experimental split of public calls into public.php (refs #389)

functions.php

@@ -840,7 +840,7 @@
 					!ini_get("open_basedir")) {
 
 					$callback_url = get_self_url_prefix() .
-						"/backend.php?op=pubsub&id=$feed";
+						"/public.php?op=pubsub&id=$feed";
 
 					$s = new Subscriber($feed_hub_url, $callback_url);
 
@@ -1284,7 +1284,7 @@
 
 						if (PUBSUBHUBBUB_HUB && $published == 'true') {
 							$rss_link = get_self_url_prefix() .
-								"/backend.php?op=rss&id=-2&key=" .
+								"/public.php?op=rss&id=-2&key=" .
 								get_feed_access_key($link, -2, false, $owner_uid);
 
 							$p = new Publisher(PUBSUBHUBBUB_HUB);
@@ -3830,7 +3830,7 @@
 		$last_error = $qfh_ret[3];
 
 		$feed_self_url = get_self_url_prefix() .
-			"/backend.php?op=rss&id=-2&key=" .
+			"/public.php?op=rss&id=-2&key=" .
 			get_feed_access_key($link, -2, false);
 
 		if (!$feed_site_url) $feed_site_url = get_self_url_prefix();
@@ -4239,7 +4239,7 @@
 
 		if (PUBSUBHUBBUB_HUB) {
 			$rss_link = get_self_url_prefix() .
-				"/backend.php?op=rss&id=-2&key=" .
+				"/public.php?op=rss&id=-2&key=" .
 				get_feed_access_key($link, -2, false);
 
 			$p = new Publisher(PUBSUBHUBBUB_HUB);
@@ -4378,7 +4378,7 @@
 		}
 
 		$rss_link = htmlspecialchars(get_self_url_prefix() .
-			"/backend.php?op=rss&id=$feed_id$cat_q$search_q");
+			"/public.php?op=rss&id=$feed_id$cat_q$search_q");
 
 		$reply .= "<option value=\"0\" disabled=\"1\">".__('Feed:')."</option>";
 
@@ -7544,11 +7544,17 @@
 
 			_debug("Updating: " . $line['access_url'] . " ($id)");
 
-			$fetch_url = $line['access_url'] . '/backend.php?op=fbexport';
+			$fetch_url = $line['access_url'] . '/public.php?op=fbexport';
 			$post_query = 'key=' . $line['access_key'];
 
 			$feeds = fetch_file_contents($fetch_url, false, false, false, $post_query);
 
+			// try doing it the old way
+			if (!$feeds) {
+				$fetch_url = $line['access_url'] . '/backend.php?op=fbexport';
+				$feeds = fetch_file_contents($fetch_url, false, false, false, $post_query);
+			}
+
 			if ($feeds) {
 				$feeds = json_decode($feeds, true);
 
@@ -7598,6 +7604,223 @@
 				last_status_out = '$status', last_connected = NOW() WHERE id = '$id'");
 
 		}
+	}
 
+	function handle_public_request($link, $op) {
+		switch ($op) {
+
+		case "getUnread":
+			$login = db_escape_string($_REQUEST["login"]);
+			$fresh = $_REQUEST["fresh"] == "1";
+
+			$result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");
+
+			if (db_num_rows($result) == 1) {
+				$uid = db_fetch_result($result, 0, "id");
+
+				print getGlobalUnread($link, $uid);
+
+				if ($fresh) {
+					print ";";
+					print getFeedArticles($link, -3, false, true, $uid);
+				}
+
+			} else {
+				print "-1;User not found";
+			}
+
+		break; // getUnread
+
+		case "getProfiles":
+			$login = db_escape_string($_REQUEST["login"]);
+			$password = db_escape_string($_REQUEST["password"]);
+
+			if (authenticate_user($link, $login, $password)) {
+				$result = db_query($link, "SELECT * FROM ttrss_settings_profiles
+					WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");
+
+				print "<select style='width: 100%' name='profile'>";
+
+				print "<option value='0'>" . __("Default profile") . "</option>";
+
+				while ($line = db_fetch_assoc($result)) {
+					$id = $line["id"];
+					$title = $line["title"];
+
+					print "<option value='$id'>$title</option>";
+				}
+
+				print "</select>";
+
+				$_SESSION = array();
+			}
+		break; // getprofiles
+
+		case "pubsub":
+			$mode = db_escape_string($_REQUEST['hub_mode']);
+			$feed_id = (int) db_escape_string($_REQUEST['id']);
+			$feed_url = db_escape_string($_REQUEST['hub_topic']);
+
+			if (!PUBSUBHUBBUB_ENABLED) {
+				header('HTTP/1.0 404 Not Found');
+				echo "404 Not found";
+				return;
+			}
+
+			// TODO: implement hub_verifytoken checking
+
+			$result = db_query($link, "SELECT feed_url FROM ttrss_feeds
+				WHERE id = '$feed_id'");
+
+			if (db_num_rows($result) != 0) {
+
+				$check_feed_url = db_fetch_result($result, 0, "feed_url");
+
+				if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) {
+					if ($mode == "subscribe") {
+
+						db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 2
+							WHERE id = '$feed_id'");
+
+						print $_REQUEST['hub_challenge'];
+						return;
+
+					} else if ($mode == "unsubscribe") {
+
+						db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 0
+							WHERE id = '$feed_id'");
+
+						print $_REQUEST['hub_challenge'];
+						return;
+
+					} else if (!$mode) {
+
+						// Received update ping, schedule feed update.
+						//update_rss_feed($link, $feed_id, true, true);
+
+						db_query($link, "UPDATE ttrss_feeds SET
+							last_update_started = '1970-01-01',
+							last_updated = '1970-01-01' WHERE id = '$feed_id' AND
+							owner_uid = ".$_SESSION["uid"]);
+
+					}
+				} else {
+					header('HTTP/1.0 404 Not Found');
+					echo "404 Not found";
+				}
+			} else {
+				header('HTTP/1.0 404 Not Found');
+				echo "404 Not found";
+			}
+
+		break; // pubsub
+
+		case "logout":
+			logout_user();
+			header("Location: tt-rss.php");
+		break; // logout
+
+		case "fbexport":
+
+			$access_key = db_escape_string($_POST["key"]);
+
+			// TODO: rate limit checking using last_connected
+			$result = db_query($link, "SELECT id FROM ttrss_linked_instances
+				WHERE access_key = '$access_key'");
+
+			if (db_num_rows($result) == 1) {
+
+				$instance_id = db_fetch_result($result, 0, "id");
+
+				$result = db_query($link, "SELECT feed_url, site_url, title, subscribers
+					FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");
+
+				$feeds = array();
+
+				while ($line = db_fetch_assoc($result)) {
+					array_push($feeds, $line);
+				}
+
+				db_query($link, "UPDATE ttrss_linked_instances SET
+					last_status_in = 1 WHERE id = '$instance_id'");
+
+				print json_encode(array("feeds" => $feeds));
+			} else {
+				print json_encode(array("error" => array("code" => 6)));
+			}
+		break; // fbexport
+
+		case "share":
+			$uuid = db_escape_string($_REQUEST["key"]);
+
+			$result = db_query($link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
+				uuid = '$uuid'");
+
+			if (db_num_rows($result) != 0) {
+				header("Content-Type: text/html");
+
+				$id = db_fetch_result($result, 0, "ref_id");
+				$owner_uid = db_fetch_result($result, 0, "owner_uid");
+
+				$_SESSION["uid"] = $owner_uid;
+				$article = format_article($link, $id, false, true);
+				$_SESSION["uid"] = "";
+
+				print_r($article['content']);
+
+			} else {
+				print "Article not found.";
+			}
+
+			break;
+
+		case "rss":
+			$feed = db_escape_string($_REQUEST["id"]);
+			$key = db_escape_string($_REQUEST["key"]);
+			$is_cat = $_REQUEST["is_cat"] != false;
+			$limit = (int)db_escape_string($_REQUEST["limit"]);
+
+			$search = db_escape_string($_REQUEST["q"]);
+			$match_on = db_escape_string($_REQUEST["m"]);
+			$search_mode = db_escape_string($_REQUEST["smode"]);
+			$view_mode = db_escape_string($_REQUEST["view-mode"]);
+
+			if (SINGLE_USER_MODE) {
+				authenticate_user($link, "admin", null);
+			}
+
+			$owner_id = false;
+
+			if ($key) {
+				$result = db_query($link, "SELECT owner_uid FROM
+					ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");
+
+				if (db_num_rows($result) == 1)
+					$owner_id = db_fetch_result($result, 0, "owner_uid");
+			}
+
+			if ($owner_id) {
+				$_SESSION['uid'] = $owner_id;
+
+				generate_syndicated_feed($link, 0, $feed, $is_cat, $limit,
+					$search, $search_mode, $match_on, $view_mode);
+			} else {
+				header('HTTP/1.1 403 Forbidden');
+			}
+		break; // rss
+
+
+		case "globalUpdateFeeds":
+			// Update all feeds needing a update.
+			update_daemon_common($link, 0, true, true);
+		break; // globalUpdateFeeds
+
+
+		default:
+			header("Content-Type: text/plain");
+			print json_encode(array("error" => array("code" => 7)));
+		break; // fallback
+
+		}
 	}
 ?>