From 3306daecf4450555961490c11e70e7cf7fe7b86e Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Thu, 11 Apr 2013 19:12:00 +0400 Subject: implement upload-related support for open_basedir --- classes/opml.php | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) (limited to 'classes/opml.php') diff --git a/classes/opml.php b/classes/opml.php index 7a49f757c..2ecae4237 100644 --- a/classes/opml.php +++ b/classes/opml.php @@ -461,11 +461,35 @@ class Opml extends Handler_Protected { # if ($debug) $doc = DOMDocument::load("/tmp/test.opml"); - if (is_file($_FILES['opml_file']['tmp_name'])) { + if ($_FILES['opml_file']['error'] != 0) { + print_error(T_sprintf("Upload failed with error code %d", + $_FILES['opml_file']['error'])); + return; + } + + $tmp_file = false; + + if (is_uploaded_file($_FILES['opml_file']['tmp_name'])) { + $tmp_file = tempnam(CACHE_DIR . '/upload', 'opml'); + + $result = move_uploaded_file($_FILES['opml_file']['tmp_name'], + $tmp_file); + + if (!$result) { + print_error(__("Unable to move uploaded file.")); + return; + } + } else { + print_error(__('Error: please upload OPML file.')); + return; + } + + if (is_file($tmp_file)) { $doc = new DOMDocument(); - $doc->load($_FILES['opml_file']['tmp_name']); + $doc->load($tmp_file); + unlink($tmp_file); } else if (!$doc) { - print_error(__('Error: please upload OPML file.')); + print_error(__('Error: unable to find moved OPML file.')); return; } -- cgit v1.2.3 From 6322ac79a020ab584d412d782d62b2ee77d7c6cf Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 17 Apr 2013 16:23:15 +0400 Subject: remove $link --- classes/opml.php | 102 +++++++++++++++++++++++++++---------------------------- 1 file changed, 51 insertions(+), 51 deletions(-) (limited to 'classes/opml.php') diff --git a/classes/opml.php b/classes/opml.php index 2ecae4237..a800880e4 100644 --- a/classes/opml.php +++ b/classes/opml.php @@ -32,7 +32,7 @@ class Opml extends Handler_Protected {

".__('OPML Utility')."

"; - add_feed_category($this->link, "Imported feeds"); + add_feed_category( "Imported feeds"); $this->opml_notice(__("Importing OPML...")); $this->opml_import($owner_uid); @@ -66,14 +66,14 @@ class Opml extends Handler_Protected { $out = ""; if ($cat_id) { - $result = db_query($this->link, "SELECT title FROM ttrss_feed_categories WHERE id = '$cat_id' + $result = db_query( "SELECT title FROM ttrss_feed_categories WHERE id = '$cat_id' AND owner_uid = '$owner_uid'"); $cat_title = htmlspecialchars(db_fetch_result($result, 0, "title")); } if ($cat_title) $out .= "\n"; - $result = db_query($this->link, "SELECT id,title + $result = db_query( "SELECT id,title FROM ttrss_feed_categories WHERE $cat_qpart AND owner_uid = '$owner_uid' ORDER BY order_id, title"); @@ -82,7 +82,7 @@ class Opml extends Handler_Protected { $out .= $this->opml_export_category($owner_uid, $line["id"], $hide_private_feeds); } - $feeds_result = db_query($this->link, "select title, feed_url, site_url + $feeds_result = db_query( "select title, feed_url, site_url from ttrss_feeds where $feed_cat_qpart AND owner_uid = '$owner_uid' AND $hide_qpart order by order_id, title"); @@ -131,7 +131,7 @@ class Opml extends Handler_Protected { if ($include_settings) { $out .= ""; - $result = db_query($this->link, "SELECT pref_name, value FROM ttrss_user_prefs WHERE + $result = db_query( "SELECT pref_name, value FROM ttrss_user_prefs WHERE profile IS NULL AND owner_uid = " . $_SESSION["uid"] . " ORDER BY pref_name"); while ($line = db_fetch_assoc($result)) { @@ -145,7 +145,7 @@ class Opml extends Handler_Protected { $out .= ""; - $result = db_query($this->link, "SELECT * FROM ttrss_labels2 WHERE + $result = db_query( "SELECT * FROM ttrss_labels2 WHERE owner_uid = " . $_SESSION['uid']); while ($line = db_fetch_assoc($result)) { @@ -161,7 +161,7 @@ class Opml extends Handler_Protected { $out .= ""; - $result = db_query($this->link, "SELECT * FROM ttrss_filters2 + $result = db_query( "SELECT * FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY id"); while ($line = db_fetch_assoc($result)) { @@ -172,7 +172,7 @@ class Opml extends Handler_Protected { $line["rules"] = array(); $line["actions"] = array(); - $tmp_result = db_query($this->link, "SELECT * FROM ttrss_filters2_rules + $tmp_result = db_query( "SELECT * FROM ttrss_filters2_rules WHERE filter_id = ".$line["id"]); while ($tmp_line = db_fetch_assoc($tmp_result)) { @@ -182,7 +182,7 @@ class Opml extends Handler_Protected { $cat_filter = sql_bool_to_bool($tmp_line["cat_filter"]); if ($cat_filter && $tmp_line["cat_id"] || $tmp_line["feed_id"]) { - $tmp_line["feed"] = getFeedTitle($this->link, + $tmp_line["feed"] = getFeedTitle( $cat_filter ? $tmp_line["cat_id"] : $tmp_line["feed_id"], $cat_filter); } else { @@ -197,7 +197,7 @@ class Opml extends Handler_Protected { array_push($line["rules"], $tmp_line); } - $tmp_result = db_query($this->link, "SELECT * FROM ttrss_filters2_actions + $tmp_result = db_query( "SELECT * FROM ttrss_filters2_actions WHERE filter_id = ".$line["id"]); while ($tmp_line = db_fetch_assoc($tmp_result)) { @@ -253,16 +253,16 @@ class Opml extends Handler_Protected { private function opml_import_feed($doc, $node, $cat_id, $owner_uid) { $attrs = $node->attributes; - $feed_title = db_escape_string($this->link, mb_substr($attrs->getNamedItem('text')->nodeValue, 0, 250)); - if (!$feed_title) $feed_title = db_escape_string($this->link, mb_substr($attrs->getNamedItem('title')->nodeValue, 0, 250)); + $feed_title = db_escape_string( mb_substr($attrs->getNamedItem('text')->nodeValue, 0, 250)); + if (!$feed_title) $feed_title = db_escape_string( mb_substr($attrs->getNamedItem('title')->nodeValue, 0, 250)); - $feed_url = db_escape_string($this->link, mb_substr($attrs->getNamedItem('xmlUrl')->nodeValue, 0, 250)); - if (!$feed_url) $feed_url = db_escape_string($this->link, mb_substr($attrs->getNamedItem('xmlURL')->nodeValue, 0, 250)); + $feed_url = db_escape_string( mb_substr($attrs->getNamedItem('xmlUrl')->nodeValue, 0, 250)); + if (!$feed_url) $feed_url = db_escape_string( mb_substr($attrs->getNamedItem('xmlURL')->nodeValue, 0, 250)); - $site_url = db_escape_string($this->link, mb_substr($attrs->getNamedItem('htmlUrl')->nodeValue, 0, 250)); + $site_url = db_escape_string( mb_substr($attrs->getNamedItem('htmlUrl')->nodeValue, 0, 250)); if ($feed_url && $feed_title) { - $result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE + $result = db_query( "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = '$owner_uid'"); if (db_num_rows($result) == 0) { @@ -275,7 +275,7 @@ class Opml extends Handler_Protected { (title, feed_url, owner_uid, cat_id, site_url, order_id) VALUES ('$feed_title', '$feed_url', '$owner_uid', $cat_id, '$site_url', 0)"; - db_query($this->link, $query); + db_query( $query); } else { $this->opml_notice(T_sprintf("Duplicate feed: %s", $feed_title)); @@ -285,15 +285,15 @@ class Opml extends Handler_Protected { private function opml_import_label($doc, $node, $owner_uid) { $attrs = $node->attributes; - $label_name = db_escape_string($this->link, $attrs->getNamedItem('label-name')->nodeValue); + $label_name = db_escape_string( $attrs->getNamedItem('label-name')->nodeValue); if ($label_name) { - $fg_color = db_escape_string($this->link, $attrs->getNamedItem('label-fg-color')->nodeValue); - $bg_color = db_escape_string($this->link, $attrs->getNamedItem('label-bg-color')->nodeValue); + $fg_color = db_escape_string( $attrs->getNamedItem('label-fg-color')->nodeValue); + $bg_color = db_escape_string( $attrs->getNamedItem('label-bg-color')->nodeValue); - if (!label_find_id($this->link, $label_name, $_SESSION['uid'])) { + if (!label_find_id( $label_name, $_SESSION['uid'])) { $this->opml_notice(T_sprintf("Adding label %s", htmlspecialchars($label_name))); - label_create($this->link, $label_name, $fg_color, $bg_color, $owner_uid); + label_create( $label_name, $fg_color, $bg_color, $owner_uid); } else { $this->opml_notice(T_sprintf("Duplicate label: %s", htmlspecialchars($label_name))); } @@ -302,22 +302,22 @@ class Opml extends Handler_Protected { private function opml_import_preference($doc, $node, $owner_uid) { $attrs = $node->attributes; - $pref_name = db_escape_string($this->link, $attrs->getNamedItem('pref-name')->nodeValue); + $pref_name = db_escape_string( $attrs->getNamedItem('pref-name')->nodeValue); if ($pref_name) { - $pref_value = db_escape_string($this->link, $attrs->getNamedItem('value')->nodeValue); + $pref_value = db_escape_string( $attrs->getNamedItem('value')->nodeValue); $this->opml_notice(T_sprintf("Setting preference key %s to %s", $pref_name, $pref_value)); - set_pref($this->link, $pref_name, $pref_value); + set_pref( $pref_name, $pref_value); } } private function opml_import_filter($doc, $node, $owner_uid) { $attrs = $node->attributes; - $filter_type = db_escape_string($this->link, $attrs->getNamedItem('filter-type')->nodeValue); + $filter_type = db_escape_string( $attrs->getNamedItem('filter-type')->nodeValue); if ($filter_type == '2') { $filter = json_decode($node->nodeValue, true); @@ -326,12 +326,12 @@ class Opml extends Handler_Protected { $match_any_rule = bool_to_sql_bool($filter["match_any_rule"]); $enabled = bool_to_sql_bool($filter["enabled"]); - db_query($this->link, "BEGIN"); + db_query( "BEGIN"); - db_query($this->link, "INSERT INTO ttrss_filters2 (match_any_rule,enabled,owner_uid) + db_query( "INSERT INTO ttrss_filters2 (match_any_rule,enabled,owner_uid) VALUES ($match_any_rule, $enabled,".$_SESSION["uid"].")"); - $result = db_query($this->link, "SELECT MAX(id) AS id FROM ttrss_filters2 WHERE + $result = db_query( "SELECT MAX(id) AS id FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"]); $filter_id = db_fetch_result($result, 0, "id"); @@ -343,14 +343,14 @@ class Opml extends Handler_Protected { $cat_id = "NULL"; if (!$rule["cat_filter"]) { - $tmp_result = db_query($this->link, "SELECT id FROM ttrss_feeds - WHERE title = '".db_escape_string($this->link, $rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); + $tmp_result = db_query( "SELECT id FROM ttrss_feeds + WHERE title = '".db_escape_string( $rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); if (db_num_rows($tmp_result) > 0) { $feed_id = db_fetch_result($tmp_result, 0, "id"); } } else { - $tmp_result = db_query($this->link, "SELECT id FROM ttrss_feed_categories - WHERE title = '".db_escape_string($this->link, $rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); + $tmp_result = db_query( "SELECT id FROM ttrss_feed_categories + WHERE title = '".db_escape_string( $rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); if (db_num_rows($tmp_result) > 0) { $cat_id = db_fetch_result($tmp_result, 0, "id"); @@ -358,24 +358,24 @@ class Opml extends Handler_Protected { } $cat_filter = bool_to_sql_bool($rule["cat_filter"]); - $reg_exp = db_escape_string($this->link, $rule["reg_exp"]); + $reg_exp = db_escape_string( $rule["reg_exp"]); $filter_type = (int)$rule["filter_type"]; - db_query($this->link, "INSERT INTO ttrss_filters2_rules (feed_id,cat_id,filter_id,filter_type,reg_exp,cat_filter) + db_query( "INSERT INTO ttrss_filters2_rules (feed_id,cat_id,filter_id,filter_type,reg_exp,cat_filter) VALUES ($feed_id, $cat_id, $filter_id, $filter_type, '$reg_exp', $cat_filter)"); } foreach ($filter["actions"] as $action) { $action_id = (int)$action["action_id"]; - $action_param = db_escape_string($this->link, $action["action_param"]); + $action_param = db_escape_string( $action["action_param"]); - db_query($this->link, "INSERT INTO ttrss_filters2_actions (filter_id,action_id,action_param) + db_query( "INSERT INTO ttrss_filters2_actions (filter_id,action_id,action_param) VALUES ($filter_id, $action_id, '$action_param')"); } } - db_query($this->link, "COMMIT"); + db_query( "COMMIT"); } } } @@ -383,22 +383,22 @@ class Opml extends Handler_Protected { private function opml_import_category($doc, $root_node, $owner_uid, $parent_id) { $body = $doc->getElementsByTagName('body'); - $default_cat_id = (int) get_feed_category($this->link, 'Imported feeds', false); + $default_cat_id = (int) get_feed_category( 'Imported feeds', false); if ($root_node) { - $cat_title = db_escape_string($this->link, mb_substr($root_node->attributes->getNamedItem('text')->nodeValue, 0, 250)); + $cat_title = db_escape_string( mb_substr($root_node->attributes->getNamedItem('text')->nodeValue, 0, 250)); if (!$cat_title) - $cat_title = db_escape_string($this->link, mb_substr($root_node->attributes->getNamedItem('title')->nodeValue, 0, 250)); + $cat_title = db_escape_string( mb_substr($root_node->attributes->getNamedItem('title')->nodeValue, 0, 250)); if (!in_array($cat_title, array("tt-rss-filters", "tt-rss-labels", "tt-rss-prefs"))) { - $cat_id = get_feed_category($this->link, $cat_title, $parent_id); - db_query($this->link, "BEGIN"); + $cat_id = get_feed_category( $cat_title, $parent_id); + db_query( "BEGIN"); if ($cat_id === false) { - add_feed_category($this->link, $cat_title, $parent_id); - $cat_id = get_feed_category($this->link, $cat_title, $parent_id); + add_feed_category( $cat_title, $parent_id); + $cat_id = get_feed_category( $cat_title, $parent_id); } - db_query($this->link, "COMMIT"); + db_query( "COMMIT"); } else { $cat_id = 0; } @@ -418,12 +418,12 @@ class Opml extends Handler_Protected { foreach ($outlines as $node) { if ($node->hasAttributes() && strtolower($node->tagName) == "outline") { $attrs = $node->attributes; - $node_cat_title = db_escape_string($this->link, $attrs->getNamedItem('text')->nodeValue); + $node_cat_title = db_escape_string( $attrs->getNamedItem('text')->nodeValue); if (!$node_cat_title) - $node_cat_title = db_escape_string($this->link, $attrs->getNamedItem('title')->nodeValue); + $node_cat_title = db_escape_string( $attrs->getNamedItem('title')->nodeValue); - $node_feed_url = db_escape_string($this->link, $attrs->getNamedItem('xmlUrl')->nodeValue); + $node_feed_url = db_escape_string( $attrs->getNamedItem('xmlUrl')->nodeValue); if ($node_cat_title && !$node_feed_url) { $this->opml_import_category($doc, $node, $owner_uid, $cat_id); @@ -504,11 +504,11 @@ class Opml extends Handler_Protected { print "$msg
"; } - static function opml_publish_url($link){ + static function opml_publish_url(){ $url_path = get_self_url_prefix(); $url_path .= "/opml.php?op=publish&key=" . - get_feed_access_key($link, 'OPML:Publish', false, $_SESSION["uid"]); + get_feed_access_key( 'OPML:Publish', false, $_SESSION["uid"]); return $url_path; } -- cgit v1.2.3 From a42c55f02b7e313ab61bf826794d0888f2dceae1 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 17 Apr 2013 18:34:18 +0400 Subject: fix blank character after opening bracket in function calls --- classes/opml.php | 98 ++++++++++++++++++++++++++++---------------------------- 1 file changed, 49 insertions(+), 49 deletions(-) (limited to 'classes/opml.php') diff --git a/classes/opml.php b/classes/opml.php index a800880e4..986386378 100644 --- a/classes/opml.php +++ b/classes/opml.php @@ -32,7 +32,7 @@ class Opml extends Handler_Protected {

".__('OPML Utility')."

"; - add_feed_category( "Imported feeds"); + add_feed_category("Imported feeds"); $this->opml_notice(__("Importing OPML...")); $this->opml_import($owner_uid); @@ -66,14 +66,14 @@ class Opml extends Handler_Protected { $out = ""; if ($cat_id) { - $result = db_query( "SELECT title FROM ttrss_feed_categories WHERE id = '$cat_id' + $result = db_query("SELECT title FROM ttrss_feed_categories WHERE id = '$cat_id' AND owner_uid = '$owner_uid'"); $cat_title = htmlspecialchars(db_fetch_result($result, 0, "title")); } if ($cat_title) $out .= "\n"; - $result = db_query( "SELECT id,title + $result = db_query("SELECT id,title FROM ttrss_feed_categories WHERE $cat_qpart AND owner_uid = '$owner_uid' ORDER BY order_id, title"); @@ -82,7 +82,7 @@ class Opml extends Handler_Protected { $out .= $this->opml_export_category($owner_uid, $line["id"], $hide_private_feeds); } - $feeds_result = db_query( "select title, feed_url, site_url + $feeds_result = db_query("select title, feed_url, site_url from ttrss_feeds where $feed_cat_qpart AND owner_uid = '$owner_uid' AND $hide_qpart order by order_id, title"); @@ -131,7 +131,7 @@ class Opml extends Handler_Protected { if ($include_settings) { $out .= ""; - $result = db_query( "SELECT pref_name, value FROM ttrss_user_prefs WHERE + $result = db_query("SELECT pref_name, value FROM ttrss_user_prefs WHERE profile IS NULL AND owner_uid = " . $_SESSION["uid"] . " ORDER BY pref_name"); while ($line = db_fetch_assoc($result)) { @@ -145,7 +145,7 @@ class Opml extends Handler_Protected { $out .= ""; - $result = db_query( "SELECT * FROM ttrss_labels2 WHERE + $result = db_query("SELECT * FROM ttrss_labels2 WHERE owner_uid = " . $_SESSION['uid']); while ($line = db_fetch_assoc($result)) { @@ -161,7 +161,7 @@ class Opml extends Handler_Protected { $out .= ""; - $result = db_query( "SELECT * FROM ttrss_filters2 + $result = db_query("SELECT * FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY id"); while ($line = db_fetch_assoc($result)) { @@ -172,7 +172,7 @@ class Opml extends Handler_Protected { $line["rules"] = array(); $line["actions"] = array(); - $tmp_result = db_query( "SELECT * FROM ttrss_filters2_rules + $tmp_result = db_query("SELECT * FROM ttrss_filters2_rules WHERE filter_id = ".$line["id"]); while ($tmp_line = db_fetch_assoc($tmp_result)) { @@ -197,7 +197,7 @@ class Opml extends Handler_Protected { array_push($line["rules"], $tmp_line); } - $tmp_result = db_query( "SELECT * FROM ttrss_filters2_actions + $tmp_result = db_query("SELECT * FROM ttrss_filters2_actions WHERE filter_id = ".$line["id"]); while ($tmp_line = db_fetch_assoc($tmp_result)) { @@ -253,16 +253,16 @@ class Opml extends Handler_Protected { private function opml_import_feed($doc, $node, $cat_id, $owner_uid) { $attrs = $node->attributes; - $feed_title = db_escape_string( mb_substr($attrs->getNamedItem('text')->nodeValue, 0, 250)); - if (!$feed_title) $feed_title = db_escape_string( mb_substr($attrs->getNamedItem('title')->nodeValue, 0, 250)); + $feed_title = db_escape_string(mb_substr($attrs->getNamedItem('text')->nodeValue, 0, 250)); + if (!$feed_title) $feed_title = db_escape_string(mb_substr($attrs->getNamedItem('title')->nodeValue, 0, 250)); - $feed_url = db_escape_string( mb_substr($attrs->getNamedItem('xmlUrl')->nodeValue, 0, 250)); - if (!$feed_url) $feed_url = db_escape_string( mb_substr($attrs->getNamedItem('xmlURL')->nodeValue, 0, 250)); + $feed_url = db_escape_string(mb_substr($attrs->getNamedItem('xmlUrl')->nodeValue, 0, 250)); + if (!$feed_url) $feed_url = db_escape_string(mb_substr($attrs->getNamedItem('xmlURL')->nodeValue, 0, 250)); - $site_url = db_escape_string( mb_substr($attrs->getNamedItem('htmlUrl')->nodeValue, 0, 250)); + $site_url = db_escape_string(mb_substr($attrs->getNamedItem('htmlUrl')->nodeValue, 0, 250)); if ($feed_url && $feed_title) { - $result = db_query( "SELECT id FROM ttrss_feeds WHERE + $result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = '$owner_uid'"); if (db_num_rows($result) == 0) { @@ -275,7 +275,7 @@ class Opml extends Handler_Protected { (title, feed_url, owner_uid, cat_id, site_url, order_id) VALUES ('$feed_title', '$feed_url', '$owner_uid', $cat_id, '$site_url', 0)"; - db_query( $query); + db_query($query); } else { $this->opml_notice(T_sprintf("Duplicate feed: %s", $feed_title)); @@ -285,15 +285,15 @@ class Opml extends Handler_Protected { private function opml_import_label($doc, $node, $owner_uid) { $attrs = $node->attributes; - $label_name = db_escape_string( $attrs->getNamedItem('label-name')->nodeValue); + $label_name = db_escape_string($attrs->getNamedItem('label-name')->nodeValue); if ($label_name) { - $fg_color = db_escape_string( $attrs->getNamedItem('label-fg-color')->nodeValue); - $bg_color = db_escape_string( $attrs->getNamedItem('label-bg-color')->nodeValue); + $fg_color = db_escape_string($attrs->getNamedItem('label-fg-color')->nodeValue); + $bg_color = db_escape_string($attrs->getNamedItem('label-bg-color')->nodeValue); - if (!label_find_id( $label_name, $_SESSION['uid'])) { + if (!label_find_id($label_name, $_SESSION['uid'])) { $this->opml_notice(T_sprintf("Adding label %s", htmlspecialchars($label_name))); - label_create( $label_name, $fg_color, $bg_color, $owner_uid); + label_create($label_name, $fg_color, $bg_color, $owner_uid); } else { $this->opml_notice(T_sprintf("Duplicate label: %s", htmlspecialchars($label_name))); } @@ -302,22 +302,22 @@ class Opml extends Handler_Protected { private function opml_import_preference($doc, $node, $owner_uid) { $attrs = $node->attributes; - $pref_name = db_escape_string( $attrs->getNamedItem('pref-name')->nodeValue); + $pref_name = db_escape_string($attrs->getNamedItem('pref-name')->nodeValue); if ($pref_name) { - $pref_value = db_escape_string( $attrs->getNamedItem('value')->nodeValue); + $pref_value = db_escape_string($attrs->getNamedItem('value')->nodeValue); $this->opml_notice(T_sprintf("Setting preference key %s to %s", $pref_name, $pref_value)); - set_pref( $pref_name, $pref_value); + set_pref($pref_name, $pref_value); } } private function opml_import_filter($doc, $node, $owner_uid) { $attrs = $node->attributes; - $filter_type = db_escape_string( $attrs->getNamedItem('filter-type')->nodeValue); + $filter_type = db_escape_string($attrs->getNamedItem('filter-type')->nodeValue); if ($filter_type == '2') { $filter = json_decode($node->nodeValue, true); @@ -326,12 +326,12 @@ class Opml extends Handler_Protected { $match_any_rule = bool_to_sql_bool($filter["match_any_rule"]); $enabled = bool_to_sql_bool($filter["enabled"]); - db_query( "BEGIN"); + db_query("BEGIN"); - db_query( "INSERT INTO ttrss_filters2 (match_any_rule,enabled,owner_uid) + db_query("INSERT INTO ttrss_filters2 (match_any_rule,enabled,owner_uid) VALUES ($match_any_rule, $enabled,".$_SESSION["uid"].")"); - $result = db_query( "SELECT MAX(id) AS id FROM ttrss_filters2 WHERE + $result = db_query("SELECT MAX(id) AS id FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"]); $filter_id = db_fetch_result($result, 0, "id"); @@ -343,14 +343,14 @@ class Opml extends Handler_Protected { $cat_id = "NULL"; if (!$rule["cat_filter"]) { - $tmp_result = db_query( "SELECT id FROM ttrss_feeds - WHERE title = '".db_escape_string( $rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); + $tmp_result = db_query("SELECT id FROM ttrss_feeds + WHERE title = '".db_escape_string($rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); if (db_num_rows($tmp_result) > 0) { $feed_id = db_fetch_result($tmp_result, 0, "id"); } } else { - $tmp_result = db_query( "SELECT id FROM ttrss_feed_categories - WHERE title = '".db_escape_string( $rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); + $tmp_result = db_query("SELECT id FROM ttrss_feed_categories + WHERE title = '".db_escape_string($rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); if (db_num_rows($tmp_result) > 0) { $cat_id = db_fetch_result($tmp_result, 0, "id"); @@ -358,24 +358,24 @@ class Opml extends Handler_Protected { } $cat_filter = bool_to_sql_bool($rule["cat_filter"]); - $reg_exp = db_escape_string( $rule["reg_exp"]); + $reg_exp = db_escape_string($rule["reg_exp"]); $filter_type = (int)$rule["filter_type"]; - db_query( "INSERT INTO ttrss_filters2_rules (feed_id,cat_id,filter_id,filter_type,reg_exp,cat_filter) + db_query("INSERT INTO ttrss_filters2_rules (feed_id,cat_id,filter_id,filter_type,reg_exp,cat_filter) VALUES ($feed_id, $cat_id, $filter_id, $filter_type, '$reg_exp', $cat_filter)"); } foreach ($filter["actions"] as $action) { $action_id = (int)$action["action_id"]; - $action_param = db_escape_string( $action["action_param"]); + $action_param = db_escape_string($action["action_param"]); - db_query( "INSERT INTO ttrss_filters2_actions (filter_id,action_id,action_param) + db_query("INSERT INTO ttrss_filters2_actions (filter_id,action_id,action_param) VALUES ($filter_id, $action_id, '$action_param')"); } } - db_query( "COMMIT"); + db_query("COMMIT"); } } } @@ -383,22 +383,22 @@ class Opml extends Handler_Protected { private function opml_import_category($doc, $root_node, $owner_uid, $parent_id) { $body = $doc->getElementsByTagName('body'); - $default_cat_id = (int) get_feed_category( 'Imported feeds', false); + $default_cat_id = (int) get_feed_category('Imported feeds', false); if ($root_node) { - $cat_title = db_escape_string( mb_substr($root_node->attributes->getNamedItem('text')->nodeValue, 0, 250)); + $cat_title = db_escape_string(mb_substr($root_node->attributes->getNamedItem('text')->nodeValue, 0, 250)); if (!$cat_title) - $cat_title = db_escape_string( mb_substr($root_node->attributes->getNamedItem('title')->nodeValue, 0, 250)); + $cat_title = db_escape_string(mb_substr($root_node->attributes->getNamedItem('title')->nodeValue, 0, 250)); if (!in_array($cat_title, array("tt-rss-filters", "tt-rss-labels", "tt-rss-prefs"))) { - $cat_id = get_feed_category( $cat_title, $parent_id); - db_query( "BEGIN"); + $cat_id = get_feed_category($cat_title, $parent_id); + db_query("BEGIN"); if ($cat_id === false) { - add_feed_category( $cat_title, $parent_id); - $cat_id = get_feed_category( $cat_title, $parent_id); + add_feed_category($cat_title, $parent_id); + $cat_id = get_feed_category($cat_title, $parent_id); } - db_query( "COMMIT"); + db_query("COMMIT"); } else { $cat_id = 0; } @@ -418,12 +418,12 @@ class Opml extends Handler_Protected { foreach ($outlines as $node) { if ($node->hasAttributes() && strtolower($node->tagName) == "outline") { $attrs = $node->attributes; - $node_cat_title = db_escape_string( $attrs->getNamedItem('text')->nodeValue); + $node_cat_title = db_escape_string($attrs->getNamedItem('text')->nodeValue); if (!$node_cat_title) - $node_cat_title = db_escape_string( $attrs->getNamedItem('title')->nodeValue); + $node_cat_title = db_escape_string($attrs->getNamedItem('title')->nodeValue); - $node_feed_url = db_escape_string( $attrs->getNamedItem('xmlUrl')->nodeValue); + $node_feed_url = db_escape_string($attrs->getNamedItem('xmlUrl')->nodeValue); if ($node_cat_title && !$node_feed_url) { $this->opml_import_category($doc, $node, $owner_uid, $cat_id); @@ -508,7 +508,7 @@ class Opml extends Handler_Protected { $url_path = get_self_url_prefix(); $url_path .= "/opml.php?op=publish&key=" . - get_feed_access_key( 'OPML:Publish', false, $_SESSION["uid"]); + get_feed_access_key('OPML:Publish', false, $_SESSION["uid"]); return $url_path; } -- cgit v1.2.3 From d9c85e0f112034ca3e3f4d34213f6dcccf9d54e1 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 17 Apr 2013 20:12:14 +0400 Subject: classes: use OO DB interface --- classes/opml.php | 108 +++++++++++++++++++++++++++---------------------------- 1 file changed, 54 insertions(+), 54 deletions(-) (limited to 'classes/opml.php') diff --git a/classes/opml.php b/classes/opml.php index 986386378..3f4030dea 100644 --- a/classes/opml.php +++ b/classes/opml.php @@ -66,27 +66,27 @@ class Opml extends Handler_Protected { $out = ""; if ($cat_id) { - $result = db_query("SELECT title FROM ttrss_feed_categories WHERE id = '$cat_id' + $result = $this->dbh->query("SELECT title FROM ttrss_feed_categories WHERE id = '$cat_id' AND owner_uid = '$owner_uid'"); - $cat_title = htmlspecialchars(db_fetch_result($result, 0, "title")); + $cat_title = htmlspecialchars($this->dbh->fetch_result($result, 0, "title")); } if ($cat_title) $out .= "\n"; - $result = db_query("SELECT id,title + $result = $this->dbh->query("SELECT id,title FROM ttrss_feed_categories WHERE $cat_qpart AND owner_uid = '$owner_uid' ORDER BY order_id, title"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $title = htmlspecialchars($line["title"]); $out .= $this->opml_export_category($owner_uid, $line["id"], $hide_private_feeds); } - $feeds_result = db_query("select title, feed_url, site_url + $feeds_result = $this->dbh->query("select title, feed_url, site_url from ttrss_feeds where $feed_cat_qpart AND owner_uid = '$owner_uid' AND $hide_qpart order by order_id, title"); - while ($fline = db_fetch_assoc($feeds_result)) { + while ($fline = $this->dbh->fetch_assoc($feeds_result)) { $title = htmlspecialchars($fline["title"]); $url = htmlspecialchars($fline["feed_url"]); $site_url = htmlspecialchars($fline["site_url"]); @@ -131,10 +131,10 @@ class Opml extends Handler_Protected { if ($include_settings) { $out .= ""; - $result = db_query("SELECT pref_name, value FROM ttrss_user_prefs WHERE + $result = $this->dbh->query("SELECT pref_name, value FROM ttrss_user_prefs WHERE profile IS NULL AND owner_uid = " . $_SESSION["uid"] . " ORDER BY pref_name"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $name = $line["pref_name"]; $value = htmlspecialchars($line["value"]); @@ -145,10 +145,10 @@ class Opml extends Handler_Protected { $out .= ""; - $result = db_query("SELECT * FROM ttrss_labels2 WHERE + $result = $this->dbh->query("SELECT * FROM ttrss_labels2 WHERE owner_uid = " . $_SESSION['uid']); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { $name = htmlspecialchars($line['caption']); $fg_color = htmlspecialchars($line['fg_color']); $bg_color = htmlspecialchars($line['bg_color']); @@ -161,10 +161,10 @@ class Opml extends Handler_Protected { $out .= ""; - $result = db_query("SELECT * FROM ttrss_filters2 + $result = $this->dbh->query("SELECT * FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY id"); - while ($line = db_fetch_assoc($result)) { + while ($line = $this->dbh->fetch_assoc($result)) { foreach (array('enabled', 'match_any_rule') as $b) { $line[$b] = sql_bool_to_bool($line[$b]); } @@ -172,10 +172,10 @@ class Opml extends Handler_Protected { $line["rules"] = array(); $line["actions"] = array(); - $tmp_result = db_query("SELECT * FROM ttrss_filters2_rules + $tmp_result = $this->dbh->query("SELECT * FROM ttrss_filters2_rules WHERE filter_id = ".$line["id"]); - while ($tmp_line = db_fetch_assoc($tmp_result)) { + while ($tmp_line = $this->dbh->fetch_assoc($tmp_result)) { unset($tmp_line["id"]); unset($tmp_line["filter_id"]); @@ -197,10 +197,10 @@ class Opml extends Handler_Protected { array_push($line["rules"], $tmp_line); } - $tmp_result = db_query("SELECT * FROM ttrss_filters2_actions + $tmp_result = $this->dbh->query("SELECT * FROM ttrss_filters2_actions WHERE filter_id = ".$line["id"]); - while ($tmp_line = db_fetch_assoc($tmp_result)) { + while ($tmp_line = $this->dbh->fetch_assoc($tmp_result)) { unset($tmp_line["id"]); unset($tmp_line["filter_id"]); @@ -253,19 +253,19 @@ class Opml extends Handler_Protected { private function opml_import_feed($doc, $node, $cat_id, $owner_uid) { $attrs = $node->attributes; - $feed_title = db_escape_string(mb_substr($attrs->getNamedItem('text')->nodeValue, 0, 250)); - if (!$feed_title) $feed_title = db_escape_string(mb_substr($attrs->getNamedItem('title')->nodeValue, 0, 250)); + $feed_title = $this->dbh->escape_string(mb_substr($attrs->getNamedItem('text')->nodeValue, 0, 250)); + if (!$feed_title) $feed_title = $this->dbh->escape_string(mb_substr($attrs->getNamedItem('title')->nodeValue, 0, 250)); - $feed_url = db_escape_string(mb_substr($attrs->getNamedItem('xmlUrl')->nodeValue, 0, 250)); - if (!$feed_url) $feed_url = db_escape_string(mb_substr($attrs->getNamedItem('xmlURL')->nodeValue, 0, 250)); + $feed_url = $this->dbh->escape_string(mb_substr($attrs->getNamedItem('xmlUrl')->nodeValue, 0, 250)); + if (!$feed_url) $feed_url = $this->dbh->escape_string(mb_substr($attrs->getNamedItem('xmlURL')->nodeValue, 0, 250)); - $site_url = db_escape_string(mb_substr($attrs->getNamedItem('htmlUrl')->nodeValue, 0, 250)); + $site_url = $this->dbh->escape_string(mb_substr($attrs->getNamedItem('htmlUrl')->nodeValue, 0, 250)); if ($feed_url && $feed_title) { - $result = db_query("SELECT id FROM ttrss_feeds WHERE + $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = '$owner_uid'"); - if (db_num_rows($result) == 0) { + if ($this->dbh->num_rows($result) == 0) { #$this->opml_notice("[FEED] [$feed_title/$feed_url] dst_CAT=$cat_id"); $this->opml_notice(T_sprintf("Adding feed: %s", $feed_title)); @@ -275,7 +275,7 @@ class Opml extends Handler_Protected { (title, feed_url, owner_uid, cat_id, site_url, order_id) VALUES ('$feed_title', '$feed_url', '$owner_uid', $cat_id, '$site_url', 0)"; - db_query($query); + $this->dbh->query($query); } else { $this->opml_notice(T_sprintf("Duplicate feed: %s", $feed_title)); @@ -285,11 +285,11 @@ class Opml extends Handler_Protected { private function opml_import_label($doc, $node, $owner_uid) { $attrs = $node->attributes; - $label_name = db_escape_string($attrs->getNamedItem('label-name')->nodeValue); + $label_name = $this->dbh->escape_string($attrs->getNamedItem('label-name')->nodeValue); if ($label_name) { - $fg_color = db_escape_string($attrs->getNamedItem('label-fg-color')->nodeValue); - $bg_color = db_escape_string($attrs->getNamedItem('label-bg-color')->nodeValue); + $fg_color = $this->dbh->escape_string($attrs->getNamedItem('label-fg-color')->nodeValue); + $bg_color = $this->dbh->escape_string($attrs->getNamedItem('label-bg-color')->nodeValue); if (!label_find_id($label_name, $_SESSION['uid'])) { $this->opml_notice(T_sprintf("Adding label %s", htmlspecialchars($label_name))); @@ -302,10 +302,10 @@ class Opml extends Handler_Protected { private function opml_import_preference($doc, $node, $owner_uid) { $attrs = $node->attributes; - $pref_name = db_escape_string($attrs->getNamedItem('pref-name')->nodeValue); + $pref_name = $this->dbh->escape_string($attrs->getNamedItem('pref-name')->nodeValue); if ($pref_name) { - $pref_value = db_escape_string($attrs->getNamedItem('value')->nodeValue); + $pref_value = $this->dbh->escape_string($attrs->getNamedItem('value')->nodeValue); $this->opml_notice(T_sprintf("Setting preference key %s to %s", $pref_name, $pref_value)); @@ -317,7 +317,7 @@ class Opml extends Handler_Protected { private function opml_import_filter($doc, $node, $owner_uid) { $attrs = $node->attributes; - $filter_type = db_escape_string($attrs->getNamedItem('filter-type')->nodeValue); + $filter_type = $this->dbh->escape_string($attrs->getNamedItem('filter-type')->nodeValue); if ($filter_type == '2') { $filter = json_decode($node->nodeValue, true); @@ -326,14 +326,14 @@ class Opml extends Handler_Protected { $match_any_rule = bool_to_sql_bool($filter["match_any_rule"]); $enabled = bool_to_sql_bool($filter["enabled"]); - db_query("BEGIN"); + $this->dbh->query("BEGIN"); - db_query("INSERT INTO ttrss_filters2 (match_any_rule,enabled,owner_uid) + $this->dbh->query("INSERT INTO ttrss_filters2 (match_any_rule,enabled,owner_uid) VALUES ($match_any_rule, $enabled,".$_SESSION["uid"].")"); - $result = db_query("SELECT MAX(id) AS id FROM ttrss_filters2 WHERE + $result = $this->dbh->query("SELECT MAX(id) AS id FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"]); - $filter_id = db_fetch_result($result, 0, "id"); + $filter_id = $this->dbh->fetch_result($result, 0, "id"); if ($filter_id) { $this->opml_notice(T_sprintf("Adding filter...")); @@ -343,39 +343,39 @@ class Opml extends Handler_Protected { $cat_id = "NULL"; if (!$rule["cat_filter"]) { - $tmp_result = db_query("SELECT id FROM ttrss_feeds - WHERE title = '".db_escape_string($rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); - if (db_num_rows($tmp_result) > 0) { - $feed_id = db_fetch_result($tmp_result, 0, "id"); + $tmp_result = $this->dbh->query("SELECT id FROM ttrss_feeds + WHERE title = '".$this->dbh->escape_string($rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); + if ($this->dbh->num_rows($tmp_result) > 0) { + $feed_id = $this->dbh->fetch_result($tmp_result, 0, "id"); } } else { - $tmp_result = db_query("SELECT id FROM ttrss_feed_categories - WHERE title = '".db_escape_string($rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); + $tmp_result = $this->dbh->query("SELECT id FROM ttrss_feed_categories + WHERE title = '".$this->dbh->escape_string($rule["feed"])."' AND owner_uid = ".$_SESSION["uid"]); - if (db_num_rows($tmp_result) > 0) { - $cat_id = db_fetch_result($tmp_result, 0, "id"); + if ($this->dbh->num_rows($tmp_result) > 0) { + $cat_id = $this->dbh->fetch_result($tmp_result, 0, "id"); } } $cat_filter = bool_to_sql_bool($rule["cat_filter"]); - $reg_exp = db_escape_string($rule["reg_exp"]); + $reg_exp = $this->dbh->escape_string($rule["reg_exp"]); $filter_type = (int)$rule["filter_type"]; - db_query("INSERT INTO ttrss_filters2_rules (feed_id,cat_id,filter_id,filter_type,reg_exp,cat_filter) + $this->dbh->query("INSERT INTO ttrss_filters2_rules (feed_id,cat_id,filter_id,filter_type,reg_exp,cat_filter) VALUES ($feed_id, $cat_id, $filter_id, $filter_type, '$reg_exp', $cat_filter)"); } foreach ($filter["actions"] as $action) { $action_id = (int)$action["action_id"]; - $action_param = db_escape_string($action["action_param"]); + $action_param = $this->dbh->escape_string($action["action_param"]); - db_query("INSERT INTO ttrss_filters2_actions (filter_id,action_id,action_param) + $this->dbh->query("INSERT INTO ttrss_filters2_actions (filter_id,action_id,action_param) VALUES ($filter_id, $action_id, '$action_param')"); } } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } } } @@ -386,19 +386,19 @@ class Opml extends Handler_Protected { $default_cat_id = (int) get_feed_category('Imported feeds', false); if ($root_node) { - $cat_title = db_escape_string(mb_substr($root_node->attributes->getNamedItem('text')->nodeValue, 0, 250)); + $cat_title = $this->dbh->escape_string(mb_substr($root_node->attributes->getNamedItem('text')->nodeValue, 0, 250)); if (!$cat_title) - $cat_title = db_escape_string(mb_substr($root_node->attributes->getNamedItem('title')->nodeValue, 0, 250)); + $cat_title = $this->dbh->escape_string(mb_substr($root_node->attributes->getNamedItem('title')->nodeValue, 0, 250)); if (!in_array($cat_title, array("tt-rss-filters", "tt-rss-labels", "tt-rss-prefs"))) { $cat_id = get_feed_category($cat_title, $parent_id); - db_query("BEGIN"); + $this->dbh->query("BEGIN"); if ($cat_id === false) { add_feed_category($cat_title, $parent_id); $cat_id = get_feed_category($cat_title, $parent_id); } - db_query("COMMIT"); + $this->dbh->query("COMMIT"); } else { $cat_id = 0; } @@ -418,12 +418,12 @@ class Opml extends Handler_Protected { foreach ($outlines as $node) { if ($node->hasAttributes() && strtolower($node->tagName) == "outline") { $attrs = $node->attributes; - $node_cat_title = db_escape_string($attrs->getNamedItem('text')->nodeValue); + $node_cat_title = $this->dbh->escape_string($attrs->getNamedItem('text')->nodeValue); if (!$node_cat_title) - $node_cat_title = db_escape_string($attrs->getNamedItem('title')->nodeValue); + $node_cat_title = $this->dbh->escape_string($attrs->getNamedItem('title')->nodeValue); - $node_feed_url = db_escape_string($attrs->getNamedItem('xmlUrl')->nodeValue); + $node_feed_url = $this->dbh->escape_string($attrs->getNamedItem('xmlUrl')->nodeValue); if ($node_cat_title && !$node_feed_url) { $this->opml_import_category($doc, $node, $owner_uid, $cat_id); -- cgit v1.2.3