERVAL 3 MONTH)"; } - $result = db_query($this->link, "SELECT COUNT(*) AS num_inactive FROM ttrss_feeds WHERE + $result = $this->dbh->query("SELECT COUNT(*) AS num_inactive FROM ttrss_feeds WHERE (SELECT MAX(updated) FROM ttrss_entries, ttrss_user_entries WHERE ttrss_entries.id = ref_id AND ttrss_user_entries.feed_id = ttrss_feeds.id) < $interval_qpart AND ttrss_feeds.owner_uid = ".$_SESSION["uid"]); - $num_inactive = db_fetch_result($result, 0, "num_inactive"); + $num_inactive = $this->dbh->fetch_result($result, 0, "num_inactive"); if ($num_inactive > 0) { $inactive_button = "<button dojoType=\"dijit.form.Button\" @@ -1179,7 +1284,7 @@ class Pref_Feeds extends Handler_Protected { __("Inactive feeds") . "</button>"; } - $feed_search = db_escape_string($_REQUEST["search"]); + $feed_search = $this->dbh->escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_feed_search"] = $feed_search; @@ -1218,16 +1323,16 @@ class Pref_Feeds extends Handler_Protected { dojoType=\"dijit.MenuItem\">".__('Reset sort order')."</div>"; print "<div onclick=\"batchSubscribe()\" dojoType=\"dijit.MenuItem\">".__('Batch subscribe')."</div>"; + print "<div dojoType=\"dijit.MenuItem\" onclick=\"removeSelectedFeeds()\">" + .__('Unsubscribe')."</div> "; print "</div></div>"; - if (get_pref($this->link, 'ENABLE_FEED_CATS')) { + if (get_pref('ENABLE_FEED_CATS')) { print "<div dojoType=\"dijit.form.DropDownButton\">". "<span>" . __('Categories')."</span>"; print "<div dojoType=\"dijit.Menu\" style=\"display: none;\">"; print "<div onclick=\"createCategory()\" dojoType=\"dijit.MenuItem\">".__('Add category')."</div>"; - print "<div onclick=\"toggleHiddenFeedCats()\" - dojoType=\"dijit.MenuItem\">".__('(Un)hide empty categories')."</div>"; print "<div onclick=\"resetCatOrder()\" dojoType=\"dijit.MenuItem\">".__('Reset sort order')."</div>"; print "<div onclick=\"removeSelectedCategories()\" @@ -1239,9 +1344,6 @@ class Pref_Feeds extends Handler_Protected { print $error_button; print $inactive_button; - print "<button dojoType=\"dijit.form.Button\" onclick=\"removeSelectedFeeds()\">" - .__('Unsubscribe')."</button dojoType=\"dijit.form.Button\"> "; - if (defined('_ENABLE_FEED_DEBUGGING')) { print "<select id=\"feedActionChooser\" onchange=\"feedActionChange()\"> @@ -1306,9 +1408,7 @@ class Pref_Feeds extends Handler_Protected { print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('OPML')."\">"; - print "<p>" . __("Using OPML you can export and import your feeds, filters, labels and Tiny Tiny RSS settings.") . " "; - - print __("Only main settings profile can be migrated using OPML.") . "</p>"; + print_notice(__("Using OPML you can export and import your feeds, filters, labels and Tiny Tiny RSS settings.") . __("Only main settings profile can be migrated using OPML.")); print "<iframe id=\"upload_iframe\" name=\"upload_iframe\" onload=\"opmlImportComplete(this)\" @@ -1339,11 +1439,10 @@ class Pref_Feeds extends Handler_Protected { print __("Published OPML does not include your Tiny Tiny RSS settings, feeds that require authentication or feeds hidden from Popular feeds.") . "</p>"; - print "<button dojoType=\"dijit.form.Button\" onclick=\"return displayDlg('pubOPMLUrl')\">". + print "<button dojoType=\"dijit.form.Button\" onclick=\"return displayDlg('".__("Public OPML URL")."','pubOPMLUrl')\">". __('Display published OPML URL')."</button> "; - global $pluginhost; - $pluginhost->run_hooks($pluginhost::HOOK_PREFS_TAB_SECTION, + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB_SECTION, "hook_prefs_tab_section", "prefFeedsOPML"); print "</div>"; # pane @@ -1352,7 +1451,7 @@ class Pref_Feeds extends Handler_Protected { print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Firefox integration')."\">"; - print "<p>" . __('This Tiny Tiny RSS site can be used as a Firefox Feed Reader by clicking the link below.') . "</p>"; + print_notice(__('This Tiny Tiny RSS site can be used as a Firefox Feed Reader by clicking the link below.')); print "<p>"; @@ -1369,35 +1468,36 @@ class Pref_Feeds extends Handler_Protected { print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Published & shared articles / Generated feeds')."\">"; - print "<h3>" . __("Published articles and generated feeds") . "</h3>"; - - print "<p>".__('Published articles are exported as a public RSS feed and can be subscribed by anyone who knows the URL specified below.')."</p>"; + print_notice(__('Published articles are exported as a public RSS feed and can be subscribed by anyone who knows the URL specified below.')); $rss_url = '-2::' . htmlspecialchars(get_self_url_prefix() . "/public.php?op=rss&id=-2&view-mode=all_articles");; - print "<button dojoType=\"dijit.form.Button\" onclick=\"return displayDlg('generatedFeed', '$rss_url')\">". + print "<p>"; + + print "<button dojoType=\"dijit.form.Button\" onclick=\"return displayDlg('".__("View as RSS")."','generatedFeed', '$rss_url')\">". __('Display URL')."</button> "; print "<button dojoType=\"dijit.form.Button\" onclick=\"return clearFeedAccessKeys()\">". __('Clear all generated URLs')."</button> "; - print "<h3>" . __("Articles shared by URL") . "</h3>"; + print "</p>"; - print "<p>" . __("You can disable all articles shared by unique URLs here.") . "</p>"; + print_warning(__("You can disable all articles shared by unique URLs here.")); + + print "<p>"; print "<button dojoType=\"dijit.form.Button\" onclick=\"return clearArticleAccessKeys()\">". __('Unshare all articles')."</button> "; - global $pluginhost; - $pluginhost->run_hooks($pluginhost::HOOK_PREFS_TAB_SECTION, + print "</p>"; + + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB_SECTION, "hook_prefs_tab_section", "prefFeedsPublishedGenerated"); print "</div>"; #pane - global $pluginhost; - - $pluginhost->run_hooks($pluginhost::HOOK_PREFS_TAB, + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB, "hook_prefs_tab", "prefFeeds"); print "</div>"; #container @@ -1408,14 +1508,14 @@ class Pref_Feeds extends Handler_Protected { $cat_id = (int) $cat_id; if ($cat_id > 0) { - $cat_unread = ccache_find($this->link, $cat_id, $_SESSION["uid"], true); + $cat_unread = ccache_find($cat_id, $_SESSION["uid"], true); } else if ($cat_id == 0 || $cat_id == -2) { - $cat_unread = getCategoryUnread($this->link, $cat_id); + $cat_unread = getCategoryUnread($cat_id); } $obj['id'] = 'CAT:' . $cat_id; $obj['items'] = array(); - $obj['name'] = getCategoryTitle($this->link, $cat_id); + $obj['name'] = getCategoryTitle($cat_id); $obj['type'] = 'category'; $obj['unread'] = (int) $cat_unread; $obj['bare_id'] = $cat_id; @@ -1428,10 +1528,10 @@ class Pref_Feeds extends Handler_Protected { $feed_id = (int) $feed_id; if (!$title) - $title = getFeedTitle($this->link, $feed_id, false); + $title = getFeedTitle($feed_id, false); if ($unread === false) - $unread = getFeedUnread($this->link, $feed_id, false); + $unread = getFeedUnread($feed_id, false); $obj['id'] = 'FEED:' . $feed_id; $obj['name'] = $title; @@ -1453,7 +1553,7 @@ class Pref_Feeds extends Handler_Protected { $interval_qpart = "DATE_SUB(NOW(), INTERVAL 3 MONTH)"; } - $result = db_query($this->link, "SELECT ttrss_feeds.title, ttrss_feeds.site_url, + $result = $this->dbh->query("SELECT ttrss_feeds.title, ttrss_feeds.site_url, ttrss_feeds.feed_url, ttrss_feeds.id, MAX(updated) AS last_article FROM ttrss_feeds, ttrss_entries, ttrss_user_entries WHERE (SELECT MAX(updated) FROM ttrss_entries, ttrss_user_entries WHERE @@ -1465,7 +1565,7 @@ class Pref_Feeds extends Handler_Protected { GROUP BY ttrss_feeds.title, ttrss_feeds.id, ttrss_feeds.site_url, ttrss_feeds.feed_url ORDER BY last_article"); - print "<div class=\"dialogNotice\">" . __("These feeds have not been updated with new content for 3 months (oldest first):") . "</div>"; + print "<p" .__("These feeds have not been updated with new content for 3 months (oldest first):") . "</p>"; print "<div dojoType=\"dijit.Toolbar\">"; print "<div dojoType=\"dijit.form.DropDownButton\">". @@ -1484,9 +1584,8 @@ class Pref_Feeds extends Handler_Protected { $lnum = 1; - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { - $class = ($lnum % 2) ? "even" : "odd"; $feed_id = $line["id"]; $this_row_id = "id=\"FUPDD-$feed_id\""; @@ -1507,7 +1606,7 @@ class Pref_Feeds extends Handler_Protected { htmlspecialchars($line["title"])."</a>"; print "</td><td class=\"insensitive\" align='right'>"; - print make_local_datetime($this->link, $line['last_article'], false); + print make_local_datetime($line['last_article'], false); print "</td>"; print "</tr>"; @@ -1531,9 +1630,7 @@ class Pref_Feeds extends Handler_Protected { } function feedsWithErrors() { - print "<div class=\"dialogNotice\">" . __("These feeds have not been updated because of errors:") . "</div>"; - - $result = db_query($this->link, "SELECT id,title,feed_url,last_error,site_url + $result = $this->dbh->query("SELECT id,title,feed_url,last_error,site_url FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]); print "<div dojoType=\"dijit.Toolbar\">"; @@ -1553,9 +1650,8 @@ class Pref_Feeds extends Handler_Protected { $lnum = 1; - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { - $class = ($lnum % 2) ? "even" : "odd"; $feed_id = $line["id"]; $this_row_id = "id=\"FERDD-$feed_id\""; @@ -1607,77 +1703,232 @@ class Pref_Feeds extends Handler_Protected { * @param integer $id The id of the feed to purge. * @return void */ - private function clear_feed_articles($link, $id) { + private function clear_feed_articles($id) { if ($id != 0) { - $result = db_query($link, "DELETE FROM ttrss_user_entries + $result = $this->dbh->query("DELETE FROM ttrss_user_entries WHERE feed_id = '$id' AND marked = false AND owner_uid = " . $_SESSION["uid"]); } else { - $result = db_query($link, "DELETE FROM ttrss_user_entries + $result = $this->dbh->query("DELETE FROM ttrss_user_entries WHERE feed_id IS NULL AND marked = false AND owner_uid = " . $_SESSION["uid"]); } - $result = db_query($link, "DELETE FROM ttrss_entries WHERE + $result = $this->dbh->query("DELETE FROM ttrss_entries WHERE (SELECT COUNT(int_id) FROM ttrss_user_entries WHERE ref_id = id) = 0"); - ccache_update($link, $id, $_SESSION['uid']); + ccache_update($id, $_SESSION['uid']); } // function clear_feed_articles - private function remove_feed_category($link, $id, $owner_uid) { + private function remove_feed_category($id, $owner_uid) { - db_query($link, "DELETE FROM ttrss_feed_categories + $this->dbh->query("DELETE FROM ttrss_feed_categories WHERE id = '$id' AND owner_uid = $owner_uid"); - ccache_remove($link, $id, $owner_uid, true); + ccache_remove($id, $owner_uid, true); } - private function remove_feed($link, $id, $owner_uid) { + static function remove_feed($id, $owner_uid) { if ($id > 0) { /* save starred articles in Archived feed */ - db_query($link, "BEGIN"); + db_query("BEGIN"); /* prepare feed if necessary */ - $result = db_query($link, "SELECT id FROM ttrss_archived_feeds - WHERE id = '$id'"); + $result = db_query("SELECT feed_url FROM ttrss_feeds WHERE id = $id + AND owner_uid = $owner_uid"); + + $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url")); + + $result = db_query("SELECT id FROM ttrss_archived_feeds + WHERE feed_url = '$feed_url' AND owner_uid = $owner_uid"); if (db_num_rows($result) == 0) { - db_query($link, "INSERT INTO ttrss_archived_feeds + $result = db_query("SELECT MAX(id) AS id FROM ttrss_archived_feeds"); + $new_feed_id = (int)db_fetch_result($result, 0, "id") + 1; + + db_query("INSERT INTO ttrss_archived_feeds (id, owner_uid, title, feed_url, site_url) - SELECT id, owner_uid, title, feed_url, site_url from ttrss_feeds - WHERE id = '$id'"); + SELECT $new_feed_id, owner_uid, title, feed_url, site_url from ttrss_feeds + WHERE id = '$id'"); + + $archive_id = $new_feed_id; + } else { + $archive_id = db_fetch_result($result, 0, "id"); } - db_query($link, "UPDATE ttrss_user_entries SET feed_id = NULL, - orig_feed_id = '$id' WHERE feed_id = '$id' AND + db_query("UPDATE ttrss_user_entries SET feed_id = NULL, + orig_feed_id = '$archive_id' WHERE feed_id = '$id' AND marked = true AND owner_uid = $owner_uid"); /* Remove access key for the feed */ - db_query($link, "DELETE FROM ttrss_access_keys WHERE + db_query("DELETE FROM ttrss_access_keys WHERE feed_id = '$id' AND owner_uid = $owner_uid"); /* remove the feed */ - db_query($link, "DELETE FROM ttrss_feeds + db_query("DELETE FROM ttrss_feeds WHERE id = '$id' AND owner_uid = $owner_uid"); - db_query($link, "COMMIT"); + db_query("COMMIT"); if (file_exists(ICONS_DIR . "/$id.ico")) { unlink(ICONS_DIR . "/$id.ico"); } - ccache_remove($link, $id, $owner_uid); + ccache_remove($id, $owner_uid); } else { - label_remove($link, -11-$id, $owner_uid); - ccache_remove($link, -11-$id, $owner_uid); + label_remove(feed_to_label_id($id), $owner_uid); + //ccache_remove($id, $owner_uid); don't think labels are cached + } + } + + function batchSubscribe() { + print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-feeds\">"; + print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"batchaddfeeds\">"; + + print "<table width='100%'><tr><td> + ".__("Add one valid RSS feed per line (no feed detection is done)")." + </td><td align='right'>"; + if (get_pref('ENABLE_FEED_CATS')) { + print __('Place in category:') . " "; + print_feed_cat_select("cat", false, 'dojoType="dijit.form.Select"'); } + print "</td></tr><tr><td colspan='2'>"; + print "<textarea + style='font-size : 12px; width : 100%; height: 200px;' + placeHolder=\"".__("Feeds to subscribe, One per line")."\" + dojoType=\"dijit.form.SimpleTextarea\" required=\"1\" name=\"feeds\"></textarea>"; + + print "</td></tr><tr><td colspan='2'>"; + + print "<div id='feedDlg_loginContainer' style='display : none'> + " . + " <input dojoType=\"dijit.form.TextBox\" name='login'\" + placeHolder=\"".__("Login")."\" + style=\"width : 10em;\"> ". + " <input + placeHolder=\"".__("Password")."\" + dojoType=\"dijit.form.TextBox\" type='password' + style=\"width : 10em;\" name='pass'\">". + "</div>"; + + print "</td></tr><tr><td colspan='2'>"; + + print "<div style=\"clear : both\"> + <input type=\"checkbox\" name=\"need_auth\" dojoType=\"dijit.form.CheckBox\" id=\"feedDlg_loginCheck\" + onclick='checkboxToggleElement(this, \"feedDlg_loginContainer\")'> + <label for=\"feedDlg_loginCheck\">". + __('Feeds require authentication.')."</div>"; + + print "</form>"; + + print "</td></tr></table>"; + + print "<div class=\"dlgButtons\"> + <button dojoType=\"dijit.form.Button\" onclick=\"return dijit.byId('batchSubDlg').execute()\">".__('Subscribe')."</button> + <button dojoType=\"dijit.form.Button\" onclick=\"return dijit.byId('batchSubDlg').hide()\">".__('Cancel')."</button> + </div>"; } + function batchAddFeeds() { + $cat_id = $this->dbh->escape_string($_REQUEST['cat']); + $feeds = explode("\n", $_REQUEST['feeds']); + $login = $this->dbh->escape_string($_REQUEST['login']); + $pass = trim($_REQUEST['pass']); + + foreach ($feeds as $feed) { + $feed = $this->dbh->escape_string(trim($feed)); + + if (validate_feed_url($feed)) { + + $this->dbh->query("BEGIN"); + + if ($cat_id == "0" || !$cat_id) { + $cat_qpart = "NULL"; + } else { + $cat_qpart = "'$cat_id'"; + } + + $result = $this->dbh->query( + "SELECT id FROM ttrss_feeds + WHERE feed_url = '$feed' AND owner_uid = ".$_SESSION["uid"]); + + if (strlen(FEED_CRYPT_KEY) > 0) { + require_once "crypt.php"; + $pass = substr(encrypt_string($pass), 0, 250); + $auth_pass_encrypted = 'true'; + } else { + $auth_pass_encrypted = 'false'; + } + + $pass = $this->dbh->escape_string($pass); + + if ($this->dbh->num_rows($result) == 0) { + $result = $this->dbh->query( + "INSERT INTO ttrss_feeds + (owner_uid,feed_url,title,cat_id,auth_login,auth_pass,update_method,auth_pass_encrypted) + VALUES ('".$_SESSION["uid"]."', '$feed', + '[Unknown]', $cat_qpart, '$login', '$pass', 0, $auth_pass_encrypted)"); + } + + $this->dbh->query("COMMIT"); + } + } + } + + function regenOPMLKey() { + $this->update_feed_access_key('OPML:Publish', + false, $_SESSION["uid"]); + + $new_link = Opml::opml_publish_url(); + + print json_encode(array("link" => $new_link)); + } + + function regenFeedKey() { + $feed_id = $this->dbh->escape_string($_REQUEST['id']); + $is_cat = $this->dbh->escape_string($_REQUEST['is_cat']) == "true"; + + $new_key = $this->update_feed_access_key($feed_id, $is_cat); + + print json_encode(array("link" => $new_key)); + } + + + private function update_feed_access_key($feed_id, $is_cat, $owner_uid = false) { + if (!$owner_uid) $owner_uid = $_SESSION["uid"]; + + $sql_is_cat = bool_to_sql_bool($is_cat); + + $result = $this->dbh->query("SELECT access_key FROM ttrss_access_keys + WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat + AND owner_uid = " . $owner_uid); + + if ($this->dbh->num_rows($result) == 1) { + $key = $this->dbh->escape_string(sha1(uniqid(rand(), true))); + + $this->dbh->query("UPDATE ttrss_access_keys SET access_key = '$key' + WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat + AND owner_uid = " . $owner_uid); + + return $key; + + } else { + return get_feed_access_key($feed_id, $is_cat, $owner_uid); + } + } + + // Silent + function clearKeys() { + $this->dbh->query("DELETE FROM ttrss_access_keys WHERE + owner_uid = " . $_SESSION["uid"]); + } + + } ?> diff --git a/classes/pref/filters.php b/classes/pref/filters.php index 74a29c619..bcc7b5aec 100644 --- a/classes/pref/filters.php +++ b/classes/pref/filters.php @@ -3,23 +3,62 @@ class Pref_Filters extends Handler_Protected { function csrf_ignore($method) { $csrf_ignored = array("index", "getfiltertree", "edit", "newfilter", "newrule", - "newaction"); + "newaction", "savefilterorder"); return array_search($method, $csrf_ignored) !== false; } + function filtersortreset() { + $this->dbh->query("UPDATE ttrss_filters2 + SET order_id = 0 WHERE owner_uid = " . $_SESSION["uid"]); + return; + } + + function savefilterorder() { + $data = json_decode($_POST['payload'], true); + + #file_put_contents("/tmp/saveorder.json", $_POST['payload']); + #$data = json_decode(file_get_contents("/tmp/saveorder.json"), true); + + if (!is_array($data['items'])) + $data['items'] = json_decode($data['items'], true); + + $index = 0; + + if (is_array($data) && is_array($data['items'])) { + foreach ($data['items'][0]['items'] as $item) { + $filter_id = (int) str_replace("FILTER:", "", $item['_reference']); + + if ($filter_id > 0) { + + $this->dbh->query("UPDATE ttrss_filters2 SET + order_id = $index WHERE id = '$filter_id' AND + owner_uid = " .$_SESSION["uid"]); + + ++$index; + } + } + } + + return; + } + + function testFilter() { $filter = array(); $filter["enabled"] = true; $filter["match_any_rule"] = sql_bool_to_bool( - checkbox_to_sql_bool(db_escape_string($_REQUEST["match_any_rule"]))); + checkbox_to_sql_bool($this->dbh->escape_string($_REQUEST["match_any_rule"]))); + $filter["inverse"] = sql_bool_to_bool( + checkbox_to_sql_bool($this->dbh->escape_string($_REQUEST["inverse"]))); + $filter["rules"] = array(); - $result = db_query($this->link, "SELECT id,name FROM ttrss_filter_types"); + $result = $this->dbh->query("SELECT id,name FROM ttrss_filter_types"); $filter_types = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $filter_types[$line["id"]] = $line["name"]; } @@ -44,10 +83,8 @@ class Pref_Filters extends Handler_Protected { } } - $feed_title = getFeedTitle($this->link, $feed); - - $qfh_ret = queryFeedHeadlines($this->link, -4, 30, "", false, false, false, - false, "date_entered DESC", 0, $_SESSION["uid"], $filter); + $qfh_ret = queryFeedHeadlines(-4, 30, "", false, false, false, + "date_entered DESC", 0, $_SESSION["uid"], $filter); $result = $qfh_ret[0]; @@ -59,10 +96,10 @@ class Pref_Filters extends Handler_Protected { print "<div class=\"filterTestHolder\">"; print "<table width=\"100%\" cellspacing=\"0\" id=\"prefErrorFeedList\">"; - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $entry_timestamp = strtotime($line["updated"]); - $entry_tags = get_article_tags($this->link, $line["id"], $_SESSION["uid"]); + $entry_tags = get_article_tags($line["id"], $_SESSION["uid"]); $content_preview = truncate_string( strip_tags($line["content_preview"]), 100, '...'); @@ -119,7 +156,7 @@ class Pref_Filters extends Handler_Protected { $filter_search = $_SESSION["prefs_filter_search"]; - $result = db_query($this->link, "SELECT *, + $result = $this->dbh->query("SELECT *, (SELECT action_param FROM ttrss_filters2_actions WHERE filter_id = ttrss_filters2.id ORDER BY id LIMIT 1) AS action_param, (SELECT action_id FROM ttrss_filters2_actions @@ -130,16 +167,16 @@ class Pref_Filters extends Handler_Protected { (SELECT reg_exp FROM ttrss_filters2_rules WHERE filter_id = ttrss_filters2.id ORDER BY id LIMIT 1) AS reg_exp FROM ttrss_filters2 WHERE - owner_uid = ".$_SESSION["uid"]." ORDER BY action_id,reg_exp"); + owner_uid = ".$_SESSION["uid"]." ORDER BY order_id, title"); $action_id = -1; $folder = array(); $folder['items'] = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { - if ($action_id != $line["action_id"]) { + /* if ($action_id != $line["action_id"]) { if (count($folder['items']) > 0) { array_push($root['items'], $folder); } @@ -149,16 +186,16 @@ class Pref_Filters extends Handler_Protected { $folder['name'] = __($line["action_name"]); $folder['items'] = array(); $action_id = $line["action_id"]; - } + } */ $name = $this->getFilterName($line["id"]); $match_ok = false; if ($filter_search) { - $rules_result = db_query($this->link, + $rules_result = $this->dbh->query( "SELECT reg_exp FROM ttrss_filters2_rules WHERE filter_id = ".$line["id"]); - while ($rule_line = db_fetch_assoc($rules_result)) { + while ($rule_line = $this->dbh->fetch_assoc($rules_result)) { if (mb_strpos($rule_line['reg_exp'], $filter_search) !== false) { $match_ok = true; break; @@ -167,13 +204,13 @@ class Pref_Filters extends Handler_Protected { } if ($line['action_id'] == 7) { - $label_result = db_query($this->link, "SELECT fg_color, bg_color - FROM ttrss_labels2 WHERE caption = '".db_escape_string($line['action_param'])."' AND + $label_result = $this->dbh->query("SELECT fg_color, bg_color + FROM ttrss_labels2 WHERE caption = '".$this->dbh->escape_string($line['action_param'])."' AND owner_uid = " . $_SESSION["uid"]); - if (db_num_rows($label_result) > 0) { - $fg_color = db_fetch_result($label_result, 0, "fg_color"); - $bg_color = db_fetch_result($label_result, 0, "bg_color"); + if ($this->dbh->num_rows($label_result) > 0) { + $fg_color = $this->dbh->fetch_result($label_result, 0, "fg_color"); + $bg_color = $this->dbh->fetch_result($label_result, 0, "bg_color"); $name[1] = "<span class=\"labelColorIndicator\" id=\"label-editor-indicator\" style='color : $fg_color; background-color : $bg_color; margin-right : 4px'>α</span>" . $name[1]; } @@ -192,9 +229,11 @@ class Pref_Filters extends Handler_Protected { } } - if (count($folder['items']) > 0) { + /* if (count($folder['items']) > 0) { array_push($root['items'], $folder); - } + } */ + + $root['items'] = $folder['items']; $fl = array(); $fl['identifier'] = 'id'; @@ -207,13 +246,15 @@ class Pref_Filters extends Handler_Protected { function edit() { - $filter_id = db_escape_string($_REQUEST["id"]); + $filter_id = $this->dbh->escape_string($_REQUEST["id"]); - $result = db_query($this->link, + $result = $this->dbh->query( "SELECT * FROM ttrss_filters2 WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); - $enabled = sql_bool_to_bool(db_fetch_result($result, 0, "enabled")); - $match_any_rule = sql_bool_to_bool(db_fetch_result($result, 0, "match_any_rule")); + $enabled = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "enabled")); + $match_any_rule = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "match_any_rule")); + $inverse = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "inverse")); + $title = htmlspecialchars($this->dbh->fetch_result($result, 0, "title")); print "<form id=\"filter_edit_form\" onsubmit='return false'>"; @@ -222,6 +263,12 @@ class Pref_Filters extends Handler_Protected { print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"editSave\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"csrf_token\" value=\"".$_SESSION['csrf_token']."\">"; + print "<div class=\"dlgSec\">".__("Caption")."</div>"; + + print "<input required=\"true\" dojoType=\"dijit.form.ValidationTextBox\" style=\"width : 20em;\" name=\"title\" value=\"$title\">"; + + print "</div>"; + print "<div class=\"dlgSec\">".__("Match")."</div>"; print "<div dojoType=\"dijit.Toolbar\">"; @@ -245,10 +292,10 @@ class Pref_Filters extends Handler_Protected { print "<ul id='filterDlg_Matches'>"; - $rules_result = db_query($this->link, "SELECT * FROM ttrss_filters2_rules + $rules_result = $this->dbh->query("SELECT * FROM ttrss_filters2_rules WHERE filter_id = '$filter_id' ORDER BY reg_exp, id"); - while ($line = db_fetch_assoc($rules_result)) { + while ($line = $this->dbh->fetch_assoc($rules_result)) { if (sql_bool_to_bool($line["cat_filter"])) { $line["feed_id"] = "CAT:" . (int)$line["cat_id"]; } @@ -257,6 +304,7 @@ class Pref_Filters extends Handler_Protected { unset($line["cat_id"]); unset($line["filter_id"]); unset($line["id"]); + if (!sql_bool_to_bool($line["inverse"])) unset($line["inverse"]); $data = htmlspecialchars(json_encode($line)); @@ -292,10 +340,10 @@ class Pref_Filters extends Handler_Protected { print "<ul id='filterDlg_Actions'>"; - $actions_result = db_query($this->link, "SELECT * FROM ttrss_filters2_actions + $actions_result = $this->dbh->query("SELECT * FROM ttrss_filters2_actions WHERE filter_id = '$filter_id' ORDER BY id"); - while ($line = db_fetch_assoc($actions_result)) { + while ($line = $this->dbh->fetch_assoc($actions_result)) { $line["action_param_label"] = $line["action_param"]; unset($line["filter_id"]); @@ -330,6 +378,15 @@ class Pref_Filters extends Handler_Protected { print "<br/><input dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" name=\"match_any_rule\" id=\"match_any_rule\" $checked> <label for=\"match_any_rule\">".__('Match any rule')."</label>"; + if ($inverse) { + $checked = "checked=\"1\""; + } else { + $checked = ""; + } + + print "<br/><input dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" name=\"inverse\" id=\"inverse\" $checked> + <label for=\"inverse\">".__('Inverse matching')."</label>"; + print "<p/>"; print "<div class=\"dlgButtons\">"; @@ -358,21 +415,22 @@ class Pref_Filters extends Handler_Protected { if (strpos($feed_id, "CAT:") === 0) { $feed_id = (int) substr($feed_id, 4); - $feed = getCategoryTitle($this->link, $feed_id); + $feed = getCategoryTitle($feed_id); } else { $feed_id = (int) $feed_id; if ($rule["feed_id"]) - $feed = getFeedTitle($this->link, (int)$rule["feed_id"]); + $feed = getFeedTitle((int)$rule["feed_id"]); else $feed = __("All feeds"); } - $result = db_query($this->link, "SELECT description FROM ttrss_filter_types + $result = $this->dbh->query("SELECT description FROM ttrss_filter_types WHERE id = ".(int)$rule["filter_type"]); - $match_on = db_fetch_result($result, 0, "description"); + $filter_type = $this->dbh->fetch_result($result, 0, "description"); - return T_sprintf("%s on %s in %s", $rule["reg_exp"], $match_on, $feed); + return T_sprintf("%s on %s in %s %s", strip_tags($rule["reg_exp"]), + $filter_type, $feed, isset($rule["inverse"]) ? __("(inverse)") : ""); } function printRuleName() { @@ -380,10 +438,10 @@ class Pref_Filters extends Handler_Protected { } private function getActionName($action) { - $result = db_query($this->link, "SELECT description FROM + $result = $this->dbh->query("SELECT description FROM ttrss_filter_actions WHERE id = " .(int)$action["action_id"]); - $title = __(db_fetch_result($result, 0, "description")); + $title = __($this->dbh->fetch_result($result, 0, "description")); if ($action["action_id"] == 4 || $action["action_id"] == 6 || $action["action_id"] == 7) @@ -403,12 +461,16 @@ class Pref_Filters extends Handler_Protected { # print_r($_REQUEST); - $filter_id = db_escape_string($_REQUEST["id"]); - $enabled = checkbox_to_sql_bool(db_escape_string($_REQUEST["enabled"])); - $match_any_rule = checkbox_to_sql_bool(db_escape_string($_REQUEST["match_any_rule"])); + $filter_id = $this->dbh->escape_string($_REQUEST["id"]); + $enabled = checkbox_to_sql_bool($this->dbh->escape_string($_REQUEST["enabled"])); + $match_any_rule = checkbox_to_sql_bool($this->dbh->escape_string($_REQUEST["match_any_rule"])); + $inverse = checkbox_to_sql_bool($this->dbh->escape_string($_REQUEST["inverse"])); + $title = $this->dbh->escape_string($_REQUEST["title"]); - $result = db_query($this->link, "UPDATE ttrss_filters2 SET enabled = $enabled, - match_any_rule = $match_any_rule + $result = $this->dbh->query("UPDATE ttrss_filters2 SET enabled = $enabled, + match_any_rule = $match_any_rule, + inverse = $inverse, + title = '$title' WHERE id = '$filter_id' AND owner_uid = ". $_SESSION["uid"]); @@ -418,17 +480,17 @@ class Pref_Filters extends Handler_Protected { function remove() { - $ids = split(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - db_query($this->link, "DELETE FROM ttrss_filters2 WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); + $this->dbh->query("DELETE FROM ttrss_filters2 WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); } } private function saveRulesAndActions($filter_id) { - db_query($this->link, "DELETE FROM ttrss_filters2_rules WHERE filter_id = '$filter_id'"); - db_query($this->link, "DELETE FROM ttrss_filters2_actions WHERE filter_id = '$filter_id'"); + $this->dbh->query("DELETE FROM ttrss_filters2_rules WHERE filter_id = '$filter_id'"); + $this->dbh->query("DELETE FROM ttrss_filters2_actions WHERE filter_id = '$filter_id'"); if ($filter_id) { /* create rules */ @@ -457,9 +519,11 @@ class Pref_Filters extends Handler_Protected { foreach ($rules as $rule) { if ($rule) { - $reg_exp = strip_tags(db_escape_string(trim($rule["reg_exp"]))); - $filter_type = (int) db_escape_string(trim($rule["filter_type"])); - $feed_id = db_escape_string(trim($rule["feed_id"])); + $reg_exp = strip_tags($this->dbh->escape_string(trim($rule["reg_exp"]))); + $inverse = isset($rule["inverse"]) ? "true" : "false"; + + $filter_type = (int) $this->dbh->escape_string(trim($rule["filter_type"])); + $feed_id = $this->dbh->escape_string(trim($rule["feed_id"])); if (strpos($feed_id, "CAT:") === 0) { @@ -477,19 +541,19 @@ class Pref_Filters extends Handler_Protected { } $query = "INSERT INTO ttrss_filters2_rules - (filter_id, reg_exp,filter_type,feed_id,cat_id,cat_filter) VALUES - ('$filter_id', '$reg_exp', '$filter_type', $feed_id, $cat_id, $cat_filter)"; + (filter_id, reg_exp,filter_type,feed_id,cat_id,cat_filter,inverse) VALUES + ('$filter_id', '$reg_exp', '$filter_type', $feed_id, $cat_id, $cat_filter, $inverse)"; - db_query($this->link, $query); + $this->dbh->query($query); } } foreach ($actions as $action) { if ($action) { - $action_id = (int) db_escape_string($action["action_id"]); - $action_param = db_escape_string($action["action_param"]); - $action_param_label = db_escape_string($action["action_param_label"]); + $action_id = (int) $this->dbh->escape_string($action["action_id"]); + $action_param = $this->dbh->escape_string($action["action_param"]); + $action_param_label = $this->dbh->escape_string($action["action_param_label"]); if ($action_id == 7) { $action_param = $action_param_label; @@ -503,7 +567,7 @@ class Pref_Filters extends Handler_Protected { (filter_id, action_id, action_param) VALUES ('$filter_id', '$action_id', '$action_param')"; - db_query($this->link, $query); + $this->dbh->query($query); } } } @@ -520,34 +584,35 @@ class Pref_Filters extends Handler_Protected { $enabled = checkbox_to_sql_bool($_REQUEST["enabled"]); $match_any_rule = checkbox_to_sql_bool($_REQUEST["match_any_rule"]); + $title = $this->dbh->escape_string($_REQUEST["title"]); - db_query($this->link, "BEGIN"); + $this->dbh->query("BEGIN"); /* create base filter */ - $result = db_query($this->link, "INSERT INTO ttrss_filters2 - (owner_uid, match_any_rule, enabled) VALUES - (".$_SESSION["uid"].",$match_any_rule,$enabled)"); + $result = $this->dbh->query("INSERT INTO ttrss_filters2 + (owner_uid, match_any_rule, enabled, title) VALUES + (".$_SESSION["uid"].",$match_any_rule,$enabled, '$title')"); - $result = db_query($this->link, "SELECT MAX(id) AS id FROM ttrss_filters2 + $result = $this->dbh->query("SELECT MAX(id) AS id FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"]); - $filter_id = db_fetch_result($result, 0, "id"); + $filter_id = $this->dbh->fetch_result($result, 0, "id"); $this->saveRulesAndActions($filter_id); - db_query($this->link, "COMMIT"); + $this->dbh->query("COMMIT"); } function index() { - $sort = db_escape_string($_REQUEST["sort"]); + $sort = $this->dbh->escape_string($_REQUEST["sort"]); if (!$sort || $sort == "undefined") { $sort = "reg_exp"; } - $filter_search = db_escape_string($_REQUEST["search"]); + $filter_search = $this->dbh->escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_filter_search"] = $filter_search; @@ -559,7 +624,7 @@ class Pref_Filters extends Handler_Protected { print "<div id=\"pref-filter-header\" dojoType=\"dijit.layout.ContentPane\" region=\"top\">"; print "<div id=\"pref-filter-toolbar\" dojoType=\"dijit.Toolbar\">"; - $filter_search = db_escape_string($_REQUEST["search"]); + $filter_search = $this->dbh->escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_filter_search"] = $filter_search; @@ -592,6 +657,10 @@ class Pref_Filters extends Handler_Protected { print "<button dojoType=\"dijit.form.Button\" onclick=\"return editSelectedFilter()\">". __('Edit')."</button> "; + print "<button dojoType=\"dijit.form.Button\" onclick=\"return resetFilterOrder()\">". + __('Reset sort order')."</button> "; + + print "<button dojoType=\"dijit.form.Button\" onclick=\"return removeSelectedFilters()\">". __('Remove')."</button> "; @@ -608,14 +677,16 @@ class Pref_Filters extends Handler_Protected { <img src='images/indicator_tiny.gif'>". __("Loading, please wait...")."</div>"; - print "<div dojoType=\"dojo.data.ItemFileWriteStore\" jsId=\"filterStore\" + print "<div dojoType=\"fox.PrefFilterStore\" jsId=\"filterStore\" url=\"backend.php?op=pref-filters&method=getfiltertree\"> </div> <div dojoType=\"lib.CheckBoxStoreModel\" jsId=\"filterModel\" store=\"filterStore\" - query=\"{id:'root'}\" rootId=\"root\" rootLabel=\"Feeds\" + query=\"{id:'root'}\" rootId=\"root\" rootLabel=\"Filters\" childrenAttrs=\"items\" checkboxStrict=\"false\" checkboxAll=\"false\"> </div> <div dojoType=\"fox.PrefFilterTree\" id=\"filterTree\" + dndController=\"dijit.tree.dndSource\" + betweenThreshold=\"5\" model=\"filterModel\" openOnClick=\"true\"> <script type=\"dojo/method\" event=\"onLoad\" args=\"item\"> Element.hide(\"filterlistLoading\"); @@ -633,8 +704,7 @@ class Pref_Filters extends Handler_Protected { print "</div>"; #pane - global $pluginhost; - $pluginhost->run_hooks($pluginhost::HOOK_PREFS_TAB, + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB, "hook_prefs_tab", "prefFilters"); print "</div>"; #container @@ -649,6 +719,10 @@ class Pref_Filters extends Handler_Protected { print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"add\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"csrf_token\" value=\"".$_SESSION['csrf_token']."\">"; + print "<div class=\"dlgSec\">".__("Caption")."</div>"; + + print "<input required=\"true\" dojoType=\"dijit.form.ValidationTextBox\" style=\"width : 20em;\" name=\"title\" value=\"\">"; + print "<div class=\"dlgSec\">".__("Match")."</div>"; print "<div dojoType=\"dijit.Toolbar\">"; @@ -710,10 +784,8 @@ class Pref_Filters extends Handler_Protected { print "<br/><input dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" name=\"match_any_rule\" id=\"match_any_rule\"> <label for=\"match_any_rule\">".__('Match any rule')."</label>"; - print "<p/>"; - -/* print "<input dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" name=\"inverse\" id=\"inverse\"> - <label for=\"inverse\">".__('Inverse match')."</label><hr/>"; */ + print "<br/><input dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" name=\"inverse\" id=\"inverse\"> + <label for=\"inverse\">".__('Inverse matching')."</label>"; // print "</div>"; @@ -739,10 +811,12 @@ class Pref_Filters extends Handler_Protected { $reg_exp = htmlspecialchars($rule["reg_exp"]); $filter_type = $rule["filter_type"]; $feed_id = $rule["feed_id"]; + $inverse_checked = isset($rule["inverse"]) ? "checked" : ""; } else { $reg_exp = ""; $filter_type = 1; $feed_id = 0; + $inverse_checked = ""; } if (strpos($feed_id, "CAT:") === 0) { @@ -755,12 +829,12 @@ class Pref_Filters extends Handler_Protected { print "<form name='filter_new_rule_form' id='filter_new_rule_form'>"; - $result = db_query($this->link, "SELECT id,description + $result = $this->dbh->query("SELECT id,description FROM ttrss_filter_types WHERE id != 5 ORDER BY description"); $filter_types = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $filter_types[$line["id"]] = __($line["description"]); } @@ -773,6 +847,11 @@ class Pref_Filters extends Handler_Protected { style=\"font-size : 16px; width : 20em;\" name=\"reg_exp\" value=\"$reg_exp\"/>"; + print "<hr/>"; + print "<input id=\"filterDlg_inverse\" dojoType=\"dijit.form.CheckBox\" + name=\"inverse\" $inverse_checked/>"; + print "<label for=\"filterDlg_inverse\">".__("Inverse regular expression matching")."</label>"; + print "<hr/>" . __("on field") . " "; print_select_hash("filter_type", $filter_type, $filter_types, 'dojoType="dijit.form.Select"'); @@ -782,7 +861,7 @@ class Pref_Filters extends Handler_Protected { print __("in") . " "; print "<span id='filterDlg_feeds'>"; - print_feed_select($this->link, "feed_id", + print_feed_select("feed_id", $cat_filter ? "CAT:$feed_id" : $feed_id, 'dojoType="dijit.form.FilteringSelect"'); print "</span>"; @@ -806,7 +885,7 @@ class Pref_Filters extends Handler_Protected { $action = json_decode($_REQUEST["action"], true); if ($action) { - $action_param = db_escape_string($action["action_param"]); + $action_param = $this->dbh->escape_string($action["action_param"]); $action_id = (int)$action["action_id"]; } else { $action_param = ""; @@ -822,10 +901,10 @@ class Pref_Filters extends Handler_Protected { print "<select name=\"action_id\" dojoType=\"dijit.form.Select\" onchange=\"filterDlgCheckAction(this)\">"; - $result = db_query($this->link, "SELECT id,description FROM ttrss_filter_actions + $result = $this->dbh->query("SELECT id,description FROM ttrss_filter_actions ORDER BY name"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $is_selected = ($line["id"] == $action_id) ? "selected='1'" : ""; printf("<option $is_selected value='%d'>%s</option>", $line["id"], __($line["description"])); } @@ -846,7 +925,7 @@ class Pref_Filters extends Handler_Protected { id=\"filterDlg_actionParam\" style=\"$param_hidden\" name=\"action_param\" value=\"$action_param\">"; - print_label_select($this->link, "action_param_label", $action_param, + print_label_select("action_param_label", $action_param, "id=\"filterDlg_actionParamLabel\" style=\"$label_param_hidden\" dojoType=\"dijit.form.Select\""); @@ -870,66 +949,57 @@ class Pref_Filters extends Handler_Protected { } private function getFilterName($id) { - $result = db_query($this->link, - "SELECT * FROM ttrss_filters2_rules WHERE filter_id = '$id' ORDER BY id - LIMIT 3"); - $titles = array(); - $count = 0; + $result = $this->dbh->query( + "SELECT title,COUNT(DISTINCT r.id) AS num_rules,COUNT(DISTINCT a.id) AS num_actions + FROM ttrss_filters2 AS f LEFT JOIN ttrss_filters2_rules AS r + ON (r.filter_id = f.id) + LEFT JOIN ttrss_filters2_actions AS a + ON (a.filter_id = f.id) WHERE f.id = '$id' GROUP BY f.title"); - while ($line = db_fetch_assoc($result)) { + $title = $this->dbh->fetch_result($result, 0, "title"); + $num_rules = $this->dbh->fetch_result($result, 0, "num_rules"); + $num_actions = $this->dbh->fetch_result($result, 0, "num_actions"); - if (sql_bool_to_bool($line["cat_filter"])) { - unset($line["cat_filter"]); - $line["feed_id"] = "CAT:" . (int)$line["cat_id"]; - unset($line["cat_id"]); - } + if (!$title) $title = __("[No caption]"); - if ($count < 2) { - array_push($titles, $this->getRuleName($line)); - } else { - array_push($titles, "..."); - break; - } - ++$count; - } + $title = sprintf(_ngettext("%s (%d rule)", "%s (%d rules)", $num_rules), $title, $num_rules); - $result = db_query($this->link, - "SELECT * FROM ttrss_filters2_actions WHERE filter_id = '$id' ORDER BY id LIMIT 3"); + $result = $this->dbh->query( + "SELECT * FROM ttrss_filters2_actions WHERE filter_id = '$id' ORDER BY id LIMIT 1"); - $actions = array(); - $count = 0; + $actions = ""; - while ($line = db_fetch_assoc($result)) { - if ($count < 2) { - array_push($actions, $this->getActionName($line)); - } else { - array_push($actions, "..."); - break; - } - ++$count; + if ($this->dbh->num_rows($result) > 0) { + $line = $this->dbh->fetch_assoc($result); + $actions = $this->getActionName($line); + + $num_actions -= 1; } - return array(join(", ", $titles), join(", ", $actions)); + if ($num_actions > 0) + $actions = sprintf(_ngettext("%s (+%d action)", "%s (+%d actions)", $num_actions), $actions, $num_actions); + + return array($title, $actions); } function join() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); if (count($ids) > 1) { $base_id = array_shift($ids); $ids_str = join(",", $ids); - db_query($this->link, "BEGIN"); - db_query($this->link, "UPDATE ttrss_filters2_rules + $this->dbh->query("BEGIN"); + $this->dbh->query("UPDATE ttrss_filters2_rules SET filter_id = '$base_id' WHERE filter_id IN ($ids_str)"); - db_query($this->link, "UPDATE ttrss_filters2_actions + $this->dbh->query("UPDATE ttrss_filters2_actions SET filter_id = '$base_id' WHERE filter_id IN ($ids_str)"); - db_query($this->link, "DELETE FROM ttrss_filters2 WHERE id IN ($ids_str)"); - db_query($this->link, "UPDATE ttrss_filters2 SET match_any_rule = true WHERE id = '$base_id'"); + $this->dbh->query("DELETE FROM ttrss_filters2 WHERE id IN ($ids_str)"); + $this->dbh->query("UPDATE ttrss_filters2 SET match_any_rule = true WHERE id = '$base_id'"); - db_query($this->link, "COMMIT"); + $this->dbh->query("COMMIT"); $this->optimizeFilter($base_id); @@ -937,14 +1007,14 @@ class Pref_Filters extends Handler_Protected { } private function optimizeFilter($id) { - db_query($this->link, "BEGIN"); - $result = db_query($this->link, "SELECT * FROM ttrss_filters2_actions + $this->dbh->query("BEGIN"); + $result = $this->dbh->query("SELECT * FROM ttrss_filters2_actions WHERE filter_id = '$id'"); $tmp = array(); $dupe_ids = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $id = $line["id"]; unset($line["id"]); @@ -957,17 +1027,17 @@ class Pref_Filters extends Handler_Protected { if (count($dupe_ids) > 0) { $ids_str = join(",", $dupe_ids); - db_query($this->link, "DELETE FROM ttrss_filters2_actions + $this->dbh->query("DELETE FROM ttrss_filters2_actions WHERE id IN ($ids_str)"); } - $result = db_query($this->link, "SELECT * FROM ttrss_filters2_rules + $result = $this->dbh->query("SELECT * FROM ttrss_filters2_rules WHERE filter_id = '$id'"); $tmp = array(); $dupe_ids = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $id = $line["id"]; unset($line["id"]); @@ -980,11 +1050,11 @@ class Pref_Filters extends Handler_Protected { if (count($dupe_ids) > 0) { $ids_str = join(",", $dupe_ids); - db_query($this->link, "DELETE FROM ttrss_filters2_rules + $this->dbh->query("DELETE FROM ttrss_filters2_rules WHERE id IN ($ids_str)"); } - db_query($this->link, "COMMIT"); + $this->dbh->query("COMMIT"); } } ?> diff --git a/classes/pref/labels.php b/classes/pref/labels.php index e63a0cfc2..2ad152c2d 100644 --- a/classes/pref/labels.php +++ b/classes/pref/labels.php @@ -8,12 +8,12 @@ class Pref_Labels extends Handler_Protected { } function edit() { - $label_id = db_escape_string($_REQUEST['id']); + $label_id = $this->dbh->escape_string($_REQUEST['id']); - $result = db_query($this->link, "SELECT * FROM ttrss_labels2 WHERE + $result = $this->dbh->query("SELECT * FROM ttrss_labels2 WHERE id = '$label_id' AND owner_uid = " . $_SESSION["uid"]); - $line = db_fetch_assoc($result); + $line = $this->dbh->fetch_assoc($result); print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"id\" value=\"$label_id\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-labels\">"; @@ -90,12 +90,12 @@ class Pref_Labels extends Handler_Protected { $root['name'] = __('Labels'); $root['items'] = array(); - $result = db_query($this->link, "SELECT * + $result = $this->dbh->query("SELECT * FROM ttrss_labels2 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY caption"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $label = array(); $label['id'] = 'LABEL:' . $line['id']; $label['bare_id'] = $line['id']; @@ -118,29 +118,29 @@ class Pref_Labels extends Handler_Protected { } function colorset() { - $kind = db_escape_string($_REQUEST["kind"]); - $ids = split(',', db_escape_string($_REQUEST["ids"])); - $color = db_escape_string($_REQUEST["color"]); - $fg = db_escape_string($_REQUEST["fg"]); - $bg = db_escape_string($_REQUEST["bg"]); + $kind = $this->dbh->escape_string($_REQUEST["kind"]); + $ids = explode(',', $this->dbh->escape_string($_REQUEST["ids"])); + $color = $this->dbh->escape_string($_REQUEST["color"]); + $fg = $this->dbh->escape_string($_REQUEST["fg"]); + $bg = $this->dbh->escape_string($_REQUEST["bg"]); foreach ($ids as $id) { if ($kind == "fg" || $kind == "bg") { - db_query($this->link, "UPDATE ttrss_labels2 SET + $this->dbh->query("UPDATE ttrss_labels2 SET ${kind}_color = '$color' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } else { - db_query($this->link, "UPDATE ttrss_labels2 SET + $this->dbh->query("UPDATE ttrss_labels2 SET fg_color = '$fg', bg_color = '$bg' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } - $caption = db_escape_string(label_find_caption($this->link, $id, $_SESSION["uid"])); + $caption = $this->dbh->escape_string(label_find_caption($id, $_SESSION["uid"])); /* Remove cached data */ - db_query($this->link, "UPDATE ttrss_user_entries SET label_cache = '' + $this->dbh->query("UPDATE ttrss_user_entries SET label_cache = '' WHERE label_cache LIKE '%$caption%' AND owner_uid = " . $_SESSION["uid"]); } @@ -149,18 +149,18 @@ class Pref_Labels extends Handler_Protected { } function colorreset() { - $ids = split(',', db_escape_string($_REQUEST["ids"])); + $ids = explode(',', $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - db_query($this->link, "UPDATE ttrss_labels2 SET + $this->dbh->query("UPDATE ttrss_labels2 SET fg_color = '', bg_color = '' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); - $caption = db_escape_string(label_find_caption($this->link, $id, $_SESSION["uid"])); + $caption = $this->dbh->escape_string(label_find_caption($id, $_SESSION["uid"])); /* Remove cached data */ - db_query($this->link, "UPDATE ttrss_user_entries SET label_cache = '' + $this->dbh->query("UPDATE ttrss_user_entries SET label_cache = '' WHERE label_cache LIKE '%$caption%' AND owner_uid = " . $_SESSION["uid"]); } @@ -168,31 +168,31 @@ class Pref_Labels extends Handler_Protected { function save() { - $id = db_escape_string($_REQUEST["id"]); - $caption = db_escape_string(trim($_REQUEST["caption"])); + $id = $this->dbh->escape_string($_REQUEST["id"]); + $caption = $this->dbh->escape_string(trim($_REQUEST["caption"])); - db_query($this->link, "BEGIN"); + $this->dbh->query("BEGIN"); - $result = db_query($this->link, "SELECT caption FROM ttrss_labels2 + $result = $this->dbh->query("SELECT caption FROM ttrss_labels2 WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); - if (db_num_rows($result) != 0) { - $old_caption = db_fetch_result($result, 0, "caption"); + if ($this->dbh->num_rows($result) != 0) { + $old_caption = $this->dbh->fetch_result($result, 0, "caption"); - $result = db_query($this->link, "SELECT id FROM ttrss_labels2 + $result = $this->dbh->query("SELECT id FROM ttrss_labels2 WHERE caption = '$caption' AND owner_uid = ". $_SESSION["uid"]); - if (db_num_rows($result) == 0) { + if ($this->dbh->num_rows($result) == 0) { if ($caption) { - $result = db_query($this->link, "UPDATE ttrss_labels2 SET + $result = $this->dbh->query("UPDATE ttrss_labels2 SET caption = '$caption' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); /* Update filters that reference label being renamed */ - $old_caption = db_escape_string($old_caption); + $old_caption = $this->dbh->escape_string($old_caption); - db_query($this->link, "UPDATE ttrss_filters2_actions SET + $this->dbh->query("UPDATE ttrss_filters2_actions SET action_param = '$caption' WHERE action_param = '$old_caption' AND action_id = 7 AND filter_id IN (SELECT id FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"].")"); @@ -206,28 +206,28 @@ class Pref_Labels extends Handler_Protected { } } - db_query($this->link, "COMMIT"); + $this->dbh->query("COMMIT"); return; } function remove() { - $ids = split(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - label_remove($this->link, $id, $_SESSION["uid"]); + label_remove($id, $_SESSION["uid"]); } } function add() { - $caption = db_escape_string($_REQUEST["caption"]); - $output = db_escape_string($_REQUEST["output"]); + $caption = $this->dbh->escape_string($_REQUEST["caption"]); + $output = $this->dbh->escape_string($_REQUEST["output"]); if ($caption) { - if (label_create($this->link, $caption)) { + if (label_create($caption)) { if (!$output) { print T_sprintf("Created label <b>%s</b>", htmlspecialchars($caption)); } @@ -238,7 +238,7 @@ class Pref_Labels extends Handler_Protected { print "<rpc-reply><payload>"; - print_label_select($this->link, "select_label", + print_label_select("select_label", $caption, ""); print "</payload></rpc-reply>"; @@ -250,13 +250,13 @@ class Pref_Labels extends Handler_Protected { function index() { - $sort = db_escape_string($_REQUEST["sort"]); + $sort = $this->dbh->escape_string($_REQUEST["sort"]); if (!$sort || $sort == "undefined") { $sort = "caption"; } - $label_search = db_escape_string($_REQUEST["search"]); + $label_search = $this->dbh->escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_label_search"] = $label_search; @@ -319,8 +319,7 @@ class Pref_Labels extends Handler_Protected { print "</div>"; #pane - global $pluginhost; - $pluginhost->run_hooks($pluginhost::HOOK_PREFS_TAB, + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB, "hook_prefs_tab", "prefLabels"); print "</div>"; #container diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index 810b1e164..425d4b0ac 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -1,12 +1,64 @@ <?php + class Pref_Prefs extends Handler_Protected { + private $pref_help = array(); + private $pref_sections = array(); + function csrf_ignore($method) { - $csrf_ignored = array("index", "updateself"); + $csrf_ignored = array("index", "updateself", "customizecss", "editprefprofiles"); return array_search($method, $csrf_ignored) !== false; } + function __construct($args) { + parent::__construct($args); + + $this->pref_sections = array( + 1 => __('General'), + 2 => __('Interface'), + 3 => __('Advanced'), + 4 => __('Digest') + ); + + $this->pref_help = array( + "ALLOW_DUPLICATE_POSTS" => array(__("Allow duplicate articles"), ""), + "AUTO_ASSIGN_LABELS" => array(__("Assign articles to labels automatically"), ""), + "BLACKLISTED_TAGS" => array(__("Blacklisted tags"), __("When auto-detecting tags in articles these tags will not be applied (comma-separated list).")), + "CDM_AUTO_CATCHUP" => array(__("Automatically mark articles as read"), __("This option enables marking articles as read automatically while you scroll article list.")), + "CDM_EXPANDED" => array(__("Automatically expand articles in combined mode"), ""), + "COMBINED_DISPLAY_MODE" => array(__("Combined feed display"), __("Display expanded list of feed articles, instead of separate displays for headlines and article content")), + "CONFIRM_FEED_CATCHUP" => array(__("Confirm marking feed as read"), ""), + "DEFAULT_ARTICLE_LIMIT" => array(__("Amount of articles to display at once"), ""), + "DEFAULT_UPDATE_INTERVAL" => array(__("Default feed update interval"), __("Shortest interval at which a feed will be checked for updates regardless of update method")), + "DIGEST_CATCHUP" => array(__("Mark articles in e-mail digest as read"), ""), + "DIGEST_ENABLE" => array(__("Enable e-mail digest"), __("This option enables sending daily digest of new (and unread) headlines on your configured e-mail address")), + "DIGEST_PREFERRED_TIME" => array(__("Try to send digests around specified time"), __("Uses UTC timezone")), + "ENABLE_API_ACCESS" => array(__("Enable API access"), __("Allows external clients to access this account through the API")), + "ENABLE_FEED_CATS" => array(__("Enable feed categories"), ""), + "FEEDS_SORT_BY_UNREAD" => array(__("Sort feeds by unread articles count"), ""), + "FRESH_ARTICLE_MAX_AGE" => array(__("Maximum age of fresh articles (in hours)"), ""), + "HIDE_READ_FEEDS" => array(__("Hide feeds with no unread articles"), ""), + "HIDE_READ_SHOWS_SPECIAL" => array(__("Show special feeds when hiding read feeds"), ""), + "LONG_DATE_FORMAT" => array(__("Long date format"), ""), + "ON_CATCHUP_SHOW_NEXT_FEED" => array(__("On catchup show next feed"), __("Automatically open next feed with unread articles after marking one as read")), + "PURGE_OLD_DAYS" => array(__("Purge articles after this number of days (0 - disables)"), ""), + "PURGE_UNREAD_ARTICLES" => array(__("Purge unread articles"), ""), + "REVERSE_HEADLINES" => array(__("Reverse headline order (oldest first)"), ""), + "SHORT_DATE_FORMAT" => array(__("Short date format"), ""), + "SHOW_CONTENT_PREVIEW" => array(__("Show content preview in headlines list"), ""), + "SORT_HEADLINES_BY_FEED_DATE" => array(__("Sort headlines by feed date"), __("Use feed-specified date to sort headlines instead of local import date.")), + "SSL_CERT_SERIAL" => array(__("Login with an SSL certificate"), __("Click to register your SSL client certificate with tt-rss")), + "STRIP_IMAGES" => array(__("Do not embed images in articles"), ""), + "STRIP_UNSAFE_TAGS" => array(__("Strip unsafe tags from articles"), __("Strip all but most common HTML tags when reading articles.")), + "USER_STYLESHEET" => array(__("Customize stylesheet"), __("Customize CSS stylesheet to your liking")), + "USER_TIMEZONE" => array(__("Time zone"), ""), + "VFEED_GROUP_BY_FEED" => array(__("Group headlines in virtual feeds"), __("Special feeds, labels, and categories are grouped by originating feeds")), + "USER_LANGUAGE" => array(__("Language")), + "USER_CSS_THEME" => array(__("Theme"), __("Select one of the available CSS themes")) + ); + } + function changepassword() { $old_pw = $_POST["old_password"]; @@ -28,8 +80,7 @@ class Pref_Prefs extends Handler_Protected { return; } - global $pluginhost; - $authenticator = $pluginhost->get_plugin($_SESSION["auth_module"]); + $authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]); if (method_exists($authenticator, "change_password")) { print $authenticator->change_password($_SESSION["uid"], $old_pw, $new_pw); @@ -39,39 +90,53 @@ class Pref_Prefs extends Handler_Protected { } function saveconfig() { + $boolean_prefs = explode(",", $_POST["boolean_prefs"]); - $_SESSION["prefs_cache"] = false; + foreach ($boolean_prefs as $pref) { + if (!isset($_POST[$pref])) $_POST[$pref] = 'false'; + } + + $need_reload = false; foreach (array_keys($_POST) as $pref_name) { - $pref_name = db_escape_string($pref_name); - $value = db_escape_string($_POST[$pref_name]); + $pref_name = $this->dbh->escape_string($pref_name); + $value = $this->dbh->escape_string($_POST[$pref_name]); if ($pref_name == 'DIGEST_PREFERRED_TIME') { - if (get_pref($this->link, 'DIGEST_PREFERRED_TIME') != $value) { + if (get_pref('DIGEST_PREFERRED_TIME') != $value) { - db_query($this->link, "UPDATE ttrss_users SET + $this->dbh->query("UPDATE ttrss_users SET last_digest_sent = NULL WHERE id = " . $_SESSION['uid']); } } - set_pref($this->link, $pref_name, $value); + if ($pref_name == "USER_LANGUAGE") { + if ($_SESSION["language"] != $value) { + $need_reload = true; + } + } + set_pref($pref_name, $value); } - print __("The configuration was saved."); + if ($need_reload) { + print "PREFS_NEED_RELOAD"; + } else { + print __("The configuration was saved."); + } } function getHelp() { - $pref_name = db_escape_string($_REQUEST["pn"]); + $pref_name = $this->dbh->escape_string($_REQUEST["pn"]); - $result = db_query($this->link, "SELECT help_text FROM ttrss_prefs + $result = $this->dbh->query("SELECT help_text FROM ttrss_prefs WHERE pref_name = '$pref_name'"); - if (db_num_rows($result) > 0) { - $help_text = db_fetch_result($result, 0, "help_text"); + if ($this->dbh->num_rows($result) > 0) { + $help_text = $this->dbh->fetch_result($result, 0, "help_text"); print $help_text; } else { printf(__("Unknown option: %s"), $pref_name); @@ -80,12 +145,12 @@ class Pref_Prefs extends Handler_Protected { function changeemail() { - $email = db_escape_string($_POST["email"]); - $full_name = db_escape_string($_POST["full_name"]); + $email = $this->dbh->escape_string($_POST["email"]); + $full_name = $this->dbh->escape_string($_POST["full_name"]); $active_uid = $_SESSION["uid"]; - db_query($this->link, "UPDATE ttrss_users SET email = '$email', + $this->dbh->query("UPDATE ttrss_users SET email = '$email', full_name = '$full_name' WHERE id = '$active_uid'"); print __("Your personal data has been saved."); @@ -103,20 +168,22 @@ class Pref_Prefs extends Handler_Protected { $profile_qpart = "profile IS NULL"; } - db_query($this->link, "DELETE FROM ttrss_user_prefs + $this->dbh->query("DELETE FROM ttrss_user_prefs WHERE $profile_qpart AND owner_uid = ".$_SESSION["uid"]); - initialize_user_prefs($this->link, $_SESSION["uid"], $_SESSION["profile"]); + initialize_user_prefs($_SESSION["uid"], $_SESSION["profile"]); - print "PREFS_THEME_CHANGED"; + echo __("Your preferences are now set to default values."); } function index() { global $access_level_names; - $prefs_blacklist = array("HIDE_READ_FEEDS", "FEEDS_SORT_BY_UNREAD", - "STRIP_UNSAFE_TAGS"); + $prefs_blacklist = array("STRIP_UNSAFE_TAGS", "REVERSE_HEADLINES", + "SORT_HEADLINES_BY_FEED_DATE", "DEFAULT_ARTICLE_LIMIT"); + + /* "FEEDS_SORT_BY_UNREAD", "HIDE_READ_FEEDS", "REVERSE_HEADLINES" */ $profile_blacklist = array("ALLOW_DUPLICATE_POSTS", "PURGE_OLD_DAYS", "PURGE_UNREAD_ARTICLES", "DIGEST_ENABLE", "DIGEST_CATCHUP", @@ -150,13 +217,13 @@ class Pref_Prefs extends Handler_Protected { print "<h2>" . __("Personal data") . "</h2>"; - $result = db_query($this->link, "SELECT email,full_name,otp_enabled, + $result = $this->dbh->query("SELECT email,full_name,otp_enabled, access_level FROM ttrss_users WHERE id = ".$_SESSION["uid"]); - $email = htmlspecialchars(db_fetch_result($result, 0, "email")); - $full_name = htmlspecialchars(db_fetch_result($result, 0, "full_name")); - $otp_enabled = sql_bool_to_bool(db_fetch_result($result, 0, "otp_enabled")); + $email = htmlspecialchars($this->dbh->fetch_result($result, 0, "email")); + $full_name = htmlspecialchars($this->dbh->fetch_result($result, 0, "full_name")); + $otp_enabled = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "otp_enabled")); print "<tr><td width=\"40%\">".__('Full name')."</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"full_name\" required=\"1\" @@ -167,7 +234,7 @@ class Pref_Prefs extends Handler_Protected { if (!SINGLE_USER_MODE && !$_SESSION["hide_hello"]) { - $access_level = db_fetch_result($result, 0, "access_level"); + $access_level = $this->dbh->fetch_result($result, 0, "access_level"); print "<tr><td width=\"40%\">".__('Access level')."</td>"; print "<td>" . $access_level_names[$access_level] . "</td></tr>"; } @@ -183,10 +250,7 @@ class Pref_Prefs extends Handler_Protected { print "</form>"; if ($_SESSION["auth_module"]) { - global $pluginhost; - - $authenticator = $pluginhost->get_plugin($_SESSION["auth_module"]); - + $authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]); } else { $authenticator = false; } @@ -195,11 +259,11 @@ class Pref_Prefs extends Handler_Protected { print "<h2>" . __("Password") . "</h2>"; - $result = db_query($this->link, "SELECT id FROM ttrss_users + $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE id = ".$_SESSION["uid"]." AND pwd_hash = 'SHA1:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8'"); - if (db_num_rows($result) != 0) { + if ($this->dbh->num_rows($result) != 0) { print format_warning(__("Your password is at default value, please change it."), "default_pass_warning"); } @@ -227,7 +291,7 @@ class Pref_Prefs extends Handler_Protected { </script>"; if ($otp_enabled) { - print_notice("Changing your current password will disable OTP."); + print_notice(__("Changing your current password will disable OTP.")); } print "<table width=\"100%\" class=\"prefPrefsList\">"; @@ -260,7 +324,7 @@ class Pref_Prefs extends Handler_Protected { if ($otp_enabled) { - print_notice("One time passwords are currently enabled. Enter your current password below to disable."); + print_notice(__("One time passwords are currently enabled. Enter your current password below to disable.")); print "<form dojoType=\"dijit.form.Form\">"; @@ -300,9 +364,9 @@ class Pref_Prefs extends Handler_Protected { print "</form>"; - } else { + } else if (function_exists("imagecreatefromstring")) { - print "<p>".__("You will need a compatible Authenticator to use this. Changing your password would automatically disable OTP.") . "</p>"; + print_warning(__("You will need a compatible Authenticator to use this. Changing your password would automatically disable OTP.")); print "<p>".__("Scan the following code by the Authenticator application:")."</p>"; @@ -324,8 +388,8 @@ class Pref_Prefs extends Handler_Protected { parameters: dojo.objectToQuery(this.getValues()), onComplete: function(transport) { notify(''); - if (transport.responseText.indexOf('ERROR: ') == 0) { - notify_error(transport.responseText.replace('ERROR: ', '')); + if (transport.responseText.indexOf('ERROR:') == 0) { + notify_error(transport.responseText.replace('ERROR:', '')); } else { window.location.reload(); } @@ -341,11 +405,13 @@ class Pref_Prefs extends Handler_Protected { print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" type=\"password\" required=\"1\" name=\"password\"></td></tr>"; - print "<tr><td colspan=\"2\">"; + print "<tr><td width=\"40%\">".__("Enter the generated one time password")."</td>"; - print "<input dojoType=\"dijit.form.CheckBox\" required=\"1\" - type=\"checkbox\" id=\"enable_otp\" name=\"enable_otp\"/> "; - print "<label for=\"enable_otp\">".__("I have scanned the code and would like to enable OTP")."</label>"; + print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" autocomplete=\"off\" + required=\"1\" + name=\"otp\"></td></tr>"; + + print "<tr><td colspan=\"2\">"; print "</td></tr><tr><td colspan=\"2\">"; @@ -357,13 +423,16 @@ class Pref_Prefs extends Handler_Protected { print "</form>"; + } else { + + print_notice(__("PHP GD functions are required for OTP support.")); + } } } - global $pluginhost; - $pluginhost->run_hooks($pluginhost::HOOK_PREFS_TAB_SECTION, + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB_SECTION, "hook_prefs_tab_section", "prefPrefsAuth"); print "</div>"; #pane @@ -372,8 +441,8 @@ class Pref_Prefs extends Handler_Protected { print "<form dojoType=\"dijit.form.Form\" id=\"changeSettingsForm\">"; - print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\"> - evt.preventDefault(); + print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt, quit\"> + if (evt) evt.preventDefault(); if (this.validate()) { console.log(dojo.objectToQuery(this.getValues())); @@ -381,10 +450,14 @@ class Pref_Prefs extends Handler_Protected { parameters: dojo.objectToQuery(this.getValues()), onComplete: function(transport) { var msg = transport.responseText; - if (msg.match('PREFS_THEME_CHANGED')) { - window.location.reload(); + if (quit) { + gotoMain(); } else { - notify_info(msg); + if (msg == 'PREFS_NEED_RELOAD') { + window.location.reload(); + } else { + notify_info(msg); + } } } }); } @@ -395,52 +468,65 @@ class Pref_Prefs extends Handler_Protected { print '<div dojoType="dijit.layout.ContentPane" region="center" style="overflow-y : auto">'; if ($_SESSION["profile"]) { - print_notice("Some preferences are only available in default profile."); + print_notice(__("Some preferences are only available in default profile.")); } if ($_SESSION["profile"]) { - initialize_user_prefs($this->link, $_SESSION["uid"], $_SESSION["profile"]); + initialize_user_prefs($_SESSION["uid"], $_SESSION["profile"]); $profile_qpart = "profile = '" . $_SESSION["profile"] . "'"; } else { - initialize_user_prefs($this->link, $_SESSION["uid"]); + initialize_user_prefs($_SESSION["uid"]); $profile_qpart = "profile IS NULL"; } - if ($_SESSION["prefs_show_advanced"]) + /* if ($_SESSION["prefs_show_advanced"]) $access_query = "true"; else - $access_query = "(access_level = 0 AND section_id != 3)"; + $access_query = "(access_level = 0 AND section_id != 3)"; */ + + $access_query = 'true'; - $result = db_query($this->link, "SELECT DISTINCT - ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name, + $result = $this->dbh->query("SELECT DISTINCT + ttrss_user_prefs.pref_name,value,type_name, ttrss_prefs_sections.order_id, - section_name,def_value,section_id + def_value,section_id FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs WHERE type_id = ttrss_prefs_types.id AND $profile_qpart AND section_id = ttrss_prefs_sections.id AND ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND $access_query AND - short_desc != '' AND owner_uid = ".$_SESSION["uid"]." - ORDER BY ttrss_prefs_sections.order_id,short_desc"); + ORDER BY ttrss_prefs_sections.order_id,pref_name"); $lnum = 0; $active_section = ""; - while ($line = db_fetch_assoc($result)) { + $listed_boolean_prefs = array(); + + while ($line = $this->dbh->fetch_assoc($result)) { if (in_array($line["pref_name"], $prefs_blacklist)) { continue; } + $type_name = $line["type_name"]; + $pref_name = $line["pref_name"]; + $section_name = $this->getSectionName($line["section_id"]); + $value = $line["value"]; + + $short_desc = $this->getShortDesc($pref_name); + $help_text = $this->getHelpText($pref_name); + + if (!$short_desc) continue; + if ($_SESSION["profile"] && in_array($line["pref_name"], $profile_blacklist)) { continue; } - if ($active_section != $line["section_name"]) { + if ($active_section != $line["section_id"]) { if ($active_section != "") { print "</table>"; @@ -448,22 +534,19 @@ class Pref_Prefs extends Handler_Protected { print "<table width=\"100%\" class=\"prefPrefsList\">"; - $active_section = $line["section_name"]; + $active_section = $line["section_id"]; - print "<tr><td colspan=\"3\"><h3>".__($active_section)."</h3></td></tr>"; + print "<tr><td colspan=\"3\"><h3>".$section_name."</h3></td></tr>"; $lnum = 0; } print "<tr>"; - $type_name = $line["type_name"]; - $pref_name = $line["pref_name"]; - $value = $line["value"]; - $def_value = $line["def_value"]; - $help_text = $line["help_text"]; - - print "<td width=\"40%\" class=\"prefName\" id=\"$pref_name\">" . __($line["short_desc"]); + print "<td width=\"40%\" class=\"prefName\" id=\"$pref_name\">"; + print "<label for='CB_$pref_name'>"; + print $short_desc; + print "</label>"; if ($help_text) print "<div class=\"prefHelp\">".__($help_text)."</div>"; @@ -471,7 +554,11 @@ class Pref_Prefs extends Handler_Protected { print "<td class=\"prefValue\">"; - if ($pref_name == "USER_TIMEZONE") { + if ($pref_name == "USER_LANGUAGE") { + print_select_hash($pref_name, $value, get_translations(), + "style='width : 220px; margin : 0px' dojoType='dijit.form.Select'"); + + } else if ($pref_name == "USER_TIMEZONE") { $timezones = explode("\n", file_get_contents("lib/timezones.txt")); @@ -481,13 +568,14 @@ class Pref_Prefs extends Handler_Protected { print "<button dojoType=\"dijit.form.Button\" onclick=\"customizeCSS()\">" . __('Customize') . "</button>"; - } else if ($pref_name == "DEFAULT_ARTICLE_LIMIT") { + } else if ($pref_name == "USER_CSS_THEME") { - $limits = array(15, 30, 45, 60); + $themes = array_map("basename", glob("themes/*.css")); - print_select($pref_name, $value, $limits, + print_select($pref_name, $value, $themes, 'dojoType="dijit.form.Select"'); + } else if ($pref_name == "DEFAULT_UPDATE_INTERVAL") { global $update_intervals_nodefault; @@ -497,23 +585,21 @@ class Pref_Prefs extends Handler_Protected { } else if ($type_name == "bool") { - if ($value == "true") { - $value = __("Yes"); - } else { - $value = __("No"); - } + array_push($listed_boolean_prefs, $pref_name); + + $checked = ($value == "true") ? "checked=\"checked\"" : ""; if ($pref_name == "PURGE_UNREAD_ARTICLES" && FORCE_ARTICLE_PURGE != 0) { $disabled = "disabled=\"1\""; - $value = __("Yes"); + $checked = "checked=\"checked\""; } else { $disabled = ""; } - print_radio($pref_name, $value, __("Yes"), array(__("Yes"), __("No")), - $disabled); + print "<input type='checkbox' name='$pref_name' $checked $disabled + dojoType='dijit.form.CheckBox' id='CB_$pref_name' value='1'>"; - } else if (array_search($pref_name, array('FRESH_ARTICLE_MAX_AGE', 'DEFAULT_ARTICLE_LIMIT', + } else if (array_search($pref_name, array('FRESH_ARTICLE_MAX_AGE', 'PURGE_OLD_DAYS', 'LONG_DATE_FORMAT', 'SHORT_DATE_FORMAT')) !== false) { $regexp = ($type_name == 'integer') ? 'regexp="^\d*$"' : ''; @@ -568,8 +654,11 @@ class Pref_Prefs extends Handler_Protected { print "</table>"; - global $pluginhost; - $pluginhost->run_hooks($pluginhost::HOOK_PREFS_TAB_SECTION, + $listed_boolean_prefs = htmlspecialchars(join(",", $listed_boolean_prefs)); + + print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"boolean_prefs\" value=\"$listed_boolean_prefs\">"; + + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB_SECTION, "hook_prefs_tab_section", "prefPrefsPrefsInside"); print '</div>'; # inside pane @@ -578,8 +667,14 @@ class Pref_Prefs extends Handler_Protected { print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"saveconfig\">"; - print "<button dojoType=\"dijit.form.Button\" type=\"submit\">". - __('Save configuration')."</button> "; + print "<div dojoType=\"dijit.form.ComboButton\" type=\"submit\"> + <span>".__('Save configuration')."</span> + <div dojoType=\"dijit.DropDownMenu\"> + <div dojoType=\"dijit.MenuItem\" + onclick=\"dijit.byId('changeSettingsForm').onSubmit(null, true)\">". + __("Save and exit preferences")."</div> + </div> + </div>"; print "<button dojoType=\"dijit.form.Button\" onclick=\"return editProfiles()\">". __('Manage profiles')."</button> "; @@ -589,7 +684,7 @@ class Pref_Prefs extends Handler_Protected { print " "; - $checked = $_SESSION["prefs_show_advanced"] ? "checked='1'" : ""; + /* $checked = $_SESSION["prefs_show_advanced"] ? "checked='1'" : ""; print "<input onclick='toggleAdvancedPrefs()' id='prefs_show_advanced' @@ -597,10 +692,9 @@ class Pref_Prefs extends Handler_Protected { $checked type=\"checkbox\"></input> <label for='prefs_show_advanced'>" . - __("Show additional preferences") . "</label>"; + __("Show additional preferences") . "</label>"; */ - global $pluginhost; - $pluginhost->run_hooks($pluginhost::HOOK_PREFS_TAB_SECTION, + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB_SECTION, "hook_prefs_tab_section", "prefPrefsPrefsOutside"); print "</form>"; @@ -611,9 +705,9 @@ class Pref_Prefs extends Handler_Protected { print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Plugins')."\">"; - print "<h2>".__("Plugins")."</h2>"; + print "<p>" . __("You will need to reload Tiny Tiny RSS for plugin changes to take effect.") . "</p>"; - print_notice("You will need to reload Tiny Tiny RSS for plugin changes to take effect."); + print_notice(__("Download more plugins at tt-rss.org <a class=\"visibleLink\" target=\"_blank\" href=\"http://tt-rss.org/forum/viewforum.php?f=22\">forums</a> or <a target=\"_blank\" class=\"visibleLink\" href=\"http://tt-rss.org/wiki/Plugins\">wiki</a>.")); print "<form dojoType=\"dijit.form.Form\" id=\"changePluginsForm\">"; @@ -649,9 +743,9 @@ class Pref_Prefs extends Handler_Protected { <td width='10%'>".__('Author')."</td></tr>"; $system_enabled = array_map("trim", explode(",", PLUGINS)); - $user_enabled = array_map("trim", explode(",", get_pref($this->link, "_ENABLED_PLUGINS"))); + $user_enabled = array_map("trim", explode(",", get_pref("_ENABLED_PLUGINS"))); - $tmppluginhost = new PluginHost($this->link); + $tmppluginhost = new PluginHost(); $tmppluginhost->load_all($tmppluginhost::KIND_ALL, $_SESSION["uid"]); $tmppluginhost->load_data(true); @@ -672,7 +766,12 @@ class Pref_Prefs extends Handler_Protected { type=\"checkbox\"></td>"; print "<td>$name</td>"; - print "<td>" . htmlspecialchars($about[1]) . "</td>"; + print "<td>" . htmlspecialchars($about[1]); + if (@$about[4]) { + print " — <a target=\"_blank\" class=\"visibleLink\" + href=\"".htmlspecialchars($about[4])."\">".__("more info")."</a>"; + } + print "</td>"; print "<td>" . htmlspecialchars(sprintf("%.2f", $about[0])) . "</td>"; print "<td>" . htmlspecialchars($about[2]) . "</td>"; @@ -724,7 +823,13 @@ class Pref_Prefs extends Handler_Protected { type=\"checkbox\"></td>"; print "<td><label for='FPCHK-$name'>$name</label></td>"; - print "<td><label for='FPCHK-$name'>" . htmlspecialchars($about[1]) . "</label></td>"; + print "<td><label for='FPCHK-$name'>" . htmlspecialchars($about[1]) . "</label>"; + if (@$about[4]) { + print " — <a target=\"_blank\" class=\"visibleLink\" + href=\"".htmlspecialchars($about[4])."\">".__("more info")."</a>"; + } + print "</td>"; + print "<td>" . htmlspecialchars(sprintf("%.2f", $about[0])) . "</td>"; print "<td>" . htmlspecialchars($about[2]) . "</td>"; @@ -751,8 +856,7 @@ class Pref_Prefs extends Handler_Protected { print "</div>"; #pane - global $pluginhost; - $pluginhost->run_hooks($pluginhost::HOOK_PREFS_TAB, + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB, "hook_prefs_tab", "prefPrefs"); print "</div>"; #container @@ -768,52 +872,67 @@ class Pref_Prefs extends Handler_Protected { require_once "lib/otphp/lib/totp.php"; require_once "lib/phpqrcode/phpqrcode.php"; - $result = db_query($this->link, "SELECT login,salt,otp_enabled + $result = $this->dbh->query("SELECT login,salt,otp_enabled FROM ttrss_users WHERE id = ".$_SESSION["uid"]); $base32 = new Base32(); - $login = db_fetch_result($result, 0, "login"); - $otp_enabled = sql_bool_to_bool(db_fetch_result($result, 0, "otp_enabled")); + $login = $this->dbh->fetch_result($result, 0, "login"); + $otp_enabled = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "otp_enabled")); if (!$otp_enabled) { - $secret = $base32->encode(sha1(db_fetch_result($result, 0, "salt"))); + $secret = $base32->encode(sha1($this->dbh->fetch_result($result, 0, "salt"))); $topt = new \OTPHP\TOTP($secret); print QRcode::png($topt->provisioning_uri($login)); } } function otpenable() { - $password = db_escape_string($_REQUEST["password"]); - $enable_otp = $_REQUEST["enable_otp"] == "on"; + require_once "lib/otphp/vendor/base32.php"; + require_once "lib/otphp/lib/otp.php"; + require_once "lib/otphp/lib/totp.php"; + + $password = $_REQUEST["password"]; + $otp = $_REQUEST["otp"]; - global $pluginhost; - $authenticator = $pluginhost->get_plugin($_SESSION["auth_module"]); + $authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]); if ($authenticator->check_password($_SESSION["uid"], $password)) { - if ($enable_otp) { - db_query($this->link, "UPDATE ttrss_users SET otp_enabled = true WHERE + $result = $this->dbh->query("SELECT salt + FROM ttrss_users + WHERE id = ".$_SESSION["uid"]); + + $base32 = new Base32(); + + $secret = $base32->encode(sha1($this->dbh->fetch_result($result, 0, "salt"))); + $topt = new \OTPHP\TOTP($secret); + + $otp_check = $topt->now(); + + if ($otp == $otp_check) { + $this->dbh->query("UPDATE ttrss_users SET otp_enabled = true WHERE id = " . $_SESSION["uid"]); print "OK"; + } else { + print "ERROR:".__("Incorrect one time password"); } } else { - print "ERROR: ".__("Incorrect password"); + print "ERROR:".__("Incorrect password"); } } function otpdisable() { - $password = db_escape_string($_REQUEST["password"]); + $password = $this->dbh->escape_string($_REQUEST["password"]); - global $pluginhost; - $authenticator = $pluginhost->get_plugin($_SESSION["auth_module"]); + $authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]); if ($authenticator->check_password($_SESSION["uid"], $password)) { - db_query($this->link, "UPDATE ttrss_users SET otp_enabled = false WHERE + $this->dbh->query("UPDATE ttrss_users SET otp_enabled = false WHERE id = " . $_SESSION["uid"]); print "OK"; @@ -829,14 +948,176 @@ class Pref_Prefs extends Handler_Protected { else $plugins = ""; - set_pref($this->link, "_ENABLED_PLUGINS", $plugins); + set_pref("_ENABLED_PLUGINS", $plugins); } function clearplugindata() { - $name = db_escape_string($_REQUEST["name"]); + $name = $this->dbh->escape_string($_REQUEST["name"]); + + PluginHost::getInstance()->clear_data(PluginHost::getInstance()->get_plugin($name)); + } + + function customizeCSS() { + $value = get_pref("USER_STYLESHEET"); + + $value = str_replace("<br/>", "\n", $value); + + print_notice(T_sprintf("You can override colors, fonts and layout of your currently selected theme with custom CSS declarations here. <a target=\"_blank\" class=\"visibleLink\" href=\"%s\">This file</a> can be used as a baseline.", "tt-rss.css")); + + print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"rpc\">"; + print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"setpref\">"; + print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"key\" value=\"USER_STYLESHEET\">"; + + print "<table width='100%'><tr><td>"; + print "<textarea dojoType=\"dijit.form.SimpleTextarea\" + style='font-size : 12px; width : 100%; height: 200px;' + placeHolder='body#ttrssMain { font-size : 14px; };' + name='value'>$value</textarea>"; + print "</td></tr></table>"; + + print "<div class='dlgButtons'>"; + print "<button dojoType=\"dijit.form.Button\" + onclick=\"dijit.byId('cssEditDlg').execute()\">".__('Save')."</button> "; + print "<button dojoType=\"dijit.form.Button\" + onclick=\"dijit.byId('cssEditDlg').hide()\">".__('Cancel')."</button>"; + print "</div>"; + + } + + function editPrefProfiles() { + print "<div dojoType=\"dijit.Toolbar\">"; + + print "<div dojoType=\"dijit.form.DropDownButton\">". + "<span>" . __('Select')."</span>"; + print "<div dojoType=\"dijit.Menu\" style=\"display: none;\">"; + print "<div onclick=\"selectTableRows('prefFeedProfileList', 'all')\" + dojoType=\"dijit.MenuItem\">".__('All')."</div>"; + print "<div onclick=\"selectTableRows('prefFeedProfileList', 'none')\" + dojoType=\"dijit.MenuItem\">".__('None')."</div>"; + print "</div></div>"; + + print "<div style=\"float : right\">"; + + print "<input name=\"newprofile\" dojoType=\"dijit.form.ValidationTextBox\" + required=\"1\"> + <button dojoType=\"dijit.form.Button\" + onclick=\"dijit.byId('profileEditDlg').addProfile()\">". + __('Create profile')."</button></div>"; + + print "</div>"; + + $result = $this->dbh->query("SELECT title,id FROM ttrss_settings_profiles + WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title"); + + print "<div class=\"prefProfileHolder\">"; + + print "<form id=\"profile_edit_form\" onsubmit=\"return false\">"; + + print "<table width=\"100%\" class=\"prefFeedProfileList\" + cellspacing=\"0\" id=\"prefFeedProfileList\">"; + + print "<tr class=\"placeholder\" id=\"FCATR-0\">"; #odd + + print "<td width='5%' align='center'><input + id='FCATC-0' + onclick='toggleSelectRow2(this);' + dojoType=\"dijit.form.CheckBox\" + type=\"checkbox\"></td>"; + + if (!$_SESSION["profile"]) { + $is_active = __("(active)"); + } else { + $is_active = ""; + } + + print "<td><span>" . + __("Default profile") . " $is_active</span></td>"; + + print "</tr>"; + + $lnum = 1; + + while ($line = $this->dbh->fetch_assoc($result)) { + + $profile_id = $line["id"]; + $this_row_id = "id=\"FCATR-$profile_id\""; + + print "<tr class=\"placeholder\" $this_row_id>"; + + $edit_title = htmlspecialchars($line["title"]); + + print "<td width='5%' align='center'><input + onclick='toggleSelectRow2(this);' + id='FCATC-$profile_id' + dojoType=\"dijit.form.CheckBox\" + type=\"checkbox\"></td>"; + + if ($_SESSION["profile"] == $line["id"]) { + $is_active = __("(active)"); + } else { + $is_active = ""; + } + + print "<td><span dojoType=\"dijit.InlineEditBox\" + width=\"300px\" autoSave=\"false\" + profile-id=\"$profile_id\">" . $edit_title . + "<script type=\"dojo/method\" event=\"onChange\" args=\"item\"> + var elem = this; + dojo.xhrPost({ + url: 'backend.php', + content: {op: 'rpc', method: 'saveprofile', + value: this.value, + id: this.srcNodeRef.getAttribute('profile-id')}, + load: function(response) { + elem.attr('value', response); + } + }); + </script> + </span> $is_active</td>"; + + print "</tr>"; + + ++$lnum; + } + + print "</table>"; + print "</form>"; + print "</div>"; + + print "<div class='dlgButtons'> + <div style='float : left'> + <button dojoType=\"dijit.form.Button\" onclick=\"dijit.byId('profileEditDlg').removeSelected()\">". + __('Remove selected profiles')."</button> + <button dojoType=\"dijit.form.Button\" onclick=\"dijit.byId('profileEditDlg').activateProfile()\">". + __('Activate profile')."</button> + </div>"; + + print "<button dojoType=\"dijit.form.Button\" onclick=\"dijit.byId('profileEditDlg').hide()\">". + __('Close this window')."</button>"; + print "</div>"; + + } + + private function getShortDesc($pref_name) { + if (isset($this->pref_help[$pref_name])) { + return $this->pref_help[$pref_name][0]; + } + return ""; + } + + private function getHelpText($pref_name) { + if (isset($this->pref_help[$pref_name])) { + return $this->pref_help[$pref_name][1]; + } + return ""; + } + + private function getSectionName($id) { + if (isset($this->pref_sections[$id])) { + return $this->pref_sections[$id]; + } - global $pluginhost; - $pluginhost->clear_data($pluginhost->get_plugin($name)); + return ""; } } ?> diff --git a/classes/pref/system.php b/classes/pref/system.php new file mode 100644 index 000000000..7accb1f91 --- /dev/null +++ b/classes/pref/system.php @@ -0,0 +1,90 @@ +<?php + +class Pref_System extends Handler_Protected { + + function before($method) { + if (parent::before($method)) { + if ($_SESSION["access_level"] < 10) { + print __("Your access level is insufficient to open this tab."); + return false; + } + return true; + } + return false; + } + + function csrf_ignore($method) { + $csrf_ignored = array("index"); + + return array_search($method, $csrf_ignored) !== false; + } + + function clearLog() { + $this->dbh->query("DELETE FROM ttrss_error_log"); + } + + function index() { + + print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">"; + print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Error Log')."\">"; + + if (LOG_DESTINATION == "sql") { + + $result = $this->dbh->query("SELECT errno, errstr, filename, lineno, + created_at, login FROM ttrss_error_log + LEFT JOIN ttrss_users ON (owner_uid = ttrss_users.id) + ORDER BY ttrss_error_log.id DESC + LIMIT 100"); + + print "<button dojoType=\"dijit.form.Button\" + onclick=\"updateSystemList()\">".__('Refresh')."</button> "; + + print " <button dojoType=\"dijit.form.Button\" + onclick=\"clearSqlLog()\">".__('Clear log')."</button> "; + + print "<p><table width=\"100%\" cellspacing=\"10\" class=\"prefErrorLog\">"; + + print "<tr class=\"title\"> + <td width='5%'>".__("Error")."</td> + <td>".__("Filename")."</td> + <td>".__("Message")."</td> + <td width='5%'>".__("User")."</td> + <td width='5%'>".__("Date")."</td> + </tr>"; + + while ($line = $this->dbh->fetch_assoc($result)) { + print "<tr class=\"errrow\">"; + + foreach ($line as $k => $v) { + $line[$k] = htmlspecialchars($v); + } + + print "<td class='errno'>" . Logger::$errornames[$line["errno"]] . " (" . $line["errno"] . ")</td>"; + print "<td class='filename'>" . $line["filename"] . ":" . $line["lineno"] . "</td>"; + print "<td class='errstr'>" . $line["errstr"] . "</td>"; + print "<td class='login'>" . $line["login"] . "</td>"; + + print "<td class='timestamp'>" . + make_local_datetime( + $line["created_at"], false) . "</td>"; + + print "</tr>"; + } + + print "</table>"; + } else { + + print_notice("Please set LOG_DESTINATION to 'sql' in config.php to enable database logging."); + + } + + print "</div>"; + + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB, + "hook_prefs_tab", "prefSystem"); + + print "</div>"; #container + } + +} +?> diff --git a/classes/pref/users.php b/classes/pref/users.php index 0d7ca3c6e..60059dc8d 100644 --- a/classes/pref/users.php +++ b/classes/pref/users.php @@ -19,16 +19,9 @@ class Pref_Users extends Handler_Protected { function userdetails() { - header("Content-Type: text/xml"); - print "<dlg>"; - $uid = sprintf("%d", $_REQUEST["id"]); - print "<title>".__('User details')."</title>"; - - print "<content><![CDATA["; - - $result = db_query($this->link, "SELECT login, + $result = $this->dbh->query("SELECT login, ".SUBSTRING_FOR_DATE."(last_login,1,16) AS last_login, access_level, (SELECT COUNT(int_id) FROM ttrss_user_entries @@ -37,33 +30,33 @@ class Pref_Users extends Handler_Protected { FROM ttrss_users WHERE id = '$uid'"); - if (db_num_rows($result) == 0) { + if ($this->dbh->num_rows($result) == 0) { print "<h1>".__('User not found')."</h1>"; return; } // print "<h1>User Details</h1>"; - $login = db_fetch_result($result, 0, "login"); + $login = $this->dbh->fetch_result($result, 0, "login"); print "<table width='100%'>"; - $last_login = make_local_datetime($this->link, - db_fetch_result($result, 0, "last_login"), true); + $last_login = make_local_datetime( + $this->dbh->fetch_result($result, 0, "last_login"), true); - $created = make_local_datetime($this->link, - db_fetch_result($result, 0, "created"), true); + $created = make_local_datetime( + $this->dbh->fetch_result($result, 0, "created"), true); - $access_level = db_fetch_result($result, 0, "access_level"); - $stored_articles = db_fetch_result($result, 0, "stored_articles"); + $access_level = $this->dbh->fetch_result($result, 0, "access_level"); + $stored_articles = $this->dbh->fetch_result($result, 0, "stored_articles"); print "<tr><td>".__('Registered')."</td><td>$created</td></tr>"; print "<tr><td>".__('Last logged in')."</td><td>$last_login</td></tr>"; - $result = db_query($this->link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds + $result = $this->dbh->query("SELECT COUNT(id) as num_feeds FROM ttrss_feeds WHERE owner_uid = '$uid'"); - $num_feeds = db_fetch_result($result, 0, "num_feeds"); + $num_feeds = $this->dbh->fetch_result($result, 0, "num_feeds"); print "<tr><td>".__('Subscribed feeds count')."</td><td>$num_feeds</td></tr>"; @@ -71,14 +64,12 @@ class Pref_Users extends Handler_Protected { print "<h1>".__('Subscribed feeds')."</h1>"; - $result = db_query($this->link, "SELECT id,title,site_url FROM ttrss_feeds + $result = $this->dbh->query("SELECT id,title,site_url FROM ttrss_feeds WHERE owner_uid = '$uid' ORDER BY title"); print "<ul class=\"userFeedList\">"; - $row_class = "odd"; - - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $icon_file = ICONS_URL."/".$line["id"].".ico"; @@ -88,13 +79,11 @@ class Pref_Users extends Handler_Protected { $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">"; } - print "<li class=\"$row_class\">$feed_icon <a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>"; - - $row_class = $row_class == "even" ? "odd" : "even"; + print "<li>$feed_icon <a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>"; } - if (db_num_rows($result) < $num_feeds) { + if ($this->dbh->num_rows($result) < $num_feeds) { // FIXME - add link to show ALL subscribed feeds here somewhere print "<li><img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\"> ...</li>"; @@ -106,33 +95,24 @@ class Pref_Users extends Handler_Protected { <button onclick=\"closeInfoBox()\">".__("Close this window"). "</button></div>"; - print "]]></content></dlg>"; - return; } function edit() { global $access_level_names; - header("Content-Type: text/xml"); - - $id = db_escape_string($_REQUEST["id"]); - - print "<dlg id=\"$method\">"; - print "<title>".__('User Editor')."</title>"; - print "<content><![CDATA["; - + $id = $this->dbh->escape_string($_REQUEST["id"]); print "<form id=\"user_edit_form\" onsubmit='return false'>"; print "<input type=\"hidden\" name=\"id\" value=\"$id\">"; print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">"; print "<input type=\"hidden\" name=\"method\" value=\"editSave\">"; - $result = db_query($this->link, "SELECT * FROM ttrss_users WHERE id = '$id'"); + $result = $this->dbh->query("SELECT * FROM ttrss_users WHERE id = '$id'"); - $login = db_fetch_result($result, 0, "login"); - $access_level = db_fetch_result($result, 0, "access_level"); - $email = db_fetch_result($result, 0, "email"); + $login = $this->dbh->fetch_result($result, 0, "login"); + $access_level = $this->dbh->fetch_result($result, 0, "access_level"); + $email = $this->dbh->fetch_result($result, 0, "email"); $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : ""; @@ -193,17 +173,15 @@ class Pref_Users extends Handler_Protected { <button onclick=\"return userEditCancel()\">". __('Cancel')."</button></div>"; - print "]]></content></dlg>"; - return; } function editSave() { - $login = db_escape_string(trim($_REQUEST["login"])); - $uid = db_escape_string($_REQUEST["id"]); + $login = $this->dbh->escape_string(trim($_REQUEST["login"])); + $uid = $this->dbh->escape_string($_REQUEST["id"]); $access_level = (int) $_REQUEST["access_level"]; - $email = db_escape_string(trim($_REQUEST["email"])); - $password = db_escape_string(trim($_REQUEST["password"])); + $email = $this->dbh->escape_string(trim($_REQUEST["email"])); + $password = $_REQUEST["password"]; if ($password) { $salt = substr(bin2hex(get_random_bytes(125)), 0, 250); @@ -213,52 +191,52 @@ class Pref_Users extends Handler_Protected { $pass_query_part = ""; } - db_query($this->link, "UPDATE ttrss_users SET $pass_query_part login = '$login', - access_level = '$access_level', email = '$email', otp_enabled = 'false' + $this->dbh->query("UPDATE ttrss_users SET $pass_query_part login = '$login', + access_level = '$access_level', email = '$email', otp_enabled = false WHERE id = '$uid'"); } function remove() { - $ids = split(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { if ($id != $_SESSION["uid"] && $id != 1) { - db_query($this->link, "DELETE FROM ttrss_tags WHERE owner_uid = '$id'"); - db_query($this->link, "DELETE FROM ttrss_feeds WHERE owner_uid = '$id'"); - db_query($this->link, "DELETE FROM ttrss_users WHERE id = '$id'"); + $this->dbh->query("DELETE FROM ttrss_tags WHERE owner_uid = '$id'"); + $this->dbh->query("DELETE FROM ttrss_feeds WHERE owner_uid = '$id'"); + $this->dbh->query("DELETE FROM ttrss_users WHERE id = '$id'"); } } } function add() { - $login = db_escape_string(trim($_REQUEST["login"])); + $login = $this->dbh->escape_string(trim($_REQUEST["login"])); $tmp_user_pwd = make_password(8); $salt = substr(bin2hex(get_random_bytes(125)), 0, 250); $pwd_hash = encrypt_password($tmp_user_pwd, $salt, true); - $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE login = '$login'"); - if (db_num_rows($result) == 0) { + if ($this->dbh->num_rows($result) == 0) { - db_query($this->link, "INSERT INTO ttrss_users + $this->dbh->query("INSERT INTO ttrss_users (login,pwd_hash,access_level,last_login,created, salt) VALUES ('$login', '$pwd_hash', 0, null, NOW(), '$salt')"); - $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE login = '$login' AND pwd_hash = '$pwd_hash'"); - if (db_num_rows($result) == 1) { + if ($this->dbh->num_rows($result) == 1) { - $new_uid = db_fetch_result($result, 0, "id"); + $new_uid = $this->dbh->fetch_result($result, 0, "id"); print format_notice(T_sprintf("Added user <b>%s</b> with password <b>%s</b>", $login, $tmp_user_pwd)); - initialize_user($this->link, $new_uid); + initialize_user($new_uid); } else { @@ -270,11 +248,9 @@ class Pref_Users extends Handler_Protected { } } - function resetPass() { - - $uid = db_escape_string($_REQUEST["id"]); + static function resetUserPassword($uid, $show_password) { - $result = db_query($this->link, "SELECT login,email + $result = db_query("SELECT login,email FROM ttrss_users WHERE id = '$uid'"); $login = db_fetch_result($result, 0, "login"); @@ -286,18 +262,18 @@ class Pref_Users extends Handler_Protected { $pwd_hash = encrypt_password($tmp_user_pwd, $new_salt, true); - db_query($this->link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash', salt = '$new_salt' + db_query("UPDATE ttrss_users SET pwd_hash = '$pwd_hash', salt = '$new_salt' WHERE id = '$uid'"); - print T_sprintf("Changed password of user <b>%s</b> - to <b>%s</b>", $login, $tmp_user_pwd); + if ($show_password) { + print T_sprintf("Changed password of user <b>%s</b> to <b>%s</b>", $login, $tmp_user_pwd); + } else { + print_notice(T_sprintf("Sending new password of user <b>%s</b> to <b>%s</b>", $login, $email)); + } - require_once 'lib/phpmailer/class.phpmailer.php'; + require_once 'classes/ttrssmailer.php'; if ($email) { - print " "; - print T_sprintf("Notifying <b>%s</b>.", $email); - require_once "lib/MiniTemplator.class.php"; $tpl = new MiniTemplator; @@ -313,35 +289,19 @@ class Pref_Users extends Handler_Protected { $tpl->generateOutputToString($message); - $mail = new PHPMailer(); - - $mail->PluginDir = "lib/phpmailer/"; - $mail->SetLanguage("en", "lib/phpmailer/language/"); - - $mail->CharSet = "UTF-8"; - - $mail->From = SMTP_FROM_ADDRESS; - $mail->FromName = SMTP_FROM_NAME; - $mail->AddAddress($email, $login); + $mail = new ttrssMailer(); - if (SMTP_HOST) { - $mail->Host = SMTP_HOST; - $mail->Mailer = "smtp"; - $mail->SMTPAuth = SMTP_LOGIN != ''; - $mail->Username = SMTP_LOGIN; - $mail->Password = SMTP_PASSWORD; - } - - $mail->IsHTML(false); - $mail->Subject = __("[tt-rss] Password change notification"); - $mail->Body = $message; - - $rc = $mail->Send(); + $rc = $mail->quickMail($email, $login, + __("[tt-rss] Password change notification"), + $message, false); if (!$rc) print_error($mail->ErrorInfo); } + } - print "</div>"; + function resetPass() { + $uid = $this->dbh->escape_string($_REQUEST["id"]); + Pref_Users::resetUserPassword($uid, true); } function index() { @@ -353,7 +313,7 @@ class Pref_Users extends Handler_Protected { print "<div id=\"pref-user-toolbar\" dojoType=\"dijit.Toolbar\">"; - $user_search = db_escape_string($_REQUEST["search"]); + $user_search = $this->dbh->escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_user_search"] = $user_search; @@ -368,7 +328,7 @@ class Pref_Users extends Handler_Protected { __('Search')."</button> </div>"; - $sort = db_escape_string($_REQUEST["sort"]); + $sort = $this->dbh->escape_string($_REQUEST["sort"]); if (!$sort || $sort == "undefined") { $sort = "login"; @@ -403,7 +363,7 @@ class Pref_Users extends Handler_Protected { if ($user_search) { - $user_search = split(" ", $user_search); + $user_search = explode(" ", $user_search); $tokens = array(); foreach ($user_search as $token) { @@ -417,7 +377,7 @@ class Pref_Users extends Handler_Protected { $user_search_query = ""; } - $result = db_query($this->link, "SELECT + $result = $this->dbh->query("SELECT id,login,access_level,email, ".SUBSTRING_FOR_DATE."(last_login,1,16) as last_login, ".SUBSTRING_FOR_DATE."(created,1,16) as created @@ -428,7 +388,7 @@ class Pref_Users extends Handler_Protected { id > 0 ORDER BY $sort"); - if (db_num_rows($result) > 0) { + if ($this->dbh->num_rows($result) > 0) { print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefUserList\" id=\"prefUserList\">"; @@ -442,9 +402,7 @@ class Pref_Users extends Handler_Protected { $lnum = 0; - while ($line = db_fetch_assoc($result)) { - - $class = ($lnum % 2) ? "even" : "odd"; + while ($line = $this->dbh->fetch_assoc($result)) { $uid = $line["id"]; @@ -452,8 +410,8 @@ class Pref_Users extends Handler_Protected { $line["login"] = htmlspecialchars($line["login"]); - $line["created"] = make_local_datetime($this->link, $line["created"], false); - $line["last_login"] = make_local_datetime($this->link, $line["last_login"], false); + $line["created"] = make_local_datetime($line["created"], false); + $line["last_login"] = make_local_datetime($line["last_login"], false); print "<td align='center'><input onclick='toggleSelectRow2(this);' dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" @@ -489,8 +447,7 @@ class Pref_Users extends Handler_Protected { print "</div>"; #pane - global $pluginhost; - $pluginhost->run_hooks($pluginhost::HOOK_PREFS_TAB, + PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB, "hook_prefs_tab", "prefUsers"); print "</div>"; #container |