diff options
Diffstat (limited to 'classes/rpc.php')
-rw-r--r-- | classes/rpc.php | 214 |
1 files changed, 107 insertions, 107 deletions
diff --git a/classes/rpc.php b/classes/rpc.php index 3b753f118..51c195f11 100644 --- a/classes/rpc.php +++ b/classes/rpc.php @@ -8,18 +8,18 @@ class RPC extends Handler_Protected { } function setprofile() { - $id = db_escape_string($_REQUEST["id"]); + $id = $this->dbh->escape_string($_REQUEST["id"]); $_SESSION["profile"] = $id; $_SESSION["prefs_cache"] = array(); } function remprofiles() { - $ids = explode(",", db_escape_string(trim($_REQUEST["ids"]))); + $ids = explode(",", $this->dbh->escape_string(trim($_REQUEST["ids"]))); foreach ($ids as $id) { if ($_SESSION["profile"] != $id) { - db_query("DELETE FROM ttrss_settings_profiles WHERE id = '$id' AND + $this->dbh->query("DELETE FROM ttrss_settings_profiles WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } } @@ -27,23 +27,23 @@ class RPC extends Handler_Protected { // Silent function addprofile() { - $title = db_escape_string(trim($_REQUEST["title"])); + $title = $this->dbh->escape_string(trim($_REQUEST["title"])); if ($title) { - db_query("BEGIN"); + $this->dbh->query("BEGIN"); - $result = db_query("SELECT id FROM ttrss_settings_profiles + $result = $this->dbh->query("SELECT id FROM ttrss_settings_profiles WHERE title = '$title' AND owner_uid = " . $_SESSION["uid"]); - if (db_num_rows($result) == 0) { + if ($this->dbh->num_rows($result) == 0) { - db_query("INSERT INTO ttrss_settings_profiles (title, owner_uid) + $this->dbh->query("INSERT INTO ttrss_settings_profiles (title, owner_uid) VALUES ('$title', ".$_SESSION["uid"] .")"); - $result = db_query("SELECT id FROM ttrss_settings_profiles WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_settings_profiles WHERE title = '$title'"); - if (db_num_rows($result) != 0) { - $profile_id = db_fetch_result($result, 0, "id"); + if ($this->dbh->num_rows($result) != 0) { + $profile_id = $this->dbh->fetch_result($result, 0, "id"); if ($profile_id) { initialize_user_prefs($_SESSION["uid"], $profile_id); @@ -51,14 +51,14 @@ class RPC extends Handler_Protected { } } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } } // Silent function saveprofile() { - $id = db_escape_string($_REQUEST["id"]); - $title = db_escape_string(trim($_REQUEST["value"])); + $id = $this->dbh->escape_string($_REQUEST["id"]); + $title = $this->dbh->escape_string(trim($_REQUEST["value"])); if ($id == 0) { print __("Default profile"); @@ -66,44 +66,44 @@ class RPC extends Handler_Protected { } if ($title) { - db_query("BEGIN"); + $this->dbh->query("BEGIN"); - $result = db_query("SELECT id FROM ttrss_settings_profiles + $result = $this->dbh->query("SELECT id FROM ttrss_settings_profiles WHERE title = '$title' AND owner_uid =" . $_SESSION["uid"]); - if (db_num_rows($result) == 0) { - db_query("UPDATE ttrss_settings_profiles + if ($this->dbh->num_rows($result) == 0) { + $this->dbh->query("UPDATE ttrss_settings_profiles SET title = '$title' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); print $title; } else { - $result = db_query("SELECT title FROM ttrss_settings_profiles + $result = $this->dbh->query("SELECT title FROM ttrss_settings_profiles WHERE id = '$id' AND owner_uid =" . $_SESSION["uid"]); - print db_fetch_result($result, 0, "title"); + print $this->dbh->fetch_result($result, 0, "title"); } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } } // Silent function remarchive() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - $result = db_query("DELETE FROM ttrss_archived_feeds WHERE + $result = $this->dbh->query("DELETE FROM ttrss_archived_feeds WHERE (SELECT COUNT(*) FROM ttrss_user_entries WHERE orig_feed_id = '$id') = 0 AND id = '$id' AND owner_uid = ".$_SESSION["uid"]); - $rc = db_affected_rows($result); + $rc = $this->dbh->affected_rows($result); } } function addfeed() { - $feed = db_escape_string($_REQUEST['feed']); - $cat = db_escape_string($_REQUEST['cat']); - $login = db_escape_string($_REQUEST['login']); + $feed = $this->dbh->escape_string($_REQUEST['feed']); + $cat = $this->dbh->escape_string($_REQUEST['cat']); + $login = $this->dbh->escape_string($_REQUEST['login']); $pass = trim($_REQUEST['pass']); // escaped later $rc = subscribe_to_feed($feed, $cat, $login, $pass); @@ -112,7 +112,7 @@ class RPC extends Handler_Protected { } function togglepref() { - $key = db_escape_string($_REQUEST["key"]); + $key = $this->dbh->escape_string($_REQUEST["key"]); set_pref($key, !get_pref($key)); $value = get_pref($key); @@ -131,7 +131,7 @@ class RPC extends Handler_Protected { function mark() { $mark = $_REQUEST["mark"]; - $id = db_escape_string($_REQUEST["id"]); + $id = $this->dbh->escape_string($_REQUEST["id"]); if ($mark == "1") { $mark = "true"; @@ -139,7 +139,7 @@ class RPC extends Handler_Protected { $mark = "false"; } - $result = db_query("UPDATE ttrss_user_entries SET marked = $mark, + $result = $this->dbh->query("UPDATE ttrss_user_entries SET marked = $mark, last_marked = NOW() WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); @@ -147,9 +147,9 @@ class RPC extends Handler_Protected { } function delete() { - $ids = db_escape_string($_REQUEST["ids"]); + $ids = $this->dbh->escape_string($_REQUEST["ids"]); - $result = db_query("DELETE FROM ttrss_user_entries + $result = $this->dbh->query("DELETE FROM ttrss_user_entries WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]); purge_orphans(); @@ -161,26 +161,26 @@ class RPC extends Handler_Protected { $ids = explode(",", $_REQUEST["ids"]); foreach ($ids as $id) { - $id = db_escape_string(trim($id)); - db_query("BEGIN"); + $id = $this->dbh->escape_string(trim($id)); + $this->dbh->query("BEGIN"); - $result = db_query("SELECT feed_url,site_url,title FROM ttrss_archived_feeds + $result = $this->dbh->query("SELECT feed_url,site_url,title FROM ttrss_archived_feeds WHERE id = (SELECT orig_feed_id FROM ttrss_user_entries WHERE ref_id = $id AND owner_uid = ".$_SESSION["uid"].")"); - if (db_num_rows($result) != 0) { - $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url")); - $site_url = db_escape_string(db_fetch_result($result, 0, "site_url")); - $title = db_escape_string(db_fetch_result($result, 0, "title")); + if ($this->dbh->num_rows($result) != 0) { + $feed_url = $this->dbh->escape_string(db_fetch_result($result, 0, "feed_url")); + $site_url = $this->dbh->escape_string(db_fetch_result($result, 0, "site_url")); + $title = $this->dbh->escape_string(db_fetch_result($result, 0, "title")); - $result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " .$_SESSION["uid"]); - if (db_num_rows($result) == 0) { + if ($this->dbh->num_rows($result) == 0) { if (!$title) $title = '[Unknown]'; - $result = db_query( + $result = $this->dbh->query( "INSERT INTO ttrss_feeds (owner_uid,feed_url,site_url,title,cat_id,auth_login,auth_pass,update_method) VALUES (".$_SESSION["uid"].", @@ -189,33 +189,33 @@ class RPC extends Handler_Protected { '$title', NULL, '', '', 0)"); - $result = db_query( + $result = $this->dbh->query( "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = ".$_SESSION["uid"]); - if (db_num_rows($result) != 0) { - $feed_id = db_fetch_result($result, 0, "id"); + if ($this->dbh->num_rows($result) != 0) { + $feed_id = $this->dbh->fetch_result($result, 0, "id"); } } else { - $feed_id = db_fetch_result($result, 0, "id"); + $feed_id = $this->dbh->fetch_result($result, 0, "id"); } if ($feed_id) { - $result = db_query("UPDATE ttrss_user_entries + $result = $this->dbh->query("UPDATE ttrss_user_entries SET feed_id = '$feed_id', orig_feed_id = NULL WHERE ref_id = $id AND owner_uid = " . $_SESSION["uid"]); } } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } print json_encode(array("message" => "UPDATE_COUNTERS")); } function archive() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { $this->archive_article($id, $_SESSION["uid"]); @@ -225,41 +225,41 @@ class RPC extends Handler_Protected { } private function archive_article($id, $owner_uid) { - db_query("BEGIN"); + $this->dbh->query("BEGIN"); - $result = db_query("SELECT feed_id FROM ttrss_user_entries + $result = $this->dbh->query("SELECT feed_id FROM ttrss_user_entries WHERE ref_id = '$id' AND owner_uid = $owner_uid"); - if (db_num_rows($result) != 0) { + if ($this->dbh->num_rows($result) != 0) { /* prepare the archived table */ - $feed_id = (int) db_fetch_result($result, 0, "feed_id"); + $feed_id = (int) $this->dbh->fetch_result($result, 0, "feed_id"); if ($feed_id) { - $result = db_query("SELECT id FROM ttrss_archived_feeds + $result = $this->dbh->query("SELECT id FROM ttrss_archived_feeds WHERE id = '$feed_id'"); - if (db_num_rows($result) == 0) { - db_query("INSERT INTO ttrss_archived_feeds + if ($this->dbh->num_rows($result) == 0) { + $this->dbh->query("INSERT INTO ttrss_archived_feeds (id, owner_uid, title, feed_url, site_url) SELECT id, owner_uid, title, feed_url, site_url from ttrss_feeds WHERE id = '$feed_id'"); } - db_query("UPDATE ttrss_user_entries + $this->dbh->query("UPDATE ttrss_user_entries SET orig_feed_id = feed_id, feed_id = NULL WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); } } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } function publ() { $pub = $_REQUEST["pub"]; - $id = db_escape_string($_REQUEST["id"]); - $note = trim(strip_tags(db_escape_string($_REQUEST["note"]))); + $id = $this->dbh->escape_string($_REQUEST["id"]); + $note = trim(strip_tags($this->dbh->escape_string($_REQUEST["note"]))); if ($pub == "1") { $pub = "true"; @@ -267,7 +267,7 @@ class RPC extends Handler_Protected { $pub = "false"; } - $result = db_query("UPDATE ttrss_user_entries SET + $result = $this->dbh->query("UPDATE ttrss_user_entries SET published = $pub, last_published = NOW() WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); @@ -305,7 +305,7 @@ class RPC extends Handler_Protected { /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */ function catchupSelected() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); $cmode = sprintf("%d", $_REQUEST["cmode"]); catchupArticlesById($ids, $cmode); @@ -314,7 +314,7 @@ class RPC extends Handler_Protected { } function markSelected() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); $cmode = sprintf("%d", $_REQUEST["cmode"]); $this->markArticlesById($ids, $cmode); @@ -323,7 +323,7 @@ class RPC extends Handler_Protected { } function publishSelected() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); $cmode = sprintf("%d", $_REQUEST["cmode"]); $this->publishArticlesById($ids, $cmode); @@ -349,40 +349,40 @@ class RPC extends Handler_Protected { } function completeLabels() { - $search = db_escape_string($_REQUEST["search"]); + $search = $this->dbh->escape_string($_REQUEST["search"]); - $result = db_query("SELECT DISTINCT caption FROM + $result = $this->dbh->query("SELECT DISTINCT caption FROM ttrss_labels2 WHERE owner_uid = '".$_SESSION["uid"]."' AND LOWER(caption) LIKE LOWER('$search%') ORDER BY caption LIMIT 5"); print "<ul>"; - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { print "<li>" . $line["caption"] . "</li>"; } print "</ul>"; } function purge() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); $days = sprintf("%d", $_REQUEST["days"]); foreach ($ids as $id) { - $result = db_query("SELECT id FROM ttrss_feeds WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE id = '$id' AND owner_uid = ".$_SESSION["uid"]); - if (db_num_rows($result) == 1) { + if ($this->dbh->num_rows($result) == 1) { purge_feed($id, $days); } } } function updateFeedBrowser() { - $search = db_escape_string($_REQUEST["search"]); - $limit = db_escape_string($_REQUEST["limit"]); - $mode = (int) db_escape_string($_REQUEST["mode"]); + $search = $this->dbh->escape_string($_REQUEST["search"]); + $limit = $this->dbh->escape_string($_REQUEST["limit"]); + $mode = (int) $this->dbh->escape_string($_REQUEST["mode"]); require_once "feedbrowser.php"; @@ -402,14 +402,14 @@ class RPC extends Handler_Protected { if ($mode == 1) { foreach ($payload as $feed) { - $title = db_escape_string($feed[0]); - $feed_url = db_escape_string($feed[1]); + $title = $this->dbh->escape_string($feed[0]); + $feed_url = $this->dbh->escape_string($feed[1]); - $result = db_query("SELECT id FROM ttrss_feeds WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); - if (db_num_rows($result) == 0) { - $result = db_query("INSERT INTO ttrss_feeds + if ($this->dbh->num_rows($result) == 0) { + $result = $this->dbh->query("INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id,site_url) VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL, '')"); @@ -418,19 +418,19 @@ class RPC extends Handler_Protected { } else if ($mode == 2) { // feed archive foreach ($payload as $id) { - $result = db_query("SELECT * FROM ttrss_archived_feeds + $result = $this->dbh->query("SELECT * FROM ttrss_archived_feeds WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); - if (db_num_rows($result) != 0) { - $site_url = db_escape_string(db_fetch_result($result, 0, "site_url")); - $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url")); - $title = db_escape_string(db_fetch_result($result, 0, "title")); + if ($this->dbh->num_rows($result) != 0) { + $site_url = $this->dbh->escape_string(db_fetch_result($result, 0, "site_url")); + $feed_url = $this->dbh->escape_string(db_fetch_result($result, 0, "feed_url")); + $title = $this->dbh->escape_string(db_fetch_result($result, 0, "title")); - $result = db_query("SELECT id FROM ttrss_feeds WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); - if (db_num_rows($result) == 0) { - $result = db_query("INSERT INTO ttrss_feeds + if ($this->dbh->num_rows($result) == 0) { + $result = $this->dbh->query("INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id,site_url) VALUES ('$id','".$_SESSION["uid"]."', '$feed_url', '$title', NULL, '$site_url')"); @@ -441,9 +441,9 @@ class RPC extends Handler_Protected { } function catchupFeed() { - $feed_id = db_escape_string($_REQUEST['feed_id']); - $is_cat = db_escape_string($_REQUEST['is_cat']) == "true"; - $mode = db_escape_string($_REQUEST['mode']); + $feed_id = $this->dbh->escape_string($_REQUEST['feed_id']); + $is_cat = $this->dbh->escape_string($_REQUEST['is_cat']) == "true"; + $mode = $this->dbh->escape_string($_REQUEST['mode']); catchup_feed($feed_id, $is_cat, false, false, $mode); @@ -451,15 +451,15 @@ class RPC extends Handler_Protected { } function quickAddCat() { - $cat = db_escape_string($_REQUEST["cat"]); + $cat = $this->dbh->escape_string($_REQUEST["cat"]); add_feed_category($cat); - $result = db_query("SELECT id FROM ttrss_feed_categories WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feed_categories WHERE title = '$cat' AND owner_uid = " . $_SESSION["uid"]); - if (db_num_rows($result) == 1) { - $id = db_fetch_result($result, 0, "id"); + if ($this->dbh->num_rows($result) == 1) { + $id = $this->dbh->fetch_result($result, 0, "id"); } else { $id = 0; } @@ -469,7 +469,7 @@ class RPC extends Handler_Protected { // Silent function clearArticleKeys() { - db_query("UPDATE ttrss_user_entries SET uuid = '' WHERE + $this->dbh->query("UPDATE ttrss_user_entries SET uuid = '' WHERE owner_uid = " . $_SESSION["uid"]); return; @@ -516,7 +516,7 @@ class RPC extends Handler_Protected { $random_qpart = sql_random_function(); // We search for feed needing update. - $result = db_query("SELECT ttrss_feeds.feed_url,ttrss_feeds.id + $result = $this->dbh->query("SELECT ttrss_feeds.feed_url,ttrss_feeds.id FROM ttrss_feeds, ttrss_users, ttrss_user_prefs WHERE @@ -535,7 +535,7 @@ class RPC extends Handler_Protected { $tstart = time(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $feed_id = $line["id"]; if (time() - $tstart < ini_get("max_execution_time") * 0.7) { @@ -570,15 +570,15 @@ class RPC extends Handler_Protected { $ids_qpart = join(" OR ", $tmp_ids); if ($cmode == 0) { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET marked = false, last_marked = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } else if ($cmode == 1) { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET marked = true, last_marked = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } else { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET marked = NOT marked,last_marked = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } @@ -595,15 +595,15 @@ class RPC extends Handler_Protected { $ids_qpart = join(" OR ", $tmp_ids); if ($cmode == 0) { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET published = false,last_published = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } else if ($cmode == 1) { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET published = true,last_published = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } else { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET published = NOT published,last_published = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } @@ -620,14 +620,14 @@ class RPC extends Handler_Protected { } function getlinktitlebyid() { - $id = db_escape_string($_REQUEST['id']); + $id = $this->dbh->escape_string($_REQUEST['id']); - $result = db_query("SELECT link, title FROM ttrss_entries, ttrss_user_entries + $result = $this->dbh->query("SELECT link, title FROM ttrss_entries, ttrss_user_entries WHERE ref_id = '$id' AND ref_id = id AND owner_uid = ". $_SESSION["uid"]); - if (db_num_rows($result) != 0) { - $link = db_fetch_result($result, 0, "link"); - $title = db_fetch_result($result, 0, "title"); + if ($this->dbh->num_rows($result) != 0) { + $link = $this->dbh->fetch_result($result, 0, "link"); + $title = $this->dbh->fetch_result($result, 0, "title"); echo json_encode(array("link" => $link, "title" => $title)); } else { |