diff options
Diffstat (limited to 'classes')
-rw-r--r-- | classes/api.php | 116 | ||||
-rw-r--r-- | classes/article.php | 64 | ||||
-rw-r--r-- | classes/auth/base.php | 12 | ||||
-rw-r--r-- | classes/dbupdater.php | 24 | ||||
-rw-r--r-- | classes/dlg.php | 16 | ||||
-rw-r--r-- | classes/feeds.php | 80 | ||||
-rw-r--r-- | classes/handler/public.php | 120 | ||||
-rw-r--r-- | classes/logger/sql.php | 2 | ||||
-rw-r--r-- | classes/opml.php | 108 | ||||
-rw-r--r-- | classes/pluginhost.php | 24 | ||||
-rw-r--r-- | classes/pref/feeds.php | 252 | ||||
-rw-r--r-- | classes/pref/filters.php | 168 | ||||
-rw-r--r-- | classes/pref/labels.php | 70 | ||||
-rw-r--r-- | classes/pref/prefs.php | 64 | ||||
-rw-r--r-- | classes/pref/system.php | 4 | ||||
-rw-r--r-- | classes/pref/users.php | 76 | ||||
-rw-r--r-- | classes/rpc.php | 214 |
17 files changed, 707 insertions, 707 deletions
diff --git a/classes/api.php b/classes/api.php index 422fc5a1b..945496bcf 100644 --- a/classes/api.php +++ b/classes/api.php @@ -50,16 +50,16 @@ class API extends Handler { @session_destroy(); @session_start(); - $login = db_escape_string($_REQUEST["user"]); + $login = $this->dbh->escape_string($_REQUEST["user"]); $password = $_REQUEST["password"]; $password_base64 = base64_decode($_REQUEST["password"]); if (SINGLE_USER_MODE) $login = "admin"; - $result = db_query("SELECT id FROM ttrss_users WHERE login = '$login'"); + $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE login = '$login'"); - if (db_num_rows($result) != 0) { - $uid = db_fetch_result($result, 0, "id"); + if ($this->dbh->num_rows($result) != 0) { + $uid = $this->dbh->fetch_result($result, 0, "id"); } else { $uid = 0; } @@ -95,8 +95,8 @@ class API extends Handler { } function getUnread() { - $feed_id = db_escape_string($_REQUEST["feed_id"]); - $is_cat = db_escape_string($_REQUEST["is_cat"]); + $feed_id = $this->dbh->escape_string($_REQUEST["feed_id"]); + $is_cat = $this->dbh->escape_string($_REQUEST["is_cat"]); if ($feed_id) { print $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($feed_id, $is_cat))); @@ -111,10 +111,10 @@ class API extends Handler { } function getFeeds() { - $cat_id = db_escape_string($_REQUEST["cat_id"]); + $cat_id = $this->dbh->escape_string($_REQUEST["cat_id"]); $unread_only = sql_bool_to_bool($_REQUEST["unread_only"]); - $limit = (int) db_escape_string($_REQUEST["limit"]); - $offset = (int) db_escape_string($_REQUEST["offset"]); + $limit = (int) $this->dbh->escape_string($_REQUEST["limit"]); + $offset = (int) $this->dbh->escape_string($_REQUEST["offset"]); $include_nested = sql_bool_to_bool($_REQUEST["include_nested"]); $feeds = $this->api_get_feeds($cat_id, $unread_only, $limit, $offset, $include_nested); @@ -134,7 +134,7 @@ class API extends Handler { else $nested_qpart = "true"; - $result = db_query("SELECT + $result = $this->dbh->query("SELECT id, title, order_id, (SELECT COUNT(id) FROM ttrss_feeds WHERE ttrss_feed_categories.id IS NOT NULL AND cat_id = ttrss_feed_categories.id) AS num_feeds, @@ -147,7 +147,7 @@ class API extends Handler { $cats = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { if ($include_empty || $line["num_feeds"] > 0 || $line["num_cats"] > 0) { $unread = getFeedUnread($line["id"], true); @@ -180,22 +180,22 @@ class API extends Handler { } function getHeadlines() { - $feed_id = db_escape_string($_REQUEST["feed_id"]); + $feed_id = $this->dbh->escape_string($_REQUEST["feed_id"]); if ($feed_id != "") { - $limit = (int)db_escape_string($_REQUEST["limit"]); + $limit = (int)$this->dbh->escape_string($_REQUEST["limit"]); if (!$limit || $limit >= 60) $limit = 60; - $offset = (int)db_escape_string($_REQUEST["skip"]); - $filter = db_escape_string($_REQUEST["filter"]); + $offset = (int)$this->dbh->escape_string($_REQUEST["skip"]); + $filter = $this->dbh->escape_string($_REQUEST["filter"]); $is_cat = sql_bool_to_bool($_REQUEST["is_cat"]); $show_excerpt = sql_bool_to_bool($_REQUEST["show_excerpt"]); $show_content = sql_bool_to_bool($_REQUEST["show_content"]); /* all_articles, unread, adaptive, marked, updated */ - $view_mode = db_escape_string($_REQUEST["view_mode"]); + $view_mode = $this->dbh->escape_string($_REQUEST["view_mode"]); $include_attachments = sql_bool_to_bool($_REQUEST["include_attachments"]); - $since_id = (int)db_escape_string($_REQUEST["since_id"]); + $since_id = (int)$this->dbh->escape_string($_REQUEST["since_id"]); $include_nested = sql_bool_to_bool($_REQUEST["include_nested"]); $sanitize_content = true; @@ -211,8 +211,8 @@ class API extends Handler { /* do not rely on params below */ - $search = db_escape_string($_REQUEST["search"]); - $search_mode = db_escape_string($_REQUEST["search_mode"]); + $search = $this->dbh->escape_string($_REQUEST["search"]); + $search_mode = $this->dbh->escape_string($_REQUEST["search_mode"]); $headlines = $this->api_get_headlines($feed_id, $limit, $offset, $filter, $is_cat, $show_excerpt, $show_content, $view_mode, $override_order, @@ -226,10 +226,10 @@ class API extends Handler { } function updateArticle() { - $article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric); - $mode = (int) db_escape_string($_REQUEST["mode"]); - $data = db_escape_string($_REQUEST["data"]); - $field_raw = (int)db_escape_string($_REQUEST["field"]); + $article_ids = array_filter(explode(",", $this->dbh->escape_string($_REQUEST["article_ids"])), is_numeric); + $mode = (int) $this->dbh->escape_string($_REQUEST["mode"]); + $data = $this->dbh->escape_string($_REQUEST["data"]); + $field_raw = (int)$this->dbh->escape_string($_REQUEST["field"]); $field = ""; $set_to = ""; @@ -269,15 +269,15 @@ class API extends Handler { $article_ids = join(", ", $article_ids); - $result = db_query("UPDATE ttrss_user_entries SET $field = $set_to $additional_fields WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]); + $result = $this->dbh->query("UPDATE ttrss_user_entries SET $field = $set_to $additional_fields WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]); - $num_updated = db_affected_rows($result); + $num_updated = $this->dbh->affected_rows($result); if ($num_updated > 0 && $field == "unread") { - $result = db_query("SELECT DISTINCT feed_id FROM ttrss_user_entries + $result = $this->dbh->query("SELECT DISTINCT feed_id FROM ttrss_user_entries WHERE ref_id IN ($article_ids)"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { ccache_update($line["feed_id"], $_SESSION["uid"]); } } @@ -304,7 +304,7 @@ class API extends Handler { function getArticle() { - $article_id = join(",", array_filter(explode(",", db_escape_string($_REQUEST["article_id"])), is_numeric)); + $article_id = join(",", array_filter(explode(",", $this->dbh->escape_string($_REQUEST["article_id"])), is_numeric)); $query = "SELECT id,title,link,content,cached_content,feed_id,comments,int_id, marked,unread,published,score, @@ -314,13 +314,13 @@ class API extends Handler { WHERE id IN ($article_id) AND ref_id = id AND owner_uid = " . $_SESSION["uid"] ; - $result = db_query($query); + $result = $this->dbh->query($query); $articles = array(); - if (db_num_rows($result) != 0) { + if ($this->dbh->num_rows($result) != 0) { - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $attachments = get_article_enclosures($line['id']); @@ -363,10 +363,10 @@ class API extends Handler { $config["daemon_is_running"] = file_is_locked("update_daemon.lock"); - $result = db_query("SELECT COUNT(*) AS cf FROM + $result = $this->dbh->query("SELECT COUNT(*) AS cf FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]); - $num_feeds = db_fetch_result($result, 0, "cf"); + $num_feeds = $this->dbh->fetch_result($result, 0, "cf"); $config["num_feeds"] = (int)$num_feeds; @@ -376,7 +376,7 @@ class API extends Handler { function updateFeed() { require_once "include/rssfuncs.php"; - $feed_id = (int) db_escape_string($_REQUEST["feed_id"]); + $feed_id = (int) $this->dbh->escape_string($_REQUEST["feed_id"]); update_rss_feed($feed_id, true); @@ -384,8 +384,8 @@ class API extends Handler { } function catchupFeed() { - $feed_id = db_escape_string($_REQUEST["feed_id"]); - $is_cat = db_escape_string($_REQUEST["is_cat"]); + $feed_id = $this->dbh->escape_string($_REQUEST["feed_id"]); + $is_cat = $this->dbh->escape_string($_REQUEST["is_cat"]); catchup_feed($feed_id, $is_cat); @@ -393,19 +393,19 @@ class API extends Handler { } function getPref() { - $pref_name = db_escape_string($_REQUEST["pref_name"]); + $pref_name = $this->dbh->escape_string($_REQUEST["pref_name"]); print $this->wrap(self::STATUS_OK, array("value" => get_pref($pref_name))); } function getLabels() { - //$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric); + //$article_ids = array_filter(explode(",", $this->dbh->escape_string($_REQUEST["article_ids"])), is_numeric); $article_id = (int)$_REQUEST['article_id']; $rv = array(); - $result = db_query("SELECT id, caption, fg_color, bg_color + $result = $this->dbh->query("SELECT id, caption, fg_color, bg_color FROM ttrss_labels2 WHERE owner_uid = '".$_SESSION['uid']."' ORDER BY caption"); @@ -414,7 +414,7 @@ class API extends Handler { else $article_labels = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $checked = false; foreach ($article_labels as $al) { @@ -437,11 +437,11 @@ class API extends Handler { function setArticleLabel() { - $article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric); - $label_id = (int) db_escape_string($_REQUEST['label_id']); - $assign = (bool) db_escape_string($_REQUEST['assign']) == "true"; + $article_ids = array_filter(explode(",", $this->dbh->escape_string($_REQUEST["article_ids"])), is_numeric); + $label_id = (int) $this->dbh->escape_string($_REQUEST['label_id']); + $assign = (bool) $this->dbh->escape_string($_REQUEST['assign']) == "true"; - $label = db_escape_string(label_find_caption( + $label = $this->dbh->escape_string(label_find_caption( $label_id, $_SESSION["uid"])); $num_updated = 0; @@ -481,9 +481,9 @@ class API extends Handler { } function shareToPublished() { - $title = db_escape_string(strip_tags($_REQUEST["title"])); - $url = db_escape_string(strip_tags($_REQUEST["url"])); - $content = db_escape_string(strip_tags($_REQUEST["content"])); + $title = $this->dbh->escape_string(strip_tags($_REQUEST["title"])); + $url = $this->dbh->escape_string(strip_tags($_REQUEST["url"])); + $content = $this->dbh->escape_string(strip_tags($_REQUEST["content"])); if (Article::create_published_article($title, $url, $content, "", $_SESSION["uid"])) { print $this->wrap(self::STATUS_OK, array("status" => 'OK')); @@ -709,12 +709,12 @@ class API extends Handler { } function unsubscribeFeed() { - $feed_id = (int) db_escape_string($_REQUEST["feed_id"]); + $feed_id = (int) $this->dbh->escape_string($_REQUEST["feed_id"]); - $result = db_query("SELECT id FROM ttrss_feeds WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = ".$_SESSION["uid"]); - if (db_num_rows($result) != 0) { + if ($this->dbh->num_rows($result) != 0) { Pref_Feeds::remove_feed($feed_id, $_SESSION["uid"]); print $this->wrap(self::STATUS_OK, array("status" => "OK")); } else { @@ -723,10 +723,10 @@ class API extends Handler { } function subscribeToFeed() { - $feed_url = db_escape_string($_REQUEST["feed_url"]); - $category_id = (int) db_escape_string($_REQUEST["category_id"]); - $login = db_escape_string($_REQUEST["login"]); - $password = db_escape_string($_REQUEST["password"]); + $feed_url = $this->dbh->escape_string($_REQUEST["feed_url"]); + $category_id = (int) $this->dbh->escape_string($_REQUEST["category_id"]); + $login = $this->dbh->escape_string($_REQUEST["login"]); + $password = $this->dbh->escape_string($_REQUEST["password"]); if ($feed_url) { $rc = subscribe_to_feed($feed_url, $category_id, @@ -760,16 +760,16 @@ class API extends Handler { private function isCategoryEmpty($id) { if ($id == -2) { - $result = db_query("SELECT COUNT(*) AS count FROM ttrss_labels2 + $result = $this->dbh->query("SELECT COUNT(*) AS count FROM ttrss_labels2 WHERE owner_uid = " . $_SESSION["uid"]); - return db_fetch_result($result, 0, "count") == 0; + return $this->dbh->fetch_result($result, 0, "count") == 0; } else if ($id == 0) { - $result = db_query("SELECT COUNT(*) AS count FROM ttrss_feeds + $result = $this->dbh->query("SELECT COUNT(*) AS count FROM ttrss_feeds WHERE cat_id IS NULL AND owner_uid = " . $_SESSION["uid"]); - return db_fetch_result($result, 0, "count") == 0; + return $this->dbh->fetch_result($result, 0, "count") == 0; } diff --git a/classes/article.php b/classes/article.php index df850daca..1198eefa9 100644 --- a/classes/article.php +++ b/classes/article.php @@ -8,14 +8,14 @@ class Article extends Handler_Protected { } function redirect() { - $id = db_escape_string($_REQUEST['id']); + $id = $this->dbh->escape_string($_REQUEST['id']); - $result = db_query("SELECT link FROM ttrss_entries, ttrss_user_entries + $result = $this->dbh->query("SELECT link FROM ttrss_entries, ttrss_user_entries WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."' LIMIT 1"); - if (db_num_rows($result) == 1) { - $article_url = db_fetch_result($result, 0, 'link'); + if ($this->dbh->num_rows($result) == 1) { + $article_url = $this->dbh->fetch_result($result, 0, 'link'); $article_url = str_replace("\n", "", $article_url); header("Location: $article_url"); @@ -27,10 +27,10 @@ class Article extends Handler_Protected { } function view() { - $id = db_escape_string($_REQUEST["id"]); - $cids = explode(",", db_escape_string($_REQUEST["cids"])); - $mode = db_escape_string($_REQUEST["mode"]); - $omode = db_escape_string($_REQUEST["omode"]); + $id = $this->dbh->escape_string($_REQUEST["id"]); + $cids = explode(",", $this->dbh->escape_string($_REQUEST["cids"])); + $mode = $this->dbh->escape_string($_REQUEST["mode"]); + $omode = $this->dbh->escape_string($_REQUEST["omode"]); // in prefetch mode we only output requested cids, main article // just gets marked as read (it already exists in client cache) @@ -68,15 +68,15 @@ class Article extends Handler_Protected { private function catchupArticleById($id, $cmode) { if ($cmode == 0) { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET unread = false,last_read = NOW() WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); } else if ($cmode == 1) { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET unread = true WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); } else { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET unread = NOT unread,last_read = NOW() WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); } @@ -178,9 +178,9 @@ class Article extends Handler_Protected { print __("Tags for this article (separated by commas):")."<br>"; - $param = db_escape_string($_REQUEST['param']); + $param = $this->dbh->escape_string($_REQUEST['param']); - $tags = get_article_tags(db_escape_string($param)); + $tags = get_article_tags($this->dbh->escape_string($param)); $tags_str = join(", ", $tags); @@ -209,10 +209,10 @@ class Article extends Handler_Protected { } function setScore() { - $ids = db_escape_string($_REQUEST['id']); - $score = (int)db_escape_string($_REQUEST['score']); + $ids = $this->dbh->escape_string($_REQUEST['id']); + $score = (int)$this->dbh->escape_string($_REQUEST['score']); - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET score = '$score' WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]); print json_encode(array("id" => $id, @@ -222,23 +222,23 @@ class Article extends Handler_Protected { function setArticleTags() { - $id = db_escape_string($_REQUEST["id"]); + $id = $this->dbh->escape_string($_REQUEST["id"]); - $tags_str = db_escape_string($_REQUEST["tags_str"]); + $tags_str = $this->dbh->escape_string($_REQUEST["tags_str"]); $tags = array_unique(trim_array(explode(",", $tags_str))); - db_query("BEGIN"); + $this->dbh->query("BEGIN"); - $result = db_query("SELECT int_id FROM ttrss_user_entries WHERE + $result = $this->dbh->query("SELECT int_id FROM ttrss_user_entries WHERE ref_id = '$id' AND owner_uid = '".$_SESSION["uid"]."' LIMIT 1"); - if (db_num_rows($result) == 1) { + if ($this->dbh->num_rows($result) == 1) { $tags_to_cache = array(); - $int_id = db_fetch_result($result, 0, "int_id"); + $int_id = $this->dbh->fetch_result($result, 0, "int_id"); - db_query("DELETE FROM ttrss_tags WHERE + $this->dbh->query("DELETE FROM ttrss_tags WHERE post_int_id = $int_id AND owner_uid = '".$_SESSION["uid"]."'"); foreach ($tags as $tag) { @@ -255,7 +255,7 @@ class Article extends Handler_Protected { // print "<!-- $id : $int_id : $tag -->"; if ($tag != '') { - db_query("INSERT INTO ttrss_tags + $this->dbh->query("INSERT INTO ttrss_tags (post_int_id, owner_uid, tag_name) VALUES ('$int_id', '".$_SESSION["uid"]."', '$tag')"); } @@ -267,12 +267,12 @@ class Article extends Handler_Protected { sort($tags_to_cache); $tags_str = join(",", $tags_to_cache); - db_query("UPDATE ttrss_user_entries + $this->dbh->query("UPDATE ttrss_user_entries SET tag_cache = '$tags_str' WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); $tags = get_article_tags($id); $tags_str = format_tags_string($tags, $id); @@ -286,15 +286,15 @@ class Article extends Handler_Protected { function completeTags() { - $search = db_escape_string($_REQUEST["search"]); + $search = $this->dbh->escape_string($_REQUEST["search"]); - $result = db_query("SELECT DISTINCT tag_name FROM ttrss_tags + $result = $this->dbh->query("SELECT DISTINCT tag_name FROM ttrss_tags WHERE owner_uid = '".$_SESSION["uid"]."' AND tag_name LIKE '$search%' ORDER BY tag_name LIMIT 10"); print "<ul>"; - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { print "<li>" . $line["tag_name"] . "</li>"; } print "</ul>"; @@ -311,10 +311,10 @@ class Article extends Handler_Protected { private function labelops($assign) { $reply = array(); - $ids = explode(",", db_escape_string($_REQUEST["ids"])); - $label_id = db_escape_string($_REQUEST["lid"]); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); + $label_id = $this->dbh->escape_string($_REQUEST["lid"]); - $label = db_escape_string(label_find_caption($label_id, + $label = $this->dbh->escape_string(label_find_caption($label_id, $_SESSION["uid"])); $reply["info-for-headlines"] = array(); diff --git a/classes/auth/base.php b/classes/auth/base.php index 782848a79..284ac1d38 100644 --- a/classes/auth/base.php +++ b/classes/auth/base.php @@ -15,7 +15,7 @@ class Auth_Base { $user_id = $this->find_user_by_login($login); if (!$user_id) { - $login = db_escape_string($login); + $login = $this->dbh->escape_string($login); $salt = substr(bin2hex(get_random_bytes(125)), 0, 250); $pwd_hash = encrypt_password($password, $salt, true); @@ -23,7 +23,7 @@ class Auth_Base { (login,access_level,last_login,created,pwd_hash,salt) VALUES ('$login', 0, null, NOW(), '$pwd_hash','$salt')"; - db_query($query); + $this->dbh->query($query); return $this->find_user_by_login($login); @@ -36,13 +36,13 @@ class Auth_Base { } function find_user_by_login($login) { - $login = db_escape_string($login); + $login = $this->dbh->escape_string($login); - $result = db_query("SELECT id FROM ttrss_users WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE login = '$login'"); - if (db_num_rows($result) > 0) { - return db_fetch_result($result, 0, "id"); + if ($this->dbh->num_rows($result) > 0) { + return $this->dbh->fetch_result($result, 0, "id"); } else { return false; } diff --git a/classes/dbupdater.php b/classes/dbupdater.php index a319da03d..f157342d4 100644 --- a/classes/dbupdater.php +++ b/classes/dbupdater.php @@ -2,18 +2,18 @@ class DbUpdater { private $dbh; - private $db_type; + private $$this->dbh->type; private $need_version; - function __construct($dbh, $db_type, $need_version) { + function __construct($dbh, $$this->dbh->type, $need_version) { $this->dbh = $dbh; - $this->db_type = $db_type; + $this->$this->dbh->type = $db_type; $this->need_version = (int) $need_version; } function getSchemaVersion() { - $result = db_query("SELECT schema_version FROM ttrss_version"); - return (int) db_fetch_result($result, 0, "schema_version"); + $result = $this->dbh->query("SELECT schema_version FROM ttrss_version"); + return (int) $this->dbh->fetch_result($result, 0, "schema_version"); } function isUpdateRequired() { @@ -21,7 +21,7 @@ class DbUpdater { } function getSchemaLines($version) { - $filename = "schema/versions/".$this->db_type."/$version.sql"; + $filename = "schema/versions/".$this->$this->dbh->type."/$version.sql"; if (file_exists($filename)) { return explode(";", preg_replace("/[\r\n]/", "", file_get_contents($filename))); @@ -37,21 +37,21 @@ class DbUpdater { if (is_array($lines)) { - db_query("BEGIN"); + $this->dbh->query("BEGIN"); foreach ($lines as $line) { if (strpos($line, "--") !== 0 && $line) { - db_query($line); + $this->dbh->query($line); } } - $db_version = $this->getSchemaVersion(); + $$this->dbh->version = $this->getSchemaVersion(); - if ($db_version == $version) { - db_query("COMMIT"); + if ($$this->dbh->version == $version) { + $this->dbh->query("COMMIT"); return true; } else { - db_query("ROLLBACK"); + $this->dbh->query("ROLLBACK"); return false; } } else { diff --git a/classes/dlg.php b/classes/dlg.php index 5e14690c4..cfa960d9a 100644 --- a/classes/dlg.php +++ b/classes/dlg.php @@ -6,7 +6,7 @@ class Dlg extends Handler_Protected { if (parent::before($method)) { header("Content-Type: text/html"); # required for iframe - $this->param = db_escape_string($_REQUEST["param"]); + $this->param = $this->dbh->escape_string($_REQUEST["param"]); return true; } return false; @@ -18,7 +18,7 @@ class Dlg extends Handler_Protected { print "<div class=\"prefFeedOPMLHolder\">"; $owner_uid = $_SESSION["uid"]; - db_query("BEGIN"); + $this->dbh->query("BEGIN"); print "<ul class='nomarks'>"; @@ -26,7 +26,7 @@ class Dlg extends Handler_Protected { $opml->opml_import($_SESSION["uid"]); - db_query("COMMIT"); + $this->dbh->query("COMMIT"); print "</ul>"; print "</div>"; @@ -106,11 +106,11 @@ class Dlg extends Handler_Protected { FROM ttrss_tags WHERE owner_uid = ".$_SESSION["uid"]." GROUP BY tag_name ORDER BY count DESC LIMIT 50"; - $result = db_query($query); + $result = $this->dbh->query($query); $tags = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $tags[$line["tag_name"]] = $line["count"]; } @@ -171,10 +171,10 @@ class Dlg extends Handler_Protected { print "<label for=\"tag_mode_all\">".__("All tags.")."</input>"; print "<select id=\"all_tags\" name=\"all_tags\" title=\"" . __('Which Tags?') . "\" multiple=\"multiple\" size=\"10\" style=\"width : 100%\">"; - $result = db_query("SELECT DISTINCT tag_name FROM ttrss_tags WHERE owner_uid = ".$_SESSION['uid']." + $result = $this->dbh->query("SELECT DISTINCT tag_name FROM ttrss_tags WHERE owner_uid = ".$_SESSION['uid']." AND LENGTH(tag_name) <= 30 ORDER BY tag_name ASC"); - while ($row = db_fetch_assoc($result)) { + while ($row = $this->dbh->fetch_assoc($result)) { $tmp = htmlspecialchars($row["tag_name"]); print "<option value=\"" . str_replace(" ", "%20", $tmp) . "\">$tmp</option>"; } @@ -195,7 +195,7 @@ class Dlg extends Handler_Protected { function generatedFeed() { $this->params = explode(":", $this->param, 3); - $feed_id = db_escape_string($this->params[0]); + $feed_id = $this->dbh->escape_string($this->params[0]); $is_cat = (bool) $this->params[1]; $key = get_feed_access_key($feed_id, $is_cat); diff --git a/classes/feeds.php b/classes/feeds.php index 153c0f5aa..969c25db1 100644 --- a/classes/feeds.php +++ b/classes/feeds.php @@ -164,19 +164,19 @@ class Feeds extends Handler_Protected { if ($method == "ForceUpdate" && $feed > 0 && is_numeric($feed)) { // Update the feed if required with some basic flood control - $result = db_query( + $result = $this->dbh->query( "SELECT cache_images,".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated FROM ttrss_feeds WHERE id = '$feed'"); - if (db_num_rows($result) != 0) { - $last_updated = strtotime(db_fetch_result($result, 0, "last_updated")); - $cache_images = sql_bool_to_bool(db_fetch_result($result, 0, "cache_images")); + if ($this->dbh->num_rows($result) != 0) { + $last_updated = strtotime($this->dbh->fetch_result($result, 0, "last_updated")); + $cache_images = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "cache_images")); if (!$cache_images && time() - $last_updated > 120 || isset($_REQUEST['DevForceUpdate'])) { include "rssfuncs.php"; update_rss_feed($feed, true, true); } else { - db_query("UPDATE ttrss_feeds SET last_updated = '1970-01-01', last_update_started = '1970-01-01' + $this->dbh->query("UPDATE ttrss_feeds SET last_updated = '1970-01-01', last_update_started = '1970-01-01' WHERE id = '$feed'"); } } @@ -189,21 +189,21 @@ class Feeds extends Handler_Protected { // FIXME: might break tag display? if (is_numeric($feed) && $feed > 0 && !$cat_view) { - $result = db_query( + $result = $this->dbh->query( "SELECT id FROM ttrss_feeds WHERE id = '$feed' LIMIT 1"); - if (db_num_rows($result) == 0) { + if ($this->dbh->num_rows($result) == 0) { $reply['content'] = "<div align='center'>".__('Feed not found.')."</div>"; } } - @$search = db_escape_string($_REQUEST["query"]); + @$search = $this->dbh->escape_string($_REQUEST["query"]); if ($search) { $disable_cache = true; } - @$search_mode = db_escape_string($_REQUEST["search_mode"]); + @$search_mode = $this->dbh->escape_string($_REQUEST["search_mode"]); if ($_REQUEST["debug"]) $timing_info = print_checkpoint("H0", $timing_info); @@ -259,7 +259,7 @@ class Feeds extends Handler_Protected { $feed, $cat_view, $search, $search_mode, $view_mode, $last_error); - $headlines_count = db_num_rows($result); + $headlines_count = $this->dbh->num_rows($result); /* if (get_pref('COMBINED_DISPLAY_MODE')) { $button_plugins = array(); @@ -275,7 +275,7 @@ class Feeds extends Handler_Protected { global $pluginhost; - if (db_num_rows($result) > 0) { + if ($this->dbh->num_rows($result) > 0) { $lnum = $offset; @@ -288,7 +288,7 @@ class Feeds extends Handler_Protected { $expand_cdm = get_pref('CDM_EXPANDED'); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; $id = $line["id"]; @@ -633,17 +633,17 @@ class Feeds extends Handler_Protected { if ($line["orig_feed_id"]) { - $tmp_result = db_query("SELECT * FROM ttrss_archived_feeds + $tmp_result = $this->dbh->query("SELECT * FROM ttrss_archived_feeds WHERE id = ".$line["orig_feed_id"]); - if (db_num_rows($tmp_result) != 0) { + if ($this->dbh->num_rows($tmp_result) != 0) { $reply['content'] .= "<div clear='both'>"; $reply['content'] .= __("Originally from:"); $reply['content'] .= " "; - $tmp_line = db_fetch_assoc($tmp_result); + $tmp_line = $this->dbh->fetch_assoc($tmp_result); $reply['content'] .= "<a target='_blank' href=' " . htmlspecialchars($tmp_line['site_url']) . "'>" . @@ -757,18 +757,18 @@ class Feeds extends Handler_Protected { $reply['content'] .= "<p><span class=\"insensitive\">"; - $result = db_query("SELECT ".SUBSTRING_FOR_DATE."(MAX(last_updated), 1, 19) AS last_updated FROM ttrss_feeds + $result = $this->dbh->query("SELECT ".SUBSTRING_FOR_DATE."(MAX(last_updated), 1, 19) AS last_updated FROM ttrss_feeds WHERE owner_uid = " . $_SESSION['uid']); - $last_updated = db_fetch_result($result, 0, "last_updated"); + $last_updated = $this->dbh->fetch_result($result, 0, "last_updated"); $last_updated = make_local_datetime($last_updated, false); $reply['content'] .= sprintf(__("Feeds last updated at %s"), $last_updated); - $result = db_query("SELECT COUNT(id) AS num_errors + $result = $this->dbh->query("SELECT COUNT(id) AS num_errors FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]); - $num_errors = db_fetch_result($result, 0, "num_errors"); + $num_errors = $this->dbh->fetch_result($result, 0, "num_errors"); if ($num_errors > 0) { $reply['content'] .= "<br/>"; @@ -786,7 +786,7 @@ class Feeds extends Handler_Protected { } function catchupAll() { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET last_read = NOW(), unread = false WHERE unread = true AND owner_uid = " . $_SESSION["uid"]); ccache_zero_all($_SESSION["uid"]); } @@ -798,17 +798,17 @@ class Feeds extends Handler_Protected { if ($_REQUEST["debug"]) $timing_info = print_checkpoint("0", $timing_info); - $omode = db_escape_string($_REQUEST["omode"]); + $omode = $this->dbh->escape_string($_REQUEST["omode"]); - $feed = db_escape_string($_REQUEST["feed"]); - $method = db_escape_string($_REQUEST["m"]); - $view_mode = db_escape_string($_REQUEST["view_mode"]); + $feed = $this->dbh->escape_string($_REQUEST["feed"]); + $method = $this->dbh->escape_string($_REQUEST["m"]); + $view_mode = $this->dbh->escape_string($_REQUEST["view_mode"]); $limit = 30; @$cat_view = $_REQUEST["cat"] == "true"; - @$next_unread_feed = db_escape_string($_REQUEST["nuf"]); - @$offset = db_escape_string($_REQUEST["skip"]); - @$vgroup_last_feed = db_escape_string($_REQUEST["vgrlf"]); - $order_by = db_escape_string($_REQUEST["order_by"]); + @$next_unread_feed = $this->dbh->escape_string($_REQUEST["nuf"]); + @$offset = $this->dbh->escape_string($_REQUEST["skip"]); + @$vgroup_last_feed = $this->dbh->escape_string($_REQUEST["vgrlf"]); + $order_by = $this->dbh->escape_string($_REQUEST["order_by"]); if (is_numeric($feed)) $feed = (int) $feed; @@ -824,17 +824,17 @@ class Feeds extends Handler_Protected { if ($feed < LABEL_BASE_INDEX) { $label_feed = feed_to_label_id($feed); - $result = db_query("SELECT id FROM ttrss_labels2 WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_labels2 WHERE id = '$label_feed' AND owner_uid = " . $_SESSION['uid']); } else if (!$cat_view && is_numeric($feed) && $feed > 0) { - $result = db_query("SELECT id FROM ttrss_feeds WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE id = '$feed' AND owner_uid = " . $_SESSION['uid']); } else if ($cat_view && is_numeric($feed) && $feed > 0) { - $result = db_query("SELECT id FROM ttrss_feed_categories WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feed_categories WHERE id = '$feed' AND owner_uid = " . $_SESSION['uid']); } - if ($result && db_num_rows($result) == 0) { + if ($result && $this->dbh->num_rows($result) == 0) { print json_encode($this->generate_error_feed(__("Feed not found."))); return; } @@ -851,13 +851,13 @@ class Feeds extends Handler_Protected { /* bump login timestamp if needed */ if (time() - $_SESSION["last_login_update"] > 3600) { - db_query("UPDATE ttrss_users SET last_login = NOW() WHERE id = " . + $this->dbh->query("UPDATE ttrss_users SET last_login = NOW() WHERE id = " . $_SESSION["uid"]); $_SESSION["last_login_update"] = time(); } if (!$cat_view && is_numeric($feed) && $feed > 0) { - db_query("UPDATE ttrss_feeds SET last_viewed = NOW() + $this->dbh->query("UPDATE ttrss_feeds SET last_viewed = NOW() WHERE id = '$feed' AND owner_uid = ".$_SESSION["uid"]); } @@ -924,18 +924,18 @@ class Feeds extends Handler_Protected { $reply['headlines']['content'] .= "<p><span class=\"insensitive\">"; - $result = db_query("SELECT ".SUBSTRING_FOR_DATE."(MAX(last_updated), 1, 19) AS last_updated FROM ttrss_feeds + $result = $this->dbh->query("SELECT ".SUBSTRING_FOR_DATE."(MAX(last_updated), 1, 19) AS last_updated FROM ttrss_feeds WHERE owner_uid = " . $_SESSION['uid']); - $last_updated = db_fetch_result($result, 0, "last_updated"); + $last_updated = $this->dbh->fetch_result($result, 0, "last_updated"); $last_updated = make_local_datetime($last_updated, false); $reply['headlines']['content'] .= sprintf(__("Feeds last updated at %s"), $last_updated); - $result = db_query("SELECT COUNT(id) AS num_errors + $result = $this->dbh->query("SELECT COUNT(id) AS num_errors FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]); - $num_errors = db_fetch_result($result, 0, "num_errors"); + $num_errors = $this->dbh->fetch_result($result, 0, "num_errors"); if ($num_errors > 0) { $reply['headlines']['content'] .= "<br/>"; @@ -1044,7 +1044,7 @@ class Feeds extends Handler_Protected { function feedBrowser() { if (defined('_DISABLE_FEED_BROWSER') && _DISABLE_FEED_BROWSER) return; - $browser_search = db_escape_string($_REQUEST["search"]); + $browser_search = $this->dbh->escape_string($_REQUEST["search"]); print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"rpc\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"updateFeedBrowser\">"; @@ -1092,7 +1092,7 @@ class Feeds extends Handler_Protected { } function search() { - $this->params = explode(":", db_escape_string($_REQUEST["param"]), 2); + $this->params = explode(":", $this->dbh->escape_string($_REQUEST["param"]), 2); $active_feed_id = sprintf("%d", $this->params[0]); $is_cat = $this->params[1] != "false"; diff --git a/classes/handler/public.php b/classes/handler/public.php index 5af416adc..439cc7d4d 100644 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -28,8 +28,8 @@ class Handler_Public extends Handler { $result = $qfh_ret[0]; - if (db_num_rows($result) != 0) { - $ts = strtotime(db_fetch_result($result, 0, "date_entered")); + if ($this->dbh->num_rows($result) != 0) { + $ts = strtotime($this->dbh->fetch_result($result, 0, "date_entered")); if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) >= $ts) { @@ -74,7 +74,7 @@ class Handler_Public extends Handler { $tpl->setVariable('SELF_URL', htmlspecialchars(get_self_url_prefix()), true); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $tpl->setVariable('ARTICLE_ID', htmlspecialchars($line['link']), true); $tpl->setVariable('ARTICLE_LINK', htmlspecialchars($line['link']), true); @@ -151,7 +151,7 @@ class Handler_Public extends Handler { $feed['articles'] = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $article = array(); $article['id'] = $line['link']; @@ -201,13 +201,13 @@ class Handler_Public extends Handler { } function getUnread() { - $login = db_escape_string($_REQUEST["login"]); + $login = $this->dbh->escape_string($_REQUEST["login"]); $fresh = $_REQUEST["fresh"] == "1"; - $result = db_query("SELECT id FROM ttrss_users WHERE login = '$login'"); + $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE login = '$login'"); - if (db_num_rows($result) == 1) { - $uid = db_fetch_result($result, 0, "id"); + if ($this->dbh->num_rows($result) == 1) { + $uid = $this->dbh->fetch_result($result, 0, "id"); print getGlobalUnread($uid); @@ -223,16 +223,16 @@ class Handler_Public extends Handler { } function getProfiles() { - $login = db_escape_string($_REQUEST["login"]); + $login = $this->dbh->escape_string($_REQUEST["login"]); - $result = db_query("SELECT * FROM ttrss_settings_profiles,ttrss_users + $result = $this->dbh->query("SELECT * FROM ttrss_settings_profiles,ttrss_users WHERE ttrss_users.id = ttrss_settings_profiles.owner_uid AND login = '$login' ORDER BY title"); print "<select dojoType='dijit.form.Select' style='width : 220px; margin : 0px' name='profile'>"; print "<option value='0'>" . __("Default profile") . "</option>"; - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $id = $line["id"]; $title = $line["title"]; @@ -243,9 +243,9 @@ class Handler_Public extends Handler { } function pubsub() { - $mode = db_escape_string($_REQUEST['hub_mode']); - $feed_id = (int) db_escape_string($_REQUEST['id']); - $feed_url = db_escape_string($_REQUEST['hub_topic']); + $mode = $this->dbh->escape_string($_REQUEST['hub_mode']); + $feed_id = (int) $this->dbh->escape_string($_REQUEST['id']); + $feed_url = $this->dbh->escape_string($_REQUEST['hub_topic']); if (!PUBSUBHUBBUB_ENABLED) { header('HTTP/1.0 404 Not Found'); @@ -255,17 +255,17 @@ class Handler_Public extends Handler { // TODO: implement hub_verifytoken checking - $result = db_query("SELECT feed_url FROM ttrss_feeds + $result = $this->dbh->query("SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'"); - if (db_num_rows($result) != 0) { + if ($this->dbh->num_rows($result) != 0) { - $check_feed_url = db_fetch_result($result, 0, "feed_url"); + $check_feed_url = $this->dbh->fetch_result($result, 0, "feed_url"); if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) { if ($mode == "subscribe") { - db_query("UPDATE ttrss_feeds SET pubsub_state = 2 + $this->dbh->query("UPDATE ttrss_feeds SET pubsub_state = 2 WHERE id = '$feed_id'"); print $_REQUEST['hub_challenge']; @@ -273,7 +273,7 @@ class Handler_Public extends Handler { } else if ($mode == "unsubscribe") { - db_query("UPDATE ttrss_feeds SET pubsub_state = 0 + $this->dbh->query("UPDATE ttrss_feeds SET pubsub_state = 0 WHERE id = '$feed_id'"); print $_REQUEST['hub_challenge']; @@ -284,7 +284,7 @@ class Handler_Public extends Handler { // Received update ping, schedule feed update. //update_rss_feed($feed_id, true, true); - db_query("UPDATE ttrss_feeds SET + $this->dbh->query("UPDATE ttrss_feeds SET last_update_started = '1970-01-01', last_updated = '1970-01-01' WHERE id = '$feed_id'"); @@ -306,16 +306,16 @@ class Handler_Public extends Handler { } function share() { - $uuid = db_escape_string($_REQUEST["key"]); + $uuid = $this->dbh->escape_string($_REQUEST["key"]); - $result = db_query("SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE + $result = $this->dbh->query("SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE uuid = '$uuid'"); - if (db_num_rows($result) != 0) { + if ($this->dbh->num_rows($result) != 0) { header("Content-Type: text/html"); - $id = db_fetch_result($result, 0, "ref_id"); - $owner_uid = db_fetch_result($result, 0, "owner_uid"); + $id = $this->dbh->fetch_result($result, 0, "ref_id"); + $owner_uid = $this->dbh->fetch_result($result, 0, "owner_uid"); $article = format_article($id, false, true, $owner_uid); @@ -328,17 +328,17 @@ class Handler_Public extends Handler { } function rss() { - $feed = db_escape_string($_REQUEST["id"]); - $key = db_escape_string($_REQUEST["key"]); + $feed = $this->dbh->escape_string($_REQUEST["id"]); + $key = $this->dbh->escape_string($_REQUEST["key"]); $is_cat = $_REQUEST["is_cat"] != false; - $limit = (int)db_escape_string($_REQUEST["limit"]); - $offset = (int)db_escape_string($_REQUEST["offset"]); + $limit = (int)$this->dbh->escape_string($_REQUEST["limit"]); + $offset = (int)$this->dbh->escape_string($_REQUEST["offset"]); - $search = db_escape_string($_REQUEST["q"]); - $search_mode = db_escape_string($_REQUEST["smode"]); - $view_mode = db_escape_string($_REQUEST["view-mode"]); + $search = $this->dbh->escape_string($_REQUEST["q"]); + $search_mode = $this->dbh->escape_string($_REQUEST["smode"]); + $view_mode = $this->dbh->escape_string($_REQUEST["view-mode"]); - $format = db_escape_string($_REQUEST['format']); + $format = $this->dbh->escape_string($_REQUEST['format']); if (!$format) $format = 'atom'; @@ -349,11 +349,11 @@ class Handler_Public extends Handler { $owner_id = false; if ($key) { - $result = db_query("SELECT owner_uid FROM + $result = $this->dbh->query("SELECT owner_uid FROM ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'"); - if (db_num_rows($result) == 1) - $owner_id = db_fetch_result($result, 0, "owner_uid"); + if ($this->dbh->num_rows($result) == 1) + $owner_id = $this->dbh->fetch_result($result, 0, "owner_uid"); } if ($owner_id) { @@ -402,10 +402,10 @@ class Handler_Public extends Handler { if ($action == 'share') { - $title = db_escape_string(strip_tags($_REQUEST["title"])); - $url = db_escape_string(strip_tags($_REQUEST["url"])); - $content = db_escape_string(strip_tags($_REQUEST["content"])); - $labels = db_escape_string(strip_tags($_REQUEST["labels"])); + $title = $this->dbh->escape_string(strip_tags($_REQUEST["title"])); + $url = $this->dbh->escape_string(strip_tags($_REQUEST["url"])); + $content = $this->dbh->escape_string(strip_tags($_REQUEST["content"])); + $labels = $this->dbh->escape_string(strip_tags($_REQUEST["labels"])); Article::create_published_article($title, $url, $content, $labels, $_SESSION["uid"]); @@ -513,7 +513,7 @@ class Handler_Public extends Handler { if (!SINGLE_USER_MODE) { - $login = db_escape_string($_POST["login"]); + $login = $this->dbh->escape_string($_POST["login"]); $password = $_POST["password"]; $remember_me = $_POST["remember_me"]; @@ -534,12 +534,12 @@ class Handler_Public extends Handler { if ($_POST["profile"]) { - $profile = db_escape_string($_POST["profile"]); + $profile = $this->dbh->escape_string($_POST["profile"]); - $result = db_query("SELECT id FROM ttrss_settings_profiles + $result = $this->dbh->query("SELECT id FROM ttrss_settings_profiles WHERE id = '$profile' AND owner_uid = " . $_SESSION["uid"]); - if (db_num_rows($result) != 0) { + if ($this->dbh->num_rows($result) != 0) { $_SESSION["profile"] = $profile; $_SESSION["prefs_cache"] = array(); } @@ -563,7 +563,7 @@ class Handler_Public extends Handler { if ($_SESSION["uid"]) { - $feed_url = db_escape_string(trim($_REQUEST["feed_url"])); + $feed_url = $this->dbh->escape_string(trim($_REQUEST["feed_url"])); header('Content-Type: text/html; charset=utf-8'); print "<html> @@ -625,10 +625,10 @@ class Handler_Public extends Handler { $tt_uri = get_self_url_prefix(); if ($rc['code'] <= 2){ - $result = db_query("SELECT id FROM ttrss_feeds WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); - $feed_id = db_fetch_result($result, 0, "id"); + $feed_id = $this->dbh->fetch_result($result, 0, "id"); } else { $feed_id = 0; } @@ -656,14 +656,14 @@ class Handler_Public extends Handler { } function subscribe2() { - $feed_url = db_escape_string(trim($_REQUEST["feed_url"])); - $cat_id = db_escape_string($_REQUEST["cat_id"]); - $from = db_escape_string($_REQUEST["from"]); + $feed_url = $this->dbh->escape_string(trim($_REQUEST["feed_url"])); + $cat_id = $this->dbh->escape_string($_REQUEST["cat_id"]); + $from = $this->dbh->escape_string($_REQUEST["from"]); /* only read authentication information from POST */ - $auth_login = db_escape_string(trim($_POST["auth_login"])); - $auth_pass = db_escape_string(trim($_POST["auth_pass"])); + $auth_login = $this->dbh->escape_string(trim($_POST["auth_login"])); + $auth_pass = $this->dbh->escape_string(trim($_POST["auth_pass"])); $rc = subscribe_to_feed($feed_url, $cat_id, $auth_login, $auth_pass); @@ -712,10 +712,10 @@ class Handler_Public extends Handler { $tt_uri = get_self_url_prefix(); if ($rc <= 2){ - $result = db_query("SELECT id FROM ttrss_feeds WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); - $feed_id = db_fetch_result($result, 0, "id"); + $feed_id = $this->dbh->fetch_result($result, 0, "id"); } else { $feed_id = 0; } @@ -788,9 +788,9 @@ class Handler_Public extends Handler { print "</form>"; } else if ($method == 'do') { - $login = db_escape_string($_POST["login"]); - $email = db_escape_string($_POST["email"]); - $test = db_escape_string($_POST["test"]); + $login = $this->dbh->escape_string($_POST["login"]); + $email = $this->dbh->escape_string($_POST["email"]); + $test = $this->dbh->escape_string($_POST["test"]); if (($test != 4 && $test != 'four') || !$email || !$login) { print_error(__('Some of the required form parameters are missing or incorrect.')); @@ -802,11 +802,11 @@ class Handler_Public extends Handler { } else { - $result = db_query("SELECT id FROM ttrss_users + $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE login = '$login' AND email = '$email'"); - if (db_num_rows($result) != 0) { - $id = db_fetch_result($result, 0, "id"); + if ($this->dbh->num_rows($result) != 0) { + $id = $this->dbh->fetch_result($result, 0, "id"); Pref_Users::resetUserPassword($id, false); diff --git a/classes/logger/sql.php b/classes/logger/sql.php index 888ef67dd..4d1f12065 100644 --- a/classes/logger/sql.php +++ b/classes/logger/sql.php @@ -12,7 +12,7 @@ class Logger_SQL { $file = Db::get()->escape_string($file); $line = Db::get()->escape_string($line); $context = ''; // backtrace is a lot of data which is not really critical to store - //$context = db_escape_string(serialize($context)); + //$context = $this->dbh->escape_string(serialize($context)); $owner_uid = $_SESSION["uid"] ? $_SESSION["uid"] : "NULL"; diff --git a/classes/opml.php b/classes/opml.php index 986386378..3f4030dea 100644 --- a/classes/opml.php +++ b/classes/opml.php @@ -66,27 +66,27 @@ class Opml extends Handler_Protected { $out = ""; if ($cat_id) { - $result = db_query("SELECT title FROM ttrss_feed_categories WHERE id = '$cat_id' + $result = $this->dbh->query("SELECT title FROM ttrss_feed_categories WHERE id = '$cat_id' AND owner_uid = '$owner_uid'"); - $cat_title = htmlspecialchars(db_fetch_result($result, 0, "title")); + $cat_title = htmlspecialchars($this->dbh->fetch_result($result, 0, "title")); } if ($cat_title) $out .= "<outline text=\"$cat_title\">\n"; - $result = db_query("SELECT id,title + $result = $this->dbh->query("SELECT id,title FROM ttrss_feed_categories WHERE $cat_qpart AND owner_uid = '$owner_uid' ORDER BY order_id, title"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $title = htmlspecialchars($line["title"]); $out .= $this->opml_export_category($owner_uid, $line["id"], $hide_private_feeds); } - $feeds_result = db_query("select title, feed_url, site_url + $feeds_result = $this->dbh->query("select title, feed_url, site_url from ttrss_feeds where $feed_cat_qpart AND owner_uid = '$owner_uid' AND $hide_qpart order by order_id, title"); - while ($fline = db_fetch_assoc($feeds_result)) { + while ($fline = $this->dbh->fetch_assoc($feeds_result)) { $title = htmlspecialchars($fline["title"]); $url = htmlspecialchars($fline["feed_url"]); $site_url = htmlspecialchars($fline["site_url"]); @@ -131,10 +131,10 @@ class Opml extends Handler_Protected { if ($include_settings) { $out .= "<outline text=\"tt-rss-prefs\" schema-version=\"".SCHEMA_VERSION."\">"; - $result = db_query("SELECT pref_name, value FROM ttrss_user_prefs WHERE + $result = $this->dbh->query("SELECT pref_name, value FROM ttrss_user_prefs WHERE profile IS NULL AND owner_uid = " . $_SESSION["uid"] . " ORDER BY pref_name"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $name = $line["pref_name"]; $value = htmlspecialchars($line["value"]); @@ -145,10 +145,10 @@ class Opml extends Handler_Protected { $out .= "<outline text=\"tt-rss-labels\" schema-version=\"".SCHEMA_VERSION."\">"; - $result = db_query("SELECT * FROM ttrss_labels2 WHERE + $result = $this->dbh->query("SELECT * FROM ttrss_labels2 WHERE owner_uid = " . $_SESSION['uid']); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $name = htmlspecialchars($line['caption']); $fg_color = htmlspecialchars($line['fg_color']); $bg_color = htmlspecialchars($line['bg_color']); @@ -161,10 +161,10 @@ class Opml extends Handler_Protected { $out .= "<outline text=\"tt-rss-filters\" schema-version=\"".SCHEMA_VERSION."\">"; - $result = db_query("SELECT * FROM ttrss_filters2 + $result = $this->dbh->query("SELECT * FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY id"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { foreach (array('enabled', 'match_any_rule') as $b) { $line[$b] = sql_bool_to_bool($line[$b]); } @@ -172,10 +172,10 @@ class Opml extends Handler_Protected { $line["rules"] = array(); $line["actions"] = array(); - $tmp_result = db_query("SELECT * FROM ttrss_filters2_rules + $tmp_result = $this->dbh->query("SELECT * FROM ttrss_filters2_rules WHERE filter_id = ".$line["id"]); - while ($tmp_line = db_fetch_assoc($tmp_result)) { + while ($tmp_line = $this->dbh->fetch_assoc($tmp_result)) { unset($tmp_line["id"]); unset($tmp_line["filter_id"]); @@ -197,10 +197,10 @@ class Opml extends Handler_Protected { array_push($line["rules"], $tmp_line); } - $tmp_result = db_query("SELECT * FROM ttrss_filters2_actions + $tmp_result = $this->dbh->query("SELECT * FROM ttrss_filters2_actions WHERE filter_id = ".$line["id"]); - while ($tmp_line = db_fetch_assoc($tmp_result)) { + while ($tmp_line = $this->dbh->fetch_assoc($tmp_result)) { unset($tmp_line["id"]); unset($tmp_line["filter_id"]); @@ -253,19 +253,19 @@ class Opml extends Handler_Protected { private function opml_import_feed($doc, $node, $cat_id, $owner_uid) { $attrs = $node->attributes; - $feed_title = db_escape_string(mb_substr($attrs->getNamedItem('text')->nodeValue, 0, 250)); - if (!$feed_title) $feed_title = db_escape_string(mb_substr($attrs->getNamedItem('title')->nodeValue, 0, 250)); + $feed_title = $this->dbh->escape_string(mb_substr($attrs->getNamedItem('text')->nodeValue, 0, 250)); + if (!$feed_title) $feed_title = $this->dbh->escape_string(mb_substr($attrs->getNamedItem('title')->nodeValue, 0, 250)); - $feed_url = db_escape_string(mb_substr($attrs->getNamedItem('xmlUrl')->nodeValue, 0, 250)); - if (!$feed_url) $feed_url = db_escape_string(mb_substr($attrs->getNamedItem('xmlURL')->nodeValue, 0, 250)); + $feed_url = $this->dbh->escape_string(mb_substr($attrs->getNamedItem('xmlUrl')->nodeValue, 0, 250)); + if (!$feed_url) $feed_url = $this->dbh->escape_string(mb_substr($attrs->getNamedItem('xmlURL')->nodeValue, 0, 250)); - $site_url = db_escape_string(mb_substr($attrs->getNamedItem('htmlUrl')->nodeValue, 0, 250)); + $site_url = $this->dbh->escape_string(mb_substr($attrs->getNamedItem('htmlUrl')->nodeValue, 0, 250)); if ($feed_url && $feed_title) { - $result = db_query("SELECT id FROM ttrss_feeds WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = '$owner_uid'"); - if (db_num_rows($result) == 0) { + if ($this->dbh->num_rows($result) == 0) { #$this->opml_notice("[FEED] [$feed_title/$feed_url] dst_CAT=$cat_id"); $this->opml_notice(T_sprintf("Adding feed: %s", $feed_title)); @@ -275,7 +275,7 @@ class Opml extends Handler_Protected { (title, feed_url, owner_uid, cat_id, site_url, order_id) VALUES ('$feed_title', '$feed_url', '$owner_uid', $cat_id, '$site_url', 0)"; - db_query($query); + $this->dbh->query($query); } else { $this->opml_notice(T_sprintf("Duplicate feed: %s", $feed_title)); @@ -285,11 +285,11 @@ class Opml extends Handler_Protected { private function opml_import_label($doc, $node, $owner_uid) { $attrs = $node->attributes; - $label_name = db_escape_string($attrs->getNamedItem('label-name')->nodeValue); + $label_name = $this->dbh->escape_string($attrs->getNamedItem('label-name')->nodeValue); if ($label_name) { - $fg_color = db_escape_string($attrs->getNamedItem('label-fg-color')->nodeValue); - $bg_color = db_escape_string($attrs->getNamedItem('label-bg-color')->nodeValue); + $fg_color = $this->dbh->escape_string($attrs->getNamedItem('label-fg-color')->nodeValue); + $bg_color = $this->dbh->escape_string($attrs->getNamedItem('label-bg-color')->nodeValue); if (!label_find_id($label_name, $_SESSION['uid'])) { $this->opml_notice(T_sprintf("Adding label %s", htmlspecialchars($label_name))); @@ -302,10 +302,10 @@ class Opml extends Handler_Protected { private function opml_import_preference($doc, $node, $owner_uid) { $attrs = $node->attributes; - $pref_name = db_escape_string($attrs->getNamedItem('pref-name')->nodeValue); + $pref_name = $this->dbh->escape_string($attrs->getNamedItem('pref-name')->nodeValue); if ($pref_name) { - $pref_value = db_escape_string($attrs->getNamedItem('value')->nodeValue); + $pref_value = $this->dbh->escape_string($attrs->getNamedItem('value')->nodeValue); $this->opml_notice(T_sprintf("Setting preference key %s to %s", $pref_name, $pref_value)); @@ -317,7 +317,7 @@ class Opml extends Handler_Protected { private function opml_import_filter($doc, $node, $owner_uid) { $attrs = $node->attributes; - $filter_type = db_escape_string($attrs->getNamedItem('filter-type')->nodeValue); + $filter_type = $this->dbh->escape_string($attrs->getNamedItem('filter-type')->nodeValue); if ($filter_type == '2') { $filter = json_decode($node->nodeValue, true); @@ -326,14 +326,14 @@ class Opml extends Handler_Protected { $match_any_rule = bool_to_sql_bool($filter["match_any_rule"]); $enabled = bool_to_sql_bool($filter["enabled"]); - db_query("BEGIN"); + $this->dbh->query("BEGIN"); - db_query("INSERT INTO ttrss_filters2 (match_any_rule,enabled,owner_uid) + $this->dbh->query("INSERT INTO ttrss_filters2 (match_any_rule,enabled,owner_uid) VALUES ($match_any_rule, $enabled,".$_SESSION["uid"].")"); - $result = db_query("SELECT MAX(id) AS id FROM ttrss_filters2 WHERE + $result = $this->dbh->query("SELECT MAX(id) AS id FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"]); - $filter_id = db_fetch_result($result, 0, "id"); + $filter_id = $this->dbh->fetch_result($result, 0, "id"); if ($filter_id) { $this->opml_notice(T_sprintf("Adding filter...")); @@ -343,39 +343,39 @@ class Opml extends Handler_Protected { $cat_id = "NULL"; if (!$rule["cat_filter"]) { - $tmp_result = db_query("SELECT id FROM ttrss_feeds - WHERE title = '".db_escape_string($rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); - if (db_num_rows($tmp_result) > 0) { - $feed_id = db_fetch_result($tmp_result, 0, "id"); + $tmp_result = $this->dbh->query("SELECT id FROM ttrss_feeds + WHERE title = '".$this->dbh->escape_string($rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); + if ($this->dbh->num_rows($tmp_result) > 0) { + $feed_id = $this->dbh->fetch_result($tmp_result, 0, "id"); } } else { - $tmp_result = db_query("SELECT id FROM ttrss_feed_categories - WHERE title = '".db_escape_string($rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); + $tmp_result = $this->dbh->query("SELECT id FROM ttrss_feed_categories + WHERE title = '".$this->dbh->escape_string($rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); - if (db_num_rows($tmp_result) > 0) { - $cat_id = db_fetch_result($tmp_result, 0, "id"); + if ($this->dbh->num_rows($tmp_result) > 0) { + $cat_id = $this->dbh->fetch_result($tmp_result, 0, "id"); } } $cat_filter = bool_to_sql_bool($rule["cat_filter"]); - $reg_exp = db_escape_string($rule["reg_exp"]); + $reg_exp = $this->dbh->escape_string($rule["reg_exp"]); $filter_type = (int)$rule["filter_type"]; - db_query("INSERT INTO ttrss_filters2_rules (feed_id,cat_id,filter_id,filter_type,reg_exp,cat_filter) + $this->dbh->query("INSERT INTO ttrss_filters2_rules (feed_id,cat_id,filter_id,filter_type,reg_exp,cat_filter) VALUES ($feed_id, $cat_id, $filter_id, $filter_type, '$reg_exp', $cat_filter)"); } foreach ($filter["actions"] as $action) { $action_id = (int)$action["action_id"]; - $action_param = db_escape_string($action["action_param"]); + $action_param = $this->dbh->escape_string($action["action_param"]); - db_query("INSERT INTO ttrss_filters2_actions (filter_id,action_id,action_param) + $this->dbh->query("INSERT INTO ttrss_filters2_actions (filter_id,action_id,action_param) VALUES ($filter_id, $action_id, '$action_param')"); } } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } } } @@ -386,19 +386,19 @@ class Opml extends Handler_Protected { $default_cat_id = (int) get_feed_category('Imported feeds', false); if ($root_node) { - $cat_title = db_escape_string(mb_substr($root_node->attributes->getNamedItem('text')->nodeValue, 0, 250)); + $cat_title = $this->dbh->escape_string(mb_substr($root_node->attributes->getNamedItem('text')->nodeValue, 0, 250)); if (!$cat_title) - $cat_title = db_escape_string(mb_substr($root_node->attributes->getNamedItem('title')->nodeValue, 0, 250)); + $cat_title = $this->dbh->escape_string(mb_substr($root_node->attributes->getNamedItem('title')->nodeValue, 0, 250)); if (!in_array($cat_title, array("tt-rss-filters", "tt-rss-labels", "tt-rss-prefs"))) { $cat_id = get_feed_category($cat_title, $parent_id); - db_query("BEGIN"); + $this->dbh->query("BEGIN"); if ($cat_id === false) { add_feed_category($cat_title, $parent_id); $cat_id = get_feed_category($cat_title, $parent_id); } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } else { $cat_id = 0; } @@ -418,12 +418,12 @@ class Opml extends Handler_Protected { foreach ($outlines as $node) { if ($node->hasAttributes() && strtolower($node->tagName) == "outline") { $attrs = $node->attributes; - $node_cat_title = db_escape_string($attrs->getNamedItem('text')->nodeValue); + $node_cat_title = $this->dbh->escape_string($attrs->getNamedItem('text')->nodeValue); if (!$node_cat_title) - $node_cat_title = db_escape_string($attrs->getNamedItem('title')->nodeValue); + $node_cat_title = $this->dbh->escape_string($attrs->getNamedItem('title')->nodeValue); - $node_feed_url = db_escape_string($attrs->getNamedItem('xmlUrl')->nodeValue); + $node_feed_url = $this->dbh->escape_string($attrs->getNamedItem('xmlUrl')->nodeValue); if ($node_cat_title && !$node_feed_url) { $this->opml_import_category($doc, $node, $owner_uid, $cat_id); diff --git a/classes/pluginhost.php b/classes/pluginhost.php index 0fbf0422e..c10f789b5 100644 --- a/classes/pluginhost.php +++ b/classes/pluginhost.php @@ -222,12 +222,12 @@ class PluginHost { function load_data($force = false) { if ($this->owner_uid && (!$_SESSION["plugin_storage"] || $force)) { - $plugin = db_escape_string($plugin); + $plugin = $this->dbh->escape_string($plugin); - $result = db_query("SELECT name, content FROM ttrss_plugin_storage + $result = $this->dbh->query("SELECT name, content FROM ttrss_plugin_storage WHERE owner_uid = '".$this->owner_uid."'"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $this->storage[$line["name"]] = unserialize($line["content"]); } @@ -237,29 +237,29 @@ class PluginHost { private function save_data($plugin) { if ($this->owner_uid) { - $plugin = db_escape_string($plugin); + $plugin = $this->dbh->escape_string($plugin); - db_query("BEGIN"); + $this->dbh->query("BEGIN"); - $result = db_query("SELECT id FROM ttrss_plugin_storage WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_plugin_storage WHERE owner_uid= '".$this->owner_uid."' AND name = '$plugin'"); if (!isset($this->storage[$plugin])) $this->storage[$plugin] = array(); - $content = db_escape_string(serialize($this->storage[$plugin])); + $content = $this->dbh->escape_string(serialize($this->storage[$plugin])); - if (db_num_rows($result) != 0) { - db_query("UPDATE ttrss_plugin_storage SET content = '$content' + if ($this->dbh->num_rows($result) != 0) { + $this->dbh->query("UPDATE ttrss_plugin_storage SET content = '$content' WHERE owner_uid= '".$this->owner_uid."' AND name = '$plugin'"); } else { - db_query("INSERT INTO ttrss_plugin_storage + $this->dbh->query("INSERT INTO ttrss_plugin_storage (name,owner_uid,content) VALUES ('$plugin','".$this->owner_uid."','$content')"); } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } } @@ -298,7 +298,7 @@ class PluginHost { unset($this->storage[$idx]); - db_query("DELETE FROM ttrss_plugin_storage WHERE name = '$idx' + $this->dbh->query("DELETE FROM ttrss_plugin_storage WHERE name = '$idx' AND owner_uid = " . $this->owner_uid); $_SESSION["plugin_storage"] = $this->storage; diff --git a/classes/pref/feeds.php b/classes/pref/feeds.php index 970b88822..054ea4e8c 100644 --- a/classes/pref/feeds.php +++ b/classes/pref/feeds.php @@ -15,11 +15,11 @@ class Pref_Feeds extends Handler_Protected { } function renamecat() { - $title = db_escape_string($_REQUEST['title']); - $id = db_escape_string($_REQUEST['id']); + $title = $this->dbh->escape_string($_REQUEST['title']); + $id = $this->dbh->escape_string($_REQUEST['id']); if ($title) { - db_query("UPDATE ttrss_feed_categories SET + $this->dbh->query("UPDATE ttrss_feed_categories SET title = '$title' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } return; @@ -41,10 +41,10 @@ class Pref_Feeds extends Handler_Protected { $items = array(); - $result = db_query("SELECT id, title FROM ttrss_feed_categories + $result = $this->dbh->query("SELECT id, title FROM ttrss_feed_categories WHERE owner_uid = " . $_SESSION["uid"] . " AND parent_cat = '$cat_id' ORDER BY order_id, title"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $cat = array(); $cat['id'] = 'CAT:' . $line['id']; @@ -65,13 +65,13 @@ class Pref_Feeds extends Handler_Protected { } - $feed_result = db_query("SELECT id, title, last_error, + $feed_result = $this->dbh->query("SELECT id, title, last_error, ".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated FROM ttrss_feeds WHERE cat_id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]. "$search_qpart ORDER BY order_id, title"); - while ($feed_line = db_fetch_assoc($feed_result)) { + while ($feed_line = $this->dbh->fetch_assoc($feed_result)) { $feed = array(); $feed['id'] = 'FEED:' . $feed_line['id']; $feed['bare_id'] = (int)$feed_line['id']; @@ -154,10 +154,10 @@ class Pref_Feeds extends Handler_Protected { $root['items'] = array_merge($root['items'], $cat['items']); } - $result = db_query("SELECT * FROM + $result = $this->dbh->query("SELECT * FROM ttrss_labels2 WHERE owner_uid = ".$_SESSION['uid']." ORDER by caption"); - if (db_num_rows($result) > 0) { + if ($this->dbh->num_rows($result) > 0) { if (get_pref('ENABLE_FEED_CATS')) { $cat = $this->feedlist_init_cat(-2); @@ -165,7 +165,7 @@ class Pref_Feeds extends Handler_Protected { $cat['items'] = array(); } - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $label_id = label_to_feed_id($line['id']); @@ -190,10 +190,10 @@ class Pref_Feeds extends Handler_Protected { ($_REQUEST['mode'] != 2 && !$search && get_pref('_PREFS_SHOW_EMPTY_CATS')); - $result = db_query("SELECT id, title FROM ttrss_feed_categories + $result = $this->dbh->query("SELECT id, title FROM ttrss_feed_categories WHERE owner_uid = " . $_SESSION["uid"] . " AND parent_cat IS NULL ORDER BY order_id, title"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $cat = array(); $cat['id'] = 'CAT:' . $line['id']; $cat['bare_id'] = (int)$line['id']; @@ -226,13 +226,13 @@ class Pref_Feeds extends Handler_Protected { $cat['unread'] = 0; $cat['child_unread'] = 0; - $feed_result = db_query("SELECT id, title,last_error, + $feed_result = $this->dbh->query("SELECT id, title,last_error, ".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated FROM ttrss_feeds WHERE cat_id IS NULL AND owner_uid = ".$_SESSION["uid"]. "$search_qpart ORDER BY order_id, title"); - while ($feed_line = db_fetch_assoc($feed_result)) { + while ($feed_line = $this->dbh->fetch_assoc($feed_result)) { $feed = array(); $feed['id'] = 'FEED:' . $feed_line['id']; $feed['bare_id'] = (int)$feed_line['id']; @@ -257,13 +257,13 @@ class Pref_Feeds extends Handler_Protected { $root['param'] = vsprintf(_ngettext('(%d feed)', '(%d feeds)', count($cat['items'])), count($cat['items'])); } else { - $feed_result = db_query("SELECT id, title, last_error, + $feed_result = $this->dbh->query("SELECT id, title, last_error, ".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated FROM ttrss_feeds WHERE owner_uid = ".$_SESSION["uid"]. "$search_qpart ORDER BY order_id, title"); - while ($feed_line = db_fetch_assoc($feed_result)) { + while ($feed_line = $this->dbh->fetch_assoc($feed_result)) { $feed = array(); $feed['id'] = 'FEED:' . $feed_line['id']; $feed['bare_id'] = (int)$feed_line['id']; @@ -296,13 +296,13 @@ class Pref_Feeds extends Handler_Protected { } function catsortreset() { - db_query("UPDATE ttrss_feed_categories + $this->dbh->query("UPDATE ttrss_feed_categories SET order_id = 0 WHERE owner_uid = " . $_SESSION["uid"]); return; } function feedsortreset() { - db_query("UPDATE ttrss_feeds + $this->dbh->query("UPDATE ttrss_feeds SET order_id = 0 WHERE owner_uid = " . $_SESSION["uid"]); return; } @@ -326,12 +326,12 @@ class Pref_Feeds extends Handler_Protected { if ($item_id != 'root') { if ($parent_id && $parent_id != 'root') { $parent_bare_id = substr($parent_id, strpos($parent_id, ':')+1); - $parent_qpart = db_escape_string($parent_bare_id); + $parent_qpart = $this->dbh->escape_string($parent_bare_id); } else { $parent_qpart = 'NULL'; } - db_query("UPDATE ttrss_feed_categories + $this->dbh->query("UPDATE ttrss_feed_categories SET parent_cat = $parent_qpart WHERE id = '$bare_item_id' AND owner_uid = " . $_SESSION["uid"]); } @@ -352,12 +352,12 @@ class Pref_Feeds extends Handler_Protected { if (strpos($id, "FEED") === 0) { $cat_id = ($item_id != "root") ? - db_escape_string($bare_item_id) : "NULL"; + $this->dbh->escape_string($bare_item_id) : "NULL"; $cat_qpart = ($cat_id != 0) ? "cat_id = '$cat_id'" : "cat_id = NULL"; - db_query("UPDATE ttrss_feeds + $this->dbh->query("UPDATE ttrss_feeds SET order_id = $order_id, $cat_qpart WHERE id = '$bare_id' AND owner_uid = " . $_SESSION["uid"]); @@ -367,12 +367,12 @@ class Pref_Feeds extends Handler_Protected { $nest_level+1); if ($item_id != 'root') { - $parent_qpart = db_escape_string($bare_id); + $parent_qpart = $this->dbh->escape_string($bare_id); } else { $parent_qpart = 'NULL'; } - db_query("UPDATE ttrss_feed_categories + $this->dbh->query("UPDATE ttrss_feed_categories SET order_id = '$order_id' WHERE id = '$bare_id' AND owner_uid = " . $_SESSION["uid"]); } @@ -424,7 +424,7 @@ class Pref_Feeds extends Handler_Protected { ++$cat_order_id; if ($bare_id > 0) { - db_query("UPDATE ttrss_feed_categories + $this->dbh->query("UPDATE ttrss_feed_categories SET order_id = '$cat_order_id' WHERE id = '$bare_id' AND owner_uid = " . $_SESSION["uid"]); } @@ -441,7 +441,7 @@ class Pref_Feeds extends Handler_Protected { else $cat_query = "cat_id = NULL"; - db_query("UPDATE ttrss_feeds + $this->dbh->query("UPDATE ttrss_feeds SET order_id = '$feed_order_id', $cat_query WHERE id = '$feed_id' AND @@ -457,15 +457,15 @@ class Pref_Feeds extends Handler_Protected { } function removeicon() { - $feed_id = db_escape_string($_REQUEST["feed_id"]); + $feed_id = $this->dbh->escape_string($_REQUEST["feed_id"]); - $result = db_query("SELECT id FROM ttrss_feeds + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = ". $_SESSION["uid"]); - if (db_num_rows($result) != 0) { + if ($this->dbh->num_rows($result) != 0) { @unlink(ICONS_DIR . "/$feed_id.ico"); - db_query("UPDATE ttrss_feeds SET favicon_avg_color = NULL + $this->dbh->query("UPDATE ttrss_feeds SET favicon_avg_color = NULL where id = '$feed_id'"); } @@ -491,24 +491,24 @@ class Pref_Feeds extends Handler_Protected { } $icon_file = $tmp_file; - $feed_id = db_escape_string($_REQUEST["feed_id"]); + $feed_id = $this->dbh->escape_string($_REQUEST["feed_id"]); if (is_file($icon_file) && $feed_id) { if (filesize($icon_file) < 20000) { - $result = db_query("SELECT id FROM ttrss_feeds + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = ". $_SESSION["uid"]); - if (db_num_rows($result) != 0) { + if ($this->dbh->num_rows($result) != 0) { @unlink(ICONS_DIR . "/$feed_id.ico"); if (rename($icon_file, ICONS_DIR . "/$feed_id.ico")) { require_once "colors.php"; - $favicon_color = db_escape_string( + $favicon_color = $this->dbh->escape_string( calculate_avg_color(ICONS_DIR . "/$feed_id.ico")); - db_query("UPDATE ttrss_feeds SET + $this->dbh->query("UPDATE ttrss_feeds SET favicon_avg_color = '$favicon_color' WHERE id = '$feed_id'"); @@ -536,16 +536,16 @@ class Pref_Feeds extends Handler_Protected { global $purge_intervals; global $update_intervals; - $feed_id = db_escape_string($_REQUEST["id"]); + $feed_id = $this->dbh->escape_string($_REQUEST["id"]); - $result = db_query( + $result = $this->dbh->query( "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); - $auth_pass_encrypted = sql_bool_to_bool(db_fetch_result($result, 0, + $auth_pass_encrypted = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "auth_pass_encrypted")); - $title = htmlspecialchars(db_fetch_result($result, + $title = htmlspecialchars($this->dbh->fetch_result($result, 0, "title")); print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"id\" value=\"$feed_id\">"; @@ -563,8 +563,8 @@ class Pref_Feeds extends Handler_Protected { /* Feed URL */ - $feed_url = db_fetch_result($result, 0, "feed_url"); - $feed_url = htmlspecialchars(db_fetch_result($result, + $feed_url = $this->dbh->fetch_result($result, 0, "feed_url"); + $feed_url = htmlspecialchars($this->dbh->fetch_result($result, 0, "feed_url")); print "<hr/>"; @@ -575,7 +575,7 @@ class Pref_Feeds extends Handler_Protected { regExp='^(http|https)://.*' style=\"width : 20em\" name=\"feed_url\" value=\"$feed_url\">"; - $last_error = db_fetch_result($result, 0, "last_error"); + $last_error = $this->dbh->fetch_result($result, 0, "last_error"); if ($last_error) { print " <span title=\"".htmlspecialchars($last_error)."\" @@ -587,7 +587,7 @@ class Pref_Feeds extends Handler_Protected { if (get_pref('ENABLE_FEED_CATS')) { - $cat_id = db_fetch_result($result, 0, "cat_id"); + $cat_id = $this->dbh->fetch_result($result, 0, "cat_id"); print "<hr/>"; @@ -604,14 +604,14 @@ class Pref_Feeds extends Handler_Protected { /* Update Interval */ - $update_interval = db_fetch_result($result, 0, "update_interval"); + $update_interval = $this->dbh->fetch_result($result, 0, "update_interval"); print_select_hash("update_interval", $update_interval, $update_intervals, 'dojoType="dijit.form.Select"'); /* Purge intl */ - $purge_interval = db_fetch_result($result, 0, "purge_interval"); + $purge_interval = $this->dbh->fetch_result($result, 0, "purge_interval"); print "<hr/>"; print __('Article purging:') . " "; @@ -624,13 +624,13 @@ class Pref_Feeds extends Handler_Protected { print "<div class=\"dlgSec\">".__("Authentication")."</div>"; print "<div class=\"dlgSecCont\">"; - $auth_login = htmlspecialchars(db_fetch_result($result, 0, "auth_login")); + $auth_login = htmlspecialchars($this->dbh->fetch_result($result, 0, "auth_login")); print "<input dojoType=\"dijit.form.TextBox\" id=\"feedEditDlg_login\" placeHolder=\"".__("Login")."\" name=\"auth_login\" value=\"$auth_login\"><hr/>"; - $auth_pass = db_fetch_result($result, 0, "auth_pass"); + $auth_pass = $this->dbh->fetch_result($result, 0, "auth_pass"); if ($auth_pass_encrypted) { require_once "crypt.php"; @@ -651,7 +651,7 @@ class Pref_Feeds extends Handler_Protected { print "<div class=\"dlgSec\">".__("Options")."</div>"; print "<div class=\"dlgSecCont\">"; - $private = sql_bool_to_bool(db_fetch_result($result, 0, "private")); + $private = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "private")); if ($private) { $checked = "checked=\"1\""; @@ -662,7 +662,7 @@ class Pref_Feeds extends Handler_Protected { print "<input dojoType=\"dijit.form.CheckBox\" type=\"checkbox\" name=\"private\" id=\"private\" $checked> <label for=\"private\">".__('Hide from Popular feeds')."</label>"; - $include_in_digest = sql_bool_to_bool(db_fetch_result($result, 0, "include_in_digest")); + $include_in_digest = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "include_in_digest")); if ($include_in_digest) { $checked = "checked=\"1\""; @@ -675,7 +675,7 @@ class Pref_Feeds extends Handler_Protected { $checked> <label for=\"include_in_digest\">".__('Include in e-mail digest')."</label>"; - $always_display_enclosures = sql_bool_to_bool(db_fetch_result($result, 0, "always_display_enclosures")); + $always_display_enclosures = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "always_display_enclosures")); if ($always_display_enclosures) { $checked = "checked"; @@ -687,7 +687,7 @@ class Pref_Feeds extends Handler_Protected { name=\"always_display_enclosures\" $checked> <label for=\"always_display_enclosures\">".__('Always display image attachments')."</label>"; - $hide_images = sql_bool_to_bool(db_fetch_result($result, 0, "hide_images")); + $hide_images = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "hide_images")); if ($hide_images) { $checked = "checked=\"1\""; @@ -700,7 +700,7 @@ class Pref_Feeds extends Handler_Protected { $checked> <label for=\"hide_images\">". __('Do not embed images')."</label>"; - $cache_images = sql_bool_to_bool(db_fetch_result($result, 0, "cache_images")); + $cache_images = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "cache_images")); if ($cache_images) { $checked = "checked=\"1\""; @@ -713,7 +713,7 @@ class Pref_Feeds extends Handler_Protected { $checked> <label for=\"cache_images\">". __('Cache images locally')."</label>"; - $mark_unread_on_update = sql_bool_to_bool(db_fetch_result($result, 0, "mark_unread_on_update")); + $mark_unread_on_update = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "mark_unread_on_update")); if ($mark_unread_on_update) { $checked = "checked"; @@ -758,7 +758,7 @@ class Pref_Feeds extends Handler_Protected { __('Unsubscribe')."</button>"; if (PUBSUBHUBBUB_ENABLED) { - $pubsub_state = db_fetch_result($result, 0, "pubsub_state"); + $pubsub_state = $this->dbh->fetch_result($result, 0, "pubsub_state"); $pubsub_btn_disabled = ($pubsub_state == 2) ? "" : "disabled=\"1\""; print "<button dojoType=\"dijit.form.Button\" id=\"pubsubReset_Btn\" $pubsub_btn_disabled @@ -782,7 +782,7 @@ class Pref_Feeds extends Handler_Protected { global $purge_intervals; global $update_intervals; - $feed_ids = db_escape_string($_REQUEST["ids"]); + $feed_ids = $this->dbh->escape_string($_REQUEST["ids"]); print_notice("Enable the options you wish to apply using checkboxes on the right:"); @@ -938,27 +938,27 @@ class Pref_Feeds extends Handler_Protected { function editsaveops($batch) { - $feed_title = db_escape_string(trim($_POST["title"])); - $feed_link = db_escape_string(trim($_POST["feed_url"])); - $upd_intl = (int) db_escape_string($_POST["update_interval"]); - $purge_intl = (int) db_escape_string($_POST["purge_interval"]); - $feed_id = (int) db_escape_string($_POST["id"]); /* editSave */ - $feed_ids = db_escape_string($_POST["ids"]); /* batchEditSave */ - $cat_id = (int) db_escape_string($_POST["cat_id"]); - $auth_login = db_escape_string(trim($_POST["auth_login"])); + $feed_title = $this->dbh->escape_string(trim($_POST["title"])); + $feed_link = $this->dbh->escape_string(trim($_POST["feed_url"])); + $upd_intl = (int) $this->dbh->escape_string($_POST["update_interval"]); + $purge_intl = (int) $this->dbh->escape_string($_POST["purge_interval"]); + $feed_id = (int) $this->dbh->escape_string($_POST["id"]); /* editSave */ + $feed_ids = $this->dbh->escape_string($_POST["ids"]); /* batchEditSave */ + $cat_id = (int) $this->dbh->escape_string($_POST["cat_id"]); + $auth_login = $this->dbh->escape_string(trim($_POST["auth_login"])); $auth_pass = trim($_POST["auth_pass"]); - $private = checkbox_to_sql_bool(db_escape_string($_POST["private"])); + $private = checkbox_to_sql_bool($this->dbh->escape_string($_POST["private"])); $include_in_digest = checkbox_to_sql_bool( - db_escape_string($_POST["include_in_digest"])); + $this->dbh->escape_string($_POST["include_in_digest"])); $cache_images = checkbox_to_sql_bool( - db_escape_string($_POST["cache_images"])); + $this->dbh->escape_string($_POST["cache_images"])); $hide_images = checkbox_to_sql_bool( - db_escape_string($_POST["hide_images"])); + $this->dbh->escape_string($_POST["hide_images"])); $always_display_enclosures = checkbox_to_sql_bool( - db_escape_string($_POST["always_display_enclosures"])); + $this->dbh->escape_string($_POST["always_display_enclosures"])); $mark_unread_on_update = checkbox_to_sql_bool( - db_escape_string($_POST["mark_unread_on_update"])); + $this->dbh->escape_string($_POST["mark_unread_on_update"])); if (strlen(FEED_CRYPT_KEY) > 0) { require_once "crypt.php"; @@ -968,7 +968,7 @@ class Pref_Feeds extends Handler_Protected { $auth_pass_encrypted = 'false'; } - $auth_pass = db_escape_string($auth_pass); + $auth_pass = $this->dbh->escape_string($auth_pass); if (get_pref('ENABLE_FEED_CATS')) { if ($cat_id && $cat_id != 0) { @@ -985,7 +985,7 @@ class Pref_Feeds extends Handler_Protected { if (!$batch) { - $result = db_query("UPDATE ttrss_feeds SET + $result = $this->dbh->query("UPDATE ttrss_feeds SET $category_qpart title = '$feed_title', feed_url = '$feed_link', update_interval = '$upd_intl', @@ -1010,7 +1010,7 @@ class Pref_Feeds extends Handler_Protected { } } - db_query("BEGIN"); + $this->dbh->query("BEGIN"); foreach (array_keys($feed_data) as $k) { @@ -1073,23 +1073,23 @@ class Pref_Feeds extends Handler_Protected { } if ($qpart) { - db_query( + $this->dbh->query( "UPDATE ttrss_feeds SET $qpart WHERE id IN ($feed_ids) AND owner_uid = " . $_SESSION["uid"]); print "<br/>"; } } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } return; } function resetPubSub() { - $ids = db_escape_string($_REQUEST["ids"]); + $ids = $this->dbh->escape_string($_REQUEST["ids"]); - db_query("UPDATE ttrss_feeds SET pubsub_state = 0 WHERE id IN ($ids) + $this->dbh->query("UPDATE ttrss_feeds SET pubsub_state = 0 WHERE id IN ($ids) AND owner_uid = " . $_SESSION["uid"]); return; @@ -1097,7 +1097,7 @@ class Pref_Feeds extends Handler_Protected { function remove() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { Pref_Feeds::remove_feed($id, $_SESSION["uid"]); @@ -1107,20 +1107,20 @@ class Pref_Feeds extends Handler_Protected { } function clear() { - $id = db_escape_string($_REQUEST["id"]); + $id = $this->dbh->escape_string($_REQUEST["id"]); $this->clear_feed_articles($id); } function rescore() { require_once "rssfuncs.php"; - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { $filters = load_filters($id, $_SESSION["uid"], 6); - $result = db_query("SELECT + $result = $this->dbh->query("SELECT title, content, link, ref_id, author,". SUBSTRING_FOR_DATE."(updated, 1, 19) AS updated FROM @@ -1131,7 +1131,7 @@ class Pref_Feeds extends Handler_Protected { $scores = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $tags = get_article_tags($line["ref_id"]); @@ -1148,15 +1148,15 @@ class Pref_Feeds extends Handler_Protected { foreach (array_keys($scores) as $s) { if ($s > 1000) { - db_query("UPDATE ttrss_user_entries SET score = '$s', + $this->dbh->query("UPDATE ttrss_user_entries SET score = '$s', marked = true WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } else if ($s < -500) { - db_query("UPDATE ttrss_user_entries SET score = '$s', + $this->dbh->query("UPDATE ttrss_user_entries SET score = '$s', unread = false WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } else { - db_query("UPDATE ttrss_user_entries SET score = '$s' WHERE + $this->dbh->query("UPDATE ttrss_user_entries SET score = '$s' WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } } @@ -1168,16 +1168,16 @@ class Pref_Feeds extends Handler_Protected { function rescoreAll() { - $result = db_query( + $result = $this->dbh->query( "SELECT id FROM ttrss_feeds WHERE owner_uid = " . $_SESSION['uid']); - while ($feed_line = db_fetch_assoc($result)) { + while ($feed_line = $this->dbh->fetch_assoc($result)) { $id = $feed_line["id"]; $filters = load_filters($id, $_SESSION["uid"], 6); - $tmp_result = db_query("SELECT + $tmp_result = $this->dbh->query("SELECT title, content, link, ref_id, author,". SUBSTRING_FOR_DATE."(updated, 1, 19) AS updated FROM @@ -1188,7 +1188,7 @@ class Pref_Feeds extends Handler_Protected { $scores = array(); - while ($line = db_fetch_assoc($tmp_result)) { + while ($line = $this->dbh->fetch_assoc($tmp_result)) { $tags = get_article_tags($line["ref_id"]); @@ -1205,11 +1205,11 @@ class Pref_Feeds extends Handler_Protected { foreach (array_keys($scores) as $s) { if ($s > 1000) { - db_query("UPDATE ttrss_user_entries SET score = '$s', + $this->dbh->query("UPDATE ttrss_user_entries SET score = '$s', marked = true WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } else { - db_query("UPDATE ttrss_user_entries SET score = '$s' WHERE + $this->dbh->query("UPDATE ttrss_user_entries SET score = '$s' WHERE ref_id IN (" . join(',', $scores[$s]) . ")"); } } @@ -1220,9 +1220,9 @@ class Pref_Feeds extends Handler_Protected { } function categorize() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); - $cat_id = db_escape_string($_REQUEST["cat_id"]); + $cat_id = $this->dbh->escape_string($_REQUEST["cat_id"]); if ($cat_id == 0) { $cat_id_qpart = 'NULL'; @@ -1230,28 +1230,28 @@ class Pref_Feeds extends Handler_Protected { $cat_id_qpart = "'$cat_id'"; } - db_query("BEGIN"); + $this->dbh->query("BEGIN"); foreach ($ids as $id) { - db_query("UPDATE ttrss_feeds SET cat_id = $cat_id_qpart + $this->dbh->query("UPDATE ttrss_feeds SET cat_id = $cat_id_qpart WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } function removeCat() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { $this->remove_feed_category($id, $_SESSION["uid"]); } } function addCat() { - $feed_cat = db_escape_string(trim($_REQUEST["cat"])); + $feed_cat = $this->dbh->escape_string(trim($_REQUEST["cat"])); add_feed_category($feed_cat); } @@ -1261,10 +1261,10 @@ class Pref_Feeds extends Handler_Protected { print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">"; print "<div id=\"pref-feeds-feeds\" dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Feeds')."\">"; - $result = db_query("SELECT COUNT(id) AS num_errors + $result = $this->dbh->query("SELECT COUNT(id) AS num_errors FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]); - $num_errors = db_fetch_result($result, 0, "num_errors"); + $num_errors = $this->dbh->fetch_result($result, 0, "num_errors"); if ($num_errors > 0) { @@ -1279,13 +1279,13 @@ class Pref_Feeds extends Handler_Protected { $interval_qpart = "DATE_SUB(NOW(), INTERVAL 3 MONTH)"; } - $result = db_query("SELECT COUNT(*) AS num_inactive FROM ttrss_feeds WHERE + $result = $this->dbh->query("SELECT COUNT(*) AS num_inactive FROM ttrss_feeds WHERE (SELECT MAX(updated) FROM ttrss_entries, ttrss_user_entries WHERE ttrss_entries.id = ref_id AND ttrss_user_entries.feed_id = ttrss_feeds.id) < $interval_qpart AND ttrss_feeds.owner_uid = ".$_SESSION["uid"]); - $num_inactive = db_fetch_result($result, 0, "num_inactive"); + $num_inactive = $this->dbh->fetch_result($result, 0, "num_inactive"); if ($num_inactive > 0) { $inactive_button = "<button dojoType=\"dijit.form.Button\" @@ -1293,7 +1293,7 @@ class Pref_Feeds extends Handler_Protected { __("Inactive feeds") . "</button>"; } - $feed_search = db_escape_string($_REQUEST["search"]); + $feed_search = $this->dbh->escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_feed_search"] = $feed_search; @@ -1567,7 +1567,7 @@ class Pref_Feeds extends Handler_Protected { $interval_qpart = "DATE_SUB(NOW(), INTERVAL 3 MONTH)"; } - $result = db_query("SELECT ttrss_feeds.title, ttrss_feeds.site_url, + $result = $this->dbh->query("SELECT ttrss_feeds.title, ttrss_feeds.site_url, ttrss_feeds.feed_url, ttrss_feeds.id, MAX(updated) AS last_article FROM ttrss_feeds, ttrss_entries, ttrss_user_entries WHERE (SELECT MAX(updated) FROM ttrss_entries, ttrss_user_entries WHERE @@ -1598,7 +1598,7 @@ class Pref_Feeds extends Handler_Protected { $lnum = 1; - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; $feed_id = $line["id"]; @@ -1648,7 +1648,7 @@ class Pref_Feeds extends Handler_Protected { print "<h2>" . __("These feeds have not been updated because of errors:") . "</h2>"; - $result = db_query("SELECT id,title,feed_url,last_error,site_url + $result = $this->dbh->query("SELECT id,title,feed_url,last_error,site_url FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]); print "<div dojoType=\"dijit.Toolbar\">"; @@ -1668,7 +1668,7 @@ class Pref_Feeds extends Handler_Protected { $lnum = 1; - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; $feed_id = $line["id"]; @@ -1725,14 +1725,14 @@ class Pref_Feeds extends Handler_Protected { private function clear_feed_articles($id) { if ($id != 0) { - $result = db_query("DELETE FROM ttrss_user_entries + $result = $this->dbh->query("DELETE FROM ttrss_user_entries WHERE feed_id = '$id' AND marked = false AND owner_uid = " . $_SESSION["uid"]); } else { - $result = db_query("DELETE FROM ttrss_user_entries + $result = $this->dbh->query("DELETE FROM ttrss_user_entries WHERE feed_id IS NULL AND marked = false AND owner_uid = " . $_SESSION["uid"]); } - $result = db_query("DELETE FROM ttrss_entries WHERE + $result = $this->dbh->query("DELETE FROM ttrss_entries WHERE (SELECT COUNT(int_id) FROM ttrss_user_entries WHERE ref_id = id) = 0"); ccache_update($id, $_SESSION['uid']); @@ -1740,7 +1740,7 @@ class Pref_Feeds extends Handler_Protected { private function remove_feed_category($id, $owner_uid) { - db_query("DELETE FROM ttrss_feed_categories + $this->dbh->query("DELETE FROM ttrss_feed_categories WHERE id = '$id' AND owner_uid = $owner_uid"); ccache_remove($id, $owner_uid, true); @@ -1855,17 +1855,17 @@ class Pref_Feeds extends Handler_Protected { } function batchAddFeeds() { - $cat_id = db_escape_string($_REQUEST['cat']); + $cat_id = $this->dbh->escape_string($_REQUEST['cat']); $feeds = explode("\n", $_REQUEST['feeds']); - $login = db_escape_string($_REQUEST['login']); + $login = $this->dbh->escape_string($_REQUEST['login']); $pass = trim($_REQUEST['pass']); foreach ($feeds as $feed) { - $feed = db_escape_string(trim($feed)); + $feed = $this->dbh->escape_string(trim($feed)); if (validate_feed_url($feed)) { - db_query("BEGIN"); + $this->dbh->query("BEGIN"); if ($cat_id == "0" || !$cat_id) { $cat_qpart = "NULL"; @@ -1873,7 +1873,7 @@ class Pref_Feeds extends Handler_Protected { $cat_qpart = "'$cat_id'"; } - $result = db_query( + $result = $this->dbh->query( "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed' AND owner_uid = ".$_SESSION["uid"]); @@ -1885,17 +1885,17 @@ class Pref_Feeds extends Handler_Protected { $auth_pass_encrypted = 'false'; } - $pass = db_escape_string($pass); + $pass = $this->dbh->escape_string($pass); - if (db_num_rows($result) == 0) { - $result = db_query( + if ($this->dbh->num_rows($result) == 0) { + $result = $this->dbh->query( "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id,auth_login,auth_pass,update_method,auth_pass_encrypted) VALUES ('".$_SESSION["uid"]."', '$feed', '[Unknown]', $cat_qpart, '$login', '$pass', 0, $auth_pass_encrypted)"); } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } } } @@ -1910,8 +1910,8 @@ class Pref_Feeds extends Handler_Protected { } function regenFeedKey() { - $feed_id = db_escape_string($_REQUEST['id']); - $is_cat = db_escape_string($_REQUEST['is_cat']) == "true"; + $feed_id = $this->dbh->escape_string($_REQUEST['id']); + $is_cat = $this->dbh->escape_string($_REQUEST['is_cat']) == "true"; $new_key = $this->update_feed_access_key($feed_id, $is_cat); @@ -1924,14 +1924,14 @@ class Pref_Feeds extends Handler_Protected { $sql_is_cat = bool_to_sql_bool($is_cat); - $result = db_query("SELECT access_key FROM ttrss_access_keys + $result = $this->dbh->query("SELECT access_key FROM ttrss_access_keys WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat AND owner_uid = " . $owner_uid); - if (db_num_rows($result) == 1) { - $key = db_escape_string(sha1(uniqid(rand(), true))); + if ($this->dbh->num_rows($result) == 1) { + $key = $this->dbh->escape_string(sha1(uniqid(rand(), true))); - db_query("UPDATE ttrss_access_keys SET access_key = '$key' + $this->dbh->query("UPDATE ttrss_access_keys SET access_key = '$key' WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat AND owner_uid = " . $owner_uid); @@ -1944,7 +1944,7 @@ class Pref_Feeds extends Handler_Protected { // Silent function clearKeys() { - db_query("DELETE FROM ttrss_access_keys WHERE + $this->dbh->query("DELETE FROM ttrss_access_keys WHERE owner_uid = " . $_SESSION["uid"]); } diff --git a/classes/pref/filters.php b/classes/pref/filters.php index 18a830f4b..ec7fd0d51 100644 --- a/classes/pref/filters.php +++ b/classes/pref/filters.php @@ -9,7 +9,7 @@ class Pref_Filters extends Handler_Protected { } function filtersortreset() { - db_query("UPDATE ttrss_filters2 + $this->dbh->query("UPDATE ttrss_filters2 SET order_id = 0 WHERE owner_uid = " . $_SESSION["uid"]); return; } @@ -31,7 +31,7 @@ class Pref_Filters extends Handler_Protected { if ($filter_id > 0) { - db_query("UPDATE ttrss_filters2 SET + $this->dbh->query("UPDATE ttrss_filters2 SET order_id = $index WHERE id = '$filter_id' AND owner_uid = " .$_SESSION["uid"]); @@ -49,16 +49,16 @@ class Pref_Filters extends Handler_Protected { $filter["enabled"] = true; $filter["match_any_rule"] = sql_bool_to_bool( - checkbox_to_sql_bool(db_escape_string($_REQUEST["match_any_rule"]))); + checkbox_to_sql_bool($this->dbh->escape_string($_REQUEST["match_any_rule"]))); $filter["inverse"] = sql_bool_to_bool( - checkbox_to_sql_bool(db_escape_string($_REQUEST["inverse"]))); + checkbox_to_sql_bool($this->dbh->escape_string($_REQUEST["inverse"]))); $filter["rules"] = array(); - $result = db_query("SELECT id,name FROM ttrss_filter_types"); + $result = $this->dbh->query("SELECT id,name FROM ttrss_filter_types"); $filter_types = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $filter_types[$line["id"]] = $line["name"]; } @@ -98,7 +98,7 @@ class Pref_Filters extends Handler_Protected { print "<div class=\"filterTestHolder\">"; print "<table width=\"100%\" cellspacing=\"0\" id=\"prefErrorFeedList\">"; - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $entry_timestamp = strtotime($line["updated"]); $entry_tags = get_article_tags($line["id"], $_SESSION["uid"]); @@ -158,7 +158,7 @@ class Pref_Filters extends Handler_Protected { $filter_search = $_SESSION["prefs_filter_search"]; - $result = db_query("SELECT *, + $result = $this->dbh->query("SELECT *, (SELECT action_param FROM ttrss_filters2_actions WHERE filter_id = ttrss_filters2.id ORDER BY id LIMIT 1) AS action_param, (SELECT action_id FROM ttrss_filters2_actions @@ -176,7 +176,7 @@ class Pref_Filters extends Handler_Protected { $folder = array(); $folder['items'] = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { /* if ($action_id != $line["action_id"]) { if (count($folder['items']) > 0) { @@ -194,10 +194,10 @@ class Pref_Filters extends Handler_Protected { $match_ok = false; if ($filter_search) { - $rules_result = db_query( + $rules_result = $this->dbh->query( "SELECT reg_exp FROM ttrss_filters2_rules WHERE filter_id = ".$line["id"]); - while ($rule_line = db_fetch_assoc($rules_result)) { + while ($rule_line = $this->dbh->fetch_assoc($rules_result)) { if (mb_strpos($rule_line['reg_exp'], $filter_search) !== false) { $match_ok = true; break; @@ -206,13 +206,13 @@ class Pref_Filters extends Handler_Protected { } if ($line['action_id'] == 7) { - $label_result = db_query("SELECT fg_color, bg_color - FROM ttrss_labels2 WHERE caption = '".db_escape_string($line['action_param'])."' AND + $label_result = $this->dbh->query("SELECT fg_color, bg_color + FROM ttrss_labels2 WHERE caption = '".$this->dbh->escape_string($line['action_param'])."' AND owner_uid = " . $_SESSION["uid"]); - if (db_num_rows($label_result) > 0) { - $fg_color = db_fetch_result($label_result, 0, "fg_color"); - $bg_color = db_fetch_result($label_result, 0, "bg_color"); + if ($this->dbh->num_rows($label_result) > 0) { + $fg_color = $this->dbh->fetch_result($label_result, 0, "fg_color"); + $bg_color = $this->dbh->fetch_result($label_result, 0, "bg_color"); $name[1] = "<span class=\"labelColorIndicator\" id=\"label-editor-indicator\" style='color : $fg_color; background-color : $bg_color; margin-right : 4px'>α</span>" . $name[1]; } @@ -248,15 +248,15 @@ class Pref_Filters extends Handler_Protected { function edit() { - $filter_id = db_escape_string($_REQUEST["id"]); + $filter_id = $this->dbh->escape_string($_REQUEST["id"]); - $result = db_query( + $result = $this->dbh->query( "SELECT * FROM ttrss_filters2 WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); - $enabled = sql_bool_to_bool(db_fetch_result($result, 0, "enabled")); - $match_any_rule = sql_bool_to_bool(db_fetch_result($result, 0, "match_any_rule")); - $inverse = sql_bool_to_bool(db_fetch_result($result, 0, "inverse")); - $title = htmlspecialchars(db_fetch_result($result, 0, "title")); + $enabled = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "enabled")); + $match_any_rule = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "match_any_rule")); + $inverse = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "inverse")); + $title = htmlspecialchars($this->dbh->fetch_result($result, 0, "title")); print "<form id=\"filter_edit_form\" onsubmit='return false'>"; @@ -294,10 +294,10 @@ class Pref_Filters extends Handler_Protected { print "<ul id='filterDlg_Matches'>"; - $rules_result = db_query("SELECT * FROM ttrss_filters2_rules + $rules_result = $this->dbh->query("SELECT * FROM ttrss_filters2_rules WHERE filter_id = '$filter_id' ORDER BY reg_exp, id"); - while ($line = db_fetch_assoc($rules_result)) { + while ($line = $this->dbh->fetch_assoc($rules_result)) { if (sql_bool_to_bool($line["cat_filter"])) { $line["feed_id"] = "CAT:" . (int)$line["cat_id"]; } @@ -342,10 +342,10 @@ class Pref_Filters extends Handler_Protected { print "<ul id='filterDlg_Actions'>"; - $actions_result = db_query("SELECT * FROM ttrss_filters2_actions + $actions_result = $this->dbh->query("SELECT * FROM ttrss_filters2_actions WHERE filter_id = '$filter_id' ORDER BY id"); - while ($line = db_fetch_assoc($actions_result)) { + while ($line = $this->dbh->fetch_assoc($actions_result)) { $line["action_param_label"] = $line["action_param"]; unset($line["filter_id"]); @@ -427,9 +427,9 @@ class Pref_Filters extends Handler_Protected { $feed = __("All feeds"); } - $result = db_query("SELECT description FROM ttrss_filter_types + $result = $this->dbh->query("SELECT description FROM ttrss_filter_types WHERE id = ".(int)$rule["filter_type"]); - $filter_type = db_fetch_result($result, 0, "description"); + $filter_type = $this->dbh->fetch_result($result, 0, "description"); return T_sprintf("%s on %s in %s %s", strip_tags($rule["reg_exp"]), $filter_type, $feed, isset($rule["inverse"]) ? __("(inverse)") : ""); @@ -440,10 +440,10 @@ class Pref_Filters extends Handler_Protected { } private function getActionName($action) { - $result = db_query("SELECT description FROM + $result = $this->dbh->query("SELECT description FROM ttrss_filter_actions WHERE id = " .(int)$action["action_id"]); - $title = __(db_fetch_result($result, 0, "description")); + $title = __($this->dbh->fetch_result($result, 0, "description")); if ($action["action_id"] == 4 || $action["action_id"] == 6 || $action["action_id"] == 7) @@ -463,13 +463,13 @@ class Pref_Filters extends Handler_Protected { # print_r($_REQUEST); - $filter_id = db_escape_string($_REQUEST["id"]); - $enabled = checkbox_to_sql_bool(db_escape_string($_REQUEST["enabled"])); - $match_any_rule = checkbox_to_sql_bool(db_escape_string($_REQUEST["match_any_rule"])); - $inverse = checkbox_to_sql_bool(db_escape_string($_REQUEST["inverse"])); - $title = db_escape_string($_REQUEST["title"]); + $filter_id = $this->dbh->escape_string($_REQUEST["id"]); + $enabled = checkbox_to_sql_bool($this->dbh->escape_string($_REQUEST["enabled"])); + $match_any_rule = checkbox_to_sql_bool($this->dbh->escape_string($_REQUEST["match_any_rule"])); + $inverse = checkbox_to_sql_bool($this->dbh->escape_string($_REQUEST["inverse"])); + $title = $this->dbh->escape_string($_REQUEST["title"]); - $result = db_query("UPDATE ttrss_filters2 SET enabled = $enabled, + $result = $this->dbh->query("UPDATE ttrss_filters2 SET enabled = $enabled, match_any_rule = $match_any_rule, inverse = $inverse, title = '$title' @@ -482,17 +482,17 @@ class Pref_Filters extends Handler_Protected { function remove() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - db_query("DELETE FROM ttrss_filters2 WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); + $this->dbh->query("DELETE FROM ttrss_filters2 WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); } } private function saveRulesAndActions($filter_id) { - db_query("DELETE FROM ttrss_filters2_rules WHERE filter_id = '$filter_id'"); - db_query("DELETE FROM ttrss_filters2_actions WHERE filter_id = '$filter_id'"); + $this->dbh->query("DELETE FROM ttrss_filters2_rules WHERE filter_id = '$filter_id'"); + $this->dbh->query("DELETE FROM ttrss_filters2_actions WHERE filter_id = '$filter_id'"); if ($filter_id) { /* create rules */ @@ -521,11 +521,11 @@ class Pref_Filters extends Handler_Protected { foreach ($rules as $rule) { if ($rule) { - $reg_exp = strip_tags(db_escape_string(trim($rule["reg_exp"]))); + $reg_exp = strip_tags($this->dbh->escape_string(trim($rule["reg_exp"]))); $inverse = isset($rule["inverse"]) ? "true" : "false"; - $filter_type = (int) db_escape_string(trim($rule["filter_type"])); - $feed_id = db_escape_string(trim($rule["feed_id"])); + $filter_type = (int) $this->dbh->escape_string(trim($rule["filter_type"])); + $feed_id = $this->dbh->escape_string(trim($rule["feed_id"])); if (strpos($feed_id, "CAT:") === 0) { @@ -546,16 +546,16 @@ class Pref_Filters extends Handler_Protected { (filter_id, reg_exp,filter_type,feed_id,cat_id,cat_filter,inverse) VALUES ('$filter_id', '$reg_exp', '$filter_type', $feed_id, $cat_id, $cat_filter, $inverse)"; - db_query($query); + $this->dbh->query($query); } } foreach ($actions as $action) { if ($action) { - $action_id = (int) db_escape_string($action["action_id"]); - $action_param = db_escape_string($action["action_param"]); - $action_param_label = db_escape_string($action["action_param_label"]); + $action_id = (int) $this->dbh->escape_string($action["action_id"]); + $action_param = $this->dbh->escape_string($action["action_param"]); + $action_param_label = $this->dbh->escape_string($action["action_param_label"]); if ($action_id == 7) { $action_param = $action_param_label; @@ -569,7 +569,7 @@ class Pref_Filters extends Handler_Protected { (filter_id, action_id, action_param) VALUES ('$filter_id', '$action_id', '$action_param')"; - db_query($query); + $this->dbh->query($query); } } } @@ -586,35 +586,35 @@ class Pref_Filters extends Handler_Protected { $enabled = checkbox_to_sql_bool($_REQUEST["enabled"]); $match_any_rule = checkbox_to_sql_bool($_REQUEST["match_any_rule"]); - $title = db_escape_string($_REQUEST["title"]); + $title = $this->dbh->escape_string($_REQUEST["title"]); - db_query("BEGIN"); + $this->dbh->query("BEGIN"); /* create base filter */ - $result = db_query("INSERT INTO ttrss_filters2 + $result = $this->dbh->query("INSERT INTO ttrss_filters2 (owner_uid, match_any_rule, enabled, title) VALUES (".$_SESSION["uid"].",$match_any_rule,$enabled, '$title')"); - $result = db_query("SELECT MAX(id) AS id FROM ttrss_filters2 + $result = $this->dbh->query("SELECT MAX(id) AS id FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"]); - $filter_id = db_fetch_result($result, 0, "id"); + $filter_id = $this->dbh->fetch_result($result, 0, "id"); $this->saveRulesAndActions($filter_id); - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } function index() { - $sort = db_escape_string($_REQUEST["sort"]); + $sort = $this->dbh->escape_string($_REQUEST["sort"]); if (!$sort || $sort == "undefined") { $sort = "reg_exp"; } - $filter_search = db_escape_string($_REQUEST["search"]); + $filter_search = $this->dbh->escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_filter_search"] = $filter_search; @@ -626,7 +626,7 @@ class Pref_Filters extends Handler_Protected { print "<div id=\"pref-filter-header\" dojoType=\"dijit.layout.ContentPane\" region=\"top\">"; print "<div id=\"pref-filter-toolbar\" dojoType=\"dijit.Toolbar\">"; - $filter_search = db_escape_string($_REQUEST["search"]); + $filter_search = $this->dbh->escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_filter_search"] = $filter_search; @@ -832,12 +832,12 @@ class Pref_Filters extends Handler_Protected { print "<form name='filter_new_rule_form' id='filter_new_rule_form'>"; - $result = db_query("SELECT id,description + $result = $this->dbh->query("SELECT id,description FROM ttrss_filter_types WHERE id != 5 ORDER BY description"); $filter_types = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $filter_types[$line["id"]] = __($line["description"]); } @@ -888,7 +888,7 @@ class Pref_Filters extends Handler_Protected { $action = json_decode($_REQUEST["action"], true); if ($action) { - $action_param = db_escape_string($action["action_param"]); + $action_param = $this->dbh->escape_string($action["action_param"]); $action_id = (int)$action["action_id"]; } else { $action_param = ""; @@ -904,10 +904,10 @@ class Pref_Filters extends Handler_Protected { print "<select name=\"action_id\" dojoType=\"dijit.form.Select\" onchange=\"filterDlgCheckAction(this)\">"; - $result = db_query("SELECT id,description FROM ttrss_filter_actions + $result = $this->dbh->query("SELECT id,description FROM ttrss_filter_actions ORDER BY name"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $is_selected = ($line["id"] == $action_id) ? "selected='1'" : ""; printf("<option $is_selected value='%d'>%s</option>", $line["id"], __($line["description"])); } @@ -953,28 +953,28 @@ class Pref_Filters extends Handler_Protected { private function getFilterName($id) { - $result = db_query( + $result = $this->dbh->query( "SELECT title,COUNT(DISTINCT r.id) AS num_rules,COUNT(DISTINCT a.id) AS num_actions FROM ttrss_filters2 AS f LEFT JOIN ttrss_filters2_rules AS r ON (r.filter_id = f.id) LEFT JOIN ttrss_filters2_actions AS a ON (a.filter_id = f.id) WHERE f.id = '$id' GROUP BY f.title"); - $title = db_fetch_result($result, 0, "title"); - $num_rules = db_fetch_result($result, 0, "num_rules"); - $num_actions = db_fetch_result($result, 0, "num_actions"); + $title = $this->dbh->fetch_result($result, 0, "title"); + $num_rules = $this->dbh->fetch_result($result, 0, "num_rules"); + $num_actions = $this->dbh->fetch_result($result, 0, "num_actions"); if (!$title) $title = __("[No caption]"); $title = sprintf(_ngettext("%s (%d rule)", "%s (%d rules)", $num_rules), $title, $num_rules); - $result = db_query( + $result = $this->dbh->query( "SELECT * FROM ttrss_filters2_actions WHERE filter_id = '$id' ORDER BY id LIMIT 1"); $actions = ""; - if (db_num_rows($result) > 0) { - $line = db_fetch_assoc($result); + if ($this->dbh->num_rows($result) > 0) { + $line = $this->dbh->fetch_assoc($result); $actions = $this->getActionName($line); $num_actions -= 1; @@ -987,22 +987,22 @@ class Pref_Filters extends Handler_Protected { } function join() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); if (count($ids) > 1) { $base_id = array_shift($ids); $ids_str = join(",", $ids); - db_query("BEGIN"); - db_query("UPDATE ttrss_filters2_rules + $this->dbh->query("BEGIN"); + $this->dbh->query("UPDATE ttrss_filters2_rules SET filter_id = '$base_id' WHERE filter_id IN ($ids_str)"); - db_query("UPDATE ttrss_filters2_actions + $this->dbh->query("UPDATE ttrss_filters2_actions SET filter_id = '$base_id' WHERE filter_id IN ($ids_str)"); - db_query("DELETE FROM ttrss_filters2 WHERE id IN ($ids_str)"); - db_query("UPDATE ttrss_filters2 SET match_any_rule = true WHERE id = '$base_id'"); + $this->dbh->query("DELETE FROM ttrss_filters2 WHERE id IN ($ids_str)"); + $this->dbh->query("UPDATE ttrss_filters2 SET match_any_rule = true WHERE id = '$base_id'"); - db_query("COMMIT"); + $this->dbh->query("COMMIT"); $this->optimizeFilter($base_id); @@ -1010,14 +1010,14 @@ class Pref_Filters extends Handler_Protected { } private function optimizeFilter($id) { - db_query("BEGIN"); - $result = db_query("SELECT * FROM ttrss_filters2_actions + $this->dbh->query("BEGIN"); + $result = $this->dbh->query("SELECT * FROM ttrss_filters2_actions WHERE filter_id = '$id'"); $tmp = array(); $dupe_ids = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $id = $line["id"]; unset($line["id"]); @@ -1030,17 +1030,17 @@ class Pref_Filters extends Handler_Protected { if (count($dupe_ids) > 0) { $ids_str = join(",", $dupe_ids); - db_query("DELETE FROM ttrss_filters2_actions + $this->dbh->query("DELETE FROM ttrss_filters2_actions WHERE id IN ($ids_str)"); } - $result = db_query("SELECT * FROM ttrss_filters2_rules + $result = $this->dbh->query("SELECT * FROM ttrss_filters2_rules WHERE filter_id = '$id'"); $tmp = array(); $dupe_ids = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $id = $line["id"]; unset($line["id"]); @@ -1053,11 +1053,11 @@ class Pref_Filters extends Handler_Protected { if (count($dupe_ids) > 0) { $ids_str = join(",", $dupe_ids); - db_query("DELETE FROM ttrss_filters2_rules + $this->dbh->query("DELETE FROM ttrss_filters2_rules WHERE id IN ($ids_str)"); } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } } ?> diff --git a/classes/pref/labels.php b/classes/pref/labels.php index 38056ed6c..a928dd017 100644 --- a/classes/pref/labels.php +++ b/classes/pref/labels.php @@ -8,12 +8,12 @@ class Pref_Labels extends Handler_Protected { } function edit() { - $label_id = db_escape_string($_REQUEST['id']); + $label_id = $this->dbh->escape_string($_REQUEST['id']); - $result = db_query("SELECT * FROM ttrss_labels2 WHERE + $result = $this->dbh->query("SELECT * FROM ttrss_labels2 WHERE id = '$label_id' AND owner_uid = " . $_SESSION["uid"]); - $line = db_fetch_assoc($result); + $line = $this->dbh->fetch_assoc($result); print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"id\" value=\"$label_id\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-labels\">"; @@ -90,12 +90,12 @@ class Pref_Labels extends Handler_Protected { $root['name'] = __('Labels'); $root['items'] = array(); - $result = db_query("SELECT * + $result = $this->dbh->query("SELECT * FROM ttrss_labels2 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY caption"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $label = array(); $label['id'] = 'LABEL:' . $line['id']; $label['bare_id'] = $line['id']; @@ -118,29 +118,29 @@ class Pref_Labels extends Handler_Protected { } function colorset() { - $kind = db_escape_string($_REQUEST["kind"]); - $ids = explode(',', db_escape_string($_REQUEST["ids"])); - $color = db_escape_string($_REQUEST["color"]); - $fg = db_escape_string($_REQUEST["fg"]); - $bg = db_escape_string($_REQUEST["bg"]); + $kind = $this->dbh->escape_string($_REQUEST["kind"]); + $ids = explode(',', $this->dbh->escape_string($_REQUEST["ids"])); + $color = $this->dbh->escape_string($_REQUEST["color"]); + $fg = $this->dbh->escape_string($_REQUEST["fg"]); + $bg = $this->dbh->escape_string($_REQUEST["bg"]); foreach ($ids as $id) { if ($kind == "fg" || $kind == "bg") { - db_query("UPDATE ttrss_labels2 SET + $this->dbh->query("UPDATE ttrss_labels2 SET ${kind}_color = '$color' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } else { - db_query("UPDATE ttrss_labels2 SET + $this->dbh->query("UPDATE ttrss_labels2 SET fg_color = '$fg', bg_color = '$bg' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } - $caption = db_escape_string(label_find_caption($id, $_SESSION["uid"])); + $caption = $this->dbh->escape_string(label_find_caption($id, $_SESSION["uid"])); /* Remove cached data */ - db_query("UPDATE ttrss_user_entries SET label_cache = '' + $this->dbh->query("UPDATE ttrss_user_entries SET label_cache = '' WHERE label_cache LIKE '%$caption%' AND owner_uid = " . $_SESSION["uid"]); } @@ -149,18 +149,18 @@ class Pref_Labels extends Handler_Protected { } function colorreset() { - $ids = explode(',', db_escape_string($_REQUEST["ids"])); + $ids = explode(',', $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - db_query("UPDATE ttrss_labels2 SET + $this->dbh->query("UPDATE ttrss_labels2 SET fg_color = '', bg_color = '' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); - $caption = db_escape_string(label_find_caption($id, $_SESSION["uid"])); + $caption = $this->dbh->escape_string(label_find_caption($id, $_SESSION["uid"])); /* Remove cached data */ - db_query("UPDATE ttrss_user_entries SET label_cache = '' + $this->dbh->query("UPDATE ttrss_user_entries SET label_cache = '' WHERE label_cache LIKE '%$caption%' AND owner_uid = " . $_SESSION["uid"]); } @@ -168,31 +168,31 @@ class Pref_Labels extends Handler_Protected { function save() { - $id = db_escape_string($_REQUEST["id"]); - $caption = db_escape_string(trim($_REQUEST["caption"])); + $id = $this->dbh->escape_string($_REQUEST["id"]); + $caption = $this->dbh->escape_string(trim($_REQUEST["caption"])); - db_query("BEGIN"); + $this->dbh->query("BEGIN"); - $result = db_query("SELECT caption FROM ttrss_labels2 + $result = $this->dbh->query("SELECT caption FROM ttrss_labels2 WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); - if (db_num_rows($result) != 0) { - $old_caption = db_fetch_result($result, 0, "caption"); + if ($this->dbh->num_rows($result) != 0) { + $old_caption = $this->dbh->fetch_result($result, 0, "caption"); - $result = db_query("SELECT id FROM ttrss_labels2 + $result = $this->dbh->query("SELECT id FROM ttrss_labels2 WHERE caption = '$caption' AND owner_uid = ". $_SESSION["uid"]); - if (db_num_rows($result) == 0) { + if ($this->dbh->num_rows($result) == 0) { if ($caption) { - $result = db_query("UPDATE ttrss_labels2 SET + $result = $this->dbh->query("UPDATE ttrss_labels2 SET caption = '$caption' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); /* Update filters that reference label being renamed */ - $old_caption = db_escape_string($old_caption); + $old_caption = $this->dbh->escape_string($old_caption); - db_query("UPDATE ttrss_filters2_actions SET + $this->dbh->query("UPDATE ttrss_filters2_actions SET action_param = '$caption' WHERE action_param = '$old_caption' AND action_id = 7 AND filter_id IN (SELECT id FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"].")"); @@ -206,14 +206,14 @@ class Pref_Labels extends Handler_Protected { } } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); return; } function remove() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { label_remove($id, $_SESSION["uid"]); @@ -222,8 +222,8 @@ class Pref_Labels extends Handler_Protected { } function add() { - $caption = db_escape_string($_REQUEST["caption"]); - $output = db_escape_string($_REQUEST["output"]); + $caption = $this->dbh->escape_string($_REQUEST["caption"]); + $output = $this->dbh->escape_string($_REQUEST["output"]); if ($caption) { @@ -250,13 +250,13 @@ class Pref_Labels extends Handler_Protected { function index() { - $sort = db_escape_string($_REQUEST["sort"]); + $sort = $this->dbh->escape_string($_REQUEST["sort"]); if (!$sort || $sort == "undefined") { $sort = "caption"; } - $label_search = db_escape_string($_REQUEST["search"]); + $label_search = $this->dbh->escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_label_search"] = $label_search; diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index 8e8abb5eb..b541ac875 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -103,13 +103,13 @@ class Pref_Prefs extends Handler_Protected { foreach (array_keys($_POST) as $pref_name) { - $pref_name = db_escape_string($pref_name); - $value = db_escape_string($_POST[$pref_name]); + $pref_name = $this->dbh->escape_string($pref_name); + $value = $this->dbh->escape_string($_POST[$pref_name]); if ($pref_name == 'DIGEST_PREFERRED_TIME') { if (get_pref('DIGEST_PREFERRED_TIME') != $value) { - db_query("UPDATE ttrss_users SET + $this->dbh->query("UPDATE ttrss_users SET last_digest_sent = NULL WHERE id = " . $_SESSION['uid']); } @@ -138,13 +138,13 @@ class Pref_Prefs extends Handler_Protected { function getHelp() { - $pref_name = db_escape_string($_REQUEST["pn"]); + $pref_name = $this->dbh->escape_string($_REQUEST["pn"]); - $result = db_query("SELECT help_text FROM ttrss_prefs + $result = $this->dbh->query("SELECT help_text FROM ttrss_prefs WHERE pref_name = '$pref_name'"); - if (db_num_rows($result) > 0) { - $help_text = db_fetch_result($result, 0, "help_text"); + if ($this->dbh->num_rows($result) > 0) { + $help_text = $this->dbh->fetch_result($result, 0, "help_text"); print $help_text; } else { printf(__("Unknown option: %s"), $pref_name); @@ -153,12 +153,12 @@ class Pref_Prefs extends Handler_Protected { function changeemail() { - $email = db_escape_string($_POST["email"]); - $full_name = db_escape_string($_POST["full_name"]); + $email = $this->dbh->escape_string($_POST["email"]); + $full_name = $this->dbh->escape_string($_POST["full_name"]); $active_uid = $_SESSION["uid"]; - db_query("UPDATE ttrss_users SET email = '$email', + $this->dbh->query("UPDATE ttrss_users SET email = '$email', full_name = '$full_name' WHERE id = '$active_uid'"); print __("Your personal data has been saved."); @@ -176,7 +176,7 @@ class Pref_Prefs extends Handler_Protected { $profile_qpart = "profile IS NULL"; } - db_query("DELETE FROM ttrss_user_prefs + $this->dbh->query("DELETE FROM ttrss_user_prefs WHERE $profile_qpart AND owner_uid = ".$_SESSION["uid"]); initialize_user_prefs($_SESSION["uid"], $_SESSION["profile"]); @@ -225,13 +225,13 @@ class Pref_Prefs extends Handler_Protected { print "<h2>" . __("Personal data") . "</h2>"; - $result = db_query("SELECT email,full_name,otp_enabled, + $result = $this->dbh->query("SELECT email,full_name,otp_enabled, access_level FROM ttrss_users WHERE id = ".$_SESSION["uid"]); - $email = htmlspecialchars(db_fetch_result($result, 0, "email")); - $full_name = htmlspecialchars(db_fetch_result($result, 0, "full_name")); - $otp_enabled = sql_bool_to_bool(db_fetch_result($result, 0, "otp_enabled")); + $email = htmlspecialchars($this->dbh->fetch_result($result, 0, "email")); + $full_name = htmlspecialchars($this->dbh->fetch_result($result, 0, "full_name")); + $otp_enabled = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "otp_enabled")); print "<tr><td width=\"40%\">".__('Full name')."</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"full_name\" required=\"1\" @@ -242,7 +242,7 @@ class Pref_Prefs extends Handler_Protected { if (!SINGLE_USER_MODE && !$_SESSION["hide_hello"]) { - $access_level = db_fetch_result($result, 0, "access_level"); + $access_level = $this->dbh->fetch_result($result, 0, "access_level"); print "<tr><td width=\"40%\">".__('Access level')."</td>"; print "<td>" . $access_level_names[$access_level] . "</td></tr>"; } @@ -270,11 +270,11 @@ class Pref_Prefs extends Handler_Protected { print "<h2>" . __("Password") . "</h2>"; - $result = db_query("SELECT id FROM ttrss_users + $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE id = ".$_SESSION["uid"]." AND pwd_hash = 'SHA1:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8'"); - if (db_num_rows($result) != 0) { + if ($this->dbh->num_rows($result) != 0) { print format_warning(__("Your password is at default value, please change it."), "default_pass_warning"); } @@ -494,7 +494,7 @@ class Pref_Prefs extends Handler_Protected { $access_query = 'true'; - $result = db_query("SELECT DISTINCT + $result = $this->dbh->query("SELECT DISTINCT ttrss_user_prefs.pref_name,value,type_name, ttrss_prefs_sections.order_id, def_value,section_id @@ -513,7 +513,7 @@ class Pref_Prefs extends Handler_Protected { $listed_boolean_prefs = array(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { if (in_array($line["pref_name"], $prefs_blacklist)) { continue; @@ -897,17 +897,17 @@ class Pref_Prefs extends Handler_Protected { require_once "lib/otphp/lib/totp.php"; require_once "lib/phpqrcode/phpqrcode.php"; - $result = db_query("SELECT login,salt,otp_enabled + $result = $this->dbh->query("SELECT login,salt,otp_enabled FROM ttrss_users WHERE id = ".$_SESSION["uid"]); $base32 = new Base32(); - $login = db_fetch_result($result, 0, "login"); - $otp_enabled = sql_bool_to_bool(db_fetch_result($result, 0, "otp_enabled")); + $login = $this->dbh->fetch_result($result, 0, "login"); + $otp_enabled = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "otp_enabled")); if (!$otp_enabled) { - $secret = $base32->encode(sha1(db_fetch_result($result, 0, "salt"))); + $secret = $base32->encode(sha1($this->dbh->fetch_result($result, 0, "salt"))); $topt = new \OTPHP\TOTP($secret); print QRcode::png($topt->provisioning_uri($login)); } @@ -926,19 +926,19 @@ class Pref_Prefs extends Handler_Protected { if ($authenticator->check_password($_SESSION["uid"], $password)) { - $result = db_query("SELECT salt + $result = $this->dbh->query("SELECT salt FROM ttrss_users WHERE id = ".$_SESSION["uid"]); $base32 = new Base32(); - $secret = $base32->encode(sha1(db_fetch_result($result, 0, "salt"))); + $secret = $base32->encode(sha1($this->dbh->fetch_result($result, 0, "salt"))); $topt = new \OTPHP\TOTP($secret); $otp_check = $topt->now(); if ($otp == $otp_check) { - db_query("UPDATE ttrss_users SET otp_enabled = true WHERE + $this->dbh->query("UPDATE ttrss_users SET otp_enabled = true WHERE id = " . $_SESSION["uid"]); print "OK"; @@ -952,14 +952,14 @@ class Pref_Prefs extends Handler_Protected { } function otpdisable() { - $password = db_escape_string($_REQUEST["password"]); + $password = $this->dbh->escape_string($_REQUEST["password"]); global $pluginhost; $authenticator = $pluginhost->get_plugin($_SESSION["auth_module"]); if ($authenticator->check_password($_SESSION["uid"], $password)) { - db_query("UPDATE ttrss_users SET otp_enabled = false WHERE + $this->dbh->query("UPDATE ttrss_users SET otp_enabled = false WHERE id = " . $_SESSION["uid"]); print "OK"; @@ -979,7 +979,7 @@ class Pref_Prefs extends Handler_Protected { } function clearplugindata() { - $name = db_escape_string($_REQUEST["name"]); + $name = $this->dbh->escape_string($_REQUEST["name"]); global $pluginhost; $pluginhost->clear_data($pluginhost->get_plugin($name)); @@ -1034,7 +1034,7 @@ class Pref_Prefs extends Handler_Protected { print "</div>"; - $result = db_query("SELECT title,id FROM ttrss_settings_profiles + $result = $this->dbh->query("SELECT title,id FROM ttrss_settings_profiles WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title"); print "<div class=\"prefProfileHolder\">"; @@ -1065,7 +1065,7 @@ class Pref_Prefs extends Handler_Protected { $lnum = 1; - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; diff --git a/classes/pref/system.php b/classes/pref/system.php index 23f5a4328..3d82b8fff 100644 --- a/classes/pref/system.php +++ b/classes/pref/system.php @@ -24,7 +24,7 @@ class Pref_System extends Handler_Protected { print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">"; print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Error Log')."\">"; - $result = db_query("SELECT errno, errstr, filename, lineno, + $result = $this->dbh->query("SELECT errno, errstr, filename, lineno, created_at, login FROM ttrss_error_log LEFT JOIN ttrss_users ON (owner_uid = ttrss_users.id) ORDER BY ttrss_error_log.id DESC @@ -43,7 +43,7 @@ class Pref_System extends Handler_Protected { <td width='5%'>".__("Date")."</td> </tr>"; - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { print "<tr class=\"errrow\">"; foreach ($line as $k => $v) { diff --git a/classes/pref/users.php b/classes/pref/users.php index 7541625fd..d483c771b 100644 --- a/classes/pref/users.php +++ b/classes/pref/users.php @@ -21,7 +21,7 @@ class Pref_Users extends Handler_Protected { $uid = sprintf("%d", $_REQUEST["id"]); - $result = db_query("SELECT login, + $result = $this->dbh->query("SELECT login, ".SUBSTRING_FOR_DATE."(last_login,1,16) AS last_login, access_level, (SELECT COUNT(int_id) FROM ttrss_user_entries @@ -30,33 +30,33 @@ class Pref_Users extends Handler_Protected { FROM ttrss_users WHERE id = '$uid'"); - if (db_num_rows($result) == 0) { + if ($this->dbh->num_rows($result) == 0) { print "<h1>".__('User not found')."</h1>"; return; } // print "<h1>User Details</h1>"; - $login = db_fetch_result($result, 0, "login"); + $login = $this->dbh->fetch_result($result, 0, "login"); print "<table width='100%'>"; $last_login = make_local_datetime( - db_fetch_result($result, 0, "last_login"), true); + $this->dbh->fetch_result($result, 0, "last_login"), true); $created = make_local_datetime( - db_fetch_result($result, 0, "created"), true); + $this->dbh->fetch_result($result, 0, "created"), true); - $access_level = db_fetch_result($result, 0, "access_level"); - $stored_articles = db_fetch_result($result, 0, "stored_articles"); + $access_level = $this->dbh->fetch_result($result, 0, "access_level"); + $stored_articles = $this->dbh->fetch_result($result, 0, "stored_articles"); print "<tr><td>".__('Registered')."</td><td>$created</td></tr>"; print "<tr><td>".__('Last logged in')."</td><td>$last_login</td></tr>"; - $result = db_query("SELECT COUNT(id) as num_feeds FROM ttrss_feeds + $result = $this->dbh->query("SELECT COUNT(id) as num_feeds FROM ttrss_feeds WHERE owner_uid = '$uid'"); - $num_feeds = db_fetch_result($result, 0, "num_feeds"); + $num_feeds = $this->dbh->fetch_result($result, 0, "num_feeds"); print "<tr><td>".__('Subscribed feeds count')."</td><td>$num_feeds</td></tr>"; @@ -64,14 +64,14 @@ class Pref_Users extends Handler_Protected { print "<h1>".__('Subscribed feeds')."</h1>"; - $result = db_query("SELECT id,title,site_url FROM ttrss_feeds + $result = $this->dbh->query("SELECT id,title,site_url FROM ttrss_feeds WHERE owner_uid = '$uid' ORDER BY title"); print "<ul class=\"userFeedList\">"; $row_class = "odd"; - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $icon_file = ICONS_URL."/".$line["id"].".ico"; @@ -87,7 +87,7 @@ class Pref_Users extends Handler_Protected { } - if (db_num_rows($result) < $num_feeds) { + if ($this->dbh->num_rows($result) < $num_feeds) { // FIXME - add link to show ALL subscribed feeds here somewhere print "<li><img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\"> ...</li>"; @@ -105,18 +105,18 @@ class Pref_Users extends Handler_Protected { function edit() { global $access_level_names; - $id = db_escape_string($_REQUEST["id"]); + $id = $this->dbh->escape_string($_REQUEST["id"]); print "<form id=\"user_edit_form\" onsubmit='return false'>"; print "<input type=\"hidden\" name=\"id\" value=\"$id\">"; print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">"; print "<input type=\"hidden\" name=\"method\" value=\"editSave\">"; - $result = db_query("SELECT * FROM ttrss_users WHERE id = '$id'"); + $result = $this->dbh->query("SELECT * FROM ttrss_users WHERE id = '$id'"); - $login = db_fetch_result($result, 0, "login"); - $access_level = db_fetch_result($result, 0, "access_level"); - $email = db_fetch_result($result, 0, "email"); + $login = $this->dbh->fetch_result($result, 0, "login"); + $access_level = $this->dbh->fetch_result($result, 0, "access_level"); + $email = $this->dbh->fetch_result($result, 0, "email"); $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : ""; @@ -181,10 +181,10 @@ class Pref_Users extends Handler_Protected { } function editSave() { - $login = db_escape_string(trim($_REQUEST["login"])); - $uid = db_escape_string($_REQUEST["id"]); + $login = $this->dbh->escape_string(trim($_REQUEST["login"])); + $uid = $this->dbh->escape_string($_REQUEST["id"]); $access_level = (int) $_REQUEST["access_level"]; - $email = db_escape_string(trim($_REQUEST["email"])); + $email = $this->dbh->escape_string(trim($_REQUEST["email"])); $password = $_REQUEST["password"]; if ($password) { @@ -195,47 +195,47 @@ class Pref_Users extends Handler_Protected { $pass_query_part = ""; } - db_query("UPDATE ttrss_users SET $pass_query_part login = '$login', + $this->dbh->query("UPDATE ttrss_users SET $pass_query_part login = '$login', access_level = '$access_level', email = '$email', otp_enabled = false WHERE id = '$uid'"); } function remove() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { if ($id != $_SESSION["uid"] && $id != 1) { - db_query("DELETE FROM ttrss_tags WHERE owner_uid = '$id'"); - db_query("DELETE FROM ttrss_feeds WHERE owner_uid = '$id'"); - db_query("DELETE FROM ttrss_users WHERE id = '$id'"); + $this->dbh->query("DELETE FROM ttrss_tags WHERE owner_uid = '$id'"); + $this->dbh->query("DELETE FROM ttrss_feeds WHERE owner_uid = '$id'"); + $this->dbh->query("DELETE FROM ttrss_users WHERE id = '$id'"); } } } function add() { - $login = db_escape_string(trim($_REQUEST["login"])); + $login = $this->dbh->escape_string(trim($_REQUEST["login"])); $tmp_user_pwd = make_password(8); $salt = substr(bin2hex(get_random_bytes(125)), 0, 250); $pwd_hash = encrypt_password($tmp_user_pwd, $salt, true); - $result = db_query("SELECT id FROM ttrss_users WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE login = '$login'"); - if (db_num_rows($result) == 0) { + if ($this->dbh->num_rows($result) == 0) { - db_query("INSERT INTO ttrss_users + $this->dbh->query("INSERT INTO ttrss_users (login,pwd_hash,access_level,last_login,created, salt) VALUES ('$login', '$pwd_hash', 0, null, NOW(), '$salt')"); - $result = db_query("SELECT id FROM ttrss_users WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE login = '$login' AND pwd_hash = '$pwd_hash'"); - if (db_num_rows($result) == 1) { + if ($this->dbh->num_rows($result) == 1) { - $new_uid = db_fetch_result($result, 0, "id"); + $new_uid = $this->dbh->fetch_result($result, 0, "id"); print format_notice(T_sprintf("Added user <b>%s</b> with password <b>%s</b>", $login, $tmp_user_pwd)); @@ -304,7 +304,7 @@ class Pref_Users extends Handler_Protected { } function resetPass() { - $uid = db_escape_string($_REQUEST["id"]); + $uid = $this->dbh->escape_string($_REQUEST["id"]); Pref_Users::resetUserPassword($uid, true); } @@ -317,7 +317,7 @@ class Pref_Users extends Handler_Protected { print "<div id=\"pref-user-toolbar\" dojoType=\"dijit.Toolbar\">"; - $user_search = db_escape_string($_REQUEST["search"]); + $user_search = $this->dbh->escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_user_search"] = $user_search; @@ -332,7 +332,7 @@ class Pref_Users extends Handler_Protected { __('Search')."</button> </div>"; - $sort = db_escape_string($_REQUEST["sort"]); + $sort = $this->dbh->escape_string($_REQUEST["sort"]); if (!$sort || $sort == "undefined") { $sort = "login"; @@ -381,7 +381,7 @@ class Pref_Users extends Handler_Protected { $user_search_query = ""; } - $result = db_query("SELECT + $result = $this->dbh->query("SELECT id,login,access_level,email, ".SUBSTRING_FOR_DATE."(last_login,1,16) as last_login, ".SUBSTRING_FOR_DATE."(created,1,16) as created @@ -392,7 +392,7 @@ class Pref_Users extends Handler_Protected { id > 0 ORDER BY $sort"); - if (db_num_rows($result) > 0) { + if ($this->dbh->num_rows($result) > 0) { print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefUserList\" id=\"prefUserList\">"; @@ -406,7 +406,7 @@ class Pref_Users extends Handler_Protected { $lnum = 0; - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; diff --git a/classes/rpc.php b/classes/rpc.php index 3b753f118..51c195f11 100644 --- a/classes/rpc.php +++ b/classes/rpc.php @@ -8,18 +8,18 @@ class RPC extends Handler_Protected { } function setprofile() { - $id = db_escape_string($_REQUEST["id"]); + $id = $this->dbh->escape_string($_REQUEST["id"]); $_SESSION["profile"] = $id; $_SESSION["prefs_cache"] = array(); } function remprofiles() { - $ids = explode(",", db_escape_string(trim($_REQUEST["ids"]))); + $ids = explode(",", $this->dbh->escape_string(trim($_REQUEST["ids"]))); foreach ($ids as $id) { if ($_SESSION["profile"] != $id) { - db_query("DELETE FROM ttrss_settings_profiles WHERE id = '$id' AND + $this->dbh->query("DELETE FROM ttrss_settings_profiles WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } } @@ -27,23 +27,23 @@ class RPC extends Handler_Protected { // Silent function addprofile() { - $title = db_escape_string(trim($_REQUEST["title"])); + $title = $this->dbh->escape_string(trim($_REQUEST["title"])); if ($title) { - db_query("BEGIN"); + $this->dbh->query("BEGIN"); - $result = db_query("SELECT id FROM ttrss_settings_profiles + $result = $this->dbh->query("SELECT id FROM ttrss_settings_profiles WHERE title = '$title' AND owner_uid = " . $_SESSION["uid"]); - if (db_num_rows($result) == 0) { + if ($this->dbh->num_rows($result) == 0) { - db_query("INSERT INTO ttrss_settings_profiles (title, owner_uid) + $this->dbh->query("INSERT INTO ttrss_settings_profiles (title, owner_uid) VALUES ('$title', ".$_SESSION["uid"] .")"); - $result = db_query("SELECT id FROM ttrss_settings_profiles WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_settings_profiles WHERE title = '$title'"); - if (db_num_rows($result) != 0) { - $profile_id = db_fetch_result($result, 0, "id"); + if ($this->dbh->num_rows($result) != 0) { + $profile_id = $this->dbh->fetch_result($result, 0, "id"); if ($profile_id) { initialize_user_prefs($_SESSION["uid"], $profile_id); @@ -51,14 +51,14 @@ class RPC extends Handler_Protected { } } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } } // Silent function saveprofile() { - $id = db_escape_string($_REQUEST["id"]); - $title = db_escape_string(trim($_REQUEST["value"])); + $id = $this->dbh->escape_string($_REQUEST["id"]); + $title = $this->dbh->escape_string(trim($_REQUEST["value"])); if ($id == 0) { print __("Default profile"); @@ -66,44 +66,44 @@ class RPC extends Handler_Protected { } if ($title) { - db_query("BEGIN"); + $this->dbh->query("BEGIN"); - $result = db_query("SELECT id FROM ttrss_settings_profiles + $result = $this->dbh->query("SELECT id FROM ttrss_settings_profiles WHERE title = '$title' AND owner_uid =" . $_SESSION["uid"]); - if (db_num_rows($result) == 0) { - db_query("UPDATE ttrss_settings_profiles + if ($this->dbh->num_rows($result) == 0) { + $this->dbh->query("UPDATE ttrss_settings_profiles SET title = '$title' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); print $title; } else { - $result = db_query("SELECT title FROM ttrss_settings_profiles + $result = $this->dbh->query("SELECT title FROM ttrss_settings_profiles WHERE id = '$id' AND owner_uid =" . $_SESSION["uid"]); - print db_fetch_result($result, 0, "title"); + print $this->dbh->fetch_result($result, 0, "title"); } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } } // Silent function remarchive() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { - $result = db_query("DELETE FROM ttrss_archived_feeds WHERE + $result = $this->dbh->query("DELETE FROM ttrss_archived_feeds WHERE (SELECT COUNT(*) FROM ttrss_user_entries WHERE orig_feed_id = '$id') = 0 AND id = '$id' AND owner_uid = ".$_SESSION["uid"]); - $rc = db_affected_rows($result); + $rc = $this->dbh->affected_rows($result); } } function addfeed() { - $feed = db_escape_string($_REQUEST['feed']); - $cat = db_escape_string($_REQUEST['cat']); - $login = db_escape_string($_REQUEST['login']); + $feed = $this->dbh->escape_string($_REQUEST['feed']); + $cat = $this->dbh->escape_string($_REQUEST['cat']); + $login = $this->dbh->escape_string($_REQUEST['login']); $pass = trim($_REQUEST['pass']); // escaped later $rc = subscribe_to_feed($feed, $cat, $login, $pass); @@ -112,7 +112,7 @@ class RPC extends Handler_Protected { } function togglepref() { - $key = db_escape_string($_REQUEST["key"]); + $key = $this->dbh->escape_string($_REQUEST["key"]); set_pref($key, !get_pref($key)); $value = get_pref($key); @@ -131,7 +131,7 @@ class RPC extends Handler_Protected { function mark() { $mark = $_REQUEST["mark"]; - $id = db_escape_string($_REQUEST["id"]); + $id = $this->dbh->escape_string($_REQUEST["id"]); if ($mark == "1") { $mark = "true"; @@ -139,7 +139,7 @@ class RPC extends Handler_Protected { $mark = "false"; } - $result = db_query("UPDATE ttrss_user_entries SET marked = $mark, + $result = $this->dbh->query("UPDATE ttrss_user_entries SET marked = $mark, last_marked = NOW() WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); @@ -147,9 +147,9 @@ class RPC extends Handler_Protected { } function delete() { - $ids = db_escape_string($_REQUEST["ids"]); + $ids = $this->dbh->escape_string($_REQUEST["ids"]); - $result = db_query("DELETE FROM ttrss_user_entries + $result = $this->dbh->query("DELETE FROM ttrss_user_entries WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]); purge_orphans(); @@ -161,26 +161,26 @@ class RPC extends Handler_Protected { $ids = explode(",", $_REQUEST["ids"]); foreach ($ids as $id) { - $id = db_escape_string(trim($id)); - db_query("BEGIN"); + $id = $this->dbh->escape_string(trim($id)); + $this->dbh->query("BEGIN"); - $result = db_query("SELECT feed_url,site_url,title FROM ttrss_archived_feeds + $result = $this->dbh->query("SELECT feed_url,site_url,title FROM ttrss_archived_feeds WHERE id = (SELECT orig_feed_id FROM ttrss_user_entries WHERE ref_id = $id AND owner_uid = ".$_SESSION["uid"].")"); - if (db_num_rows($result) != 0) { - $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url")); - $site_url = db_escape_string(db_fetch_result($result, 0, "site_url")); - $title = db_escape_string(db_fetch_result($result, 0, "title")); + if ($this->dbh->num_rows($result) != 0) { + $feed_url = $this->dbh->escape_string(db_fetch_result($result, 0, "feed_url")); + $site_url = $this->dbh->escape_string(db_fetch_result($result, 0, "site_url")); + $title = $this->dbh->escape_string(db_fetch_result($result, 0, "title")); - $result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " .$_SESSION["uid"]); - if (db_num_rows($result) == 0) { + if ($this->dbh->num_rows($result) == 0) { if (!$title) $title = '[Unknown]'; - $result = db_query( + $result = $this->dbh->query( "INSERT INTO ttrss_feeds (owner_uid,feed_url,site_url,title,cat_id,auth_login,auth_pass,update_method) VALUES (".$_SESSION["uid"].", @@ -189,33 +189,33 @@ class RPC extends Handler_Protected { '$title', NULL, '', '', 0)"); - $result = db_query( + $result = $this->dbh->query( "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = ".$_SESSION["uid"]); - if (db_num_rows($result) != 0) { - $feed_id = db_fetch_result($result, 0, "id"); + if ($this->dbh->num_rows($result) != 0) { + $feed_id = $this->dbh->fetch_result($result, 0, "id"); } } else { - $feed_id = db_fetch_result($result, 0, "id"); + $feed_id = $this->dbh->fetch_result($result, 0, "id"); } if ($feed_id) { - $result = db_query("UPDATE ttrss_user_entries + $result = $this->dbh->query("UPDATE ttrss_user_entries SET feed_id = '$feed_id', orig_feed_id = NULL WHERE ref_id = $id AND owner_uid = " . $_SESSION["uid"]); } } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } print json_encode(array("message" => "UPDATE_COUNTERS")); } function archive() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); foreach ($ids as $id) { $this->archive_article($id, $_SESSION["uid"]); @@ -225,41 +225,41 @@ class RPC extends Handler_Protected { } private function archive_article($id, $owner_uid) { - db_query("BEGIN"); + $this->dbh->query("BEGIN"); - $result = db_query("SELECT feed_id FROM ttrss_user_entries + $result = $this->dbh->query("SELECT feed_id FROM ttrss_user_entries WHERE ref_id = '$id' AND owner_uid = $owner_uid"); - if (db_num_rows($result) != 0) { + if ($this->dbh->num_rows($result) != 0) { /* prepare the archived table */ - $feed_id = (int) db_fetch_result($result, 0, "feed_id"); + $feed_id = (int) $this->dbh->fetch_result($result, 0, "feed_id"); if ($feed_id) { - $result = db_query("SELECT id FROM ttrss_archived_feeds + $result = $this->dbh->query("SELECT id FROM ttrss_archived_feeds WHERE id = '$feed_id'"); - if (db_num_rows($result) == 0) { - db_query("INSERT INTO ttrss_archived_feeds + if ($this->dbh->num_rows($result) == 0) { + $this->dbh->query("INSERT INTO ttrss_archived_feeds (id, owner_uid, title, feed_url, site_url) SELECT id, owner_uid, title, feed_url, site_url from ttrss_feeds WHERE id = '$feed_id'"); } - db_query("UPDATE ttrss_user_entries + $this->dbh->query("UPDATE ttrss_user_entries SET orig_feed_id = feed_id, feed_id = NULL WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); } } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } function publ() { $pub = $_REQUEST["pub"]; - $id = db_escape_string($_REQUEST["id"]); - $note = trim(strip_tags(db_escape_string($_REQUEST["note"]))); + $id = $this->dbh->escape_string($_REQUEST["id"]); + $note = trim(strip_tags($this->dbh->escape_string($_REQUEST["note"]))); if ($pub == "1") { $pub = "true"; @@ -267,7 +267,7 @@ class RPC extends Handler_Protected { $pub = "false"; } - $result = db_query("UPDATE ttrss_user_entries SET + $result = $this->dbh->query("UPDATE ttrss_user_entries SET published = $pub, last_published = NOW() WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); @@ -305,7 +305,7 @@ class RPC extends Handler_Protected { /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */ function catchupSelected() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); $cmode = sprintf("%d", $_REQUEST["cmode"]); catchupArticlesById($ids, $cmode); @@ -314,7 +314,7 @@ class RPC extends Handler_Protected { } function markSelected() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); $cmode = sprintf("%d", $_REQUEST["cmode"]); $this->markArticlesById($ids, $cmode); @@ -323,7 +323,7 @@ class RPC extends Handler_Protected { } function publishSelected() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); $cmode = sprintf("%d", $_REQUEST["cmode"]); $this->publishArticlesById($ids, $cmode); @@ -349,40 +349,40 @@ class RPC extends Handler_Protected { } function completeLabels() { - $search = db_escape_string($_REQUEST["search"]); + $search = $this->dbh->escape_string($_REQUEST["search"]); - $result = db_query("SELECT DISTINCT caption FROM + $result = $this->dbh->query("SELECT DISTINCT caption FROM ttrss_labels2 WHERE owner_uid = '".$_SESSION["uid"]."' AND LOWER(caption) LIKE LOWER('$search%') ORDER BY caption LIMIT 5"); print "<ul>"; - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { print "<li>" . $line["caption"] . "</li>"; } print "</ul>"; } function purge() { - $ids = explode(",", db_escape_string($_REQUEST["ids"])); + $ids = explode(",", $this->dbh->escape_string($_REQUEST["ids"])); $days = sprintf("%d", $_REQUEST["days"]); foreach ($ids as $id) { - $result = db_query("SELECT id FROM ttrss_feeds WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE id = '$id' AND owner_uid = ".$_SESSION["uid"]); - if (db_num_rows($result) == 1) { + if ($this->dbh->num_rows($result) == 1) { purge_feed($id, $days); } } } function updateFeedBrowser() { - $search = db_escape_string($_REQUEST["search"]); - $limit = db_escape_string($_REQUEST["limit"]); - $mode = (int) db_escape_string($_REQUEST["mode"]); + $search = $this->dbh->escape_string($_REQUEST["search"]); + $limit = $this->dbh->escape_string($_REQUEST["limit"]); + $mode = (int) $this->dbh->escape_string($_REQUEST["mode"]); require_once "feedbrowser.php"; @@ -402,14 +402,14 @@ class RPC extends Handler_Protected { if ($mode == 1) { foreach ($payload as $feed) { - $title = db_escape_string($feed[0]); - $feed_url = db_escape_string($feed[1]); + $title = $this->dbh->escape_string($feed[0]); + $feed_url = $this->dbh->escape_string($feed[1]); - $result = db_query("SELECT id FROM ttrss_feeds WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); - if (db_num_rows($result) == 0) { - $result = db_query("INSERT INTO ttrss_feeds + if ($this->dbh->num_rows($result) == 0) { + $result = $this->dbh->query("INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id,site_url) VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL, '')"); @@ -418,19 +418,19 @@ class RPC extends Handler_Protected { } else if ($mode == 2) { // feed archive foreach ($payload as $id) { - $result = db_query("SELECT * FROM ttrss_archived_feeds + $result = $this->dbh->query("SELECT * FROM ttrss_archived_feeds WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); - if (db_num_rows($result) != 0) { - $site_url = db_escape_string(db_fetch_result($result, 0, "site_url")); - $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url")); - $title = db_escape_string(db_fetch_result($result, 0, "title")); + if ($this->dbh->num_rows($result) != 0) { + $site_url = $this->dbh->escape_string(db_fetch_result($result, 0, "site_url")); + $feed_url = $this->dbh->escape_string(db_fetch_result($result, 0, "feed_url")); + $title = $this->dbh->escape_string(db_fetch_result($result, 0, "title")); - $result = db_query("SELECT id FROM ttrss_feeds WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); - if (db_num_rows($result) == 0) { - $result = db_query("INSERT INTO ttrss_feeds + if ($this->dbh->num_rows($result) == 0) { + $result = $this->dbh->query("INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id,site_url) VALUES ('$id','".$_SESSION["uid"]."', '$feed_url', '$title', NULL, '$site_url')"); @@ -441,9 +441,9 @@ class RPC extends Handler_Protected { } function catchupFeed() { - $feed_id = db_escape_string($_REQUEST['feed_id']); - $is_cat = db_escape_string($_REQUEST['is_cat']) == "true"; - $mode = db_escape_string($_REQUEST['mode']); + $feed_id = $this->dbh->escape_string($_REQUEST['feed_id']); + $is_cat = $this->dbh->escape_string($_REQUEST['is_cat']) == "true"; + $mode = $this->dbh->escape_string($_REQUEST['mode']); catchup_feed($feed_id, $is_cat, false, false, $mode); @@ -451,15 +451,15 @@ class RPC extends Handler_Protected { } function quickAddCat() { - $cat = db_escape_string($_REQUEST["cat"]); + $cat = $this->dbh->escape_string($_REQUEST["cat"]); add_feed_category($cat); - $result = db_query("SELECT id FROM ttrss_feed_categories WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feed_categories WHERE title = '$cat' AND owner_uid = " . $_SESSION["uid"]); - if (db_num_rows($result) == 1) { - $id = db_fetch_result($result, 0, "id"); + if ($this->dbh->num_rows($result) == 1) { + $id = $this->dbh->fetch_result($result, 0, "id"); } else { $id = 0; } @@ -469,7 +469,7 @@ class RPC extends Handler_Protected { // Silent function clearArticleKeys() { - db_query("UPDATE ttrss_user_entries SET uuid = '' WHERE + $this->dbh->query("UPDATE ttrss_user_entries SET uuid = '' WHERE owner_uid = " . $_SESSION["uid"]); return; @@ -516,7 +516,7 @@ class RPC extends Handler_Protected { $random_qpart = sql_random_function(); // We search for feed needing update. - $result = db_query("SELECT ttrss_feeds.feed_url,ttrss_feeds.id + $result = $this->dbh->query("SELECT ttrss_feeds.feed_url,ttrss_feeds.id FROM ttrss_feeds, ttrss_users, ttrss_user_prefs WHERE @@ -535,7 +535,7 @@ class RPC extends Handler_Protected { $tstart = time(); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $feed_id = $line["id"]; if (time() - $tstart < ini_get("max_execution_time") * 0.7) { @@ -570,15 +570,15 @@ class RPC extends Handler_Protected { $ids_qpart = join(" OR ", $tmp_ids); if ($cmode == 0) { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET marked = false, last_marked = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } else if ($cmode == 1) { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET marked = true, last_marked = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } else { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET marked = NOT marked,last_marked = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } @@ -595,15 +595,15 @@ class RPC extends Handler_Protected { $ids_qpart = join(" OR ", $tmp_ids); if ($cmode == 0) { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET published = false,last_published = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } else if ($cmode == 1) { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET published = true,last_published = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } else { - db_query("UPDATE ttrss_user_entries SET + $this->dbh->query("UPDATE ttrss_user_entries SET published = NOT published,last_published = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } @@ -620,14 +620,14 @@ class RPC extends Handler_Protected { } function getlinktitlebyid() { - $id = db_escape_string($_REQUEST['id']); + $id = $this->dbh->escape_string($_REQUEST['id']); - $result = db_query("SELECT link, title FROM ttrss_entries, ttrss_user_entries + $result = $this->dbh->query("SELECT link, title FROM ttrss_entries, ttrss_user_entries WHERE ref_id = '$id' AND ref_id = id AND owner_uid = ". $_SESSION["uid"]); - if (db_num_rows($result) != 0) { - $link = db_fetch_result($result, 0, "link"); - $title = db_fetch_result($result, 0, "title"); + if ($this->dbh->num_rows($result) != 0) { + $link = $this->dbh->fetch_result($result, 0, "link"); + $title = $this->dbh->fetch_result($result, 0, "title"); echo json_encode(array("link" => $link, "title" => $title)); } else { |