function rss_query($query, $dieOnError = true, $preventRecursion = false)
{
$ret = $this->_db->query($query);
if ($error = $this->rss_sql_error()) {
$errorString = $this->rss_sql_error_message();
}
// if we got a missing table error, look for missing tables in the schema
// and try to create them
if ($error == 1146 && !$preventRecursion && $dieOnError) {
require_once dirname(__FILE__) . '/../../init.php';
rss_require('schema.php');
checkSchema();
return $this->rss_query($query, $dieOnError, true);
} elseif ($error == 1054 && !$preventRecursion && $dieOnError) {
if (preg_match("/^[^']+'([^']+)'.*\$/", $errorString, $matches)) {
require_once dirname(__FILE__) . '/../../init.php';
rss_require('schema.php');
checkSchemaColumns($matches[1]);
return $this->rss_query($query, $dieOnError, true);
}
}
if ($error && $dieOnError) {
die("<p>Failed to execute the SQL query <pre>{$query}</pre> </p>" . "<p>Error {$error}: {$errorString}</p>");
}
return $ret;
}
/**
* loads the specified plugin file
*/
function rss_load_plugin($plugin_filename)
{
set_loading_plugin($plugin_filename);
if (file_exists(rss_home_dir() . RSS_PLUGINS_DIR . '/' . $plugin_filename)) {
rss_require(RSS_PLUGINS_DIR . '/' . $plugin_filename);
}
set_loading_plugin('');
}
function render()
{
rss_require(RSS::getTemplateFile("nav.php"));
}
function theme_options()
{
if (!array_key_exists('theme', $_REQUEST) || array_key_exists('admin_theme_options_cancel_changes', $_REQUEST)) {
themes();
return;
}
$theme = $_REQUEST['theme'];
$theme_output = "";
if (preg_match('/([a-zA-Z0-9_\\/\\-]+)/', $theme, $matches)) {
$theme = $matches[1];
// sanitize input
$theme_info = getThemeInfo($theme);
extract($theme_info);
if (file_exists("../" . RSS_THEME_DIR . "/{$fsname}/config.php")) {
ob_start();
rss_theme_options_rendered_buttons(false);
rss_require(RSS_THEME_DIR . "/{$fsname}/config.php");
$theme_output = ob_get_contents();
ob_end_clean();
rss_invalidate_cache();
}
if ($theme_output) {
// Let us set up a form
echo "<h2\n class=\"trigger\">" . __('Theme Options') . " " . TITLE_SEP . " " . $name . "</h2>\n" . "<div id=\"admin_theme_options\">\n";
echo "<form method=\"post\" ";
if (rss_theme_options_form_class() !== null) {
echo "class='" . rss_theme_options_form_class() . "' ";
}
echo "action=\"" . $_SERVER['PHP_SELF'] . "\">\n";
echo "<p><input type=\"hidden\" name=\"" . CST_ADMIN_DOMAIN . "\" value=\"" . CST_ADMIN_DOMAIN_THEME_OPTIONS . "\" /></p>\n";
echo $theme_output;
echo "<p><input type=\"hidden\" name=\"theme\" value=\"" . $theme . "\"/>\n";
echo "<input type=\"hidden\" name=\"" . CST_ADMIN_METAACTION . "\" value=\"ACT_ADMIN_SUBMIT_CHANGES\"/>\n";
if (isset($_REQUEST['mediaparam'])) {
$mediaparam = sanitize($_REQUEST['mediaparam'], RSS_SANITIZER_CHARACTERS);
echo "<input type=\"hidden\" name=\"mediaparam\" value=\"{$mediaparam}\">\n";
}
if (!rss_theme_options_rendered_buttons()) {
echo "<input type=\"submit\" name=\"admin_theme_options_submit_changes\" value=\"" . __('Submit Changes') . "\" />\n";
echo "<input type=\"submit\" name=\"admin_theme_options_cancel_changes\"\n value=\"" . __('Cancel') . "\" />\n";
}
echo "</p></form>\n";
echo "</div>";
} else {
themes();
}
}
}
# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA or visit
# http://www.gnu.org/licenses/gpl.html
#
###############################################################################
# E-mail: mbonetti at gmail dot com
# Web page: http://gregarius.net/
#
###############################################################################
define('RSS_NO_CACHE', true);
require_once 'init.php';
$cline = isset($argv) && !$_REQUEST && isset($argc) && $argc;
if (!$cline && getConfig('rss.config.restrictrefresh')) {
die(__('Sorry, updating from the web is currently not allowed.'));
}
rss_require("cls/update.php");
rss_require("extlib/browser.php");
$sajax_request_type = "POST";
$sajax_debug_mode = 0;
$sajax_remote_uri = getPath() . "update.php";
$sajax_export_list = array("ajaxUpdate", "ajaxUpdateCleanup");
sajax_init();
if (array_key_exists('js', $_GET)) {
header('Content-Type: text/javascript');
ajaxUpdateJavascript();
exit;
} elseif (array_key_exists('rs', $_REQUEST)) {
// this one handles the xmlhttprequest call from the above javascript
sajax_handle_client_request();
exit;
}
$browser = new Browser();
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
# more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA or visit
# http://www.gnu.org/licenses/gpl.html
#
###############################################################################
# E-mail: mbonetti at gmail dot com
# Web page: http://gregarius.net/
#
###############################################################################
rss_require('cls/wrappers/user.php');
define('RSS_USER_ACTION_LOGIN', 0x1);
define('RSS_USER_ACTION_COOKIE', 0x2);
define('RSS_USER_ACTION_SESSION', 0x4);
define('RSS_USER_ACTION_LOGOUT', 0x8);
/**
* The RSSUser class holds all the business logic to handle Gregarius users
*/
class RSSUser
{
/** Userid */
var $_uid;
/** Userlevel */
var $_level;
/** Username */
var $_uname;
function error($error, $severity)
{
if ($this->error == null) {
rss_require('cls/errorhandler.php');
$this->error = new ErrorHandler();
}
$this->error->appendError($error, $severity);
}
/**
* Performs all the feed-related admin actions
*/
function channel_admin()
{
// Fix for #16: Admin (et al.) should not rely on l10n labels for actions:
// Look for a meta-action first, which should be the (untranslated) *name* of
// the (translated) action constant.
// Fixme: should replace 'action's with a constant
if (array_key_exists(CST_ADMIN_METAACTION, $_REQUEST)) {
$__action__ = $_REQUEST[CST_ADMIN_METAACTION];
} elseif (array_key_exists('action', $_REQUEST)) {
$__action__ = $_REQUEST['action'];
} else {
$__action__ = "";
}
$ret__ = CST_ADMIN_DOMAIN_NONE;
switch ($__action__) {
case __('Add'):
case 'ACT_ADMIN_ADD':
case 'Add':
$label = trim(sanitize($_REQUEST['new_channel'], RSS_SANITIZER_URL));
$fid = trim(sanitize($_REQUEST['add_channel_to_folder'], RSS_SANITIZER_NUMERIC));
list($flabel) = rss_fetch_row(rss_query("select name from " . getTable('folders') . " where id={$fid}"));
// handle "feed:" urls
if (substr($label, 0, 5) == 'feed:') {
if (substr($label, 0, 11) == "feed://http") {
$label = substr($label, 5);
} else {
// handle feed://example.com/rss.xml urls
$label = "http:" . substr($label, 5);
}
}
if ($label != 'http://' && substr($label, 0, 4) == "http") {
$tags = @$_REQUEST['channel_tags'];
$ret = add_channel($label, $fid, null, null, $tags);
//var_dump($ret);
if (is_array($ret) && $ret[0] > -1) {
update($ret[0]);
rss_invalidate_cache();
// feedback
$newCid = $ret[0];
rss_error(sprintf(__('Adding %s to %s... '), htmlentities($label), "/{$flabel}") . __('OK') . " [<a href=\"" . getPath() . "admin/index.php?domain=" . CST_ADMIN_DOMAIN_CHANNEL . "&action=edit&cid={$newCid}\">" . __('edit') . "</a>]", RSS_ERROR_ERROR, true);
$ret__ = CST_ADMIN_DOMAIN_CHANNEL;
} elseif (is_array($ret) && $ret[0] > -2) {
// okay, something went wrong, maybe thats a html url after all?
// let's try and see if we can extract some feeds
$feeds = extractFeeds($label);
if (!is_array($feeds) || sizeof($feeds) == 0) {
rss_error($ret[1], RSS_ERROR_ERROR, true);
$ret__ = CST_ADMIN_DOMAIN_CHANNEL;
} else {
//one single feed in the html doc, add that
if (is_array($feeds) && sizeof($feeds) == 1 && array_key_exists('href', $feeds[0])) {
$ret = add_channel($feeds[0]['href'], $fid);
if (is_array($ret) && $ret[0] > -1) {
update($ret[0]);
rss_invalidate_cache();
// feedback
$newCid = $ret[0];
rss_error(sprintf(__('Adding %s to %s... '), htmlentities($label), "/{$flabel}") . __('OK') . " [<a href=\"" . getPath() . "admin/index.php?domain=" . CST_ADMIN_DOMAIN_CHANNEL . "&action=edit&cid={$newCid}\">" . __('edit') . "</a>]", RSS_ERROR_ERROR, true);
$ret__ = CST_ADMIN_DOMAIN_CHANNEL;
} else {
// failure
rss_error($ret[1], RSS_ERROR_ERROR, true);
$ret__ = CST_ADMIN_DOMAIN_CHANNEL;
}
} else {
// multiple feeds in the channel
echo "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n" . "<p>" . sprintf(__('The following feeds were found in <a href="%s">%s</a>, which one would you like to subscribe?'), $label, $label) . "</p>\n";
$cnt = 0;
while (list($id, $feedarr) = each($feeds)) {
// we need an URL
if (!array_key_exists('href', $feedarr)) {
continue;
} else {
$href = $feedarr['href'];
}
if (array_key_exists('type', $feedarr)) {
$typeLbl = " [<a href=\"{$href}\">" . $feedarr['type'] . "</a>]";
}
$cnt++;
if (array_key_exists('title', $feedarr)) {
$lbl = $feedarr['title'];
} elseif (array_key_exists('type', $feedarr)) {
$lbl = $feedarr['type'];
$typeLbl = "";
} elseif (array_key_exists('href', $feedarr)) {
$lbl = $feedarr['href'];
} else {
$lbl = "Resource {$cnt}";
}
echo "<p>\n\t<input class=\"indent\" type=\"radio\" id=\"fd_{$cnt}\" name=\"new_channel\" " . " value=\"{$href}\" />\n" . "\t<label for=\"fd_{$cnt}\">{$lbl} {$typeLbl}</label>\n" . "</p>\n";
}
echo "<p><input type=\"hidden\" name=\"add_channel_to_folder\" value=\"{$fid}\" />\n" . "<input type=\"hidden\" name=\"" . CST_ADMIN_DOMAIN . "\" value=\"" . CST_ADMIN_DOMAIN_CHANNEL . "\" />\n" . "<input type=\"hidden\" name=\"" . CST_ADMIN_METAACTION . "\" value=\"ACT_ADMIN_ADD\" />\n" . "<input type=\"submit\" class=\"indent\" name=\"action\" value=\"" . __('Add') . "\" />\n" . "</p>\n</form>\n\n";
}
}
} elseif (is_array($ret)) {
rss_error($ret[1], RSS_ERROR_ERROR, true);
$ret__ = CST_ADMIN_DOMAIN_CHANNEL;
} else {
rss_error(sprintf(__("I'm sorry, I don't think I can handle this URL: '%s'"), $label), RSS_ERROR_ERROR, true);
$ret__ = CST_ADMIN_DOMAIN_CHANNEL;
}
} else {
rss_error(sprintf(__("I'm sorry, I don't think I can handle this URL: '%s'"), $label), RSS_ERROR_ERROR, true);
$ret__ = CST_ADMIN_DOMAIN_CHANNEL;
}
break;
case CST_ADMIN_EDIT_ACTION:
$id = sanitize($_REQUEST['cid'], RSS_SANITIZER_NUMERIC);
channel_edit_form($id);
break;
case CST_ADMIN_DELETE_ACTION:
$id = sanitize($_REQUEST['cid'], RSS_SANITIZER_NUMERIC);
if (array_key_exists(CST_ADMIN_CONFIRMED, $_POST) && $_POST[CST_ADMIN_CONFIRMED] == __('Yes')) {
$rs = rss_query("select distinct id from " . getTable("item") . " where cid={$id}");
$ids = array();
while (list($did) = rss_fetch_row($rs)) {
$ids[] = $did;
}
if (count($ids)) {
$sqldel = "delete from " . getTable('metatag') . " where fid in (" . implode(",", $ids) . ")";
rss_query($sqldel);
}
$sql = "delete from " . getTable("item") . " where cid={$id}";
rss_query($sql);
$sql = "delete from " . getTable("channels") . " where id={$id}";
rss_query($sql);
// Delete properties
deleteProperty($id, 'rss.input.allowupdates');
deleteProperty($id, 'rss.config.refreshinterval');
deleteProperty($id, 'rss.config.refreshdate');
// Invalidate cache
rss_invalidate_cache();
$ret__ = CST_ADMIN_DOMAIN_CHANNEL;
} elseif (array_key_exists(CST_ADMIN_CONFIRMED, $_REQUEST) && $_REQUEST[CST_ADMIN_CONFIRMED] == __('No')) {
$ret__ = CST_ADMIN_DOMAIN_CHANNEL;
} else {
list($cname) = rss_fetch_row(rss_query("select title from " . getTable("channels") . " where id = {$id}"));
echo "<form class=\"box\" method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n" . "<p class=\"error\">";
printf(__("Are you sure you wish to delete '%s'?"), $cname);
echo "</p>\n" . "<p><input type=\"submit\" name=\"" . CST_ADMIN_CONFIRMED . "\" value=\"" . __('No') . "\" />\n" . "<input type=\"submit\" name=\"" . CST_ADMIN_CONFIRMED . "\" value=\"" . __('Yes') . "\" />\n" . "<input type=\"hidden\" name=\"cid\" value=\"{$id}\" />\n" . "<input type=\"hidden\" name=\"" . CST_ADMIN_DOMAIN . "\" value=\"" . CST_ADMIN_DOMAIN_CHANNEL . "\" />\n" . "<input type=\"hidden\" name=\"action\" value=\"" . CST_ADMIN_DELETE_ACTION . "\" />\n" . "</p>\n</form>\n";
}
break;
case __('Import'):
case 'ACT_ADMIN_IMPORT':
if (array_key_exists('opml', $_POST) && strlen(trim($_POST['opml'])) > 7) {
$url = trim(sanitize($_POST['opml'], RSS_SANITIZER_NO_SPACES));
} elseif (array_key_exists('opmlfile', $_FILES) && $_FILES['opmlfile']['tmp_name']) {
if (is_uploaded_file($_FILES['opmlfile']['tmp_name'])) {
$url = $_FILES['opmlfile']['tmp_name'];
} else {
$url = '';
}
} else {
$url = '';
}
if (!$url) {
$ret__ = CST_ADMIN_DOMAIN_OPML;
break;
}
if (array_key_exists('opml_import_option', $_POST)) {
$import_opt = $_POST['opml_import_option'];
} else {
$import_opt = CST_ADMIN_OPML_IMPORT_MERGE;
}
if ($import_opt == CST_ADMIN_OPML_IMPORT_FOLDER) {
$opmlfid = sanitize($_POST['opml_import_to_folder'], RSS_SANITIZER_NUMERIC);
} else {
$opmlfid = getRootFolder();
}
@set_time_limit(0);
@ini_set('max_execution_time', 300);
// Parse into and OPML object
$opml = getOpml($url);
if (sizeof($opml) > 0) {
if ($import_opt == CST_ADMIN_OPML_IMPORT_WIPE) {
rss_query("delete from " . getTable("metatag"));
rss_query("delete from " . getTable("channels"));
rss_query("delete from " . getTable("item"));
rss_query("delete from " . getTable("folders") . " where id > 0");
}
if ($import_opt == CST_ADMIN_OPML_IMPORT_FOLDER) {
$fid = $opmlfid;
list($prev_folder) = rss_fetch_row(rss_query("select name from " . getTable('folders') . " where id= {$opmlfid} "));
} else {
$prev_folder = __('Root');
$fid = 0;
}
echo "<div class=\"frame\" style=\"background-color:#eee;font-size:small\"><ul>\n";
while (list($folder, $items) = each($opml)) {
if ($folder != $prev_folder && $import_opt != CST_ADMIN_OPML_IMPORT_FOLDER) {
$fid = create_folder(strip_tags($folder), false);
$prev_folder = strip_tags($folder);
}
for ($i = 0; $i < sizeof($opml[$folder]); $i++) {
$url_ = isset($opml[$folder][$i]['XMLURL']) ? trim($opml[$folder][$i]['XMLURL']) : null;
$title_ = isset($opml[$folder][$i]['TEXT']) ? trim($opml[$folder][$i]['TEXT']) : null;
// support for title attribute (optional)
$title_ = isset($opml[$folder][$i]['TITLE']) ? trim($opml[$folder][$i]['TITLE']) : $title_;
$descr_ = isset($opml[$folder][$i]['DESCRIPTION']) ? trim($opml[$folder][$i]['DESCRIPTION']) : null;
$cats_ = isset($opml[$folder][$i]['CATEGORY']) ? trim($opml[$folder][$i]['CATEGORY']) : "";
$t__ = strip_tags($title_);
$d__ = strip_tags($descr_);
$f__ = strip_tags($prev_folder);
$u__ = sanitize($url_, RSS_SANITIZER_URL);
$c__ = $cats_;
//preg_replace(ALLOWED_TAGS_REGEXP,' ',$cats_);
if ($u__) {
echo "<li><p>" . sprintf(__('Adding %s to %s... '), $t__, $f__);
flush();
list($retcde, $retmsg) = add_channel($u__, $fid, $t__, $d__);
if ($retcde && count($c__)) {
__exp__submitTag($retcde, utf8_encode($c__), "'channel'");
}
echo ($retcde < 0 ? $retmsg : " OK") . "</p></li>\n";
flush();
}
}
}
echo "</ul>\n<p><b>" . __('Updating') . "...</b></p>\n";
echo "</div>\n";
flush();
//update all the feeds
update("");
rss_invalidate_cache();
}
$ret__ = CST_ADMIN_DOMAIN_CHANNEL;
break;
case CST_ADMIN_SUBMIT_EDIT:
$cid = sanitize($_POST['cid'], RSS_SANITIZER_NUMERIC);
rss_plugin_hook('rss.plugins.admin.feed.properties.submit', null);
// TBD
$title = strip_tags(rss_real_escape_string(real_strip_slashes($_POST['c_name'])));
$url = rss_real_escape_string($_POST['c_url']);
$siteurl = rss_real_escape_string($_POST['c_siteurl']);
$parent = rss_real_escape_string($_POST['c_parent']);
$descr = strip_tags(rss_real_escape_string(real_strip_slashes($_POST['c_descr'])));
$icon = rss_real_escape_string($_POST['c_icon']);
$priv = array_key_exists('c_private', $_POST) && $_POST['c_private'] == '1';
$tags = rss_real_escape_string($_POST['c_tags']);
$old_priv = $_POST['old_priv'] == '1';
// Feed Properties
$prop_rss_input_allowupdates = rss_real_escape_string($_POST['prop_rss_input_allowupdates']);
if ($prop_rss_input_allowupdates == 'default') {
deleteProperty($cid, 'rss.input.allowupdates');
} else {
setProperty($cid, 'rss.input.allowupdates', 'feed', $prop_rss_input_allowupdates == 1);
}
deleteProperty($cid, 'rss.config.refreshinterval');
$rss_config_refreshinterval = rss_real_escape_string($_POST['rss_config_refreshinterval']);
if ($rss_config_refreshinterval > 60) {
setProperty($cid, 'rss.config.refreshinterval', 'feed', $rss_config_refreshinterval);
}
if ($priv != $old_priv) {
$mode = ", mode = mode ";
if ($priv) {
$mode .= " | " . RSS_MODE_PRIVATE_STATE;
rss_query('update ' . getTable('item') . " set unread = unread | " . RSS_MODE_PRIVATE_STATE . " where cid={$cid}");
} else {
$mode .= " & " . SET_MODE_PUBLIC_STATE;
rss_query('update ' . getTable('item') . " set unread = unread & " . SET_MODE_PUBLIC_STATE . " where cid={$cid}");
}
rss_invalidate_cache();
} else {
$mode = "";
}
$del = array_key_exists('c_deleted', $_POST) && $_POST['c_deleted'] == '1';
$old_del = $_POST['old_del'] == '1';
if ($del != $old_del) {
if ($mode == "") {
$mode = ", mode = mode ";
}
if ($del) {
$mode .= " | " . RSS_MODE_DELETED_STATE;
} else {
$mode .= " & " . SET_MODE_AVAILABLE_STATE;
}
}
if ($url == '' || substr($url, 0, 4) != "http") {
rss_error(sprintf(__("I'm sorry, I don't think I can handle this URL: '%s'"), $url), RSS_ERROR_ERROR, true);
$ret__ = CST_ADMIN_DOMAIN_CHANNEL;
break;
}
if ($icon && cacheFavicon($icon)) {
$icon = 'blob:' . $icon;
}
$sql = "update " . getTable("channels") . " set title='{$title}', url='{$url}', siteurl='{$siteurl}', " . " parent={$parent}, descr='{$descr}', icon='{$icon}', " . " daterefreshed = 1, etag = '' " . " {$mode} where id={$cid}";
rss_query($sql);
__exp__submitTag($cid, utf8_decode($tags), "'channel'");
rss_invalidate_cache();
$ret__ = CST_ADMIN_DOMAIN_CHANNEL;
break;
case CST_ADMIN_MOVE_UP_ACTION:
case CST_ADMIN_MOVE_DOWN_ACTION:
$id = sanitize($_REQUEST['cid'], RSS_SANITIZER_NUMERIC);
$res = rss_query("select parent,position from " . getTable("channels") . " where id={$id}");
list($parent, $position) = rss_fetch_row($res);
if ($_REQUEST['action'] == CST_ADMIN_MOVE_UP_ACTION) {
$res = rss_query("select id, position from " . getTable("channels") . " where parent={$parent} and id != {$id} and position<{$position} " . " order by abs({$position}-position) limit 1");
} else {
$res = rss_query("select id, position from " . getTable("channels") . " where parent={$parent} and id != {$id} and position>{$position} " . " order by abs({$position}-position) limit 1");
}
list($switch_with_id, $switch_with_position) = rss_fetch_row($res);
//If this is already the first or last item in a folder we won't get any results from the query above
if ($switch_with_position != "") {
// right, lets!
if ($switch_with_position != $position) {
rss_query("update " . getTable("channels") . " set position = {$switch_with_position} where id={$id}");
rss_query("update " . getTable("channels") . " set position = {$position} where id={$switch_with_id}");
rss_invalidate_cache();
}
}
$ret__ = CST_ADMIN_DOMAIN_CHANNEL;
break;
case CST_ADMIN_MULTIEDIT:
$ret__ = CST_ADMIN_DOMAIN_CHANNEL;
$ids = array();
foreach ($_REQUEST as $key => $val) {
if (preg_match('/^fcb([0-9]+)$/', $key, $match)) {
if (($id = (int) $_REQUEST[$key]) > 0) {
$ids[] = $id;
}
}
}
// no feed selected?
if (count($ids) == 0) {
break;
} else {
$sqlids = " (" . implode(',', $ids) . ")";
}
// MOVE TO FOLDER
if (array_key_exists('me_move_to_folder', $_REQUEST)) {
$fid = sanitize($_REQUEST['me_folder'], RSS_SANITIZER_NUMERIC);
$sql = "update " . getTable('channels') . " set parent={$fid} where id in {$sqlids}";
rss_query($sql);
/// STATE
} elseif (array_key_exists('me_state', $_REQUEST)) {
$deprecated = array_key_exists('me_deprecated', $_REQUEST) ? $_REQUEST['me_deprecated'] : false;
$private = array_key_exists('me_private', $_REQUEST) ? $_REQUEST['me_private'] : false;
if ($private) {
rss_query('update ' . getTable('channels') . " set mode = mode | " . RSS_MODE_PRIVATE_STATE . " where id in {$sqlids}");
rss_query('update ' . getTable('item') . " set unread = unread | " . RSS_MODE_PRIVATE_STATE . " where cid in {$sqlids}");
} else {
rss_query('update ' . getTable('channels') . " set mode = mode & " . SET_MODE_PUBLIC_STATE . " where id in {$sqlids}");
rss_query('update ' . getTable('item') . " set unread = unread & " . SET_MODE_PUBLIC_STATE . " where cid in {$sqlids}");
}
if ($deprecated) {
rss_query('update ' . getTable('channels') . " set mode = mode | " . RSS_MODE_DELETED_STATE . " where id in {$sqlids}");
} else {
rss_query('update ' . getTable('channels') . " set mode = mode & " . SET_MODE_AVAILABLE_STATE . " where id in {$sqlids}");
}
// DELETE
} elseif (array_key_exists('me_delete', $_REQUEST)) {
if (array_key_exists('me_do_delete', $_REQUEST) && $_REQUEST['me_do_delete'] == "1") {
$sql = "delete from " . getTable('channels') . " where id in {$sqlids}";
rss_query($sql);
}
} elseif (array_key_exists('me_set_categories', $_POST)) {
$tags = utf8_decode(trim(rss_real_escape_string($_POST['me_categories'])));
if ($tags) {
foreach ($ids as $id) {
__exp__submitTag($id, $tags, '"channel"');
}
}
}
rss_invalidate_cache();
break;
case 'dump':
// Make sure this is a POST
if (!isset($_POST['dumpact'])) {
die('Sorry, you can\'t access this via a GET');
}
$tbl = array('"', '"');
error_reporting(E_ALL);
rss_require('schema.php');
$tables = getExpectedTables();
unset($tables['cache']);
//$tables=array('channels','tag','config');
$bfr = '';
$bfr .= '<' . '?xml version="1.0" encoding="UTF-8"?' . '>' . "\n";
$bfr .= '<dump prefix="' . getTable('') . '" date="' . date('r') . '">' . "\n";
foreach ($tables as $table => $prefixed) {
$rs = rss_query("select * from {$prefixed}");
$bfr .= "<{$table}>\n";
while ($row = rss_fetch_assoc($rs)) {
$r = "<row ";
foreach ($row as $key => $val) {
$val = htmlspecialchars($val);
$r .= " {$key}=\"{$val}\" ";
}
$r .= "/>\n";
$bfr .= $r;
}
$bfr .= "</{$table}>\n";
}
$bfr .= '</dump>' . "\n";
$gzdata = gzencode($bfr, 9);
// Delete the output buffer. This is probably a bad thing to do, if the ob'ing is turned off.
// e.g. data was already sent to the brwoser.
while (@ob_end_clean()) {
}
// Send the dump to the browser:
header("Pragma: public");
// required
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Connection: close");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . strlen($gzdata));
header('Content-type: application/x-gzip');
header('Content-disposition: inline; filename="gregarius.dump.' . date('MjSY') . '.xml.gz"');
die($gzdata);
break;
default:
break;
}
return $ret__;
}
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
# more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA or visit
# http://www.gnu.org/licenses/gpl.html
#
###############################################################################
# E-mail: mbonetti at gmail dot com
# Web page: http://gregarius.net/
#
###############################################################################
require_once 'init.php';
rss_require('extlib/rss_fetch.inc');
define('ACT_NAV_PREV_PREFIX', '← ');
define('ACT_NAV_SUCC_POSTFIX', ' →');
// Show unread items on the front page?
// default to the config value, user can override this via a cookie
$show_what = getConfig('rss.output.frontpage.mixeditems') ? SHOW_READ_AND_UNREAD : SHOW_UNREAD_ONLY;
if (array_key_exists(SHOW_WHAT, $_POST)) {
$show_what = $_POST[SHOW_WHAT];
$period = time() + COOKIE_LIFESPAN;
setcookie(SHOW_WHAT, $show_what, $period, getPath());
} elseif (array_key_exists(SHOW_WHAT, $_COOKIE)) {
$show_what = $_COOKIE[SHOW_WHAT];
}
if (array_key_exists('chkPrivate', $_POST)) {
$show_private = empty($_POST['chkPrivate']) ? 0 : $_POST['chkPrivate'];
setcookie('chkPrivate', $show_private, time() + COOKIE_LIFESPAN, getPath());
function render()
{
$this->javascriptFiles = rss_plugin_hook('rss.plugins.javascript', $this->javascriptFiles);
$GLOBALS['rss']->header =& $this;
rss_require(RSS::getTemplateFile("header.php"));
if ($this->extraHTML) {
echo $this->extraHTML;
}
}
define('QUERY_CURRENT_PAGE', 'rss_query_current_page');
define('HIT_BEFORE', "<span class=\"searchhit\">");
define('HIT_AFTER', "</span>");
define('QUERY_ORDER_BY', 'rss_order');
define('QUERY_ORDER_BY_DATE', 'date');
define('QUERY_ORDER_BY_CHANNEL', 'channel');
define('QUERY_MATCH_OR', 'or');
define('QUERY_MATCH_AND', 'and');
define('QUERY_MATCH_EXACT', 'exact');
define('QUERY_MATCH_WITHIN', 'within');
define('QUERY_MATCH_STATE', 'state');
define('QUERY_MATCH_UNREAD', 'unread');
define('QUERY_MATCH_READ', 'read');
define('QUERY_MATCH_BOTH', 'both');
// This is needed for some constants
rss_require('cls/wrappers/toolkit.php');
class SearchItemList extends ItemList
{
var $searchTerms = array();
var $matchMode;
var $matchType;
var $regMatch = "";
var $currentPage;
var $resultsPerPage = 0;
var $startItem;
var $endItem;
var $orderBy;
var $query = "";
var $logicSep;
function SearchItemList($query = null, $results = 0)
{
/**
* Feed Autodiscovery
*
* returns an array of all (hopefully) rss/atom/rdf feeds in the document,
* pointed by $url.
* See http://diveintomark.org/archives/2002/06/02/important_change_to_the_link_tag
*
* @param string $url URL of a web document containing <link> elements
* @return array Array of feed URLs
*/
function extractFeeds($url)
{
rss_require('extlib/uri_util.php');
$cnt = getUrl($url);
$ret = array();
//find all link tags
if (preg_match_all('|<link\\s+\\w*=["\'][^"\']+["\']+[^>]*>|Uis', $cnt, $res)) {
while (list($id, $match) = each($res[0])) {
// we only want '<link alternate=...'
if (strpos(strtolower($match), 'alternate') && !strpos(strtolower($match), 'stylesheet') && preg_match_all('|([a-zA-Z]*)=["\']([^"\']*)|', $match, $res2, PREG_SET_ORDER)) {
$tmp = array();
//populate the return array: attr_name => attr_value
while (list($id2, $match2) = each($res2)) {
$attr = strtolower(trim($match2[1]));
$val = trim($match2[2]);
// make sure we have absolute URI's
if ($attr == "href") {
$val = absolute_uri($val, $url);
}
$tmp[$attr] = $val;
}
$ret[] = $tmp;
}
}
}
return $ret;
}
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
# more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA or visit
# http://www.gnu.org/licenses/gpl.html
#
###############################################################################
# E-mail: mbonetti at gmail dot com
# Web page: http://gregarius.net/
#
###############################################################################
rss_require('cls/alltags.php');
rss_require('cls/channels.php');
/**
* A TagListItem represents a single tag in the tags sidecolumn
*/
class TagListItem extends FeedListItem
{
var $title;
var $cnt;
var $rlink;
var $rdLbl = "";
var $class_ = "";
var $icon;
function TagListItem($title, $cnt, $url)
{
$this->title = $title;
$this->cnt = $cnt;
function getConfig($key, $allowRecursion = true, $invalidateCache = false)
{
if (defined('RSS_CONFIG_OVERRIDE_' . strtoupper(preg_replace('/\\./', '_', $key)))) {
return constant('RSS_CONFIG_OVERRIDE_' . strtoupper(preg_replace('/\\./', '_', $key)));
}
if (array_key_exists($key, $this->_config)) {
return $this->_config[$key]['value'];
} elseif ($allowRecursion) {
rss_require('schema.php');
$this->_config = null;
setDefaults($key);
$this->_populate();
return $this->getConfig($key, false);
}
return null;
}
function osSearch($q)
{
rss_require('cls/search.php');
$sil = new SearchItemList($q, 5);
$results = array();
foreach ($sil->feeds as $feed) {
foreach ($feed->items as $item) {
$results[] = $item->title;
}
}
return array($q, $results, array(), array());
}
function rss_main_footer()
{
$f = $GLOBALS['rss']->getTemplateFile('footer.php');
rss_require($f);
}
//rss_header("Tags " . TITLE_SEP . " " . $hrTag);
$GLOBALS['rss']->header = new Header("Tags " . TITLE_SEP . " " . $hrTag);
$GLOBALS['rss']->feedList = new FeedList(false);
//echo "\n\n<div id=\"items\" class=\"frame\">\n";
if ($gotsome) {
$title = $taggedItems->itemCount . " " . ($taggedItems->itemCount > 1 ? __('items') : __('item')) . " " . ($taggedItems->itemCount > 1 || $taggedItems->itemCount == 0 ? __('tagged') : __('tagged')) . "" . " \"" . $hrTag . "\"";
if (count($related)) {
$taggedItems->beforeList = "\n<p>" . __('Related tags: ') . "\n" . implode(", \n", $related) . "\n</p>\n";
}
$taggedItems->setTitle($title);
$taggedItems->setRenderOptions(IL_NO_COLLAPSE | IL_TITLE_NO_ESCAPE);
$GLOBALS['rss']->appendContentObject($taggedItems);
$GLOBALS['rss']->renderWithTemplate('index.php', 'items');
} else {
$GLOBALS['rss']->renderWithTemplate('index.php', 'items');
// echo "<p style=\"height: 10em; text-align:center\">";
// printf(__('Oops! No items tagged «%s» were found.'), $hrTag);
// echo "</p>";
}
//echo "</div>\n";
//rss_footer();
}
} elseif (array_key_exists('alltags', $_GET)) {
rss_require('cls/alltags.php');
$GLOBALS['rss']->header = new Header("Tags " . TITLE_SEP . " " . __('All Tags'));
$GLOBALS['rss']->feedList = new FeedList(false);
$allTags = new Tags();
$allTags->setRenderOptions(IL_TITLE_NO_ESCAPE);
$GLOBALS['rss']->appendContentObject($allTags);
$GLOBALS['rss']->renderWithTemplate('index.php', 'items');
}
function __exp_addChannel($url, $folderid = 0, $title_ = null, $descr_ = null, $tags = null)
{
rss_require('extlib/JSON.php');
$json = new SERVICES_JSON();
if (!isset($GLOBALS['rssuser'])) {
require_once 'cls/user.php';
}
if (rss_user_check_user_level(RSS_USER_LEVEL_PRIVATE)) {
$ret = add_channel($url, $folderid, $title_, $descr_, $tags);
} else {
$ret = array(-1, "Sorry, you are not privileged enough to add feeds");
}
return $json->encode($ret);
}
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
# more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA or visit
# http://www.gnu.org/licenses/gpl.html
#
###############################################################################
# E-mail: mbonetti at gmail dot com
# Web page: http://gregarius.net/
#
###############################################################################
rss_require('util.php');
function getConfig($key, $allowRecursion = true, $invalidateCache = false)
{
return $GLOBALS['rss']->config->getConfig($key, $allowRecursion, $invalidateCache);
}
function configInvalidate()
{
getConfig('dummy', true, true);
}
function configRealValue($value_, $type_)
{
return $GLOBALS['rss']->config->configRealValue($value_, $type_);
}
/**
* Theme wrapper function to override config options
Returns true if the config value was overridden. (otherwise it returns false)
// Localization
_pf('Loading l10n...');
require_once 'cls/l10n.php';
$GLOBALS['rssl10n'] = new RSSl10n();
$lang = $GLOBALS['rssl10n']->getLocale();
_pf('done');
// Theme specific l10n handling
list($theme, $media) = getActualTheme();
if (file_exists(RSS_THEME_DIR . "/{$theme}/intl/{$lang}.php")) {
rss_require(RSS_THEME_DIR . "/{$theme}/intl/{$lang}.php");
} elseif ($lang != "en" && file_exists(RSS_THEME_DIR . "/{$theme}/intl/en.php")) {
rss_require(RSS_THEME_DIR . "/{$theme}/intl/en.php");
}
//
if (file_exists(getThemePath(GREGARIUS_HOME) . "overrides.php")) {
rss_require(getThemePath('') . "overrides.php");
}
/*
// Load the right locale
if (defined('OVERRIDE_LOCALE')) {
setlocale(LC_TIME,constant("OVERRIDE_LOCALE"));
}
elseif (isset($_SERVER["WINDIR"]) && defined("LOCALE_WINDOWS")) {
setlocale(LC_TIME,constant("LOCALE_WINDOWS"));
}
elseif (defined("LOCALE_LINUX")) {
setlocale(LC_TIME,constant("LOCALE_LINUX"));
}
else {
//last chance, we try to guess it
$mylocale=strtolower(getConfig('rss.output.lang'));
