<?php function handle_rpc_request($link) { $subop = $_GET["subop"]; if ($subop == "setpref") { if (WEB_DEMO_MODE) { return; } print "<rpc-reply>"; $key = db_escape_string($_GET["key"]); $value = db_escape_string($_GET["value"]); set_pref($link, $key, $value); print "<param-set key=\"$key\" value=\"$value\"/>"; print "</rpc-reply>"; } if ($subop == "getLabelCounters") { $aid = $_GET["aid"]; print "<rpc-reply>"; print "<counters>"; getLabelCounters($link); if ($aid) { getFeedCounter($link, $aid); } print "</counters>"; print "</rpc-reply>"; } if ($subop == "getFeedCounters") { print "<rpc-reply>"; print "<counters>"; getFeedCounters($link); print "</counters>"; print "</rpc-reply>"; } if ($subop == "getAllCounters") { print "<rpc-reply>"; print "<counters>"; $omode = $_GET["omode"]; getAllCounters($link, $omode); print "</counters>"; print_runtime_info($link); print "</rpc-reply>"; } if ($subop == "mark") { $mark = $_GET["mark"]; $id = db_escape_string($_GET["id"]); if ($mark == "1") { $mark = "true"; } else { $mark = "false"; } // FIXME this needs collision testing $result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); print "<rpc-reply><mark>$id</mark></rpc-reply>"; } if ($subop == "publ") { $pub = $_GET["pub"]; $id = db_escape_string($_GET["id"]); if ($pub == "1") { $pub = "true"; } else { $pub = "false"; } // FIXME this needs collision testing $result = db_query($link, "UPDATE ttrss_user_entries SET published = $pub WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); print "<rpc-reply><pub>$id</pub></rpc-reply>"; } if ($subop == "updateFeed") { $feed_id = db_escape_string($_GET["feed"]); $result = db_query($link, "SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) > 0) { $feed_url = db_fetch_result($result, 0, "feed_url"); update_rss_feed($link, $feed_url, $feed_id); } print "<rpc-reply>"; print "<counters>"; getFeedCounter($link, $feed_id); print "</counters>"; print "</rpc-reply>"; return; } if ($subop == "forceUpdateAllFeeds" || $subop == "updateAllFeeds") { if (ENABLE_UPDATE_DAEMON) { if ($subop == "forceUpdateAllFeeds") { $result = db_query($link, "SELECT count(id) AS cid FROM ttrss_scheduled_updates WHERE feed_id IS NULL AND owner_uid = " . $_SESSION["uid"]); $cid = db_fetch_result($result, 0, "cid"); if ($cid == 0) { db_query($link, "INSERT INTO ttrss_scheduled_updates (owner_uid, feed_id, entered) VALUES (".$_SESSION["uid"].", NULL, NOW())"); } } } else { update_all_feeds($link, $subop == "forceUpdateAllFeeds"); } $global_unread_caller = sprintf("%d", $_GET["uctr"]); $global_unread = getGlobalUnread($link); print "<rpc-reply>"; print "<counters>"; if ($global_unread_caller != $global_unread) { $omode = $_GET["omode"]; if (!$omode) $omode = "tflc"; if (strchr($omode, "l")) getLabelCounters($link); if (strchr($omode, "f")) getFeedCounters($link); if (strchr($omode, "t")) getTagCounters($link); if (strchr($omode, "c")) { if (get_pref($link, 'ENABLE_FEED_CATS')) { getCategoryCounters($link); } } } getGlobalCounters($link, $global_unread); print "</counters>"; print_runtime_info($link); print "</rpc-reply>"; } /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */ if ($subop == "catchupSelected") { $ids = split(",", db_escape_string($_GET["ids"])); $cmode = sprintf("%d", $_GET["cmode"]); catchupArticlesById($link, $ids, $cmode); print "<rpc-reply>"; print "<counters>"; getAllCounters($link, $_GET["omode"]); print "</counters>"; print_runtime_info($link); print "</rpc-reply>"; } if ($subop == "markSelected") { $ids = split(",", db_escape_string($_GET["ids"])); $cmode = sprintf("%d", $_GET["cmode"]); markArticlesById($link, $ids, $cmode); print "<rpc-reply>"; print "<counters>"; getAllCounters($link, $_GET["omode"]); print "</counters>"; print_runtime_info($link); print "</rpc-reply>"; } if ($subop == "publishSelected") { $ids = split(",", db_escape_string($_GET["ids"])); $cmode = sprintf("%d", $_GET["cmode"]); publishArticlesById($link, $ids, $cmode); print "<rpc-reply>"; print "<counters>"; getAllCounters($link, $_GET["omode"]); print "</counters>"; print_runtime_info($link); print "</rpc-reply>"; } if ($subop == "sanityCheck") { print "<rpc-reply>"; if (sanity_check($link)) { print "<error error-code=\"0\"/>"; print_init_params($link); print_runtime_info($link); # assign client-passed params to session $_SESSION["client.userAgent"] = $_GET["ua"]; } print "</rpc-reply>"; } if ($subop == "globalPurge") { print "<rpc-reply>"; global_purge_old_posts($link, true); print "</rpc-reply>"; } if ($subop == "getArticleLink") { $id = db_escape_string($_GET["id"]); $result = db_query($link, "SELECT link FROM ttrss_entries, ttrss_user_entries WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'"); if (db_num_rows($result) == 1) { $link = strip_tags(db_fetch_result($result, 0, "link")); print "<rpc-reply><link>$link</link><id>$id</id></rpc-reply>"; } else { print "<rpc-reply><error>Article not found</error></rpc-reply>"; } } if ($subop == "setArticleTags") { $id = db_escape_string($_GET["id"]); $tags_str = db_escape_string($_GET["tags_str"]); $tags = array_unique(trim_array(split(",", $tags_str))); db_query($link, "BEGIN"); $result = db_query($link, "SELECT int_id FROM ttrss_user_entries WHERE ref_id = '$id' AND owner_uid = '".$_SESSION["uid"]."' LIMIT 1"); if (db_num_rows($result) == 1) { $int_id = db_fetch_result($result, 0, "int_id"); db_query($link, "DELETE FROM ttrss_tags WHERE post_int_id = $int_id AND owner_uid = '".$_SESSION["uid"]."'"); foreach ($tags as $tag) { $tag = sanitize_tag($tag); if (!tag_is_valid($tag)) { continue; } if (preg_match("/^[0-9]*$/", $tag)) { continue; } print "<!-- $id : $int_id : $tag -->"; if ($tag != '') { db_query($link, "INSERT INTO ttrss_tags (post_int_id, owner_uid, tag_name) VALUES ('$int_id', '".$_SESSION["uid"]."', '$tag')"); } } } db_query($link, "COMMIT"); print "<rpc-reply> <message>$id</message> </rpc-reply>"; } if ($subop == "regenPubKey") { print "<rpc-reply>"; set_pref($link, "_PREFS_PUBLISH_KEY", generate_publish_key()); $new_link = article_publish_url($link); print "<link><![CDATA[$new_link]]></link>"; print "</rpc-reply>"; } if ($subop == "logout") { logout_user(); print_error_xml(6); } if ($subop == "completeTags") { $search = db_escape_string($_REQUEST["search"]); $result = db_query($link, "SELECT DISTINCT tag_name FROM ttrss_tags WHERE owner_uid = '".$_SESSION["uid"]."' AND tag_name LIKE '$search%' ORDER BY tag_name LIMIT 10"); print "<ul>"; while ($line = db_fetch_assoc($result)) { print "<li>" . $line["tag_name"] . "</li>"; } print "</ul>"; } } ?>