function shareArticle()
{
$param = db_escape_string($_REQUEST['param']);
$result = db_query("SELECT uuid, ref_id FROM ttrss_user_entries WHERE int_id = '{$param}'\n\t\t\tAND owner_uid = " . $_SESSION['uid']);
if (db_num_rows($result) == 0) {
print "Article not found.";
} else {
$uuid = db_fetch_result($result, 0, "uuid");
$ref_id = db_fetch_result($result, 0, "ref_id");
if (!$uuid) {
$uuid = db_escape_string(uniqid_short());
db_query("UPDATE ttrss_user_entries SET uuid = '{$uuid}' WHERE int_id = '{$param}'\n\t\t\t\t\tAND owner_uid = " . $_SESSION['uid']);
}
print "<h2>" . __("You can share this article by the following unique URL:") . "</h2>";
$url_path = get_self_url_prefix();
$url_path .= "/public.php?op=share&key={$uuid}";
print "<div class=\"tagCloudContainer\">";
print "<a id='gen_article_url' href='{$url_path}' target='_blank'>{$url_path}</a>";
print "</div>";
/* if (!label_find_id(__('Shared'), $_SESSION["uid"]))
label_create(__('Shared'), $_SESSION["uid"]);
label_add_article($ref_id, __('Shared'), $_SESSION['uid']); */
}
print "<div align='center'>";
print "<button dojoType=\"dijit.form.Button\" onclick=\"return dijit.byId('shareArticleDlg').unshare()\">" . __('Unshare article') . "</button>";
print "<button dojoType=\"dijit.form.Button\" onclick=\"return dijit.byId('shareArticleDlg').newurl()\">" . __('Generate new URL') . "</button>";
print "<button dojoType=\"dijit.form.Button\" onclick=\"return dijit.byId('shareArticleDlg').hide()\">" . __('Close this window') . "</button>";
print "</div>";
}
private function update_feed_access_key($feed_id, $is_cat, $owner_uid = false)
{
if (!$owner_uid) {
$owner_uid = $_SESSION["uid"];
}
$sql_is_cat = bool_to_sql_bool($is_cat);
$result = $this->dbh->query("SELECT access_key FROM ttrss_access_keys\n\t\t\tWHERE feed_id = '{$feed_id}'\tAND is_cat = {$sql_is_cat}\n\t\t\tAND owner_uid = " . $owner_uid);
if ($this->dbh->num_rows($result) == 1) {
$key = $this->dbh->escape_string(uniqid_short());
$this->dbh->query("UPDATE ttrss_access_keys SET access_key = '{$key}'\n\t\t\t\tWHERE feed_id = '{$feed_id}' AND is_cat = {$sql_is_cat}\n\t\t\t\tAND owner_uid = " . $owner_uid);
return $key;
} else {
return get_feed_access_key($feed_id, $is_cat, $owner_uid);
}
}
function authenticate_user($login, $password, $check_only = false)
{
if (!SINGLE_USER_MODE) {
$user_id = false;
foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_AUTH_USER) as $plugin) {
$user_id = (int) $plugin->authenticate($login, $password);
if ($user_id) {
$_SESSION["auth_module"] = strtolower(get_class($plugin));
break;
}
}
if ($user_id && !$check_only) {
@session_start();
$_SESSION["uid"] = $user_id;
$_SESSION["version"] = VERSION_STATIC;
$result = db_query("SELECT login,access_level,pwd_hash FROM ttrss_users\n\t\t\t\t\tWHERE id = '{$user_id}'");
$_SESSION["name"] = db_fetch_result($result, 0, "login");
$_SESSION["access_level"] = db_fetch_result($result, 0, "access_level");
$_SESSION["csrf_token"] = uniqid_short();
db_query("UPDATE ttrss_users SET last_login = NOW() WHERE id = " . $_SESSION["uid"]);
$_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"];
$_SESSION["user_agent"] = sha1($_SERVER['HTTP_USER_AGENT']);
$_SESSION["pwd_hash"] = db_fetch_result($result, 0, "pwd_hash");
$_SESSION["last_version_check"] = time();
initialize_user_prefs($_SESSION["uid"]);
return true;
}
return false;
} else {
$_SESSION["uid"] = 1;
$_SESSION["name"] = "admin";
$_SESSION["access_level"] = 10;
$_SESSION["hide_hello"] = true;
$_SESSION["hide_logout"] = true;
$_SESSION["auth_module"] = false;
if (!$_SESSION["csrf_token"]) {
$_SESSION["csrf_token"] = uniqid_short();
}
$_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"];
initialize_user_prefs($_SESSION["uid"]);
return true;
}
}
function get_feed_access_key($feed_id, $is_cat, $owner_uid = false)
{
if (!$owner_uid) {
$owner_uid = $_SESSION["uid"];
}
$sql_is_cat = bool_to_sql_bool($is_cat);
$result = db_query("SELECT access_key FROM ttrss_access_keys\n\t\t\tWHERE feed_id = '{$feed_id}'\tAND is_cat = {$sql_is_cat}\n\t\t\tAND owner_uid = " . $owner_uid);
if (db_num_rows($result) == 1) {
return db_fetch_result($result, 0, "access_key");
} else {
$key = db_escape_string(uniqid_short());
$result = db_query("INSERT INTO ttrss_access_keys\n\t\t\t\t(access_key, feed_id, is_cat, owner_uid)\n\t\t\t\tVALUES ('{$key}', '{$feed_id}', {$sql_is_cat}, '{$owner_uid}')");
return $key;
}
return false;
}
function genHash()
{
$hash = uniqid_short();
print json_encode(array("hash" => $hash));
}
