From 2a41fc979057240ab5251e83a3d3f18146ea8b66 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Tue, 15 Dec 2009 14:40:36 +0300 Subject: only accept favicons which are actual images while using CURL (closes #261) --- functions.php | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/functions.php b/functions.php index 7980b68d8..dfe1a41c6 100644 --- a/functions.php +++ b/functions.php @@ -362,11 +362,17 @@ curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_TIMEOUT, 45); curl_exec($ch); - curl_close($ch); - fclose($fp); + + if (strpos(curl_getinfo($ch, CURLINFO_CONTENT_TYPE), "image/") !== false) { + curl_close($ch); + fclose($fp); + $contents = file_get_contents($tmpfile); + } else { + curl_close($ch); + fclose($fp); + } } - $contents = file_get_contents($tmpfile); unlink($tmpfile); return $contents; -- cgit v1.2.3 From 378a548ceaf84153b7b3237bf896582bd642ff20 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 12:50:32 +0300 Subject: add experimental JSON api --- api/index.php | 180 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 180 insertions(+) create mode 100644 api/index.php diff --git a/api/index.php b/api/index.php new file mode 100644 index 000000000..ce30b28f1 --- /dev/null +++ b/api/index.php @@ -0,0 +1,180 @@ + "API_DISABLED")); + return; + } + + $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); + + $session_expire = SESSION_EXPIRE_TIME; //seconds + $session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid_api" : TTRSS_SESSION_NAME . "_api"; + + session_start(); + + if (!$link) { + if (DB_TYPE == "mysql") { + print mysql_error(); + } + // PG seems to display its own errors just fine by default. + return; + } + + init_connection($link); + + $op = db_escape_string($_REQUEST["op"]); + +// header("Content-Type: application/json"); + + if (!$_SESSION["uid"] && $op != "login" && $op != "isLoggedIn") { + print json_encode(array("error" => 'NOT_LOGGED_IN')); + return; + } + +/* TODO: add pref key to disable/enable API + if ($_SESSION["uid"] && !get_pref($link, 'API_ENABLED')) { + print json_encode(array("error" => 'API_DISABLED')); + return; + } */ + + switch ($op) { + case "getVersion": + $rv = array("version" => VERSION); + print json_encode($rv); + break; + case "login": + $login = db_escape_string($_REQUEST["user"]); + $password = db_escape_string($_REQUEST["password"]); + + if (authenticate_user($link, $login, $password)) { + print json_encode(array("uid" => $_SESSION["uid"])); + } else { + print json_encode(array("uid" => 0)); + } + + break; + case "logout": + logout_user(); + print json_encode(array("uid" => 0)); + break; + case "isLoggedIn": + print json_encode(array("status" => $_SESSION["uid"] != '')); + break; + case "getFeeds": + $cat_id = db_escape_string($_REQUEST["cat_id"]); + $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]); + + if (!$cat_id) { + $result = db_query($link, "SELECT + id, feed_url, cat_id, title, ". + SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated + FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]); + } else { + $result = db_query($link, "SELECT + id, feed_url, cat_id, title, ". + SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated + FROM ttrss_feeds WHERE + cat_id = '$cat_id' AND owner_uid = " . $_SESSION["uid"]); + } + + $feeds = array(); + + while ($line = db_fetch_assoc($result)) { + + $unread = getFeedUnread($link, $line["id"]); + + if ($unread || !$unread_only) { + + $line_struct = array( + "feed_url" => $line["feed_url"], + "title" => $line["title"], + "id" => (int)$line["id"], + "unread" => (int)$unread, + "cat_id" => (int)$line["cat_id"], + "last_updated" => strtotime($line["last_updated"]) + ); + + array_push($feeds, $line_struct); + } + } + + print json_encode($feeds); + + break; + case "getCategories": + $result = db_query($link, "SELECT + id, title FROM ttrss_feed_categories + WHERE owner_uid = " . + $_SESSION["uid"]); + + $cats = array(); + + while ($line = db_fetch_assoc($result)) { + $unread = getFeedUnread($link, $line["id"], true); + array_push($cats, array($line["id"] => + array("title" => $line["title"], "unread" => $unread))); + } + + print json_encode($cats); + break; + case "getHeadlines": + $feed_id = db_escape_string($_REQUEST["feed_id"]); + $limit = (int)db_escape_string($_REQUEST["limit"]); + $filter = db_escape_string($_REQUEST["filter"]); + $is_cat = (bool)db_escape_string($_REQUEST["is_cat"]); + $show_except = (bool)db_escape_string($_REQUEST["show_excerpt"]); + + /* do not rely on params below */ + + $search = db_escape_string($_REQUEST["search"]); + $search_mode = db_escape_string($_REQUEST["search_mode"]); + $match_on = db_escape_string($_REQUEST["match_on"]); + + $qfh_ret = queryFeedHeadlines($link, $feed_id, $limit, + $view_mode, $is_cat, $search, $search_mode, $match_on); + + $result = $qfh_ret[0]; + $feed_title = $qfh_ret[1]; + + $headlines = array(); + + while ($line = db_fetch_assoc($result)) { + $is_updated = ($line["last_read"] == "" && + ($line["unread"] != "t" && $line["unread"] != "1")); + + $headline_row = array( + "id" => (int)$line["id"], + "unread" => sql_bool_to_bool($line["unread"]), + "marked" => sql_bool_to_bool($line["marked"]), + "updated" => strtotime($line["updated"]), + "is_updated" => $is_updated, + "title" => $line["title"], + "feed_id" => $line["feed_id"], + ); + + if ($show_except) $headline_row["excerpt"] = $line["content_preview"]; + + array_push($headlines, $headline_row); + } + + print json_encode($headlines); + + break; + } + + db_close($link); + +?> -- cgit v1.2.3 From 730c97c7f32b135223c06d12fef3c3f054d48200 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 13:03:12 +0300 Subject: api: add getArticle --- api/index.php | 44 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 42 insertions(+), 2 deletions(-) diff --git a/api/index.php b/api/index.php index ce30b28f1..3bb83e1b5 100644 --- a/api/index.php +++ b/api/index.php @@ -115,6 +115,8 @@ break; case "getCategories": + $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]); + $result = db_query($link, "SELECT id, title FROM ttrss_feed_categories WHERE owner_uid = " . @@ -124,8 +126,11 @@ while ($line = db_fetch_assoc($result)) { $unread = getFeedUnread($link, $line["id"], true); - array_push($cats, array($line["id"] => - array("title" => $line["title"], "unread" => $unread))); + + if ($unread || !$unread_only) { + array_push($cats, array($line["id"] => + array("title" => $line["title"], "unread" => $unread))); + } } print json_encode($cats); @@ -172,6 +177,41 @@ print json_encode($headlines); + break; + case "getArticle": + + $article_id = (int)db_escape_string($_REQUEST["article_id"]); + + $query = "SELECT title,link,content,feed_id,comments,int_id, + marked,unread, + ".SUBSTRING_FOR_DATE."(updated,1,16) as updated, + author + FROM ttrss_entries,ttrss_user_entries + WHERE id = '$article_id' AND ref_id = id AND owner_uid = " . + $_SESSION["uid"] ; + + $result = db_query($link, $query); + + $article = array(); + + if (db_num_rows($result) != 0) { + $line = db_fetch_assoc($result); + + $article = array( + "title" => $line["title"], + "link" => $line["link"], + "unread" => sql_bool_to_bool($line["unread"]), + "marked" => sql_bool_to_bool($line["marked"]), + "comments" => $line["comments"], + "author" => $line["author"], + "updated" => strtotime($line["updated"]), + "content" => $line["content"], + "feed_id" => $line["feed_id"], + ); + } + + print json_encode($article); + break; } -- cgit v1.2.3 From 03e5f9eb02d7f4f7144a0829968a7e087269ee05 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 13:07:02 +0300 Subject: api: add getUnread --- api/index.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/api/index.php b/api/index.php index 3bb83e1b5..b0a084ce1 100644 --- a/api/index.php +++ b/api/index.php @@ -73,6 +73,16 @@ case "isLoggedIn": print json_encode(array("status" => $_SESSION["uid"] != '')); break; + case "getUnread": + $feed_id = db_escape_string($_REQUEST["feed_id"]); + $is_cat = db_escape_string($_REQUEST["is_cat"]); + + if ($feed_id) { + print json_encode(array("unread" => getFeedUnread($link, $feed_id, $is_cat))); + } else { + print json_encode(array("unread" => getGlobalUnread($link))); + } + break; case "getFeeds": $cat_id = db_escape_string($_REQUEST["cat_id"]); $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]); -- cgit v1.2.3 From 1c3fffbbc7f96574f9aba876ec5a21ae78fff73b Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 13:29:16 +0300 Subject: api: add updateArticle --- api/index.php | 48 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/api/index.php b/api/index.php index b0a084ce1..789bfca31 100644 --- a/api/index.php +++ b/api/index.php @@ -188,12 +188,57 @@ print json_encode($headlines); break; + case "updateArticle": + $article_id = (int) db_escape_string($_GET["article_id"]); + $mode = (int) db_escape_string($_REQUEST["mode"]); + $field_raw = (int)db_escape_string($_REQUEST["field"]); + + $field = ""; + $set_to = ""; + + switch ($field_raw) { + case 0: + $field = "marked"; + break; + case 1: + $field = "published"; + break; + case 2: + $field = "unread"; + break; + }; + + switch ($mode) { + case 1: + $set_to = "true"; + break; + case 0: + $set_to = "false"; + break; + case 2: + $set_to = "NOT $field"; + break; + } + + if ($field && $set_to) { + if ($field == "unread") { + $result = db_query($link, "UPDATE ttrss_user_entries SET $field = $set_to, + last_read = NOW() + WHERE ref_id = '$article_id' AND owner_uid = " . $_SESSION["uid"]); + } else { + $result = db_query($link, "UPDATE ttrss_user_entries SET $field = $set_to + WHERE ref_id = '$article_id' AND owner_uid = " . $_SESSION["uid"]); + } + } + + break; + case "getArticle": $article_id = (int)db_escape_string($_REQUEST["article_id"]); $query = "SELECT title,link,content,feed_id,comments,int_id, - marked,unread, + marked,unread,published, ".SUBSTRING_FOR_DATE."(updated,1,16) as updated, author FROM ttrss_entries,ttrss_user_entries @@ -212,6 +257,7 @@ "link" => $line["link"], "unread" => sql_bool_to_bool($line["unread"]), "marked" => sql_bool_to_bool($line["marked"]), + "published" => sql_bool_to_bool($line["published"]), "comments" => $line["comments"], "author" => $line["author"], "updated" => strtotime($line["updated"]), -- cgit v1.2.3 From 7e2b7e461a6504b014cc648332e8462ee698eef5 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 14:08:11 +0300 Subject: api: show virtual feeds in getFeeds --- api/index.php | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/api/index.php b/api/index.php index 789bfca31..f0f7aa202 100644 --- a/api/index.php +++ b/api/index.php @@ -108,7 +108,7 @@ if ($unread || !$unread_only) { - $line_struct = array( + $row = array( "feed_url" => $line["feed_url"], "title" => $line["title"], "id" => (int)$line["id"], @@ -117,7 +117,28 @@ "last_updated" => strtotime($line["last_updated"]) ); - array_push($feeds, $line_struct); + array_push($feeds, $row); + } + } + + if (!$cat_id || $cat_id == -1) { + $counters = getLabelCounters($link, false, true); + + foreach (array_keys($counters) as $id) { + + $unread = $counters[$id]["counter"]; + + if ($unread || !$unread_only) { + + $row = array( + "id" => $id, + "title" => $counters[$id]["description"], + "unread" => $counters[$id]["counter"], + "cat_id" => -1, + ); + + array_push($feeds, $row); + } } } -- cgit v1.2.3 From 53aff642cabbe5d72f0395f48e77121111e314ff Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 14:16:56 +0300 Subject: api: show virtual feeds in getFeeds (fixes) --- api/index.php | 28 ++++++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/api/index.php b/api/index.php index f0f7aa202..6cae30871 100644 --- a/api/index.php +++ b/api/index.php @@ -121,7 +121,9 @@ } } - if (!$cat_id || $cat_id == -1) { + /* Labels */ + + if (!$cat_id || $cat_id == -2) { $counters = getLabelCounters($link, false, true); foreach (array_keys($counters) as $id) { @@ -134,7 +136,7 @@ "id" => $id, "title" => $counters[$id]["description"], "unread" => $counters[$id]["counter"], - "cat_id" => -1, + "cat_id" => -2, ); array_push($feeds, $row); @@ -142,6 +144,27 @@ } } + /* Virtual feeds */ + + if (!$cat_id || $cat_id == -1) { + foreach (array(-1, -2, -3, -4) as $i) { + $unread = getFeedUnread($link, $i); + + if ($unread || !$unread_only) { + $title = getFeedTitle($link, $i); + + $row = array( + "id" => $i, + "title" => $title, + "unread" => $unread, + "cat_id" => -1, + ); + array_push($feeds, $row); + } + + } + } + print json_encode($feeds); break; @@ -276,6 +299,7 @@ $article = array( "title" => $line["title"], "link" => $line["link"], + "labels" => get_article_labels($link, $article_id), "unread" => sql_bool_to_bool($line["unread"]), "marked" => sql_bool_to_bool($line["marked"]), "published" => sql_bool_to_bool($line["published"]), -- cgit v1.2.3 From f1c2b672271642b2d008de35910813896dd092af Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 14:22:01 +0300 Subject: api: getCategories - output format tweak --- api/index.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/api/index.php b/api/index.php index 6cae30871..ff8c70f58 100644 --- a/api/index.php +++ b/api/index.php @@ -182,8 +182,9 @@ $unread = getFeedUnread($link, $line["id"], true); if ($unread || !$unread_only) { - array_push($cats, array($line["id"] => - array("title" => $line["title"], "unread" => $unread))); + array_push($cats, array("id" => $line["id"], + "title" => $line["title"], + "unread" => $unread)); } } -- cgit v1.2.3 From f5a5bae4633272d2adbdcdffb57db23df108c3e7 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 14:36:37 +0300 Subject: enable prefs cache in single user mode --- db-prefs.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db-prefs.php b/db-prefs.php index f9b57e6b1..659035e15 100644 --- a/db-prefs.php +++ b/db-prefs.php @@ -2,7 +2,7 @@ require_once "config.php"; require_once "db.php"; - if (!defined('DISABLE_SESSIONS') && !SINGLE_USER_MODE) { + if (!defined('DISABLE_SESSIONS')) { if (!$_SESSION["prefs_cache"]) $_SESSION["prefs_cache"] = array(); } -- cgit v1.2.3 From 3a216db45c510f2601fcdb3b879e2e20dce63dd5 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 14:36:59 +0300 Subject: add per-user option to enable access to API --- api/index.php | 7 +++---- localized_schema.php | 1 + sanity_check.php | 2 +- schema/ttrss_schema_mysql.sql | 4 +++- schema/ttrss_schema_pgsql.sql | 4 +++- schema/versions/mysql/58.sql | 7 +++++++ schema/versions/pgsql/58.sql | 7 +++++++ 7 files changed, 25 insertions(+), 7 deletions(-) create mode 100644 schema/versions/mysql/58.sql create mode 100644 schema/versions/pgsql/58.sql diff --git a/api/index.php b/api/index.php index ff8c70f58..90ca5405c 100644 --- a/api/index.php +++ b/api/index.php @@ -44,11 +44,10 @@ return; } -/* TODO: add pref key to disable/enable API - if ($_SESSION["uid"] && !get_pref($link, 'API_ENABLED')) { + if ($_SESSION["uid"] && $op != "logout" && !get_pref($link, 'ENABLE_API_ACCESS')) { print json_encode(array("error" => 'API_DISABLED')); return; - } */ + } switch ($op) { case "getVersion": @@ -62,7 +61,7 @@ if (authenticate_user($link, $login, $password)) { print json_encode(array("uid" => $_SESSION["uid"])); } else { - print json_encode(array("uid" => 0)); + print json_encode(array("error" => "LOGIN_ERROR")); } break; diff --git a/localized_schema.php b/localized_schema.php index 35fb6dc0c..8d827d1dc 100644 --- a/localized_schema.php +++ b/localized_schema.php @@ -81,5 +81,6 @@ __("Enable inline MP3 player"); __("Enable the Flash-based XSPF Player to play MP3-format podcast enclosures."); __("Do not show images in articles"); + __("Enable external API"); ?> diff --git a/sanity_check.php b/sanity_check.php index 600f8d9f4..55df98141 100644 --- a/sanity_check.php +++ b/sanity_check.php @@ -2,7 +2,7 @@ require_once "functions.php"; define('EXPECTED_CONFIG_VERSION', 18); - define('SCHEMA_VERSION', 57); + define('SCHEMA_VERSION', 58); if (!file_exists("config.php")) { print "Fatal Error: You forgot to copy diff --git a/schema/ttrss_schema_mysql.sql b/schema/ttrss_schema_mysql.sql index d3c8b5f15..04c601fae 100644 --- a/schema/ttrss_schema_mysql.sql +++ b/schema/ttrss_schema_mysql.sql @@ -226,7 +226,7 @@ create table ttrss_tags (id integer primary key auto_increment, create table ttrss_version (schema_version int not null) TYPE=InnoDB; -insert into ttrss_version values (57); +insert into ttrss_version values (58); create table ttrss_enclosures (id serial not null primary key, content_url text not null, @@ -359,6 +359,8 @@ insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) valu insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id,help_text) values('ENABLE_OFFLINE_READING', 1, 'false', 'Enable offline reading',1, 'Synchronize new articles for offline reading using Google Gears.'); +insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) values('ENABLE_API_ACCESS', 1, 'false', 'Enable external API', 3); + create table ttrss_user_prefs ( owner_uid integer not null, pref_name varchar(250), diff --git a/schema/ttrss_schema_pgsql.sql b/schema/ttrss_schema_pgsql.sql index 61ffcb10a..b2458d4ba 100644 --- a/schema/ttrss_schema_pgsql.sql +++ b/schema/ttrss_schema_pgsql.sql @@ -202,7 +202,7 @@ create index ttrss_tags_owner_uid_index on ttrss_tags(owner_uid); create table ttrss_version (schema_version int not null); -insert into ttrss_version values (57); +insert into ttrss_version values (58); create table ttrss_enclosures (id serial not null primary key, content_url text not null, @@ -329,6 +329,8 @@ insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) valu insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id,help_text) values('ENABLE_OFFLINE_READING', 1, 'false', 'Enable offline reading',1, 'Synchronize new articles for offline reading using Google Gears.'); +insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) values('ENABLE_API_ACCESS', 1, 'false', 'Enable external API', 3); + create table ttrss_user_prefs ( owner_uid integer not null references ttrss_users(id) ON DELETE CASCADE, pref_name varchar(250) not null references ttrss_prefs(pref_name) ON DELETE CASCADE, diff --git a/schema/versions/mysql/58.sql b/schema/versions/mysql/58.sql new file mode 100644 index 000000000..61173c1d5 --- /dev/null +++ b/schema/versions/mysql/58.sql @@ -0,0 +1,7 @@ +begin; + +insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) values('ENABLE_API_ACCESS', 1, 'false', 'Enable external API', 3); + +update ttrss_version set schema_version = 58; + +commit; diff --git a/schema/versions/pgsql/58.sql b/schema/versions/pgsql/58.sql new file mode 100644 index 000000000..61173c1d5 --- /dev/null +++ b/schema/versions/pgsql/58.sql @@ -0,0 +1,7 @@ +begin; + +insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) values('ENABLE_API_ACCESS', 1, 'false', 'Enable external API', 3); + +update ttrss_version set schema_version = 58; + +commit; -- cgit v1.2.3 From 4cdd0d7ca35a37394811df817de7372daec4b2cd Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 14:49:33 +0300 Subject: api: forbid login when api is disabled --- api/index.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/api/index.php b/api/index.php index 90ca5405c..332e84f5a 100644 --- a/api/index.php +++ b/api/index.php @@ -58,10 +58,15 @@ $login = db_escape_string($_REQUEST["user"]); $password = db_escape_string($_REQUEST["password"]); - if (authenticate_user($link, $login, $password)) { - print json_encode(array("uid" => $_SESSION["uid"])); + if (get_pref($link, "ENABLE_API_ACCESS", $login)) { + if (authenticate_user($link, $login, $password)) { + print json_encode(array("uid" => $_SESSION["uid"])); + } else { + print json_encode(array("error" => "LOGIN_ERROR")); + } } else { - print json_encode(array("error" => "LOGIN_ERROR")); + logout_user(); + print json_encode(array("error" => "API_DISABLED")); } break; -- cgit v1.2.3 From 2bebdd344b7259738c2d424572d202482d92e6f1 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 14:56:46 +0300 Subject: api: forbid login when api is disabled (fixed) --- api/index.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/api/index.php b/api/index.php index 332e84f5a..8d7e1db96 100644 --- a/api/index.php +++ b/api/index.php @@ -58,14 +58,21 @@ $login = db_escape_string($_REQUEST["user"]); $password = db_escape_string($_REQUEST["password"]); - if (get_pref($link, "ENABLE_API_ACCESS", $login)) { + $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'"); + + if (db_num_rows($result) != 0) { + $uid = db_fetch_result($result, 0, "id"); + } else { + $uid = 0; + } + + if (get_pref($link, "ENABLE_API_ACCESS", $uid)) { if (authenticate_user($link, $login, $password)) { print json_encode(array("uid" => $_SESSION["uid"])); } else { print json_encode(array("error" => "LOGIN_ERROR")); } } else { - logout_user(); print json_encode(array("error" => "API_DISABLED")); } -- cgit v1.2.3 From 7c6d05cda4536c752d244f8a4f9495cef5defa0f Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 15:04:24 +0300 Subject: api: add getConfig --- api/index.php | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/api/index.php b/api/index.php index 8d7e1db96..be2661285 100644 --- a/api/index.php +++ b/api/index.php @@ -325,6 +325,26 @@ print json_encode($article); + break; + case "getConfig": + $config = array( + "icons_dir" => ICONS_DIR, + "icons_url" => ICONS_URL); + + if (ENABLE_UPDATE_DAEMON) { + $config["daemon_is_running"] = file_is_locked("update_daemon.lock"); + } + + $result = db_query($link, "SELECT COUNT(*) AS cf FROM + ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]); + + $num_feeds = db_fetch_result($result, 0, "cf"); + + $config["num_feeds"] = (int)$num_feeds; + + print json_encode($config); + + break; } -- cgit v1.2.3 From 4d557a13c27b113e64bf64087a8bfa63cd3ad234 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 15:06:59 +0300 Subject: api: add getPref --- api/index.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/api/index.php b/api/index.php index be2661285..fd22f4b8b 100644 --- a/api/index.php +++ b/api/index.php @@ -344,7 +344,11 @@ print json_encode($config); + break; + case "getPref": + $pref_name = db_escape_string($_REQUEST["pref_name"]); + print json_encode(array("value" => get_pref($link, $pref_name))); break; } -- cgit v1.2.3 From f11f79d792a70196c44dadeb4247ae5b4164c491 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 15:09:11 +0300 Subject: api: remove global config parameter lock --- api/index.php | 5 ----- 1 file changed, 5 deletions(-) diff --git a/api/index.php b/api/index.php index fd22f4b8b..193fcb3ef 100644 --- a/api/index.php +++ b/api/index.php @@ -13,11 +13,6 @@ require_once "../db-prefs.php"; require_once "../functions.php"; - if (!defined('_JSON_API_ENABLED')) { - print json_encode(array("error" => "API_DISABLED")); - return; - } - $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); $session_expire = SESSION_EXPIRE_TIME; //seconds -- cgit v1.2.3 From 7af0309b7b2c581573fa90ff345d08928b1eba69 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 16 Dec 2009 15:10:41 +0300 Subject: api: remove global config parameter lock (2) --- api/index.php | 6 ------ 1 file changed, 6 deletions(-) diff --git a/api/index.php b/api/index.php index 193fcb3ef..1b263daa1 100644 --- a/api/index.php +++ b/api/index.php @@ -1,10 +1,4 @@