Beispiel #1
0
function checkETag($withDB = true, $keyPrefix = "", $cacheValidity = 0)
{
    $key = $keyPrefix . '$Revision$' . $_SERVER["REQUEST_URI"];
    if ($withDB) {
        list($dt) = rss_fetch_row(rss_query('select timestamp from ' . getTable('cache') . " where cachekey='data_ts'"));
        $key .= $dt;
    }
    if (array_key_exists(RSS_USER_COOKIE, $_REQUEST)) {
        $key .= $_REQUEST[RSS_USER_COOKIE];
    }
    $key = md5($key);
    if (array_key_exists('HTTP_IF_NONE_MATCH', $_SERVER) && $_SERVER['HTTP_IF_NONE_MATCH'] == $key) {
        header("HTTP/1.1 304 Not Modified");
        header("X-RSS-CACHE-STATUS: HIT");
        header("ETag: {$key}");
        flush();
        exit;
    } else {
        header("ETag: {$key}");
        header("X-RSS-CACHE-STATUS: MISS");
        if ($cacheValidity) {
            header('Expires: ' . gmdate('D, d M Y H:i:s', time() + $cacheValidity * 3600) . 'GMT');
        }
    }
}
Beispiel #2
0
function rss_toolkit_channels_combo($id, $all_channels_id = ALL_CHANNELS_ID, $selected = 0, $showDeprecated = false)
{
    $ret = "\t\t<select name=\"{$id}\" id=\"{$id}\">\n" . "\t\t\t<option value=\"" . $all_channels_id . "\"" . (0 == $selected ? " selected=\"selected\"" : "") . ">" . __('All') . "</option>\n";
    $sql = "select " . " c.id, c.title, f.name, f.id  " . " from " . getTable("channels") . " c " . " inner join " . getTable("folders") . " f " . "   on f.id = c.parent ";
    if (hidePrivate()) {
        $sql .= " and not(c.mode & " . RSS_MODE_PRIVATE_STATE . ") ";
    }
    if (false == $showDeprecated) {
        $sql .= " and not(c.mode & " . RSS_MODE_DELETED_STATE . ") ";
    }
    $sql .= " order by " . (getConfig('rss.config.absoluteordering') ? "f.position asc, c.position asc" : "f.name asc, c.title asc");
    $res = rss_query($sql);
    $prev_parent = -1;
    while (list($id_, $title_, $parent_, $parent_id_) = rss_fetch_row($res)) {
        if ($prev_parent != $parent_id_) {
            if ($prev_parent > -1) {
                $ret .= "\t\t\t</optgroup>\n";
            }
            if ($parent_ == "") {
                $parent_ = __('Root');
            }
            $ret .= "\t\t\t<optgroup label=\"{$parent_} /\">\n";
            $prev_parent = $parent_id_;
        }
        if (strlen($title_) > 25) {
            $title_ = substr($title_, 0, 22) . "...";
        }
        $ret .= "\t\t\t\t<option value=\"{$id_}\"" . ($selected == $id_ ? " selected=\"selected\"" : "") . ">{$title_}</option>\n";
    }
    if ($prev_parent != 0) {
        $ret .= "\t\t\t</optgroup>\n";
    }
    $ret .= "\t\t</select>\n";
    return $ret;
}
Beispiel #3
0
function relatedTags($tags)
{
    /* related tags */
    $twhere = "";
    foreach ($tags as $tag) {
        $tag = rss_real_escape_string($tag);
        $twhere .= "t.tag='{$tag}' or ";
    }
    $twhere .= "1=0";
    $sql = "select fid,tid,m.tdate from " . getTable('metatag') . " m " . "inner join " . getTable('tag') . " t on t.id = m.tid  where m.ttype = 'item'" . " and ({$twhere})";
    //echo $sql;
    $res = rss_query($sql);
    $fids = array();
    $ctid = -1;
    while (list($fid, $tid) = rss_fetch_row($res)) {
        $fids[] = $fid;
        $tids[] = $tid;
    }
    $fids = array_unique($fids);
    $tids = array_unique($tids);
    $rtags = array();
    if (count($fids)) {
        $sql = "select t.tag, count(*) as cnt from " . getTable('metatag') . " m left join " . getTable('item') . " i on (m.fid=i.id) " . " inner join " . getTable('tag') . " t on (t.id = m.tid) " . " where m.fid in (" . implode(",", $fids) . ")" . " and t.id not in (" . implode(",", $tids) . ")";
        if (hidePrivate()) {
            $sql .= " and not(i.unread & " . RSS_MODE_PRIVATE_STATE . ") ";
        }
        $sql .= " group by t.tag order by cnt desc";
        //echo $sql;
        $res = rss_query($sql);
        while (list($rtag, $cnt) = rss_fetch_row($res)) {
            $rtags[$rtag] = $cnt;
        }
    }
    return $rtags;
}
Beispiel #4
0
 function render()
 {
     $res = rss_query("select url from " . getTable("channels") . " where id = " . $this->fid);
     if (!defined('MAGPIE_DEBUG') || !MAGPIE_DEBUG) {
         define('MAGPIE_DEBUG', true);
     }
     list($url) = rss_fetch_row($res);
     define('MAGPIE_CACHE_ON', false);
     $rss = fetch_rss($url);
     echo "<pre>\n";
     echo htmlentities(print_r($rss, 1));
     echo "</pre>\n";
 }
Beispiel #5
0
function __exp__getFromDelicious($id)
{
    list($url) = rss_fetch_row(rss_query('select url from ' . getTable('item') . " where id={$id}"));
    $ret = array();
    $durl = "http://del.icio.us/url/" . md5($url) . "?settagview=list";
    $bfr = getUrl($durl, 3000);
    if ($bfr) {
        define('DLSRX', '|<a href="/tag/([^"]+)".*>\\1</a>|U');
        if ($bfr && preg_match_all(DLSRX, $bfr, $hits, PREG_SET_ORDER)) {
            $hits = array_slice($hits, 0, MAX_TAGS_PER_ITEM);
            foreach ($hits as $hit) {
                $ret[] = $hit[1];
            }
        }
    }
    return "{$id}," . implode(" ", $ret);
}
Beispiel #6
0
function set_admin_pass($uname = null, $pass = null)
{
    $sql = "select count(*) from " . getTable('users') . " where password != '' and ulevel >=99";
    list($adminexists) = rss_fetch_row(rss_query($sql));
    if ($adminexists) {
        die('Oops. Admin already exists!');
    }
    if ($uname && $pass) {
        rss_query("update " . getTable('users') . " set uname='{$uname}', " . "password='******' where ulevel=99");
        rss_invalidate_cache();
        rss_redirect('admin/');
        exit;
    }
    admin_header();
    ?>
	<script type="text/javascript">
	<!--
		function on_submit_password_match() {
			pass=document.getElementById('password').value;
			pass2=document.getElementById('password2').value;
			if(pass !== pass2){
				msg = '<?php 
    echo __('Passwords do not match!');
    ?>
';
				document.getElementById('admin_match_result').innerHTML = msg;
				document.getElementById('password').value = '';
				document.getElementById('password2').value = '';
				return false;
			}else{
				document.getElementById('password2').value = '';
				return loginHandler();
			}
		}	
	-->
	</script>
	
	<?php 
    echo "\n<div id=\"channel_admin\" class=\"frame\">";
    echo "<h2></h2>\n" . __('<p>No Administrator has been specified yet!</p><p>Please provide an Administrator username and password now!</p>');
    echo "<form action=\"" . $_SERVER['PHP_SELF'] . "\" onsubmit=\"return on_submit_password_match();\" method=\"post\">\n" . "<fieldset style=\"width:400px;\">" . "<p><label style=\"display:block\" for=\"username\">" . __('Username') . ":</label>\n" . "<input type=\"text\" id=\"username\" name=\"username\" /></p>\n" . "<p><label style=\"display:block\" for=\"password\">" . __('Password') . ":</label>\n" . "<input type=\"password\" id=\"password\" name=\"password\" /></p>\n" . "<p><label style=\"display:block\" for=\"password2\">" . __('Password (again)') . ":</label>\n" . "<input type=\"password\" id=\"password2\" name=\"password2\" /></p>\n" . "<p><input type=\"submit\" value=\"" . __('OK') . "\" /></p>\n" . "<div style=\"display:inline;\" id=\"admin_match_result\"></div>\n" . "</fieldset>\n" . "</form>\n";
    echo "</div>\n";
    admin_footer();
    exit;
}
Beispiel #7
0
function dashboard()
{
    $idtoken = _VERSION_ . "-" . md5($_SERVER["HTTP_HOST"]);
    $magpieCacheAge = 60 * 60 * 24;
    if (function_exists('apache_request_headers')) {
        $hdrs = apache_request_headers();
        if (isset($hdrs['Pragma']) && $hdrs['Pragma'] == 'no-cache' || isset($hdrs['Cache-Control']) && $hdrs['Cache-Control'] == 'no-cache') {
            $magpieCacheAge = 0;
        }
    }
    define('MAGPIE_FETCH_TIME_OUT', 2);
    define('MAGPIE_CACHE_AGE', $magpieCacheAge);
    $rs = rss_query("select id, title, position, url, obj, unix_timestamp(daterefreshed), itemcount " . " from " . getTable('dashboard') . " order by position asc");
    $rss = array();
    while (list($id, $title, $pos, $url, $obj, $ts, $cnt) = rss_fetch_row($rs)) {
        if ($obj && time() - $ts < $magpieCacheAge) {
            $rss[$title] = unserialize($obj);
        } else {
            $old_level = error_reporting(E_ERROR);
            $rss[$title] = fetch_rss($url . $idtoken);
            error_reporting($old_level);
            if ($rss[$title] && is_object($rss[$title])) {
                $rss[$title]->items = array_slice($rss[$title]->items, 0, $cnt);
                rss_query('update ' . getTable('dashboard') . " set obj='" . rss_real_escape_string(serialize($rss[$title])) . "', " . " daterefreshed=now()\twhere id={$id}");
            }
        }
        if ($rss[$title] && is_object($rss[$title])) {
            if ($pos == 0) {
                echo "\n\t\t\t\t\t\t\t<h2 style=\"margin-bottom: 0.5em\">{$title}</h2>\n\t\t\t\t\t\t\t<div id=\"db_main\">\n\t\t\t\t\t\t\t<ul>";
                foreach ($rss[$title]->items as $item) {
                    echo "<li class=\"item unread\">\n" . "<h4><a href=\"" . $item['link'] . "\">" . $item['title'] . "</a></h4>\n" . "<h5>Posted: " . time_since(strtotime($item['pubdate'])) . " ago </h5>\n" . "<div class=\"content\">" . $item['content']['encoded'] . "</div>\n</li>\n";
                }
                echo "</ul></div>\n";
            } else {
                echo "<div class=\"frame db_side\">\n";
                db_side($title, $rss[$title]);
                echo "</div>";
            }
        }
    }
}
Beispiel #8
0
function channel_edit_form($cid)
{
    $sql = "select id, title, url, siteurl, parent, descr, icon, mode, daterefreshed, dateadded from " . getTable("channels") . " where id={$cid}";
    $res = rss_query($sql);
    list($id, $title, $url, $siteurl, $parent, $descr, $icon, $mode, $daterefreshed, $dateadded) = rss_fetch_row($res);
    $title = htmlentities($title, ENT_QUOTES);
    // get tags
    $sql = "select t.tag from " . getTable('tag') . " t " . "  inner join " . getTable('metatag') . " m " . "    on m.tid = t.id " . "where m.ttype = 'channel' and m.fid = {$cid}";
    $res = rss_query($sql);
    $tags = "";
    while ($r = rss_fetch_assoc($res)) {
        $tags .= $r['tag'] . " ";
    }
    echo "<div>\n";
    echo "\n\n<h2>" . __('Edit the feed ') . " '{$title}'</h2>\n";
    echo "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "#fa{$cid}\" id=\"channeledit\">\n";
    echo "<fieldset id=\"channeleditfs\">";
    // Timestamps
    if (!empty($daterefreshed)) {
        echo "<p><label>" . __('Added') . ": " . date("M-d-Y H:i", strtotime($dateadded)) . "</label></p>" . "<p><label>" . __('Last Update') . ": " . date("M-d-Y H:i", strtotime($daterefreshed)) . " (Age: " . round((time() - strtotime($daterefreshed)) / 60) . " minutes)</label></p>\n";
    } else {
        echo "<p><label>" . __('Added') . ": " . date("M-d-Y H:i", strtotime($dateadded)) . "</label></p>" . "<p><label>" . __('Last Update') . ": " . __('Never') . "</label></p>\n";
    }
    // Item name
    echo "<p><label for=\"c_name\">" . __('Title:') . "</label>\n" . "<input type=\"text\" id=\"c_name\" name=\"c_name\" value=\"{$title}\" />" . "<input type=\"hidden\" name=\"" . CST_ADMIN_DOMAIN . "\" value=\"" . CST_ADMIN_DOMAIN_CHANNEL . "\" />\n" . "<input type=\"hidden\" name=\"action\" value=\"" . CST_ADMIN_SUBMIT_EDIT . "\" />\n" . "<input type=\"hidden\" name=\"cid\" value=\"{$cid}\" /></p>\n" . "<p><label for=\"c_url\">" . __('RSS URL:') . "</label>\n" . "<a href=\"{$url}\">" . __('(visit)') . "</a>\n" . "<input type=\"text\" id=\"c_url\" name=\"c_url\" value=\"{$url}\" /></p>" . "<p><label for=\"c_siteurl\">" . __('Site URL:') . "</label>\n" . "<a href=\"{$siteurl}\">" . __('(visit)') . "</a>\n" . "<input type=\"text\" id=\"c_siteurl\" name=\"c_siteurl\" value=\"{$siteurl}\" /></p>" . "<p><label for=\"c_parent\">" . __('In folder:') . "</label>\n" . rss_toolkit_folders_combo('c_parent', $parent) . "</p>\n";
    // Tags
    echo "<p><label for=\"c_tags\">" . __('Categories') . ":</label>\n" . "<input type=\"text\" id=\"c_tags\" name=\"c_tags\" value=\"{$tags}\" /></p>";
    // Items state
    if ($mode & RSS_MODE_PRIVATE_STATE) {
        $pchk = " checked=\"checked\" ";
        $old_priv = "1";
    } else {
        $pchk = "";
        $old_priv = "0";
    }
    if ($mode & RSS_MODE_DELETED_STATE) {
        $dchk = " checked=\"checked\" ";
        $old_del = "1";
    } else {
        $dchk = "";
        $old_del = "0";
    }
    echo "<p>\n" . "<input style=\"display:inline\" type=\"checkbox\" id=\"c_private\" " . " name=\"c_private\" value=\"1\"{$pchk} />\n" . "<label for=\"c_private\">" . __('This feed is <strong>private</strong>, only admins see it.') . "</label>\n" . "<input type=\"hidden\" name=\"old_priv\" value=\"{$old_priv}\" />\n" . "</p>\n";
    echo "<p>\n" . "<input style=\"display:inline\" type=\"checkbox\" id=\"c_deleted\" " . " name=\"c_deleted\" value=\"1\"{$dchk} />\n" . "<label for=\"c_deleted\">" . __("This feed is <strong>deprecated</strong>, it won't be updated anymore and won't be visible in the feeds column.") . "</label>\n" . "<input type=\"hidden\" name=\"old_del\" value=\"{$old_del}\" />\n" . "</p>\n";
    // Description
    $descr = trim(htmlentities(strip_tags($descr), ENT_QUOTES));
    echo "<p><label for=\"c_descr\">" . __('Description:') . "</label>\n" . "<input type=\"text\" id=\"c_descr\" name=\"c_descr\" value=\"{$descr}\" /></p>\n";
    // Icon
    if (getConfig('rss.output.showfavicons')) {
        echo "<p><label for=\"c_icon\">" . __('Shown favicon:') . "</label>\n";
        if (trim($icon) != "") {
            if (substr($icon, 0, 5) == 'blob:') {
                $icon = substr($icon, 5);
            }
            echo "<img src=\"{$icon}\" alt=\"{$title}\" class=\"favicon\" width=\"16\" height=\"16\" />\n";
            echo "<span>" . __('(Leave blank for no icon)') . "</span>";
        }
        echo "<input type=\"text\" id=\"c_icon\" name=\"c_icon\" value=\"{$icon}\" /></p>\n";
    } else {
        echo "<p><input type=\"hidden\" name=\"c_icon\" id=\"c_icon\" value=\"{$icon}\" /></p>\n";
    }
    rss_plugin_hook('rss.plugins.admin.feed.properties', $cid);
    echo "</fieldset>\n";
    // Feed properties
    echo "<fieldset id=\"channeleditpropfs\">";
    echo "<p>" . "<span style=\"float:left;\">Allow Gregarius to look for updates in existing items for this feed?</span>" . "<span style=\"float:right;\">[<a  href=\"index.php?domain=config&amp;action=edit&amp;key=rss.input.allowupdates&amp;view=config\">Edit the global option</a>]</span>\n" . "&nbsp;" . "</p>";
    $rss_input_allowupdates_default_current = getProperty($cid, 'rss.input.allowupdates');
    $rss_input_allowupdates_default_value = $rss_input_allowupdates_default = "Use global option (" . (getConfig('rss.input.allowupdates') ? "Yes" : "No") . ")";
    echo "<p id=\"rss_input_allowupdates_options\">" . "<input type=\"radio\" " . "id=\"rss_input_allowupdates_yes\" " . "name=\"prop_rss_input_allowupdates\" value=\"1\"  " . ($rss_input_allowupdates_default_current === true ? " checked=\"checked\" " : "") . "/>\n" . "<label for=\"rss_input_allowupdates_yes\">Yes</label>\n" . "<input type=\"radio\" " . "id=\"rss_input_allowupdates_no\" " . "name=\"prop_rss_input_allowupdates\" value=\"0\"  " . ($rss_input_allowupdates_default_current === false ? " checked=\"checked\" " : "") . "/>\n" . "<label for=\"rss_input_allowupdates_no\">No</label>" . "<input type=\"radio\" " . "id=\"rss_input_allowupdates_default\" " . "name=\"prop_rss_input_allowupdates\" value=\"default\"  " . ($rss_input_allowupdates_default_current === null ? " checked=\"checked\" " : "") . "/>\n" . "<label for=\"rss_input_allowupdates_default\">{$rss_input_allowupdates_default}</label>" . "</p>\n";
    echo "<p>" . "<span style=\"float:left;\">Refresh Interval (minutes): </span>" . "&nbsp;" . "</p>";
    $rss_config_refreshinterval_default_current = getProperty($cid, 'rss.config.refreshinterval');
    echo "<p id=\"rss_config_refreshinterval_options\">" . "<input type=\"text\" id=\"rss_config_refreshinterval\" name=\"rss_config_refreshinterval\" value=\"" . (true == empty($rss_config_refreshinterval_default_current) ? 60 : $rss_config_refreshinterval_default_current) . "\">" . "</p>";
    echo "</fieldset>\n";
    echo "<p style=\"clear:both; padding: 1em 0\"><input type=\"submit\" name=\"action_\" value=\"" . __('Submit Changes') . "\" />" . "<input type=\"button\" name=\"_cancel\" value=\"" . __('Cancel') . "\" onclick=\"history.back(-1);\"></p>";
    echo "</form></div>\n";
}
Beispiel #9
0
function rss_plugins_set_item_state($itemId, $bit_mask, $set, $sqlwhere = "", $entire_db = false)
{
    $retvalue = false;
    if ($itemId || $entire_db) {
        // Check to see if itemId is set or if we are allowed to fsck up the entire db
        // the bitmask has a one in the spot (field(s)) we want to change.
        if ($set) {
            // Set the value to the field to 1
            $sql = "update " . getTable("item") . " set unread = unread | " . $bit_mask;
        } else {
            // set the value of the field to 0
            $sql = "update " . getTable("item") . " set unread = unread & " . ~$bit_mask;
        }
        if ($itemId) {
            if (is_array($itemId)) {
                $sql .= " where id  in (" . implode(',', $itemId) . ")";
            } else {
                // assume it is a number or a string
                $sql .= " where id=" . $itemId;
            }
        } else {
            $sql .= " where 1";
        }
        if ($sqlwhere) {
            $sql .= " and " . $sqlwhere;
        }
        $retvalue = rss_query($sql);
        rss_invalidate_cache();
    } else {
        $retvalue = false;
    }
    return $retvalue;
}
Beispiel #10
0
function theme_options_fill_override_array($theme, $media, $array_input, $key = null)
{
    $ret = array();
    if (!is_array($array_input)) {
        $array_input = explode(",", $array_input);
    }
    foreach ($array_input as $inp) {
        if (!is_array($inp) && isset($inp)) {
            $inp = array('key_' => $inp);
        }
        if (isset($inp['key_'])) {
            $thisret = array();
            if ($key === null || $key === $inp['key_']) {
                $thisret = $inp;
                if ($inp['key_'] == 'rss.output.theme.scheme') {
                    $schemes = loadSchemeList(true, $theme, $media);
                    if (!isset($inp['default_'])) {
                        $thisret['default_'] = implode(',', $schemes) . ",0";
                    }
                    $thisret['type_'] = 'enum';
                    if (!isset($inp['desc_'])) {
                        $thisret['desc_'] = 'The color scheme to use.';
                    }
                    if (!isset($inp['export_'])) {
                        $thisret['export_'] = '';
                    }
                    $value = rss_theme_config_override_option($thisret['key_'], $thisret['default_'], $theme, $media);
                    $value = array_pop(explode(',', $value));
                    $thisret['value_'] = implode(',', $schemes) . "," . $value;
                } else {
                    $sql = "select * from " . getTable("config") . " where key_ like\n                           '" . $inp['key_'] . "'";
                    $res = rss_query($sql);
                    if ($row = rss_fetch_assoc($res)) {
                        foreach ($row as $rowkey => $rowval) {
                            if ($rowkey !== 'value_') {
                                if (!isset($inp[$rowkey])) {
                                    $thisret[$rowkey] = $rowval;
                                } else {
                                    $thisret[$rowkey] = $inp[$rowkey];
                                }
                            }
                        }
                    }
                    $thisret['value_'] = rss_theme_config_override_option($thisret['key_'], $thisret['default_'], $theme, $media);
                }
                if ($key === null) {
                    $ret[] = $thisret;
                } else {
                    $ret = $thisret;
                }
            }
        } else {
            rss_error('rss_theme_options_configure_overrides was passed an item with no key_', RSS_ERROR_ERROR, true);
        }
    }
    return $ret;
}
Beispiel #11
0
function config_admin()
{
    $ret__ = CST_ADMIN_DOMAIN_CONFIG;
    if (isset($_REQUEST[CST_ADMIN_METAACTION])) {
        $action = $_REQUEST[CST_ADMIN_METAACTION];
    } else {
        $action = $_REQUEST['action'];
    }
    switch ($action) {
        case CST_ADMIN_DEFAULT_ACTION:
        case 'CST_ADMIN_DEFAULT_ACTION':
            if (!array_key_exists('key', $_REQUEST)) {
                rss_error(__('Invalid config key specified.'), RSS_ERROR_ERROR, true);
                break;
            }
            $key = sanitize($_REQUEST['key'], RSS_SANITIZER_NO_SPACES | RSS_SANITIZER_SIMPLE_SQL);
            $res = rss_query("select value_,default_,type_ from " . getTable('config') . " where key_='{$key}'");
            list($value, $default, $type) = rss_fetch_row($res);
            $value = real_strip_slashes($value);
            $default = real_strip_slashes($default);
            if ($value == $default) {
                rss_error(__("The value for '{$key}' is the same as its default value!"), RSS_ERROR_ERROR, true);
                break;
            }
            if (array_key_exists(CST_ADMIN_CONFIRMED, $_POST) && $_POST[CST_ADMIN_CONFIRMED] == __('Yes')) {
                rss_query("update " . getTable('config') . " set value_=default_ where key_='{$key}'");
                rss_invalidate_cache();
            } elseif (array_key_exists(CST_ADMIN_CONFIRMED, $_REQUEST) && $_REQUEST[CST_ADMIN_CONFIRMED] == __('No')) {
                //nop
            } else {
                echo "<form class=\"box\" method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n";
                config_default_form($key, $type, $default, CST_ADMIN_DOMAIN_CONFIG);
                echo "</form>\n";
                $ret = CST_ADMIN_DOMAIN_NONE;
            }
            break;
        case CST_ADMIN_EDIT_ACTION:
        case 'CST_ADMIN_EDIT_ACTION':
            $key_ = sanitize($_REQUEST['key'], RSS_SANITIZER_NO_SPACES | RSS_SANITIZER_SIMPLE_SQL);
            $res = rss_query("select * from " . getTable('config') . " where key_ ='{$key_}'");
            list($key, $value, $default, $type, $desc, $export) = rss_fetch_row($res);
            echo "<div>\n";
            echo "\n\n<h2>Edit '{$key}'</h2>\n";
            echo "<form style=\"display:inline\" id=\"cfg\" method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n";
            $onclickaction = null;
            config_edit_form($key, $value, $default, $type, $desc, $export, $onclickaction);
            echo "<p style=\"display:inline\">\n";
            echo isset($preview) ? "<input type=\"submit\" name=\"action\" value=\"" . __('Preview') . "\"" . ($onclickaction ? " onclick=\"{$onclickaction}\"" : "") . " />\n" : "";
            echo "<input type=\"hidden\" name=\"" . CST_ADMIN_METAACTION . "\" value=\"ACT_ADMIN_SUBMIT_CHANGES\" />";
            echo "<input type=\"submit\" name=\"action\" value=\"" . __('Submit Changes') . "\"" . ($onclickaction ? " onclick=\"{$onclickaction}\"" : "") . " /><input type=\"hidden\" name=\"" . CST_ADMIN_DOMAIN . "\" value=\"" . CST_ADMIN_DOMAIN_CONFIG . "\"/>\n</p></form>\n";
            echo "<form style=\"display:inline\" method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n" . "<p style=\"display:inline\">\n<input type=\"hidden\" name=\"" . CST_ADMIN_DOMAIN . "\" value=\"" . CST_ADMIN_DOMAIN_CONFIG . "\"/>\n" . "<input type=\"hidden\" name=\"" . CST_ADMIN_METAACTION . "\" value=\"ACT_ADMIN_SUBMIT_CANCEL\" />" . "<input type=\"submit\" name=\"action\" value=\"" . __('Cancel') . "\"/></p></form>\n" . "\n\n</div>\n";
            $ret__ = CST_ADMIN_DOMAIN_NONE;
            break;
        case __('Preview'):
        case 'ACT_ADMIN_PREVIEW_CHANGES':
            rss_error('fixme: preview not yet implemented', RSS_ERROR_ERROR, true);
            break;
        case __('Submit Changes'):
        case 'ACT_ADMIN_SUBMIT_CHANGES':
            $key = sanitize($_POST['key'], RSS_SANITIZER_NO_SPACES | RSS_SANITIZER_SIMPLE_SQL);
            $type = sanitize($_POST['type'], RSS_SANITIZER_CHARACTERS);
            $value = sanitize($_POST['value'], RSS_SANITIZER_SIMPLE_SQL);
            // sanitizine routines for values
            switch ($key) {
                case 'rss.output.title':
                    $value = strip_tags($value);
                    break;
                case 'rss.config.robotsmeta':
                    $value = preg_replace('#[^a-zA-Z,\\s]#', '', $value);
                    break;
            }
            switch ($key) {
                case 'rss.input.allowed':
                    $ret = array();
                    $tmp = explode(' ', $value);
                    foreach ($tmp as $key__) {
                        if (preg_match('|^[a-zA-Z]+$|', $key__)) {
                            $ret[$key__] = array();
                        } else {
                            $tmp2 = array();
                            $attrs = explode(',', $key__);
                            $key__ = array_shift($attrs);
                            foreach ($attrs as $attr) {
                                $tmp2[$attr] = 1;
                            }
                            $ret[$key__] = $tmp2;
                        }
                    }
                    $sql = "update " . getTable('config') . " set value_='" . serialize($ret) . "' where key_='{$key}'";
                    break;
                case 'rss.output.lang':
                    $langs = getLanguages();
                    $codes = array_keys($langs);
                    $out_val = implode(',', $codes);
                    $cntr = 0;
                    $idx = "0";
                    foreach ($codes as $code) {
                        if ($code == $value) {
                            $idx = $cntr;
                        }
                        $cntr++;
                    }
                    $out_val .= ",{$idx}";
                    $sql = "update " . getTable('config') . " set value_='{$out_val}' where key_='{$key}'";
                    break;
                default:
                    switch ($type) {
                        case 'string':
                            $sql = "update " . getTable('config') . " set value_='{$value}' where key_='{$key}'";
                            break;
                        case 'num':
                            if (!is_numeric($value)) {
                                rss_error(__("Oops, I was expecting a numeric value, got '{$value}' instead!"), RSS_ERROR_ERROR, true);
                                break;
                            }
                            $sql = "update " . getTable('config') . " set value_='{$value}' where key_='{$key}'";
                            break;
                        case 'boolean':
                            if ($value != __('True') && $value != __('False')) {
                                rss_error(__("Oops, invalid value for {$key} : {$value}"), RSS_ERROR_ERROR, true);
                                break;
                            }
                            $sql = "update " . getTable('config') . " set value_='" . ($value == __('True') ? 'true' : 'false') . "'" . " where key_='{$key}'";
                            break;
                        case 'enum':
                            $res = rss_query("select value_ from " . getTable('config') . " where key_='{$key}'");
                            list($oldvalue) = rss_fetch_row($res);
                            if (strstr($oldvalue, $value) === FALSE) {
                                rss_error(__("Oops, invalid value '{$value}' for this config key"), RSS_ERROR_ERROR, true);
                                break;
                            }
                            $arr = explode(',', $oldvalue);
                            $idx = array_pop($arr);
                            $newkey = -1;
                            foreach ($arr as $i => $val) {
                                if ($val == $value) {
                                    $newkey = $i;
                                }
                            }
                            reset($arr);
                            if ($newkey > -1) {
                                array_push($arr, $newkey);
                                $sql = "update " . getTable('config') . " set value_='" . implode(',', $arr) . "'" . " where key_='{$key}'";
                            } else {
                                rss_error(__("Oops, invalid value '{$value}' for this config key"), RSS_ERROR_ERROR, true);
                            }
                            break;
                        default:
                            rss_error(__('Ooops, unknown config type: ') . $type, RSS_ERROR_ERROR, true);
                            //var_dump($_REQUEST);
                            break;
                    }
            }
            if (isset($sql)) {
                rss_query($sql);
                rss_invalidate_cache();
            }
            break;
        default:
            break;
    }
    return $ret__;
}
Beispiel #12
0
/**
 * performs pruning action
 */
function item_admin()
{
    $ret__ = CST_ADMIN_DOMAIN_NONE;
    switch ($_REQUEST['action']) {
        case __('Delete'):
            $req = rss_query('select count(*) as cnt from ' . getTable('item') . " where not(unread & " . RSS_MODE_DELETED_STATE . ")");
            list($cnt) = rss_fetch_row($req);
            $prune_older = sanitize($_REQUEST['prune_older'], RSS_SANITIZER_NUMERIC);
            if (array_key_exists('prune_older', $_REQUEST) && strlen($_REQUEST['prune_older']) && is_numeric($_REQUEST['prune_older'])) {
                switch ($_REQUEST['prune_period']) {
                    case __('days'):
                        $period = 'day';
                        break;
                    case __('months'):
                        $period = 'month';
                        break;
                    case __('years'):
                        $period = 'year';
                        break;
                    default:
                        rss_error(__('Invalid pruning period'), RSS_ERROR_ERROR, true);
                        return CST_ADMIN_DOMAIN_ITEM;
                        break;
                }
                $sql = " from " . getTable('item') . " i inner join " . getTable('channels') . " c on c.id=i.cid " . " where 1=1 ";
                if (array_key_exists('prune_channel', $_REQUEST)) {
                    if (ALL_CHANNELS_ID != $_REQUEST['prune_channel']) {
                        $sql .= " and c.id = " . $_REQUEST['prune_channel'] . "";
                    }
                }
                if ($prune_older > 0) {
                    $prune_older_date = date("Y-m-d H:i:s", strtotime("-{$prune_older} {$period}"));
                    $sql .= " and ifnull(i.pubdate, i.added) <  '{$prune_older_date}'";
                }
                if (!array_key_exists('prune_include_sticky', $_REQUEST) || $_REQUEST['prune_include_sticky'] != '1') {
                    $sql .= " and not(unread & " . RSS_MODE_STICKY_STATE . ") ";
                }
                if (!array_key_exists('prune_include_flag', $_REQUEST) || $_REQUEST['prune_include_flag'] != '1') {
                    $sql .= " and not(unread & " . RSS_MODE_FLAG_STATE . ") ";
                }
                if (!array_key_exists('prune_include_unread', $_REQUEST) || $_REQUEST['prune_include_unread'] != '1') {
                    $sql .= " and not(unread & " . RSS_MODE_UNREAD_STATE . ") ";
                }
                if (array_key_exists('prune_exclude_tags', $_REQUEST) && trim($_REQUEST['prune_exclude_tags'])) {
                    if (trim($_REQUEST['prune_exclude_tags']) == '*') {
                        $tsql = " select distinct fid from " . getTable('metatag');
                    } else {
                        $exclude_tags = explode(" ", $_REQUEST['prune_exclude_tags']);
                        $trimmed_exclude_tags = array();
                        foreach ($exclude_tags as $etag) {
                            if ($tetag = rss_real_escape_string(trim($etag))) {
                                $trimmed_exclude_tags[] = $tetag;
                            }
                        }
                        $tsql = " select distinct fid from " . getTable('metatag') . " m " . " inner join " . getTable('tag') . " t" . "   on t.id = m.tid " . " where t.tag in ('" . implode("', '", $trimmed_exclude_tags) . "')";
                    }
                    $tres = rss_query($tsql);
                    $fids = array();
                    while (list($fid) = rss_fetch_row($tres)) {
                        $fids[] = $fid;
                    }
                    if (count($fids)) {
                        $sql .= " and i.id not in (" . implode(",", $fids) . ") ";
                    }
                }
                if (array_key_exists(CST_ADMIN_CONFIRMED, $_REQUEST)) {
                    // Possible fix for #207: max out execution time
                    // to avoid timeouts
                    @set_time_limit(0);
                    @ini_set('max_execution_time', 60 * 10);
                    //echo "<pre>\n";
                    //delete the tags for these items
                    $sqlids = "select distinct i.id,i.cid " . $sql . " order by i.cid, i.id desc";
                    $rs = rss_query($sqlids);
                    $ids = array();
                    $cids = array();
                    //echo "to be deleted\n";
                    while (list($id, $cid) = rss_fetch_row($rs)) {
                        $cids[$cid][] = $id;
                        //echo "cid=$cid, $id\n";
                    }
                    //echo "\n\n";
                    if (count($cids)) {
                        // Righto. Lets check which of these ids still is in cache:
                        $cacheIds = array();
                        // now, sort the ids to be deleted into two lists: in cache / to trash
                        $in_cache = array();
                        $to_trash = array();
                        foreach ($cids as $cid => $ids) {
                            $rsCache = rss_query("select itemsincache from " . getTable('channels') . " where id={$cid}");
                            list($idString) = rss_fetch_row($rsCache);
                            if ($idString) {
                                $cacheIds = unserialize($idString);
                            } else {
                                $cacheIds = array();
                            }
                            foreach ($ids as $iid) {
                                //echo "examining: $iid (cid $cid) ->";
                                if (array_search($iid, $cacheIds) !== FALSE) {
                                    $in_cache[] = $iid;
                                    //echo " in cache!\n";
                                } else {
                                    $to_trash[] = $iid;
                                    //echo " not in cache!\n";
                                }
                            }
                        }
                        // cheers, we're set. Now delete the metatag links for *all*
                        // items to be deleted
                        if (count($ids)) {
                            $sqldel = "delete from " . getTable('metatag') . " where fid in (" . implode(",", array_merge($in_cache, $to_trash)) . ")";
                            rss_query($sqldel);
                        }
                        // finally, delete the actual items
                        if (count($to_trash)) {
                            rss_query("delete from " . getTable('item') . " where id in (" . implode(", ", $to_trash) . ")");
                        }
                        if (count($in_cache)) {
                            rss_query("update " . getTable('item') . " set unread = unread | " . RSS_MODE_DELETED_STATE . ", description='' " . " where id in (" . implode(", ", $in_cache) . ")");
                        }
                        rss_invalidate_cache();
                    }
                    $ret__ = CST_ADMIN_DOMAIN_ITEM;
                } else {
                    list($cnt_d) = rss_fetch_row(rss_query("select count(distinct(i.id)) as cnt " . $sql . " and not(i.unread & " . RSS_MODE_DELETED_STATE . ")"));
                    rss_error(sprintf(__('Warning: you are about to delete %s items (of %s)'), $cnt_d, $cnt), RSS_ERROR_ERROR, true);
                    echo "<form action=\"\" method=\"post\">\n" . "<p><input type=\"hidden\" name=\"" . CST_ADMIN_DOMAIN . "\" value=\"" . CST_ADMIN_DOMAIN_ITEM . "\" />\n" . "<input type=\"hidden\" name=\"prune_older\" value=\"" . $_REQUEST['prune_older'] . "\" />\n" . "<input type=\"hidden\" name=\"prune_period\" value=\"" . $_REQUEST['prune_period'] . "\" />\n" . "<input type=\"hidden\" name=\"" . CST_ADMIN_CONFIRMED . "\" value=\"1\" />\n" . "<input type=\"submit\" name=\"action\" value=\"" . __('Delete') . "\" />\n" . "<input type=\"submit\" name=\"action\" value=\"" . __('Cancel') . "\"/>\n" . "</p>\n" . "</form>\n";
                }
            } else {
                rss_error(__('oops, no period specified'), RSS_ERROR_ERROR, true);
                $ret__ = CST_ADMIN_DOMAIN_ITEM;
            }
            break;
        default:
            $ret__ = CST_ADMIN_DOMAIN_ITEM;
            break;
    }
    return $ret__;
}
Beispiel #13
0
 function cleanUp($newIds, $ignorePrivate = false)
 {
     if (!hidePrivate() || $ignorePrivate) {
         if (count($newIds) > 0 && getConfig('rss.config.markreadonupdate')) {
             rss_query("update " . getTable("item") . " set unread = unread & " . SET_MODE_READ_STATE . " where unread & " . RSS_MODE_UNREAD_STATE . " and id not in (" . implode(",", $newIds) . ")");
         }
     }
     setProperty('__meta__', 'meta.lastupdate', 'misc', time());
     if (count($newIds) > 0) {
         rss_invalidate_cache();
     }
     rss_plugin_hook('rss.plugins.updates.after', null);
 }
Beispiel #14
0
 /**
  * Logs the user out.
  * - deletes the cookie
  * - removes the user's IP subnet from the list of valid subnets this
  *   user is allowed to log in with a cookie.
  */
 function logout()
 {
     if (array_key_exists(RSS_USER_COOKIE, $_COOKIE) || isset($_SESSION['mobile'])) {
         $subnet = preg_replace('#^([0-9]+\\.[0-9]+\\.[0-9]+)\\.[0-9]+$#', '\\1', $_SERVER['REMOTE_ADDR']);
         if (($idx = array_search($subnet, $this->_validIPs)) !== FALSE) {
             $cnt = count($this->_validIPs);
             unset($this->_validIPs[$idx]);
             $uname = trim($this->_uname);
             if ($uname && $cnt > count($this->_validIPs)) {
                 $sql = "update " . getTable('users') . " set userips = '" . implode(' ', $this->_validIPs) . "'" . " where uname = '{$uname}' ";
                 rss_query($sql);
             }
         }
         // get rid of the cookie
         unset($_COOKIE[RSS_USER_COOKIE]);
         setcookie(RSS_USER_COOKIE, "", -1, getPath());
         if (isset($_SESSION['mobile'])) {
             unset($_SESSION['mobile']);
         }
         rss_invalidate_cache();
     }
 }
Beispiel #15
0
         $cats[$cid] = array();
     }
     $cats[$cid][] = $tag;
 }
 $sql = "select " . " c.id, c.title, c.url, c.siteurl, d.name, c.parent, c.descr " . " from " . getTable("channels") . " c " . " inner join " . getTable("folders") . " d on d.id = c.parent " . " where not (c.mode & " . RSS_MODE_DELETED_STATE . ") ";
 if (hidePrivate()) {
     $sql .= " and not(c.mode & " . RSS_MODE_PRIVATE_STATE . ") ";
 }
 // note: should we export deprecated feeds?
 if (getConfig('rss.config.absoluteordering')) {
     $sql .= " order by d.position asc, c.position asc";
 } else {
     $sql .= " order by d.name asc, c.title asc";
 }
 $res = rss_query($sql);
 $dateRes = rss_query("select max(dateadded) from " . getTable("channels"));
 list($dateModif) = rss_fetch_row($dateRes);
 $dateLabel = date("r", strtotime($dateModif));
 header("Content-Type: text/xml");
 echo "<?xml version=\"1.0\" encoding=\"" . getConfig('rss.output.encoding') . "\"?>\n" . "<?xml-stylesheet type=\"text/xsl\" href=\"" . getPath() . "css/opml.xsl\"?>\n" . "<!-- Generated by " . _TITLE_ . " " . _VERSION_ . " -->\n" . "<opml version=\"2.0\">\n";
 echo "\t<head>\n" . "\t\t<title>" . _TITLE_ . " OPML Feed</title>\n" . "\t\t<dateModified>{$dateLabel}</dateModified>\n" . "\t</head>\n" . "\t<body>\n";
 $prev_parent = 0;
 while (list($id, $title, $url, $siteurl, $name, $parent, $descr) = rss_fetch_row($res)) {
     $descr_ = htmlspecialchars($descr);
     $descr_ = trim(preg_replace('/(\\r\\n|\\r|\\n)/', ' ', $descr_));
     $title_ = htmlspecialchars($title);
     $url_ = preg_replace('|(https?://)([^:]+:[^@]+@)(.+)$|', '\\1\\3', $url);
     $url_ = htmlspecialchars($url_);
     $siteurl_ = preg_replace('|(https?://)([^:]+:[^@]+@)(.+)$|', '\\1\\3', $siteurl);
     $siteurl_ = htmlspecialchars($siteurl_);
     $name_ = htmlspecialchars($name);
Beispiel #16
0
function blGetItems($cid, $date, $markread)
{
    if (hidePrivate()) {
        header('HTTP/1.x 401 Not Authorized');
        exit;
    }
    if (!$cid) {
        header('HTTP/1.x 403 Forbidden');
        exit;
    }
    $sql = "select i.title as ititle, i.description as idescr, c.title as ctitle, " . " c.descr as cdescr, c.url as curl, i.author as iauth, i.url as iurl, " . " unix_timestamp(ifnull(i.pubdate, i.added)) as idate ,i.id as iid" . " from " . getTable('item') . " i " . " inner join " . getTable('channels') . " c " . "  on c.id = i.cid " . " where i.unread & " . RSS_MODE_UNREAD_STATE . " and c.id={$cid}";
    if ($date) {
        $sql .= " and ifnull(i.pubdate, i.added) > {$date} ";
    }
    $rs = rss_query($sql);
    if (rss_num_rows($rs) == 0) {
        header('HTTP/1.x 304 Not Modified');
        exit;
    }
    $ids = array();
    header('Content-Type: text/xml; charset=utf-8');
    $hdr = false;
    while ($row = rss_fetch_assoc($rs)) {
        if (!$hdr) {
            $hdr = true;
            echo "<" . "?xml version=\"1.0\"?" . ">\n" . "<rss version=\"2.0\"\n" . "xmlns:dc=\"http://purl.org/dc/elements/1.1/\"\n" . "xmlns:bloglines=\"http://www.bloglines.com/services/module\"\n" . "xmlns:rdf=\"http://www.w3.org/1999/02/22-rdf-syntax-ns#\">\n" . "<channel>\n" . "\t<title>" . htmlspecialchars($row['ctitle']) . "</title>\n" . "\t<link>" . htmlspecialchars($row['curl']) . "</link>\n" . "\t<description>" . htmlspecialchars($row['cdescr']) . "</description>\n" . "\t<language>en-us</language>\n" . "\t<webMaster>support@bloglines.com</webMaster>\n";
        }
        $ids[] = $row['iid'];
        echo "\t<item>\n" . "\t\t<title>" . htmlspecialchars($row['ititle']) . "</title>\n" . "\t\t<dc:creator>" . htmlspecialchars($row['iauth']) . "</dc:creator>\n" . "\t\t<guid isPermaLink=\"true\">" . htmlspecialchars($row['iurl']) . "</guid>\n" . "\t\t<link>" . htmlspecialchars($row['iurl']) . "</link>\n" . "\t\t<description><![CDATA[" . $row['idescr'] . "]]></description>\n" . "\t\t<pubDate>" . date('D, j M Y H:i:s \\G\\M\\T', $row['idate']) . "</pubDate>\n" . "\t\t<bloglines:itemid>" . $row['iid'] . "</bloglines:itemid>\n" . "\t</item>\n";
    }
    echo "</channel>\n</rss>\n";
    if ($markread) {
        $sql = "update " . getTable('item') . " set unread = unread & " . SET_MODE_READ_STATE . " where id in (" . implode(',', $ids) . ")";
        rss_query($sql);
        rss_invalidate_cache();
    }
}
Beispiel #17
0
/**
 * this function handles specific schema updates that occurred 
 * during version updates.
 *
 * @return the number of updated tables
 */
function checkSchemaColumns($column)
{
    $updated = 0;
    switch ($column) {
        case 'c.mode':
        case 'mode':
            // default feed mode, added in 0.4.1
            rss_query('alter table ' . getTable('channels') . ' add column mode int(16) not null default 1');
            if (rss_is_sql_error(RSS_SQL_ERROR_NO_ERROR)) {
                $updated++;
                rss_error("updated schema for table " . getTable('channels'), RSS_ERROR_NOTICE);
            } else {
                rss_error("Failed updating schema for table " . getTable('channels') . ": " . rss_sql_error_message(), RSS_ERROR_ERROR);
            }
            break;
        case 'c.itemsincache':
        case 'itemsincache':
            // date feed was last refreshed, added in 0.5.3
            rss_query('alter table ' . getTable('channels') . ' add column itemsincache text null');
            if (rss_is_sql_error(RSS_SQL_ERROR_NO_ERROR)) {
                $updated++;
                rss_error("updated schema for table " . getTable('channels'), RSS_ERROR_NOTICE);
            } else {
                rss_error("Failed updating schema for table " . getTable('channels') . ": " . rss_sql_error_message(), RSS_ERROR_ERROR);
            }
            break;
        case 'c.daterefreshed':
        case 'daterefreshed':
            // date feed was last refreshed, added in 0.5.3
            rss_query('alter table ' . getTable('channels') . ' add column daterefreshed datetime null default 1');
            if (rss_is_sql_error(RSS_SQL_ERROR_NO_ERROR)) {
                $updated++;
                rss_error("updated schema for table " . getTable('channels'), RSS_ERROR_NOTICE);
            } else {
                rss_error("Failed updating schema for table " . getTable('channels') . ": " . rss_sql_error_message(), RSS_ERROR_ERROR);
            }
            // break; - fallthrough allowed on purpose because these are added at the same time
        // break; - fallthrough allowed on purpose because these are added at the same time
        case 'c.etag':
        case 'etag':
            // etag of the feed, (from HTTP header) added in 0.5.3
            rss_query('alter table ' . getTable('channels') . ' add column etag varchar(255) default null');
            if (rss_is_sql_error(RSS_SQL_ERROR_NO_ERROR)) {
                $updated++;
                rss_error("updated schema for table " . getTable('channels'), RSS_ERROR_NOTICE);
            } else {
                rss_error("Failed updating schema for table " . getTable('channels') . ": " . rss_sql_error_message(), RSS_ERROR_ERROR);
            }
            // break; - fallthrough allowed on purpose because these are added at the same time
        // break; - fallthrough allowed on purpose because these are added at the same time
        case 'c.lastmodified':
        case 'lastmodified':
            // last modified code returned by the feed (from HTTP header), added in 0.5.3
            rss_query('alter table ' . getTable('channels') . ' add column lastmodified varchar(255) default null');
            if (rss_is_sql_error(RSS_SQL_ERROR_NO_ERROR)) {
                $updated++;
                rss_error("updated schema for table " . getTable('channels'), RSS_ERROR_NOTICE);
            } else {
                rss_error("Failed updating schema for table " . getTable('channels') . ": " . rss_sql_error_message(), RSS_ERROR_ERROR);
            }
            break;
        case 'i.author':
        case 'author':
            // item's author
            rss_query('alter table ' . getTable('item') . ' add column author varchar(255) null');
            if (rss_is_sql_error(RSS_SQL_ERROR_NO_ERROR)) {
                $updated++;
                rss_error('updated schema for table ' . getTable('item'), RSS_ERROR_NOTICE);
            } else {
                rss_error('Failed updating schema for table ' . getTable('item') . ': ' . rss_sql_error_message(), RSS_ERROR_ERROR);
            }
            break;
        case 'm.tdate':
        case 'tdate':
            // tag date
            rss_query('alter table ' . getTable('metatag') . ' add column tdate datetime null');
            if (rss_is_sql_error(RSS_SQL_ERROR_NO_ERROR)) {
                rss_query('update ' . getTable('metatag') . ' set tdate=now()');
                $updated++;
                rss_error('updated schema for table ' . getTable('metatag'), RSS_ERROR_NOTICE);
            } else {
                rss_error('Failed updating schema for table ' . getTable('metatag') . ': ' . rss_sql_error_message(), RSS_ERROR_ERROR);
            }
            break;
        case 'i.enclosure':
        case 'enclosure':
            // enclosure for an item
            rss_query('alter table ' . getTable('item') . ' add column enclosure varchar(255) null');
            if (rss_is_sql_error(RSS_SQL_ERROR_NO_ERROR)) {
                $updated++;
                rss_error('updated schema for table ' . getTable('item'), RSS_ERROR_NOTICE);
            } else {
                rss_error('Failed updating schema for table ' . getTable('item') . ': ' . rss_sql_error_message(), RSS_ERROR_ERROR);
            }
            break;
        case 'userips':
        case 'i.userips':
            // users.userips: list of valid IP subnets the user has logged in from
            rss_query('alter table ' . getTable('users') . ' add column userips text default \'\'');
            if (rss_is_sql_error(RSS_SQL_ERROR_NO_ERROR)) {
                $updated++;
                rss_error('updated schema for table ' . getTable('users'), RSS_ERROR_NOTICE);
            } else {
                rss_error('Failed updating schema for table ' . getTable('users') . ': ' . rss_sql_error_message(), RSS_ERROR_ERROR);
            }
            break;
        case 'i.md5sum':
        case 'md5sum':
            // md5check on an item - added in 0.5.3
            rss_query('alter table ' . getTable('item') . ' add column md5sum varchar(32) null');
            if (rss_is_sql_error(RSS_SQL_ERROR_NO_ERROR)) {
                $updated++;
                rss_error('updated schema for table ' . getTable('item'), RSS_ERROR_NOTICE);
            } else {
                rss_error('Failed updating schema for table ' . getTable('item') . ': ' . rss_sql_error_message(), RSS_ERROR_ERROR);
            }
            // break; - fallthrough allowed on purpose because these are added at the same time
        // break; - fallthrough allowed on purpose because these are added at the same time
        case 'i.guid':
        case 'guid':
            // guid of an item - added in 0.5.3
            rss_query('alter table ' . getTable('item') . ' add column guid text null');
            rss_query('alter table ' . getTable('item') . ' add index `guid` (`guid`(10))');
            if (rss_is_sql_error(RSS_SQL_ERROR_NO_ERROR)) {
                $updated++;
                rss_error('updated schema for table ' . getTable('item'), RSS_ERROR_NOTICE);
            } else {
                rss_error('Failed updating schema for table ' . getTable('item') . ': ' . rss_sql_error_message(), RSS_ERROR_ERROR);
            }
            break;
    }
    return $updated;
}
Beispiel #18
0
 function populate($sqlWhere, $sqlOrder = "", $startItem = 0, $itemCount = -1, $hint = ITEM_SORT_HINT_MIXED, $includeDeprecated = false)
 {
     $si = $this->page * $this->itemsPerPage;
     parent::populate($sqlWhere, $sqlOrder, $si, $itemCount > 0 ? $this->itemsPerPage : $itemCount, $hint, $includeDeprecated);
     $sql = "select count(*) as cnt " . " from " . $this->_sqlActualFrom . " where " . $this->_sqlActualWhere;
     list($this->numItems) = rss_fetch_row(rss_query($sql));
     if ($this->itemsPerPage && $this->numItems > $this->itemsPerPage) {
         $this->navigation = new ItemListNavigation($this);
     }
 }
Beispiel #19
0
function cacheFavicon($icon)
{
    // Make sure only real favicons get fetched into the DB
    if (!preg_match('#^https?://.+$#', $icon)) {
        return false;
    }
    $icon_ = rss_real_escape_string($icon);
    $binIcon = getUrl($icon);
    if ($binIcon) {
        $sql = "delete from " . getTable('cache') . " where cachetype='icon' and cachekey='{$icon_}'";
        rss_query($sql);
        $sql = "insert into " . getTable('cache') . "(cachekey,timestamp,cachetype,data) values " . "('{$icon_}',now(),'icon','" . rss_real_escape_string($binIcon) . "')";
        rss_query($sql);
        return rss_is_sql_error(RSS_SQL_ERROR_NO_ERROR);
    }
    return false;
}
Beispiel #20
0
 function setProperty($ref_obj, $prop, $type, $value)
 {
     $val = @serialize($value);
     if (!$val) {
         return false;
     }
     $val = rss_real_escape_string($val);
     $res = rss_query('SELECT count(fk_ref_object_id) FROM ' . getTable('properties') . " WHERE fk_ref_object_id = '{$ref_obj}' AND proptype = '{$type}'" . " AND property = '{$prop}'");
     list($cnt_rows) = rss_fetch_row($res);
     if ($cnt_rows) {
         rss_query('UPDATE ' . getTable('properties') . " SET value = '{$val}' WHERE fk_ref_object_id = '{$ref_obj}' AND proptype = '{$type}'" . " AND property = '{$prop}'");
     } else {
         rss_query('insert into ' . getTable('properties') . '(fk_ref_object_id, proptype, property, value) values (' . "'{$ref_obj}','{$type}','{$prop}','{$val}'" . ')');
     }
     $this->_populateProperties();
     rss_invalidate_cache();
     return true;
 }
Beispiel #21
0
/**
* This function will return an array for the previous, next and up
* navigation elements, based on the current location
*
* @return: array (
	('prev'|'next'|'up')* => array (
		 'y' => year of the prev,next,up item
		 'm' => month of the prev,next,up item
		 'd' => day of the prev,next,up item
		 'cnt' => count of the prev,next,up items for this date
		 'ts' => unix timestamp of the above 
		 'url' =>  precomputed uri for the link
		 'lbl' => precomupted label to be used in the links
	)
)
*/
function makeNav($cid, $iid, $y, $m, $d, $fid, $vfid, $cids)
{
    //echo "X-info: $cid,$iid,$y,$m,$d,$fid,$vfid,$cids";
    $currentView = null;
    $prev = $succ = $up = null;
    if (isset($_REQUEST['channel'])) {
        $escaped_title = rss_uri($_REQUEST['channel']);
        //preg_replace("/[^A-Za-z0-9\.]/","_",$_REQUEST['channel']);
    } else {
        $escaped_title = null;
    }
    // where are we anyway?
    if ($y > 0 && $m > 0 && $d > 0) {
        if ($iid != "") {
            $currentView = 'item';
        } else {
            $currentView = 'day';
        }
    } elseif ($y > 0 && $m > 0 && $d == 0) {
        $currentView = 'month';
    } elseif ($cids) {
        if ($fid) {
            $currentView = "folder";
        } elseif ($vfid) {
            $currentView = "cat";
        }
    } elseif ($cid) {
        $currentView = "feed";
    }
    if ($currentView) {
        switch ($currentView) {
            case 'month':
            case 'day':
                if ($currentView == 'day') {
                    $ts_p = mktime(23, 59, 59, $m, $d - 1, $y);
                    $ts_s = mktime(0, 0, 0, $m, $d, $y);
                } elseif ($currentView == 'month') {
                    $ts_p = mktime(0, 0, 0, $m + 1, 0, $y);
                    $ts_s = mktime(0, 0, 0, $m, 1, $y);
                }
                $sql_succ = " select " . " UNIX_TIMESTAMP( ifnull(i.pubdate, i.added)) as ts_, " . " year( ifnull(i.pubdate, i.added)) as y_, " . " month( ifnull(i.pubdate, i.added)) as m_, " . ($currentView == 'day' ? " dayofmonth( ifnull(i.pubdate, i.added)) as d_, " : "") . " count(*) as cnt_ " . " from " . getTable("item") . "i  where " . " UNIX_TIMESTAMP(ifnull(i.pubdate, i.added)) > {$ts_s} ";
                if ($cid) {
                    $sql_succ .= " and cid={$cid} ";
                }
                if (hidePrivate()) {
                    $sql_succ .= " and not(i.unread & " . RSS_MODE_PRIVATE_STATE . ") ";
                }
                $sql_succ .= " group by y_,m_" . ($currentView == 'day' ? ",d_ " : "") . " order by ts_ asc limit 4";
                $sql_prev = " select " . " UNIX_TIMESTAMP( ifnull(i.pubdate, i.added)) as ts_, " . " year( ifnull(i.pubdate, i.added)) as y_, " . " month( ifnull(i.pubdate, i.added)) as m_, " . ($currentView == 'day' ? " dayofmonth( ifnull(i.pubdate, i.added)) as d_, " : "") . " count(*) as cnt_ " . " from " . getTable("item") . " i  where " . " UNIX_TIMESTAMP(ifnull(i.pubdate, i.added)) < {$ts_p} ";
                if ($cid) {
                    $sql_prev .= " and cid={$cid} ";
                }
                if (hidePrivate()) {
                    $sql_prev .= " and not(i.unread & " . RSS_MODE_PRIVATE_STATE . ") ";
                }
                $sql_prev .= " group by y_,m_" . ($currentView == 'day' ? ",d_ " : "") . " order by ts_ desc limit 4";
                //echo "<!-- $sql_prev -->\n";
                $res_prev = rss_query($sql_prev);
                $res_succ = rss_query($sql_succ);
                $mCount = 12 * $y + $m;
                // next
                while ($succ == null && ($row = rss_fetch_assoc($res_succ))) {
                    if ($currentView == 'day') {
                        if (mktime(0, 0, 0, $row['m_'], $row['d_'], $row['y_']) > $ts_s) {
                            $succ = array('y' => $row['y_'], 'm' => $row['m_'], 'd' => $row['d_'], 'cnt' => $row['cnt_'], 'ts' => $row['ts_'], 'url' => makeArchiveUrl($row['ts_'], $escaped_title, $cid, $currentView == 'day'), 'lbl' => rss_locale_date('%B %e', $row['ts_']) . " (" . $row['cnt_'] . " " . ($row['cnt_'] > 1 ? __('items') : __('item')) . ")");
                        }
                    } elseif ($currentView == 'month') {
                        if ($row['m_'] + 12 * $row['y_'] > $mCount) {
                            $succ = array('y' => $row['y_'], 'm' => $row['m_'], 'cnt' => $row['cnt_'], 'ts' => $row['ts_'], 'url' => makeArchiveUrl($row['ts_'], $escaped_title, $cid, $currentView == 'day'), 'lbl' => rss_locale_date('%B %Y', $row['ts_']) . " (" . $row['cnt_'] . " " . ($row['cnt_'] > 1 ? __('items') : ITEM) . ")");
                        }
                    }
                }
                // prev
                while ($prev == null && ($row = rss_fetch_assoc($res_prev))) {
                    if ($currentView == 'day') {
                        if (mktime(0, 0, 0, $row['m_'], $row['d_'], $row['y_']) < $ts_p) {
                            $prev = array('y' => $row['y_'], 'm' => $row['m_'], 'd' => $row['d_'], 'cnt' => $row['cnt_'], 'ts' => $row['ts_'], 'url' => makeArchiveUrl($row['ts_'], $escaped_title, $cid, $currentView == 'day'), 'lbl' => rss_locale_date('%B %e', $row['ts_']) . " (" . $row['cnt_'] . " " . ($row['cnt_'] > 1 ? __('items') : __('item')) . ")");
                        }
                    } elseif ($currentView == 'month') {
                        if ($row['m_'] + 12 * $row['y_'] < $mCount) {
                            $prev = array('y' => $row['y_'], 'm' => $row['m_'], 'cnt' => $row['cnt_'], 'ts' => $row['ts_'], 'url' => makeArchiveUrl($row['ts_'], $escaped_title, $cid, $currentView == 'day'), 'lbl' => rss_locale_date('%B %Y', $row['ts_']) . " (" . $row['cnt_'] . " " . ($row['cnt_'] > 1 ? __('items') : __('item')) . ")");
                        }
                    }
                }
                // up
                if ($currentView == 'day') {
                    $ts = mktime(0, 0, 0, $m, 10, $y);
                    $up = array('y' => $y, 'm' => $m, 'url' => makeArchiveUrl($ts, $escaped_title, $cid, false), 'lbl' => rss_locale_date('%B %Y', $ts));
                } elseif ($currentView == 'month') {
                    $up = array('url' => getPath() . (getConfig('rss.output.usemodrewrite') ? $escaped_title : "feed.php?channel={$cid}"), 'lbl' => $escaped_title, 'lbl' => '');
                }
                break;
            case 'item':
                $sql = " select i.title, i.id, " . " UNIX_TIMESTAMP( ifnull(i.pubdate, i.added)) as ts_, " . " year( ifnull(i.pubdate, i.added)) as y_, " . " month( ifnull(i.pubdate, i.added)) as m_, " . " dayofmonth( ifnull(i.pubdate, i.added)) as d_ " . " from " . getTable("item") . " i " . " where i.cid = {$cid}  ";
                if (hidePrivate()) {
                    $sql .= " and not(i.unread & " . RSS_MODE_PRIVATE_STATE . ") ";
                }
                if (getConfig('rss.config.datedesc.unread')) {
                    $sql .= " order by ts_ desc, i.id asc";
                } else {
                    $sql .= " order by ts_ asc, i.id asc";
                }
                $rs = rss_query($sql);
                $found = false;
                $stop = false;
                $prev__ = null;
                $fCounter = 0;
                while (!$stop && (list($title_, $iid_, $ts_, $y_, $m_, $d_) = rss_fetch_row($rs))) {
                    if ($iid_ == $iid) {
                        //this is the "current" item, get a hold on the previous one
                        $found = true;
                        if ($prev__) {
                            list($ptitle_, $piid_, $pts_, $py_, $pm_, $pd_) = $prev__;
                            $succ = array('y' => $py_, 'm' => $pm_, 'cnt' => 0, 'ts' => $pts_, 'url' => makeArchiveUrl($pts_, $escaped_title, $cid, true) . (getConfig('rss.output.usemodrewrite') ? rss_uri($ptitle_) : "&amp;iid={$piid_}"), 'lbl' => htmlentities($ptitle_, ENT_COMPAT, "UTF-8"));
                        }
                    }
                    if ($found) {
                        // okay, this is the next item, then.
                        $fCounter++;
                        if ($fCounter == 2) {
                            $prev = array('y' => $y_, 'm' => $m_, 'cnt' => 0, 'ts' => $ts_, 'url' => makeArchiveUrl($ts_, $escaped_title, $cid, true) . (getConfig('rss.output.usemodrewrite') ? rss_uri($title_) : "&amp;iid={$iid_}"), 'lbl' => htmlentities($title_, ENT_COMPAT, "UTF-8"));
                            $stop = true;
                        }
                    }
                    $prev__ = array($title_, $iid_, $ts_, $y_, $m_, $d_);
                }
                // up
                $ts = mktime(0, 0, 0, $m, $d, $y);
                $up = array('y' => $y, 'm' => $m, 'd' => $d, 'url' => makeArchiveUrl($ts, $escaped_title, $cid, true), 'lbl' => rss_locale_date('%B %e', $ts));
                break;
            case 'feed':
                $sql = "select " . " c.id, c.title " . " from " . getTable("channels") . " c " . " inner join " . getTable("folders") . " d " . "   on d.id = c.parent ";
                $sql .= " where not(c.mode & " . RSS_MODE_DELETED_STATE . ") ";
                if (hidePrivate()) {
                    $sql .= " and not(c.mode & " . RSS_MODE_PRIVATE_STATE . ") ";
                }
                if (getConfig('rss.config.absoluteordering')) {
                    $sql .= " order by d.position asc, c.position asc";
                } else {
                    $sql .= " order by d.name asc, c.title asc";
                }
                $res = rss_query($sql);
                $pcid = $ptitile = null;
                $cidname = array();
                $cids = array();
                while (list($cid_, $title_) = rss_fetch_row($res)) {
                    $cids[] = $cid_;
                    $cidname[] = array($cid_, $title_);
                }
                $key = array_search($cid, $cids);
                if ($key !== NULL && $key !== FALSE) {
                    //echo "$key " .count($cidname);
                    if ($key + 1 < count($cidname)) {
                        list($cid_, $title_) = $cidname[$key + 1];
                        $succ = array('url' => getPath() . (getConfig('rss.output.usemodrewrite') ? rss_uri($title_) . "/" : "feed.php?channel={$cid_}"), 'lbl' => htmlentities($title_, ENT_COMPAT, "UTF-8"));
                    }
                    if ($key > 0) {
                        list($cid_, $title_) = $cidname[$key - 1];
                        $prev = array('url' => getPath() . (getConfig('rss.output.usemodrewrite') ? rss_uri($title_) . "/" : "feed.php?channel={$cid_}"), 'lbl' => htmlentities($title_, ENT_COMPAT, "UTF-8"));
                    }
                }
                break;
            case 'cat':
                $res = rss_query(" select t.tag,t.id from  " . getTable('metatag') . " m " . "inner join " . getTable('tag') . "t on t.id = m.tid " . " where  m.ttype = 'channel' " . " order by t.tag asc");
                $pp = null;
                $nn = null;
                $found = false;
                $stop = false;
                while (!$stop && (list($tt_, $tid_) = rss_fetch_row($res))) {
                    if ($vfid == $tid_) {
                        $found = true;
                    }
                    if (!$found) {
                        $pp = array('id' => $tid_, 'title' => $tt_);
                    } elseif ($vfid != $tid_) {
                        $nn = array('id' => $tid_, 'title' => $tt_);
                        $stop = true;
                    }
                }
                if ($pp) {
                    $vftitle_ = $pp['title'];
                    $vfid_ = $pp['id'];
                    $prev = array('url' => getPath() . (getConfig('rss.output.usemodrewrite') ? rss_uri($vftitle_) . "/" : "feed.php?vfolder={$vfid_}"), 'lbl' => htmlentities($vftitle_, ENT_COMPAT, "UTF-8"));
                }
                if ($nn) {
                    $vftitle_ = $nn['title'];
                    $vfid_ = $nn['id'];
                    $succ = array('url' => getPath() . (getConfig('rss.output.usemodrewrite') ? rss_uri($vftitle_) . "/" : "feed.php?vfolder={$vfid_}"), 'lbl' => htmlentities($vftitle_, ENT_COMPAT, "UTF-8"));
                }
                break;
            case 'folder':
                $sql = "select  f.id, f.name, count(*) from " . getTable('channels') . " c " . "inner join " . getTable('folders') . " f on f.id = c.parent " . " where f.name != '' ";
                if (hidePrivate()) {
                    $sql .= " and not (c.mode & " . RSS_MODE_PRIVATE_STATE . ")";
                }
                $sql .= " group by f.id ";
                if (getConfig('rss.config.absoluteordering')) {
                    $sql .= " order by f.position asc, c.position asc";
                } else {
                    $sql .= " order by f.name, c.title asc";
                }
                $res = rss_query($sql);
                $pp = null;
                $nn = null;
                $found = false;
                $stop = false;
                while (!$stop && (list($fid_, $fn_, $fc_) = rss_fetch_row($res))) {
                    if ($fc_ == 0) {
                        continue;
                    }
                    if ($fid == $fid_) {
                        $found = true;
                    }
                    if (!$found) {
                        $pp = array('id' => $fid_, 'title' => $fn_);
                    } elseif ($fid != $fid_) {
                        $nn = array('id' => $fid_, 'title' => $fn_);
                        $stop = true;
                    }
                }
                if ($pp) {
                    $ftitle__ = $pp['title'];
                    $fid__ = $pp['id'];
                    $prev = array('url' => getPath() . (getConfig('rss.output.usemodrewrite') ? rss_uri($ftitle__) . "/" : "feed.php?folder={$fid__}"), 'lbl' => htmlentities($ftitle__, ENT_COMPAT, "UTF-8"));
                }
                if ($nn) {
                    $ftitle__ = $nn['title'];
                    $fid__ = $nn['id'];
                    $succ = array('url' => getPath() . (getConfig('rss.output.usemodrewrite') ? rss_uri($ftitle__) . "/" : "feed.php?folder={$fid__}"), 'lbl' => htmlentities($ftitle__, ENT_COMPAT, "UTF-8"));
                }
                break;
            default:
                //echo "current view: $currentView";
                break;
        }
        return array($prev, $succ, $up);
    }
    return null;
}
Beispiel #22
0
 /**
  * Fills the instance data for this object: gets a hold 
  * of all tags defined in the system.
  */
 function populate()
 {
     // the all tags weighted list
     $sql = "select t.id, tag, count(*) as cnt from " . getTable('metatag');
     if ($this->type == 'channel') {
         $sql .= " left join " . getTable('channels') . " c on (fid=c.id) " . "inner join " . getTable('tag') . " t " . " on tid=t.id " . " where ttype = 'channel'";
     } else {
         $sql .= " left join " . getTable('item') . " i on (fid=i.id) " . "inner join " . getTable('tag') . " t " . " on tid=t.id " . " where ttype = 'item'";
     }
     // Don't count tags of private items
     if (hidePrivate()) {
         $sql .= " and not(i.unread & " . RSS_MODE_PRIVATE_STATE . ") ";
     }
     $sql .= " and not (i.unread & " . RSS_MODE_DELETED_STATE . ") ";
     $sql .= " group by tid order by tag";
     $res = rss_query($sql);
     $max = 0;
     $min = 100000;
     $cntr = 0;
     while (list($tid, $tag, $cnt) = rss_fetch_row($res)) {
         $this->allTags[$tag] = $cnt;
         // list of unread items
         $cntUnread = 0;
         $sql = "select fid from " . getTable('metatag') . " where tid = {$tid}";
         $res2 = rss_query($sql);
         while (list($fid) = rss_fetch_row($res2)) {
             if ($this->type == 'channel') {
                 $cntUnread += getUnreadCount($fid, null);
             } else {
                 $sql = "select unread from " . getTable('item') . " where id = {$fid}" . " and (unread & " . RSS_MODE_UNREAD_STATE . ") ";
                 if (hidePrivate()) {
                     $sql .= " and not(unread & " . RSS_MODE_PRIVATE_STATE . ") ";
                 }
                 if (rss_num_rows(rss_query($sql))) {
                     $cntUnread++;
                 }
             }
         }
         $this->unreadItems[$tag] = $cntUnread;
         $cntr++;
     }
 }
Beispiel #23
0
 function populate()
 {
     _pf('FeedList->populate() ...');
     $sql = "select " . " c.id, c.title, c.url, c.siteurl, f.name, c.parent, c.icon, c.descr, c.mode " . " from " . getTable("channels") . " c " . "inner join " . getTable("folders") . " f on f.id = c.parent";
     if (hidePrivate()) {
         $sql .= " and not(c.mode & " . RSS_MODE_PRIVATE_STATE . ") ";
     }
     $sql .= " and not(c.mode & " . RSS_MODE_DELETED_STATE . ") ";
     if (getConfig('rss.config.absoluteordering')) {
         $sql .= " order by f.position asc, c.position asc";
     } else {
         $sql .= " order by f.name, c.title asc";
     }
     $res = rss_query($sql);
     $this->feedCount = rss_num_rows($res);
     $ucres = rss_query("select cid, count(*) from " . getTable("item") . " where unread & " . RSS_MODE_UNREAD_STATE . " and not(unread & " . RSS_MODE_DELETED_STATE . ") group by cid");
     $uc = array();
     while (list($uccid, $ucuc) = rss_fetch_row($ucres)) {
         $uc[$uccid] = $ucuc;
     }
     while (list($cid, $ctitle, $curl, $csiteurl, $fname, $cparent, $cico, $cdescr, $cmode) = rss_fetch_row($res)) {
         $ucc = 0;
         if (array_key_exists($cid, $uc)) {
             $ucc = $uc[$cid];
         }
         $f = new FeedListItem($cid, $ctitle, $curl, $csiteurl, $fname, $cparent, $cico, $cdescr, $cmode, $ucc);
         $f->isActiveFeed = $this->activeId && $cid == $this->activeId;
         if (!array_key_exists($cparent, $this->folders)) {
             $this->folders[$cparent] = new FeedFolder($fname, $cparent, $this);
         }
         //$this->folders[$cparent]->feeds[] = $f;
         if ($ucc != 0 || !getConfig('rss.output.minimalchannellist')) {
             $this->folders[$cparent]->feeds[] = $f;
         }
         $this->folders[$cparent]->isCollapsed = in_array($cparent, $this->collapsed_ids) && $cparent > 0;
     }
     _pf('done');
 }
Beispiel #24
0
function readItems($limit)
{
    _pf('read items');
    /*
       $hiddenIds = getHiddenChannelIds();
    if (count($hiddenIds)) {
    	$sqlWhereHidden = " and c.id not in (" . implode(',',$hiddenIds) . ") ";
    } else {
    	$sqlWhereHidden = "";
    }
    */
    $readItems = new PaginatedItemList();
    $readItems->setRenderOptions(IL_TITLE_NO_ESCAPE);
    if (getConfig('rss.config.feedgrouping')) {
        if ($limit <= 0) {
            return;
        }
        $sql = "select " . " c.id" . " from " . getTable("channels") . " c " . " inner join " . getTable("folders") . " f on f.id = c.parent ";
        // $sql .= $sqlWhereHidden;
        $sql .= " where not(c.mode & " . RSS_MODE_DELETED_STATE . ") ";
        if (getConfig('rss.config.absoluteordering')) {
            $sql .= " order by f.position asc, c.position asc";
        } else {
            $sql .= " order by f.name asc, c.title asc";
        }
        $res1 = rss_query($sql);
        while ($readItems->itemCount < $limit && (list($cid) = rss_fetch_row($res1))) {
            $sqlWhere = " not(i.unread & " . RSS_MODE_UNREAD_STATE . ") and i.cid= {$cid}";
            $sqlWhere .= " and i.pubdate <= now() ";
            $readItems->populate($sqlWhere, "", 0, 2, ITEM_SORT_HINT_READ);
            //what if we have less than 2 items.
        }
    } else {
        if ($limit <= 0) {
            return;
        }
        $sqlWhere = " not(i.unread & " . RSS_MODE_UNREAD_STATE . ")  ";
        $sqlWhere .= " and i.pubdate <= now() ";
        //	$sqlWhere .= $sqlWhereHidden;
        $readItems->populate($sqlWhere, "", 0, $limit, ITEM_SORT_HINT_READ);
        $readItems->setRenderOptions(IL_NO_COLLAPSE | IL_TITLE_NO_ESCAPE);
    }
    $readItems->setTitle(__('Recent items'));
    $GLOBALS['rss']->appendContentObject($readItems);
    _pf('end read items');
}
Beispiel #25
0
# published by the Free Software Foundation; either version 2 of the License,
# or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
# more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA  or visit
# http://www.gnu.org/licenses/gpl.html
#
###############################################################################
# E-mail:      mbonetti at gmail dot com
# Web page:    http://gregarius.net/
###############################################################################
require_once '../core.php';
// Cache expires after 24 hours
rss_bootstrap(true, '', 24);
if (!isset($_GET['url'])) {
    exit;
}
$sql = "select data from " . getTable('cache') . " where cachetype='icon' and cachekey='" . rss_real_escape_string($_GET['url']) . "'";
list($blob) = rss_fetch_row(rss_query($sql));
if (!$blob) {
    exit;
} else {
    header('Content-Type: image/x-icon');
    echo $blob;
}
Beispiel #26
0
function __exp__rateItem($iid, $rt)
{
    $iid = sanitize($iid, RSS_SANITIZER_NUMERIC);
    $rt = sanitize($rt, RSS_SANITIZER_NUMERIC);
    list($rrt) = rss_fetch_row(rss_query("select rating from " . getTable('rating') . " where iid = {$iid}"));
    rss_query('delete from ' . getTable('rating') . ' where iid = ' . $iid);
    if ($rt == $rrt) {
        return "{$iid}|0";
    }
    rss_query('insert into ' . getTable('rating') . "(iid,rating) values ({$iid},{$rt})");
    if (rss_is_sql_error(RSS_SQL_ERROR_NO_ERROR)) {
        return "{$iid}|{$rt}";
    }
}
Beispiel #27
0
# more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA  or visit
# http://www.gnu.org/licenses/gpl.html
#
###############################################################################
# E-mail:	   mbonetti at gmail dot com
# Web page:	   http://gregarius.net/
#
###############################################################################
require_once 'init.php';
$a = trim(sanitize($_REQUEST['author'], RSS_SANITIZER_WORDS));
$sql = "select distinct(author) from " . getTable('item') . " where author  like '%{$a}'";
list($ra) = rss_fetch_row(rss_query($sql));
if (!$ra) {
    rss_404();
    exit;
}
$t = ucfirst(__('items')) . " " . __(' by ') . " " . $ra;
$GLOBALS['rss']->header = new Header($t);
$GLOBALS['rss']->feedList = new FeedList(false);
$authorItems = new ItemList();
$sqlWhere = " i.author like '%{$a}' ";
$numItems = getConfig('rss.output.frontpage.numitems');
$authorItems->populate($sqlWhere, "", 0, $numItems);
$authorItems->setTitle($t);
$authorItems->setRenderOptions(IL_NO_COLLAPSE | IL_TITLE_NO_ESCAPE);
$GLOBALS['rss']->appendContentObject($authorItems);
$GLOBALS['rss']->renderWithTemplate('index.php', 'items');
Beispiel #28
0
define('CST_ADMIN_DOMAIN_CONFIG', 'config');
define('CST_ADMIN_DOMAIN_OPML', 'opml');
define('CST_ADMIN_DOMAIN_PLUGINS', 'plugins');
define('CST_ADMIN_DOMAIN_PLUGIN_OPTIONS', 'plugin_options');
define('CST_ADMIN_DOMAIN_THEMES', 'themes');
define('CST_ADMIN_DOMAIN_THEME_OPTIONS', 'theme_options');
define('CST_ADMIN_DOMAIN_TAGS', 'tags');
// OPML import target
define('CST_ADMIN_OPML_IMPORT_WIPE', 1);
define('CST_ADMIN_OPML_IMPORT_FOLDER', 2);
define('CST_ADMIN_OPML_IMPORT_MERGE', 3);
$auth = rss_user_check_user_level(RSS_USER_LEVEL_ADMIN);
if (!$auth) {
    // check whether the admin password has been set.
    $sql = "select uname,password from " . getTable('users') . " where ulevel=99";
    list($dummy, $__pw__) = rss_fetch_row(rss_query($sql));
    if ($__pw__ == '') {
        $admin_uname = null;
        $admin_pass = null;
        if (isset($_POST['username']) && isset($_POST['password'])) {
            $admin_uname = $_POST['username'];
            $admin_pass = $_POST['password'];
        }
        set_admin_pass($admin_uname, $admin_pass);
    } else {
        rss_login_form();
        exit;
    }
}
admin_header();
admin_main($auth);
Beispiel #29
0
function tag_edit($tid)
{
    $sql = "select id, tag from " . getTable("tag") . " where id={$tid}";
    $res = rss_query($sql);
    list($id, $tag) = rss_fetch_row($res);
    echo "<div>\n" . "<h2>" . ucfirst(__('edit')) . " '{$tag}'</h2>\n" . "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\" id=\"tagedit\">\n" . "<div style=\"inline\"><input type=\"hidden\" name=\"" . CST_ADMIN_DOMAIN . "\" value=\"" . CST_ADMIN_DOMAIN_TAGS . "\"/>\n" . "<input type=\"hidden\" name=\"action\" value=\"" . CST_ADMIN_SUBMIT_EDIT . "\"/>\n" . "<input type=\"hidden\" name=\"id\" value=\"{$tid}\"/>\n" . "<label for=\"t_name\">" . __('Rename to...') . "</label>\n" . "<input type=\"text\" id=\"t_name\" name=\"t_name\" value=\"{$tag}\"/>\n" . "<input type=\"submit\" name=\"action_\" value=\"" . __('Submit Changes') . "\"/></div>" . "</form></div>\n";
}
Beispiel #30
0
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA  or visit
# http://www.gnu.org/licenses/gpl.html
#
###############################################################################
# E-mail:      mbonetti at gmail dot com
# Web page:    http://gregarius.net/
#
###############################################################################
require_once "init.php";
rss_require('cls/search.php');
rss_require('cls/wrappers/searchform.php');
rss_require('cls/wrappers/toolkit.php');
$GLOBALS['rss']->feedList = new FeedList(false);
$items = new SearchItemList();
$items->setRenderOptions(IL_NONE | IL_NO_COLLAPSE);
if (array_key_exists(QUERY_PRM, $_REQUEST) && strlen($_REQUEST[QUERY_PRM]) > 1) {
    $GLOBALS['rss']->header = new Header("Search", LOCATION_SEARCH, null);
    $cnt = $items->itemCount;
    $humanReadableQuery = $items->humanReadableQuery;
    $title = sprintf($cnt > 1 || $cnt == 0 ? __('%d matches for %s') : __('%d match for %s'), $cnt, "'" . $humanReadableQuery . "'");
    $items->setTitle($title);
} else {
    list($cnt) = rss_fetch_row(rss_query('select count(*) from ' . getTable("item") . " where " . " not(unread & " . RSS_MODE_DELETED_STATE . ") "));
    $items->setTitle(sprintf(__('Search %d items'), $cnt));
    $GLOBALS['rss']->header = new Header(__('Search'), LOCATION_SEARCH, null, "document.getElementById('" . QUERY_PRM . "').focus()");
}
$GLOBALS['rss']->appendContentObject($items);
$GLOBALS['rss']->renderWithTemplate('index.php');