From 3bab5ca6b11db5c14c44e1a1b891de591f5efa73 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Tue, 2 Mar 2021 09:31:23 +0300
Subject: article/redirect: use orm

---
 classes/article.php | 25 +++++++++++--------------
 1 file changed, 11 insertions(+), 14 deletions(-)

diff --git a/classes/article.php b/classes/article.php
index a6a6efebb..4b4051d36 100755
--- a/classes/article.php
+++ b/classes/article.php
@@ -5,26 +5,23 @@ class Article extends Handler_Protected {
 	const ARTICLE_KIND_YOUTUBE = 3;
 
 	function redirect() {
-		$id = (int) clean($_REQUEST['id'] ?? 0);
-
-		$sth = $this->pdo->prepare("SELECT link FROM ttrss_entries, ttrss_user_entries
-						WHERE id = ? AND id = ref_id AND owner_uid = ?
-						LIMIT 1");
-        $sth->execute([$id, $_SESSION['uid']]);
+		$article = ORM::for_table('ttrss_entries')
+			->table_alias('e')
+			->join('ttrss_user_entries', [ 'ref_id', '=', 'e.id'], 'ue')
+				->where('ue.owner_uid', $_SESSION['uid'])
+				->find_one($_REQUEST['id']);
 
-		if ($row = $sth->fetch()) {
-			$article_url = UrlHelper::validate(str_replace("\n", "", $row['link']));
+		if ($article) {
+			$article_url = UrlHelper::validate($article->link);
 
 			if ($article_url) {
 				header("Location: $article_url");
-			} else {
-				header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found");
-				print "URL of article $id is blank.";
+				return;
 			}
-
-		} else {
-			print_error(__("Article not found."));
 		}
+
+		header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found");
+		print "Article not found or has an empty URL.";
 	}
 
 	static function _create_published_article($title, $url, $content, $labels_str,
-- 
cgit v1.2.3