diff --git a/classes/article.php b/classes/article.php
index c23a1b820..43b25f94f 100755
--- a/classes/article.php
+++ b/classes/article.php
@@ -306,9 +306,9 @@ class Article extends Handler_Protected {
$sth->execute([$int_id, $_SESSION['uid']]);
foreach ($tags as $tag) {
- $tag = sanitize_tag($tag);
+ $tag = Article::sanitize_tag($tag);
- if (!tag_is_valid($tag)) {
+ if (!Article::tag_is_valid($tag)) {
continue;
}
@@ -800,4 +800,25 @@ class Article extends Handler_Protected {
return $rv;
}
+ static function sanitize_tag($tag) {
+ $tag = trim($tag);
+
+ $tag = mb_strtolower($tag, 'utf-8');
+
+ $tag = preg_replace('/[,\'\"\+\>\<]/', "", $tag);
+
+ if (DB_TYPE == "mysql") {
+ $tag = preg_replace('/[\x{10000}-\x{10FFFF}]/u', "\xEF\xBF\xBD", $tag);
+ }
+
+ return $tag;
+ }
+
+ static function tag_is_valid($tag) {
+ if (!$tag || is_numeric($tag) || mb_strlen($tag) > 250)
+ return false;
+
+ return true;
+ }
+
}
diff --git a/classes/dlg.php b/classes/dlg.php
index 4489af51a..d3e82ee59 100644
--- a/classes/dlg.php
+++ b/classes/dlg.php
@@ -161,7 +161,7 @@ class Dlg extends Handler_Protected {
$feed_id = $this->params[0];
$is_cat = (bool) $this->params[1];
- $key = get_feed_access_key($feed_id, $is_cat);
+ $key = Feeds::get_feed_access_key($feed_id, $is_cat);
$url_path = htmlspecialchars($this->params[2]) . "&key=" . $key;
diff --git a/classes/feeds.php b/classes/feeds.php
index 2714f4596..75ca83957 100755
--- a/classes/feeds.php
+++ b/classes/feeds.php
@@ -2006,5 +2006,69 @@ class Feeds extends Handler_Protected {
return '';
}
+ static function add_feed_category($feed_cat, $parent_cat_id = false, $order_id = 0) {
+
+ if (!$feed_cat) return false;
+
+ $feed_cat = mb_substr($feed_cat, 0, 250);
+ if (!$parent_cat_id) $parent_cat_id = null;
+
+ $pdo = Db::pdo();
+ $tr_in_progress = false;
+
+ try {
+ $pdo->beginTransaction();
+ } catch (Exception $e) {
+ $tr_in_progress = true;
+ }
+
+ $sth = $pdo->prepare("SELECT id FROM ttrss_feed_categories
+ WHERE (parent_cat = :parent OR (:parent IS NULL AND parent_cat IS NULL))
+ AND title = :title AND owner_uid = :uid");
+ $sth->execute([':parent' => $parent_cat_id, ':title' => $feed_cat, ':uid' => $_SESSION['uid']]);
+
+ if (!$sth->fetch()) {
+
+ $sth = $pdo->prepare("INSERT INTO ttrss_feed_categories (owner_uid,title,parent_cat,order_id)
+ VALUES (?, ?, ?, ?)");
+ $sth->execute([$_SESSION['uid'], $feed_cat, $parent_cat_id, (int)$order_id]);
+
+ if (!$tr_in_progress) $pdo->commit();
+
+ return true;
+ }
+
+ $pdo->commit();
+
+ return false;
+ }
+
+ static function get_feed_access_key($feed_id, $is_cat, $owner_uid = false) {
+
+ if (!$owner_uid) $owner_uid = $_SESSION["uid"];
+
+ $is_cat = bool_to_sql_bool($is_cat);
+
+ $pdo = Db::pdo();
+
+ $sth = $pdo->prepare("SELECT access_key FROM ttrss_access_keys
+ WHERE feed_id = ? AND is_cat = ?
+ AND owner_uid = ?");
+ $sth->execute([$feed_id, $is_cat, $owner_uid]);
+
+ if ($row = $sth->fetch()) {
+ return $row["access_key"];
+ } else {
+ $key = uniqid_short();
+
+ $sth = $pdo->prepare("INSERT INTO ttrss_access_keys
+ (access_key, feed_id, is_cat, owner_uid)
+ VALUES (?, ?, ?, ?)");
+
+ $sth->execute([$key, $feed_id, $is_cat, $owner_uid]);
+
+ return $key;
+ }
+ }
}
diff --git a/classes/handler/public.php b/classes/handler/public.php
index e9a3abc53..b4f0a5b6f 100755
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@@ -75,7 +75,7 @@ class Handler_Public extends Handler {
$feed_self_url = get_self_url_prefix() .
"/public.php?op=rss&id=$feed&key=" .
- get_feed_access_key($feed, false, $owner_uid);
+ Feeds::get_feed_access_key($feed, false, $owner_uid);
if (!$feed_site_url) $feed_site_url = get_self_url_prefix();
diff --git a/classes/opml.php b/classes/opml.php
index 720798065..6982aea27 100644
--- a/classes/opml.php
+++ b/classes/opml.php
@@ -31,7 +31,7 @@ class Opml extends Handler_Protected {
".__('OPML Utility')."
";
- add_feed_category("Imported feeds");
+ Feeds::add_feed_category("Imported feeds");
$this->opml_notice(__("Importing OPML..."));
@@ -515,7 +515,7 @@ class Opml extends Handler_Protected {
$order_id = (int) $root_node->attributes->getNamedItem('ttrssSortOrder')->nodeValue;
if (!$order_id) $order_id = 0;
- add_feed_category($cat_title, $parent_id, $order_id);
+ Feeds::add_feed_category($cat_title, $parent_id, $order_id);
$cat_id = $this->get_feed_category($cat_title, $parent_id);
}
@@ -627,7 +627,7 @@ class Opml extends Handler_Protected {
$url_path = get_self_url_prefix();
$url_path .= "/opml.php?op=publish&key=" .
- get_feed_access_key('OPML:Publish', false, $_SESSION["uid"]);
+ Feeds::get_feed_access_key('OPML:Publish', false, $_SESSION["uid"]);
return $url_path;
}
diff --git a/classes/pref/feeds.php b/classes/pref/feeds.php
index f94f45430..c55affd77 100755
--- a/classes/pref/feeds.php
+++ b/classes/pref/feeds.php
@@ -1166,7 +1166,7 @@ class Pref_Feeds extends Handler_Protected {
function addCat() {
$feed_cat = trim(clean($_REQUEST["cat"]));
- add_feed_category($feed_cat);
+ Feeds::add_feed_category($feed_cat);
}
function index() {
@@ -1750,7 +1750,7 @@ class Pref_Feeds extends Handler_Protected {
WHERE feed_id = ? AND is_cat = ? AND owner_uid = ?");
$sth->execute([$feed_id, bool_to_sql_bool($is_cat), $owner_uid]);
- return get_feed_access_key($feed_id, $is_cat, $owner_uid);
+ return Feeds::get_feed_access_key($feed_id, $is_cat, $owner_uid);
}
// Silent
diff --git a/classes/rssutils.php b/classes/rssutils.php
index 68e0255ed..48f4320fb 100755
--- a/classes/rssutils.php
+++ b/classes/rssutils.php
@@ -507,7 +507,7 @@ class RSSUtils {
Debug::log("loading filters & labels...", Debug::$LOG_VERBOSE);
- $filters = load_filters($feed, $owner_uid);
+ $filters = RSSUtils::load_filters($feed, $owner_uid);
if (Debug::get_loglevel() >= Debug::$LOG_EXTENDED) {
print_r($filters);
@@ -1071,7 +1071,7 @@ class RSSUtils {
$manual_tags = trim_array(explode(",", $f["param"]));
foreach ($manual_tags as $tag) {
- if (tag_is_valid($tag)) {
+ if (Article::tag_is_valid($tag)) {
array_push($entry_tags, $tag);
}
}
@@ -1115,9 +1115,9 @@ class RSSUtils {
foreach ($filtered_tags as $tag) {
- $tag = sanitize_tag($tag);
+ $tag = Article::sanitize_tag($tag);
- if (!tag_is_valid($tag)) continue;
+ if (!Article::tag_is_valid($tag)) continue;
$tsth->execute([$tag, $entry_int_id, $owner_uid]);
@@ -1570,4 +1570,113 @@ class RSSUtils {
return mb_strpos($feed_data, "\x1f" . "\x8b" . "\x08", 0, "US-ASCII") === 0;
}
+ static function load_filters($feed_id, $owner_uid) {
+ $filters = array();
+
+ $feed_id = (int) $feed_id;
+ $cat_id = (int)Feeds::getFeedCategory($feed_id);
+
+ if ($cat_id == 0)
+ $null_cat_qpart = "cat_id IS NULL OR";
+ else
+ $null_cat_qpart = "";
+
+ $pdo = Db::pdo();
+
+ $sth = $pdo->prepare("SELECT * FROM ttrss_filters2 WHERE
+ owner_uid = ? AND enabled = true ORDER BY order_id, title");
+ $sth->execute([$owner_uid]);
+
+ $check_cats = array_merge(
+ Feeds::getParentCategories($cat_id, $owner_uid),
+ [$cat_id]);
+
+ $check_cats_str = join(",", $check_cats);
+ $check_cats_fullids = array_map(function($a) { return "CAT:$a"; }, $check_cats);
+
+ while ($line = $sth->fetch()) {
+ $filter_id = $line["id"];
+
+ $match_any_rule = sql_bool_to_bool($line["match_any_rule"]);
+
+ $sth2 = $pdo->prepare("SELECT
+ r.reg_exp, r.inverse, r.feed_id, r.cat_id, r.cat_filter, r.match_on, t.name AS type_name
+ FROM ttrss_filters2_rules AS r,
+ ttrss_filter_types AS t
+ WHERE
+ (match_on IS NOT NULL OR
+ (($null_cat_qpart (cat_id IS NULL AND cat_filter = false) OR cat_id IN ($check_cats_str)) AND
+ (feed_id IS NULL OR feed_id = ?))) AND
+ filter_type = t.id AND filter_id = ?");
+ $sth2->execute([$feed_id, $filter_id]);
+
+ $rules = array();
+ $actions = array();
+
+ while ($rule_line = $sth2->fetch()) {
+ # print_r($rule_line);
+
+ if ($rule_line["match_on"]) {
+ $match_on = json_decode($rule_line["match_on"], true);
+
+ if (in_array("0", $match_on) || in_array($feed_id, $match_on) || count(array_intersect($check_cats_fullids, $match_on)) > 0) {
+
+ $rule = array();
+ $rule["reg_exp"] = $rule_line["reg_exp"];
+ $rule["type"] = $rule_line["type_name"];
+ $rule["inverse"] = sql_bool_to_bool($rule_line["inverse"]);
+
+ array_push($rules, $rule);
+ } else if (!$match_any_rule) {
+ // this filter contains a rule that doesn't match to this feed/category combination
+ // thus filter has to be rejected
+
+ $rules = [];
+ break;
+ }
+
+ } else {
+
+ $rule = array();
+ $rule["reg_exp"] = $rule_line["reg_exp"];
+ $rule["type"] = $rule_line["type_name"];
+ $rule["inverse"] = sql_bool_to_bool($rule_line["inverse"]);
+
+ array_push($rules, $rule);
+ }
+ }
+
+ if (count($rules) > 0) {
+ $sth2 = $pdo->prepare("SELECT a.action_param,t.name AS type_name
+ FROM ttrss_filters2_actions AS a,
+ ttrss_filter_actions AS t
+ WHERE
+ action_id = t.id AND filter_id = ?");
+ $sth2->execute([$filter_id]);
+
+ while ($action_line = $sth2->fetch()) {
+ # print_r($action_line);
+
+ $action = array();
+ $action["type"] = $action_line["type_name"];
+ $action["param"] = $action_line["action_param"];
+
+ array_push($actions, $action);
+ }
+ }
+
+ $filter = [];
+ $filter["id"] = $filter_id;
+ $filter["match_any_rule"] = sql_bool_to_bool($line["match_any_rule"]);
+ $filter["inverse"] = sql_bool_to_bool($line["inverse"]);
+ $filter["rules"] = $rules;
+ $filter["actions"] = $actions;
+
+ if (count($rules) > 0 && count($actions) > 0) {
+ array_push($filters, $filter);
+ }
+ }
+
+ return $filters;
+ }
}
diff --git a/include/functions.php b/include/functions.php
index fe4ca1ecb..3981bc435 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -1798,13 +1798,6 @@
return $tmp;
}
- function tag_is_valid($tag) {
- if (!$tag || is_numeric($tag) || mb_strlen($tag) > 250)
- return false;
-
- return true;
- }
-
function render_login_form() {
header('Cache-Control: public');
@@ -1823,20 +1816,6 @@
return $ts;
}
- function sanitize_tag($tag) {
- $tag = trim($tag);
-
- $tag = mb_strtolower($tag, 'utf-8');
-
- $tag = preg_replace('/[,\'\"\+\>\<]/', "", $tag);
-
- if (DB_TYPE == "mysql") {
- $tag = preg_replace('/[\x{10000}-\x{10FFFF}]/u', "\xEF\xBF\xBD", $tag);
- }
-
- return $tag;
- }
-
function is_server_https() {
return (!empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] != 'off')) || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https';
}
@@ -1864,187 +1843,12 @@
}
} // function encrypt_password
- function load_filters($feed_id, $owner_uid) {
- $filters = array();
-
- $feed_id = (int) $feed_id;
- $cat_id = (int)Feeds::getFeedCategory($feed_id);
-
- if ($cat_id == 0)
- $null_cat_qpart = "cat_id IS NULL OR";
- else
- $null_cat_qpart = "";
-
- $pdo = Db::pdo();
-
- $sth = $pdo->prepare("SELECT * FROM ttrss_filters2 WHERE
- owner_uid = ? AND enabled = true ORDER BY order_id, title");
- $sth->execute([$owner_uid]);
-
- $check_cats = array_merge(
- Feeds::getParentCategories($cat_id, $owner_uid),
- [$cat_id]);
-
- $check_cats_str = join(",", $check_cats);
- $check_cats_fullids = array_map(function($a) { return "CAT:$a"; }, $check_cats);
-
- while ($line = $sth->fetch()) {
- $filter_id = $line["id"];
-
- $match_any_rule = sql_bool_to_bool($line["match_any_rule"]);
-
- $sth2 = $pdo->prepare("SELECT
- r.reg_exp, r.inverse, r.feed_id, r.cat_id, r.cat_filter, r.match_on, t.name AS type_name
- FROM ttrss_filters2_rules AS r,
- ttrss_filter_types AS t
- WHERE
- (match_on IS NOT NULL OR
- (($null_cat_qpart (cat_id IS NULL AND cat_filter = false) OR cat_id IN ($check_cats_str)) AND
- (feed_id IS NULL OR feed_id = ?))) AND
- filter_type = t.id AND filter_id = ?");
- $sth2->execute([$feed_id, $filter_id]);
-
- $rules = array();
- $actions = array();
-
- while ($rule_line = $sth2->fetch()) {
- # print_r($rule_line);
-
- if ($rule_line["match_on"]) {
- $match_on = json_decode($rule_line["match_on"], true);
-
- if (in_array("0", $match_on) || in_array($feed_id, $match_on) || count(array_intersect($check_cats_fullids, $match_on)) > 0) {
-
- $rule = array();
- $rule["reg_exp"] = $rule_line["reg_exp"];
- $rule["type"] = $rule_line["type_name"];
- $rule["inverse"] = sql_bool_to_bool($rule_line["inverse"]);
-
- array_push($rules, $rule);
- } else if (!$match_any_rule) {
- // this filter contains a rule that doesn't match to this feed/category combination
- // thus filter has to be rejected
-
- $rules = [];
- break;
- }
-
- } else {
-
- $rule = array();
- $rule["reg_exp"] = $rule_line["reg_exp"];
- $rule["type"] = $rule_line["type_name"];
- $rule["inverse"] = sql_bool_to_bool($rule_line["inverse"]);
-
- array_push($rules, $rule);
- }
- }
-
- if (count($rules) > 0) {
- $sth2 = $pdo->prepare("SELECT a.action_param,t.name AS type_name
- FROM ttrss_filters2_actions AS a,
- ttrss_filter_actions AS t
- WHERE
- action_id = t.id AND filter_id = ?");
- $sth2->execute([$filter_id]);
-
- while ($action_line = $sth2->fetch()) {
- # print_r($action_line);
-
- $action = array();
- $action["type"] = $action_line["type_name"];
- $action["param"] = $action_line["action_param"];
-
- array_push($actions, $action);
- }
- }
-
- $filter = [];
- $filter["id"] = $filter_id;
- $filter["match_any_rule"] = sql_bool_to_bool($line["match_any_rule"]);
- $filter["inverse"] = sql_bool_to_bool($line["inverse"]);
- $filter["rules"] = $rules;
- $filter["actions"] = $actions;
-
- if (count($rules) > 0 && count($actions) > 0) {
- array_push($filters, $filter);
- }
- }
-
- return $filters;
- }
-
function init_plugins() {
PluginHost::getInstance()->load(PLUGINS, PluginHost::KIND_ALL);
return true;
}
- function add_feed_category($feed_cat, $parent_cat_id = false, $order_id = 0) {
-
- if (!$feed_cat) return false;
-
- $feed_cat = mb_substr($feed_cat, 0, 250);
- if (!$parent_cat_id) $parent_cat_id = null;
-
- $pdo = Db::pdo();
- $tr_in_progress = false;
-
- try {
- $pdo->beginTransaction();
- } catch (Exception $e) {
- $tr_in_progress = true;
- }
-
- $sth = $pdo->prepare("SELECT id FROM ttrss_feed_categories
- WHERE (parent_cat = :parent OR (:parent IS NULL AND parent_cat IS NULL))
- AND title = :title AND owner_uid = :uid");
- $sth->execute([':parent' => $parent_cat_id, ':title' => $feed_cat, ':uid' => $_SESSION['uid']]);
-
- if (!$sth->fetch()) {
-
- $sth = $pdo->prepare("INSERT INTO ttrss_feed_categories (owner_uid,title,parent_cat,order_id)
- VALUES (?, ?, ?, ?)");
- $sth->execute([$_SESSION['uid'], $feed_cat, $parent_cat_id, (int)$order_id]);
-
- if (!$tr_in_progress) $pdo->commit();
-
- return true;
- }
-
- $pdo->commit();
-
- return false;
- }
-
- function get_feed_access_key($feed_id, $is_cat, $owner_uid = false) {
-
- if (!$owner_uid) $owner_uid = $_SESSION["uid"];
-
- $is_cat = bool_to_sql_bool($is_cat);
-
- $pdo = Db::pdo();
-
- $sth = $pdo->prepare("SELECT access_key FROM ttrss_access_keys
- WHERE feed_id = ? AND is_cat = ?
- AND owner_uid = ?");
- $sth->execute([$feed_id, $is_cat, $owner_uid]);
-
- if ($row = $sth->fetch()) {
- return $row["access_key"];
- } else {
- $key = uniqid_short();
-
- $sth = $pdo->prepare("INSERT INTO ttrss_access_keys
- (access_key, feed_id, is_cat, owner_uid)
- VALUES (?, ?, ?, ?)");
-
- $sth->execute([$key, $feed_id, $is_cat, $owner_uid]);
-
- return $key;
- }
- }
-
function build_url($parts) {
return $parts['scheme'] . "://" . $parts['host'] . $parts['path'];
}