From 3306daecf4450555961490c11e70e7cf7fe7b86e Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Thu, 11 Apr 2013 19:12:00 +0400 Subject: implement upload-related support for open_basedir --- plugins/googlereaderimport/init.php | 28 ++++++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) (limited to 'plugins/googlereaderimport') diff --git a/plugins/googlereaderimport/init.php b/plugins/googlereaderimport/init.php index ac7a872f2..f7d876b90 100644 --- a/plugins/googlereaderimport/init.php +++ b/plugins/googlereaderimport/init.php @@ -66,8 +66,32 @@ class GoogleReaderImport extends Plugin { $owner_uid = $_SESSION["uid"]; - if (is_file($_FILES['starred_file']['tmp_name'])) { - $doc = json_decode(file_get_contents($_FILES['starred_file']['tmp_name']), true); + if ($_FILES['starred_file']['error'] != 0) { + print_error(T_sprintf("Upload failed with error code %d", + $_FILES['starred_file']['error'])); + return; + } + + $tmp_file = false; + + if (is_uploaded_file($_FILES['starred_file']['tmp_name'])) { + $tmp_file = tempnam(CACHE_DIR . '/upload', 'starred'); + + $result = move_uploaded_file($_FILES['starred_file']['tmp_name'], + $tmp_file); + + if (!$result) { + print_error(__("Unable to move uploaded file.")); + return; + } + } else { + print_error(__('Error: please upload OPML file.')); + return; + } + + if (is_file($tmp_file)) { + $doc = json_decode(file_get_contents($tmp_file), true); + unlink($tmp_file); } else { print_error(__('No file uploaded.')); return; -- cgit v1.2.3 From b229a1845693e2d6210d431a852462e8c274061a Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Thu, 11 Apr 2013 20:31:24 +0400 Subject: fix import_export plugin for open_basedir; add missing closing form tags to import_export and googleimport plugin --- plugins/googlereaderimport/init.php | 1 + 1 file changed, 1 insertion(+) (limited to 'plugins/googlereaderimport') diff --git a/plugins/googlereaderimport/init.php b/plugins/googlereaderimport/init.php index f7d876b90..d25d3288f 100644 --- a/plugins/googlereaderimport/init.php +++ b/plugins/googlereaderimport/init.php @@ -374,6 +374,7 @@ class GoogleReaderImport extends Plugin { "; + print ""; print ""; #pane } -- cgit v1.2.3 From 6322ac79a020ab584d412d782d62b2ee77d7c6cf Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 17 Apr 2013 16:23:15 +0400 Subject: remove $link --- plugins/googlereaderimport/init.php | 72 ++++++++++++++++++------------------- 1 file changed, 34 insertions(+), 38 deletions(-) (limited to 'plugins/googlereaderimport') diff --git a/plugins/googlereaderimport/init.php b/plugins/googlereaderimport/init.php index d25d3288f..8986f469c 100644 --- a/plugins/googlereaderimport/init.php +++ b/plugins/googlereaderimport/init.php @@ -1,8 +1,5 @@ link = $host->get_link(); $this->host = $host; $host->add_command("greader-import", @@ -34,11 +30,11 @@ class GoogleReaderImport extends Plugin { _debug("please enter your username:"); - $username = db_escape_string($this->link, trim(read_stdin())); + $username = db_escape_string( trim(read_stdin())); _debug("looking up user: $username..."); - $result = db_query($this->link, "SELECT id FROM ttrss_users + $result = db_query( "SELECT id FROM ttrss_users WHERE login = '$username'"); if (db_num_rows($result) == 0) { @@ -59,7 +55,7 @@ class GoogleReaderImport extends Plugin { function import($file = false, $owner_uid = 0) { - purge_orphans($this->link); + purge_orphans(); if (!$file) { header("Content-Type: text/html"); @@ -115,30 +111,30 @@ class GoogleReaderImport extends Plugin { foreach ($doc['items'] as $item) { // print_r($item); - $guid = db_escape_string($this->link, mb_substr($item['id'], 0, 250)); - $title = db_escape_string($this->link, $item['title']); + $guid = db_escape_string( mb_substr($item['id'], 0, 250)); + $title = db_escape_string( $item['title']); $updated = date('Y-m-d h:i:s', $item['updated']); $link = ''; $content = ''; - $author = db_escape_string($this->link, $item['author']); + $author = db_escape_string( $item['author']); $tags = array(); $orig_feed_data = array(); if (is_array($item['alternate'])) { foreach ($item['alternate'] as $alt) { if (isset($alt['type']) && $alt['type'] == 'text/html') { - $link = db_escape_string($this->link, $alt['href']); + $link = db_escape_string( $alt['href']); } } } if (is_array($item['summary'])) { - $content = db_escape_string($this->link, + $content = db_escape_string( $item['summary']['content'], false); } if (is_array($item['content'])) { - $content = db_escape_string($this->link, + $content = db_escape_string( $item['content']['content'], false); } @@ -153,14 +149,14 @@ class GoogleReaderImport extends Plugin { if (is_array($item['origin'])) { if (strpos($item['origin']['streamId'], 'feed/') === 0) { - $orig_feed_data['feed_url'] = db_escape_string($this->link, + $orig_feed_data['feed_url'] = db_escape_string( mb_substr(preg_replace("/^feed\//", "", $item['origin']['streamId']), 0, 200)); - $orig_feed_data['title'] = db_escape_string($this->link, + $orig_feed_data['title'] = db_escape_string( mb_substr($item['origin']['title'], 0, 200)); - $orig_feed_data['site_url'] = db_escape_string($this->link, + $orig_feed_data['site_url'] = db_escape_string( mb_substr($item['origin']['htmlUrl'], 0, 200)); } } @@ -168,7 +164,7 @@ class GoogleReaderImport extends Plugin { $processed++; $imported += (int) $this->create_article($owner_uid, $guid, $title, - $updated, $link, $content, $author, $sql_set_marked, $tags, + $updated, $content, $author, $sql_set_marked, $tags, $orig_feed_data); if ($file && $processed % 25 == 0) { @@ -200,7 +196,7 @@ class GoogleReaderImport extends Plugin { } // expects ESCAPED data - private function create_article($owner_uid, $guid, $title, $updated, $link, $content, $author, $marked, $tags, $orig_feed_data) { + private function create_article($owner_uid, $guid, $title, $updated, $content, $author, $marked, $tags, $orig_feed_data) { if (!$guid) $guid = sha1($link); @@ -210,9 +206,9 @@ class GoogleReaderImport extends Plugin { $content_hash = sha1($content); - if (filter_var($link, FILTER_VALIDATE_URL) === FALSE) return false; + if (filter_var( FILTER_VALIDATE_URL) === FALSE) return false; - db_query($this->link, "BEGIN"); + db_query( "BEGIN"); $feed_id = 'NULL'; @@ -223,7 +219,7 @@ class GoogleReaderImport extends Plugin { // before dealing with archived feeds we must check ttrss_feeds to maintain id consistency if ($orig_feed_data['feed_url'] && $create_archived_feeds) { - $result = db_query($this->link, + $result = db_query( "SELECT id FROM ttrss_feeds WHERE feed_url = '".$orig_feed_data['feed_url']."' AND owner_uid = $owner_uid"); @@ -234,7 +230,7 @@ class GoogleReaderImport extends Plugin { if (!$orig_feed_data['title']) $orig_feed_data['title'] = '[Unknown]'; - $result = db_query($this->link, + $result = db_query( "INSERT INTO ttrss_feeds (owner_uid,feed_url,site_url,title,cat_id,auth_login,auth_pass,update_method) VALUES ($owner_uid, @@ -243,7 +239,7 @@ class GoogleReaderImport extends Plugin { '".$orig_feed_data['title']."', NULL, '', '', 0)"); - $result = db_query($this->link, + $result = db_query( "SELECT id FROM ttrss_feeds WHERE feed_url = '".$orig_feed_data['feed_url']."' AND owner_uid = $owner_uid"); @@ -258,18 +254,18 @@ class GoogleReaderImport extends Plugin { // locate archived entry to file entries in, we don't want to file them in actual feeds because of purging // maybe file marked in real feeds because eh - $result = db_query($this->link, "SELECT id FROM ttrss_archived_feeds WHERE + $result = db_query( "SELECT id FROM ttrss_archived_feeds WHERE feed_url = '".$orig_feed_data['feed_url']."' AND owner_uid = $owner_uid"); if (db_num_rows($result) != 0) { $orig_feed_id = db_fetch_result($result, 0, "id"); } else { - db_query($this->link, "INSERT INTO ttrss_archived_feeds + db_query( "INSERT INTO ttrss_archived_feeds (id, owner_uid, title, feed_url, site_url) SELECT id, owner_uid, title, feed_url, site_url from ttrss_feeds WHERE id = '$feed_id'"); - $result = db_query($this->link, "SELECT id FROM ttrss_archived_feeds WHERE + $result = db_query( "SELECT id FROM ttrss_archived_feeds WHERE feed_url = '".$orig_feed_data['feed_url']."' AND owner_uid = $owner_uid"); if (db_num_rows($result) != 0) { @@ -280,32 +276,32 @@ class GoogleReaderImport extends Plugin { // delete temporarily inserted feed if ($feed_id && $feed_inserted) { - db_query($this->link, "DELETE FROM ttrss_feeds WHERE id = $feed_id"); + db_query( "DELETE FROM ttrss_feeds WHERE id = $feed_id"); } if (!$orig_feed_id) $orig_feed_id = 'NULL'; - $result = db_query($this->link, "SELECT id FROM ttrss_entries, ttrss_user_entries WHERE + $result = db_query( "SELECT id FROM ttrss_entries, ttrss_user_entries WHERE guid = '$guid' AND ref_id = id AND owner_uid = '$owner_uid' LIMIT 1"); if (db_num_rows($result) == 0) { - $result = db_query($this->link, "INSERT INTO ttrss_entries + $result = db_query( "INSERT INTO ttrss_entries (title, guid, link, updated, content, content_hash, date_entered, date_updated, author) VALUES ('$title', '$guid', '$link', '$updated', '$content', '$content_hash', NOW(), NOW(), '$author')"); - $result = db_query($this->link, "SELECT id FROM ttrss_entries WHERE guid = '$guid'"); + $result = db_query( "SELECT id FROM ttrss_entries WHERE guid = '$guid'"); if (db_num_rows($result) != 0) { $ref_id = db_fetch_result($result, 0, "id"); - db_query($this->link, "INSERT INTO ttrss_user_entries + db_query( "INSERT INTO ttrss_user_entries (ref_id, uuid, feed_id, orig_feed_id, owner_uid, marked, tag_cache, label_cache, last_read, note, unread, last_marked) VALUES ('$ref_id', '', NULL, $orig_feed_id, $owner_uid, $marked, '', '', NOW(), '', false, NOW())"); - $result = db_query($this->link, "SELECT int_id FROM ttrss_user_entries, ttrss_entries + $result = db_query( "SELECT int_id FROM ttrss_user_entries, ttrss_entries WHERE owner_uid = $owner_uid AND ref_id = id AND ref_id = $ref_id"); if (db_num_rows($result) != 0 && is_array($tags)) { @@ -315,16 +311,16 @@ class GoogleReaderImport extends Plugin { foreach ($tags as $tag) { - $tag = db_escape_string($this->link, sanitize_tag($tag)); + $tag = db_escape_string( sanitize_tag($tag)); if (!tag_is_valid($tag)) continue; - $result = db_query($this->link, "SELECT id FROM ttrss_tags + $result = db_query( "SELECT id FROM ttrss_tags WHERE tag_name = '$tag' AND post_int_id = '$entry_int_id' AND owner_uid = '$owner_uid' LIMIT 1"); if ($result && db_num_rows($result) == 0) { - db_query($this->link, "INSERT INTO ttrss_tags + db_query( "INSERT INTO ttrss_tags (owner_uid,tag_name,post_int_id) VALUES ('$owner_uid','$tag', '$entry_int_id')"); } @@ -335,9 +331,9 @@ class GoogleReaderImport extends Plugin { /* update the cache */ $tags_to_cache = array_unique($tags_to_cache); - $tags_str = db_escape_string($this->link, join(",", $tags_to_cache)); + $tags_str = db_escape_string( join(",", $tags_to_cache)); - db_query($this->link, "UPDATE ttrss_user_entries + db_query( "UPDATE ttrss_user_entries SET tag_cache = '$tags_str' WHERE ref_id = '$ref_id' AND owner_uid = $owner_uid"); } @@ -346,7 +342,7 @@ class GoogleReaderImport extends Plugin { } } - db_query($this->link, "COMMIT"); + db_query( "COMMIT"); return $rc; } -- cgit v1.2.3 From a42c55f02b7e313ab61bf826794d0888f2dceae1 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 17 Apr 2013 18:34:18 +0400 Subject: fix blank character after opening bracket in function calls --- plugins/googlereaderimport/init.php | 46 ++++++++++++++++++------------------- 1 file changed, 23 insertions(+), 23 deletions(-) (limited to 'plugins/googlereaderimport') diff --git a/plugins/googlereaderimport/init.php b/plugins/googlereaderimport/init.php index 8986f469c..183875ec8 100644 --- a/plugins/googlereaderimport/init.php +++ b/plugins/googlereaderimport/init.php @@ -30,11 +30,11 @@ class GoogleReaderImport extends Plugin { _debug("please enter your username:"); - $username = db_escape_string( trim(read_stdin())); + $username = db_escape_string(trim(read_stdin())); _debug("looking up user: $username..."); - $result = db_query( "SELECT id FROM ttrss_users + $result = db_query("SELECT id FROM ttrss_users WHERE login = '$username'"); if (db_num_rows($result) == 0) { @@ -111,19 +111,19 @@ class GoogleReaderImport extends Plugin { foreach ($doc['items'] as $item) { // print_r($item); - $guid = db_escape_string( mb_substr($item['id'], 0, 250)); - $title = db_escape_string( $item['title']); + $guid = db_escape_string(mb_substr($item['id'], 0, 250)); + $title = db_escape_string($item['title']); $updated = date('Y-m-d h:i:s', $item['updated']); $link = ''; $content = ''; - $author = db_escape_string( $item['author']); + $author = db_escape_string($item['author']); $tags = array(); $orig_feed_data = array(); if (is_array($item['alternate'])) { foreach ($item['alternate'] as $alt) { if (isset($alt['type']) && $alt['type'] == 'text/html') { - $link = db_escape_string( $alt['href']); + $link = db_escape_string($alt['href']); } } } @@ -206,9 +206,9 @@ class GoogleReaderImport extends Plugin { $content_hash = sha1($content); - if (filter_var( FILTER_VALIDATE_URL) === FALSE) return false; + if (filter_var(FILTER_VALIDATE_URL) === FALSE) return false; - db_query( "BEGIN"); + db_query("BEGIN"); $feed_id = 'NULL'; @@ -254,18 +254,18 @@ class GoogleReaderImport extends Plugin { // locate archived entry to file entries in, we don't want to file them in actual feeds because of purging // maybe file marked in real feeds because eh - $result = db_query( "SELECT id FROM ttrss_archived_feeds WHERE + $result = db_query("SELECT id FROM ttrss_archived_feeds WHERE feed_url = '".$orig_feed_data['feed_url']."' AND owner_uid = $owner_uid"); if (db_num_rows($result) != 0) { $orig_feed_id = db_fetch_result($result, 0, "id"); } else { - db_query( "INSERT INTO ttrss_archived_feeds + db_query("INSERT INTO ttrss_archived_feeds (id, owner_uid, title, feed_url, site_url) SELECT id, owner_uid, title, feed_url, site_url from ttrss_feeds WHERE id = '$feed_id'"); - $result = db_query( "SELECT id FROM ttrss_archived_feeds WHERE + $result = db_query("SELECT id FROM ttrss_archived_feeds WHERE feed_url = '".$orig_feed_data['feed_url']."' AND owner_uid = $owner_uid"); if (db_num_rows($result) != 0) { @@ -276,32 +276,32 @@ class GoogleReaderImport extends Plugin { // delete temporarily inserted feed if ($feed_id && $feed_inserted) { - db_query( "DELETE FROM ttrss_feeds WHERE id = $feed_id"); + db_query("DELETE FROM ttrss_feeds WHERE id = $feed_id"); } if (!$orig_feed_id) $orig_feed_id = 'NULL'; - $result = db_query( "SELECT id FROM ttrss_entries, ttrss_user_entries WHERE + $result = db_query("SELECT id FROM ttrss_entries, ttrss_user_entries WHERE guid = '$guid' AND ref_id = id AND owner_uid = '$owner_uid' LIMIT 1"); if (db_num_rows($result) == 0) { - $result = db_query( "INSERT INTO ttrss_entries + $result = db_query("INSERT INTO ttrss_entries (title, guid, link, updated, content, content_hash, date_entered, date_updated, author) VALUES ('$title', '$guid', '$link', '$updated', '$content', '$content_hash', NOW(), NOW(), '$author')"); - $result = db_query( "SELECT id FROM ttrss_entries WHERE guid = '$guid'"); + $result = db_query("SELECT id FROM ttrss_entries WHERE guid = '$guid'"); if (db_num_rows($result) != 0) { $ref_id = db_fetch_result($result, 0, "id"); - db_query( "INSERT INTO ttrss_user_entries + db_query("INSERT INTO ttrss_user_entries (ref_id, uuid, feed_id, orig_feed_id, owner_uid, marked, tag_cache, label_cache, last_read, note, unread, last_marked) VALUES ('$ref_id', '', NULL, $orig_feed_id, $owner_uid, $marked, '', '', NOW(), '', false, NOW())"); - $result = db_query( "SELECT int_id FROM ttrss_user_entries, ttrss_entries + $result = db_query("SELECT int_id FROM ttrss_user_entries, ttrss_entries WHERE owner_uid = $owner_uid AND ref_id = id AND ref_id = $ref_id"); if (db_num_rows($result) != 0 && is_array($tags)) { @@ -311,16 +311,16 @@ class GoogleReaderImport extends Plugin { foreach ($tags as $tag) { - $tag = db_escape_string( sanitize_tag($tag)); + $tag = db_escape_string(sanitize_tag($tag)); if (!tag_is_valid($tag)) continue; - $result = db_query( "SELECT id FROM ttrss_tags + $result = db_query("SELECT id FROM ttrss_tags WHERE tag_name = '$tag' AND post_int_id = '$entry_int_id' AND owner_uid = '$owner_uid' LIMIT 1"); if ($result && db_num_rows($result) == 0) { - db_query( "INSERT INTO ttrss_tags + db_query("INSERT INTO ttrss_tags (owner_uid,tag_name,post_int_id) VALUES ('$owner_uid','$tag', '$entry_int_id')"); } @@ -331,9 +331,9 @@ class GoogleReaderImport extends Plugin { /* update the cache */ $tags_to_cache = array_unique($tags_to_cache); - $tags_str = db_escape_string( join(",", $tags_to_cache)); + $tags_str = db_escape_string(join(",", $tags_to_cache)); - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET tag_cache = '$tags_str' WHERE ref_id = '$ref_id' AND owner_uid = $owner_uid"); } @@ -342,7 +342,7 @@ class GoogleReaderImport extends Plugin { } } - db_query( "COMMIT"); + db_query("COMMIT"); return $rc; } -- cgit v1.2.3 From 106a3de91c7c8c6c275323152de414253f01127a Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Fri, 19 Apr 2013 17:31:56 +0400 Subject: plugins: bump API version --- plugins/googlereaderimport/init.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'plugins/googlereaderimport') diff --git a/plugins/googlereaderimport/init.php b/plugins/googlereaderimport/init.php index 183875ec8..be6b81981 100644 --- a/plugins/googlereaderimport/init.php +++ b/plugins/googlereaderimport/init.php @@ -374,5 +374,10 @@ class GoogleReaderImport extends Plugin { print ""; #pane } + + function api_version() { + return 2; + } + } ?> -- cgit v1.2.3 From c6c968b042f4853e3a069bb75be96bd919630275 Mon Sep 17 00:00:00 2001 From: Florian Schlichting Date: Sun, 21 Apr 2013 13:20:50 +0200 Subject: googlereaderimport: actually pass $link to create_article() otherwise the link db field will be empty, and viewing the original article of an imported starred item results in an empty backend.php page --- plugins/googlereaderimport/init.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'plugins/googlereaderimport') diff --git a/plugins/googlereaderimport/init.php b/plugins/googlereaderimport/init.php index be6b81981..2e22161b9 100644 --- a/plugins/googlereaderimport/init.php +++ b/plugins/googlereaderimport/init.php @@ -164,7 +164,7 @@ class GoogleReaderImport extends Plugin { $processed++; $imported += (int) $this->create_article($owner_uid, $guid, $title, - $updated, $content, $author, $sql_set_marked, $tags, + $link, $updated, $content, $author, $sql_set_marked, $tags, $orig_feed_data); if ($file && $processed % 25 == 0) { @@ -196,7 +196,7 @@ class GoogleReaderImport extends Plugin { } // expects ESCAPED data - private function create_article($owner_uid, $guid, $title, $updated, $content, $author, $marked, $tags, $orig_feed_data) { + private function create_article($owner_uid, $guid, $title, $link, $updated, $content, $author, $marked, $tags, $orig_feed_data) { if (!$guid) $guid = sha1($link); -- cgit v1.2.3