Error: Not logged in.

"; } exit; } if (!$op) { print_error_xml(7); exit; } $purge_intervals = array( 0 => "Use default", -1 => "Never purge", 5 => "1 week old", 14 => "2 weeks old", 31 => "1 month old", 60 => "2 months old", 90 => "3 months old"); $update_intervals = array( 0 => "Use default", -1 => "Disable updates", 30 => "Each 30 minutes", 60 => "Hourly", 240 => "Each 4 hours", 720 => "Each 12 hours", 1440 => "Daily", 10080 => "Weekly"); $access_level_names = array( 0 => "User", 10 => "Administrator"); $script_started = getmicrotime(); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); if (!$link) { if (DB_TYPE == "mysql") { print mysql_error(); } // PG seems to display its own errors just fine by default. return; } if (DB_TYPE == "pgsql") { pg_query("set client_encoding = 'utf-8'"); } if ($_SESSION["uid"]) { if (get_pref($link, "HIDE_READ_FEEDS") == "true") { setcookie("ttrss_vf_hreadf", 1); } else { setcookie("ttrss_vf_hreadf", 0); } setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH); setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON); if (get_pref($link, "ON_CATCHUP_SHOW_NEXT_FEED")) { setcookie('ttrss_vf_catchupnext', 1); } else { setcookie('ttrss_vf_catchupnext', 0); } } $fetch = $_GET["fetch"]; // setcookie("ttrss_icons_url", ICONS_URL); if (!sanity_check($link)) { return; } function outputFeedList($link, $tags = false) { print " Tiny Tiny RSS : Feedlist "; $user_theme = $_SESSION["theme"]; if ($user_theme) { print ""; } if (get_pref($link, 'USE_COMPACT_STYLESHEET')) { print ""; } else { print ""; } $script_dt_add = get_script_dt_add(); print " "; print ""; } $category = $tmp_category; $collapsed = $line["collapsed"]; // workaround for NULL category if ($category == "Uncategorized") { if ($_COOKIE["ttrss_vf_uclps"] == 1) { $collapsed = "t"; } } if ($collapsed == "t" || $collapsed == "1") { $holder_class = "invisible"; $ellipsis = "..."; } else { $holder_class = ""; $ellipsis = ""; } if ($cat_id) { $cat_id_qpart = "cat_id = '$cat_id'"; } else { $cat_id_qpart = "cat_id IS NULL"; } $tmp_result = db_query($link, "SELECT count(int_id) AS unread FROM ttrss_user_entries,ttrss_feeds WHERE unread = true AND feed_id = ttrss_feeds.id AND $cat_id_qpart AND ttrss_user_entries.owner_uid = " . $_SESSION["uid"]); $cat_unread = db_fetch_result($tmp_result, 0, "unread"); $cat_id = sprintf("%d", $cat_id); print "
  • $tmp_category ($cat_unread unread)$ellipsis
  • "; // !!! NO SPACE before keyboard navigation, etc. print "
  • "; print ' '; } if ($op == "rpc") { handle_rpc_request($link); } if ($op == "feeds") { $tags = $_GET["tags"]; $subop = $_GET["subop"]; if ($subop == "catchupAll") { db_query($link, "UPDATE ttrss_user_entries SET last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]); } if ($subop == "collapse") { $cat_id = db_escape_string($_GET["cid"]); db_query($link, "UPDATE ttrss_feed_categories SET collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " . $_SESSION["uid"]); return; } outputFeedList($link, $tags); } if ($op == "view") { $id = db_escape_string($_GET["id"]); $feed_id = db_escape_string($_GET["feed"]); $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) == 1) { $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content")); } else { $rtl_content = false; } if ($rtl_content) { $rtl_tag = "dir=\"RTL\""; $rtl_class = "RTL"; } else { $rtl_tag = ""; $rtl_class = ""; } $result = db_query($link, "UPDATE ttrss_user_entries SET unread = false,last_read = NOW() WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id, SUBSTRING(updated,1,16) as updated, (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url, num_comments, author FROM ttrss_entries,ttrss_user_entries WHERE id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"]); print " Tiny Tiny RSS : Article $id "; $user_theme = $_SESSION["theme"]; if ($user_theme) { print ""; } if (get_pref($link, 'USE_COMPACT_STYLESHEET')) { print ""; } else { print ""; } $script_dt_add = get_script_dt_add(); print " "; if ($result) { $line = db_fetch_assoc($result); if ($line["icon_url"]) { $feed_icon = ""; } else { $feed_icon = " "; } /* if ($line["comments"] && $line["link"] != $line["comments"]) { $entry_comments = "(Comments)"; } else { $entry_comments = ""; } */ $num_comments = $line["num_comments"]; $entry_comments = ""; if ($num_comments > 0) { if ($line["comments"]) { $comments_url = $line["comments"]; } else { $comments_url = $line["link"]; } $entry_comments = "$num_comments comments"; } else { if ($line["comments"] && $line["link"] != $line["comments"]) { $entry_comments = "comments"; } } print "
    "; print "
    "; $entry_author = $line["author"]; if ($entry_author) { $entry_author = " - by $entry_author"; } print ""; $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'), strtotime($line["updated"])); print ""; print ""; $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM ttrss_tags WHERE post_int_id = " . $line["int_id"] . " ORDER BY tag_name"); $tags_str = ""; $f_tags_str = ""; $num_tags = 0; while ($tmp_line = db_fetch_assoc($tmp_result)) { $num_tags++; $tag = $tmp_line["tag_name"]; $tag_str = "$tag, "; if ($num_tags == 5) { $tags_str .= "..."; } else if ($num_tags < 5) { $tags_str .= $tag_str; } $f_tags_str .= $tag_str; } $tags_str = preg_replace("/, $/", "", $tags_str); $f_tags_str = preg_replace("/, $/", "", $f_tags_str); // $truncated_link = truncate_string($line["link"], 60); if ($tags_str || $entry_comments) { print ""; } print "
    " . $line["title"] . "$entry_author$parsed_updated
    $entry_comments $tags_str
    "; print "
    " . $feed_icon . "
    "; print "
    "; if (db_num_rows($tmp_result) > 5) { print "
    Tags: $f_tags_str
    "; } if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) { $line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]); } print $line["content"] . "
    "; print "
    "; print ""; } print ""; } if ($op == "viewfeed") { $feed = db_escape_string($_GET["feed"]); $subop = db_escape_string($_GET["subop"]); $view_mode = db_escape_string($_GET["view_mode"]); $limit = db_escape_string($_GET["limit"]); $cat_view = db_escape_string($_GET["cat"]); $next_unread_feed = db_escape_string($_GET["nuf"]); if ($subop == "undefined") $subop = ""; print " Tiny Tiny RSS : Feed $feed "; $user_theme = $_SESSION["theme"]; if ($user_theme) { print ""; } if (get_pref($link, 'USE_COMPACT_STYLESHEET')) { print ""; } else { print ""; } if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) { update_generic_feed($link, $feed, $cat_view); } if ($subop == "MarkAllRead") { catchup_feed($link, $feed, $cat_view); if (get_pref($link, 'ON_CATCHUP_SHOW_NEXT_FEED')) { if ($next_unread_feed) { $feed = $next_unread_feed; } } } if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) { $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) == 1) { $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content")); } else { $rtl_content = false; } if ($rtl_content) { $rtl_tag = "dir=\"RTL\""; } else { $rtl_tag = ""; } } else { $rtl_tag = ""; $rtl_content = false; } $script_dt_add = get_script_dt_add(); print " "; $search = db_escape_string($_GET["query"]); $search_mode = db_escape_string($_GET["search_mode"]); $match_on = db_escape_string($_GET["match_on"]); if (!$match_on) { $match_on = "both"; } if ($search) { if ($match_on == "both") { $search_query_part = "(upper(ttrss_entries.title) LIKE upper('%$search%') OR upper(ttrss_entries.content) LIKE '%$search%') AND"; } else if ($match_on == "title") { $search_query_part = "upper(ttrss_entries.title) LIKE upper('%$search%') AND"; } else if ($match_on == "content") { $search_query_part = "upper(ttrss_entries.content) LIKE upper('%$search%') AND"; } } else { $search_query_part = ""; } $view_query_part = ""; if ($view_mode == "adaptive") { if ($search) { $view_query_part = " "; } else if ($feed != -1) { $unread = getFeedUnread($link, $feed); if ($unread > 0) { $view_query_part = " unread = true AND "; } } } if ($view_mode == "marked") { $view_query_part = " marked = true AND "; } if ($view_mode == "unread") { $view_query_part = " unread = true AND "; } if ($limit > 0) { $limit_query_part = "LIMIT " . $limit; } $vfeed_query_part = ""; // override query strategy and enable feed display when searching globally if ($search && $search_mode == "all_feeds") { $query_strategy_part = "ttrss_entries.id > 0"; $vfeed_query_part = "ttrss_feeds.title AS feed_title,"; } else if (preg_match("/^-?[0-9][0-9]*$/", $feed) == false) { $query_strategy_part = "ttrss_entries.id > 0"; $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE id = feed_id) as feed_title,"; } else if ($feed >= 0 && $search && $search_mode == "this_cat") { $vfeed_query_part = "ttrss_feeds.title AS feed_title,"; $tmp_result = db_query($link, "SELECT id FROM ttrss_feeds WHERE cat_id = (SELECT cat_id FROM ttrss_feeds WHERE id = '$feed') AND id != '$feed'"); $cat_siblings = array(); if (db_num_rows($tmp_result) > 0) { while ($p = db_fetch_assoc($tmp_result)) { array_push($cat_siblings, "feed_id = " . $p["id"]); } $query_strategy_part = sprintf("(feed_id = %d OR %s)", $feed, implode(" OR ", $cat_siblings)); } else { $query_strategy_part = "ttrss_entries.id > 0"; } } else if ($feed >= 0) { if ($cat_view) { if ($feed > 0) { $query_strategy_part = "cat_id = '$feed'"; } else { $query_strategy_part = "cat_id IS NULL"; } $vfeed_query_part = "ttrss_feeds.title AS feed_title,"; } else { $tmp_result = db_query($link, "SELECT id FROM ttrss_feeds WHERE parent_feed = '$feed' ORDER BY cat_id,title"); $parent_ids = array(); if (db_num_rows($tmp_result) > 0) { while ($p = db_fetch_assoc($tmp_result)) { array_push($parent_ids, "feed_id = " . $p["id"]); } $query_strategy_part = sprintf("(feed_id = %d OR %s)", $feed, implode(" OR ", $parent_ids)); $vfeed_query_part = "ttrss_feeds.title AS feed_title,"; } else { $query_strategy_part = "feed_id = '$feed'"; } } } else if ($feed == -1) { // starred virtual feed $query_strategy_part = "marked = true"; $vfeed_query_part = "ttrss_feeds.title AS feed_title,"; } else if ($feed <= -10) { // labels $label_id = -$feed - 11; $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels WHERE id = '$label_id'"); $query_strategy_part = db_fetch_result($tmp_result, 0, "sql_exp"); $vfeed_query_part = "ttrss_feeds.title AS feed_title,"; } else { $query_strategy_part = "id > 0"; // dumb } $order_by = "updated DESC"; // if ($feed < -10) { // $order_by = "feed_id,updated DESC"; // } $feed_title = ""; if ($search && $search_mode == "all_feeds") { $feed_title = "Global search results ($search)"; } else if ($search && preg_match('/^-?[0-9][0-9]*$/', $feed) == false) { $feed_title = "Feed search results ($search, $feed)"; } else if (preg_match('/^-?[0-9][0-9]*$/', $feed) == false) { $feed_title = $feed; } else if (preg_match('/^-?[0-9][0-9]*$/', $feed) != false && $feed >= 0) { if ($cat_view) { if ($feed != 0) { $result = db_query($link, "SELECT title FROM ttrss_feed_categories WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]); $feed_title = db_fetch_result($result, 0, "title"); } else { $feed_title = "Uncategorized"; } } else { $result = db_query($link, "SELECT title,site_url,last_error FROM ttrss_feeds WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]); $feed_title = db_fetch_result($result, 0, "title"); $feed_site_url = db_fetch_result($result, 0, "site_url"); $last_error = db_fetch_result($result, 0, "last_error"); } } else if ($feed == -1) { $feed_title = "Starred articles"; } else if ($feed < -10) { $label_id = -$feed - 11; $result = db_query($link, "SELECT description FROM ttrss_labels WHERE id = '$label_id'"); $feed_title = db_fetch_result($result, 0, "description"); } else { $feed_title = "?"; } $feed_title = db_unescape_string($feed_title); if ($feed < -10) error_reporting (0); print "
    "; if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) { if ($feed >= 0) { $feed_kind = "Feeds"; } else { $feed_kind = "Labels"; } // if (!$vfeed_query_part) { $content_query_part = "content as content_preview,"; // } else { // $content_query_part = ""; // } $query = "SELECT ttrss_entries.id,ttrss_entries.title, SUBSTRING(updated,1,16) as updated, unread,feed_id,marked,link,last_read, SUBSTRING(last_read,1,19) as last_read_noms, $vfeed_query_part $content_query_part SUBSTRING(updated,1,19) as updated_noms FROM ttrss_entries,ttrss_user_entries,ttrss_feeds WHERE ttrss_user_entries.feed_id = ttrss_feeds.id AND ttrss_user_entries.ref_id = ttrss_entries.id AND ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND $search_query_part $view_query_part $query_strategy_part ORDER BY $order_by $limit_query_part"; $result = db_query($link, $query); if ($_GET["debug"]) print $query; } else { // browsing by tag $feed_kind = "Tags"; $result = db_query($link, "SELECT ttrss_entries.id as id,title, SUBSTRING(updated,1,16) as updated, unread,feed_id, marked,link,last_read, SUBSTRING(last_read,1,19) as last_read_noms, $vfeed_query_part $content_query_part SUBSTRING(updated,1,19) as updated_noms FROM ttrss_entries,ttrss_user_entries,ttrss_tags WHERE ref_id = ttrss_entries.id AND ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND post_int_id = int_id AND tag_name = '$feed' AND $view_query_part $search_query_part $query_strategy_part ORDER BY $order_by $limit_query_part"); } if (!$result) { print "
    Could not display feed (query failed). Please check label match syntax or local configuration.
    "; return; } function print_headline_subtoolbar($link, $feed_site_url, $feed_title, $bottom = false, $rtl_content = false) { if (!$bottom) { $class = "headlinesSubToolbar"; $tid = "headlineActionsTop"; } else { $class = "invisible"; $tid = "headlineActionsBottom"; } print ""; if ($rtl_content) { $rtl_cpart = "RTL"; } else { $rtl_cpart = ""; } if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) { print ""; } else { print ""; } print ""; print "
    Select: All, Unread, None    Toggle: Unread, Starred"; print " Select: All, Unread, None    Toggle: Unread, Starred"; print ""; if ($feed_site_url) { if (!$bottom) { $target = "target=\"_blank\""; } print "$feed_title"; } else { print $feed_title; } print "
    "; } if (db_num_rows($result) > 0) { print_headline_subtoolbar($link, $feed_site_url, $feed_title, false, $rtl_content); if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) { print ""; } $lnum = 0; error_reporting (DEFAULT_ERROR_LEVEL); $num_unread = 0; while ($line = db_fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; $id = $line["id"]; $feed_id = $line["feed_id"]; if ($line["last_read"] == "" && ($line["unread"] != "t" && $line["unread"] != "1")) { $update_pic = "\"Updated\""; } else { $update_pic = "\"Updated\""; } if ($line["unread"] == "t" || $line["unread"] == "1") { $class .= "Unread"; ++$num_unread; $is_unread = true; } else { $is_unread = false; } if ($line["marked"] == "t" || $line["marked"] == "1") { $marked_pic = "\"Reset"; } else { $marked_pic = "\"Set"; } $content_link = "" . $line["title"] . ""; if (get_pref($link, 'HEADLINES_SMART_DATE')) { $updated_fmt = smart_date_time(strtotime($line["updated"])); } else { $short_date = get_pref($link, 'SHORT_DATE_FORMAT'); $updated_fmt = date($short_date, strtotime($line["updated"])); } if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) { $content_preview = truncate_string(strip_tags($line["content_preview"]), 100); } if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) { print ""; print ""; print ""; print ""; if ($line["feed_title"]) { print ""; print ""; } else { print ""; } print ""; print ""; } else { if ($is_unread) { $add_class = "Unread"; } else { $add_class = ""; } print "
    "; print "
    "; print "
    $updated_fmt, Toggle unread
    "; print "".$line["title"].""; if ($line["feed_title"]) { print " (".$line["feed_title"].")"; } print "
    "; print "
    " . $line["content_preview"] . "
    "; print "
    $marked_pic
    "; # print "
    # Toggle unread
    "; print "
    "; } ++$lnum; } if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) { print "
    $update_pic $marked_pic$content_link ". $line["feed_title"]." "; print "" . $line["title"]; if (get_pref($link, 'SHOW_CONTENT_PREVIEW') && !$rtl_tag) { if ($content_preview) { print " - $content_preview"; } } print ""; print "$updated_fmt 
    "; } print_headline_subtoolbar($link, "javascript:catchupPage()", "Mark page as read", true, $rtl_content); } else { print "
    No articles found.
    "; } print "
    "; print " "; print ""; } if ($op == "pref-feeds") { $subop = $_REQUEST["subop"]; $quiet = $_REQUEST["quiet"]; if ($subop == "massSubscribe") { $ids = split(",", db_escape_string($_GET["ids"])); $subscribed = array(); foreach ($ids as $id) { $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds WHERE id = '$id'"); $feed_url = db_fetch_result($result, 0, "feed_url"); $title = db_fetch_result($result, 0, "title"); $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) == 0) { $result = db_query($link, "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id) VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)"); array_push($subscribed, $title); } } if (count($subscribed) > 0) { print "
    "; print "Subscribed to feeds:"; print "
      "; foreach ($subscribed as $title) { print "
    • $title
    • "; } print "
    "; print "
    "; } } if ($subop == "browse") { if (!ENABLE_FEED_BROWSER) { print "Feed browser is administratively disabled."; return; } print "
    Other feeds: Top 25
    "; print "
    "; print "

    Showing top 25 registered feeds, sorted by popularity:

    "; $result = db_query($link, "SELECT feed_url,count(id) AS subscribers FROM ttrss_feeds WHERE auth_login = '' AND auth_pass = '' AND private = false GROUP BY feed_url ORDER BY subscribers DESC LIMIT 25"); print "
      "; $feedctr = 0; while ($line = db_fetch_assoc($result)) { $feed_url = $line["feed_url"]; $subscribers = $line["subscribers"]; $sub_result = db_query($link, "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid =" . $_SESSION["uid"]); if (db_num_rows($sub_result) > 0) { continue; // already subscribed } $det_result = db_query($link, "SELECT site_url,title,id FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1"); $details = db_fetch_assoc($det_result); $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico"; if (file_exists($icon_file) && filesize($icon_file) > 0) { $feed_icon = ""; } else { $feed_icon = ""; } $check_box = ""; $class = ($feedctr % 2) ? "even" : "odd"; print "
    • $check_box". "$feed_icon " . db_unescape_string($details["title"]) . " ($subscribers)
    • "; ++$feedctr; } if ($feedctr == 0) { print "
    • No feeds found to subscribe.
    • "; } print "
    "; print "
    "; print "
    "; return; } if ($subop == "editfeed") { $feed_id = db_escape_string($_REQUEST["id"]); $result = db_query($link, "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); $title = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "title"))); $icon_file = ICONS_DIR . "/$feed_id.ico"; if (file_exists($icon_file) && filesize($icon_file) > 0) { $feed_icon = ""; } else { $feed_icon = ""; } print "
    Feed editor
    "; print "
    "; print "
    "; print ""; print ""; print ""; print ""; print ""; print ""; $feed_url = db_fetch_result($result, 0, "feed_url"); $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "feed_url"))); print ""; print ""; if (get_pref($link, 'ENABLE_FEED_CATS')) { $cat_id = db_fetch_result($result, 0, "cat_id"); print ""; print ""; print ""; } $update_interval = db_fetch_result($result, 0, "update_interval"); print ""; print ""; print ""; $purge_interval = db_fetch_result($result, 0, "purge_interval"); print ""; print ""; $auth_login = db_fetch_result($result, 0, "auth_login"); print ""; print ""; $auth_pass = db_fetch_result($result, 0, "auth_pass"); print ""; print ""; $private = sql_bool_to_bool(db_fetch_result($result, 0, "private")); if ($private) { $checked = "checked"; } else { $checked = ""; } print ""; print ""; print "
    Title:
    Feed URL:
    Category:"; print_feed_cat_select($link, "cat_id", $cat_id, "class=\"iedit\""); print "
    Update Interval:"; print_select_hash("update_interval", $update_interval, $update_intervals, "class=\"iedit\""); print "
    Link to:"; $tmp_result = db_query($link, "SELECT COUNT(id) AS count FROM ttrss_feeds WHERE parent_feed = '$feed_id'"); $linked_count = db_fetch_result($tmp_result, 0, "count"); $parent_feed = db_fetch_result($result, 0, "parent_feed"); if ($linked_count > 0) { $disabled = "disabled"; } print ""; print "
    Article purging:"; print_select_hash("purge_interval", $purge_interval, $purge_intervals, "class=\"iedit\""); print "
    Login:
    Password:
    Options:"; $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content")); if ($rtl_content) { $checked = "checked"; } else { $checked = ""; } print "
    "; print "
    "; print "
    "; print "
    "; print "
    "; return; } if ($subop == "editSave") { $feed_title = db_escape_string(trim($_POST["title"])); $feed_link = db_escape_string(trim($_POST["feed_url"])); $upd_intl = db_escape_string($_POST["update_interval"]); $purge_intl = db_escape_string($_POST["purge_interval"]); $feed_id = db_escape_string($_POST["id"]); $cat_id = db_escape_string($_POST["cat_id"]); $auth_login = db_escape_string(trim($_POST["auth_login"])); $auth_pass = db_escape_string(trim($_POST["auth_pass"])); $parent_feed = db_escape_string($_POST["parent_feed"]); $private = checkbox_to_sql_bool(db_escape_string($_POST["private"])); $rtl_content = checkbox_to_sql_bool(db_escape_string($_POST["rtl_content"])); if ($cat_id && $cat_id != 0) { $category_qpart = "cat_id = '$cat_id'"; } else { $category_qpart = 'cat_id = NULL'; } if ($parent_feed && $parent_feed != 0) { $parent_qpart = "parent_feed = '$parent_feed'"; } else { $parent_qpart = 'parent_feed = NULL'; } $result = db_query($link, "UPDATE ttrss_feeds SET $category_qpart, $parent_qpart, title = '$feed_title', feed_url = '$feed_link', update_interval = '$upd_intl', purge_interval = '$purge_intl', auth_login = '$auth_login', auth_pass = '$auth_pass', private = $private, rtl_content = $rtl_content WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); } if ($subop == "saveCat") { $cat_title = db_escape_string(trim($_GET["title"])); $cat_id = db_escape_string($_GET["id"]); $result = db_query($link, "UPDATE ttrss_feed_categories SET title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]); } if ($subop == "remove") { if (!WEB_DEMO_MODE) { $ids = split(",", db_escape_string($_GET["ids"])); foreach ($ids as $id) { db_query($link, "DELETE FROM ttrss_feeds WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); $icons_dir = ICONS_DIR; if (file_exists($icons_dir . "/$id.ico")) { unlink($icons_dir . "/$id.ico"); } } } } if ($subop == "add") { if (!WEB_DEMO_MODE) { $feed_url = db_escape_string(trim($_GET["feed_url"])); $cat_id = db_escape_string($_GET["cat_id"]); if (subscribe_to_feed($link, $feed_url, $cat_id)) { print "Added feed."; } else { print "
    Feed $feed_url already exists in the database.
    "; } } } if ($subop == "addCat") { if (!WEB_DEMO_MODE) { $feed_cat = db_escape_string(trim($_GET["cat"])); $result = db_query($link, "SELECT id FROM ttrss_feed_categories WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]); if (db_num_rows($result) == 0) { $result = db_query($link, "INSERT INTO ttrss_feed_categories (owner_uid,title) VALUES ('".$_SESSION["uid"]."', '$feed_cat')"); } else { print "
    Category $feed_cat already exists in the database.
    "; } } } if ($subop == "removeCats") { if (!WEB_DEMO_MODE) { $ids = split(",", db_escape_string($_GET["ids"])); foreach ($ids as $id) { db_query($link, "BEGIN"); $result = db_query($link, "SELECT count(id) as num_feeds FROM ttrss_feeds WHERE cat_id = '$id'"); $num_feeds = db_fetch_result($result, 0, "num_feeds"); if ($num_feeds == 0) { db_query($link, "DELETE FROM ttrss_feed_categories WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } else { print "
    Unable to delete non empty feed categories.
    "; } db_query($link, "COMMIT"); } } } if ($subop == "categorize") { if (!WEB_DEMO_MODE) { $ids = split(",", db_escape_string($_GET["ids"])); $cat_id = db_escape_string($_GET["cat_id"]); if ($cat_id == 0) { $cat_id_qpart = 'NULL'; } else { $cat_id_qpart = "'$cat_id'"; } db_query($link, "BEGIN"); foreach ($ids as $id) { db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } db_query($link, "COMMIT"); } } if ($quiet) return; // print "

    Edit Feeds

    "; $result = db_query($link, "SELECT id,title,feed_url,last_error FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]); if (db_num_rows($result) > 0) { print "
    "; // print""; print " Some feeds have update errors (click for details)"; print "
      "; while ($line = db_fetch_assoc($result)) { print "
    • " . $line["title"] . " (" . $line["feed_url"] . "): " . $line["last_error"]; } print "
    "; print "
    "; } $feed_search = db_escape_string($_GET["search"]); if (array_key_exists("search", $_GET)) { $_SESSION["prefs_feed_search"] = $feed_search; } else { $feed_search = $_SESSION["prefs_feed_search"]; } print "
    "; if (ENABLE_FEED_BROWSER && !SINGLE_USER_MODE) { print " "; } print "
    "; $feeds_sort = db_escape_string($_GET["sort"]); if (!$feeds_sort || $feeds_sort == "undefined") { $feeds_sort = $_SESSION["pref_sort_feeds"]; if (!$feeds_sort) $feeds_sort = "title"; } $_SESSION["pref_sort_feeds"] = $feeds_sort; if ($feed_search) { $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND"; } else { $search_qpart = ""; } $result = db_query($link, "SELECT F1.id, F1.title, F1.feed_url, substring(F1.last_updated,1,16) AS last_updated, F1.parent_feed, F1.update_interval, F1.purge_interval, F1.cat_id, F2.title AS parent_title, C1.title AS category FROM ttrss_feeds AS F1 LEFT JOIN ttrss_feeds AS F2 ON (F1.parent_feed = F2.id) LEFT JOIN ttrss_feed_categories AS C1 ON (F1.cat_id = C1.id) WHERE $search_qpart F1.owner_uid = '".$_SESSION["uid"]."' ORDER by category,$feeds_sort,title"); if (db_num_rows($result) != 0) { // print "
    PLACEHOLDER
    "; print "

    "; print ""; } $lnum = 0; $cur_cat_id = -1; while ($line = db_fetch_assoc($result)) { $feed_id = $line["id"]; $cat_id = $line["cat_id"]; $edit_title = htmlspecialchars(db_unescape_string($line["title"])); $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"])); $edit_cat = htmlspecialchars(db_unescape_string($line["category"])); if (!$edit_cat) $edit_cat = "Uncategorized"; $last_updated = $line["last_updated"]; if (get_pref($link, 'HEADLINES_SMART_DATE')) { $last_updated = smart_date_time(strtotime($last_updated)); } else { $short_date = get_pref($link, 'SHORT_DATE_FORMAT'); $last_updated = date($short_date, strtotime($last_updated)); } if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) { $lnum = 0; print ""; print ""; if (get_pref($link, 'ENABLE_FEED_ICONS')) { print ""; } print ""; $cur_cat_id = $cat_id; } $class = ($lnum % 2) ? "even" : "odd"; $this_row_id = "id=\"FEEDR-$feed_id\""; print ""; $icon_file = ICONS_DIR . "/$feed_id.ico"; if (file_exists($icon_file) && filesize($icon_file) > 0) { $feed_icon = ""; } else { $feed_icon = ""; } print ""; if (get_pref($link, 'ENABLE_FEED_ICONS')) { print ""; } $edit_title = truncate_string($edit_title, 40); $edit_link = truncate_string($edit_link, 60); $parent_title = $line["parent_title"]; if ($parent_title) { $parent_title = "(linked to $parent_title)"; } print ""; print ""; print ""; print ""; ++$lnum; } print "
    Select: All, None "; if (!get_pref($link, 'ENABLE_FEED_CATS')) { print "
      Title Feed Updated
    $edit_cat
      Title Feed Updated
    $feed_icon" . "$edit_title $parent_title" . "" . $edit_link . "" . "$last_updated
    "; print "

    "; if ($subop == "edit") { print "Edit feed:  "; } else { print " Selection:  "; if (get_pref($link, 'ENABLE_FEED_CATS')) { print " | "; print_feed_cat_select($link, "sfeed_set_fcat", "", "disabled"); print " "; } print "  All feeds: "; } } else { print "

    No feeds defined.

    "; } if (get_pref($link, 'ENABLE_FEED_CATS')) { print "

    Edit Categories

    "; print "
     
    "; $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title"); if (db_num_rows($result) != 0) { print "
    "; print "

    "; print ""; $lnum = 0; while ($line = db_fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; $cat_id = $line["id"]; $edit_cat_id = $_GET["id"]; if ($subop == "editCat" && $cat_id != $edit_cat_id) { $class .= "Grayed"; $this_row_id = ""; } else { $this_row_id = "id=\"FCATR-$cat_id\""; } print ""; $edit_title = htmlspecialchars(db_unescape_string($line["title"])); if (!$edit_cat_id || $subop != "editCat") { print ""; print ""; } else if ($cat_id != $edit_cat_id) { print ""; print ""; } else { print ""; print ""; } print ""; ++$lnum; } print "
    Select: All, None "; print "
     Title
    " . $edit_title . "$edit_title"; print ""; print ""; print ""; print "
    "; print "

    "; print "

    "; if ($subop == "editCat") { print "Edit category:  "; } else { print " Selection:  "; } } else { print "

    No feed categories defined.

    "; } } print "

    Import OPML

    File:  
    "; } if ($op == "pref-filters") { $subop = $_GET["subop"]; $quiet = $_GET["quiet"]; if ($subop == "edit") { $filter_id = db_escape_string($_GET["id"]); $result = db_query($link, "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp"))); $filter_type = db_fetch_result($result, 0, "filter_type"); $feed_id = db_fetch_result($result, 0, "feed_id"); $action_id = db_fetch_result($result, 0, "action_id"); print "
    Filter editor
    "; print "
    "; print "
    "; print ""; print ""; print ""; // print "
    Note: filter will only apply to new articles.
    "; $result = db_query($link, "SELECT id,description FROM ttrss_filter_types ORDER BY description"); $filter_types = array(); while ($line = db_fetch_assoc($result)) { //array_push($filter_types, $line["description"]); $filter_types[$line["id"]] = $line["description"]; } print ""; print ""; print ""; print ""; print "
    Match: "; print ""; print_select_hash("filter_type", $filter_type, $filter_types, "class=\"iedit\""); print "
    Feed:"; print_feed_select($link, "feed_id", $feed_id); print "
    Action:"; print "
    "; print "
    "; print "
    "; print " "; print ""; print "
    "; return; } if ($subop == "editSave") { $reg_exp = db_escape_string(trim($_GET["reg_exp"])); $filter_type = db_escape_string(trim($_GET["filter_type"])); $filter_id = db_escape_string($_GET["id"]); $feed_id = db_escape_string($_GET["feed_id"]); $action_id = db_escape_string($_GET["action_id"]); if (!$feed_id) { $feed_id = 'NULL'; } else { $feed_id = sprintf("'%s'", db_escape_string($feed_id)); } $result = db_query($link, "UPDATE ttrss_filters SET reg_exp = '$reg_exp', feed_id = $feed_id, action_id = '$action_id', filter_type = '$filter_type' WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); } if ($subop == "remove") { if (!WEB_DEMO_MODE) { $ids = split(",", db_escape_string($_GET["ids"])); foreach ($ids as $id) { db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); } } } if ($subop == "add") { if (!WEB_DEMO_MODE) { $regexp = db_escape_string(trim($_GET["reg_exp"])); $filter_type = db_escape_string(trim($_GET["filter_type"])); $feed_id = db_escape_string($_GET["feed_id"]); $action_id = db_escape_string($_GET["action_id"]); if (!$feed_id) { $feed_id = 'NULL'; } else { $feed_id = sprintf("'%s'", db_escape_string($feed_id)); } $result = db_query($link, "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id, action_id) VALUES ('$regexp', '$filter_type','".$_SESSION["uid"]."', $feed_id, '$action_id')"); } } if ($quiet) return; // print "
    PLACEHOLDER
    "; $result = db_query($link, "SELECT id,description FROM ttrss_filter_types ORDER BY description"); $filter_types = array(); while ($line = db_fetch_assoc($result)) { //array_push($filter_types, $line["description"]); $filter_types[$line["id"]] = $line["description"]; } print ""; $result = db_query($link, "SELECT ttrss_filters.id AS id,reg_exp, ttrss_filter_types.name AS filter_type_name, ttrss_filter_types.description AS filter_type_descr, feed_id, ttrss_filter_actions.description AS action_description, ttrss_feeds.title AS feed_title FROM ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id) WHERE filter_type = ttrss_filter_types.id AND ttrss_filter_actions.id = action_id AND ttrss_filters.owner_uid = ".$_SESSION["uid"]." ORDER by reg_exp"); if (db_num_rows($result) != 0) { print "
    "; print "

    "; print ""; $lnum = 0; while ($line = db_fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; $filter_id = $line["id"]; $edit_filter_id = $_GET["id"]; if ($subop == "edit" && $filter_id != $edit_filter_id) { $class .= "Grayed"; $this_row_id = ""; } else { $this_row_id = "id=\"FILRR-$filter_id\""; } print ""; $line["reg_exp"] = htmlspecialchars(db_unescape_string($line["reg_exp"])); if (!$line["feed_title"]) $line["feed_title"] = "All feeds"; $line["feed_title"] = htmlspecialchars(db_unescape_string($line["feed_title"])); print ""; print ""; print ""; print ""; print ""; print ""; ++$lnum; } if ($lnum == 0) { print ""; } print "
    Select: All, None "; print "
      Filter expression Feed Match Action
    " . $line["reg_exp"] . "" . $line["feed_title"] . "" . $line["filter_type_descr"] . "" . $line["action_description"] . "
    No filters defined.
    "; print "

    "; print "

    "; print " Selection: "; print "

    "; } else { print "

    No filters defined.

    "; } } // We need to accept raw SQL data in label queries, so not everything is escaped // here, this is by design. If you don't like the whole idea, disable labels // altogether with GLOBAL_ENABLE_LABELS = false if ($op == "pref-labels") { if (!GLOBAL_ENABLE_LABELS) { return; } $subop = $_GET["subop"]; if ($subop == "test") { $expr = trim($_GET["expr"]); $descr = trim($_GET["descr"]); print "
    Test label: $descr
    "; print "
    "; # print "

    Label «$descr»

    "; // print "

    Expression: $expr

    "; $result = db_query($link, "SELECT count(id) AS num_matches FROM ttrss_entries,ttrss_user_entries WHERE ($expr) AND ttrss_user_entries.ref_id = ttrss_entries.id AND owner_uid = " . $_SESSION["uid"]); $num_matches = db_fetch_result($result, 0, "num_matches");; if ($num_matches > 0) { print "

    Query returned $num_matches matches, showing first 15:

    "; $result = db_query($link, "SELECT title, (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title FROM ttrss_entries,ttrss_user_entries WHERE ($expr) AND ttrss_user_entries.ref_id = ttrss_entries.id AND owner_uid = " . $_SESSION["uid"] . " ORDER BY date_entered DESC LIMIT 15"); print "
      "; $row_class = "even"; while ($line = db_fetch_assoc($result)) { $row_class = toggleEvenOdd($row_class); print "
    • ".$line["title"]. " (".$line["feed_title"].")
    • "; } print "
    "; } else { print "

    Query didn't return any matches.

    "; } print "
    "; print "
    "; return; } if ($subop == "editSave") { $sql_exp = trim($_GET["sql_exp"]); $descr = db_escape_string(trim($_GET["description"])); $label_id = db_escape_string($_GET["id"]); $result = db_query($link, "UPDATE ttrss_labels SET sql_exp = '$sql_exp', description = '$descr' WHERE id = '$label_id'"); } if ($subop == "remove") { if (!WEB_DEMO_MODE) { $ids = split(",", db_escape_string($_GET["ids"])); foreach ($ids as $id) { db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'"); } } } if ($subop == "add") { if (!WEB_DEMO_MODE) { // no escaping is done here on purpose $exp = trim($_GET["exp"]); $result = db_query($link, "INSERT INTO ttrss_labels (sql_exp,description,owner_uid) VALUES ('$exp', '$exp', '".$_SESSION["uid"]."')"); } } print "
     "; print"
    "; $result = db_query($link, "SELECT id,sql_exp,description FROM ttrss_labels WHERE owner_uid = ".$_SESSION["uid"]." ORDER by description"); // print "
    PLACEHOLDER
    "; if (db_num_rows($result) != 0) { print "
    "; print "

    "; print ""; $lnum = 0; while ($line = db_fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; $label_id = $line["id"]; $edit_label_id = $_GET["id"]; if ($subop == "edit" && $label_id != $edit_label_id) { $class .= "Grayed"; $this_row_id = ""; } else { $this_row_id = "id=\"LILRR-$label_id\""; } print ""; $line["sql_exp"] = htmlspecialchars($line["sql_exp"]); $line["description"] = htmlspecialchars($line["description"]); if (!$edit_label_id || $subop != "edit") { if (!$line["description"]) $line["description"] = "[No caption]"; print ""; print ""; print ""; } else if ($label_id != $edit_label_id) { if (!$line["description"]) $line["description"] = "[No description]"; print ""; print ""; print ""; } else { print ""; print ""; print ""; } print ""; ++$lnum; } if ($lnum == 0) { print ""; } print "
    Select: All, None "; print "
      SQL expression (?) Caption
    " . $line["sql_exp"] . "" . $line["description"] . "".$line["sql_exp"]."".$line["description"].""; print ""; print ""; print ""; print "
    No labels defined.
    "; print "

    "; print "

    "; if ($subop == "edit") { print "Edit label: "; } else { print " Selection: "; } } else { print "

    No labels defined.

    "; } } if ($op == "error") { print "
    "; $msg = $_GET["msg"]; print $msg; print "
    "; } if ($op == "help") { if (!$_GET["noheaders"]) { print " Tiny Tiny RSS : Help "; } $tid = sprintf("%d", $_GET["tid"]); print "
    Help
    "; print "
    "; if (file_exists("help/$tid.php")) { include("help/$tid.php"); } else { print "

    Help topic not found.

    "; } print "
    "; print "
    "; if (!$_GET["noheaders"]) { print ""; } } if ($op == "dlg") { $id = $_GET["id"]; $param = $_GET["param"]; if ($id == "quickAddFeed") { print "
    Subscribe to feed
    "; print "
    "; print "
    "; print ""; print ""; print ""; print ""; if (get_pref($link, 'ENABLE_FEED_CATS')) { print ""; } print "
    Feed URL:
    Category:"; print_feed_cat_select($link, "cat_id"); print "
    "; print "
    "; print "
    "; } if ($id == "search") { print "
    Search
    "; print "
    "; print "
    "; $active_feed_id = db_escape_string($_GET["param"]); print ""; print ""; print "
    Search:"; print "
    Where:"; print "
    Match on:"; $search_fields = array( "title" => "Title", "content" => "Content", "both" => "Title or content"); print_select_hash("match_on", 3, $search_fields); print "
    "; print "
    "; print "
    "; print "
    "; } if ($id == "quickAddFilter") { $active_feed_id = db_escape_string($_GET["param"]); print "
    Create filter
    "; print "
    "; print "
    "; print ""; print ""; print ""; // print "
    Note: filter will only apply to new articles.
    "; $result = db_query($link, "SELECT id,description FROM ttrss_filter_types ORDER BY description"); $filter_types = array(); while ($line = db_fetch_assoc($result)) { //array_push($filter_types, $line["description"]); $filter_types[$line["id"]] = $line["description"]; } print ""; print ""; print ""; print ""; print "
    Match: "; print ""; print_select_hash("filter_type", 1, $filter_types, "class=\"iedit\""); print "
    Feed:"; print_feed_select($link, "feed_id", $active_feed_id); print "
    Action:"; print "
    "; print "
    "; print "
    "; print " "; print ""; print "
    "; // print ""; } print "
    "; } // update feeds of all users, may be used anonymously if ($op == "globalUpdateFeeds") { $result = db_query($link, "SELECT id FROM ttrss_users"); while ($line = db_fetch_assoc($result)) { $user_id = $line["id"]; // print ""; update_all_feeds($link, false, $user_id); } print " "; } if ($op == "pref-prefs") { $subop = $_REQUEST["subop"]; if ($subop == "Save configuration") { if (WEB_DEMO_MODE) { header("Location: prefs.php"); return; } $_SESSION["prefs_op_result"] = "save-config"; $_SESSION["prefs_cache"] = false; foreach (array_keys($_POST) as $pref_name) { $pref_name = db_escape_string($pref_name); $value = db_escape_string($_POST[$pref_name]); $result = db_query($link, "SELECT type_name FROM ttrss_prefs,ttrss_prefs_types WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id"); if (db_num_rows($result) > 0) { $type_name = db_fetch_result($result, 0, "type_name"); // print "$pref_name : $type_name : $value
    "; if ($type_name == "bool") { if ($value == "1") { $value = "true"; } else { $value = "false"; } } else if ($type_name == "integer") { $value = sprintf("%d", $value); } // print "$pref_name : $type_name : $value
    "; db_query($link, "UPDATE ttrss_user_prefs SET value = '$value' WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]); } header("Location: prefs.php"); } } else if ($subop == "getHelp") { $pref_name = db_escape_string($_GET["pn"]); $result = db_query($link, "SELECT help_text FROM ttrss_prefs WHERE pref_name = '$pref_name'"); if (db_num_rows($result) > 0) { $help_text = db_fetch_result($result, 0, "help_text"); print $help_text; } else { print "Unknown option: $pref_name"; } } else if ($subop == "Change e-mail") { if (WEB_DEMO_MODE) { header("Location: prefs.php"); return; } $email = db_escape_string($_GET["email"]); $active_uid = $_SESSION["uid"]; if ($email) { db_query($link, "UPDATE ttrss_users SET email = '$email' WHERE id = '$active_uid'"); } header("Location: prefs.php"); } else if ($subop == "Change password") { if (WEB_DEMO_MODE) { header("Location: prefs.php"); return; } $old_pw = $_POST["OLD_PASSWORD"]; $new_pw = $_POST["OLD_PASSWORD"]; $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]); $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]); $active_uid = $_SESSION["uid"]; if ($old_pw && $new_pw) { $login = db_escape_string($_SERVER['PHP_AUTH_USER']); $result = db_query($link, "SELECT id FROM ttrss_users WHERE id = '$active_uid' AND (pwd_hash = '$old_pw' OR pwd_hash = '$old_pw_hash')"); if (db_num_rows($result) == 1) { db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash' WHERE id = '$active_uid'"); $_SESSION["pwd_change_result"] = "ok"; } else { $_SESSION["pwd_change_result"] = "failed"; } } header("Location: prefs.php"); } else if ($subop == "Reset to defaults") { if (WEB_DEMO_MODE) { header("Location: prefs.php"); return; } $_SESSION["prefs_op_result"] = "reset-to-defaults"; if (DB_TYPE == "pgsql") { db_query($link,"UPDATE ttrss_user_prefs SET value = ttrss_prefs.def_value WHERE owner_uid = '".$_SESSION["uid"]."' AND ttrss_prefs.pref_name = ttrss_user_prefs.pref_name"); } else { db_query($link, "DELETE FROM ttrss_user_prefs WHERE owner_uid = ".$_SESSION["uid"]); initialize_user_prefs($link, $_SESSION["uid"]); } header("Location: prefs.php"); } else if ($subop == "Change theme") { $theme = db_escape_string($_POST["theme"]); if ($theme == "Default") { $theme_qpart = 'NULL'; } else { $theme_qpart = "'$theme'"; } $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes WHERE theme_name = '$theme'"); if (db_num_rows($result) == 1) { $theme_id = db_fetch_result($result, 0, "id"); $theme_path = db_fetch_result($result, 0, "theme_path"); } else { $theme_id = "NULL"; $theme_path = ""; } db_query($link, "UPDATE ttrss_users SET theme_id = $theme_id WHERE id = " . $_SESSION["uid"]); $_SESSION["theme"] = $theme_path; header("Location: prefs.php"); } else { if (!SINGLE_USER_MODE) { $result = db_query($link, "SELECT id,email FROM ttrss_users WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR pwd_hash = 'SHA1:".sha1("password")."')"); if (db_num_rows($result) != 0) { print "
    Your password is at default value, please change it.
    "; } if ($_SESSION["pwd_change_result"] == "failed") { print "
    There was an error while changing your password.
    "; } if ($_SESSION["pwd_change_result"] == "ok") { print "
    Password changed successfully.
    "; } $_SESSION["pwd_change_result"] = ""; if ($_SESSION["prefs_op_result"] == "reset-to-defaults") { print "
    Your configuration was reset to defaults.
    "; } if ($_SESSION["prefs_op_result"] == "save-config") { print "
    Your configuration was saved successfully.
    "; } $_SESSION["prefs_op_result"] = ""; print "
    "; print ""; print ""; $result = db_query($link, "SELECT email FROM ttrss_users WHERE id = ".$_SESSION["uid"]); $email = db_fetch_result($result, 0, "email"); print ""; print ""; print "

    Personal data

    E-mail
    "; print ""; print "

    "; print "

    "; print "
    "; print ""; print ""; print ""; print ""; print ""; print ""; print "

    Authentication

    Old password
    New password
    "; print ""; print "

    "; print "

    "; } $result = db_query($link, "SELECT theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]); $user_theme_id = db_fetch_result($result, 0, "theme_id"); $result = db_query($link, "SELECT id,theme_name FROM ttrss_themes ORDER BY theme_name"); if (db_num_rows($result) > 0) { print "
    "; print ""; print ""; print ""; print ""; print "

    Themes

    Select theme
    "; print ""; print "

    "; print "

    "; } $result = db_query($link, "SELECT ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name, section_name,def_value FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs WHERE type_id = ttrss_prefs_types.id AND section_id = ttrss_prefs_sections.id AND ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND owner_uid = ".$_SESSION["uid"]." ORDER BY section_id,short_desc"); print "
    "; $lnum = 0; $active_section = ""; while ($line = db_fetch_assoc($result)) { if ($active_section != $line["section_name"]) { if ($active_section != "") { print ""; } print "

    "; $active_section = $line["section_name"]; print ""; // print " // "; $lnum = 0; } // $class = ($lnum % 2) ? "even" : "odd"; print ""; $type_name = $line["type_name"]; $pref_name = $line["pref_name"]; $value = $line["value"]; $def_value = $line["def_value"]; $help_text = $line["help_text"]; print ""; print ""; print ""; $lnum++; } print "

    $active_section

    OptionValue
    " . $line["short_desc"]; if ($help_text) print "
    $help_text
    "; print "
    "; if ($type_name == "bool") { // print_select($pref_name, $value, array("true", "false")); if ($value == "true") { $value = "Yes"; } else { $value = "No"; } print_radio($pref_name, $value, array("Yes", "No")); } else { print ""; } print "
    "; print ""; print "

    "; print " 

    "; print "
    "; } } if ($op == "pref-users") { $subop = $_GET["subop"]; if ($subop == "edit") { $id = db_escape_string($_GET["id"]); print "
    User editor
    "; print "
    "; print "
    "; print ""; print ""; print ""; $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'"); $login = db_fetch_result($result, 0, "login"); $access_level = db_fetch_result($result, 0, "access_level"); $email = db_fetch_result($result, 0, "email"); print ""; print ""; print ""; print ""; $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : ""; print ""; print "
    Login:
    Change password:
    E-mail:
    Access level:"; print_select_hash("access_level", $access_level, $access_level_names, $sel_disabled); print "
    "; print "
    "; print "
    "; print "
    "; return; } if ($subop == "editSave") { if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { $login = db_escape_string(trim($_GET["login"])); $uid = db_escape_string($_GET["id"]); $access_level = sprintf("%d", $_GET["access_level"]); $email = db_escape_string(trim($_GET["email"])); $password = db_escape_string(trim($_GET["password"])); if ($password) { $pwd_hash = 'SHA1:' . sha1($password); $pass_query_part = "pwd_hash = '$pwd_hash', "; print "
    Changed password for user $login.
    "; } else { $pass_query_part = ""; } db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login', access_level = '$access_level', email = '$email' WHERE id = '$uid'"); } } else if ($subop == "remove") { if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { $ids = split(",", db_escape_string($_GET["ids"])); foreach ($ids as $id) { db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]); } } } else if ($subop == "add") { if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { $login = db_escape_string(trim($_GET["login"])); $tmp_user_pwd = make_password(8); $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd); $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'"); if (db_num_rows($result) == 0) { db_query($link, "INSERT INTO ttrss_users (login,pwd_hash,access_level,last_login) VALUES ('$login', '$pwd_hash', 0, NOW())"); $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login' AND pwd_hash = '$pwd_hash'"); if (db_num_rows($result) == 1) { $new_uid = db_fetch_result($result, 0, "id"); print "
    Added user ".$_GET["login"]. " with password $tmp_user_pwd.
    "; initialize_user($link, $new_uid); } else { print "
    Could not create user ". $_GET["login"]."
    "; } } else { print "
    User ". $_GET["login"]." already exists.
    "; } } } else if ($subop == "resetPass") { if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { $uid = db_escape_string($_GET["id"]); $result = db_query($link, "SELECT login,email FROM ttrss_users WHERE id = '$uid'"); $login = db_fetch_result($result, 0, "login"); $email = db_fetch_result($result, 0, "email"); $tmp_user_pwd = make_password(8); $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd); db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash' WHERE id = '$uid'"); print "
    Changed password of user $login to $tmp_user_pwd."; if (MAIL_RESET_PASS && $email) { print " Notifying $email."; mail("$login <$email>", "Password reset notification", "Hi, $login.\n". "\n". "Your password for this TT-RSS installation was reset by". " an administrator.\n". "\n". "Your new password is $tmp_user_pwd, please remember". " it for later reference.\n". "\n". "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM); } print "
    "; } } print "
     "; print"
    "; $result = db_query($link, "SELECT id,login,access_level,email, SUBSTRING(last_login,1,16) as last_login FROM ttrss_users ORDER by login"); // print "
    PLACEHOLDER
    "; print "

    "; print ""; $lnum = 0; while ($line = db_fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; $uid = $line["id"]; $edit_uid = $_GET["id"]; if ($subop == "edit" && $uid != $edit_uid) { $class .= "Grayed"; $this_row_id = ""; } else { $this_row_id = "id=\"UMRR-$uid\""; } print ""; $line["login"] = htmlspecialchars($line["login"]); $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'), strtotime($line["last_login"])); $access_level_names = array(0 => "User", 10 => "Administrator"); // if (!$edit_uid || $subop != "edit") { print ""; print ""; if (!$line["email"]) $line["email"] = " "; print ""; /* } else if ($uid != $edit_uid) { if (!$line["email"]) $line["email"] = " "; print ""; print ""; print ""; print ""; } else { print ""; print ""; print ""; print ""; } */ print ""; print ""; ++$lnum; } print "
    Select: All, None "; print "
      Login Access Level Last login
    " . $line["login"] . "" . $access_level_names[$line["access_level"]] . "".$line["login"]."".$line["email"]."".$access_level_names[$line["access_level"]]." "; print ""; print "".$line["last_login"]."
    "; print "

    "; /* if ($subop == "edit") { print "Edit user: "; } else { */ print " Selection: "; // } } if ($op == "user-details") { if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) { return; } /* print " Tiny Tiny RSS : User Details "; */ $uid = sprintf("%d", $_GET["id"]); print "

    User details
    "; print "
    "; $result = db_query($link, "SELECT login, SUBSTRING(last_login,1,16) AS last_login, access_level, (SELECT COUNT(int_id) FROM ttrss_user_entries WHERE owner_uid = id) AS stored_articles FROM ttrss_users WHERE id = '$uid'"); if (db_num_rows($result) == 0) { print "

    User not found

    "; return; } # print "

    User Details

    "; $login = db_fetch_result($result, 0, "login"); # print "

    $login

    "; print ""; $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'), strtotime(db_fetch_result($result, 0, "last_login"))); $access_level = db_fetch_result($result, 0, "access_level"); $stored_articles = db_fetch_result($result, 0, "stored_articles"); # print ""; # print ""; print ""; print ""; $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds WHERE owner_uid = '$uid'"); $num_feeds = db_fetch_result($result, 0, "num_feeds"); print ""; /* $result = db_query($link, "SELECT SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size FROM ttrss_user_entries,ttrss_entries WHERE owner_uid = '$uid' AND ref_id = id"); $db_size = round(db_fetch_result($result, 0, "db_size") / 1024); print ""; */ print "
    Username$login
    Access level$access_level
    Last logged in$last_login
    Stored articles$stored_articles
    Subscribed feeds count$num_feeds
    Approx. used DB size$db_size KBytes
    "; print "

    Subscribed feeds

    "; $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds WHERE owner_uid = '$uid' ORDER BY title"); print "
      "; $row_class = "odd"; while ($line = db_fetch_assoc($result)) { $icon_file = ICONS_URL."/".$line["id"].".ico"; if (file_exists($icon_file) && filesize($icon_file) > 0) { $feed_icon = ""; } else { $feed_icon = ""; } print "
    • $feed_icon ".$line["title"]."
    • "; $row_class = toggleEvenOdd($row_class); } if (db_num_rows($result) < $num_feeds) { // FIXME - add link to show ALL subscribed feeds here somewhere print "
    •  ...
    • "; } print "
    "; print "
    "; print "
    "; // print ""; } if ($op == "pref-feed-browser") { if (!ENABLE_FEED_BROWSER) { print "Feed browser is administratively disabled."; return; } $subop = $_REQUEST["subop"]; if ($subop == "details") { $id = db_escape_string($_GET["id"]); print "
    "; print "Feed information:"; print "
    "; $result = db_query($link, "SELECT feed_url,site_url, SUBSTRING(last_updated,1,19) AS last_updated FROM ttrss_feeds WHERE id = '$id'"); $feed_url = db_fetch_result($result, 0, "feed_url"); $site_url = db_fetch_result($result, 0, "site_url"); $last_updated = db_fetch_result($result, 0, "last_updated"); if (get_pref($link, 'HEADLINES_SMART_DATE')) { $last_updated = smart_date_time(strtotime($last_updated)); } else { $short_date = get_pref($link, 'SHORT_DATE_FORMAT'); $last_updated = date($short_date, strtotime($last_updated)); } print "Site: $site_url ". "(feed), ". "Last updated: $last_updated"; print "
    "; $result = db_query($link, "SELECT ttrss_entries.title, content, substring(date_entered,1,19) as date_entered, substring(updated,1,19) as updated FROM ttrss_entries,ttrss_user_entries WHERE ttrss_entries.id = ref_id AND feed_id = '$id' ORDER BY updated DESC LIMIT 5"); if (db_num_rows($result) > 0) { print "Last headlines:
    "; print "
    "; print "
      "; while ($line = db_fetch_assoc($result)) { if (get_pref($link, 'HEADLINES_SMART_DATE')) { $entry_dt = smart_date_time(strtotime($line["updated"])); } else { $short_date = get_pref($link, 'SHORT_DATE_FORMAT'); $entry_dt = date($short_date, strtotime($line["updated"])); } print "
    • " . $line["title"] . " ($entry_dt)
    • "; } print "
    "; } print "
    "; return; } print "

    This panel shows feeds subscribed by other users of this system, just in case you are interested in some of them too.

    "; $limit = db_escape_string($_GET["limit"]); if (!$limit) $limit = 25; $result = db_query($link, "SELECT feed_url,count(id) AS subscribers FROM ttrss_feeds WHERE auth_login = '' AND auth_pass = '' AND private = false GROUP BY feed_url ORDER BY subscribers DESC LIMIT $limit"); print "
    Top
    "; print "

    Selection: "; print "

      "; $feedctr = 0; while ($line = db_fetch_assoc($result)) { $feed_url = $line["feed_url"]; $subscribers = $line["subscribers"]; $sub_result = db_query($link, "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid =" . $_SESSION["uid"]); if (db_num_rows($sub_result) > 0) { continue; // already subscribed } $det_result = db_query($link, "SELECT site_url,title,id FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1"); $details = db_fetch_assoc($det_result); $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico"; if (file_exists($icon_file) && filesize($icon_file) > 0) { $feed_icon = ""; } else { $feed_icon = ""; } $check_box = ""; $class = ($feedctr % 2) ? "even" : "odd"; print "
    • $check_box". "$feed_icon "; print "" . $details["title"] ." " . "($subscribers)"; print "
      "; print "
      "; print "
    • "; ++$feedctr; } if ($feedctr == 0) { print "
    • No feeds found to subscribe.
    • "; } print "
    "; print "
    "; } function check_configuration_variables() { if (!defined('SESSION_EXPIRE_TIME')) { return "config: SESSION_EXPIRE_TIME is undefined"; } if (SESSION_EXPIRE_TIME < 60) { return "config: SESSION_EXPIRE_TIME is too low (less than 60)"; } if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME_REMEMBER) { return "config: SESSION_EXPIRE_TIME should be greater or equal to" . "SESSION_COOKIE_LIFETIME_REMEMBER"; } if (defined('DISABLE_SESSIONS')) { return "config: you have enabled DISABLE_SESSIONS. Please disable this option."; } if (DATABASE_BACKED_SESSIONS && SINGLE_USER_MODE) { return "config: DATABASE_BACKED_SESSIONS is incompatible with SINGLE_USER_MODE"; } return false; } db_close($link); ?>