ttrss/classes/rpc.php

<?php
class RPC extends Handler_Protected {

	function csrf_ignore($method) {
		$csrf_ignored = array("sanitycheck", "completelabels");

		return array_search($method, $csrf_ignored) !== false;
	}

	function setprofile() {
		$id = db_escape_string($_REQUEST["id"]);

		$_SESSION["profile"] = $id;
		$_SESSION["prefs_cache"] = array();
	}

	function remprofiles() {
		$ids = explode(",", db_escape_string(trim($_REQUEST["ids"])));

		foreach ($ids as $id) {
			if ($_SESSION["profile"] != $id) {
				db_query($this->link, "DELETE FROM ttrss_settings_profiles WHERE id = '$id' AND
							owner_uid = " . $_SESSION["uid"]);
			}
		}
	}

	// Silent
	function addprofile() {
		$title = db_escape_string(trim($_REQUEST["title"]));
		if ($title) {
			db_query($this->link, "BEGIN");

			$result = db_query($this->link, "SELECT id FROM ttrss_settings_profiles
				WHERE title = '$title' AND owner_uid = " . $_SESSION["uid"]);

			if (db_num_rows($result) == 0) {

				db_query($this->link, "INSERT INTO ttrss_settings_profiles (title, owner_uid)
							VALUES ('$title', ".$_SESSION["uid"] .")");

				$result = db_query($this->link, "SELECT id FROM ttrss_settings_profiles WHERE
					title = '$title'");

				if (db_num_rows($result) != 0) {
					$profile_id = db_fetch_result($result, 0, "id");

					if ($profile_id) {
						initialize_user_prefs($this->link, $_SESSION["uid"], $profile_id);
					}
				}
			}

			db_query($this->link, "COMMIT");
		}
	}

	// Silent
	function saveprofile() {
		$id = db_escape_string($_REQUEST["id"]);
		$title = db_escape_string(trim($_REQUEST["value"]));

		if ($id == 0) {
			print __("Default profile");
			return;
		}

		if ($title) {
			db_query($this->link, "BEGIN");

			$result = db_query($this->link, "SELECT id FROM ttrss_settings_profiles
				WHERE title = '$title' AND owner_uid =" . $_SESSION["uid"]);

			if (db_num_rows($result) == 0) {
				db_query($this->link, "UPDATE ttrss_settings_profiles
							SET title = '$title' WHERE id = '$id' AND
							owner_uid = " . $_SESSION["uid"]);
				print $title;
			} else {
				$result = db_query($this->link, "SELECT title FROM ttrss_settings_profiles
							WHERE id = '$id' AND owner_uid =" . $_SESSION["uid"]);
				print db_fetch_result($result, 0, "title");
			}

			db_query($this->link, "COMMIT");
		}
	}

	// Silent
	function remarchive() {
		$ids = explode(",", db_escape_string($_REQUEST["ids"]));

		foreach ($ids as $id) {
			$result = db_query($this->link, "DELETE FROM ttrss_archived_feeds WHERE
		(SELECT COUNT(*) FROM ttrss_user_entries
							WHERE orig_feed_id = '$id') = 0 AND
		id = '$id' AND owner_uid = ".$_SESSION["uid"]);

			$rc = db_affected_rows($this->link, $result);
		}
	}

	function addfeed() {
		$feed = db_escape_string($_REQUEST['feed']);
		$cat = db_escape_string($_REQUEST['cat']);
		$login = db_escape_string($_REQUEST['login']);
		$pass = db_escape_string($_REQUEST['pass']);
		$need_auth = db_escape_string($_REQUEST['need_auth']) != "";

		$rc = subscribe_to_feed($this->link, $feed, $cat, $login, $pass, $need_auth);

		print json_encode(array("result" => $rc));
	}

	function togglepref() {
		$key = db_escape_string($_REQUEST["key"]);
		set_pref($this->link, $key, !get_pref($this->link, $key));
		$value = get_pref($this->link, $key);

		print json_encode(array("param" =>$key, "value" => $value));
	}

	function setpref() {
		// set_pref escapes input, so no need to double escape it here
		$key = $_REQUEST['key'];
		$value = str_replace("\n", "<br/>", $_REQUEST['value']);

		set_pref($this->link, $key, $value, $_SESSION['uid'], $key != 'USER_STYLESHEET');

		print json_encode(array("param" =>$key, "value" => $value));
	}

	function mark() {
		$mark = $_REQUEST["mark"];
		$id = db_escape_string($_REQUEST["id"]);

		if ($mark == "1") {
			$mark = "true";
		} else {
			$mark = "false";
		}

		$result = db_query($this->link, "UPDATE ttrss_user_entries SET marked = $mark
					WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function delete() {
		$ids = db_escape_string($_REQUEST["ids"]);

		$result = db_query($this->link, "DELETE FROM ttrss_user_entries
		WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function unarchive() {
		$ids = db_escape_string($_REQUEST["ids"]);

		$result = db_query($this->link, "UPDATE ttrss_user_entries
					SET feed_id = orig_feed_id, orig_feed_id = NULL
					WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function archive() {
		$ids = explode(",", db_escape_string($_REQUEST["ids"]));

		foreach ($ids as $id) {
			archive_article($this->link, $id, $_SESSION["uid"]);
		}

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function publ() {
		$pub = $_REQUEST["pub"];
		$id = db_escape_string($_REQUEST["id"]);
		$note = trim(strip_tags(db_escape_string($_REQUEST["note"])));

		if ($pub == "1") {
			$pub = "true";
		} else {
			$pub = "false";
		}

		$result = db_query($this->link, "UPDATE ttrss_user_entries SET
			published = $pub, last_read = NOW()
			WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);

		$pubsub_result = false;

		if (PUBSUBHUBBUB_HUB) {
			$rss_link = get_self_url_prefix() .
				"/public.php?op=rss&id=-2&key=" .
				get_feed_access_key($this->link, -2, false);

			$p = new Publisher(PUBSUBHUBBUB_HUB);

			$pubsub_result = $p->publish_update($rss_link);
		}

		print json_encode(array("message" => "UPDATE_COUNTERS",
			"pubsub_result" => $pubsub_result));
	}

	function getAllCounters() {
		$last_article_id = (int) $_REQUEST["last_article_id"];

		$reply = array();

		 if ($seq) $reply['seq'] = $seq;

		 if ($last_article_id != getLastArticleId($this->link)) {
				$omode = $_REQUEST["omode"];

			if ($omode != "T")
				$reply['counters'] = getAllCounters($this->link, $omode);
			else
				$reply['counters'] = getGlobalCounters($this->link);
		 }

		 $reply['runtime-info'] = make_runtime_info($this->link);

		 print json_encode($reply);
	}

	/* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
	function catchupSelected() {
		$ids = explode(",", db_escape_string($_REQUEST["ids"]));
		$cmode = sprintf("%d", $_REQUEST["cmode"]);

		catchupArticlesById($this->link, $ids, $cmode);

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function markSelected() {
		$ids = explode(",", db_escape_string($_REQUEST["ids"]));
		$cmode = sprintf("%d", $_REQUEST["cmode"]);

		markArticlesById($this->link, $ids, $cmode);

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function publishSelected() {
		$ids = explode(",", db_escape_string($_REQUEST["ids"]));
		$cmode = sprintf("%d", $_REQUEST["cmode"]);

		publishArticlesById($this->link, $ids, $cmode);

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function sanityCheck() {
		$_SESSION["hasAudio"] = $_REQUEST["hasAudio"] === "true";

		$reply = array();

		$reply['error'] = sanity_check($this->link);

		if ($reply['error']['code'] == 0) {
			$reply['init-params'] = make_init_params($this->link);
			$reply['runtime-info'] = make_runtime_info($this->link);
		}

		print json_encode($reply);
	}

	function setArticleTags() {

		$id = db_escape_string($_REQUEST["id"]);

		$tags_str = db_escape_string($_REQUEST["tags_str"]);
		$tags = array_unique(trim_array(explode(",", $tags_str)));

		db_query($this->link, "BEGIN");

		$result = db_query($this->link, "SELECT int_id FROM ttrss_user_entries WHERE
				ref_id = '$id' AND owner_uid = '".$_SESSION["uid"]."' LIMIT 1");

		if (db_num_rows($result) == 1) {

			$tags_to_cache = array();

			$int_id = db_fetch_result($result, 0, "int_id");

			db_query($this->link, "DELETE FROM ttrss_tags WHERE
				post_int_id = $int_id AND owner_uid = '".$_SESSION["uid"]."'");

			foreach ($tags as $tag) {
				$tag = sanitize_tag($tag);

				if (!tag_is_valid($tag)) {
					continue;
				}

				if (preg_match("/^[0-9]*$/", $tag)) {
					continue;
				}

				//					print "<!-- $id : $int_id : $tag -->";

				if ($tag != '') {
					db_query($this->link, "INSERT INTO ttrss_tags
								(post_int_id, owner_uid, tag_name) VALUES ('$int_id', '".$_SESSION["uid"]."', '$tag')");
				}

				array_push($tags_to_cache, $tag);
			}

			/* update tag cache */

			sort($tags_to_cache);
			$tags_str = join(",", $tags_to_cache);

			db_query($this->link, "UPDATE ttrss_user_entries
				SET tag_cache = '$tags_str' WHERE ref_id = '$id'
						AND owner_uid = " . $_SESSION["uid"]);
		}

		db_query($this->link, "COMMIT");

		$tags = get_article_tags($this->link, $id);
		$tags_str = format_tags_string($tags, $id);
		$tags_str_full = join(", ", $tags);

		if (!$tags_str_full) $tags_str_full = __("no tags");

		print json_encode(array("tags_str" => array("id" => $id,
				"content" => $tags_str, "content_full" => $tags_str_full)));
	}

	function regenOPMLKey() {
		update_feed_access_key($this->link, 'OPML:Publish',
		false, $_SESSION["uid"]);

		$new_link = opml_publish_url($this->link);

		print json_encode(array("link" => $new_link));
	}

	function completeLabels() {
		$search = db_escape_string($_REQUEST["search"]);

		$result = db_query($this->link, "SELECT DISTINCT caption FROM
				ttrss_labels2
				WHERE owner_uid = '".$_SESSION["uid"]."' AND
				LOWER(caption) LIKE LOWER('$search%') ORDER BY caption
				LIMIT 5");

		print "<ul>";
		while ($line = db_fetch_assoc($result)) {
			print "<li>" . $line["caption"] . "</li>";
		}
		print "</ul>";
	}


	function completeTags() {
		$search = db_escape_string($_REQUEST["search"]);

		$result = db_query($this->link, "SELECT DISTINCT tag_name FROM ttrss_tags
				WHERE owner_uid = '".$_SESSION["uid"]."' AND
				tag_name LIKE '$search%' ORDER BY tag_name
				LIMIT 10");

		print "<ul>";
		while ($line = db_fetch_assoc($result)) {
			print "<li>" . $line["tag_name"] . "</li>";
		}
		print "</ul>";
	}

	function purge() {
		$ids = explode(",", db_escape_string($_REQUEST["ids"]));
		$days = sprintf("%d", $_REQUEST["days"]);

		foreach ($ids as $id) {

			$result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE
				id = '$id' AND owner_uid = ".$_SESSION["uid"]);

			if (db_num_rows($result) == 1) {
				purge_feed($this->link, $id, $days);
			}
		}
	}

	function getArticles() {
		$ids = explode(",", db_escape_string($_REQUEST["ids"]));
		$articles = array();

		foreach ($ids as $id) {
			if ($id) {
				array_push($articles, format_article($this->link, $id, 0, false));
			}
		}

		print json_encode($articles);
	}

	function checkDate() {
		$date = db_escape_string($_REQUEST["date"]);
		$date_parsed = strtotime($date);

		print json_encode(array("result" => (bool)$date_parsed,
			"date" => date("c", $date_parsed)));
	}

	function assigntolabel() {
		return $this->labelops(true);
	}

	function removefromlabel() {
		return $this->labelops(false);
	}

	function labelops($assign) {
		$reply = array();

		$ids = explode(",", db_escape_string($_REQUEST["ids"]));
		$label_id = db_escape_string($_REQUEST["lid"]);

		$label = db_escape_string(label_find_caption($this->link, $label_id,
		$_SESSION["uid"]));

		$reply["info-for-headlines"] = array();

		if ($label) {

			foreach ($ids as $id) {

				if ($assign)
					label_add_article($this->link, $id, $label, $_SESSION["uid"]);
				else
					label_remove_article($this->link, $id, $label, $_SESSION["uid"]);

				$labels = get_article_labels($this->link, $id, $_SESSION["uid"]);

				array_push($reply["info-for-headlines"],
				array("id" => $id, "labels" => format_article_labels($labels, $id)));

			}
		}

		$reply["message"] = "UPDATE_COUNTERS";

		print json_encode($reply);
	}

	function updateFeedBrowser() {
		$search = db_escape_string($_REQUEST["search"]);
		$limit = db_escape_string($_REQUEST["limit"]);
		$mode = (int) db_escape_string($_REQUEST["mode"]);

		require_once "feedbrowser.php";

		print json_encode(array("content" =>
			make_feed_browser($this->link, $search, $limit, $mode),
				"mode" => $mode));
	}

	// Silent
	function massSubscribe() {

		$payload = json_decode($_REQUEST["payload"], false);
		$mode = $_REQUEST["mode"];

		if (!$payload || !is_array($payload)) return;

		if ($mode == 1) {
			foreach ($payload as $feed) {

				$title = db_escape_string($feed[0]);
				$feed_url = db_escape_string($feed[1]);

				$result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE
					feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);

				if (db_num_rows($result) == 0) {
					$result = db_query($this->link, "INSERT INTO ttrss_feeds
									(owner_uid,feed_url,title,cat_id,site_url)
									VALUES ('".$_SESSION["uid"]."',
									'$feed_url', '$title', NULL, '')");
				}
			}
		} else if ($mode == 2) {
			// feed archive
			foreach ($payload as $id) {
				$result = db_query($this->link, "SELECT * FROM ttrss_archived_feeds
					WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);

				if (db_num_rows($result) != 0) {
					$site_url = db_escape_string(db_fetch_result($result, 0, "site_url"));
					$feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url"));
					$title = db_escape_string(db_fetch_result($result, 0, "title"));

					$result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE
						feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);

					if (db_num_rows($result) == 0) {
						$result = db_query($this->link, "INSERT INTO ttrss_feeds
										(owner_uid,feed_url,title,cat_id,site_url)
									VALUES ('$id','".$_SESSION["uid"]."',
									'$feed_url', '$title', NULL, '$site_url')");
					}
				}
			}
		}
	}

	function catchupFeed() {
		$feed_id = db_escape_string($_REQUEST['feed_id']);
		$is_cat = db_escape_string($_REQUEST['is_cat']) == "true";
		$max_id = (int) db_escape_string($_REQUEST['max_id']);

		catchup_feed($this->link, $feed_id, $is_cat, false, $max_id);

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function quickAddCat() {
		$cat = db_escape_string($_REQUEST["cat"]);

		add_feed_category($this->link, $cat);

		$result = db_query($this->link, "SELECT id FROM ttrss_feed_categories WHERE
			title = '$cat' AND owner_uid = " . $_SESSION["uid"]);

		if (db_num_rows($result) == 1) {
			$id = db_fetch_result($result, 0, "id");
		} else {
			$id = 0;
		}

		print_feed_cat_select($this->link, "cat_id", $id);
	}

	function regenFeedKey() {
		$feed_id = db_escape_string($_REQUEST['id']);
		$is_cat = db_escape_string($_REQUEST['is_cat']) == "true";

		$new_key = update_feed_access_key($this->link, $feed_id, $is_cat);

		print json_encode(array("link" => $new_key));
	}

	// Silent
	function clearKeys() {
		db_query($this->link, "DELETE FROM ttrss_access_keys WHERE
			owner_uid = " . $_SESSION["uid"]);
	}

	// Silent
	function clearArticleKeys() {
		db_query($this->link, "UPDATE ttrss_user_entries SET uuid = '' WHERE
			owner_uid = " . $_SESSION["uid"]);

		return;
	}

	function verifyRegexp() {
		$reg_exp = $_REQUEST["reg_exp"];

		$status = @preg_match("/$reg_exp/i", "TEST") !== false;

		print json_encode(array("status" => $status));
	}

	/* function buttonPlugin() {
		$pclass = "button_" . basename($_REQUEST['plugin']);
		$method = $_REQUEST['plugin_method'];

		if (class_exists($pclass)) {
			$plugin = new $pclass($this->link);
			if (method_exists($plugin, $method)) {
				return $plugin->$method();
			}
		}
	} */

	function genHash() {
		$hash = sha1(uniqid(rand(), true));

		print json_encode(array("hash" => $hash));
	}

	function batchAddFeeds() {
		$cat_id = db_escape_string($_REQUEST['cat']);
		$feeds = explode("\n", db_escape_string($_REQUEST['feeds']));
		$login = db_escape_string($_REQUEST['login']);
		$pass = db_escape_string($_REQUEST['pass']);
		$need_auth = db_escape_string($_REQUEST['need_auth']) != "";

		foreach ($feeds as $feed) {
			$feed = trim($feed);

			if (validate_feed_url($feed)) {

				db_query($this->link, "BEGIN");

				if ($cat_id == "0" || !$cat_id) {
					$cat_qpart = "NULL";
				} else {
					$cat_qpart = "'$cat_id'";
				}

				$result = db_query($this->link,
					"SELECT id FROM ttrss_feeds
					WHERE feed_url = '$feed' AND owner_uid = ".$_SESSION["uid"]);

				if (db_num_rows($result) == 0) {
					$result = db_query($this->link,
						"INSERT INTO ttrss_feeds
							(owner_uid,feed_url,title,cat_id,auth_login,auth_pass,update_method)
						VALUES ('".$_SESSION["uid"]."', '$feed',
							'[Unknown]', $cat_qpart, '$login', '$pass', 0)");
				}

				db_query($this->link, "COMMIT");
			}
		}
	}

	function setScore() {
		$ids = db_escape_string($_REQUEST['id']);
		$score = (int)db_escape_string($_REQUEST['score']);

		db_query($this->link, "UPDATE ttrss_user_entries SET
			score = '$score' WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);

		print json_encode(array("id" => $id,
			"score_pic" => theme_image($link, get_score_pic($score))));
	}

}
?>
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00			`<?php`
rework class system to use subdirectories add placeholder plugin/hook system 2012-08-17 12:20:55 +02:00			`class RPC extends Handler_Protected {`
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00
experimental CSRF protection 2011-12-26 09:02:52 +01:00			`function csrf_ignore($method) {`
move data import/export to a separate plugin 2012-12-24 12:03:19 +01:00			`$csrf_ignored = array("sanitycheck", "completelabels");`
experimental CSRF protection 2011-12-26 09:02:52 +01:00
			`return array_search($method, $csrf_ignored) !== false;`
			`}`

add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00			`function setprofile() {`
			`$id = db_escape_string($_REQUEST["id"]);`
implement ProtectedHandler 2011-12-13 11:15:42 +01:00
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00			`$_SESSION["profile"] = $id;`
			`$_SESSION["prefs_cache"] = array();`
			`}`

			`function remprofiles() {`
			`$ids = explode(",", db_escape_string(trim($_REQUEST["ids"])));`

			`foreach ($ids as $id) {`
			`if ($_SESSION["profile"] != $id) {`
			`db_query($this->link, "DELETE FROM ttrss_settings_profiles WHERE id = '$id' AND`
			`owner_uid = " . $_SESSION["uid"]);`
			`}`
			`}`
			`}`

			`// Silent`
			`function addprofile() {`
			`$title = db_escape_string(trim($_REQUEST["title"]));`
			`if ($title) {`
			`db_query($this->link, "BEGIN");`

			`$result = db_query($this->link, "SELECT id FROM ttrss_settings_profiles`
			`WHERE title = '$title' AND owner_uid = " . $_SESSION["uid"]);`

			`if (db_num_rows($result) == 0) {`

			`db_query($this->link, "INSERT INTO ttrss_settings_profiles (title, owner_uid)`
			`VALUES ('$title', ".$_SESSION["uid"] .")");`

			`$result = db_query($this->link, "SELECT id FROM ttrss_settings_profiles WHERE`
			`title = '$title'");`

			`if (db_num_rows($result) != 0) {`
			`$profile_id = db_fetch_result($result, 0, "id");`

			`if ($profile_id) {`
			`initialize_user_prefs($this->link, $_SESSION["uid"], $profile_id);`
			`}`
			`}`
			`}`

			`db_query($this->link, "COMMIT");`
			`}`
			`}`

			`// Silent`
			`function saveprofile() {`
			`$id = db_escape_string($_REQUEST["id"]);`
			`$title = db_escape_string(trim($_REQUEST["value"]));`

			`if ($id == 0) {`
			`print __("Default profile");`
			`return;`
			`}`

			`if ($title) {`
			`db_query($this->link, "BEGIN");`

			`$result = db_query($this->link, "SELECT id FROM ttrss_settings_profiles`
			`WHERE title = '$title' AND owner_uid =" . $_SESSION["uid"]);`

			`if (db_num_rows($result) == 0) {`
			`db_query($this->link, "UPDATE ttrss_settings_profiles`
			`SET title = '$title' WHERE id = '$id' AND`
			`owner_uid = " . $_SESSION["uid"]);`
			`print $title;`
			`} else {`
			`$result = db_query($this->link, "SELECT title FROM ttrss_settings_profiles`
			`WHERE id = '$id' AND owner_uid =" . $_SESSION["uid"]);`
			`print db_fetch_result($result, 0, "title");`
			`}`

			`db_query($this->link, "COMMIT");`
			`}`
			`}`

			`// Silent`
			`function remarchive() {`
			`$ids = explode(",", db_escape_string($_REQUEST["ids"]));`

			`foreach ($ids as $id) {`
			`$result = db_query($this->link, "DELETE FROM ttrss_archived_feeds WHERE`
			`(SELECT COUNT(*) FROM ttrss_user_entries`
			`WHERE orig_feed_id = '$id') = 0 AND`
			`id = '$id' AND owner_uid = ".$_SESSION["uid"]);`

			`$rc = db_affected_rows($this->link, $result);`
			`}`
			`}`

			`function addfeed() {`
			`$feed = db_escape_string($_REQUEST['feed']);`
			`$cat = db_escape_string($_REQUEST['cat']);`
			`$login = db_escape_string($_REQUEST['login']);`
			`$pass = db_escape_string($_REQUEST['pass']);`
allow subscribing to twitter feeds without oauth (if require auth checkbox is unset) 2012-01-26 10:48:14 +01:00			`$need_auth = db_escape_string($_REQUEST['need_auth']) != "";`
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00
allow subscribing to twitter feeds without oauth (if require auth checkbox is unset) 2012-01-26 10:48:14 +01:00			`$rc = subscribe_to_feed($this->link, $feed, $cat, $login, $pass, $need_auth);`
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00
			`print json_encode(array("result" => $rc));`
			`}`

			`function togglepref() {`
			`$key = db_escape_string($_REQUEST["key"]);`
			`set_pref($this->link, $key, !get_pref($this->link, $key));`
			`$value = get_pref($this->link, $key);`

			`print json_encode(array("param" =>$key, "value" => $value));`
			`}`

			`function setpref() {`
fix customize CSS dialog disappearing newlines 2012-02-13 09:46:20 +01:00			`// set_pref escapes input, so no need to double escape it here`
fix rpc setpref (key unassigned) 2012-02-13 12:09:39 +01:00			`$key = $_REQUEST['key'];`
			`$value = str_replace("\n", "<br/>", $_REQUEST['value']);`
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00
fix customize CSS dialog disappearing newlines (2) 2012-02-13 09:54:06 +01:00			`set_pref($this->link, $key, $value, $_SESSION['uid'], $key != 'USER_STYLESHEET');`
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00
			`print json_encode(array("param" =>$key, "value" => $value));`
			`}`

			`function mark() {`
			`$mark = $_REQUEST["mark"];`
			`$id = db_escape_string($_REQUEST["id"]);`

			`if ($mark == "1") {`
			`$mark = "true";`
			`} else {`
			`$mark = "false";`
			`}`

			`$result = db_query($this->link, "UPDATE ttrss_user_entries SET marked = $mark`
			`WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);`

			`print json_encode(array("message" => "UPDATE_COUNTERS"));`
			`}`

			`function delete() {`
			`$ids = db_escape_string($_REQUEST["ids"]);`

			`$result = db_query($this->link, "DELETE FROM ttrss_user_entries`
			`WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);`

			`print json_encode(array("message" => "UPDATE_COUNTERS"));`
			`}`

			`function unarchive() {`
			`$ids = db_escape_string($_REQUEST["ids"]);`

			`$result = db_query($this->link, "UPDATE ttrss_user_entries`
			`SET feed_id = orig_feed_id, orig_feed_id = NULL`
			`WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);`

			`print json_encode(array("message" => "UPDATE_COUNTERS"));`
			`}`

			`function archive() {`
			`$ids = explode(",", db_escape_string($_REQUEST["ids"]));`

			`foreach ($ids as $id) {`
			`archive_article($this->link, $id, $_SESSION["uid"]);`
			`}`

			`print json_encode(array("message" => "UPDATE_COUNTERS"));`
			`}`

			`function publ() {`
			`$pub = $_REQUEST["pub"];`
			`$id = db_escape_string($_REQUEST["id"]);`
			`$note = trim(strip_tags(db_escape_string($_REQUEST["note"])));`

			`if ($pub == "1") {`
			`$pub = "true";`
			`} else {`
			`$pub = "false";`
			`}`

			`$result = db_query($this->link, "UPDATE ttrss_user_entries SET`
set last_read to NOW() when publishing, order published feed by last read by default, allow overriding order in recently read feed 2012-09-10 08:27:51 +02:00			`published = $pub, last_read = NOW()`
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00			`WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);`

			`$pubsub_result = false;`

			`if (PUBSUBHUBBUB_HUB) {`
			`$rss_link = get_self_url_prefix() .`
			`"/public.php?op=rss&id=-2&key=" .`
			`get_feed_access_key($this->link, -2, false);`

			`$p = new Publisher(PUBSUBHUBBUB_HUB);`

			`$pubsub_result = $p->publish_update($rss_link);`
			`}`

			`print json_encode(array("message" => "UPDATE_COUNTERS",`
			`"pubsub_result" => $pubsub_result));`
			`}`

			`function getAllCounters() {`
			`$last_article_id = (int) $_REQUEST["last_article_id"];`

			`$reply = array();`

			`if ($seq) $reply['seq'] = $seq;`

			`if ($last_article_id != getLastArticleId($this->link)) {`
			`$omode = $_REQUEST["omode"];`
implement ProtectedHandler 2011-12-13 11:15:42 +01:00
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00			`if ($omode != "T")`
			`$reply['counters'] = getAllCounters($this->link, $omode);`
			`else`
			`$reply['counters'] = getGlobalCounters($this->link);`
			`}`

			`$reply['runtime-info'] = make_runtime_info($this->link);`

			`print json_encode($reply);`
			`}`

			`/* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */`
			`function catchupSelected() {`
			`$ids = explode(",", db_escape_string($_REQUEST["ids"]));`
			`$cmode = sprintf("%d", $_REQUEST["cmode"]);`

			`catchupArticlesById($this->link, $ids, $cmode);`

			`print json_encode(array("message" => "UPDATE_COUNTERS"));`
			`}`

			`function markSelected() {`
			`$ids = explode(",", db_escape_string($_REQUEST["ids"]));`
			`$cmode = sprintf("%d", $_REQUEST["cmode"]);`

			`markArticlesById($this->link, $ids, $cmode);`

			`print json_encode(array("message" => "UPDATE_COUNTERS"));`
			`}`

			`function publishSelected() {`
			`$ids = explode(",", db_escape_string($_REQUEST["ids"]));`
			`$cmode = sprintf("%d", $_REQUEST["cmode"]);`

			`publishArticlesById($this->link, $ids, $cmode);`

			`print json_encode(array("message" => "UPDATE_COUNTERS"));`
			`}`

			`function sanityCheck() {`
			`$_SESSION["hasAudio"] = $_REQUEST["hasAudio"] === "true";`

			`$reply = array();`

			`$reply['error'] = sanity_check($this->link);`

			`if ($reply['error']['code'] == 0) {`
			`$reply['init-params'] = make_init_params($this->link);`
			`$reply['runtime-info'] = make_runtime_info($this->link);`
			`}`

			`print json_encode($reply);`
			`}`

			`function setArticleTags() {`

			`$id = db_escape_string($_REQUEST["id"]);`

			`$tags_str = db_escape_string($_REQUEST["tags_str"]);`
			`$tags = array_unique(trim_array(explode(",", $tags_str)));`

			`db_query($this->link, "BEGIN");`

			`$result = db_query($this->link, "SELECT int_id FROM ttrss_user_entries WHERE`
			`ref_id = '$id' AND owner_uid = '".$_SESSION["uid"]."' LIMIT 1");`

			`if (db_num_rows($result) == 1) {`

			`$tags_to_cache = array();`

			`$int_id = db_fetch_result($result, 0, "int_id");`

			`db_query($this->link, "DELETE FROM ttrss_tags WHERE`
			`post_int_id = $int_id AND owner_uid = '".$_SESSION["uid"]."'");`

			`foreach ($tags as $tag) {`
			`$tag = sanitize_tag($tag);`

			`if (!tag_is_valid($tag)) {`
			`continue;`
			`}`

			`if (preg_match("/^[0-9]*$/", $tag)) {`
			`continue;`
			`}`

			`// print "<!-- $id : $int_id : $tag -->";`

			`if ($tag != '') {`
			`db_query($this->link, "INSERT INTO ttrss_tags`
			`(post_int_id, owner_uid, tag_name) VALUES ('$int_id', '".$_SESSION["uid"]."', '$tag')");`
			`}`

			`array_push($tags_to_cache, $tag);`
			`}`

			`/* update tag cache */`

			`sort($tags_to_cache);`
			`$tags_str = join(",", $tags_to_cache);`

			`db_query($this->link, "UPDATE ttrss_user_entries`
			`SET tag_cache = '$tags_str' WHERE ref_id = '$id'`
			`AND owner_uid = " . $_SESSION["uid"]);`
			`}`

			`db_query($this->link, "COMMIT");`

			`$tags = get_article_tags($this->link, $id);`
			`$tags_str = format_tags_string($tags, $id);`
			`$tags_str_full = join(", ", $tags);`

			`if (!$tags_str_full) $tags_str_full = __("no tags");`

			`print json_encode(array("tags_str" => array("id" => $id,`
			`"content" => $tags_str, "content_full" => $tags_str_full)));`
			`}`

			`function regenOPMLKey() {`
			`update_feed_access_key($this->link, 'OPML:Publish',`
			`false, $_SESSION["uid"]);`

			`$new_link = opml_publish_url($this->link);`

			`print json_encode(array("link" => $new_link));`
			`}`

sharepopup: implement assigning labels while sharing 2012-10-31 09:55:24 +01:00			`function completeLabels() {`
			`$search = db_escape_string($_REQUEST["search"]);`

			`$result = db_query($this->link, "SELECT DISTINCT caption FROM`
			`ttrss_labels2`
			`WHERE owner_uid = '".$_SESSION["uid"]."' AND`
			`LOWER(caption) LIKE LOWER('$search%') ORDER BY caption`
			`LIMIT 5");`

			`print "<ul>";`
			`while ($line = db_fetch_assoc($result)) {`
			`print "<li>" . $line["caption"] . "</li>";`
			`}`
			`print "</ul>";`
			`}`


add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00			`function completeTags() {`
			`$search = db_escape_string($_REQUEST["search"]);`

			`$result = db_query($this->link, "SELECT DISTINCT tag_name FROM ttrss_tags`
			`WHERE owner_uid = '".$_SESSION["uid"]."' AND`
			`tag_name LIKE '$search%' ORDER BY tag_name`
			`LIMIT 10");`

			`print "<ul>";`
			`while ($line = db_fetch_assoc($result)) {`
			`print "<li>" . $line["tag_name"] . "</li>";`
			`}`
			`print "</ul>";`
			`}`

			`function purge() {`
			`$ids = explode(",", db_escape_string($_REQUEST["ids"]));`
			`$days = sprintf("%d", $_REQUEST["days"]);`

			`foreach ($ids as $id) {`

			`$result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE`
			`id = '$id' AND owner_uid = ".$_SESSION["uid"]);`

			`if (db_num_rows($result) == 1) {`
			`purge_feed($this->link, $id, $days);`
			`}`
			`}`
			`}`

			`function getArticles() {`
			`$ids = explode(",", db_escape_string($_REQUEST["ids"]));`
			`$articles = array();`

			`foreach ($ids as $id) {`
			`if ($id) {`
			`array_push($articles, format_article($this->link, $id, 0, false));`
			`}`
			`}`

			`print json_encode($articles);`
			`}`

			`function checkDate() {`
			`$date = db_escape_string($_REQUEST["date"]);`
			`$date_parsed = strtotime($date);`

			`print json_encode(array("result" => (bool)$date_parsed,`
			`"date" => date("c", $date_parsed)));`
			`}`

			`function assigntolabel() {`
fix labelops 2011-12-14 09:05:45 +01:00			`return $this->labelops(true);`
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00			`}`
implement ProtectedHandler 2011-12-13 11:15:42 +01:00
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00			`function removefromlabel() {`
fix labelops 2011-12-14 09:05:45 +01:00			`return $this->labelops(false);`
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00			`}`
implement ProtectedHandler 2011-12-13 11:15:42 +01:00
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00			`function labelops($assign) {`
			`$reply = array();`

			`$ids = explode(",", db_escape_string($_REQUEST["ids"]));`
			`$label_id = db_escape_string($_REQUEST["lid"]);`

			`$label = db_escape_string(label_find_caption($this->link, $label_id,`
			`$_SESSION["uid"]));`

			`$reply["info-for-headlines"] = array();`

			`if ($label) {`

			`foreach ($ids as $id) {`

			`if ($assign)`
			`label_add_article($this->link, $id, $label, $_SESSION["uid"]);`
			`else`
			`label_remove_article($this->link, $id, $label, $_SESSION["uid"]);`

			`$labels = get_article_labels($this->link, $id, $_SESSION["uid"]);`

			`array_push($reply["info-for-headlines"],`
			`array("id" => $id, "labels" => format_article_labels($labels, $id)));`

			`}`
			`}`

			`$reply["message"] = "UPDATE_COUNTERS";`

			`print json_encode($reply);`
			`}`

			`function updateFeedBrowser() {`
			`$search = db_escape_string($_REQUEST["search"]);`
			`$limit = db_escape_string($_REQUEST["limit"]);`
			`$mode = (int) db_escape_string($_REQUEST["mode"]);`

split feedbrowser into a separate file 2012-12-24 12:58:29 +01:00			`require_once "feedbrowser.php";`

add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00			`print json_encode(array("content" =>`
			`make_feed_browser($this->link, $search, $limit, $mode),`
			`"mode" => $mode));`
			`}`

			`// Silent`
			`function massSubscribe() {`

			`$payload = json_decode($_REQUEST["payload"], false);`
			`$mode = $_REQUEST["mode"];`

			`if (!$payload \|\| !is_array($payload)) return;`

			`if ($mode == 1) {`
			`foreach ($payload as $feed) {`

			`$title = db_escape_string($feed[0]);`
			`$feed_url = db_escape_string($feed[1]);`

			`$result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE`
			`feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);`

			`if (db_num_rows($result) == 0) {`
			`$result = db_query($this->link, "INSERT INTO ttrss_feeds`
			`(owner_uid,feed_url,title,cat_id,site_url)`
			`VALUES ('".$_SESSION["uid"]."',`
			`'$feed_url', '$title', NULL, '')");`
			`}`
			`}`
			`} else if ($mode == 2) {`
			`// feed archive`
			`foreach ($payload as $id) {`
			`$result = db_query($this->link, "SELECT * FROM ttrss_archived_feeds`
			`WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);`

			`if (db_num_rows($result) != 0) {`
			`$site_url = db_escape_string(db_fetch_result($result, 0, "site_url"));`
			`$feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url"));`
			`$title = db_escape_string(db_fetch_result($result, 0, "title"));`

			`$result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE`
			`feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);`

			`if (db_num_rows($result) == 0) {`
			`$result = db_query($this->link, "INSERT INTO ttrss_feeds`
			`(owner_uid,feed_url,title,cat_id,site_url)`
			`VALUES ('$id','".$_SESSION["uid"]."',`
			`'$feed_url', '$title', NULL, '$site_url')");`
			`}`
			`}`
			`}`
			`}`
			`}`

			`function catchupFeed() {`
			`$feed_id = db_escape_string($_REQUEST['feed_id']);`
			`$is_cat = db_escape_string($_REQUEST['is_cat']) == "true";`
experimental tweak to not mark articles newer than last one loaded in the buffer as read 2012-06-03 18:02:51 +02:00			`$max_id = (int) db_escape_string($_REQUEST['max_id']);`
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00
experimental tweak to not mark articles newer than last one loaded in the buffer as read 2012-06-03 18:02:51 +02:00			`catchup_feed($this->link, $feed_id, $is_cat, false, $max_id);`
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00
			`print json_encode(array("message" => "UPDATE_COUNTERS"));`
			`}`

			`function quickAddCat() {`
			`$cat = db_escape_string($_REQUEST["cat"]);`

			`add_feed_category($this->link, $cat);`

			`$result = db_query($this->link, "SELECT id FROM ttrss_feed_categories WHERE`
			`title = '$cat' AND owner_uid = " . $_SESSION["uid"]);`

			`if (db_num_rows($result) == 1) {`
			`$id = db_fetch_result($result, 0, "id");`
			`} else {`
			`$id = 0;`
			`}`

			`print_feed_cat_select($this->link, "cat_id", $id);`
			`}`

			`function regenFeedKey() {`
			`$feed_id = db_escape_string($_REQUEST['id']);`
			`$is_cat = db_escape_string($_REQUEST['is_cat']) == "true";`

			`$new_key = update_feed_access_key($this->link, $feed_id, $is_cat);`

			`print json_encode(array("link" => $new_key));`
			`}`

			`// Silent`
			`function clearKeys() {`
			`db_query($this->link, "DELETE FROM ttrss_access_keys WHERE`
			`owner_uid = " . $_SESSION["uid"]);`
			`}`

			`// Silent`
			`function clearArticleKeys() {`
			`db_query($this->link, "UPDATE ttrss_user_entries SET uuid = '' WHERE`
			`owner_uid = " . $_SESSION["uid"]);`

			`return;`
			`}`

			`function verifyRegexp() {`
			`$reg_exp = $_REQUEST["reg_exp"];`

			`$status = @preg_match("/$reg_exp/i", "TEST") !== false;`

			`print json_encode(array("status" => $status));`
			`}`

experimental new plugin system 2012-12-23 11:52:18 +01:00			`/* function buttonPlugin() {`
rework class system to use subdirectories add placeholder plugin/hook system 2012-08-17 12:20:55 +02:00			`$pclass = "button_" . basename($_REQUEST['plugin']);`
move tweet button to a plugin, implement basic support for article action button plugins 2011-12-20 20:57:27 +01:00			`$method = $_REQUEST['plugin_method'];`

			`if (class_exists($pclass)) {`
			`$plugin = new $pclass($this->link);`
			`if (method_exists($plugin, $method)) {`
			`return $plugin->$method();`
			`}`
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00			`}`
experimental new plugin system 2012-12-23 11:52:18 +01:00			`} */`
add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00
			`function genHash() {`
			`$hash = sha1(uniqid(rand(), true));`

			`print json_encode(array("hash" => $hash));`
			`}`
prefs: implement batch subscribe to feeds 2012-01-29 14:51:00 +01:00
			`function batchAddFeeds() {`
			`$cat_id = db_escape_string($_REQUEST['cat']);`
			`$feeds = explode("\n", db_escape_string($_REQUEST['feeds']));`
			`$login = db_escape_string($_REQUEST['login']);`
			`$pass = db_escape_string($_REQUEST['pass']);`
			`$need_auth = db_escape_string($_REQUEST['need_auth']) != "";`

			`foreach ($feeds as $feed) {`
			`$feed = trim($feed);`

			`if (validate_feed_url($feed)) {`

			`db_query($this->link, "BEGIN");`

			`if ($cat_id == "0" \|\| !$cat_id) {`
			`$cat_qpart = "NULL";`
			`} else {`
			`$cat_qpart = "'$cat_id'";`
			`}`

			`$result = db_query($this->link,`
			`"SELECT id FROM ttrss_feeds`
			`WHERE feed_url = '$feed' AND owner_uid = ".$_SESSION["uid"]);`

			`if (db_num_rows($result) == 0) {`
			`$result = db_query($this->link,`
			`"INSERT INTO ttrss_feeds`
			`(owner_uid,feed_url,title,cat_id,auth_login,auth_pass,update_method)`
			`VALUES ('".$_SESSION["uid"]."', '$feed',`
remove magpie, fix article filter plugins 2012-12-24 10:45:34 +01:00			`'[Unknown]', $cat_qpart, '$login', '$pass', 0)");`
prefs: implement batch subscribe to feeds 2012-01-29 14:51:00 +01:00			`}`

			`db_query($this->link, "COMMIT");`
			`}`
			`}`
			`}`

allow setting article score manually 2012-10-31 11:39:26 +01:00			`function setScore() {`
allow batch setting of article scores 2012-10-31 12:17:49 +01:00			`$ids = db_escape_string($_REQUEST['id']);`
allow setting article score manually 2012-10-31 11:39:26 +01:00			`$score = (int)db_escape_string($_REQUEST['score']);`

			`db_query($this->link, "UPDATE ttrss_user_entries SET`
allow batch setting of article scores 2012-10-31 12:17:49 +01:00			`score = '$score' WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);`
allow setting article score manually 2012-10-31 11:39:26 +01:00
			`print json_encode(array("id" => $id,`
			`"score_pic" => theme_image($link, get_score_pic($score))));`
			`}`

add tiny-OOP style backend RPC 2011-12-12 20:32:29 +01:00			`}`
			`?>`