public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-13 19:05:55 +00:00
Code Issues Releases Wiki Activity

fix blank character after opening bracket in function calls

Browse Source
This commit is contained in:
Andrew Dolgov
2013-04-17 18:34:18 +04:00
parent 72ff013729
commit a42c55f02b
56 changed files with 1399 additions and 1399 deletions
Download Patch File Download Diff File Expand all files Collapse all files

268
classes/pref/feeds.php
View File

@@ -15,11 +15,11 @@ class Pref_Feeds extends Handler_Protected {
}
function renamecat() {
$title = db_escape_string( $_REQUEST['title']);
$id = db_escape_string( $_REQUEST['id']);
$title = db_escape_string($_REQUEST['title']);
$id = db_escape_string($_REQUEST['id']);
if ($title) {
db_query( "UPDATE ttrss_feed_categories SET
db_query("UPDATE ttrss_feed_categories SET
title = '$title' WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
}
return;
@@ -37,11 +37,11 @@ class Pref_Feeds extends Handler_Protected {
// first one is set by API
$show_empty_cats = $_REQUEST['force_show_empty'] ||
($_REQUEST['mode'] != 2 && !$search &&
get_pref( '_PREFS_SHOW_EMPTY_CATS'));
get_pref('_PREFS_SHOW_EMPTY_CATS'));
$items = array();
$result = db_query( "SELECT id, title FROM ttrss_feed_categories
$result = db_query("SELECT id, title FROM ttrss_feed_categories
WHERE owner_uid = " . $_SESSION["uid"] . " AND parent_cat = '$cat_id' ORDER BY order_id, title");
while ($line = db_fetch_assoc($result)) {
@@ -65,7 +65,7 @@ class Pref_Feeds extends Handler_Protected {
}
$feed_result = db_query( "SELECT id, title, last_error,
$feed_result = db_query("SELECT id, title, last_error,
".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
FROM ttrss_feeds
WHERE cat_id = '$cat_id' AND owner_uid = ".$_SESSION["uid"].
@@ -108,7 +108,7 @@ class Pref_Feeds extends Handler_Protected {
$root['items'] = array();
$root['type'] = 'category';
$enable_cats = get_pref( 'ENABLE_FEED_CATS');
$enable_cats = get_pref('ENABLE_FEED_CATS');
if ($_REQUEST['mode'] == 2) {
@@ -154,12 +154,12 @@ class Pref_Feeds extends Handler_Protected {
$root['items'] = array_merge($root['items'], $cat['items']);
}
$result = db_query( "SELECT * FROM
$result = db_query("SELECT * FROM
ttrss_labels2 WHERE owner_uid = ".$_SESSION['uid']." ORDER by caption");
if (db_num_rows($result) > 0) {
if (get_pref( 'ENABLE_FEED_CATS')) {
if (get_pref('ENABLE_FEED_CATS')) {
$cat = $this->feedlist_init_cat(-2);
} else {
$cat['items'] = array();
@@ -188,9 +188,9 @@ class Pref_Feeds extends Handler_Protected {
if ($enable_cats) {
$show_empty_cats = $_REQUEST['force_show_empty'] ||
($_REQUEST['mode'] != 2 && !$search &&
get_pref( '_PREFS_SHOW_EMPTY_CATS'));
get_pref('_PREFS_SHOW_EMPTY_CATS'));
$result = db_query( "SELECT id, title FROM ttrss_feed_categories
$result = db_query("SELECT id, title FROM ttrss_feed_categories
WHERE owner_uid = " . $_SESSION["uid"] . " AND parent_cat IS NULL ORDER BY order_id, title");
while ($line = db_fetch_assoc($result)) {
@@ -226,7 +226,7 @@ class Pref_Feeds extends Handler_Protected {
$cat['unread'] = 0;
$cat['child_unread'] = 0;
$feed_result = db_query( "SELECT id, title,last_error,
$feed_result = db_query("SELECT id, title,last_error,
".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
FROM ttrss_feeds
WHERE cat_id IS NULL AND owner_uid = ".$_SESSION["uid"].
@@ -257,7 +257,7 @@ class Pref_Feeds extends Handler_Protected {
$root['param'] = vsprintf(_ngettext('(%d feed)', '(%d feeds)', count($cat['items'])), count($cat['items']));
} else {
$feed_result = db_query( "SELECT id, title, last_error,
$feed_result = db_query("SELECT id, title, last_error,
".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
FROM ttrss_feeds
WHERE owner_uid = ".$_SESSION["uid"].
@@ -296,20 +296,20 @@ class Pref_Feeds extends Handler_Protected {
}
function catsortreset() {
db_query( "UPDATE ttrss_feed_categories
db_query("UPDATE ttrss_feed_categories
SET order_id = 0 WHERE owner_uid = " . $_SESSION["uid"]);
return;
}
function feedsortreset() {
db_query( "UPDATE ttrss_feeds
db_query("UPDATE ttrss_feeds
SET order_id = 0 WHERE owner_uid = " . $_SESSION["uid"]);
return;
}
function togglehiddenfeedcats() {
set_pref( '_PREFS_SHOW_EMPTY_CATS',
(get_pref( '_PREFS_SHOW_EMPTY_CATS') ? 'false' : 'true'));
set_pref('_PREFS_SHOW_EMPTY_CATS',
(get_pref('_PREFS_SHOW_EMPTY_CATS') ? 'false' : 'true'));
}
private function process_category_order(&$data_map, $item_id, $parent_id = false, $nest_level = 0) {
@@ -326,12 +326,12 @@ class Pref_Feeds extends Handler_Protected {
if ($item_id != 'root') {
if ($parent_id && $parent_id != 'root') {
$parent_bare_id = substr($parent_id, strpos($parent_id, ':')+1);
$parent_qpart = db_escape_string( $parent_bare_id);
$parent_qpart = db_escape_string($parent_bare_id);
} else {
$parent_qpart = 'NULL';
}
db_query( "UPDATE ttrss_feed_categories
db_query("UPDATE ttrss_feed_categories
SET parent_cat = $parent_qpart WHERE id = '$bare_item_id' AND
owner_uid = " . $_SESSION["uid"]);
}
@@ -352,12 +352,12 @@ class Pref_Feeds extends Handler_Protected {
if (strpos($id, "FEED") === 0) {
$cat_id = ($item_id != "root") ?
db_escape_string( $bare_item_id) : "NULL";
db_escape_string($bare_item_id) : "NULL";
$cat_qpart = ($cat_id != 0) ? "cat_id = '$cat_id'" :
"cat_id = NULL";
db_query( "UPDATE ttrss_feeds
db_query("UPDATE ttrss_feeds
SET order_id = $order_id, $cat_qpart
WHERE id = '$bare_id' AND
owner_uid = " . $_SESSION["uid"]);
@@ -367,12 +367,12 @@ class Pref_Feeds extends Handler_Protected {
$nest_level+1);
if ($item_id != 'root') {
$parent_qpart = db_escape_string( $bare_id);
$parent_qpart = db_escape_string($bare_id);
} else {
$parent_qpart = 'NULL';
}
db_query( "UPDATE ttrss_feed_categories
db_query("UPDATE ttrss_feed_categories
SET order_id = '$order_id' WHERE id = '$bare_id' AND
owner_uid = " . $_SESSION["uid"]);
}
@@ -424,7 +424,7 @@ class Pref_Feeds extends Handler_Protected {
++$cat_order_id;
if ($bare_id > 0) {
db_query( "UPDATE ttrss_feed_categories
db_query("UPDATE ttrss_feed_categories
SET order_id = '$cat_order_id' WHERE id = '$bare_id' AND
owner_uid = " . $_SESSION["uid"]);
}
@@ -441,7 +441,7 @@ class Pref_Feeds extends Handler_Protected {
else
$cat_query = "cat_id = NULL";
db_query( "UPDATE ttrss_feeds
db_query("UPDATE ttrss_feeds
SET order_id = '$feed_order_id',
$cat_query
WHERE id = '$feed_id' AND
@@ -457,15 +457,15 @@ class Pref_Feeds extends Handler_Protected {
}
function removeicon() {
$feed_id = db_escape_string( $_REQUEST["feed_id"]);
$feed_id = db_escape_string($_REQUEST["feed_id"]);
$result = db_query( "SELECT id FROM ttrss_feeds
$result = db_query("SELECT id FROM ttrss_feeds
WHERE id = '$feed_id' AND owner_uid = ". $_SESSION["uid"]);
if (db_num_rows($result) != 0) {
@unlink(ICONS_DIR . "/$feed_id.ico");
db_query( "UPDATE ttrss_feeds SET favicon_avg_color = NULL
db_query("UPDATE ttrss_feeds SET favicon_avg_color = NULL
where id = '$feed_id'");
}
@@ -491,12 +491,12 @@ class Pref_Feeds extends Handler_Protected {
}
$icon_file = $tmp_file;
$feed_id = db_escape_string( $_REQUEST["feed_id"]);
$feed_id = db_escape_string($_REQUEST["feed_id"]);
if (is_file($icon_file) && $feed_id) {
if (filesize($icon_file) < 20000) {
$result = db_query( "SELECT id FROM ttrss_feeds
$result = db_query("SELECT id FROM ttrss_feeds
WHERE id = '$feed_id' AND owner_uid = ". $_SESSION["uid"]);
if (db_num_rows($result) != 0) {
@@ -508,7 +508,7 @@ class Pref_Feeds extends Handler_Protected {
$favicon_color = db_escape_string(
calculate_avg_color(ICONS_DIR . "/$feed_id.ico"));
db_query( "UPDATE ttrss_feeds SET
db_query("UPDATE ttrss_feeds SET
favicon_avg_color = '$favicon_color'
WHERE id = '$feed_id'");
@@ -536,7 +536,7 @@ class Pref_Feeds extends Handler_Protected {
global $purge_intervals;
global $update_intervals;
$feed_id = db_escape_string( $_REQUEST["id"]);
$feed_id = db_escape_string($_REQUEST["id"]);
$result = db_query(
"SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
@@ -585,7 +585,7 @@ class Pref_Feeds extends Handler_Protected {
/* Category */
if (get_pref( 'ENABLE_FEED_CATS')) {
if (get_pref('ENABLE_FEED_CATS')) {
$cat_id = db_fetch_result($result, 0, "cat_id");
@@ -593,7 +593,7 @@ class Pref_Feeds extends Handler_Protected {
print __('Place in category:') . " ";
print_feed_cat_select( "cat_id", $cat_id,
print_feed_cat_select("cat_id", $cat_id,
'dojoType="dijit.form.Select"');
}
@@ -782,7 +782,7 @@ class Pref_Feeds extends Handler_Protected {
global $purge_intervals;
global $update_intervals;
$feed_ids = db_escape_string( $_REQUEST["ids"]);
$feed_ids = db_escape_string($_REQUEST["ids"]);
print_notice("Enable the options you wish to apply using checkboxes on the right:");
@@ -816,13 +816,13 @@ class Pref_Feeds extends Handler_Protected {
/* Category */
if (get_pref( 'ENABLE_FEED_CATS')) {
if (get_pref('ENABLE_FEED_CATS')) {
print "<br/>";
print __('Place in category:') . " ";
print_feed_cat_select( "cat_id", $cat_id,
print_feed_cat_select("cat_id", $cat_id,
'disabled="1" dojoType="dijit.form.Select"');
$this->batch_edit_cbox("cat_id");
@@ -938,27 +938,27 @@ class Pref_Feeds extends Handler_Protected {
function editsaveops($batch) {
$feed_title = db_escape_string( trim($_POST["title"]));
$feed_link = db_escape_string( trim($_POST["feed_url"]));
$upd_intl = (int) db_escape_string( $_POST["update_interval"]);
$purge_intl = (int) db_escape_string( $_POST["purge_interval"]);
$feed_id = (int) db_escape_string( $_POST["id"]); /* editSave */
$feed_ids = db_escape_string( $_POST["ids"]); /* batchEditSave */
$cat_id = (int) db_escape_string( $_POST["cat_id"]);
$auth_login = db_escape_string( trim($_POST["auth_login"]));
$feed_title = db_escape_string(trim($_POST["title"]));
$feed_link = db_escape_string(trim($_POST["feed_url"]));
$upd_intl = (int) db_escape_string($_POST["update_interval"]);
$purge_intl = (int) db_escape_string($_POST["purge_interval"]);
$feed_id = (int) db_escape_string($_POST["id"]); /* editSave */
$feed_ids = db_escape_string($_POST["ids"]); /* batchEditSave */
$cat_id = (int) db_escape_string($_POST["cat_id"]);
$auth_login = db_escape_string(trim($_POST["auth_login"]));
$auth_pass = trim($_POST["auth_pass"]);
$private = checkbox_to_sql_bool(db_escape_string( $_POST["private"]));
$private = checkbox_to_sql_bool(db_escape_string($_POST["private"]));
$include_in_digest = checkbox_to_sql_bool(
db_escape_string( $_POST["include_in_digest"]));
db_escape_string($_POST["include_in_digest"]));
$cache_images = checkbox_to_sql_bool(
db_escape_string( $_POST["cache_images"]));
db_escape_string($_POST["cache_images"]));
$hide_images = checkbox_to_sql_bool(
db_escape_string( $_POST["hide_images"]));
db_escape_string($_POST["hide_images"]));
$always_display_enclosures = checkbox_to_sql_bool(
db_escape_string( $_POST["always_display_enclosures"]));
db_escape_string($_POST["always_display_enclosures"]));
$mark_unread_on_update = checkbox_to_sql_bool(
db_escape_string( $_POST["mark_unread_on_update"]));
db_escape_string($_POST["mark_unread_on_update"]));
if (strlen(FEED_CRYPT_KEY) > 0) {
require_once "crypt.php";
@@ -968,9 +968,9 @@ class Pref_Feeds extends Handler_Protected {
$auth_pass_encrypted = 'false';
}
$auth_pass = db_escape_string( $auth_pass);
$auth_pass = db_escape_string($auth_pass);
if (get_pref( 'ENABLE_FEED_CATS')) {
if (get_pref('ENABLE_FEED_CATS')) {
if ($cat_id && $cat_id != 0) {
$category_qpart = "cat_id = '$cat_id',";
$category_qpart_nocomma = "cat_id = '$cat_id'";
@@ -985,7 +985,7 @@ class Pref_Feeds extends Handler_Protected {
if (!$batch) {
$result = db_query( "UPDATE ttrss_feeds SET
$result = db_query("UPDATE ttrss_feeds SET
$category_qpart
title = '$feed_title', feed_url = '$feed_link',
update_interval = '$upd_intl',
@@ -1010,7 +1010,7 @@ class Pref_Feeds extends Handler_Protected {
}
}
db_query( "BEGIN");
db_query("BEGIN");
foreach (array_keys($feed_data) as $k) {
@@ -1080,16 +1080,16 @@ class Pref_Feeds extends Handler_Protected {
}
}
db_query( "COMMIT");
db_query("COMMIT");
}
return;
}
function resetPubSub() {
$ids = db_escape_string( $_REQUEST["ids"]);
$ids = db_escape_string($_REQUEST["ids"]);
db_query( "UPDATE ttrss_feeds SET pubsub_state = 0 WHERE id IN ($ids)
db_query("UPDATE ttrss_feeds SET pubsub_state = 0 WHERE id IN ($ids)
AND owner_uid = " . $_SESSION["uid"]);
return;
@@ -1097,30 +1097,30 @@ class Pref_Feeds extends Handler_Protected {
function remove() {
$ids = explode(",", db_escape_string( $_REQUEST["ids"]));
$ids = explode(",", db_escape_string($_REQUEST["ids"]));
foreach ($ids as $id) {
Pref_Feeds::remove_feed( $id, $_SESSION["uid"]);
Pref_Feeds::remove_feed($id, $_SESSION["uid"]);
}
return;
}
function clear() {
$id = db_escape_string( $_REQUEST["id"]);
$this->clear_feed_articles( $id);
$id = db_escape_string($_REQUEST["id"]);
$this->clear_feed_articles($id);
}
function rescore() {
require_once "rssfuncs.php";
$ids = explode(",", db_escape_string( $_REQUEST["ids"]));
$ids = explode(",", db_escape_string($_REQUEST["ids"]));
foreach ($ids as $id) {
$filters = load_filters( $id, $_SESSION["uid"], 6);
$filters = load_filters($id, $_SESSION["uid"], 6);
$result = db_query( "SELECT
$result = db_query("SELECT
title, content, link, ref_id, author,".
SUBSTRING_FOR_DATE."(updated, 1, 19) AS updated
FROM
@@ -1133,7 +1133,7 @@ class Pref_Feeds extends Handler_Protected {
while ($line = db_fetch_assoc($result)) {
$tags = get_article_tags( $line["ref_id"]);
$tags = get_article_tags($line["ref_id"]);
$article_filters = get_article_filters($filters, $line['title'],
$line['content'], $line['link'], strtotime($line['updated']),
@@ -1148,15 +1148,15 @@ class Pref_Feeds extends Handler_Protected {
foreach (array_keys($scores) as $s) {
if ($s > 1000) {
db_query( "UPDATE ttrss_user_entries SET score = '$s',
db_query("UPDATE ttrss_user_entries SET score = '$s',
marked = true WHERE
ref_id IN (" . join(',', $scores[$s]) . ")");
} else if ($s < -500) {
db_query( "UPDATE ttrss_user_entries SET score = '$s',
db_query("UPDATE ttrss_user_entries SET score = '$s',
unread = false WHERE
ref_id IN (" . join(',', $scores[$s]) . ")");
} else {
db_query( "UPDATE ttrss_user_entries SET score = '$s' WHERE
db_query("UPDATE ttrss_user_entries SET score = '$s' WHERE
ref_id IN (" . join(',', $scores[$s]) . ")");
}
}
@@ -1175,9 +1175,9 @@ class Pref_Feeds extends Handler_Protected {
$id = $feed_line["id"];
$filters = load_filters( $id, $_SESSION["uid"], 6);
$filters = load_filters($id, $_SESSION["uid"], 6);
$tmp_result = db_query( "SELECT
$tmp_result = db_query("SELECT
title, content, link, ref_id, author,".
SUBSTRING_FOR_DATE."(updated, 1, 19) AS updated
FROM
@@ -1190,7 +1190,7 @@ class Pref_Feeds extends Handler_Protected {
while ($line = db_fetch_assoc($tmp_result)) {
$tags = get_article_tags( $line["ref_id"]);
$tags = get_article_tags($line["ref_id"]);
$article_filters = get_article_filters($filters, $line['title'],
$line['content'], $line['link'], strtotime($line['updated']),
@@ -1205,11 +1205,11 @@ class Pref_Feeds extends Handler_Protected {
foreach (array_keys($scores) as $s) {
if ($s > 1000) {
db_query( "UPDATE ttrss_user_entries SET score = '$s',
db_query("UPDATE ttrss_user_entries SET score = '$s',
marked = true WHERE
ref_id IN (" . join(',', $scores[$s]) . ")");
} else {
db_query( "UPDATE ttrss_user_entries SET score = '$s' WHERE
db_query("UPDATE ttrss_user_entries SET score = '$s' WHERE
ref_id IN (" . join(',', $scores[$s]) . ")");
}
}
@@ -1220,9 +1220,9 @@ class Pref_Feeds extends Handler_Protected {
}
function categorize() {
$ids = explode(",", db_escape_string( $_REQUEST["ids"]));
$ids = explode(",", db_escape_string($_REQUEST["ids"]));
$cat_id = db_escape_string( $_REQUEST["cat_id"]);
$cat_id = db_escape_string($_REQUEST["cat_id"]);
if ($cat_id == 0) {
$cat_id_qpart = 'NULL';
@@ -1230,30 +1230,30 @@ class Pref_Feeds extends Handler_Protected {
$cat_id_qpart = "'$cat_id'";
}
db_query( "BEGIN");
db_query("BEGIN");
foreach ($ids as $id) {
db_query( "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
db_query("UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
WHERE id = '$id'
AND owner_uid = " . $_SESSION["uid"]);
}
db_query( "COMMIT");
db_query("COMMIT");
}
function removeCat() {
$ids = explode(",", db_escape_string( $_REQUEST["ids"]));
$ids = explode(",", db_escape_string($_REQUEST["ids"]));
foreach ($ids as $id) {
$this->remove_feed_category( $id, $_SESSION["uid"]);
$this->remove_feed_category($id, $_SESSION["uid"]);
}
}
function addCat() {
$feed_cat = db_escape_string( trim($_REQUEST["cat"]));
$feed_cat = db_escape_string(trim($_REQUEST["cat"]));
add_feed_category( $feed_cat);
add_feed_category($feed_cat);
}
function index() {
@@ -1261,7 +1261,7 @@ class Pref_Feeds extends Handler_Protected {
print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">";
print "<div id=\"pref-feeds-feeds\" dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Feeds')."\">";
$result = db_query( "SELECT COUNT(id) AS num_errors
$result = db_query("SELECT COUNT(id) AS num_errors
FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
$num_errors = db_fetch_result($result, 0, "num_errors");
@@ -1279,7 +1279,7 @@ class Pref_Feeds extends Handler_Protected {
$interval_qpart = "DATE_SUB(NOW(), INTERVAL 3 MONTH)";
}
$result = db_query( "SELECT COUNT(*) AS num_inactive FROM ttrss_feeds WHERE
$result = db_query("SELECT COUNT(*) AS num_inactive FROM ttrss_feeds WHERE
(SELECT MAX(updated) FROM ttrss_entries, ttrss_user_entries WHERE
ttrss_entries.id = ref_id AND
ttrss_user_entries.feed_id = ttrss_feeds.id) < $interval_qpart AND
@@ -1293,7 +1293,7 @@ class Pref_Feeds extends Handler_Protected {
__("Inactive feeds") . "</button>";
}
$feed_search = db_escape_string( $_REQUEST["search"]);
$feed_search = db_escape_string($_REQUEST["search"]);
if (array_key_exists("search", $_REQUEST)) {
$_SESSION["prefs_feed_search"] = $feed_search;
@@ -1336,7 +1336,7 @@ class Pref_Feeds extends Handler_Protected {
.__('Unsubscribe')."</div> ";
print "</div></div>";
if (get_pref( 'ENABLE_FEED_CATS')) {
if (get_pref('ENABLE_FEED_CATS')) {
print "<div dojoType=\"dijit.form.DropDownButton\">".
"<span>" . __('Categories')."</span>";
print "<div dojoType=\"dijit.Menu\" style=\"display: none;\">";
@@ -1522,14 +1522,14 @@ class Pref_Feeds extends Handler_Protected {
$cat_id = (int) $cat_id;
if ($cat_id > 0) {
$cat_unread = ccache_find( $cat_id, $_SESSION["uid"], true);
$cat_unread = ccache_find($cat_id, $_SESSION["uid"], true);
} else if ($cat_id == 0 || $cat_id == -2) {
$cat_unread = getCategoryUnread( $cat_id);
$cat_unread = getCategoryUnread($cat_id);
}
$obj['id'] = 'CAT:' . $cat_id;
$obj['items'] = array();
$obj['name'] = getCategoryTitle( $cat_id);
$obj['name'] = getCategoryTitle($cat_id);
$obj['type'] = 'category';
$obj['unread'] = (int) $cat_unread;
$obj['bare_id'] = $cat_id;
@@ -1542,10 +1542,10 @@ class Pref_Feeds extends Handler_Protected {
$feed_id = (int) $feed_id;
if (!$title)
$title = getFeedTitle( $feed_id, false);
$title = getFeedTitle($feed_id, false);
if ($unread === false)
$unread = getFeedUnread( $feed_id, false);
$unread = getFeedUnread($feed_id, false);
$obj['id'] = 'FEED:' . $feed_id;
$obj['name'] = $title;
@@ -1567,7 +1567,7 @@ class Pref_Feeds extends Handler_Protected {
$interval_qpart = "DATE_SUB(NOW(), INTERVAL 3 MONTH)";
}
$result = db_query( "SELECT ttrss_feeds.title, ttrss_feeds.site_url,
$result = db_query("SELECT ttrss_feeds.title, ttrss_feeds.site_url,
ttrss_feeds.feed_url, ttrss_feeds.id, MAX(updated) AS last_article
FROM ttrss_feeds, ttrss_entries, ttrss_user_entries WHERE
(SELECT MAX(updated) FROM ttrss_entries, ttrss_user_entries WHERE
@@ -1621,7 +1621,7 @@ class Pref_Feeds extends Handler_Protected {
htmlspecialchars($line["title"])."</a>";
print "</td><td class=\"insensitive\" align='right'>";
print make_local_datetime( $line['last_article'], false);
print make_local_datetime($line['last_article'], false);
print "</td>";
print "</tr>";
@@ -1648,7 +1648,7 @@ class Pref_Feeds extends Handler_Protected {
print "<h2>" . __("These feeds have not been updated because of errors:") .
"</h2>";
$result = db_query( "SELECT id,title,feed_url,last_error,site_url
$result = db_query("SELECT id,title,feed_url,last_error,site_url
FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
print "<div dojoType=\"dijit.Toolbar\">";
@@ -1725,50 +1725,50 @@ class Pref_Feeds extends Handler_Protected {
private function clear_feed_articles($id) {
if ($id != 0) {
$result = db_query( "DELETE FROM ttrss_user_entries
$result = db_query("DELETE FROM ttrss_user_entries
WHERE feed_id = '$id' AND marked = false AND owner_uid = " . $_SESSION["uid"]);
} else {
$result = db_query( "DELETE FROM ttrss_user_entries
$result = db_query("DELETE FROM ttrss_user_entries
WHERE feed_id IS NULL AND marked = false AND owner_uid = " . $_SESSION["uid"]);
}
$result = db_query( "DELETE FROM ttrss_entries WHERE
$result = db_query("DELETE FROM ttrss_entries WHERE
(SELECT COUNT(int_id) FROM ttrss_user_entries WHERE ref_id = id) = 0");
ccache_update( $id, $_SESSION['uid']);
ccache_update($id, $_SESSION['uid']);
} // function clear_feed_articles
private function remove_feed_category( $id, $owner_uid) {
private function remove_feed_category($id, $owner_uid) {
db_query( "DELETE FROM ttrss_feed_categories
db_query("DELETE FROM ttrss_feed_categories
WHERE id = '$id' AND owner_uid = $owner_uid");
ccache_remove( $id, $owner_uid, true);
ccache_remove($id, $owner_uid, true);
}
static function remove_feed( $id, $owner_uid) {
static function remove_feed($id, $owner_uid) {
if ($id > 0) {
/* save starred articles in Archived feed */
db_query( "BEGIN");
db_query("BEGIN");
/* prepare feed if necessary */
$result = db_query( "SELECT feed_url FROM ttrss_feeds WHERE id = $id
$result = db_query("SELECT feed_url FROM ttrss_feeds WHERE id = $id
AND owner_uid = $owner_uid");
$feed_url = db_escape_string( db_fetch_result($result, 0, "feed_url"));
$feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url"));
$result = db_query( "SELECT id FROM ttrss_archived_feeds
$result = db_query("SELECT id FROM ttrss_archived_feeds
WHERE feed_url = '$feed_url' AND owner_uid = $owner_uid");
if (db_num_rows($result) == 0) {
$result = db_query( "SELECT MAX(id) AS id FROM ttrss_archived_feeds");
$result = db_query("SELECT MAX(id) AS id FROM ttrss_archived_feeds");
$new_feed_id = (int)db_fetch_result($result, 0, "id") + 1;
db_query( "INSERT INTO ttrss_archived_feeds
db_query("INSERT INTO ttrss_archived_feeds
(id, owner_uid, title, feed_url, site_url)
SELECT $new_feed_id, owner_uid, title, feed_url, site_url from ttrss_feeds
WHERE id = '$id'");
@@ -1778,31 +1778,31 @@ class Pref_Feeds extends Handler_Protected {
$archive_id = db_fetch_result($result, 0, "id");
}
db_query( "UPDATE ttrss_user_entries SET feed_id = NULL,
db_query("UPDATE ttrss_user_entries SET feed_id = NULL,
orig_feed_id = '$archive_id' WHERE feed_id = '$id' AND
marked = true AND owner_uid = $owner_uid");
/* Remove access key for the feed */
db_query( "DELETE FROM ttrss_access_keys WHERE
db_query("DELETE FROM ttrss_access_keys WHERE
feed_id = '$id' AND owner_uid = $owner_uid");
/* remove the feed */
db_query( "DELETE FROM ttrss_feeds
db_query("DELETE FROM ttrss_feeds
WHERE id = '$id' AND owner_uid = $owner_uid");
db_query( "COMMIT");
db_query("COMMIT");
if (file_exists(ICONS_DIR . "/$id.ico")) {
unlink(ICONS_DIR . "/$id.ico");
}
ccache_remove( $id, $owner_uid);
ccache_remove($id, $owner_uid);
} else {
label_remove( feed_to_label_id($id), $owner_uid);
//ccache_remove( $id, $owner_uid); don't think labels are cached
label_remove(feed_to_label_id($id), $owner_uid);
//ccache_remove($id, $owner_uid); don't think labels are cached
}
}
@@ -1813,9 +1813,9 @@ class Pref_Feeds extends Handler_Protected {
print "<table width='100%'><tr><td>
".__("Add one valid RSS feed per line (no feed detection is done)")."
</td><td align='right'>";
if (get_pref( 'ENABLE_FEED_CATS')) {
if (get_pref('ENABLE_FEED_CATS')) {
print __('Place in category:') . " ";
print_feed_cat_select( "cat", false, 'dojoType="dijit.form.Select"');
print_feed_cat_select("cat", false, 'dojoType="dijit.form.Select"');
}
print "</td></tr><tr><td colspan='2'>";
print "<textarea
@@ -1855,17 +1855,17 @@ class Pref_Feeds extends Handler_Protected {
}
function batchAddFeeds() {
$cat_id = db_escape_string( $_REQUEST['cat']);
$cat_id = db_escape_string($_REQUEST['cat']);
$feeds = explode("\n", $_REQUEST['feeds']);
$login = db_escape_string( $_REQUEST['login']);
$login = db_escape_string($_REQUEST['login']);
$pass = trim($_REQUEST['pass']);
foreach ($feeds as $feed) {
$feed = db_escape_string( trim($feed));
$feed = db_escape_string(trim($feed));
if (validate_feed_url($feed)) {
db_query( "BEGIN");
db_query("BEGIN");
if ($cat_id == "0" || !$cat_id) {
$cat_qpart = "NULL";
@@ -1885,7 +1885,7 @@ class Pref_Feeds extends Handler_Protected {
$auth_pass_encrypted = 'false';
}
$pass = db_escape_string( $pass);
$pass = db_escape_string($pass);
if (db_num_rows($result) == 0) {
$result = db_query(
@@ -1895,13 +1895,13 @@ class Pref_Feeds extends Handler_Protected {
'[Unknown]', $cat_qpart, '$login', '$pass', 0, $auth_pass_encrypted)");
}
db_query( "COMMIT");
db_query("COMMIT");
}
}
}
function regenOPMLKey() {
$this->update_feed_access_key( 'OPML:Publish',
$this->update_feed_access_key('OPML:Publish',
false, $_SESSION["uid"]);
$new_link = Opml::opml_publish_url();
@@ -1910,41 +1910,41 @@ class Pref_Feeds extends Handler_Protected {
}
function regenFeedKey() {
$feed_id = db_escape_string( $_REQUEST['id']);
$is_cat = db_escape_string( $_REQUEST['is_cat']) == "true";
$feed_id = db_escape_string($_REQUEST['id']);
$is_cat = db_escape_string($_REQUEST['is_cat']) == "true";
$new_key = $this->update_feed_access_key( $feed_id, $is_cat);
$new_key = $this->update_feed_access_key($feed_id, $is_cat);
print json_encode(array("link" => $new_key));
}
private function update_feed_access_key( $feed_id, $is_cat, $owner_uid = false) {
private function update_feed_access_key($feed_id, $is_cat, $owner_uid = false) {
if (!$owner_uid) $owner_uid = $_SESSION["uid"];
$sql_is_cat = bool_to_sql_bool($is_cat);
$result = db_query( "SELECT access_key FROM ttrss_access_keys
$result = db_query("SELECT access_key FROM ttrss_access_keys
WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat
AND owner_uid = " . $owner_uid);
if (db_num_rows($result) == 1) {
$key = db_escape_string( sha1(uniqid(rand(), true)));
$key = db_escape_string(sha1(uniqid(rand(), true)));
db_query( "UPDATE ttrss_access_keys SET access_key = '$key'
db_query("UPDATE ttrss_access_keys SET access_key = '$key'
WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat
AND owner_uid = " . $owner_uid);
return $key;
} else {
return get_feed_access_key( $feed_id, $is_cat, $owner_uid);
return get_feed_access_key($feed_id, $is_cat, $owner_uid);
}
}
// Silent
function clearKeys() {
db_query( "DELETE FROM ttrss_access_keys WHERE
db_query("DELETE FROM ttrss_access_keys WHERE
owner_uid = " . $_SESSION["uid"]);
}

124
classes/pref/filters.php
View File

@@ -9,7 +9,7 @@ class Pref_Filters extends Handler_Protected {
}
function filtersortreset() {
db_query( "UPDATE ttrss_filters2
db_query("UPDATE ttrss_filters2
SET order_id = 0 WHERE owner_uid = " . $_SESSION["uid"]);
return;
}
@@ -31,7 +31,7 @@ class Pref_Filters extends Handler_Protected {
if ($filter_id > 0) {
db_query( "UPDATE ttrss_filters2 SET
db_query("UPDATE ttrss_filters2 SET
order_id = $index WHERE id = '$filter_id' AND
owner_uid = " .$_SESSION["uid"]);
@@ -49,13 +49,13 @@ class Pref_Filters extends Handler_Protected {
$filter["enabled"] = true;
$filter["match_any_rule"] = sql_bool_to_bool(
checkbox_to_sql_bool(db_escape_string( $_REQUEST["match_any_rule"])));
checkbox_to_sql_bool(db_escape_string($_REQUEST["match_any_rule"])));
$filter["inverse"] = sql_bool_to_bool(
checkbox_to_sql_bool(db_escape_string( $_REQUEST["inverse"])));
checkbox_to_sql_bool(db_escape_string($_REQUEST["inverse"])));
$filter["rules"] = array();
$result = db_query( "SELECT id,name FROM ttrss_filter_types");
$result = db_query("SELECT id,name FROM ttrss_filter_types");
$filter_types = array();
while ($line = db_fetch_assoc($result)) {
@@ -83,9 +83,9 @@ class Pref_Filters extends Handler_Protected {
}
}
$feed_title = getFeedTitle( $feed);
$feed_title = getFeedTitle($feed);
$qfh_ret = queryFeedHeadlines( -4, 30, "", false, false, false,
$qfh_ret = queryFeedHeadlines(-4, 30, "", false, false, false,
"date_entered DESC", 0, $_SESSION["uid"], $filter);
$result = $qfh_ret[0];
@@ -101,7 +101,7 @@ class Pref_Filters extends Handler_Protected {
while ($line = db_fetch_assoc($result)) {
$entry_timestamp = strtotime($line["updated"]);
$entry_tags = get_article_tags( $line["id"], $_SESSION["uid"]);
$entry_tags = get_article_tags($line["id"], $_SESSION["uid"]);
$content_preview = truncate_string(
strip_tags($line["content_preview"]), 100, '...');
@@ -158,7 +158,7 @@ class Pref_Filters extends Handler_Protected {
$filter_search = $_SESSION["prefs_filter_search"];
$result = db_query( "SELECT *,
$result = db_query("SELECT *,
(SELECT action_param FROM ttrss_filters2_actions
WHERE filter_id = ttrss_filters2.id ORDER BY id LIMIT 1) AS action_param,
(SELECT action_id FROM ttrss_filters2_actions
@@ -206,8 +206,8 @@ class Pref_Filters extends Handler_Protected {
}
if ($line['action_id'] == 7) {
$label_result = db_query( "SELECT fg_color, bg_color
FROM ttrss_labels2 WHERE caption = '".db_escape_string( $line['action_param'])."' AND
$label_result = db_query("SELECT fg_color, bg_color
FROM ttrss_labels2 WHERE caption = '".db_escape_string($line['action_param'])."' AND
owner_uid = " . $_SESSION["uid"]);
if (db_num_rows($label_result) > 0) {
@@ -248,7 +248,7 @@ class Pref_Filters extends Handler_Protected {
function edit() {
$filter_id = db_escape_string( $_REQUEST["id"]);
$filter_id = db_escape_string($_REQUEST["id"]);
$result = db_query(
"SELECT * FROM ttrss_filters2 WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
@@ -294,7 +294,7 @@ class Pref_Filters extends Handler_Protected {
print "<ul id='filterDlg_Matches'>";
$rules_result = db_query( "SELECT * FROM ttrss_filters2_rules
$rules_result = db_query("SELECT * FROM ttrss_filters2_rules
WHERE filter_id = '$filter_id' ORDER BY reg_exp, id");
while ($line = db_fetch_assoc($rules_result)) {
@@ -342,7 +342,7 @@ class Pref_Filters extends Handler_Protected {
print "<ul id='filterDlg_Actions'>";
$actions_result = db_query( "SELECT * FROM ttrss_filters2_actions
$actions_result = db_query("SELECT * FROM ttrss_filters2_actions
WHERE filter_id = '$filter_id' ORDER BY id");
while ($line = db_fetch_assoc($actions_result)) {
@@ -417,17 +417,17 @@ class Pref_Filters extends Handler_Protected {
if (strpos($feed_id, "CAT:") === 0) {
$feed_id = (int) substr($feed_id, 4);
$feed = getCategoryTitle( $feed_id);
$feed = getCategoryTitle($feed_id);
} else {
$feed_id = (int) $feed_id;
if ($rule["feed_id"])
$feed = getFeedTitle( (int)$rule["feed_id"]);
$feed = getFeedTitle((int)$rule["feed_id"]);
else
$feed = __("All feeds");
}
$result = db_query( "SELECT description FROM ttrss_filter_types
$result = db_query("SELECT description FROM ttrss_filter_types
WHERE id = ".(int)$rule["filter_type"]);
$filter_type = db_fetch_result($result, 0, "description");
@@ -440,7 +440,7 @@ class Pref_Filters extends Handler_Protected {
}
private function getActionName($action) {
$result = db_query( "SELECT description FROM
$result = db_query("SELECT description FROM
ttrss_filter_actions WHERE id = " .(int)$action["action_id"]);
$title = __(db_fetch_result($result, 0, "description"));
@@ -463,13 +463,13 @@ class Pref_Filters extends Handler_Protected {
# print_r($_REQUEST);
$filter_id = db_escape_string( $_REQUEST["id"]);
$enabled = checkbox_to_sql_bool(db_escape_string( $_REQUEST["enabled"]));
$match_any_rule = checkbox_to_sql_bool(db_escape_string( $_REQUEST["match_any_rule"]));
$inverse = checkbox_to_sql_bool(db_escape_string( $_REQUEST["inverse"]));
$title = db_escape_string( $_REQUEST["title"]);
$filter_id = db_escape_string($_REQUEST["id"]);
$enabled = checkbox_to_sql_bool(db_escape_string($_REQUEST["enabled"]));
$match_any_rule = checkbox_to_sql_bool(db_escape_string($_REQUEST["match_any_rule"]));
$inverse = checkbox_to_sql_bool(db_escape_string($_REQUEST["inverse"]));
$title = db_escape_string($_REQUEST["title"]);
$result = db_query( "UPDATE ttrss_filters2 SET enabled = $enabled,
$result = db_query("UPDATE ttrss_filters2 SET enabled = $enabled,
match_any_rule = $match_any_rule,
inverse = $inverse,
title = '$title'
@@ -482,17 +482,17 @@ class Pref_Filters extends Handler_Protected {
function remove() {
$ids = explode(",", db_escape_string( $_REQUEST["ids"]));
$ids = explode(",", db_escape_string($_REQUEST["ids"]));
foreach ($ids as $id) {
db_query( "DELETE FROM ttrss_filters2 WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
db_query("DELETE FROM ttrss_filters2 WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
}
}
private function saveRulesAndActions($filter_id) {
db_query( "DELETE FROM ttrss_filters2_rules WHERE filter_id = '$filter_id'");
db_query( "DELETE FROM ttrss_filters2_actions WHERE filter_id = '$filter_id'");
db_query("DELETE FROM ttrss_filters2_rules WHERE filter_id = '$filter_id'");
db_query("DELETE FROM ttrss_filters2_actions WHERE filter_id = '$filter_id'");
if ($filter_id) {
/* create rules */
@@ -521,11 +521,11 @@ class Pref_Filters extends Handler_Protected {
foreach ($rules as $rule) {
if ($rule) {
$reg_exp = strip_tags(db_escape_string( trim($rule["reg_exp"])));
$reg_exp = strip_tags(db_escape_string(trim($rule["reg_exp"])));
$inverse = isset($rule["inverse"]) ? "true" : "false";
$filter_type = (int) db_escape_string( trim($rule["filter_type"]));
$feed_id = db_escape_string( trim($rule["feed_id"]));
$filter_type = (int) db_escape_string(trim($rule["filter_type"]));
$feed_id = db_escape_string(trim($rule["feed_id"]));
if (strpos($feed_id, "CAT:") === 0) {
@@ -546,16 +546,16 @@ class Pref_Filters extends Handler_Protected {
(filter_id, reg_exp,filter_type,feed_id,cat_id,cat_filter,inverse) VALUES
('$filter_id', '$reg_exp', '$filter_type', $feed_id, $cat_id, $cat_filter, $inverse)";
db_query( $query);
db_query($query);
}
}
foreach ($actions as $action) {
if ($action) {
$action_id = (int) db_escape_string( $action["action_id"]);
$action_param = db_escape_string( $action["action_param"]);
$action_param_label = db_escape_string( $action["action_param_label"]);
$action_id = (int) db_escape_string($action["action_id"]);
$action_param = db_escape_string($action["action_param"]);
$action_param_label = db_escape_string($action["action_param_label"]);
if ($action_id == 7) {
$action_param = $action_param_label;
@@ -569,7 +569,7 @@ class Pref_Filters extends Handler_Protected {
(filter_id, action_id, action_param) VALUES
('$filter_id', '$action_id', '$action_param')";
db_query( $query);
db_query($query);
}
}
}
@@ -586,35 +586,35 @@ class Pref_Filters extends Handler_Protected {
$enabled = checkbox_to_sql_bool($_REQUEST["enabled"]);
$match_any_rule = checkbox_to_sql_bool($_REQUEST["match_any_rule"]);
$title = db_escape_string( $_REQUEST["title"]);
$title = db_escape_string($_REQUEST["title"]);
db_query( "BEGIN");
db_query("BEGIN");
/* create base filter */
$result = db_query( "INSERT INTO ttrss_filters2
$result = db_query("INSERT INTO ttrss_filters2
(owner_uid, match_any_rule, enabled, title) VALUES
(".$_SESSION["uid"].",$match_any_rule,$enabled, '$title')");
$result = db_query( "SELECT MAX(id) AS id FROM ttrss_filters2
$result = db_query("SELECT MAX(id) AS id FROM ttrss_filters2
WHERE owner_uid = ".$_SESSION["uid"]);
$filter_id = db_fetch_result($result, 0, "id");
$this->saveRulesAndActions($filter_id);
db_query( "COMMIT");
db_query("COMMIT");
}
function index() {
$sort = db_escape_string( $_REQUEST["sort"]);
$sort = db_escape_string($_REQUEST["sort"]);
if (!$sort || $sort == "undefined") {
$sort = "reg_exp";
}
$filter_search = db_escape_string( $_REQUEST["search"]);
$filter_search = db_escape_string($_REQUEST["search"]);
if (array_key_exists("search", $_REQUEST)) {
$_SESSION["prefs_filter_search"] = $filter_search;
@@ -626,7 +626,7 @@ class Pref_Filters extends Handler_Protected {
print "<div id=\"pref-filter-header\" dojoType=\"dijit.layout.ContentPane\" region=\"top\">";
print "<div id=\"pref-filter-toolbar\" dojoType=\"dijit.Toolbar\">";
$filter_search = db_escape_string( $_REQUEST["search"]);
$filter_search = db_escape_string($_REQUEST["search"]);
if (array_key_exists("search", $_REQUEST)) {
$_SESSION["prefs_filter_search"] = $filter_search;
@@ -832,7 +832,7 @@ class Pref_Filters extends Handler_Protected {
print "<form name='filter_new_rule_form' id='filter_new_rule_form'>";
$result = db_query( "SELECT id,description
$result = db_query("SELECT id,description
FROM ttrss_filter_types WHERE id != 5 ORDER BY description");
$filter_types = array();
@@ -864,7 +864,7 @@ class Pref_Filters extends Handler_Protected {
print __("in") . " ";
print "<span id='filterDlg_feeds'>";
print_feed_select( "feed_id",
print_feed_select("feed_id",
$cat_filter ? "CAT:$feed_id" : $feed_id,
'dojoType="dijit.form.FilteringSelect"');
print "</span>";
@@ -888,7 +888,7 @@ class Pref_Filters extends Handler_Protected {
$action = json_decode($_REQUEST["action"], true);
if ($action) {
$action_param = db_escape_string( $action["action_param"]);
$action_param = db_escape_string($action["action_param"]);
$action_id = (int)$action["action_id"];
} else {
$action_param = "";
@@ -904,7 +904,7 @@ class Pref_Filters extends Handler_Protected {
print "<select name=\"action_id\" dojoType=\"dijit.form.Select\"
onchange=\"filterDlgCheckAction(this)\">";
$result = db_query( "SELECT id,description FROM ttrss_filter_actions
$result = db_query("SELECT id,description FROM ttrss_filter_actions
ORDER BY name");
while ($line = db_fetch_assoc($result)) {
@@ -928,7 +928,7 @@ class Pref_Filters extends Handler_Protected {
id=\"filterDlg_actionParam\" style=\"$param_hidden\"
name=\"action_param\" value=\"$action_param\">";
print_label_select( "action_param_label", $action_param,
print_label_select("action_param_label", $action_param,
"id=\"filterDlg_actionParamLabel\" style=\"$label_param_hidden\"
dojoType=\"dijit.form.Select\"");
@@ -987,22 +987,22 @@ class Pref_Filters extends Handler_Protected {
}
function join() {
$ids = explode(",", db_escape_string( $_REQUEST["ids"]));
$ids = explode(",", db_escape_string($_REQUEST["ids"]));
if (count($ids) > 1) {
$base_id = array_shift($ids);
$ids_str = join(",", $ids);
db_query( "BEGIN");
db_query( "UPDATE ttrss_filters2_rules
db_query("BEGIN");
db_query("UPDATE ttrss_filters2_rules
SET filter_id = '$base_id' WHERE filter_id IN ($ids_str)");
db_query( "UPDATE ttrss_filters2_actions
db_query("UPDATE ttrss_filters2_actions
SET filter_id = '$base_id' WHERE filter_id IN ($ids_str)");
db_query( "DELETE FROM ttrss_filters2 WHERE id IN ($ids_str)");
db_query( "UPDATE ttrss_filters2 SET match_any_rule = true WHERE id = '$base_id'");
db_query("DELETE FROM ttrss_filters2 WHERE id IN ($ids_str)");
db_query("UPDATE ttrss_filters2 SET match_any_rule = true WHERE id = '$base_id'");
db_query( "COMMIT");
db_query("COMMIT");
$this->optimizeFilter($base_id);
@@ -1010,8 +1010,8 @@ class Pref_Filters extends Handler_Protected {
}
private function optimizeFilter($id) {
db_query( "BEGIN");
$result = db_query( "SELECT * FROM ttrss_filters2_actions
db_query("BEGIN");
$result = db_query("SELECT * FROM ttrss_filters2_actions
WHERE filter_id = '$id'");
$tmp = array();
@@ -1030,11 +1030,11 @@ class Pref_Filters extends Handler_Protected {
if (count($dupe_ids) > 0) {
$ids_str = join(",", $dupe_ids);
db_query( "DELETE FROM ttrss_filters2_actions
db_query("DELETE FROM ttrss_filters2_actions
WHERE id IN ($ids_str)");
}
$result = db_query( "SELECT * FROM ttrss_filters2_rules
$result = db_query("SELECT * FROM ttrss_filters2_rules
WHERE filter_id = '$id'");
$tmp = array();
@@ -1053,11 +1053,11 @@ class Pref_Filters extends Handler_Protected {
if (count($dupe_ids) > 0) {
$ids_str = join(",", $dupe_ids);
db_query( "DELETE FROM ttrss_filters2_rules
db_query("DELETE FROM ttrss_filters2_rules
WHERE id IN ($ids_str)");
}
db_query( "COMMIT");
db_query("COMMIT");
}
}
?>

66
classes/pref/labels.php
View File

@@ -8,9 +8,9 @@ class Pref_Labels extends Handler_Protected {
}
function edit() {
$label_id = db_escape_string( $_REQUEST['id']);
$label_id = db_escape_string($_REQUEST['id']);
$result = db_query( "SELECT * FROM ttrss_labels2 WHERE
$result = db_query("SELECT * FROM ttrss_labels2 WHERE
id = '$label_id' AND owner_uid = " . $_SESSION["uid"]);
$line = db_fetch_assoc($result);
@@ -90,7 +90,7 @@ class Pref_Labels extends Handler_Protected {
$root['name'] = __('Labels');
$root['items'] = array();
$result = db_query( "SELECT *
$result = db_query("SELECT *
FROM ttrss_labels2
WHERE owner_uid = ".$_SESSION["uid"]."
ORDER BY caption");
@@ -118,29 +118,29 @@ class Pref_Labels extends Handler_Protected {
}
function colorset() {
$kind = db_escape_string( $_REQUEST["kind"]);
$ids = explode(',', db_escape_string( $_REQUEST["ids"]));
$color = db_escape_string( $_REQUEST["color"]);
$fg = db_escape_string( $_REQUEST["fg"]);
$bg = db_escape_string( $_REQUEST["bg"]);
$kind = db_escape_string($_REQUEST["kind"]);
$ids = explode(',', db_escape_string($_REQUEST["ids"]));
$color = db_escape_string($_REQUEST["color"]);
$fg = db_escape_string($_REQUEST["fg"]);
$bg = db_escape_string($_REQUEST["bg"]);
foreach ($ids as $id) {
if ($kind == "fg" || $kind == "bg") {
db_query( "UPDATE ttrss_labels2 SET
db_query("UPDATE ttrss_labels2 SET
${kind}_color = '$color' WHERE id = '$id'
AND owner_uid = " . $_SESSION["uid"]);
} else {
db_query( "UPDATE ttrss_labels2 SET
db_query("UPDATE ttrss_labels2 SET
fg_color = '$fg', bg_color = '$bg' WHERE id = '$id'
AND owner_uid = " . $_SESSION["uid"]);
}
$caption = db_escape_string( label_find_caption($id, $_SESSION["uid"]));
$caption = db_escape_string(label_find_caption($id, $_SESSION["uid"]));
/* Remove cached data */
db_query( "UPDATE ttrss_user_entries SET label_cache = ''
db_query("UPDATE ttrss_user_entries SET label_cache = ''
WHERE label_cache LIKE '%$caption%' AND owner_uid = " . $_SESSION["uid"]);
}
@@ -149,18 +149,18 @@ class Pref_Labels extends Handler_Protected {
}
function colorreset() {
$ids = explode(',', db_escape_string( $_REQUEST["ids"]));
$ids = explode(',', db_escape_string($_REQUEST["ids"]));
foreach ($ids as $id) {
db_query( "UPDATE ttrss_labels2 SET
db_query("UPDATE ttrss_labels2 SET
fg_color = '', bg_color = '' WHERE id = '$id'
AND owner_uid = " . $_SESSION["uid"]);
$caption = db_escape_string( label_find_caption($id, $_SESSION["uid"]));
$caption = db_escape_string(label_find_caption($id, $_SESSION["uid"]));
/* Remove cached data */
db_query( "UPDATE ttrss_user_entries SET label_cache = ''
db_query("UPDATE ttrss_user_entries SET label_cache = ''
WHERE label_cache LIKE '%$caption%' AND owner_uid = " . $_SESSION["uid"]);
}
@@ -168,31 +168,31 @@ class Pref_Labels extends Handler_Protected {
function save() {
$id = db_escape_string( $_REQUEST["id"]);
$caption = db_escape_string( trim($_REQUEST["caption"]));
$id = db_escape_string($_REQUEST["id"]);
$caption = db_escape_string(trim($_REQUEST["caption"]));
db_query( "BEGIN");
db_query("BEGIN");
$result = db_query( "SELECT caption FROM ttrss_labels2
$result = db_query("SELECT caption FROM ttrss_labels2
WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
if (db_num_rows($result) != 0) {
$old_caption = db_fetch_result($result, 0, "caption");
$result = db_query( "SELECT id FROM ttrss_labels2
$result = db_query("SELECT id FROM ttrss_labels2
WHERE caption = '$caption' AND owner_uid = ". $_SESSION["uid"]);
if (db_num_rows($result) == 0) {
if ($caption) {
$result = db_query( "UPDATE ttrss_labels2 SET
$result = db_query("UPDATE ttrss_labels2 SET
caption = '$caption' WHERE id = '$id' AND
owner_uid = " . $_SESSION["uid"]);
/* Update filters that reference label being renamed */
$old_caption = db_escape_string( $old_caption);
$old_caption = db_escape_string($old_caption);
db_query( "UPDATE ttrss_filters2_actions SET
db_query("UPDATE ttrss_filters2_actions SET
action_param = '$caption' WHERE action_param = '$old_caption'
AND action_id = 7
AND filter_id IN (SELECT id FROM ttrss_filters2 WHERE owner_uid = ".$_SESSION["uid"].")");
@@ -206,28 +206,28 @@ class Pref_Labels extends Handler_Protected {
}
}
db_query( "COMMIT");
db_query("COMMIT");
return;
}
function remove() {
$ids = explode(",", db_escape_string( $_REQUEST["ids"]));
$ids = explode(",", db_escape_string($_REQUEST["ids"]));
foreach ($ids as $id) {
label_remove( $id, $_SESSION["uid"]);
label_remove($id, $_SESSION["uid"]);
}
}
function add() {
$caption = db_escape_string( $_REQUEST["caption"]);
$output = db_escape_string( $_REQUEST["output"]);
$caption = db_escape_string($_REQUEST["caption"]);
$output = db_escape_string($_REQUEST["output"]);
if ($caption) {
if (label_create( $caption)) {
if (label_create($caption)) {
if (!$output) {
print T_sprintf("Created label <b>%s</b>", htmlspecialchars($caption));
}
@@ -238,7 +238,7 @@ class Pref_Labels extends Handler_Protected {
print "<rpc-reply><payload>";
print_label_select( "select_label",
print_label_select("select_label",
$caption, "");
print "</payload></rpc-reply>";
@@ -250,13 +250,13 @@ class Pref_Labels extends Handler_Protected {
function index() {
$sort = db_escape_string( $_REQUEST["sort"]);
$sort = db_escape_string($_REQUEST["sort"]);
if (!$sort || $sort == "undefined") {
$sort = "caption";
}
$label_search = db_escape_string( $_REQUEST["search"]);
$label_search = db_escape_string($_REQUEST["search"]);
if (array_key_exists("search", $_REQUEST)) {
$_SESSION["prefs_label_search"] = $label_search;

54
classes/pref/prefs.php
View File

@@ -103,13 +103,13 @@ class Pref_Prefs extends Handler_Protected {
foreach (array_keys($_POST) as $pref_name) {
$pref_name = db_escape_string( $pref_name);
$value = db_escape_string( $_POST[$pref_name]);
$pref_name = db_escape_string($pref_name);
$value = db_escape_string($_POST[$pref_name]);
if ($pref_name == 'DIGEST_PREFERRED_TIME') {
if (get_pref( 'DIGEST_PREFERRED_TIME') != $value) {
if (get_pref('DIGEST_PREFERRED_TIME') != $value) {
db_query( "UPDATE ttrss_users SET
db_query("UPDATE ttrss_users SET
last_digest_sent = NULL WHERE id = " . $_SESSION['uid']);
}
@@ -124,7 +124,7 @@ class Pref_Prefs extends Handler_Protected {
$need_reload = true;
}
} else {
set_pref( $pref_name, $value);
set_pref($pref_name, $value);
}
}
@@ -138,9 +138,9 @@ class Pref_Prefs extends Handler_Protected {
function getHelp() {
$pref_name = db_escape_string( $_REQUEST["pn"]);
$pref_name = db_escape_string($_REQUEST["pn"]);
$result = db_query( "SELECT help_text FROM ttrss_prefs
$result = db_query("SELECT help_text FROM ttrss_prefs
WHERE pref_name = '$pref_name'");
if (db_num_rows($result) > 0) {
@@ -153,12 +153,12 @@ class Pref_Prefs extends Handler_Protected {
function changeemail() {
$email = db_escape_string( $_POST["email"]);
$full_name = db_escape_string( $_POST["full_name"]);
$email = db_escape_string($_POST["email"]);
$full_name = db_escape_string($_POST["full_name"]);
$active_uid = $_SESSION["uid"];
db_query( "UPDATE ttrss_users SET email = '$email',
db_query("UPDATE ttrss_users SET email = '$email',
full_name = '$full_name' WHERE id = '$active_uid'");
print __("Your personal data has been saved.");
@@ -176,10 +176,10 @@ class Pref_Prefs extends Handler_Protected {
$profile_qpart = "profile IS NULL";
}
db_query( "DELETE FROM ttrss_user_prefs
db_query("DELETE FROM ttrss_user_prefs
WHERE $profile_qpart AND owner_uid = ".$_SESSION["uid"]);
initialize_user_prefs( $_SESSION["uid"], $_SESSION["profile"]);
initialize_user_prefs($_SESSION["uid"], $_SESSION["profile"]);
echo __("Your preferences are now set to default values.");
}
@@ -225,7 +225,7 @@ class Pref_Prefs extends Handler_Protected {
print "<h2>" . __("Personal data") . "</h2>";
$result = db_query( "SELECT email,full_name,otp_enabled,
$result = db_query("SELECT email,full_name,otp_enabled,
access_level FROM ttrss_users
WHERE id = ".$_SESSION["uid"]);
@@ -270,7 +270,7 @@ class Pref_Prefs extends Handler_Protected {
print "<h2>" . __("Password") . "</h2>";
$result = db_query( "SELECT id FROM ttrss_users
$result = db_query("SELECT id FROM ttrss_users
WHERE id = ".$_SESSION["uid"]." AND pwd_hash
= 'SHA1:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8'");
@@ -480,10 +480,10 @@ class Pref_Prefs extends Handler_Protected {
}
if ($_SESSION["profile"]) {
initialize_user_prefs( $_SESSION["uid"], $_SESSION["profile"]);
initialize_user_prefs($_SESSION["uid"], $_SESSION["profile"]);
$profile_qpart = "profile = '" . $_SESSION["profile"] . "'";
} else {
initialize_user_prefs( $_SESSION["uid"]);
initialize_user_prefs($_SESSION["uid"]);
$profile_qpart = "profile IS NULL";
}
@@ -494,7 +494,7 @@ class Pref_Prefs extends Handler_Protected {
$access_query = 'true';
$result = db_query( "SELECT DISTINCT
$result = db_query("SELECT DISTINCT
ttrss_user_prefs.pref_name,value,type_name,
ttrss_prefs_sections.order_id,
def_value,section_id
@@ -767,7 +767,7 @@ class Pref_Prefs extends Handler_Protected {
<td width='10%'>".__('Author')."</td></tr>";
$system_enabled = array_map("trim", explode(",", PLUGINS));
$user_enabled = array_map("trim", explode(",", get_pref( "_ENABLED_PLUGINS")));
$user_enabled = array_map("trim", explode(",", get_pref("_ENABLED_PLUGINS")));
$tmppluginhost = new PluginHost(Db::get());
$tmppluginhost->load_all($tmppluginhost::KIND_ALL, $_SESSION["uid"]);
@@ -897,7 +897,7 @@ class Pref_Prefs extends Handler_Protected {
require_once "lib/otphp/lib/totp.php";
require_once "lib/phpqrcode/phpqrcode.php";
$result = db_query( "SELECT login,salt,otp_enabled
$result = db_query("SELECT login,salt,otp_enabled
FROM ttrss_users
WHERE id = ".$_SESSION["uid"]);
@@ -926,7 +926,7 @@ class Pref_Prefs extends Handler_Protected {
if ($authenticator->check_password($_SESSION["uid"], $password)) {
$result = db_query( "SELECT salt
$result = db_query("SELECT salt
FROM ttrss_users
WHERE id = ".$_SESSION["uid"]);
@@ -938,7 +938,7 @@ class Pref_Prefs extends Handler_Protected {
$otp_check = $topt->now();
if ($otp == $otp_check) {
db_query( "UPDATE ttrss_users SET otp_enabled = true WHERE
db_query("UPDATE ttrss_users SET otp_enabled = true WHERE
id = " . $_SESSION["uid"]);
print "OK";
@@ -952,14 +952,14 @@ class Pref_Prefs extends Handler_Protected {
}
function otpdisable() {
$password = db_escape_string( $_REQUEST["password"]);
$password = db_escape_string($_REQUEST["password"]);
global $pluginhost;
$authenticator = $pluginhost->get_plugin($_SESSION["auth_module"]);
if ($authenticator->check_password($_SESSION["uid"], $password)) {
db_query( "UPDATE ttrss_users SET otp_enabled = false WHERE
db_query("UPDATE ttrss_users SET otp_enabled = false WHERE
id = " . $_SESSION["uid"]);
print "OK";
@@ -975,18 +975,18 @@ class Pref_Prefs extends Handler_Protected {
else
$plugins = "";
set_pref( "_ENABLED_PLUGINS", $plugins);
set_pref("_ENABLED_PLUGINS", $plugins);
}
function clearplugindata() {
$name = db_escape_string( $_REQUEST["name"]);
$name = db_escape_string($_REQUEST["name"]);
global $pluginhost;
$pluginhost->clear_data($pluginhost->get_plugin($name));
}
function customizeCSS() {
$value = get_pref( "USER_STYLESHEET");
$value = get_pref("USER_STYLESHEET");
$value = str_replace("<br/>", "\n", $value);
@@ -1034,7 +1034,7 @@ class Pref_Prefs extends Handler_Protected {
print "</div>";
$result = db_query( "SELECT title,id FROM ttrss_settings_profiles
$result = db_query("SELECT title,id FROM ttrss_settings_profiles
WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
print "<div class=\"prefProfileHolder\">";

2
classes/pref/system.php
View File

@@ -24,7 +24,7 @@ class Pref_System extends Handler_Protected {
print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">";
print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Error Log')."\">";
$result = db_query( "SELECT errno, errstr, filename, lineno,
$result = db_query("SELECT errno, errstr, filename, lineno,
created_at, login FROM ttrss_error_log
LEFT JOIN ttrss_users ON (owner_uid = ttrss_users.id)
ORDER BY ttrss_error_log.id DESC

50
classes/pref/users.php
View File

@@ -21,7 +21,7 @@ class Pref_Users extends Handler_Protected {
$uid = sprintf("%d", $_REQUEST["id"]);
$result = db_query( "SELECT login,
$result = db_query("SELECT login,
".SUBSTRING_FOR_DATE."(last_login,1,16) AS last_login,
access_level,
(SELECT COUNT(int_id) FROM ttrss_user_entries
@@ -53,7 +53,7 @@ class Pref_Users extends Handler_Protected {
print "<tr><td>".__('Registered')."</td><td>$created</td></tr>";
print "<tr><td>".__('Last logged in')."</td><td>$last_login</td></tr>";
$result = db_query( "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
$result = db_query("SELECT COUNT(id) as num_feeds FROM ttrss_feeds
WHERE owner_uid = '$uid'");
$num_feeds = db_fetch_result($result, 0, "num_feeds");
@@ -64,7 +64,7 @@ class Pref_Users extends Handler_Protected {
print "<h1>".__('Subscribed feeds')."</h1>";
$result = db_query( "SELECT id,title,site_url FROM ttrss_feeds
$result = db_query("SELECT id,title,site_url FROM ttrss_feeds
WHERE owner_uid = '$uid' ORDER BY title");
print "<ul class=\"userFeedList\">";
@@ -105,14 +105,14 @@ class Pref_Users extends Handler_Protected {
function edit() {
global $access_level_names;
$id = db_escape_string( $_REQUEST["id"]);
$id = db_escape_string($_REQUEST["id"]);
print "<form id=\"user_edit_form\" onsubmit='return false'>";
print "<input type=\"hidden\" name=\"id\" value=\"$id\">";
print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">";
print "<input type=\"hidden\" name=\"method\" value=\"editSave\">";
$result = db_query( "SELECT * FROM ttrss_users WHERE id = '$id'");
$result = db_query("SELECT * FROM ttrss_users WHERE id = '$id'");
$login = db_fetch_result($result, 0, "login");
$access_level = db_fetch_result($result, 0, "access_level");
@@ -181,10 +181,10 @@ class Pref_Users extends Handler_Protected {
}
function editSave() {
$login = db_escape_string( trim($_REQUEST["login"]));
$uid = db_escape_string( $_REQUEST["id"]);
$login = db_escape_string(trim($_REQUEST["login"]));
$uid = db_escape_string($_REQUEST["id"]);
$access_level = (int) $_REQUEST["access_level"];
$email = db_escape_string( trim($_REQUEST["email"]));
$email = db_escape_string(trim($_REQUEST["email"]));
$password = $_REQUEST["password"];
if ($password) {
@@ -195,42 +195,42 @@ class Pref_Users extends Handler_Protected {
$pass_query_part = "";
}
db_query( "UPDATE ttrss_users SET $pass_query_part login = '$login',
db_query("UPDATE ttrss_users SET $pass_query_part login = '$login',
access_level = '$access_level', email = '$email', otp_enabled = false
WHERE id = '$uid'");
}
function remove() {
$ids = explode(",", db_escape_string( $_REQUEST["ids"]));
$ids = explode(",", db_escape_string($_REQUEST["ids"]));
foreach ($ids as $id) {
if ($id != $_SESSION["uid"] && $id != 1) {
db_query( "DELETE FROM ttrss_tags WHERE owner_uid = '$id'");
db_query( "DELETE FROM ttrss_feeds WHERE owner_uid = '$id'");
db_query( "DELETE FROM ttrss_users WHERE id = '$id'");
db_query("DELETE FROM ttrss_tags WHERE owner_uid = '$id'");
db_query("DELETE FROM ttrss_feeds WHERE owner_uid = '$id'");
db_query("DELETE FROM ttrss_users WHERE id = '$id'");
}
}
}
function add() {
$login = db_escape_string( trim($_REQUEST["login"]));
$login = db_escape_string(trim($_REQUEST["login"]));
$tmp_user_pwd = make_password(8);
$salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
$pwd_hash = encrypt_password($tmp_user_pwd, $salt, true);
$result = db_query( "SELECT id FROM ttrss_users WHERE
$result = db_query("SELECT id FROM ttrss_users WHERE
login = '$login'");
if (db_num_rows($result) == 0) {
db_query( "INSERT INTO ttrss_users
db_query("INSERT INTO ttrss_users
(login,pwd_hash,access_level,last_login,created, salt)
VALUES ('$login', '$pwd_hash', 0, null, NOW(), '$salt')");
$result = db_query( "SELECT id FROM ttrss_users WHERE
$result = db_query("SELECT id FROM ttrss_users WHERE
login = '$login' AND pwd_hash = '$pwd_hash'");
if (db_num_rows($result) == 1) {
@@ -240,7 +240,7 @@ class Pref_Users extends Handler_Protected {
print format_notice(T_sprintf("Added user <b>%s</b> with password <b>%s</b>",
$login, $tmp_user_pwd));
initialize_user( $new_uid);
initialize_user($new_uid);
} else {
@@ -304,8 +304,8 @@ class Pref_Users extends Handler_Protected {
}
function resetPass() {
$uid = db_escape_string( $_REQUEST["id"]);
Pref_Users::resetUserPassword( $uid, true);
$uid = db_escape_string($_REQUEST["id"]);
Pref_Users::resetUserPassword($uid, true);
}
function index() {
@@ -317,7 +317,7 @@ class Pref_Users extends Handler_Protected {
print "<div id=\"pref-user-toolbar\" dojoType=\"dijit.Toolbar\">";
$user_search = db_escape_string( $_REQUEST["search"]);
$user_search = db_escape_string($_REQUEST["search"]);
if (array_key_exists("search", $_REQUEST)) {
$_SESSION["prefs_user_search"] = $user_search;
@@ -332,7 +332,7 @@ class Pref_Users extends Handler_Protected {
__('Search')."</button>
</div>";
$sort = db_escape_string( $_REQUEST["sort"]);
$sort = db_escape_string($_REQUEST["sort"]);
if (!$sort || $sort == "undefined") {
$sort = "login";
@@ -381,7 +381,7 @@ class Pref_Users extends Handler_Protected {
$user_search_query = "";
}
$result = db_query( "SELECT
$result = db_query("SELECT
id,login,access_level,email,
".SUBSTRING_FOR_DATE."(last_login,1,16) as last_login,
".SUBSTRING_FOR_DATE."(created,1,16) as created
@@ -416,8 +416,8 @@ class Pref_Users extends Handler_Protected {
$line["login"] = htmlspecialchars($line["login"]);
$line["created"] = make_local_datetime( $line["created"], false);
$line["last_login"] = make_local_datetime( $line["last_login"], false);
$line["created"] = make_local_datetime($line["created"], false);
$line["last_login"] = make_local_datetime($line["last_login"], false);
print "<td align='center'><input onclick='toggleSelectRow2(this);'
dojoType=\"dijit.form.CheckBox\" type=\"checkbox\"