summaryrefslogtreecommitdiff
path: root/include/functions.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/functions.php')
-rw-r--r--include/functions.php140
1 files changed, 98 insertions, 42 deletions
diff --git a/include/functions.php b/include/functions.php
index 54b565799..7071765ba 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -1,6 +1,6 @@
<?php
define('EXPECTED_CONFIG_VERSION', 26);
- define('SCHEMA_VERSION', 105);
+ define('SCHEMA_VERSION', 106);
$fetch_last_error = false;
$pluginhost = false;
@@ -123,14 +123,24 @@
* @return void
*/
function _debug($msg) {
- if (defined('QUIET') && QUIET) {
- return;
- }
$ts = strftime("%H:%M:%S", time());
if (function_exists('posix_getpid')) {
$ts = "$ts/" . posix_getpid();
}
- print "[$ts] $msg\n";
+
+ if (!(defined('QUIET') && QUIET)) {
+ print "[$ts] $msg\n";
+ }
+
+ if (defined('LOGFILE')) {
+ $fp = fopen(LOGFILE, 'a+');
+
+ if ($fp) {
+ fputs($fp, "[$ts] $msg\n");
+ fclose($fp);
+ }
+ }
+
} // function _debug
/**
@@ -287,12 +297,16 @@
global $fetch_last_error;
if (function_exists('curl_init') && !ini_get("open_basedir")) {
- //$ch = curl_init($url);
- $ch = curl_init(geturl($url));
+
+ if (ini_get("safe_mode")) {
+ $ch = curl_init(geturl($url));
+ } else {
+ $ch = curl_init($url);
+ }
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout ? $timeout : 15);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout ? $timeout : 45);
- //curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+ curl_setopt($ch, CURLOPT_FOLLOWLOCATION, !ini_get("safe_mode"));
curl_setopt($ch, CURLOPT_MAXREDIRS, 20);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
@@ -783,11 +797,6 @@
}
}
- // Deprecated, TODO: remove
- function theme_image($link, $filename) {
- return $filename;
- }
-
function convert_timestamp($timestamp, $source_tz, $dest_tz) {
try {
@@ -1822,10 +1831,10 @@
function make_init_params($link) {
$params = array();
- $params["sign_progress"] = theme_image($link, "images/indicator_white.gif");
- $params["sign_progress_tiny"] = theme_image($link, "images/indicator_tiny.gif");
- $params["sign_excl"] = theme_image($link, "images/sign_excl.svg");
- $params["sign_info"] = theme_image($link, "images/sign_info.svg");
+ $params["sign_progress"] = "images/indicator_white.gif";
+ $params["sign_progress_tiny"] = "images/indicator_tiny.gif";
+ $params["sign_excl"] = "images/sign_excl.svg";
+ $params["sign_info"] = "images/sign_info.svg";
foreach (array("ON_CATCHUP_SHOW_NEXT_FEED", "HIDE_READ_FEEDS",
"ENABLE_FEED_CATS", "FEEDS_SORT_BY_UNREAD", "CONFIRM_FEED_CATCHUP",
@@ -1886,7 +1895,7 @@
"article_scroll_up" => __("Scroll up"),
"select_article_cursor" => __("Select article under cursor"),
"email_article" => __("Email article"),
- "close_article" => __("Close article"),
+ "close_article" => __("Close/collapse article"),
"toggle_widescreen" => __("Toggle widescreen mode")),
__("Article selection") => array(
"select_all" => __("Select all articles"),
@@ -1947,6 +1956,8 @@
"c n" => "catchup_above",
"*n" => "article_scroll_down",
"*p" => "article_scroll_up",
+ "*(38)|Shift+up" => "article_scroll_up",
+ "*(40)|Shift+down" => "article_scroll_down",
"a *w" => "toggle_widescreen",
"e" => "email_article",
"a q" => "close_article",
@@ -2060,7 +2071,7 @@
return $data;
}
- function search_to_sql($link, $search, $match_on) {
+ function search_to_sql($link, $search) {
$search_query_part = "";
@@ -2107,13 +2118,9 @@
//$k = date("Y-m-d", strtotime(substr($k, 1)));
array_push($query_keywords, "(".SUBSTRING_FOR_DATE."(updated,1,LENGTH('$k')) $not = '$k')");
- } else if ($match_on == "both") {
+ } else {
array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%')
OR UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))");
- } else if ($match_on == "title") {
- array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%'))");
- } else if ($match_on == "content") {
- array_push($query_keywords, "(UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))");
}
}
@@ -2150,7 +2157,7 @@
return $rv;
}
- function queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $match_on, $override_order = false, $offset = 0, $owner_uid = 0, $filter = false, $since_id = 0, $include_children = false, $ignore_vfeed_group = false) {
+ function queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $override_order = false, $offset = 0, $owner_uid = 0, $filter = false, $since_id = 0, $include_children = false, $ignore_vfeed_group = false) {
if (!$owner_uid) $owner_uid = $_SESSION["uid"];
@@ -2167,7 +2174,7 @@
$search_query_part = "ref_id = -1 AND ";
} else {
- $search_query_part = search_to_sql($link, $search, $match_on);
+ $search_query_part = search_to_sql($link, $search);
$search_query_part .= " AND ";
}
@@ -2460,6 +2467,7 @@
num_comments,
comments,
int_id,
+ hide_images,
unread,feed_id,marked,published,link,last_read,orig_feed_id,
last_marked, last_published,
".SUBSTRING_FOR_DATE."(last_read,1,19) as last_read_noms,
@@ -2504,6 +2512,7 @@
"label_cache," .
"link," .
"last_read," .
+ "(SELECT hide_images FROM ttrss_feeds WHERE id = feed_id) AS hide_images," .
"last_marked, last_published, " .
SUBSTRING_FOR_DATE . "(last_read,1,19) as last_read_noms," .
$since_id_part .
@@ -2559,15 +2568,11 @@
}
- function sanitize($link, $str, $force_strip_tags = false, $owner = false, $site_url = false) {
+ function sanitize($link, $str, $force_remove_images = false, $owner = false, $site_url = false) {
if (!$owner) $owner = $_SESSION["uid"];
$res = trim($str); if (!$res) return '';
- if (get_pref($link, "STRIP_IMAGES", $owner)) {
- $res = preg_replace('/<img[^>]+>/is', '', $res);
- }
-
if (strpos($res, "href=") === false)
$res = rewrite_urls($res);
@@ -2604,6 +2609,24 @@
$entry->setAttribute('src', $src);
}
+
+ if ($entry->nodeName == 'img') {
+ if (($owner && get_pref($link, "STRIP_IMAGES", $owner)) ||
+ $force_remove_images) {
+
+ $p = $doc->createElement('p');
+
+ $a = $doc->createElement('a');
+ $a->setAttribute('href', $entry->getAttribute('src'));
+
+ $a->appendChild(new DOMText($entry->getAttribute('src')));
+ $a->setAttribute('target', '_blank');
+
+ $p->appendChild($a);
+
+ $entry->parentNode->replaceChild($p, $entry);
+ }
+ }
}
if (strtolower($entry->nodeName) == "a") {
@@ -2613,7 +2636,16 @@
$entries = $xpath->query('//iframe');
foreach ($entries as $entry) {
- $entry->setAttribute('sandbox', true);
+ $entry->setAttribute('sandbox', 'allow-scripts');
+
+ }
+
+ global $pluginhost;
+
+ if (isset($pluginhost)) {
+ foreach ($pluginhost->get_hooks($pluginhost::HOOK_SANITIZE) as $plugin) {
+ $doc = $plugin->hook_sanitize($doc, $site_url);
+ }
}
$doc->removeChild($doc->firstChild); //remove doctype
@@ -2625,9 +2657,9 @@
function strip_harmful_tags($doc) {
$entries = $doc->getElementsByTagName("*");
- $allowed_elements = array('a', 'address', 'audio',
+ $allowed_elements = array('a', 'address', 'audio', 'article',
'b', 'big', 'blockquote', 'body', 'br', 'cite',
- 'code', 'dd', 'del', 'details', 'div', 'dl',
+ 'code', 'dd', 'del', 'details', 'div', 'dl', 'font',
'dt', 'em', 'footer', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
'header', 'html', 'i', 'img', 'ins', 'kbd',
'li', 'nav', 'ol', 'p', 'pre', 'q', 's','small',
@@ -2809,19 +2841,19 @@
function format_warning($msg, $id = "") {
global $link;
return "<div class=\"warning\" id=\"$id\">
- <img src=\"".theme_image($link, "images/sign_excl.svg")."\">$msg</div>";
+ <img src=\"images/sign_excl.svg\">$msg</div>";
}
function format_notice($msg, $id = "") {
global $link;
return "<div class=\"notice\" id=\"$id\">
- <img src=\"".theme_image($link, "images/sign_info.svg")."\">$msg</div>";
+ <img src=\"images/sign_info.svg\">$msg</div>";
}
function format_error($msg, $id = "") {
global $link;
return "<div class=\"error\" id=\"$id\">
- <img src=\"".theme_image($link, "images/sign_excl.svg")."\">$msg</div>";
+ <img src=\"images/sign_excl.svg\">$msg</div>";
}
function print_notice($msg) {
@@ -2846,6 +2878,8 @@
$entry = "";
+ $url = htmlspecialchars($url);
+
if (strpos($ctype, "audio/") === 0) {
if ($_SESSION["hasAudio"] && (strpos($ctype, "ogg") !== false ||
@@ -2872,7 +2906,8 @@
</object>";
}
- if ($entry) $entry .= "&nbsp;" . basename($url);
+ if ($entry) $entry .= "&nbsp; <a target=\"_blank\"
+ href=\"$url\">" . basename($url) . "</a>";
return $entry;
@@ -3007,7 +3042,7 @@
if (!$entry_comments) $entry_comments = "&nbsp;"; # placeholder
$rv['content'] .= "<div class='postTags' style='float : right'>
- <img src='".theme_image($link, 'images/tag.png')."'
+ <img src='images/tag.png'
class='tagsPic' alt='Tags' title='Tags'>&nbsp;";
if (!$zoom_mode) {
@@ -3602,7 +3637,7 @@
array_push($entries, $entry);
}
- if (!get_pref($link, "STRIP_IMAGES")) {
+ if ($_SESSION['uid'] && !get_pref($link, "STRIP_IMAGES")) {
if ($always_display_enclosures ||
!preg_match("/<img/i", $article_content)) {
@@ -4003,8 +4038,8 @@
$oline='';
foreach($status as $key=>$eline){$oline.='['.$key.']'.$eline.' ';}
$line =$oline." \r\n ".$url."\r\n-----------------\r\n";
- $handle = @fopen('./curl.error.log', 'a');
- fwrite($handle, $line);
+# $handle = @fopen('./curl.error.log', 'a');
+# fwrite($handle, $line);
return FALSE;
}
return $url;
@@ -4038,4 +4073,25 @@
return $rv;
}
+ function stylesheet_tag($filename) {
+ $timestamp = filemtime($filename);
+
+ echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"$filename?$timestamp\"/>\n";
+ }
+
+ function javascript_tag($filename) {
+ $query = "";
+
+ if (!(strpos($filename, "?") === FALSE)) {
+ $query = substr($filename, strpos($filename, "?")+1);
+ $filename = substr($filename, 0, strpos($filename, "?"));
+ }
+
+ $timestamp = filemtime($filename);
+
+ if ($query) $timestamp .= "&$query";
+
+ echo "<script type=\"text/javascript\" charset=\"utf-8\" src=\"$filename?$timestamp\"></script>\n";
+ }
+
?>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-19 10:05:51 +0000