public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-22 13:01:27 +00:00
Code Issues Releases Wiki Activity

new style labels (bump schema)

Browse Source
This commit is contained in:
Andrew Dolgov
2009-01-18 09:28:42 +01:00
parent abd9b16507
commit ceb30ba49d
17 changed files with 337 additions and 462 deletions
Download Patch File Download Diff File Expand all files Collapse all files

267
modules/pref-labels.php
View File

@@ -1,214 +1,78 @@
<?php
// We need to accept raw SQL data in label queries, so not everything is escaped
// here, this is by design. If you don't like it, disable labels
// altogether with GLOBAL_ENABLE_LABELS = false
function module_pref_labels($link) {
if (!GLOBAL_ENABLE_LABELS) {
print __("Sorry, labels have been administratively disabled for this installation. Please contact instance owner or edit configuration file to enable this functionality.");
return;
}
$subop = $_GET["subop"];
if ($subop == "edit") {
if ($subop == "save") {
$label_id = db_escape_string($_GET["id"]);
$id = db_escape_string($_REQUEST["id"]);
$caption = trim(db_escape_string($_REQUEST["value"]));
$result = db_query($link, "SELECT sql_exp,description FROM ttrss_labels WHERE
owner_uid = ".$_SESSION["uid"]." AND id = '$label_id' ORDER by description");
db_query($link, "BEGIN");
$line = db_fetch_assoc($result);
$result = db_query($link, "SELECT caption FROM ttrss_labels2
WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
$sql_exp = htmlspecialchars($line["sql_exp"]);
$description = htmlspecialchars($line["description"]);
if (db_num_rows($result) != 0) {
$old_caption = db_fetch_result($result, 0, "caption");
print "<div id=\"infoBoxTitle\">Label Editor</div>";
print "<div class=\"infoBoxContents\">";
$result = db_query($link, "SELECT id FROM ttrss_labels2
WHERE caption = '$caption' AND owner_uid = ". $_SESSION["uid"]);
print "<form id=\"label_edit_form\" onsubmit='return false'>";
if (db_num_rows($result) == 0) {
if ($caption) {
$result = db_query($link, "UPDATE ttrss_labels2 SET
caption = '$caption' WHERE id = '$id' AND
owner_uid = " . $_SESSION["uid"]);
print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
print "<input type=\"hidden\" name=\"id\" value=\"$label_id\">";
print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
/* Update filters that reference label being renamed */
print "<div class=\"dlgSec\">".__("Caption")."</div>";
db_query($link, "UPDATE ttrss_filters SET
action_param = '$caption' WHERE action_param = '$old_caption'
AND action_id = 7
AND owner_uid = " . $_SESSION["uid"]);
print "<div class=\"dlgSecCont\">";
print $caption;
}
} else {
print $old_caption;
}
}
print "<input onkeypress=\"return filterCR(event, labelEditSave)\"
onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
onchange=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
name=\"description\" size=\"30\" value=\"$description\">";
print "</div>";
print "<div class=\"dlgSec\">".__("Match SQL")."</div>";
print "<div class=\"dlgSecCont\">";
print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
rows=\"6\" name=\"sql_exp\" class=\"labelSQL\" cols=\"50\">$sql_exp</textarea>";
print "<br/>";
print_label_dlg_common_examples();
print "</div>";
print "</form>";
print "<div style=\"display : none\" id=\"label_test_result\"></div>";
print "<div class=\"dlgButtons\">";
print "<div style='float : left'>";
print "<input type=\"submit\"
class=\"button\" onclick=\"return displayHelpInfobox(1)\"
value=\"".__('Help')."\"> ";
print "</div>";
$is_disabled = (strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') !== FALSE) ? "disabled" : "";
print "<input $is_disabled type=\"submit\" onclick=\"return labelTest()\" value=\"Test\">
";
print "<input type=\"submit\"
id=\"infobox_submit\"
class=\"button\" onclick=\"return labelEditSave()\"
value=\"Save\"> ";
print "<input class=\"button\"
type=\"submit\" onclick=\"return labelEditCancel()\"
value=\"Cancel\">";
print "</div>";
db_query($link, "COMMIT");
return;
}
if ($subop == "test") {
// no escaping here on purpose
$expr = trim($_GET["expr"]);
$descr = db_escape_string(trim($_GET["descr"]));
$expr = str_replace(";", "", $expr);
if (!$expr) {
print "<p>".__("Error: SQL expression is blank.")."</p>";
return;
}
print "<div>";
error_reporting(0);
$result = db_query($link,
"SELECT count(ttrss_entries.id) AS num_matches
FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
WHERE ($expr) AND
ttrss_user_entries.ref_id = ttrss_entries.id AND
ttrss_user_entries.feed_id = ttrss_feeds.id AND
ttrss_user_entries.owner_uid = " . $_SESSION["uid"], false);
error_reporting (DEFAULT_ERROR_LEVEL);
if (!$result) {
print "<div class=\"labelTestError\">" . db_last_error($link) . "</div>";
print "</div>";
return;
}
$num_matches = db_fetch_result($result, 0, "num_matches");;
if ($num_matches > 0) {
if ($num_matches > 10) {
$showing_msg = ", showing first 10";
}
print "<p>Query returned <b>$num_matches</b> matches$showing_msg:</p>";
$result = db_query($link,
"SELECT ttrss_entries.title,
(SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
WHERE ($expr) AND
ttrss_user_entries.ref_id = ttrss_entries.id
AND ttrss_user_entries.feed_id = ttrss_feeds.id
AND ttrss_user_entries.owner_uid = " . $_SESSION["uid"] . "
ORDER BY date_entered LIMIT 10", false);
print "<ul class=\"labelTestResults\">";
$row_class = "even";
while ($line = db_fetch_assoc($result)) {
$row_class = toggleEvenOdd($row_class);
print "<li class=\"$row_class\">".$line["title"].
" <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
}
print "</ul>";
} else {
print "<p>Query didn't return any matches.</p>";
}
print "</div>";
return;
}
if ($subop == "editSave") {
$sql_exp = db_escape_string(trim($_GET["sql_exp"]));
$descr = db_escape_string(trim($_GET["description"]));
$label_id = db_escape_string($_GET["id"]);
$sql_exp = str_replace(";", "", $sql_exp);
$result = db_query($link, "UPDATE ttrss_labels SET
sql_exp = '$sql_exp',
description = '$descr'
WHERE id = '$label_id'");
if (db_affected_rows($link, $result) != 0) {
print_notice(T_sprintf("Saved label <b>%s</b>", htmlspecialchars($descr)));
}
}
if ($subop == "remove") {
if (!WEB_DEMO_MODE) {
$ids = split(",", db_escape_string($_GET["ids"]));
$ids = split(",", db_escape_string($_GET["ids"]));
foreach ($ids as $id) {
db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
}
db_query($link, "DELETE FROM ttrss_labels2 WHERE id = '$id'
AND owner_uid = " . $_SESSION["uid"]);
}
}
if ($subop == "add") {
$sql_exp = db_escape_string(trim($_GET["sql_exp"]));
$description = db_escape_string($_GET["description"]);
$caption = db_escape_string($_GET["caption"]);
$sql_exp = str_replace(";", "", $sql_exp);
if ($caption) {
if (!$sql_exp || !$description) return;
$result = db_query($link, "SELECT id FROM ttrss_labels2
WHERE caption = '$caption' AND owner_uid = ". $_SESSION["uid"]);
$result = db_query($link,
"INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
VALUES ('$sql_exp', '$description', '".$_SESSION["uid"]."')");
if (db_num_rows($result) == 0) {
if (db_affected_rows($link, $result) != 0) {
print T_sprintf("Created label <b>%s</b>", htmlspecialchars($description));
$result = db_query($link,
"INSERT INTO ttrss_labels2 (caption,owner_uid)
VALUES ('$caption', '".$_SESSION["uid"]."')");
if (db_affected_rows($link, $result) != 0) {
print T_sprintf("Created label <b>%s</b>", htmlspecialchars($caption));
}
}
}
return;
@@ -219,7 +83,7 @@
$sort = db_escape_string($_GET["sort"]);
if (!$sort || $sort == "undefined") {
$sort = "description";
$sort = "caption";
}
$label_search = db_escape_string($_GET["search"]);
@@ -237,28 +101,25 @@
onchange=\"javascript:updateLabelList()\" value=\"$label_search\">
<input type=\"submit\" class=\"button\"
onclick=\"javascript:updateLabelList()\" value=\"".__('Search')."\">
<p><a class='helpLinkPic' href=\"javascript:displayHelpInfobox(1)\">
<img src='images/sign_quest.gif'></a></p>
</div>";
print "<div class=\"prefGenericAddBox\">";
print"<input type=\"submit\" class=\"button\"
id=\"label_create_btn\"
onclick=\"return displayDlg('quickAddLabel', false)\"
onclick=\"return addLabel()\"
value=\"".__('Create label')."\"></div>";
if ($label_search) {
$label_search_query = "(sql_exp LIKE '%$label_search%' OR
description LIKE '%$label_search%') AND";
$label_search_query = "caption LIKE '%$label_search%' AND";
} else {
$label_search_query = "";
}
$result = db_query($link, "SELECT
id,sql_exp,description
id,caption
FROM
ttrss_labels
ttrss_labels2
WHERE
$label_search_query
owner_uid = ".$_SESSION["uid"]."
@@ -279,8 +140,7 @@
print "<tr class=\"title\">
<td width=\"5%\">&nbsp;</td>
<td width=\"30%\"><a href=\"javascript:updateLabelList('description')\">".__('Caption')."</a></td>
<td width=\"\"><a href=\"javascript:updateLabelList('sql_exp')\">".__('SQL Expression')."</a>
<td width=\"95%\"><a href=\"javascript:updateLabelList('description')\">".__('Caption')."</a></td>
</td>
</tr>";
@@ -291,29 +151,18 @@
$class = ($lnum % 2) ? "even" : "odd";
$label_id = $line["id"];
$edit_label_id = $_GET["id"];
if ($subop == "edit" && $label_id != $edit_label_id) {
$class .= "Grayed";
$this_row_id = "";
} else {
$this_row_id = "id=\"LILRR-$label_id\"";
}
$this_row_id = "id=\"LILRR-$label_id\"";
print "<tr class=\"$class\" $this_row_id>";
$line["sql_exp"] = htmlspecialchars($line["sql_exp"]);
$line["description"] = htmlspecialchars($line["description"]);
$line["caption"] = htmlspecialchars($line["caption"]);
if (!$line["description"]) $line["description"] = __("[No caption]");
$onclick = "onclick='editLabel($label_id)' title='".__('Click to edit')."'";
print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"label\");'
print "<td align='center'><input
onclick='toggleSelectPrefRow(this, \"label\");'
type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
print "<td $onclick>" . $line["description"] . "</td>";
print "<td $onclick>" . $line["sql_exp"] . "</td>";
print "<td><span id=\"LILT-".$line["id"]."\">" . $line["caption"] .
"</span></td>";
print "</tr>";
@@ -323,11 +172,9 @@
print "</table>";
print "<p id=\"labelOpToolbar\">";
print "<input type=\"submit\" class=\"button\" disabled=\"true\"
onclick=\"javascript:editSelectedLabel()\" value=\"".__('Edit')."\">
<input type=\"submit\" class=\"button\" disabled=\"true\"
onclick=\"javascript:removeSelectedLabels()\" value=\"".__('Remove')."\">";
print "</p>";
} else {
print "<p>";