fail better if requested article URL is blank

This commit is contained in:
Andrew Dolgov 2021-02-13 10:10:44 +03:00
parent d3940b6259
commit eec5871f5f
4 changed files with 27 additions and 24 deletions

View File

@ -5,7 +5,7 @@ class Article extends Handler_Protected {
const ARTICLE_KIND_YOUTUBE = 3;
function redirect() {
$id = clean($_REQUEST['id']);
$id = (int) clean($_REQUEST['id'] ?? 0);
$sth = $this->pdo->prepare("SELECT link FROM ttrss_entries, ttrss_user_entries
WHERE id = ? AND id = ref_id AND owner_uid = ?
@ -13,11 +13,14 @@ class Article extends Handler_Protected {
$sth->execute([$id, $_SESSION['uid']]);
if ($row = $sth->fetch()) {
$article_url = $row['link'];
$article_url = str_replace("\n", "", $article_url);
$article_url = UrlHelper::validate(str_replace("\n", "", $row['link']));
if ($article_url) {
header("Location: $article_url");
return;
} else {
header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found");
print "URL of article $id is blank.";
}
} else {
print_error(__("Article not found."));
@ -595,6 +598,21 @@ class Article extends Handler_Protected {
</div>";
}
function get_metadata_by_id() {
$id = clean($_REQUEST['id']);
$sth = $this->pdo->prepare("SELECT link, title FROM ttrss_entries, ttrss_user_entries
WHERE ref_id = ? AND ref_id = id AND owner_uid = ?");
$sth->execute([$id, $_SESSION['uid']]);
if ($row = $sth->fetch()) {
$link = $row['link'];
$title = $row['title'];
echo json_encode(["link" => $link, "title" => $title]);
}
}
static function get_article_enclosures($id) {
$pdo = Db::pdo();

View File

@ -382,23 +382,6 @@ class RPC extends Handler_Protected {
$sth->execute(array_merge($ids, [$_SESSION['uid']]));
}
function getlinktitlebyid() {
$id = clean($_REQUEST['id']);
$sth = $this->pdo->prepare("SELECT link, title FROM ttrss_entries, ttrss_user_entries
WHERE ref_id = ? AND ref_id = id AND owner_uid = ?");
$sth->execute([$id, $_SESSION['uid']]);
if ($row = $sth->fetch()) {
$link = $row['link'];
$title = $row['title'];
echo json_encode(array("link" => $link, "title" => $title));
} else {
echo json_encode(array("error" => "ARTICLE_NOT_FOUND"));
}
}
function log() {
$msg = clean($_REQUEST['msg']);
$file = basename(clean($_REQUEST['file']));

View File

@ -123,11 +123,13 @@ const Article = {
Article.setActive(0);
},
displayUrl: function (id) {
const query = {op: "rpc", method: "getlinktitlebyid", id: id};
const query = {op: "article", method: "get_metadata_by_id", id: id};
xhrJson("backend.php", query, (reply) => {
if (reply && reply.link) {
prompt(__("Article URL:"), reply.link);
} else {
alert(__("No URL could be displayed for this article."));
}
});
},

View File

@ -332,7 +332,7 @@ const Filters = {
} else {
const query = {op: "rpc", method: "getlinktitlebyid", id: Article.getActive()};
const query = {op: "article", method: "get_metadata_by_id", id: Article.getActive()};
xhrPost("backend.php", query, (transport) => {
const reply = JSON.parse(transport.responseText);