From a42c55f02b7e313ab61bf826794d0888f2dceae1 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 17 Apr 2013 18:34:18 +0400 Subject: fix blank character after opening bracket in function calls --- plugins/auth_internal/init.php | 24 +++++----- plugins/auth_remote/init.php | 18 ++++---- plugins/close_button/init.php | 2 +- plugins/digest/init.php | 20 ++++----- plugins/embed_original/init.php | 4 +- plugins/example/init.php | 2 +- plugins/example_vfeed/init.php | 2 +- plugins/googlereaderimport/init.php | 46 +++++++++---------- plugins/import_export/init.php | 40 ++++++++--------- plugins/instances/init.php | 66 +++++++++++++-------------- plugins/mail/init.php | 10 ++--- plugins/mailto/init.php | 4 +- plugins/mark_button/init.php | 2 +- plugins/mobile/article.php | 12 ++--- plugins/mobile/backend.php | 24 +++++----- plugins/mobile/cat.php | 6 +-- plugins/mobile/feed.php | 14 +++--- plugins/mobile/home.php | 8 ++-- plugins/mobile/index.php | 8 ++-- plugins/mobile/mobile-functions.php | 90 ++++++++++++++++++------------------- plugins/mobile/prefs.php | 14 +++--- plugins/note/init.php | 10 ++--- plugins/nsfw/init.php | 2 +- plugins/share/init.php | 14 +++--- plugins/updater/init.php | 10 ++--- 25 files changed, 226 insertions(+), 226 deletions(-) (limited to 'plugins') diff --git a/plugins/auth_internal/init.php b/plugins/auth_internal/init.php index b6d8e97dc..c6f075036 100644 --- a/plugins/auth_internal/init.php +++ b/plugins/auth_internal/init.php @@ -19,12 +19,12 @@ class Auth_Internal extends Plugin implements IAuthModule { $pwd_hash1 = encrypt_password($password); $pwd_hash2 = encrypt_password($password, $login); - $login = db_escape_string( $login); - $otp = db_escape_string( $_REQUEST["otp"]); + $login = db_escape_string($login); + $otp = db_escape_string($_REQUEST["otp"]); if (get_schema_version() > 96) { if (!defined('AUTH_DISABLE_OTP') || !AUTH_DISABLE_OTP) { - $result = db_query( "SELECT otp_enabled,salt FROM ttrss_users WHERE + $result = db_query("SELECT otp_enabled,salt FROM ttrss_users WHERE login = '$login'"); if (db_num_rows($result) > 0) { @@ -74,7 +74,7 @@ class Auth_Internal extends Plugin implements IAuthModule { if (get_schema_version() > 87) { - $result = db_query( "SELECT salt FROM ttrss_users WHERE + $result = db_query("SELECT salt FROM ttrss_users WHERE login = '$login'"); if (db_num_rows($result) != 1) { @@ -92,7 +92,7 @@ class Auth_Internal extends Plugin implements IAuthModule { // verify and upgrade password to new salt base - $result = db_query( $query); + $result = db_query($query); if (db_num_rows($result) == 1) { // upgrade password to MODE2 @@ -100,7 +100,7 @@ class Auth_Internal extends Plugin implements IAuthModule { $salt = substr(bin2hex(get_random_bytes(125)), 0, 250); $pwd_hash = encrypt_password($password, $salt, true); - db_query( "UPDATE ttrss_users SET + db_query("UPDATE ttrss_users SET pwd_hash = '$pwd_hash', salt = '$salt' WHERE login = '$login'"); $query = "SELECT id @@ -128,7 +128,7 @@ class Auth_Internal extends Plugin implements IAuthModule { pwd_hash = '$pwd_hash2')"; } - $result = db_query( $query); + $result = db_query($query); if (db_num_rows($result) == 1) { return db_fetch_result($result, 0, "id"); @@ -138,9 +138,9 @@ class Auth_Internal extends Plugin implements IAuthModule { } function check_password($owner_uid, $password) { - $owner_uid = db_escape_string( $owner_uid); + $owner_uid = db_escape_string($owner_uid); - $result = db_query( "SELECT salt,login FROM ttrss_users WHERE + $result = db_query("SELECT salt,login FROM ttrss_users WHERE id = '$owner_uid'"); $salt = db_fetch_result($result, 0, "salt"); @@ -161,20 +161,20 @@ class Auth_Internal extends Plugin implements IAuthModule { id = '$owner_uid' AND pwd_hash = '$password_hash'"; } - $result = db_query( $query); + $result = db_query($query); return db_num_rows($result) != 0; } function change_password($owner_uid, $old_password, $new_password) { - $owner_uid = db_escape_string( $owner_uid); + $owner_uid = db_escape_string($owner_uid); if ($this->check_password($owner_uid, $old_password)) { $new_salt = substr(bin2hex(get_random_bytes(125)), 0, 250); $new_password_hash = encrypt_password($new_password, $new_salt, true); - db_query( "UPDATE ttrss_users SET + db_query("UPDATE ttrss_users SET pwd_hash = '$new_password_hash', salt = '$new_salt', otp_enabled = false WHERE id = '$owner_uid'"); diff --git a/plugins/auth_remote/init.php b/plugins/auth_remote/init.php index f0da1afc8..a551c6bd0 100644 --- a/plugins/auth_remote/init.php +++ b/plugins/auth_remote/init.php @@ -19,15 +19,15 @@ class Auth_Remote extends Plugin implements IAuthModule { } function get_login_by_ssl_certificate() { - $cert_serial = db_escape_string( get_ssl_certificate_id()); + $cert_serial = db_escape_string(get_ssl_certificate_id()); if ($cert_serial) { - $result = db_query( "SELECT login FROM ttrss_user_prefs, ttrss_users + $result = db_query("SELECT login FROM ttrss_user_prefs, ttrss_users WHERE pref_name = 'SSL_CERT_SERIAL' AND value = '$cert_serial' AND owner_uid = ttrss_users.id"); if (db_num_rows($result) != 0) { - return db_escape_string( db_fetch_result($result, 0, "login")); + return db_escape_string(db_fetch_result($result, 0, "login")); } } @@ -36,10 +36,10 @@ class Auth_Remote extends Plugin implements IAuthModule { function authenticate($login, $password) { - $try_login = db_escape_string( $_SERVER["REMOTE_USER"]); + $try_login = db_escape_string($_SERVER["REMOTE_USER"]); // php-cgi - if (!$try_login) $try_login = db_escape_string( $_SERVER["REDIRECT_REMOTE_USER"]); + if (!$try_login) $try_login = db_escape_string($_SERVER["REDIRECT_REMOTE_USER"]); if (!$try_login) $try_login = $this->get_login_by_ssl_certificate(); # if (!$try_login) $try_login = "test_qqq"; @@ -58,15 +58,15 @@ class Auth_Remote extends Plugin implements IAuthModule { // update user name $fullname = $_SERVER['HTTP_USER_NAME'] ? $_SERVER['HTTP_USER_NAME'] : $_SERVER['AUTHENTICATE_CN']; if ($fullname){ - $fullname = db_escape_string( $fullname); - db_query( "UPDATE ttrss_users SET full_name = '$fullname' WHERE id = " . + $fullname = db_escape_string($fullname); + db_query("UPDATE ttrss_users SET full_name = '$fullname' WHERE id = " . $user_id); } // update user mail $email = $_SERVER['HTTP_USER_MAIL'] ? $_SERVER['HTTP_USER_MAIL'] : $_SERVER['AUTHENTICATE_MAIL']; if ($email){ - $email = db_escape_string( $email); - db_query( "UPDATE ttrss_users SET email = '$email' WHERE id = " . + $email = db_escape_string($email); + db_query("UPDATE ttrss_users SET email = '$email' WHERE id = " . $user_id); } } diff --git a/plugins/close_button/init.php b/plugins/close_button/init.php index 6fdd96f55..78f2edd2a 100644 --- a/plugins/close_button/init.php +++ b/plugins/close_button/init.php @@ -15,7 +15,7 @@ class Close_Button extends Plugin { } function hook_article_button($line) { - if (!get_pref( "COMBINED_DISPLAY_MODE")) { + if (!get_pref("COMBINED_DISPLAY_MODE")) { $rv = " array("id" => $article_id, "url" => $article_url, - "tags" => get_article_tags( $article_id), + "tags" => get_article_tags($article_id), "marked" => $marked, "published" => $published, "title" => $title, "content" => $content))); } function digestupdate() { - $feed_id = db_escape_string( $_REQUEST['feed_id']); - $offset = db_escape_string( $_REQUEST['offset']); - $seq = db_escape_string( $_REQUEST['seq']); + $feed_id = db_escape_string($_REQUEST['feed_id']); + $offset = db_escape_string($_REQUEST['offset']); + $seq = db_escape_string($_REQUEST['seq']); if (!$feed_id) $feed_id = -4; if (!$offset) $offset = 0; @@ -72,18 +72,18 @@ class Digest extends Plugin implements IHandler { $reply['seq'] = $seq; - $headlines = API::api_get_headlines( $feed_id, 30, $offset, + $headlines = API::api_get_headlines($feed_id, 30, $offset, '', ($feed_id == -4), true, false, "unread", "updated DESC", 0, 0); $reply['headlines'] = array(); - $reply['headlines']['title'] = getFeedTitle( $feed_id); + $reply['headlines']['title'] = getFeedTitle($feed_id); $reply['headlines']['content'] = $headlines; print json_encode($reply); } function digestinit() { - $tmp_feeds = API::api_get_feeds( -4, true, false, 0); + $tmp_feeds = API::api_get_feeds(-4, true, false, 0); $params = array(); $feeds = array(); diff --git a/plugins/embed_original/init.php b/plugins/embed_original/init.php index f91acda7c..c65793e16 100644 --- a/plugins/embed_original/init.php +++ b/plugins/embed_original/init.php @@ -34,9 +34,9 @@ class Embed_Original extends Plugin { } function getUrl() { - $id = db_escape_string( $_REQUEST['id']); + $id = db_escape_string($_REQUEST['id']); - $result = db_query( "SELECT link + $result = db_query("SELECT link FROM ttrss_entries, ttrss_user_entries WHERE id = '$id' AND ref_id = id AND owner_uid = " .$_SESSION['uid']); diff --git a/plugins/example/init.php b/plugins/example/init.php index 8deee84b4..8f4e8abf4 100644 --- a/plugins/example/init.php +++ b/plugins/example/init.php @@ -19,7 +19,7 @@ class Example extends Plugin { } function save() { - $example_value = db_escape_string( $_POST["example_value"]); + $example_value = db_escape_string($_POST["example_value"]); $this->host->set($this, "example", $example_value); diff --git a/plugins/example_vfeed/init.php b/plugins/example_vfeed/init.php index e7efa757b..b137fd0f9 100644 --- a/plugins/example_vfeed/init.php +++ b/plugins/example_vfeed/init.php @@ -27,7 +27,7 @@ class Example_VFeed extends Plugin { } function get_headlines($feed_id, $options) { - $qfh_ret = queryFeedHeadlines( -4, + $qfh_ret = queryFeedHeadlines(-4, $options['limit'], $options['view_mode'], $options['cat_view'], $options['search'], diff --git a/plugins/googlereaderimport/init.php b/plugins/googlereaderimport/init.php index 8986f469c..183875ec8 100644 --- a/plugins/googlereaderimport/init.php +++ b/plugins/googlereaderimport/init.php @@ -30,11 +30,11 @@ class GoogleReaderImport extends Plugin { _debug("please enter your username:"); - $username = db_escape_string( trim(read_stdin())); + $username = db_escape_string(trim(read_stdin())); _debug("looking up user: $username..."); - $result = db_query( "SELECT id FROM ttrss_users + $result = db_query("SELECT id FROM ttrss_users WHERE login = '$username'"); if (db_num_rows($result) == 0) { @@ -111,19 +111,19 @@ class GoogleReaderImport extends Plugin { foreach ($doc['items'] as $item) { // print_r($item); - $guid = db_escape_string( mb_substr($item['id'], 0, 250)); - $title = db_escape_string( $item['title']); + $guid = db_escape_string(mb_substr($item['id'], 0, 250)); + $title = db_escape_string($item['title']); $updated = date('Y-m-d h:i:s', $item['updated']); $link = ''; $content = ''; - $author = db_escape_string( $item['author']); + $author = db_escape_string($item['author']); $tags = array(); $orig_feed_data = array(); if (is_array($item['alternate'])) { foreach ($item['alternate'] as $alt) { if (isset($alt['type']) && $alt['type'] == 'text/html') { - $link = db_escape_string( $alt['href']); + $link = db_escape_string($alt['href']); } } } @@ -206,9 +206,9 @@ class GoogleReaderImport extends Plugin { $content_hash = sha1($content); - if (filter_var( FILTER_VALIDATE_URL) === FALSE) return false; + if (filter_var(FILTER_VALIDATE_URL) === FALSE) return false; - db_query( "BEGIN"); + db_query("BEGIN"); $feed_id = 'NULL'; @@ -254,18 +254,18 @@ class GoogleReaderImport extends Plugin { // locate archived entry to file entries in, we don't want to file them in actual feeds because of purging // maybe file marked in real feeds because eh - $result = db_query( "SELECT id FROM ttrss_archived_feeds WHERE + $result = db_query("SELECT id FROM ttrss_archived_feeds WHERE feed_url = '".$orig_feed_data['feed_url']."' AND owner_uid = $owner_uid"); if (db_num_rows($result) != 0) { $orig_feed_id = db_fetch_result($result, 0, "id"); } else { - db_query( "INSERT INTO ttrss_archived_feeds + db_query("INSERT INTO ttrss_archived_feeds (id, owner_uid, title, feed_url, site_url) SELECT id, owner_uid, title, feed_url, site_url from ttrss_feeds WHERE id = '$feed_id'"); - $result = db_query( "SELECT id FROM ttrss_archived_feeds WHERE + $result = db_query("SELECT id FROM ttrss_archived_feeds WHERE feed_url = '".$orig_feed_data['feed_url']."' AND owner_uid = $owner_uid"); if (db_num_rows($result) != 0) { @@ -276,32 +276,32 @@ class GoogleReaderImport extends Plugin { // delete temporarily inserted feed if ($feed_id && $feed_inserted) { - db_query( "DELETE FROM ttrss_feeds WHERE id = $feed_id"); + db_query("DELETE FROM ttrss_feeds WHERE id = $feed_id"); } if (!$orig_feed_id) $orig_feed_id = 'NULL'; - $result = db_query( "SELECT id FROM ttrss_entries, ttrss_user_entries WHERE + $result = db_query("SELECT id FROM ttrss_entries, ttrss_user_entries WHERE guid = '$guid' AND ref_id = id AND owner_uid = '$owner_uid' LIMIT 1"); if (db_num_rows($result) == 0) { - $result = db_query( "INSERT INTO ttrss_entries + $result = db_query("INSERT INTO ttrss_entries (title, guid, link, updated, content, content_hash, date_entered, date_updated, author) VALUES ('$title', '$guid', '$link', '$updated', '$content', '$content_hash', NOW(), NOW(), '$author')"); - $result = db_query( "SELECT id FROM ttrss_entries WHERE guid = '$guid'"); + $result = db_query("SELECT id FROM ttrss_entries WHERE guid = '$guid'"); if (db_num_rows($result) != 0) { $ref_id = db_fetch_result($result, 0, "id"); - db_query( "INSERT INTO ttrss_user_entries + db_query("INSERT INTO ttrss_user_entries (ref_id, uuid, feed_id, orig_feed_id, owner_uid, marked, tag_cache, label_cache, last_read, note, unread, last_marked) VALUES ('$ref_id', '', NULL, $orig_feed_id, $owner_uid, $marked, '', '', NOW(), '', false, NOW())"); - $result = db_query( "SELECT int_id FROM ttrss_user_entries, ttrss_entries + $result = db_query("SELECT int_id FROM ttrss_user_entries, ttrss_entries WHERE owner_uid = $owner_uid AND ref_id = id AND ref_id = $ref_id"); if (db_num_rows($result) != 0 && is_array($tags)) { @@ -311,16 +311,16 @@ class GoogleReaderImport extends Plugin { foreach ($tags as $tag) { - $tag = db_escape_string( sanitize_tag($tag)); + $tag = db_escape_string(sanitize_tag($tag)); if (!tag_is_valid($tag)) continue; - $result = db_query( "SELECT id FROM ttrss_tags + $result = db_query("SELECT id FROM ttrss_tags WHERE tag_name = '$tag' AND post_int_id = '$entry_int_id' AND owner_uid = '$owner_uid' LIMIT 1"); if ($result && db_num_rows($result) == 0) { - db_query( "INSERT INTO ttrss_tags + db_query("INSERT INTO ttrss_tags (owner_uid,tag_name,post_int_id) VALUES ('$owner_uid','$tag', '$entry_int_id')"); } @@ -331,9 +331,9 @@ class GoogleReaderImport extends Plugin { /* update the cache */ $tags_to_cache = array_unique($tags_to_cache); - $tags_str = db_escape_string( join(",", $tags_to_cache)); + $tags_str = db_escape_string(join(",", $tags_to_cache)); - db_query( "UPDATE ttrss_user_entries + db_query("UPDATE ttrss_user_entries SET tag_cache = '$tags_str' WHERE ref_id = '$ref_id' AND owner_uid = $owner_uid"); } @@ -342,7 +342,7 @@ class GoogleReaderImport extends Plugin { } } - db_query( "COMMIT"); + db_query("COMMIT"); return $rc; } diff --git a/plugins/import_export/init.php b/plugins/import_export/init.php index 981a2b581..e4e98c036 100644 --- a/plugins/import_export/init.php +++ b/plugins/import_export/init.php @@ -26,11 +26,11 @@ class Import_Export extends Plugin implements IHandler { _debug("please enter your username:"); - $username = db_escape_string( trim(read_stdin())); + $username = db_escape_string(trim(read_stdin())); _debug("importing $filename for user $username...\n"); - $result = db_query( "SELECT id FROM ttrss_users WHERE login = '$username'"); + $result = db_query("SELECT id FROM ttrss_users WHERE login = '$username'"); if (db_num_rows($result) == 0) { print "error: could not find user $username.\n"; @@ -39,11 +39,11 @@ class Import_Export extends Plugin implements IHandler { $owner_uid = db_fetch_result($result, 0, "id"); - $this->perform_data_import( $filename, $owner_uid); + $this->perform_data_import($filename, $owner_uid); } function save() { - $example_value = db_escape_string( $_POST["example_value"]); + $example_value = db_escape_string($_POST["example_value"]); echo "Value set to $example_value (not really)"; } @@ -117,12 +117,12 @@ class Import_Export extends Plugin implements IHandler { } function exportrun() { - $offset = (int) db_escape_string( $_REQUEST['offset']); + $offset = (int) db_escape_string($_REQUEST['offset']); $exported = 0; $limit = 250; if ($offset < 10000 && is_writable(CACHE_DIR . "/export")) { - $result = db_query( "SELECT + $result = db_query("SELECT ttrss_entries.guid, ttrss_entries.title, content, @@ -181,7 +181,7 @@ class Import_Export extends Plugin implements IHandler { print json_encode(array("exported" => $exported)); } - function perform_data_import( $filename, $owner_uid) { + function perform_data_import($filename, $owner_uid) { $num_imported = 0; $num_processed = 0; @@ -234,7 +234,7 @@ class Import_Export extends Plugin implements IHandler { foreach ($article_node->childNodes as $child) { if ($child->nodeName != 'label_cache') - $article[$child->nodeName] = db_escape_string( $child->nodeValue); + $article[$child->nodeName] = db_escape_string($child->nodeValue); else $article[$child->nodeName] = $child->nodeValue; } @@ -245,11 +245,11 @@ class Import_Export extends Plugin implements IHandler { ++$num_processed; - //db_query( "BEGIN"); + //db_query("BEGIN"); //print 'GUID:' . $article['guid'] . "\n"; - $result = db_query( "SELECT id FROM ttrss_entries + $result = db_query("SELECT id FROM ttrss_entries WHERE guid = '".$article['guid']."'"); if (db_num_rows($result) == 0) { @@ -282,7 +282,7 @@ class Import_Export extends Plugin implements IHandler { '0', '')"); - $result = db_query( "SELECT id FROM ttrss_entries + $result = db_query("SELECT id FROM ttrss_entries WHERE guid = '".$article['guid']."'"); if (db_num_rows($result) != 0) { @@ -303,7 +303,7 @@ class Import_Export extends Plugin implements IHandler { $feed = 'NULL'; if ($feed_url && $feed_title) { - $result = db_query( "SELECT id FROM ttrss_feeds + $result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = '$owner_uid'"); if (db_num_rows($result) != 0) { @@ -311,10 +311,10 @@ class Import_Export extends Plugin implements IHandler { } else { // try autocreating feed in Uncategorized... - $result = db_query( "INSERT INTO ttrss_feeds (owner_uid, + $result = db_query("INSERT INTO ttrss_feeds (owner_uid, feed_url, title) VALUES ($owner_uid, '$feed_url', '$feed_title')"); - $result = db_query( "SELECT id FROM ttrss_feeds + $result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = '$owner_uid'"); if (db_num_rows($result) != 0) { @@ -332,7 +332,7 @@ class Import_Export extends Plugin implements IHandler { //print "$ref_id / $feed / " . $article['title'] . "\n"; - $result = db_query( "SELECT int_id FROM ttrss_user_entries + $result = db_query("SELECT int_id FROM ttrss_user_entries WHERE ref_id = '$ref_id' AND owner_uid = '$owner_uid' AND $feed_qpart"); if (db_num_rows($result) == 0) { @@ -342,7 +342,7 @@ class Import_Export extends Plugin implements IHandler { $score = (int) $article['score']; $tag_cache = $article['tag_cache']; - $label_cache = db_escape_string( $article['label_cache']); + $label_cache = db_escape_string($article['label_cache']); $note = $article['note']; //print "Importing " . $article['title'] . "
"; @@ -362,15 +362,15 @@ class Import_Export extends Plugin implements IHandler { if (is_array($label_cache) && $label_cache["no-labels"] != 1) { foreach ($label_cache as $label) { - label_create( $label[1], + label_create($label[1], $label[2], $label[3], $owner_uid); - label_add_article( $ref_id, $label[1], $owner_uid); + label_add_article($ref_id, $label[1], $owner_uid); } } - //db_query( "COMMIT"); + //db_query("COMMIT"); } } } @@ -438,7 +438,7 @@ class Import_Export extends Plugin implements IHandler { } if (is_file($tmp_file)) { - $this->perform_data_import( $tmp_file, $_SESSION['uid']); + $this->perform_data_import($tmp_file, $_SESSION['uid']); unlink($tmp_file); } else { print_error(__('No file uploaded.')); diff --git a/plugins/instances/init.php b/plugins/instances/init.php index 12ae07280..a87684b56 100644 --- a/plugins/instances/init.php +++ b/plugins/instances/init.php @@ -37,7 +37,7 @@ class Instances extends Plugin implements IHandler { // 2 - did not receive valid data // >10 - server error, code + 10 (e.g. 16 means server error 6) - function get_linked_feeds( $instance_id = false) { + function get_linked_feeds($instance_id = false) { if ($instance_id) $instance_qpart = "id = '$instance_id' AND "; else @@ -49,7 +49,7 @@ class Instances extends Plugin implements IHandler { $date_qpart = "last_connected < DATE_SUB(NOW(), INTERVAL 6 HOUR)"; } - $result = db_query( "SELECT id, access_key, access_url FROM ttrss_linked_instances + $result = db_query("SELECT id, access_key, access_url FROM ttrss_linked_instances WHERE $instance_qpart $date_qpart ORDER BY last_connected"); while ($line = db_fetch_assoc($result)) { @@ -77,7 +77,7 @@ class Instances extends Plugin implements IHandler { // access denied if ($status == 16) { - db_query( "DELETE FROM ttrss_linked_feeds + db_query("DELETE FROM ttrss_linked_feeds WHERE instance_id = '$id'"); } } else { @@ -85,16 +85,16 @@ class Instances extends Plugin implements IHandler { if (count($feeds['feeds']) > 0) { - db_query( "DELETE FROM ttrss_linked_feeds + db_query("DELETE FROM ttrss_linked_feeds WHERE instance_id = '$id'"); foreach ($feeds['feeds'] as $feed) { - $feed_url = db_escape_string( $feed['feed_url']); - $title = db_escape_string( $feed['title']); - $subscribers = db_escape_string( $feed['subscribers']); - $site_url = db_escape_string( $feed['site_url']); + $feed_url = db_escape_string($feed['feed_url']); + $title = db_escape_string($feed['title']); + $subscribers = db_escape_string($feed['subscribers']); + $site_url = db_escape_string($feed['site_url']); - db_query( "INSERT INTO ttrss_linked_feeds + db_query("INSERT INTO ttrss_linked_feeds (feed_url, site_url, title, subscribers, instance_id, created, updated) VALUES ('$feed_url', '$site_url', '$title', '$subscribers', '$id', NOW(), NOW())"); @@ -119,7 +119,7 @@ class Instances extends Plugin implements IHandler { _debug("Status: $status"); - db_query( "UPDATE ttrss_linked_instances SET + db_query("UPDATE ttrss_linked_instances SET last_status_out = '$status', last_connected = NOW() WHERE id = '$id'"); } @@ -127,7 +127,7 @@ class Instances extends Plugin implements IHandler { function get_feeds() { - $this->get_linked_feeds( false); + $this->get_linked_feeds(false); } function get_prefs_js() { @@ -164,37 +164,37 @@ class Instances extends Plugin implements IHandler { } function remove() { - $ids = db_escape_string( $_REQUEST['ids']); + $ids = db_escape_string($_REQUEST['ids']); - db_query( "DELETE FROM ttrss_linked_instances WHERE + db_query("DELETE FROM ttrss_linked_instances WHERE id IN ($ids)"); } function add() { - $id = db_escape_string( $_REQUEST["id"]); - $access_url = db_escape_string( $_REQUEST["access_url"]); - $access_key = db_escape_string( $_REQUEST["access_key"]); + $id = db_escape_string($_REQUEST["id"]); + $access_url = db_escape_string($_REQUEST["access_url"]); + $access_key = db_escape_string($_REQUEST["access_key"]); - db_query( "BEGIN"); + db_query("BEGIN"); - $result = db_query( "SELECT id FROM ttrss_linked_instances + $result = db_query("SELECT id FROM ttrss_linked_instances WHERE access_url = '$access_url'"); if (db_num_rows($result) == 0) { - db_query( "INSERT INTO ttrss_linked_instances + db_query("INSERT INTO ttrss_linked_instances (access_url, access_key, last_connected, last_status_in, last_status_out) VALUES ('$access_url', '$access_key', '1970-01-01', -1, -1)"); } - db_query( "COMMIT"); + db_query("COMMIT"); } function edit() { - $id = db_escape_string( $_REQUEST["id"]); + $id = db_escape_string($_REQUEST["id"]); - $result = db_query( "SELECT * FROM ttrss_linked_instances WHERE + $result = db_query("SELECT * FROM ttrss_linked_instances WHERE id = '$id'"); print ""; @@ -250,11 +250,11 @@ class Instances extends Plugin implements IHandler { } function editSave() { - $id = db_escape_string( $_REQUEST["id"]); - $access_url = db_escape_string( $_REQUEST["access_url"]); - $access_key = db_escape_string( $_REQUEST["access_key"]); + $id = db_escape_string($_REQUEST["id"]); + $access_url = db_escape_string($_REQUEST["access_url"]); + $access_key = db_escape_string($_REQUEST["access_key"]); - db_query( "UPDATE ttrss_linked_instances SET + db_query("UPDATE ttrss_linked_instances SET access_key = '$access_key', access_url = '$access_url', last_connected = '1970-01-01' WHERE id = '$id'"); @@ -274,7 +274,7 @@ class Instances extends Plugin implements IHandler { print "
"; - $sort = db_escape_string( $_REQUEST["sort"]); + $sort = db_escape_string($_REQUEST["sort"]); if (!$sort || $sort == "undefined") { $sort = "access_url"; @@ -295,7 +295,7 @@ class Instances extends Plugin implements IHandler { print "
"; #toolbar - $result = db_query( "SELECT *, + $result = db_query("SELECT *, (SELECT COUNT(*) FROM ttrss_linked_feeds WHERE instance_id = ttrss_linked_instances.id) AS num_feeds FROM ttrss_linked_instances @@ -324,7 +324,7 @@ class Instances extends Plugin implements IHandler { $id = $line['id']; $this_row_id = "id=\"LIRR-$id\""; - $line["last_connected"] = make_local_datetime( $line["last_connected"], false); + $line["last_connected"] = make_local_datetime($line["last_connected"], false); print ""; @@ -361,17 +361,17 @@ class Instances extends Plugin implements IHandler { function fbexport() { - $access_key = db_escape_string( $_POST["key"]); + $access_key = db_escape_string($_POST["key"]); // TODO: rate limit checking using last_connected - $result = db_query( "SELECT id FROM ttrss_linked_instances + $result = db_query("SELECT id FROM ttrss_linked_instances WHERE access_key = '$access_key'"); if (db_num_rows($result) == 1) { $instance_id = db_fetch_result($result, 0, "id"); - $result = db_query( "SELECT feed_url, site_url, title, subscribers + $result = db_query("SELECT feed_url, site_url, title, subscribers FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100"); $feeds = array(); @@ -380,7 +380,7 @@ class Instances extends Plugin implements IHandler { array_push($feeds, $line); } - db_query( "UPDATE ttrss_linked_instances SET + db_query("UPDATE ttrss_linked_instances SET last_status_in = 1 WHERE id = '$instance_id'"); print json_encode(array("feeds" => $feeds)); diff --git a/plugins/mail/init.php b/plugins/mail/init.php index 7adf36fe4..2897068aa 100644 --- a/plugins/mail/init.php +++ b/plugins/mail/init.php @@ -28,13 +28,13 @@ class Mail extends Plugin { function emailArticle() { - $param = db_escape_string( $_REQUEST['param']); + $param = db_escape_string($_REQUEST['param']); print ""; print ""; print ""; - $result = db_query( "SELECT email, full_name FROM ttrss_users WHERE + $result = db_query("SELECT email, full_name FROM ttrss_users WHERE id = " . $_SESSION["uid"]); $user_email = htmlspecialchars(db_fetch_result($result, 0, "email")); @@ -56,7 +56,7 @@ class Mail extends Plugin { $tpl->setVariable('USER_EMAIL', $user_email, true); $tpl->setVariable('TTRSS_HOST', $_SERVER["HTTP_HOST"], true); - $result = db_query( "SELECT link, content, title + $result = db_query("SELECT link, content, title FROM ttrss_user_entries, ttrss_entries WHERE id = ref_id AND id IN ($param) AND owner_uid = " . $_SESSION["uid"]); @@ -147,7 +147,7 @@ class Mail extends Plugin { if (!$rc) { $reply['error'] = $mail->ErrorInfo; } else { - save_email_address( db_escape_string($destination)); + save_email_address(db_escape_string($destination)); $reply['message'] = "UPDATE_COUNTERS"; } @@ -155,7 +155,7 @@ class Mail extends Plugin { } function completeEmails() { - $search = db_escape_string( $_REQUEST["search"]); + $search = db_escape_string($_REQUEST["search"]); print "