get_plugin($_SESSION["auth_module"]); if (method_exists($authenticator, "change_password")) { print $authenticator->change_password($_SESSION["uid"], $old_pw, $new_pw); } else { print "ERROR: ".__("Function not supported by authentication module."); } } function saveconfig() { $_SESSION["prefs_cache"] = false; $boolean_prefs = explode(",", $_POST["boolean_prefs"]); foreach ($boolean_prefs as $pref) { if (!isset($_POST[$pref])) $_POST[$pref] = 'false'; } foreach (array_keys($_POST) as $pref_name) { $pref_name = db_escape_string($this->link, $pref_name); $value = db_escape_string($this->link, $_POST[$pref_name]); if ($pref_name == 'DIGEST_PREFERRED_TIME') { if (get_pref($this->link, 'DIGEST_PREFERRED_TIME') != $value) { db_query($this->link, "UPDATE ttrss_users SET last_digest_sent = NULL WHERE id = " . $_SESSION['uid']); } } set_pref($this->link, $pref_name, $value); } print __("The configuration was saved."); } function getHelp() { $pref_name = db_escape_string($this->link, $_REQUEST["pn"]); $result = db_query($this->link, "SELECT help_text FROM ttrss_prefs WHERE pref_name = '$pref_name'"); if (db_num_rows($result) > 0) { $help_text = db_fetch_result($result, 0, "help_text"); print $help_text; } else { printf(__("Unknown option: %s"), $pref_name); } } function changeemail() { $email = db_escape_string($this->link, $_POST["email"]); $full_name = db_escape_string($this->link, $_POST["full_name"]); $active_uid = $_SESSION["uid"]; db_query($this->link, "UPDATE ttrss_users SET email = '$email', full_name = '$full_name' WHERE id = '$active_uid'"); print __("Your personal data has been saved."); return; } function resetconfig() { $_SESSION["prefs_op_result"] = "reset-to-defaults"; if ($_SESSION["profile"]) { $profile_qpart = "profile = '" . $_SESSION["profile"] . "'"; } else { $profile_qpart = "profile IS NULL"; } db_query($this->link, "DELETE FROM ttrss_user_prefs WHERE $profile_qpart AND owner_uid = ".$_SESSION["uid"]); initialize_user_prefs($this->link, $_SESSION["uid"], $_SESSION["profile"]); } function index() { global $access_level_names; $prefs_blacklist = array("STRIP_UNSAFE_TAGS", "REVERSE_HEADLINES", "SORT_HEADLINES_BY_FEED_DATE"); /* "FEEDS_SORT_BY_UNREAD", "HIDE_READ_FEEDS", "REVERSE_HEADLINES" */ $profile_blacklist = array("ALLOW_DUPLICATE_POSTS", "PURGE_OLD_DAYS", "PURGE_UNREAD_ARTICLES", "DIGEST_ENABLE", "DIGEST_CATCHUP", "BLACKLISTED_TAGS", "ENABLE_API_ACCESS", "UPDATE_POST_ON_CHECKSUM_CHANGE", "DEFAULT_UPDATE_INTERVAL", "USER_TIMEZONE", "SORT_HEADLINES_BY_FEED_DATE", "SSL_CERT_SERIAL", "DIGEST_PREFERRED_TIME"); $_SESSION["prefs_op_result"] = ""; print "
"; print "
"; print "
"; print ""; print ""; print "

" . __("Personal data") . "

"; $result = db_query($this->link, "SELECT email,full_name,otp_enabled, access_level FROM ttrss_users WHERE id = ".$_SESSION["uid"]); $email = htmlspecialchars(db_fetch_result($result, 0, "email")); $full_name = htmlspecialchars(db_fetch_result($result, 0, "full_name")); $otp_enabled = sql_bool_to_bool(db_fetch_result($result, 0, "otp_enabled")); print ""; print ""; print ""; print ""; if (!SINGLE_USER_MODE && !$_SESSION["hide_hello"]) { $access_level = db_fetch_result($result, 0, "access_level"); print ""; print ""; } print "
".__('Full name')."
".__('E-mail')."
".__('Access level')."" . $access_level_names[$access_level] . "
"; print ""; print ""; print "

"; print "

"; if ($_SESSION["auth_module"]) { global $pluginhost; $authenticator = $pluginhost->get_plugin($_SESSION["auth_module"]); } else { $authenticator = false; } if ($authenticator && method_exists($authenticator, "change_password")) { print "

" . __("Password") . "

"; $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE id = ".$_SESSION["uid"]." AND pwd_hash = 'SHA1:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8'"); if (db_num_rows($result) != 0) { print format_warning(__("Your password is at default value, please change it."), "default_pass_warning"); } print "
"; print ""; if ($otp_enabled) { print_notice(__("Changing your current password will disable OTP.")); } print ""; print ""; print ""; print ""; print ""; print ""; print ""; print "
".__("Old password")."
".__("New password")."
".__("Confirm password")."
"; print ""; print ""; print "

"; print "

"; if ($_SESSION["auth_module"] == "auth_internal") { print "

" . __("One time passwords / Authenticator") . "

"; if ($otp_enabled) { print_notice(__("One time passwords are currently enabled. Enter your current password below to disable.")); print "
"; print ""; print ""; print ""; print ""; print "
".__("Enter your password")."
"; print ""; print ""; print "

"; print "

"; } else { print "

".__("You will need a compatible Authenticator to use this. Changing your password would automatically disable OTP.") . "

"; print "

".__("Scan the following code by the Authenticator application:")."

"; $csrf_token = $_SESSION["csrf_token"]; print ""; print "
"; print ""; print ""; print ""; print ""; print ""; print ""; print ""; print "
".__("Enter your password")."
"; print " "; print ""; print "
"; print "
"; print "

"; print "

"; } } } global $pluginhost; $pluginhost->run_hooks($pluginhost::HOOK_PREFS_TAB_SECTION, "hook_prefs_tab_section", "prefPrefsAuth"); print "
"; #pane print "
"; print "
"; print ""; print '
'; print '
'; if ($_SESSION["profile"]) { print_notice(__("Some preferences are only available in default profile.")); } if ($_SESSION["profile"]) { initialize_user_prefs($this->link, $_SESSION["uid"], $_SESSION["profile"]); $profile_qpart = "profile = '" . $_SESSION["profile"] . "'"; } else { initialize_user_prefs($this->link, $_SESSION["uid"]); $profile_qpart = "profile IS NULL"; } /* if ($_SESSION["prefs_show_advanced"]) $access_query = "true"; else $access_query = "(access_level = 0 AND section_id != 3)"; */ $access_query = 'true'; $result = db_query($this->link, "SELECT DISTINCT ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name, ttrss_prefs_sections.order_id, section_name,def_value,section_id FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs WHERE type_id = ttrss_prefs_types.id AND $profile_qpart AND section_id = ttrss_prefs_sections.id AND ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND $access_query AND short_desc != '' AND owner_uid = ".$_SESSION["uid"]." ORDER BY ttrss_prefs_sections.order_id,short_desc"); $lnum = 0; $active_section = ""; $listed_boolean_prefs = array(); while ($line = db_fetch_assoc($result)) { if (in_array($line["pref_name"], $prefs_blacklist)) { continue; } if ($_SESSION["profile"] && in_array($line["pref_name"], $profile_blacklist)) { continue; } if ($active_section != $line["section_name"]) { if ($active_section != "") { print ""; } print ""; $active_section = $line["section_name"]; print ""; $lnum = 0; } print ""; $type_name = $line["type_name"]; $pref_name = $line["pref_name"]; $value = $line["value"]; $def_value = $line["def_value"]; $help_text = $line["help_text"]; print ""; print ""; print ""; $lnum++; } print "

".__($active_section)."

"; print ""; if ($help_text) print "
".__($help_text)."
"; print "		"; if ($pref_name == "USER_TIMEZONE") { $timezones = explode("\n", file_get_contents("lib/timezones.txt")); print_select($pref_name, $value, $timezones, 'dojoType="dijit.form.FilteringSelect"'); } else if ($pref_name == "USER_STYLESHEET") { print ""; } else if ($pref_name == "USER_CSS_THEME") { $themes = array_map("basename", glob("themes/*.css")); print_select($pref_name, $value, $themes, 'dojoType="dijit.form.Select"'); } else if ($pref_name == "DEFAULT_ARTICLE_LIMIT") { $limits = array(15, 30, 45, 60); print_select($pref_name, $value, $limits, 'dojoType="dijit.form.Select"'); } else if ($pref_name == "DEFAULT_UPDATE_INTERVAL") { global $update_intervals_nodefault; print_select_hash($pref_name, $value, $update_intervals_nodefault, 'dojoType="dijit.form.Select"'); } else if ($type_name == "bool") { array_push($listed_boolean_prefs, $pref_name); $checked = ($value == "true") ? "checked=\"checked\"" : ""; if ($pref_name == "PURGE_UNREAD_ARTICLES" && FORCE_ARTICLE_PURGE != 0) { $disabled = "disabled=\"1\""; $checked = "checked=\"checked\""; } else { $disabled = ""; } print ""; } else if (array_search($pref_name, array('FRESH_ARTICLE_MAX_AGE', 'DEFAULT_ARTICLE_LIMIT', 'PURGE_OLD_DAYS', 'LONG_DATE_FORMAT', 'SHORT_DATE_FORMAT')) !== false) { $regexp = ($type_name == 'integer') ? 'regexp="^\d*$"' : ''; if ($pref_name == "PURGE_OLD_DAYS" && FORCE_ARTICLE_PURGE != 0) { $disabled = "disabled=\"1\""; $value = FORCE_ARTICLE_PURGE; } else { $disabled = ""; } print ""; } else if ($pref_name == "SSL_CERT_SERIAL") { print ""; $cert_serial = htmlspecialchars(get_ssl_certificate_id()); $has_serial = ($cert_serial) ? "false" : "true"; print " "; print " "; } else if ($pref_name == 'DIGEST_PREFERRED_TIME') { print "
". T_sprintf("Current server time: %s (UTC)", date("H:i")) . "
"; } else { $regexp = ($type_name == 'integer') ? 'regexp="^\d*$"' : ''; print ""; } print "
"; $listed_boolean_prefs = htmlspecialchars(join(",", $listed_boolean_prefs)); print ""; global $pluginhost; $pluginhost->run_hooks($pluginhost::HOOK_PREFS_TAB_SECTION, "hook_prefs_tab_section", "prefPrefsPrefsInside"); print '
'; # inside pane print '
'; print ""; print ""; print " "; print " "; print ""; print " "; /* $checked = $_SESSION["prefs_show_advanced"] ? "checked='1'" : ""; print " "; */ global $pluginhost; $pluginhost->run_hooks($pluginhost::HOOK_PREFS_TAB_SECTION, "hook_prefs_tab_section", "prefPrefsPrefsOutside"); print ""; print '
'; # inner pane print '
'; # border container print "
"; #pane print "
"; print "

".__("Plugins")."

"; print "

" . __("You will need to reload Tiny Tiny RSS for plugin changes to take effect.") . "

"; print_notice(__("Download more plugins at tt-rss.org forums or wiki.")); print "
"; print ""; print ""; print ""; print ""; print ""; print ""; $system_enabled = array_map("trim", explode(",", PLUGINS)); $user_enabled = array_map("trim", explode(",", get_pref($this->link, "_ENABLED_PLUGINS"))); $tmppluginhost = new PluginHost($this->link); $tmppluginhost->load_all($tmppluginhost::KIND_ALL, $_SESSION["uid"]); $tmppluginhost->load_data(true); foreach ($tmppluginhost->get_plugins() as $name => $plugin) { $about = $plugin->about(); if ($about[3] && strpos($name, "example") === FALSE) { if (in_array($name, $system_enabled)) { $checked = "checked='1'"; } else { $checked = ""; } print ""; print ""; print ""; print ""; print ""; print ""; if (count($tmppluginhost->get_all($plugin)) > 0) { if (in_array($name, $system_enabled)) { print ""; } } print ""; } } print ""; print ""; foreach ($tmppluginhost->get_plugins() as $name => $plugin) { $about = $plugin->about(); if (!$about[3] && strpos($name, "example") === FALSE) { if (in_array($name, $system_enabled)) { $checked = "checked='1'"; $disabled = "disabled='1'"; $rowclass = ''; } else if (in_array($name, $user_enabled)) { $checked = "checked='1'"; $disabled = ""; $rowclass = "Selected"; } else { $checked = ""; $disabled = ""; $rowclass = ''; } print ""; print ""; print ""; print ""; print ""; print ""; if (count($tmppluginhost->get_all($plugin)) > 0) { if (in_array($name, $system_enabled) || in_array($name, $user_enabled)) { print ""; } } print ""; } } print "

".__("System plugins")."

  ".__('Plugin')." ".__('Description')." ".__('Version')." ".__('Author')."
$name" . htmlspecialchars($about[1]); if (@$about[4]) { print " — ".__("more info").""; } print "" . htmlspecialchars(sprintf("%.2f", $about[0])) . "" . htmlspecialchars($about[2]) . "".__("Clear data")."

".__("User plugins")."

  ".__('Plugin')." ".__('Description')." ".__('Version')." ".__('Author')."
"; if (@$about[4]) { print " — ".__("more info").""; } print "" . htmlspecialchars(sprintf("%.2f", $about[0])) . "" . htmlspecialchars($about[2]) . "".__("Clear data")."
"; print "

"; print "
"; print "
"; #pane global $pluginhost; $pluginhost->run_hooks($pluginhost::HOOK_PREFS_TAB, "hook_prefs_tab", "prefPrefs"); print "
"; #container } function toggleAdvanced() { $_SESSION["prefs_show_advanced"] = !$_SESSION["prefs_show_advanced"]; } function otpqrcode() { require_once "lib/otphp/vendor/base32.php"; require_once "lib/otphp/lib/otp.php"; require_once "lib/otphp/lib/totp.php"; require_once "lib/phpqrcode/phpqrcode.php"; $result = db_query($this->link, "SELECT login,salt,otp_enabled FROM ttrss_users WHERE id = ".$_SESSION["uid"]); $base32 = new Base32(); $login = db_fetch_result($result, 0, "login"); $otp_enabled = sql_bool_to_bool(db_fetch_result($result, 0, "otp_enabled")); if (!$otp_enabled) { $secret = $base32->encode(sha1(db_fetch_result($result, 0, "salt"))); $topt = new \OTPHP\TOTP($secret); print QRcode::png($topt->provisioning_uri($login)); } } function otpenable() { $password = db_escape_string($this->link, $_REQUEST["password"]); $enable_otp = $_REQUEST["enable_otp"] == "on"; global $pluginhost; $authenticator = $pluginhost->get_plugin($_SESSION["auth_module"]); if ($authenticator->check_password($_SESSION["uid"], $password)) { if ($enable_otp) { db_query($this->link, "UPDATE ttrss_users SET otp_enabled = true WHERE id = " . $_SESSION["uid"]); print "OK"; } } else { print "ERROR: ".__("Incorrect password"); } } function otpdisable() { $password = db_escape_string($this->link, $_REQUEST["password"]); global $pluginhost; $authenticator = $pluginhost->get_plugin($_SESSION["auth_module"]); if ($authenticator->check_password($_SESSION["uid"], $password)) { db_query($this->link, "UPDATE ttrss_users SET otp_enabled = false WHERE id = " . $_SESSION["uid"]); print "OK"; } else { print "ERROR: ".__("Incorrect password"); } } function setplugins() { if (is_array($_REQUEST["plugins"])) $plugins = join(",", $_REQUEST["plugins"]); else $plugins = ""; set_pref($this->link, "_ENABLED_PLUGINS", $plugins); } function clearplugindata() { $name = db_escape_string($this->link, $_REQUEST["name"]); global $pluginhost; $pluginhost->clear_data($pluginhost->get_plugin($name)); } } ?>