summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/db-prefs.php6
-rw-r--r--include/db.php6
-rw-r--r--include/digest.php28
-rw-r--r--include/feedbrowser.php2
-rw-r--r--include/functions.php202
-rw-r--r--include/labels.php2
-rw-r--r--include/localized_schema.php2
-rw-r--r--include/login_form.php16
-rw-r--r--include/rssfuncs.php58
-rw-r--r--include/sanity_config.php2
-rw-r--r--include/sessions.php6
-rw-r--r--include/version.php2
12 files changed, 162 insertions, 170 deletions
diff --git a/include/db-prefs.php b/include/db-prefs.php
index 641e9d1dd..f6a78939b 100644
--- a/include/db-prefs.php
+++ b/include/db-prefs.php
@@ -44,7 +44,7 @@
function get_pref($link, $pref_name, $user_id = false, $die_on_error = false) {
- $pref_name = db_escape_string($pref_name);
+ $pref_name = db_escape_string($link, $pref_name);
$prefs_cache = true;
$profile = false;
@@ -115,8 +115,8 @@
}
function set_pref($link, $pref_name, $value, $user_id = false, $strip_tags = true) {
- $pref_name = db_escape_string($pref_name);
- $value = db_escape_string($value, $strip_tags);
+ $pref_name = db_escape_string($link, $pref_name);
+ $value = db_escape_string($link, $value, $strip_tags);
if (!$user_id) {
$user_id = $_SESSION["uid"];
diff --git a/include/db.php b/include/db.php
index f1a7af363..0479df6a9 100644
--- a/include/db.php
+++ b/include/db.php
@@ -41,13 +41,13 @@ function db_connect($host, $user, $pass, $db) {
}
}
-function db_escape_string($s, $strip_tags = true) {
+function db_escape_string($link, $s, $strip_tags = true) {
if ($strip_tags) $s = strip_tags($s);
if (DB_TYPE == "pgsql") {
- return pg_escape_string($s);
+ return pg_escape_string($link, $s);
} else {
- return mysql_real_escape_string($s);
+ return mysql_real_escape_string($s, $link);
}
}
diff --git a/include/digest.php b/include/digest.php
index 93ce373a2..ab29d9432 100644
--- a/include/digest.php
+++ b/include/digest.php
@@ -8,7 +8,7 @@
*/
function send_headlines_digests($link, $debug = false) {
- require_once 'lib/phpmailer/class.phpmailer.php';
+ require_once 'classes/ttrssmailer.php';
$user_limit = 15; // amount of users to process (e.g. emails to send out)
$limit = 1000; // maximum amount of headlines to include
@@ -50,31 +50,9 @@
if ($headlines_count > 0) {
- $mail = new PHPMailer();
+ $mail = new ttrssMailer();
- $mail->PluginDir = "lib/phpmailer/";
- $mail->SetLanguage("en", "lib/phpmailer/language/");
-
- $mail->CharSet = "UTF-8";
-
- $mail->From = SMTP_FROM_ADDRESS;
- $mail->FromName = SMTP_FROM_NAME;
- $mail->AddAddress($line["email"], $line["login"]);
-
- if (SMTP_HOST) {
- $mail->Host = SMTP_HOST;
- $mail->Mailer = "smtp";
- $mail->SMTPAuth = SMTP_LOGIN != '';
- $mail->Username = SMTP_LOGIN;
- $mail->Password = SMTP_PASSWORD;
- }
-
- $mail->IsHTML(true);
- $mail->Subject = DIGEST_SUBJECT;
- $mail->Body = $digest;
- $mail->AltBody = $digest_text;
-
- $rc = $mail->Send();
+ $rc = $mail->quickMail($line["email"], $line["login"] , DIGEST_SUBJECT, $digest, $digest_text);
if (!$rc && $debug) print "ERROR: " . $mail->ErrorInfo;
diff --git a/include/feedbrowser.php b/include/feedbrowser.php
index 5b33fb73c..e5ee4a70d 100644
--- a/include/feedbrowser.php
+++ b/include/feedbrowser.php
@@ -80,7 +80,7 @@
$class = ($feedctr % 2) ? "even" : "odd";
if ($line['articles_archived'] > 0) {
- $archived = sprintf(__("%d archived articles"), $line['articles_archived']);
+ $archived = sprintf(ngettext("%d archived article", "%d archived articles", $line['articles_archived']), $line['articles_archived']);
$archived = "&nbsp;<span class='subscribers'>($archived)</span>";
} else {
$archived = '';
diff --git a/include/functions.php b/include/functions.php
index 417a05c23..5582c2b0b 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -44,6 +44,7 @@
$tr = array(
"auto" => "Detect automatically",
"ca_CA" => "Català",
+ "cs_CZ" => "Česky",
"en_US" => "English",
"es_ES" => "Español",
"de_DE" => "Deutsch",
@@ -53,6 +54,7 @@
"ja_JP" => "日本語 (Japanese)",
"lv_LV" => "Latviešu",
"nb_NO" => "Norwegian bokmål",
+ "nl_NL" => "Dutch",
"pl_PL" => "Polski",
"ru_RU" => "Русский",
"pt_BR" => "Portuguese/Brazil",
@@ -74,10 +76,7 @@
$lang = _TRANSLATION_OVERRIDE_DEFAULT;
}
- /* In login action of mobile version */
- if ($_POST["language"] && defined('MOBILE_VERSION')) {
- $lang = $_POST["language"];
- } else if ($_SESSION["language"] && $_SESSION["language"] != "auto") {
+ if ($_SESSION["language"] && $_SESSION["language"] != "auto") {
$lang = $_SESSION["language"];
}
@@ -88,11 +87,7 @@
_setlocale(LC_ALL, $lang);
}
- if (defined('MOBILE_VERSION')) {
- _bindtextdomain("messages", "../locale");
- } else {
- _bindtextdomain("messages", "locale");
- }
+ _bindtextdomain("messages", "locale");
_textdomain("messages");
_bind_textdomain_codeset("messages", "UTF-8");
@@ -122,14 +117,24 @@
* @return void
*/
function _debug($msg) {
- if (defined('QUIET') && QUIET) {
- return;
- }
$ts = strftime("%H:%M:%S", time());
if (function_exists('posix_getpid')) {
$ts = "$ts/" . posix_getpid();
}
- print "[$ts] $msg\n";
+
+ if (!(defined('QUIET') && QUIET)) {
+ print "[$ts] $msg\n";
+ }
+
+ if (defined('LOGFILE')) {
+ $fp = fopen(LOGFILE, 'a+');
+
+ if ($fp) {
+ fputs($fp, "[$ts] $msg\n");
+ fclose($fp);
+ }
+ }
+
} // function _debug
/**
@@ -355,7 +360,7 @@
$data = @file_get_contents($url);
- $gzdecoded = gzdecode($data);
+ @$gzdecoded = gzdecode($data);
if ($gzdecoded) $data = $gzdecoded;
if (!$data && function_exists('error_get_last')) {
@@ -512,7 +517,7 @@
function initialize_user_prefs($link, $uid, $profile = false) {
- $uid = db_escape_string($uid);
+ $uid = db_escape_string($link, $uid);
if (!$profile) {
$profile = "NULL";
@@ -742,7 +747,7 @@
}
}
- function login_sequence($link, $login_form = 0) {
+ function login_sequence($link) {
$_SESSION["prefs_cache"] = false;
if (SINGLE_USER_MODE) {
@@ -758,12 +763,13 @@
authenticate_user($link, null, null, true);
}
- if (!$_SESSION["uid"]) render_login_form($link, $login_form);
+ if (!$_SESSION["uid"]) render_login_form($link);
} else {
/* bump login timestamp */
db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " .
$_SESSION["uid"]);
+ $_SESSION["last_login_update"] = time();
}
if ($_SESSION["uid"] && $_SESSION["language"] && SESSION_COOKIE_LIFETIME > 0) {
@@ -774,7 +780,21 @@
if ($_SESSION["uid"]) {
cache_prefs($link);
load_user_plugins($link, $_SESSION["uid"]);
+
+ /* cleanup ccache */
+
+ db_query($link, "DELETE FROM ttrss_counters_cache WHERE owner_uid = ".
+ $_SESSION["uid"] . " AND
+ (SELECT COUNT(id) FROM ttrss_feeds WHERE
+ ttrss_feeds.id = feed_id) = 0");
+
+ db_query($link, "DELETE FROM ttrss_cat_counters_cache WHERE owner_uid = ".
+ $_SESSION["uid"] . " AND
+ (SELECT COUNT(id) FROM ttrss_feed_categories WHERE
+ ttrss_feed_categories.id = feed_id) = 0");
+
}
+
}
}
@@ -786,11 +806,6 @@
}
}
- // Deprecated, TODO: remove
- function theme_image($link, $filename) {
- return $filename;
- }
-
function convert_timestamp($timestamp, $source_tz, $dest_tz) {
try {
@@ -912,7 +927,7 @@
}
}
- if (db_escape_string("testTEST") != "testTEST") {
+ if (db_escape_string($link, "testTEST") != "testTEST") {
$error_code = 12;
}
@@ -1087,7 +1102,7 @@
} else { // tag
db_query($link, "BEGIN");
- $tag_name = db_escape_string($feed);
+ $tag_name = db_escape_string($link, $feed);
$result = db_query($link, "SELECT post_int_id FROM ttrss_tags
WHERE tag_name = '$tag_name' AND owner_uid = $owner_uid");
@@ -1284,7 +1299,7 @@
return 0;
} else if ($feed != "0" && $n_feed == 0) {
- $feed = db_escape_string($feed);
+ $feed = db_escape_string($link, $feed);
$result = db_query($link, "SELECT SUM((SELECT COUNT(int_id)
FROM ttrss_user_entries,ttrss_entries WHERE int_id = post_int_id
@@ -1520,7 +1535,7 @@
* 5 - Couldn't download the URL content.
*/
function subscribe_to_feed($link, $url, $cat_id = 0,
- $auth_login = '', $auth_pass = '', $need_auth = false) {
+ $auth_login = '', $auth_pass = '') {
global $fetch_last_error;
@@ -1825,11 +1840,6 @@
function make_init_params($link) {
$params = array();
- $params["sign_progress"] = theme_image($link, "images/indicator_white.gif");
- $params["sign_progress_tiny"] = theme_image($link, "images/indicator_tiny.gif");
- $params["sign_excl"] = theme_image($link, "images/sign_excl.svg");
- $params["sign_info"] = theme_image($link, "images/sign_info.svg");
-
foreach (array("ON_CATCHUP_SHOW_NEXT_FEED", "HIDE_READ_FEEDS",
"ENABLE_FEED_CATS", "FEEDS_SORT_BY_UNREAD", "CONFIRM_FEED_CATCHUP",
"CDM_AUTO_CATCHUP", "FRESH_ARTICLE_MAX_AGE", "DEFAULT_ARTICLE_LIMIT",
@@ -1890,7 +1900,8 @@
"select_article_cursor" => __("Select article under cursor"),
"email_article" => __("Email article"),
"close_article" => __("Close/collapse article"),
- "toggle_widescreen" => __("Toggle widescreen mode")),
+ "toggle_widescreen" => __("Toggle widescreen mode"),
+ "toggle_embed_original" => __("Toggle embed original")),
__("Article selection") => array(
"select_all" => __("Select all articles"),
"select_unread" => __("Select unread"),
@@ -1953,6 +1964,7 @@
"*(38)|Shift+up" => "article_scroll_up",
"*(40)|Shift+down" => "article_scroll_down",
"a *w" => "toggle_widescreen",
+ "a e" => "toggle_embed_original",
"e" => "email_article",
"a q" => "close_article",
// "article_selection" => array(
@@ -2026,6 +2038,8 @@
$data['last_article_id'] = getLastArticleId($link);
$data['cdm_expanded'] = get_pref($link, 'CDM_EXPANDED');
+ $data['dep_ts'] = calculate_dep_timestamp();
+
if (file_exists(LOCK_DIRECTORY . "/update_daemon.lock")) {
$data['daemon_is_running'] = (int) file_is_locked("update_daemon.lock");
@@ -2065,7 +2079,7 @@
return $data;
}
- function search_to_sql($link, $search, $match_on) {
+ function search_to_sql($link, $search) {
$search_query_part = "";
@@ -2112,13 +2126,9 @@
//$k = date("Y-m-d", strtotime(substr($k, 1)));
array_push($query_keywords, "(".SUBSTRING_FOR_DATE."(updated,1,LENGTH('$k')) $not = '$k')");
- } else if ($match_on == "both") {
+ } else {
array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%')
OR UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))");
- } else if ($match_on == "title") {
- array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%'))");
- } else if ($match_on == "content") {
- array_push($query_keywords, "(UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))");
}
}
@@ -2155,7 +2165,7 @@
return $rv;
}
- function queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $match_on, $override_order = false, $offset = 0, $owner_uid = 0, $filter = false, $since_id = 0, $include_children = false, $ignore_vfeed_group = false) {
+ function queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $override_order = false, $offset = 0, $owner_uid = 0, $filter = false, $since_id = 0, $include_children = false, $ignore_vfeed_group = false) {
if (!$owner_uid) $owner_uid = $_SESSION["uid"];
@@ -2172,7 +2182,7 @@
$search_query_part = "ref_id = -1 AND ";
} else {
- $search_query_part = search_to_sql($link, $search, $match_on);
+ $search_query_part = search_to_sql($link, $search);
$search_query_part .= " AND ";
}
@@ -2510,7 +2520,7 @@
"label_cache," .
"link," .
"last_read," .
- "hide_images," .
+ "(SELECT hide_images FROM ttrss_feeds WHERE id = feed_id) AS hide_images," .
"last_marked, last_published, " .
SUBSTRING_FOR_DATE . "(last_read,1,19) as last_read_noms," .
$since_id_part .
@@ -2656,7 +2666,7 @@
$entries = $doc->getElementsByTagName("*");
$allowed_elements = array('a', 'address', 'audio', 'article',
- 'b', 'big', 'blockquote', 'body', 'br', 'cite',
+ 'b', 'big', 'blockquote', 'body', 'br', 'cite', 'center',
'code', 'dd', 'del', 'details', 'div', 'dl', 'font',
'dt', 'em', 'footer', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
'header', 'html', 'i', 'img', 'ins', 'kbd',
@@ -2675,16 +2685,22 @@
}
if ($entry->hasAttributes()) {
- foreach (iterator_to_array($entry->attributes) as $attr) {
+ $attrs_to_remove = array();
+
+ foreach ($entry->attributes as $attr) {
if (strpos($attr->nodeName, 'on') === 0) {
- $entry->removeAttributeNode($attr);
+ array_push($attrs_to_remove, $attr);
}
if (in_array($attr->nodeName, $disallowed_attributes)) {
- $entry->removeAttributeNode($attr);
+ array_push($attrs_to_remove, $attr);
}
}
+
+ foreach ($attrs_to_remove as $attr) {
+ $entry->removeAttributeNode($attr);
+ }
}
}
@@ -2750,7 +2766,7 @@
function get_article_tags($link, $id, $owner_uid = 0, $tag_cache = false) {
- $a_id = db_escape_string($id);
+ $a_id = db_escape_string($link, $id);
if (!$owner_uid) $owner_uid = $_SESSION["uid"];
@@ -2785,7 +2801,7 @@
/* update the cache */
- $tags_str = db_escape_string(join(",", $tags));
+ $tags_str = db_escape_string($link, join(",", $tags));
db_query($link, "UPDATE ttrss_user_entries
SET tag_cache = '$tags_str' WHERE ref_id = '$id'
@@ -2815,15 +2831,8 @@
return true;
}
- function render_login_form($link, $form_id = 0) {
- switch ($form_id) {
- case 0:
- require_once "login_form.php";
- break;
- case 1:
- require_once "mobile/login_form.php";
- break;
- }
+ function render_login_form($link) {
+ require_once "login_form.php";
exit;
}
@@ -2839,19 +2848,19 @@
function format_warning($msg, $id = "") {
global $link;
return "<div class=\"warning\" id=\"$id\">
- <img src=\"".theme_image($link, "images/sign_excl.svg")."\">$msg</div>";
+ <img src=\"images/sign_excl.svg\">$msg</div>";
}
function format_notice($msg, $id = "") {
global $link;
return "<div class=\"notice\" id=\"$id\">
- <img src=\"".theme_image($link, "images/sign_info.svg")."\">$msg</div>";
+ <img src=\"images/sign_info.svg\">$msg</div>";
}
function format_error($msg, $id = "") {
global $link;
return "<div class=\"error\" id=\"$id\">
- <img src=\"".theme_image($link, "images/sign_excl.svg")."\">$msg</div>";
+ <img src=\"images/sign_excl.svg\">$msg</div>";
}
function print_notice($msg) {
@@ -2950,6 +2959,7 @@
$result = db_query($link, "SELECT id,title,link,content,feed_id,comments,int_id,
".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
(SELECT site_url FROM ttrss_feeds WHERE id = feed_id) as site_url,
+ (SELECT hide_images FROM ttrss_feeds WHERE id = feed_id) as hide_images,
num_comments,
tag_cache,
author,
@@ -2998,14 +3008,9 @@
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>
<title>Tiny Tiny RSS - ".$line["title"]."</title>
<link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss.css\">
- </head><body>";
+ </head><body id=\"ttrssZoom\">";
}
- $title_escaped = htmlspecialchars($line['title']);
-
- $rv['content'] .= "<div id=\"PTITLE-FULL-$id\" style=\"display : none\">" .
- strip_tags($line['title']) . "</div>";
-
$rv['content'] .= "<div class=\"postReply\" id=\"POST-$id\">";
$rv['content'] .= "<div class=\"postHeader\" id=\"POSTHDR-$id\">";
@@ -3026,8 +3031,8 @@
title=\"".htmlspecialchars($line['title'])."\"
href=\"" .
htmlspecialchars($line["link"]) . "\">" .
- $line["title"] .
- "<span class='author'>$entry_author</span></a></div>";
+ $line["title"] . "</a>" .
+ "<span class='author'>$entry_author</span></div>";
} else {
$rv['content'] .= "<div class='postTitle'>" . $line["title"] . "$entry_author</div>";
}
@@ -3040,7 +3045,7 @@
if (!$entry_comments) $entry_comments = "&nbsp;"; # placeholder
$rv['content'] .= "<div class='postTags' style='float : right'>
- <img src='".theme_image($link, 'images/tag.png')."'
+ <img src='images/tag.png'
class='tagsPic' alt='Tags' title='Tags'>&nbsp;";
if (!$zoom_mode) {
@@ -3103,35 +3108,10 @@
$rv['content'] .= "<div class=\"postContent\">";
- // N-grams
-
- if (DB_TYPE == "pgsql" and defined('_NGRAM_TITLE_RELATED_THRESHOLD')) {
-
- $ngram_result = db_query($link, "SELECT id,title FROM
- ttrss_entries,ttrss_user_entries
- WHERE ref_id = id AND updated >= NOW() - INTERVAL '7 day'
- AND similarity(title, '$title_escaped') >= "._NGRAM_TITLE_RELATED_THRESHOLD."
- AND title != '$title_escaped'
- AND owner_uid = $owner_uid");
-
- if (db_num_rows($ngram_result) > 0) {
- $rv['content'] .= "<div dojoType=\"dijit.form.DropDownButton\">".
- "<span>" . __('Related')."</span>";
- $rv['content'] .= "<div dojoType=\"dijit.Menu\" style=\"display: none;\">";
-
- while ($nline = db_fetch_assoc($ngram_result)) {
- $rv['content'] .= "<div onclick=\"hlOpenInNewTab(null,".$nline['id'].")\"
- dojoType=\"dijit.MenuItem\">".$nline['title']."</div>";
-
- }
- $rv['content'] .= "</div></div><br/";
- }
- }
-
$rv['content'] .= $line["content"];
$rv['content'] .= format_article_enclosures($link, $id,
- $always_display_enclosures, $line["content"]);
+ $always_display_enclosures, $line["content"], $line["hide_images"]);
$rv['content'] .= "</div>";
@@ -3141,7 +3121,7 @@
if ($zoom_mode) {
$rv['content'] .= "
- <div style=\"text-align : center\">
+ <div class='footer'>
<button onclick=\"return window.close()\">".
__("Close this window")."</button></div>";
$rv['content'] .= "</body></html>";
@@ -3523,7 +3503,7 @@
if (db_num_rows($result) == 1) {
return db_fetch_result($result, 0, "access_key");
} else {
- $key = db_escape_string(sha1(uniqid(rand(), true)));
+ $key = db_escape_string($link, sha1(uniqid(rand(), true)));
$result = db_query($link, "INSERT INTO ttrss_access_keys
(access_key, feed_id, is_cat, owner_uid)
@@ -3594,7 +3574,7 @@
}
function format_article_enclosures($link, $id, $always_display_enclosures,
- $article_content) {
+ $article_content, $hide_images = false) {
$result = get_article_enclosures($link, $id);
$rv = '';
@@ -3644,10 +3624,16 @@
if (preg_match("/image/", $entry["type"]) ||
preg_match("/\.(jpg|png|gif|bmp)/i", $entry["filename"])) {
- $rv .= "<p><img
- alt=\"".htmlspecialchars($entry["filename"])."\"
- src=\"" .htmlspecialchars($entry["url"]) . "\"/></p>";
+ if (!$hide_images) {
+ $rv .= "<p><img
+ alt=\"".htmlspecialchars($entry["filename"])."\"
+ src=\"" .htmlspecialchars($entry["url"]) . "\"/></p>";
+ } else {
+ $rv .= "<p><a target=\"_blank\"
+ href=\"".htmlspecialchars($entry["url"])."\"
+ >" .htmlspecialchars($entry["url"]) . "</a></p>";
+ }
}
}
}
@@ -3871,7 +3857,7 @@
if ($regexp_valid) {
- $rule['reg_exp'] = db_escape_string($rule['reg_exp']);
+ $rule['reg_exp'] = db_escape_string($link, $rule['reg_exp']);
switch ($rule["type"]) {
case "title":
@@ -3902,7 +3888,7 @@
}
if (isset($rule["feed_id"]) && $rule["feed_id"] > 0) {
- $qpart .= " AND feed_id = " . db_escape_string($rule["feed_id"]);
+ $qpart .= " AND feed_id = " . db_escape_string($link, $rule["feed_id"]);
}
if (isset($rule["cat_id"])) {
@@ -4092,4 +4078,16 @@
echo "<script type=\"text/javascript\" charset=\"utf-8\" src=\"$filename?$timestamp\"></script>\n";
}
+ function calculate_dep_timestamp() {
+ $files = array_merge(glob("js/*.js"), glob("*.css"));
+
+ $max_ts = -1;
+
+ foreach ($files as $file) {
+ if (filemtime($file) > $max_ts) $max_ts = filemtime($file);
+ }
+
+ return $max_ts;
+ }
+
?>
diff --git a/include/labels.php b/include/labels.php
index da7e3f97b..e45a38622 100644
--- a/include/labels.php
+++ b/include/labels.php
@@ -88,7 +88,7 @@
if (!$labels)
$labels = get_article_labels($link, $id);
- $labels = db_escape_string(json_encode($labels));
+ $labels = db_escape_string($link, json_encode($labels));
db_query($link, "UPDATE ttrss_user_entries SET
label_cache = '$labels' WHERE ref_id = '$id' AND owner_uid = '$owner_uid'");
diff --git a/include/localized_schema.php b/include/localized_schema.php
index 2f5903dc7..2c2538aee 100644
--- a/include/localized_schema.php
+++ b/include/localized_schema.php
@@ -1,4 +1,4 @@
-<?php # This file has been generated at: Wed Mar 20 15:53:19 MSK 2013
+<?php # This file has been generated at: Sun Mar 24 20:08:41 MSK 2013
__("Title");
__("Title or Content");
diff --git a/include/login_form.php b/include/login_form.php
index 68df544e3..af451239d 100644
--- a/include/login_form.php
+++ b/include/login_form.php
@@ -65,6 +65,20 @@
font-size : 12px;
}
+ a.forgotpass {
+ text-align : right;
+ font-size : 11px;
+ display : inline-block;
+ }
+
+ a {
+ color : #4684ff;
+ }
+
+ a:hover {
+ color : black;
+ }
+
div.footer a {
color : gray;
}
@@ -179,6 +193,8 @@ function bwLimitChange(elem) {
<input type="password" name="password" required="1"
style="width : 220px" class="input"
value="<?php echo $_SESSION["fake_password"] ?>"/>
+ <label></label>
+ <a class='forgotpass' href="public.php?op=forgotpass"><?php echo __("I forgot my password") ?></a>
</div>
<div class="row">
diff --git a/include/rssfuncs.php b/include/rssfuncs.php
index df1d16986..92bfaa023 100644
--- a/include/rssfuncs.php
+++ b/include/rssfuncs.php
@@ -18,10 +18,10 @@
$count = 0;
while ($line = db_fetch_assoc($result)) {
- $subscribers = db_escape_string($line["subscribers"]);
- $feed_url = db_escape_string($line["feed_url"]);
- $title = db_escape_string($line["title"]);
- $site_url = db_escape_string($line["site_url"]);
+ $subscribers = db_escape_string($link, $line["subscribers"]);
+ $feed_url = db_escape_string($link, $line["feed_url"]);
+ $title = db_escape_string($link, $line["title"]);
+ $site_url = db_escape_string($link, $line["site_url"]);
$tmp_result = db_query($link, "SELECT subscribers FROM
ttrss_feedbrowser_cache WHERE feed_url = '$feed_url'");
@@ -200,7 +200,7 @@
$cache_images = sql_bool_to_bool(db_fetch_result($result, 0, "cache_images"));
$fetch_url = db_fetch_result($result, 0, "feed_url");
- $feed = db_escape_string($feed);
+ $feed = db_escape_string($link, $feed);
/* if ($auth_login && $auth_pass ){
$url_parts = array();
@@ -238,7 +238,7 @@
_debug("update_rss_feed: unable to fetch: $fetch_last_error");
}
- $error_escaped = db_escape_string($fetch_last_error);
+ $error_escaped = db_escape_string($link, $fetch_last_error);
db_query($link,
"UPDATE ttrss_feeds SET last_error = '$error_escaped',
@@ -287,7 +287,7 @@
// print_r($rss);
- $feed = db_escape_string($feed);
+ $feed = db_escape_string($link, $feed);
if (!$rss->error()) {
@@ -318,7 +318,7 @@
$owner_uid = db_fetch_result($result, 0, "owner_uid");
- $site_url = db_escape_string(mb_substr(rewrite_relative_url($fetch_url, $rss->get_link()), 0, 245));
+ $site_url = db_escape_string($link, mb_substr(rewrite_relative_url($fetch_url, $rss->get_link()), 0, 245));
if ($debug_enabled) {
_debug("update_rss_feed: checking favicon...");
@@ -333,7 +333,7 @@
if (!$registered_title || $registered_title == "[Unknown]") {
- $feed_title = db_escape_string($rss->get_title());
+ $feed_title = db_escape_string($link, $rss->get_title());
if ($debug_enabled) {
_debug("update_rss_feed: registering title: $feed_title");
@@ -475,13 +475,13 @@
$entry_author = $entry_author_item->get_name();
if (!$entry_author) $entry_author = $entry_author_item->get_email();
- $entry_author = db_escape_string($entry_author);
+ $entry_author = db_escape_string($link, $entry_author);
}
- $entry_guid = db_escape_string(mb_substr($entry_guid, 0, 245));
+ $entry_guid = db_escape_string($link, mb_substr($entry_guid, 0, 245));
- $entry_comments = db_escape_string(mb_substr($entry_comments, 0, 245));
- $entry_author = db_escape_string(mb_substr($entry_author, 0, 245));
+ $entry_comments = db_escape_string($link, mb_substr($entry_comments, 0, 245));
+ $entry_author = db_escape_string($link, mb_substr($entry_author, 0, 245));
$num_comments = $item->get_item_tags('http://purl.org/rss/1.0/modules/slash/', 'comments');
@@ -539,7 +539,7 @@
// FIXME not sure if owner_uid is a good idea here, we may have a base entry without user entry (?)
$result = db_query($link, "SELECT plugin_data,title,content,link,tag_cache,author FROM ttrss_entries, ttrss_user_entries
- WHERE ref_id = id AND guid = '".db_escape_string($entry_guid)."' AND owner_uid = $owner_uid");
+ WHERE ref_id = id AND guid = '".db_escape_string($link, $entry_guid)."' AND owner_uid = $owner_uid");
if (db_num_rows($result) != 0) {
$entry_plugin_data = db_fetch_result($result, 0, "plugin_data");
@@ -568,11 +568,11 @@
}
$entry_tags = $article["tags"];
- $entry_guid = db_escape_string($entry_guid);
- $entry_title = db_escape_string($article["title"]);
- $entry_author = db_escape_string($article["author"]);
- $entry_link = db_escape_string($article["link"]);
- $entry_plugin_data = db_escape_string($article["plugin_data"]);
+ $entry_guid = db_escape_string($link, $entry_guid);
+ $entry_title = db_escape_string($link, $article["title"]);
+ $entry_author = db_escape_string($link, $article["author"]);
+ $entry_link = db_escape_string($link, $article["link"]);
+ $entry_plugin_data = db_escape_string($link, $article["plugin_data"]);
$entry_content = $article["content"]; // escaped below
@@ -583,7 +583,7 @@
if ($cache_images && is_writable(CACHE_DIR . '/images'))
cache_images($entry_content, $site_url, $debug_enabled);
- $entry_content = db_escape_string($entry_content, false);
+ $entry_content = db_escape_string($link, $entry_content, false);
$content_hash = "SHA1:" . sha1($entry_content);
@@ -829,7 +829,7 @@
$update_insignificant = false;
}
- if (db_escape_string($orig_title) != $entry_title) {
+ if (db_escape_string($link, $orig_title) != $entry_title) {
$post_needs_update = true;
$update_insignificant = false;
}
@@ -896,9 +896,9 @@
db_query($link, "BEGIN");
foreach ($enclosures as $enc) {
- $enc_url = db_escape_string($enc[0]);
- $enc_type = db_escape_string($enc[1]);
- $enc_dur = db_escape_string($enc[2]);
+ $enc_url = db_escape_string($link, $enc[0]);
+ $enc_type = db_escape_string($link, $enc[1]);
+ $enc_dur = db_escape_string($link, $enc[2]);
$result = db_query($link, "SELECT id FROM ttrss_enclosures
WHERE content_url = '$enc_url' AND post_id = '$entry_ref_id'");
@@ -959,7 +959,7 @@
foreach ($filtered_tags as $tag) {
$tag = sanitize_tag($tag);
- $tag = db_escape_string($tag);
+ $tag = db_escape_string($link, $tag);
if (!tag_is_valid($tag)) continue;
@@ -981,7 +981,7 @@
$tags_to_cache = array_unique($tags_to_cache);
- $tags_str = db_escape_string(join(",", $tags_to_cache));
+ $tags_str = db_escape_string($link, join(",", $tags_to_cache));
db_query($link, "UPDATE ttrss_user_entries
SET tag_cache = '$tags_str' WHERE ref_id = '$entry_ref_id'
@@ -996,9 +996,9 @@
}
foreach ($labels as $label) {
- $caption = $label["caption"];
+ $caption = preg_quote($label["caption"]);
- if (preg_match("/\b$caption\b/i", "$tags_str " . strip_tags($entry_content) . " $entry_title")) {
+ if ($caption && preg_match("/\b$caption\b/i", "$tags_str " . strip_tags($entry_content) . " $entry_title")) {
if (!labels_contains_caption($article_labels, $caption)) {
label_add_article($link, $entry_ref_id, $caption, $owner_uid);
}
@@ -1031,7 +1031,7 @@
} else {
- $error_msg = db_escape_string(mb_substr($rss->error(), 0, 245));
+ $error_msg = db_escape_string($link, mb_substr($rss->error(), 0, 245));
if ($debug_enabled) {
_debug("update_rss_feed: error fetching feed: $error_msg");
diff --git a/include/sanity_config.php b/include/sanity_config.php
index d4a468f6d..80be1434e 100644
--- a/include/sanity_config.php
+++ b/include/sanity_config.php
@@ -1,3 +1,3 @@
<?php # This file has been generated at: Sat Feb 9 22:34:30 MSK 2013
define('GENERATED_CONFIG_CHECK', 26);
-$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'PUBSUBHUBBUB_HUB', 'PUBSUBHUBBUB_ENABLED', 'SPHINX_ENABLED', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SESSION_EXPIRE_TIME', 'SESSION_CHECK_ADDRESS', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_HOST', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'CHECK_FOR_NEW_VERSION', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'CONFIG_VERSION'); ?>
+$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'PUBSUBHUBBUB_HUB', 'PUBSUBHUBBUB_ENABLED', 'SPHINX_ENABLED', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SESSION_EXPIRE_TIME', 'SESSION_CHECK_ADDRESS', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_HOST', 'SMTP_PORT', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'CHECK_FOR_NEW_VERSION', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'CONFIG_VERSION'); ?>
diff --git a/include/sessions.php b/include/sessions.php
index 2cef1d91b..3355ec49e 100644
--- a/include/sessions.php
+++ b/include/sessions.php
@@ -53,7 +53,7 @@
$expire = time() + $session_expire;
- $data = db_escape_string(base64_encode($data), $session_connection);
+ $data = db_escape_string($session_connection, base64_encode($data), false);
if ($session_read) {
$query = "UPDATE ttrss_sessions SET data='$data',
@@ -71,7 +71,7 @@
global $session_connection;
- db_close($session_connection);
+ //db_close($session_connection);
return true;
}
@@ -96,7 +96,7 @@
db_query($session_connection, $query);
}
- if (!SINGLE_USER_MODE && DB_TYPE == "pgsql") {
+ if (!SINGLE_USER_MODE /* && DB_TYPE == "pgsql" */) {
session_set_save_handler("ttrss_open",
"ttrss_close", "ttrss_read", "ttrss_write",
"ttrss_destroy", "ttrss_gc");
diff --git a/include/version.php b/include/version.php
index 65af7f452..44d7cf53d 100644
--- a/include/version.php
+++ b/include/version.php
@@ -1,3 +1,3 @@
<?php
- define('VERSION', "1.7.4");
+ define('VERSION', "1.7.5");
?>
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-13 02:39:42 +0000