api.php 25 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896
  1. <?php
  2. class API extends Handler {
  3. const API_LEVEL = 14;
  4. const STATUS_OK = 0;
  5. const STATUS_ERR = 1;
  6. private $seq;
  7. static function param_to_bool($p) {
  8. return $p && ($p !== "f" && $p !== "false");
  9. }
  10. function before($method) {
  11. if (parent::before($method)) {
  12. header("Content-Type: text/json");
  13. if (!$_SESSION["uid"] && $method != "login" && $method != "isloggedin") {
  14. $this->wrap(self::STATUS_ERR, array("error" => 'NOT_LOGGED_IN'));
  15. return false;
  16. }
  17. if ($_SESSION["uid"] && $method != "logout" && !get_pref('ENABLE_API_ACCESS')) {
  18. $this->wrap(self::STATUS_ERR, array("error" => 'API_DISABLED'));
  19. return false;
  20. }
  21. $this->seq = (int) clean($_REQUEST['seq']);
  22. return true;
  23. }
  24. return false;
  25. }
  26. function wrap($status, $reply) {
  27. print json_encode(array("seq" => $this->seq,
  28. "status" => $status,
  29. "content" => $reply));
  30. }
  31. function getVersion() {
  32. $rv = array("version" => VERSION);
  33. $this->wrap(self::STATUS_OK, $rv);
  34. }
  35. function getApiLevel() {
  36. $rv = array("level" => self::API_LEVEL);
  37. $this->wrap(self::STATUS_OK, $rv);
  38. }
  39. function login() {
  40. @session_destroy();
  41. @session_start();
  42. $login = clean($_REQUEST["user"]);
  43. $password = clean($_REQUEST["password"]);
  44. $password_base64 = base64_decode(clean($_REQUEST["password"]));
  45. if (SINGLE_USER_MODE) $login = "admin";
  46. $sth = $this->pdo->prepare("SELECT id FROM ttrss_users WHERE login = ?");
  47. $sth->execute([$login]);
  48. if ($row = $sth->fetch()) {
  49. $uid = $row["id"];
  50. } else {
  51. $uid = 0;
  52. }
  53. if (!$uid) {
  54. $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
  55. return;
  56. }
  57. if (get_pref("ENABLE_API_ACCESS", $uid)) {
  58. if (authenticate_user($login, $password, false, Auth_Base::AUTH_SERVICE_API)) { // try login with normal password
  59. $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
  60. "api_level" => self::API_LEVEL));
  61. } else if (authenticate_user($login, $password_base64, false, Auth_Base::AUTH_SERVICE_API)) { // else try with base64_decoded password
  62. $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
  63. "api_level" => self::API_LEVEL));
  64. } else { // else we are not logged in
  65. user_error("Failed login attempt for $login from {$_SERVER['REMOTE_ADDR']}", E_USER_WARNING);
  66. $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
  67. }
  68. } else {
  69. $this->wrap(self::STATUS_ERR, array("error" => "API_DISABLED"));
  70. }
  71. }
  72. function logout() {
  73. logout_user();
  74. $this->wrap(self::STATUS_OK, array("status" => "OK"));
  75. }
  76. function isLoggedIn() {
  77. $this->wrap(self::STATUS_OK, array("status" => $_SESSION["uid"] != ''));
  78. }
  79. function getUnread() {
  80. $feed_id = clean($_REQUEST["feed_id"]);
  81. $is_cat = clean($_REQUEST["is_cat"]);
  82. if ($feed_id) {
  83. $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($feed_id, $is_cat)));
  84. } else {
  85. $this->wrap(self::STATUS_OK, array("unread" => Feeds::getGlobalUnread()));
  86. }
  87. }
  88. /* Method added for ttrss-reader for Android */
  89. function getCounters() {
  90. $this->wrap(self::STATUS_OK, Counters::getAllCounters());
  91. }
  92. function getFeeds() {
  93. $cat_id = clean($_REQUEST["cat_id"]);
  94. $unread_only = API::param_to_bool(clean($_REQUEST["unread_only"]));
  95. $limit = (int) clean($_REQUEST["limit"]);
  96. $offset = (int) clean($_REQUEST["offset"]);
  97. $include_nested = API::param_to_bool(clean($_REQUEST["include_nested"]));
  98. $feeds = $this->api_get_feeds($cat_id, $unread_only, $limit, $offset, $include_nested);
  99. $this->wrap(self::STATUS_OK, $feeds);
  100. }
  101. function getCategories() {
  102. $unread_only = API::param_to_bool(clean($_REQUEST["unread_only"]));
  103. $enable_nested = API::param_to_bool(clean($_REQUEST["enable_nested"]));
  104. $include_empty = API::param_to_bool(clean($_REQUEST['include_empty']));
  105. // TODO do not return empty categories, return Uncategorized and standard virtual cats
  106. if ($enable_nested)
  107. $nested_qpart = "parent_cat IS NULL";
  108. else
  109. $nested_qpart = "true";
  110. $sth = $this->pdo->prepare("SELECT
  111. id, title, order_id, (SELECT COUNT(id) FROM
  112. ttrss_feeds WHERE
  113. ttrss_feed_categories.id IS NOT NULL AND cat_id = ttrss_feed_categories.id) AS num_feeds,
  114. (SELECT COUNT(id) FROM
  115. ttrss_feed_categories AS c2 WHERE
  116. c2.parent_cat = ttrss_feed_categories.id) AS num_cats
  117. FROM ttrss_feed_categories
  118. WHERE $nested_qpart AND owner_uid = ?");
  119. $sth->execute([$_SESSION['uid']]);
  120. $cats = array();
  121. while ($line = $sth->fetch()) {
  122. if ($include_empty || $line["num_feeds"] > 0 || $line["num_cats"] > 0) {
  123. $unread = getFeedUnread($line["id"], true);
  124. if ($enable_nested)
  125. $unread += Feeds::getCategoryChildrenUnread($line["id"]);
  126. if ($unread || !$unread_only) {
  127. array_push($cats, array("id" => $line["id"],
  128. "title" => $line["title"],
  129. "unread" => $unread,
  130. "order_id" => (int) $line["order_id"],
  131. ));
  132. }
  133. }
  134. }
  135. foreach (array(-2,-1,0) as $cat_id) {
  136. if ($include_empty || !$this->isCategoryEmpty($cat_id)) {
  137. $unread = getFeedUnread($cat_id, true);
  138. if ($unread || !$unread_only) {
  139. array_push($cats, array("id" => $cat_id,
  140. "title" => Feeds::getCategoryTitle($cat_id),
  141. "unread" => $unread));
  142. }
  143. }
  144. }
  145. $this->wrap(self::STATUS_OK, $cats);
  146. }
  147. function getHeadlines() {
  148. $feed_id = clean($_REQUEST["feed_id"]);
  149. if ($feed_id !== "") {
  150. if (is_numeric($feed_id)) $feed_id = (int) $feed_id;
  151. $limit = (int)clean($_REQUEST["limit"]);
  152. if (!$limit || $limit >= 200) $limit = 200;
  153. $offset = (int)clean($_REQUEST["skip"]);
  154. $filter = clean($_REQUEST["filter"]);
  155. $is_cat = API::param_to_bool(clean($_REQUEST["is_cat"]));
  156. $show_excerpt = API::param_to_bool(clean($_REQUEST["show_excerpt"]));
  157. $show_content = API::param_to_bool(clean($_REQUEST["show_content"]));
  158. /* all_articles, unread, adaptive, marked, updated */
  159. $view_mode = clean($_REQUEST["view_mode"]);
  160. $include_attachments = API::param_to_bool(clean($_REQUEST["include_attachments"]));
  161. $since_id = (int)clean($_REQUEST["since_id"]);
  162. $include_nested = API::param_to_bool(clean($_REQUEST["include_nested"]));
  163. $sanitize_content = !isset($_REQUEST["sanitize"]) ||
  164. API::param_to_bool($_REQUEST["sanitize"]);
  165. $force_update = API::param_to_bool(clean($_REQUEST["force_update"]));
  166. $has_sandbox = API::param_to_bool(clean($_REQUEST["has_sandbox"]));
  167. $excerpt_length = (int)clean($_REQUEST["excerpt_length"]);
  168. $check_first_id = (int)clean($_REQUEST["check_first_id"]);
  169. $include_header = API::param_to_bool(clean($_REQUEST["include_header"]));
  170. $_SESSION['hasSandbox'] = $has_sandbox;
  171. $skip_first_id_check = false;
  172. $override_order = false;
  173. switch (clean($_REQUEST["order_by"])) {
  174. case "title":
  175. $override_order = "ttrss_entries.title, date_entered, updated";
  176. break;
  177. case "date_reverse":
  178. $override_order = "score DESC, date_entered, updated";
  179. $skip_first_id_check = true;
  180. break;
  181. case "feed_dates":
  182. $override_order = "updated DESC";
  183. break;
  184. }
  185. /* do not rely on params below */
  186. $search = clean($_REQUEST["search"]);
  187. list($headlines, $headlines_header) = $this->api_get_headlines($feed_id, $limit, $offset,
  188. $filter, $is_cat, $show_excerpt, $show_content, $view_mode, $override_order,
  189. $include_attachments, $since_id, $search,
  190. $include_nested, $sanitize_content, $force_update, $excerpt_length, $check_first_id, $skip_first_id_check);
  191. if ($include_header) {
  192. $this->wrap(self::STATUS_OK, array($headlines_header, $headlines));
  193. } else {
  194. $this->wrap(self::STATUS_OK, $headlines);
  195. }
  196. } else {
  197. $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
  198. }
  199. }
  200. function updateArticle() {
  201. $article_ids = explode(",", clean($_REQUEST["article_ids"]));
  202. $mode = (int) clean($_REQUEST["mode"]);
  203. $data = clean($_REQUEST["data"]);
  204. $field_raw = (int)clean($_REQUEST["field"]);
  205. $field = "";
  206. $set_to = "";
  207. switch ($field_raw) {
  208. case 0:
  209. $field = "marked";
  210. $additional_fields = ",last_marked = NOW()";
  211. break;
  212. case 1:
  213. $field = "published";
  214. $additional_fields = ",last_published = NOW()";
  215. break;
  216. case 2:
  217. $field = "unread";
  218. $additional_fields = ",last_read = NOW()";
  219. break;
  220. case 3:
  221. $field = "note";
  222. };
  223. switch ($mode) {
  224. case 1:
  225. $set_to = "true";
  226. break;
  227. case 0:
  228. $set_to = "false";
  229. break;
  230. case 2:
  231. $set_to = "NOT $field";
  232. break;
  233. }
  234. if ($field == "note") $set_to = $this->pdo->quote($data);
  235. if ($field && $set_to && count($article_ids) > 0) {
  236. $article_qmarks = arr_qmarks($article_ids);
  237. $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
  238. $field = $set_to $additional_fields
  239. WHERE ref_id IN ($article_qmarks) AND owner_uid = ?");
  240. $sth->execute(array_merge($article_ids, [$_SESSION['uid']]));
  241. $num_updated = $sth->rowCount();
  242. if ($num_updated > 0 && $field == "unread") {
  243. $sth = $this->pdo->prepare("SELECT DISTINCT feed_id FROM ttrss_user_entries
  244. WHERE ref_id IN ($article_qmarks)");
  245. $sth->execute($article_ids);
  246. while ($line = $sth->fetch()) {
  247. CCache::update($line["feed_id"], $_SESSION["uid"]);
  248. }
  249. }
  250. $this->wrap(self::STATUS_OK, array("status" => "OK",
  251. "updated" => $num_updated));
  252. } else {
  253. $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
  254. }
  255. }
  256. function getArticle() {
  257. $article_ids = explode(",", clean($_REQUEST["article_id"]));
  258. $sanitize_content = !isset($_REQUEST["sanitize"]) ||
  259. API::param_to_bool($_REQUEST["sanitize"]);
  260. if ($article_ids) {
  261. $article_qmarks = arr_qmarks($article_ids);
  262. $sth = $this->pdo->prepare("SELECT id,guid,title,link,content,feed_id,comments,int_id,
  263. marked,unread,published,score,note,lang,
  264. ".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
  265. author,(SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title,
  266. (SELECT site_url FROM ttrss_feeds WHERE id = feed_id) AS site_url,
  267. (SELECT hide_images FROM ttrss_feeds WHERE id = feed_id) AS hide_images
  268. FROM ttrss_entries,ttrss_user_entries
  269. WHERE id IN ($article_qmarks) AND ref_id = id AND owner_uid = ?");
  270. $sth->execute(array_merge($article_ids, [$_SESSION['uid']]));
  271. $articles = array();
  272. while ($line = $sth->fetch()) {
  273. $attachments = Article::get_article_enclosures($line['id']);
  274. $article = array(
  275. "id" => $line["id"],
  276. "guid" => $line["guid"],
  277. "title" => $line["title"],
  278. "link" => $line["link"],
  279. "labels" => Article::get_article_labels($line['id']),
  280. "unread" => API::param_to_bool($line["unread"]),
  281. "marked" => API::param_to_bool($line["marked"]),
  282. "published" => API::param_to_bool($line["published"]),
  283. "comments" => $line["comments"],
  284. "author" => $line["author"],
  285. "updated" => (int) strtotime($line["updated"]),
  286. "feed_id" => $line["feed_id"],
  287. "attachments" => $attachments,
  288. "score" => (int)$line["score"],
  289. "feed_title" => $line["feed_title"],
  290. "note" => $line["note"],
  291. "lang" => $line["lang"]
  292. );
  293. if ($sanitize_content) {
  294. $article["content"] = sanitize(
  295. $line["content"],
  296. API::param_to_bool($line['hide_images']),
  297. false, $line["site_url"], false, $line["id"]);
  298. } else {
  299. $article["content"] = $line["content"];
  300. }
  301. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_RENDER_ARTICLE_API) as $p) {
  302. $article = $p->hook_render_article_api(array("article" => $article));
  303. }
  304. $article['content'] = DiskCache::rewriteUrls($article['content']);
  305. array_push($articles, $article);
  306. }
  307. $this->wrap(self::STATUS_OK, $articles);
  308. } else {
  309. $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
  310. }
  311. }
  312. function getConfig() {
  313. $config = array(
  314. "icons_dir" => ICONS_DIR,
  315. "icons_url" => ICONS_URL);
  316. $config["daemon_is_running"] = file_is_locked("update_daemon.lock");
  317. $sth = $this->pdo->prepare("SELECT COUNT(*) AS cf FROM
  318. ttrss_feeds WHERE owner_uid = ?");
  319. $sth->execute([$_SESSION['uid']]);
  320. $row = $sth->fetch();
  321. $config["num_feeds"] = $row["cf"];
  322. $this->wrap(self::STATUS_OK, $config);
  323. }
  324. function updateFeed() {
  325. $feed_id = (int) clean($_REQUEST["feed_id"]);
  326. if (!ini_get("open_basedir")) {
  327. RSSUtils::update_rss_feed($feed_id);
  328. }
  329. $this->wrap(self::STATUS_OK, array("status" => "OK"));
  330. }
  331. function catchupFeed() {
  332. $feed_id = clean($_REQUEST["feed_id"]);
  333. $is_cat = clean($_REQUEST["is_cat"]);
  334. Feeds::catchup_feed($feed_id, $is_cat);
  335. $this->wrap(self::STATUS_OK, array("status" => "OK"));
  336. }
  337. function getPref() {
  338. $pref_name = clean($_REQUEST["pref_name"]);
  339. $this->wrap(self::STATUS_OK, array("value" => get_pref($pref_name)));
  340. }
  341. function getLabels() {
  342. $article_id = (int)clean($_REQUEST['article_id']);
  343. $rv = array();
  344. $sth = $this->pdo->prepare("SELECT id, caption, fg_color, bg_color
  345. FROM ttrss_labels2
  346. WHERE owner_uid = ? ORDER BY caption");
  347. $sth->execute([$_SESSION['uid']]);
  348. if ($article_id)
  349. $article_labels = Article::get_article_labels($article_id);
  350. else
  351. $article_labels = array();
  352. while ($line = $sth->fetch()) {
  353. $checked = false;
  354. foreach ($article_labels as $al) {
  355. if (Labels::feed_to_label_id($al[0]) == $line['id']) {
  356. $checked = true;
  357. break;
  358. }
  359. }
  360. array_push($rv, array(
  361. "id" => (int)Labels::label_to_feed_id($line['id']),
  362. "caption" => $line['caption'],
  363. "fg_color" => $line['fg_color'],
  364. "bg_color" => $line['bg_color'],
  365. "checked" => $checked));
  366. }
  367. $this->wrap(self::STATUS_OK, $rv);
  368. }
  369. function setArticleLabel() {
  370. $article_ids = explode(",", clean($_REQUEST["article_ids"]));
  371. $label_id = (int) clean($_REQUEST['label_id']);
  372. $assign = API::param_to_bool(clean($_REQUEST['assign']));
  373. $label = Labels::find_caption(Labels::feed_to_label_id($label_id), $_SESSION["uid"]);
  374. $num_updated = 0;
  375. if ($label) {
  376. foreach ($article_ids as $id) {
  377. if ($assign)
  378. Labels::add_article($id, $label, $_SESSION["uid"]);
  379. else
  380. Labels::remove_article($id, $label, $_SESSION["uid"]);
  381. ++$num_updated;
  382. }
  383. }
  384. $this->wrap(self::STATUS_OK, array("status" => "OK",
  385. "updated" => $num_updated));
  386. }
  387. function index($method) {
  388. $plugin = PluginHost::getInstance()->get_api_method(strtolower($method));
  389. if ($plugin && method_exists($plugin, $method)) {
  390. $reply = $plugin->$method();
  391. $this->wrap($reply[0], $reply[1]);
  392. } else {
  393. $this->wrap(self::STATUS_ERR, array("error" => 'UNKNOWN_METHOD', "method" => $method));
  394. }
  395. }
  396. function shareToPublished() {
  397. $title = strip_tags(clean($_REQUEST["title"]));
  398. $url = strip_tags(clean($_REQUEST["url"]));
  399. $content = strip_tags(clean($_REQUEST["content"]));
  400. if (Article::create_published_article($title, $url, $content, "", $_SESSION["uid"])) {
  401. $this->wrap(self::STATUS_OK, array("status" => 'OK'));
  402. } else {
  403. $this->wrap(self::STATUS_ERR, array("error" => 'Publishing failed'));
  404. }
  405. }
  406. static function api_get_feeds($cat_id, $unread_only, $limit, $offset, $include_nested = false) {
  407. $feeds = array();
  408. $pdo = Db::pdo();
  409. $limit = (int) $limit;
  410. $offset = (int) $offset;
  411. $cat_id = (int) $cat_id;
  412. /* Labels */
  413. /* API only: -4 All feeds, including virtual feeds */
  414. if ($cat_id == -4 || $cat_id == -2) {
  415. $counters = Counters::getLabelCounters(true);
  416. foreach (array_values($counters) as $cv) {
  417. $unread = $cv["counter"];
  418. if ($unread || !$unread_only) {
  419. $row = array(
  420. "id" => (int) $cv["id"],
  421. "title" => $cv["description"],
  422. "unread" => $cv["counter"],
  423. "cat_id" => -2,
  424. );
  425. array_push($feeds, $row);
  426. }
  427. }
  428. }
  429. /* Virtual feeds */
  430. if ($cat_id == -4 || $cat_id == -1) {
  431. foreach (array(-1, -2, -3, -4, -6, 0) as $i) {
  432. $unread = getFeedUnread($i);
  433. if ($unread || !$unread_only) {
  434. $title = Feeds::getFeedTitle($i);
  435. $row = array(
  436. "id" => $i,
  437. "title" => $title,
  438. "unread" => $unread,
  439. "cat_id" => -1,
  440. );
  441. array_push($feeds, $row);
  442. }
  443. }
  444. }
  445. /* Child cats */
  446. if ($include_nested && $cat_id) {
  447. $sth = $pdo->prepare("SELECT
  448. id, title, order_id FROM ttrss_feed_categories
  449. WHERE parent_cat = ? AND owner_uid = ? ORDER BY order_id, title");
  450. $sth->execute([$cat_id, $_SESSION['uid']]);
  451. while ($line = $sth->fetch()) {
  452. $unread = getFeedUnread($line["id"], true) +
  453. Feeds::getCategoryChildrenUnread($line["id"]);
  454. if ($unread || !$unread_only) {
  455. $row = array(
  456. "id" => (int) $line["id"],
  457. "title" => $line["title"],
  458. "unread" => $unread,
  459. "is_cat" => true,
  460. "order_id" => (int) $line["order_id"]
  461. );
  462. array_push($feeds, $row);
  463. }
  464. }
  465. }
  466. /* Real feeds */
  467. if ($limit) {
  468. $limit_qpart = "LIMIT $limit OFFSET $offset";
  469. } else {
  470. $limit_qpart = "";
  471. }
  472. /* API only: -3 All feeds, excluding virtual feeds (e.g. Labels and such) */
  473. if ($cat_id == -4 || $cat_id == -3) {
  474. $sth = $pdo->prepare("SELECT
  475. id, feed_url, cat_id, title, order_id, ".
  476. SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
  477. FROM ttrss_feeds WHERE owner_uid = ?
  478. ORDER BY order_id, title " . $limit_qpart);
  479. $sth->execute([$_SESSION['uid']]);
  480. } else {
  481. $sth = $pdo->prepare("SELECT
  482. id, feed_url, cat_id, title, order_id, ".
  483. SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
  484. FROM ttrss_feeds WHERE
  485. (cat_id = :cat OR (:cat = 0 AND cat_id IS NULL))
  486. AND owner_uid = :uid
  487. ORDER BY order_id, title " . $limit_qpart);
  488. $sth->execute([":uid" => $_SESSION['uid'], ":cat" => $cat_id]);
  489. }
  490. while ($line = $sth->fetch()) {
  491. $unread = getFeedUnread($line["id"]);
  492. $has_icon = Feeds::feedHasIcon($line['id']);
  493. if ($unread || !$unread_only) {
  494. $row = array(
  495. "feed_url" => $line["feed_url"],
  496. "title" => $line["title"],
  497. "id" => (int)$line["id"],
  498. "unread" => (int)$unread,
  499. "has_icon" => $has_icon,
  500. "cat_id" => (int)$line["cat_id"],
  501. "last_updated" => (int) strtotime($line["last_updated"]),
  502. "order_id" => (int) $line["order_id"],
  503. );
  504. array_push($feeds, $row);
  505. }
  506. }
  507. return $feeds;
  508. }
  509. /**
  510. * @SuppressWarnings(PHPMD.UnusedFormalParameter)
  511. */
  512. static function api_get_headlines($feed_id, $limit, $offset,
  513. $filter, $is_cat, $show_excerpt, $show_content, $view_mode, $order,
  514. $include_attachments, $since_id,
  515. $search = "", $include_nested = false, $sanitize_content = true,
  516. $force_update = false, $excerpt_length = 100, $check_first_id = false, $skip_first_id_check = false) {
  517. $pdo = Db::pdo();
  518. if ($force_update && $feed_id > 0 && is_numeric($feed_id)) {
  519. // Update the feed if required with some basic flood control
  520. $sth = $pdo->prepare(
  521. "SELECT cache_images,".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
  522. FROM ttrss_feeds WHERE id = ?");
  523. $sth->execute([$feed_id]);
  524. if ($row = $sth->fetch()) {
  525. $last_updated = strtotime($row["last_updated"]);
  526. $cache_images = API::param_to_bool($row["cache_images"]);
  527. if (!$cache_images && time() - $last_updated > 120) {
  528. RSSUtils::update_rss_feed($feed_id, true);
  529. } else {
  530. $sth = $pdo->prepare("UPDATE ttrss_feeds SET last_updated = '1970-01-01', last_update_started = '1970-01-01'
  531. WHERE id = ?");
  532. $sth->execute([$feed_id]);
  533. }
  534. }
  535. }
  536. $params = array(
  537. "feed" => $feed_id,
  538. "limit" => $limit,
  539. "view_mode" => $view_mode,
  540. "cat_view" => $is_cat,
  541. "search" => $search,
  542. "override_order" => $order,
  543. "offset" => $offset,
  544. "since_id" => $since_id,
  545. "include_children" => $include_nested,
  546. "check_first_id" => $check_first_id,
  547. "skip_first_id_check" => $skip_first_id_check
  548. );
  549. $qfh_ret = Feeds::queryFeedHeadlines($params);
  550. $result = $qfh_ret[0];
  551. $feed_title = $qfh_ret[1];
  552. $first_id = $qfh_ret[6];
  553. $headlines = array();
  554. $headlines_header = array(
  555. 'id' => $feed_id,
  556. 'first_id' => $first_id,
  557. 'is_cat' => $is_cat);
  558. if (!is_numeric($result)) {
  559. while ($line = $result->fetch()) {
  560. $line["content_preview"] = truncate_string(strip_tags($line["content"]), $excerpt_length);
  561. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_QUERY_HEADLINES) as $p) {
  562. $line = $p->hook_query_headlines($line, $excerpt_length, true);
  563. }
  564. $is_updated = ($line["last_read"] == "" &&
  565. ($line["unread"] != "t" && $line["unread"] != "1"));
  566. $tags = explode(",", $line["tag_cache"]);
  567. $label_cache = $line["label_cache"];
  568. $labels = false;
  569. if ($label_cache) {
  570. $label_cache = json_decode($label_cache, true);
  571. if ($label_cache) {
  572. if ($label_cache["no-labels"] == 1)
  573. $labels = array();
  574. else
  575. $labels = $label_cache;
  576. }
  577. }
  578. if (!is_array($labels)) $labels = Article::get_article_labels($line["id"]);
  579. $headline_row = array(
  580. "id" => (int)$line["id"],
  581. "guid" => $line["guid"],
  582. "unread" => API::param_to_bool($line["unread"]),
  583. "marked" => API::param_to_bool($line["marked"]),
  584. "published" => API::param_to_bool($line["published"]),
  585. "updated" => (int)strtotime($line["updated"]),
  586. "is_updated" => $is_updated,
  587. "title" => $line["title"],
  588. "link" => $line["link"],
  589. "feed_id" => $line["feed_id"] ? $line['feed_id'] : 0,
  590. "tags" => $tags,
  591. );
  592. $enclosures = Article::get_article_enclosures($line['id']);
  593. if ($include_attachments)
  594. $headline_row['attachments'] = $enclosures;
  595. if ($show_excerpt)
  596. $headline_row["excerpt"] = $line["content_preview"];
  597. if ($show_content) {
  598. if ($sanitize_content) {
  599. $headline_row["content"] = sanitize(
  600. $line["content"],
  601. API::param_to_bool($line['hide_images']),
  602. false, $line["site_url"], false, $line["id"]);
  603. } else {
  604. $headline_row["content"] = $line["content"];
  605. }
  606. }
  607. // unify label output to ease parsing
  608. if ($labels["no-labels"] == 1) $labels = array();
  609. $headline_row["labels"] = $labels;
  610. $headline_row["feed_title"] = $line["feed_title"] ? $line["feed_title"] :
  611. $feed_title;
  612. $headline_row["comments_count"] = (int)$line["num_comments"];
  613. $headline_row["comments_link"] = $line["comments"];
  614. $headline_row["always_display_attachments"] = API::param_to_bool($line["always_display_enclosures"]);
  615. $headline_row["author"] = $line["author"];
  616. $headline_row["score"] = (int)$line["score"];
  617. $headline_row["note"] = $line["note"];
  618. $headline_row["lang"] = $line["lang"];
  619. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_RENDER_ARTICLE_API) as $p) {
  620. $headline_row = $p->hook_render_article_api(array("headline" => $headline_row));
  621. }
  622. $headline_row["content"] = DiskCache::rewriteUrls($headline_row['content']);
  623. list ($flavor_image, $flavor_stream) = Article::get_article_image($enclosures, $line["content"], $line["site_url"]);
  624. $headline_row["flavor_image"] = $flavor_image;
  625. $headline_row["flavor_stream"] = $flavor_stream;
  626. array_push($headlines, $headline_row);
  627. }
  628. } else if (is_numeric($result) && $result == -1) {
  629. $headlines_header['first_id_changed'] = true;
  630. }
  631. return array($headlines, $headlines_header);
  632. }
  633. function unsubscribeFeed() {
  634. $feed_id = (int) clean($_REQUEST["feed_id"]);
  635. $sth = $this->pdo->prepare("SELECT id FROM ttrss_feeds WHERE
  636. id = ? AND owner_uid = ?");
  637. $sth->execute([$feed_id, $_SESSION['uid']]);
  638. if ($row = $sth->fetch()) {
  639. Pref_Feeds::remove_feed($feed_id, $_SESSION["uid"]);
  640. $this->wrap(self::STATUS_OK, array("status" => "OK"));
  641. } else {
  642. $this->wrap(self::STATUS_ERR, array("error" => "FEED_NOT_FOUND"));
  643. }
  644. }
  645. function subscribeToFeed() {
  646. $feed_url = clean($_REQUEST["feed_url"]);
  647. $category_id = (int) clean($_REQUEST["category_id"]);
  648. $login = clean($_REQUEST["login"]);
  649. $password = clean($_REQUEST["password"]);
  650. if ($feed_url) {
  651. $rc = Feeds::subscribe_to_feed($feed_url, $category_id, $login, $password);
  652. $this->wrap(self::STATUS_OK, array("status" => $rc));
  653. } else {
  654. $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
  655. }
  656. }
  657. function getFeedTree() {
  658. $include_empty = API::param_to_bool(clean($_REQUEST['include_empty']));
  659. $pf = new Pref_Feeds($_REQUEST);
  660. $_REQUEST['mode'] = 2;
  661. $_REQUEST['force_show_empty'] = $include_empty;
  662. if ($pf){
  663. $data = $pf->makefeedtree();
  664. $this->wrap(self::STATUS_OK, array("categories" => $data));
  665. } else {
  666. $this->wrap(self::STATUS_ERR, array("error" =>
  667. 'UNABLE_TO_INSTANTIATE_OBJECT'));
  668. }
  669. }
  670. // only works for labels or uncategorized for the time being
  671. private function isCategoryEmpty($id) {
  672. if ($id == -2) {
  673. $sth = $this->pdo->prepare("SELECT COUNT(id) AS count FROM ttrss_labels2
  674. WHERE owner_uid = ?");
  675. $sth->execute([$_SESSION['uid']]);
  676. $row = $sth->fetch();
  677. return $row["count"] == 0;
  678. } else if ($id == 0) {
  679. $sth = $this->pdo->prepare("SELECT COUNT(id) AS count FROM ttrss_feeds
  680. WHERE cat_id IS NULL AND owner_uid = ?");
  681. $sth->execute([$_SESSION['uid']]);
  682. $row = $sth->fetch();
  683. return $row["count"] == 0;
  684. }
  685. return false;
  686. }
  687. }