api.php 25 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886
  1. <?php
  2. class API extends Handler {
  3. const API_LEVEL = 14;
  4. const STATUS_OK = 0;
  5. const STATUS_ERR = 1;
  6. private $seq;
  7. static function param_to_bool($p) {
  8. return $p && ($p !== "f" && $p !== "false");
  9. }
  10. function before($method) {
  11. if (parent::before($method)) {
  12. header("Content-Type: text/json");
  13. if (!$_SESSION["uid"] && $method != "login" && $method != "isloggedin") {
  14. $this->wrap(self::STATUS_ERR, array("error" => 'NOT_LOGGED_IN'));
  15. return false;
  16. }
  17. if ($_SESSION["uid"] && $method != "logout" && !get_pref('ENABLE_API_ACCESS')) {
  18. $this->wrap(self::STATUS_ERR, array("error" => 'API_DISABLED'));
  19. return false;
  20. }
  21. $this->seq = (int) clean($_REQUEST['seq']);
  22. return true;
  23. }
  24. return false;
  25. }
  26. function wrap($status, $reply) {
  27. print json_encode(array("seq" => $this->seq,
  28. "status" => $status,
  29. "content" => $reply));
  30. }
  31. function getVersion() {
  32. $rv = array("version" => get_version());
  33. $this->wrap(self::STATUS_OK, $rv);
  34. }
  35. function getApiLevel() {
  36. $rv = array("level" => self::API_LEVEL);
  37. $this->wrap(self::STATUS_OK, $rv);
  38. }
  39. function login() {
  40. @session_destroy();
  41. @session_start();
  42. $login = clean($_REQUEST["user"]);
  43. $password = clean($_REQUEST["password"]);
  44. $password_base64 = base64_decode(clean($_REQUEST["password"]));
  45. if (SINGLE_USER_MODE) $login = "admin";
  46. $sth = $this->pdo->prepare("SELECT id FROM ttrss_users WHERE login = ?");
  47. $sth->execute([$login]);
  48. if ($row = $sth->fetch()) {
  49. $uid = $row["id"];
  50. } else {
  51. $uid = 0;
  52. }
  53. if (!$uid) {
  54. $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
  55. return;
  56. }
  57. if (get_pref("ENABLE_API_ACCESS", $uid)) {
  58. if (authenticate_user($login, $password, false, Auth_Base::AUTH_SERVICE_API)) { // try login with normal password
  59. $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
  60. "api_level" => self::API_LEVEL));
  61. } else if (authenticate_user($login, $password_base64, false, Auth_Base::AUTH_SERVICE_API)) { // else try with base64_decoded password
  62. $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
  63. "api_level" => self::API_LEVEL));
  64. } else { // else we are not logged in
  65. user_error("Failed login attempt for $login from {$_SERVER['REMOTE_ADDR']}", E_USER_WARNING);
  66. $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
  67. }
  68. } else {
  69. $this->wrap(self::STATUS_ERR, array("error" => "API_DISABLED"));
  70. }
  71. }
  72. function logout() {
  73. logout_user();
  74. $this->wrap(self::STATUS_OK, array("status" => "OK"));
  75. }
  76. function isLoggedIn() {
  77. $this->wrap(self::STATUS_OK, array("status" => $_SESSION["uid"] != ''));
  78. }
  79. function getUnread() {
  80. $feed_id = clean($_REQUEST["feed_id"]);
  81. $is_cat = clean($_REQUEST["is_cat"]);
  82. if ($feed_id) {
  83. $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($feed_id, $is_cat)));
  84. } else {
  85. $this->wrap(self::STATUS_OK, array("unread" => Feeds::getGlobalUnread()));
  86. }
  87. }
  88. /* Method added for ttrss-reader for Android */
  89. function getCounters() {
  90. $this->wrap(self::STATUS_OK, Counters::getAllCounters());
  91. }
  92. function getFeeds() {
  93. $cat_id = clean($_REQUEST["cat_id"]);
  94. $unread_only = API::param_to_bool(clean($_REQUEST["unread_only"]));
  95. $limit = (int) clean($_REQUEST["limit"]);
  96. $offset = (int) clean($_REQUEST["offset"]);
  97. $include_nested = API::param_to_bool(clean($_REQUEST["include_nested"]));
  98. $feeds = $this->api_get_feeds($cat_id, $unread_only, $limit, $offset, $include_nested);
  99. $this->wrap(self::STATUS_OK, $feeds);
  100. }
  101. function getCategories() {
  102. $unread_only = API::param_to_bool(clean($_REQUEST["unread_only"]));
  103. $enable_nested = API::param_to_bool(clean($_REQUEST["enable_nested"]));
  104. $include_empty = API::param_to_bool(clean($_REQUEST['include_empty']));
  105. // TODO do not return empty categories, return Uncategorized and standard virtual cats
  106. if ($enable_nested)
  107. $nested_qpart = "parent_cat IS NULL";
  108. else
  109. $nested_qpart = "true";
  110. $sth = $this->pdo->prepare("SELECT
  111. id, title, order_id, (SELECT COUNT(id) FROM
  112. ttrss_feeds WHERE
  113. ttrss_feed_categories.id IS NOT NULL AND cat_id = ttrss_feed_categories.id) AS num_feeds,
  114. (SELECT COUNT(id) FROM
  115. ttrss_feed_categories AS c2 WHERE
  116. c2.parent_cat = ttrss_feed_categories.id) AS num_cats
  117. FROM ttrss_feed_categories
  118. WHERE $nested_qpart AND owner_uid = ?");
  119. $sth->execute([$_SESSION['uid']]);
  120. $cats = array();
  121. while ($line = $sth->fetch()) {
  122. if ($include_empty || $line["num_feeds"] > 0 || $line["num_cats"] > 0) {
  123. $unread = getFeedUnread($line["id"], true);
  124. if ($enable_nested)
  125. $unread += Feeds::getCategoryChildrenUnread($line["id"]);
  126. if ($unread || !$unread_only) {
  127. array_push($cats, array("id" => (int) $line["id"],
  128. "title" => $line["title"],
  129. "unread" => (int) $unread,
  130. "order_id" => (int) $line["order_id"],
  131. ));
  132. }
  133. }
  134. }
  135. foreach (array(-2,-1,0) as $cat_id) {
  136. if ($include_empty || !$this->isCategoryEmpty($cat_id)) {
  137. $unread = getFeedUnread($cat_id, true);
  138. if ($unread || !$unread_only) {
  139. array_push($cats, array("id" => (int) $cat_id,
  140. "title" => Feeds::getCategoryTitle($cat_id),
  141. "unread" => (int) $unread));
  142. }
  143. }
  144. }
  145. $this->wrap(self::STATUS_OK, $cats);
  146. }
  147. function getHeadlines() {
  148. $feed_id = clean($_REQUEST["feed_id"]);
  149. if ($feed_id !== "") {
  150. if (is_numeric($feed_id)) $feed_id = (int) $feed_id;
  151. $limit = (int)clean($_REQUEST["limit"]);
  152. if (!$limit || $limit >= 200) $limit = 200;
  153. $offset = (int)clean($_REQUEST["skip"]);
  154. $filter = clean($_REQUEST["filter"]);
  155. $is_cat = API::param_to_bool(clean($_REQUEST["is_cat"]));
  156. $show_excerpt = API::param_to_bool(clean($_REQUEST["show_excerpt"]));
  157. $show_content = API::param_to_bool(clean($_REQUEST["show_content"]));
  158. /* all_articles, unread, adaptive, marked, updated */
  159. $view_mode = clean($_REQUEST["view_mode"]);
  160. $include_attachments = API::param_to_bool(clean($_REQUEST["include_attachments"]));
  161. $since_id = (int)clean($_REQUEST["since_id"]);
  162. $include_nested = API::param_to_bool(clean($_REQUEST["include_nested"]));
  163. $sanitize_content = !isset($_REQUEST["sanitize"]) ||
  164. API::param_to_bool($_REQUEST["sanitize"]);
  165. $force_update = API::param_to_bool(clean($_REQUEST["force_update"]));
  166. $has_sandbox = API::param_to_bool(clean($_REQUEST["has_sandbox"]));
  167. $excerpt_length = (int)clean($_REQUEST["excerpt_length"]);
  168. $check_first_id = (int)clean($_REQUEST["check_first_id"]);
  169. $include_header = API::param_to_bool(clean($_REQUEST["include_header"]));
  170. $_SESSION['hasSandbox'] = $has_sandbox;
  171. $skip_first_id_check = false;
  172. $override_order = false;
  173. switch (clean($_REQUEST["order_by"])) {
  174. case "title":
  175. $override_order = "ttrss_entries.title, date_entered, updated";
  176. break;
  177. case "date_reverse":
  178. $override_order = "score DESC, date_entered, updated";
  179. $skip_first_id_check = true;
  180. break;
  181. case "feed_dates":
  182. $override_order = "updated DESC";
  183. break;
  184. }
  185. /* do not rely on params below */
  186. $search = clean($_REQUEST["search"]);
  187. list($headlines, $headlines_header) = $this->api_get_headlines($feed_id, $limit, $offset,
  188. $filter, $is_cat, $show_excerpt, $show_content, $view_mode, $override_order,
  189. $include_attachments, $since_id, $search,
  190. $include_nested, $sanitize_content, $force_update, $excerpt_length, $check_first_id, $skip_first_id_check);
  191. if ($include_header) {
  192. $this->wrap(self::STATUS_OK, array($headlines_header, $headlines));
  193. } else {
  194. $this->wrap(self::STATUS_OK, $headlines);
  195. }
  196. } else {
  197. $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
  198. }
  199. }
  200. function updateArticle() {
  201. $article_ids = explode(",", clean($_REQUEST["article_ids"]));
  202. $mode = (int) clean($_REQUEST["mode"]);
  203. $data = clean($_REQUEST["data"]);
  204. $field_raw = (int)clean($_REQUEST["field"]);
  205. $field = "";
  206. $set_to = "";
  207. switch ($field_raw) {
  208. case 0:
  209. $field = "marked";
  210. $additional_fields = ",last_marked = NOW()";
  211. break;
  212. case 1:
  213. $field = "published";
  214. $additional_fields = ",last_published = NOW()";
  215. break;
  216. case 2:
  217. $field = "unread";
  218. $additional_fields = ",last_read = NOW()";
  219. break;
  220. case 3:
  221. $field = "note";
  222. };
  223. switch ($mode) {
  224. case 1:
  225. $set_to = "true";
  226. break;
  227. case 0:
  228. $set_to = "false";
  229. break;
  230. case 2:
  231. $set_to = "NOT $field";
  232. break;
  233. }
  234. if ($field == "note") $set_to = $this->pdo->quote($data);
  235. if ($field && $set_to && count($article_ids) > 0) {
  236. $article_qmarks = arr_qmarks($article_ids);
  237. $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
  238. $field = $set_to $additional_fields
  239. WHERE ref_id IN ($article_qmarks) AND owner_uid = ?");
  240. $sth->execute(array_merge($article_ids, [$_SESSION['uid']]));
  241. $num_updated = $sth->rowCount();
  242. $this->wrap(self::STATUS_OK, array("status" => "OK",
  243. "updated" => $num_updated));
  244. } else {
  245. $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
  246. }
  247. }
  248. function getArticle() {
  249. $article_ids = explode(",", clean($_REQUEST["article_id"]));
  250. $sanitize_content = !isset($_REQUEST["sanitize"]) ||
  251. API::param_to_bool($_REQUEST["sanitize"]);
  252. if ($article_ids) {
  253. $article_qmarks = arr_qmarks($article_ids);
  254. $sth = $this->pdo->prepare("SELECT id,guid,title,link,content,feed_id,comments,int_id,
  255. marked,unread,published,score,note,lang,
  256. ".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
  257. author,(SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title,
  258. (SELECT site_url FROM ttrss_feeds WHERE id = feed_id) AS site_url,
  259. (SELECT hide_images FROM ttrss_feeds WHERE id = feed_id) AS hide_images
  260. FROM ttrss_entries,ttrss_user_entries
  261. WHERE id IN ($article_qmarks) AND ref_id = id AND owner_uid = ?");
  262. $sth->execute(array_merge($article_ids, [$_SESSION['uid']]));
  263. $articles = array();
  264. while ($line = $sth->fetch()) {
  265. $attachments = Article::get_article_enclosures($line['id']);
  266. $article = array(
  267. "id" => $line["id"],
  268. "guid" => $line["guid"],
  269. "title" => $line["title"],
  270. "link" => $line["link"],
  271. "labels" => Article::get_article_labels($line['id']),
  272. "unread" => API::param_to_bool($line["unread"]),
  273. "marked" => API::param_to_bool($line["marked"]),
  274. "published" => API::param_to_bool($line["published"]),
  275. "comments" => $line["comments"],
  276. "author" => $line["author"],
  277. "updated" => (int) strtotime($line["updated"]),
  278. "feed_id" => $line["feed_id"],
  279. "attachments" => $attachments,
  280. "score" => (int)$line["score"],
  281. "feed_title" => $line["feed_title"],
  282. "note" => $line["note"],
  283. "lang" => $line["lang"]
  284. );
  285. if ($sanitize_content) {
  286. $article["content"] = sanitize(
  287. $line["content"],
  288. API::param_to_bool($line['hide_images']),
  289. false, $line["site_url"], false, $line["id"]);
  290. } else {
  291. $article["content"] = $line["content"];
  292. }
  293. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_RENDER_ARTICLE_API) as $p) {
  294. $article = $p->hook_render_article_api(array("article" => $article));
  295. }
  296. $article['content'] = DiskCache::rewriteUrls($article['content']);
  297. array_push($articles, $article);
  298. }
  299. $this->wrap(self::STATUS_OK, $articles);
  300. } else {
  301. $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
  302. }
  303. }
  304. function getConfig() {
  305. $config = array(
  306. "icons_dir" => ICONS_DIR,
  307. "icons_url" => ICONS_URL);
  308. $config["daemon_is_running"] = file_is_locked("update_daemon.lock");
  309. $sth = $this->pdo->prepare("SELECT COUNT(*) AS cf FROM
  310. ttrss_feeds WHERE owner_uid = ?");
  311. $sth->execute([$_SESSION['uid']]);
  312. $row = $sth->fetch();
  313. $config["num_feeds"] = $row["cf"];
  314. $this->wrap(self::STATUS_OK, $config);
  315. }
  316. function updateFeed() {
  317. $feed_id = (int) clean($_REQUEST["feed_id"]);
  318. if (!ini_get("open_basedir")) {
  319. RSSUtils::update_rss_feed($feed_id);
  320. }
  321. $this->wrap(self::STATUS_OK, array("status" => "OK"));
  322. }
  323. function catchupFeed() {
  324. $feed_id = clean($_REQUEST["feed_id"]);
  325. $is_cat = clean($_REQUEST["is_cat"]);
  326. Feeds::catchup_feed($feed_id, $is_cat);
  327. $this->wrap(self::STATUS_OK, array("status" => "OK"));
  328. }
  329. function getPref() {
  330. $pref_name = clean($_REQUEST["pref_name"]);
  331. $this->wrap(self::STATUS_OK, array("value" => get_pref($pref_name)));
  332. }
  333. function getLabels() {
  334. $article_id = (int)clean($_REQUEST['article_id']);
  335. $rv = array();
  336. $sth = $this->pdo->prepare("SELECT id, caption, fg_color, bg_color
  337. FROM ttrss_labels2
  338. WHERE owner_uid = ? ORDER BY caption");
  339. $sth->execute([$_SESSION['uid']]);
  340. if ($article_id)
  341. $article_labels = Article::get_article_labels($article_id);
  342. else
  343. $article_labels = array();
  344. while ($line = $sth->fetch()) {
  345. $checked = false;
  346. foreach ($article_labels as $al) {
  347. if (Labels::feed_to_label_id($al[0]) == $line['id']) {
  348. $checked = true;
  349. break;
  350. }
  351. }
  352. array_push($rv, array(
  353. "id" => (int)Labels::label_to_feed_id($line['id']),
  354. "caption" => $line['caption'],
  355. "fg_color" => $line['fg_color'],
  356. "bg_color" => $line['bg_color'],
  357. "checked" => $checked));
  358. }
  359. $this->wrap(self::STATUS_OK, $rv);
  360. }
  361. function setArticleLabel() {
  362. $article_ids = explode(",", clean($_REQUEST["article_ids"]));
  363. $label_id = (int) clean($_REQUEST['label_id']);
  364. $assign = API::param_to_bool(clean($_REQUEST['assign']));
  365. $label = Labels::find_caption(Labels::feed_to_label_id($label_id), $_SESSION["uid"]);
  366. $num_updated = 0;
  367. if ($label) {
  368. foreach ($article_ids as $id) {
  369. if ($assign)
  370. Labels::add_article($id, $label, $_SESSION["uid"]);
  371. else
  372. Labels::remove_article($id, $label, $_SESSION["uid"]);
  373. ++$num_updated;
  374. }
  375. }
  376. $this->wrap(self::STATUS_OK, array("status" => "OK",
  377. "updated" => $num_updated));
  378. }
  379. function index($method) {
  380. $plugin = PluginHost::getInstance()->get_api_method(strtolower($method));
  381. if ($plugin && method_exists($plugin, $method)) {
  382. $reply = $plugin->$method();
  383. $this->wrap($reply[0], $reply[1]);
  384. } else {
  385. $this->wrap(self::STATUS_ERR, array("error" => 'UNKNOWN_METHOD', "method" => $method));
  386. }
  387. }
  388. function shareToPublished() {
  389. $title = strip_tags(clean($_REQUEST["title"]));
  390. $url = strip_tags(clean($_REQUEST["url"]));
  391. $content = strip_tags(clean($_REQUEST["content"]));
  392. if (Article::create_published_article($title, $url, $content, "", $_SESSION["uid"])) {
  393. $this->wrap(self::STATUS_OK, array("status" => 'OK'));
  394. } else {
  395. $this->wrap(self::STATUS_ERR, array("error" => 'Publishing failed'));
  396. }
  397. }
  398. static function api_get_feeds($cat_id, $unread_only, $limit, $offset, $include_nested = false) {
  399. $feeds = array();
  400. $pdo = Db::pdo();
  401. $limit = (int) $limit;
  402. $offset = (int) $offset;
  403. $cat_id = (int) $cat_id;
  404. /* Labels */
  405. /* API only: -4 All feeds, including virtual feeds */
  406. if ($cat_id == -4 || $cat_id == -2) {
  407. $counters = Counters::getLabelCounters(true);
  408. foreach (array_values($counters) as $cv) {
  409. $unread = $cv["counter"];
  410. if ($unread || !$unread_only) {
  411. $row = array(
  412. "id" => (int) $cv["id"],
  413. "title" => $cv["description"],
  414. "unread" => $cv["counter"],
  415. "cat_id" => -2,
  416. );
  417. array_push($feeds, $row);
  418. }
  419. }
  420. }
  421. /* Virtual feeds */
  422. if ($cat_id == -4 || $cat_id == -1) {
  423. foreach (array(-1, -2, -3, -4, -6, 0) as $i) {
  424. $unread = getFeedUnread($i);
  425. if ($unread || !$unread_only) {
  426. $title = Feeds::getFeedTitle($i);
  427. $row = array(
  428. "id" => $i,
  429. "title" => $title,
  430. "unread" => $unread,
  431. "cat_id" => -1,
  432. );
  433. array_push($feeds, $row);
  434. }
  435. }
  436. }
  437. /* Child cats */
  438. if ($include_nested && $cat_id) {
  439. $sth = $pdo->prepare("SELECT
  440. id, title, order_id FROM ttrss_feed_categories
  441. WHERE parent_cat = ? AND owner_uid = ? ORDER BY order_id, title");
  442. $sth->execute([$cat_id, $_SESSION['uid']]);
  443. while ($line = $sth->fetch()) {
  444. $unread = getFeedUnread($line["id"], true) +
  445. Feeds::getCategoryChildrenUnread($line["id"]);
  446. if ($unread || !$unread_only) {
  447. $row = array(
  448. "id" => (int) $line["id"],
  449. "title" => $line["title"],
  450. "unread" => $unread,
  451. "is_cat" => true,
  452. "order_id" => (int) $line["order_id"]
  453. );
  454. array_push($feeds, $row);
  455. }
  456. }
  457. }
  458. /* Real feeds */
  459. if ($limit) {
  460. $limit_qpart = "LIMIT $limit OFFSET $offset";
  461. } else {
  462. $limit_qpart = "";
  463. }
  464. /* API only: -3 All feeds, excluding virtual feeds (e.g. Labels and such) */
  465. if ($cat_id == -4 || $cat_id == -3) {
  466. $sth = $pdo->prepare("SELECT
  467. id, feed_url, cat_id, title, order_id, ".
  468. SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
  469. FROM ttrss_feeds WHERE owner_uid = ?
  470. ORDER BY order_id, title " . $limit_qpart);
  471. $sth->execute([$_SESSION['uid']]);
  472. } else {
  473. $sth = $pdo->prepare("SELECT
  474. id, feed_url, cat_id, title, order_id, ".
  475. SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
  476. FROM ttrss_feeds WHERE
  477. (cat_id = :cat OR (:cat = 0 AND cat_id IS NULL))
  478. AND owner_uid = :uid
  479. ORDER BY order_id, title " . $limit_qpart);
  480. $sth->execute([":uid" => $_SESSION['uid'], ":cat" => $cat_id]);
  481. }
  482. while ($line = $sth->fetch()) {
  483. $unread = getFeedUnread($line["id"]);
  484. $has_icon = Feeds::feedHasIcon($line['id']);
  485. if ($unread || !$unread_only) {
  486. $row = array(
  487. "feed_url" => $line["feed_url"],
  488. "title" => $line["title"],
  489. "id" => (int)$line["id"],
  490. "unread" => (int)$unread,
  491. "has_icon" => $has_icon,
  492. "cat_id" => (int)$line["cat_id"],
  493. "last_updated" => (int) strtotime($line["last_updated"]),
  494. "order_id" => (int) $line["order_id"],
  495. );
  496. array_push($feeds, $row);
  497. }
  498. }
  499. return $feeds;
  500. }
  501. /**
  502. * @SuppressWarnings(PHPMD.UnusedFormalParameter)
  503. */
  504. static function api_get_headlines($feed_id, $limit, $offset,
  505. $filter, $is_cat, $show_excerpt, $show_content, $view_mode, $order,
  506. $include_attachments, $since_id,
  507. $search = "", $include_nested = false, $sanitize_content = true,
  508. $force_update = false, $excerpt_length = 100, $check_first_id = false, $skip_first_id_check = false) {
  509. $pdo = Db::pdo();
  510. if ($force_update && $feed_id > 0 && is_numeric($feed_id)) {
  511. // Update the feed if required with some basic flood control
  512. $sth = $pdo->prepare(
  513. "SELECT cache_images,".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
  514. FROM ttrss_feeds WHERE id = ?");
  515. $sth->execute([$feed_id]);
  516. if ($row = $sth->fetch()) {
  517. $last_updated = strtotime($row["last_updated"]);
  518. $cache_images = API::param_to_bool($row["cache_images"]);
  519. if (!$cache_images && time() - $last_updated > 120) {
  520. RSSUtils::update_rss_feed($feed_id, true);
  521. } else {
  522. $sth = $pdo->prepare("UPDATE ttrss_feeds SET last_updated = '1970-01-01', last_update_started = '1970-01-01'
  523. WHERE id = ?");
  524. $sth->execute([$feed_id]);
  525. }
  526. }
  527. }
  528. $params = array(
  529. "feed" => $feed_id,
  530. "limit" => $limit,
  531. "view_mode" => $view_mode,
  532. "cat_view" => $is_cat,
  533. "search" => $search,
  534. "override_order" => $order,
  535. "offset" => $offset,
  536. "since_id" => $since_id,
  537. "include_children" => $include_nested,
  538. "check_first_id" => $check_first_id,
  539. "skip_first_id_check" => $skip_first_id_check
  540. );
  541. $qfh_ret = Feeds::queryFeedHeadlines($params);
  542. $result = $qfh_ret[0];
  543. $feed_title = $qfh_ret[1];
  544. $first_id = $qfh_ret[6];
  545. $headlines = array();
  546. $headlines_header = array(
  547. 'id' => $feed_id,
  548. 'first_id' => $first_id,
  549. 'is_cat' => $is_cat);
  550. if (!is_numeric($result)) {
  551. while ($line = $result->fetch()) {
  552. $line["content_preview"] = truncate_string(strip_tags($line["content"]), $excerpt_length);
  553. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_QUERY_HEADLINES) as $p) {
  554. $line = $p->hook_query_headlines($line, $excerpt_length, true);
  555. }
  556. $is_updated = ($line["last_read"] == "" &&
  557. ($line["unread"] != "t" && $line["unread"] != "1"));
  558. $tags = explode(",", $line["tag_cache"]);
  559. $label_cache = $line["label_cache"];
  560. $labels = false;
  561. if ($label_cache) {
  562. $label_cache = json_decode($label_cache, true);
  563. if ($label_cache) {
  564. if ($label_cache["no-labels"] == 1)
  565. $labels = array();
  566. else
  567. $labels = $label_cache;
  568. }
  569. }
  570. if (!is_array($labels)) $labels = Article::get_article_labels($line["id"]);
  571. $headline_row = array(
  572. "id" => (int)$line["id"],
  573. "guid" => $line["guid"],
  574. "unread" => API::param_to_bool($line["unread"]),
  575. "marked" => API::param_to_bool($line["marked"]),
  576. "published" => API::param_to_bool($line["published"]),
  577. "updated" => (int)strtotime($line["updated"]),
  578. "is_updated" => $is_updated,
  579. "title" => $line["title"],
  580. "link" => $line["link"],
  581. "feed_id" => $line["feed_id"] ? $line['feed_id'] : 0,
  582. "tags" => $tags,
  583. );
  584. $enclosures = Article::get_article_enclosures($line['id']);
  585. if ($include_attachments)
  586. $headline_row['attachments'] = $enclosures;
  587. if ($show_excerpt)
  588. $headline_row["excerpt"] = $line["content_preview"];
  589. if ($show_content) {
  590. if ($sanitize_content) {
  591. $headline_row["content"] = sanitize(
  592. $line["content"],
  593. API::param_to_bool($line['hide_images']),
  594. false, $line["site_url"], false, $line["id"]);
  595. } else {
  596. $headline_row["content"] = $line["content"];
  597. }
  598. }
  599. // unify label output to ease parsing
  600. if ($labels["no-labels"] == 1) $labels = array();
  601. $headline_row["labels"] = $labels;
  602. $headline_row["feed_title"] = $line["feed_title"] ? $line["feed_title"] :
  603. $feed_title;
  604. $headline_row["comments_count"] = (int)$line["num_comments"];
  605. $headline_row["comments_link"] = $line["comments"];
  606. $headline_row["always_display_attachments"] = API::param_to_bool($line["always_display_enclosures"]);
  607. $headline_row["author"] = $line["author"];
  608. $headline_row["score"] = (int)$line["score"];
  609. $headline_row["note"] = $line["note"];
  610. $headline_row["lang"] = $line["lang"];
  611. foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_RENDER_ARTICLE_API) as $p) {
  612. $headline_row = $p->hook_render_article_api(array("headline" => $headline_row));
  613. }
  614. $headline_row["content"] = DiskCache::rewriteUrls($headline_row['content']);
  615. list ($flavor_image, $flavor_stream) = Article::get_article_image($enclosures, $line["content"], $line["site_url"]);
  616. $headline_row["flavor_image"] = $flavor_image;
  617. $headline_row["flavor_stream"] = $flavor_stream;
  618. array_push($headlines, $headline_row);
  619. }
  620. } else if (is_numeric($result) && $result == -1) {
  621. $headlines_header['first_id_changed'] = true;
  622. }
  623. return array($headlines, $headlines_header);
  624. }
  625. function unsubscribeFeed() {
  626. $feed_id = (int) clean($_REQUEST["feed_id"]);
  627. $sth = $this->pdo->prepare("SELECT id FROM ttrss_feeds WHERE
  628. id = ? AND owner_uid = ?");
  629. $sth->execute([$feed_id, $_SESSION['uid']]);
  630. if ($row = $sth->fetch()) {
  631. Pref_Feeds::remove_feed($feed_id, $_SESSION["uid"]);
  632. $this->wrap(self::STATUS_OK, array("status" => "OK"));
  633. } else {
  634. $this->wrap(self::STATUS_ERR, array("error" => "FEED_NOT_FOUND"));
  635. }
  636. }
  637. function subscribeToFeed() {
  638. $feed_url = clean($_REQUEST["feed_url"]);
  639. $category_id = (int) clean($_REQUEST["category_id"]);
  640. $login = clean($_REQUEST["login"]);
  641. $password = clean($_REQUEST["password"]);
  642. if ($feed_url) {
  643. $rc = Feeds::subscribe_to_feed($feed_url, $category_id, $login, $password);
  644. $this->wrap(self::STATUS_OK, array("status" => $rc));
  645. } else {
  646. $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
  647. }
  648. }
  649. function getFeedTree() {
  650. $include_empty = API::param_to_bool(clean($_REQUEST['include_empty']));
  651. $pf = new Pref_Feeds($_REQUEST);
  652. $_REQUEST['mode'] = 2;
  653. $_REQUEST['force_show_empty'] = $include_empty;
  654. if ($pf){
  655. $data = $pf->makefeedtree();
  656. $this->wrap(self::STATUS_OK, array("categories" => $data));
  657. } else {
  658. $this->wrap(self::STATUS_ERR, array("error" =>
  659. 'UNABLE_TO_INSTANTIATE_OBJECT'));
  660. }
  661. }
  662. // only works for labels or uncategorized for the time being
  663. private function isCategoryEmpty($id) {
  664. if ($id == -2) {
  665. $sth = $this->pdo->prepare("SELECT COUNT(id) AS count FROM ttrss_labels2
  666. WHERE owner_uid = ?");
  667. $sth->execute([$_SESSION['uid']]);
  668. $row = $sth->fetch();
  669. return $row["count"] == 0;
  670. } else if ($id == 0) {
  671. $sth = $this->pdo->prepare("SELECT COUNT(id) AS count FROM ttrss_feeds
  672. WHERE cat_id IS NULL AND owner_uid = ?");
  673. $sth->execute([$_SESSION['uid']]);
  674. $row = $sth->fetch();
  675. return $row["count"] == 0;
  676. }
  677. return false;
  678. }
  679. }