index.php 7.3 KB
Newer Older
Andrew Dolgov's avatar
Andrew Dolgov committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14
<?php
	error_reporting(E_ERROR | E_PARSE);

	require_once "../config.php";
	
	require_once "../db.php";
	require_once "../db-prefs.php";
	require_once "../functions.php";

	$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);	

	$session_expire = SESSION_EXPIRE_TIME; //seconds
	$session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid_api" : TTRSS_SESSION_NAME . "_api";

15 16 17 18 19 20
	session_name($session_name);

	if ($_REQUEST["sid"]) {
		session_id($_REQUEST["sid"]);
	}

Andrew Dolgov's avatar
Andrew Dolgov committed
21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
	session_start();

	if (!$link) {
		if (DB_TYPE == "mysql") {
			print mysql_error();
		}
		// PG seems to display its own errors just fine by default.		
		return;
	}

	init_connection($link);

	$op = db_escape_string($_REQUEST["op"]);

//	header("Content-Type: application/json");

	if (!$_SESSION["uid"] && $op != "login" && $op != "isLoggedIn") {
		print json_encode(array("error" => 'NOT_LOGGED_IN'));
		return;
	}

42
	if ($_SESSION["uid"] && $op != "logout" && !get_pref($link, 'ENABLE_API_ACCESS')) {
Andrew Dolgov's avatar
Andrew Dolgov committed
43 44
		print json_encode(array("error" => 'API_DISABLED'));
		return;
45
	} 
Andrew Dolgov's avatar
Andrew Dolgov committed
46 47 48 49 50 51 52 53 54 55

	switch ($op) {
		case "getVersion":
			$rv = array("version" => VERSION);
			print json_encode($rv);
		break;
		case "login":
			$login = db_escape_string($_REQUEST["user"]);
			$password = db_escape_string($_REQUEST["password"]);

56 57 58 59 60 61 62 63
			$result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");

			if (db_num_rows($result) != 0) {
				$uid = db_fetch_result($result, 0, "id");
			} else {
				$uid = 0;
			}

64
			if ($uid && get_pref($link, "ENABLE_API_ACCESS", $uid)) {
65
				if (authenticate_user($link, $login, $password)) {
66
					print json_encode(array("session_id" => session_id()));
67 68 69
				} else {
					print json_encode(array("error" => "LOGIN_ERROR"));
				}
Andrew Dolgov's avatar
Andrew Dolgov committed
70
			} else {
71
				print json_encode(array("error" => "API_DISABLED"));
Andrew Dolgov's avatar
Andrew Dolgov committed
72 73 74 75 76
			}

			break;
		case "logout":
			logout_user();
77
			print json_encode(array("status" => "OK"));
Andrew Dolgov's avatar
Andrew Dolgov committed
78 79 80 81
			break;
		case "isLoggedIn":
			print json_encode(array("status" => $_SESSION["uid"] != ''));
			break;
Andrew Dolgov's avatar
Andrew Dolgov committed
82 83 84 85 86 87 88 89 90
		case "getUnread":
			$feed_id = db_escape_string($_REQUEST["feed_id"]);
			$is_cat = db_escape_string($_REQUEST["is_cat"]);

			if ($feed_id) {
				print json_encode(array("unread" => getFeedUnread($link, $feed_id, $is_cat)));
			} else {
				print json_encode(array("unread" => getGlobalUnread($link)));
			}
91 92 93 94 95
			break;
		case "getCounters":

			/* TODO */

Andrew Dolgov's avatar
Andrew Dolgov committed
96
			break;
Andrew Dolgov's avatar
Andrew Dolgov committed
97 98 99
		case "getFeeds":
			$cat_id = db_escape_string($_REQUEST["cat_id"]);
			$unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
100 101 102
			$limit = (int) db_escape_string($_REQUEST["limit"]);
			$offset = (int) db_escape_string($_REQUEST["offset"]);

103
			$feeds = api_get_feeds($link, $cat_id, $unread_only, $limit, $offset);
104

Andrew Dolgov's avatar
Andrew Dolgov committed
105 106 107 108
			print json_encode($feeds);

			break;
		case "getCategories":
Andrew Dolgov's avatar
Andrew Dolgov committed
109 110
			$unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);

Andrew Dolgov's avatar
Andrew Dolgov committed
111 112 113 114 115 116 117 118 119
			$result = db_query($link, "SELECT 
					id, title FROM ttrss_feed_categories 
				WHERE owner_uid = " . 
				$_SESSION["uid"]);

			$cats = array();

			while ($line = db_fetch_assoc($result)) {
				$unread = getFeedUnread($link, $line["id"], true);
Andrew Dolgov's avatar
Andrew Dolgov committed
120 121

				if ($unread || !$unread_only) {
122 123 124
					array_push($cats, array("id" => $line["id"],
						"title" => $line["title"], 
						"unread" => $unread));
Andrew Dolgov's avatar
Andrew Dolgov committed
125
				}
Andrew Dolgov's avatar
Andrew Dolgov committed
126 127 128 129 130 131 132
			}

			print json_encode($cats);
			break;
		case "getHeadlines":
			$feed_id = db_escape_string($_REQUEST["feed_id"]);
			$limit = (int)db_escape_string($_REQUEST["limit"]);
133
			$offset = (int)db_escape_string($_REQUEST["skip"]);
Andrew Dolgov's avatar
Andrew Dolgov committed
134 135
			$filter = db_escape_string($_REQUEST["filter"]);
			$is_cat = (bool)db_escape_string($_REQUEST["is_cat"]);
136 137
			$show_excerpt = (bool)db_escape_string($_REQUEST["show_excerpt"]);
			$show_content = (bool)db_escape_string($_REQUEST["show_content"]);
138 139
			/* all_articles, unread, adaptive, marked, updated */
			$view_mode = db_escape_string($_REQUEST["view_mode"]);
Andrew Dolgov's avatar
Andrew Dolgov committed
140

141 142
			$headlines = api_get_headlines($link, $feed_id, $limit, $offset,
				$filter, $is_cat, $show_excerpt, $show_content, $view_mode, false);
Andrew Dolgov's avatar
Andrew Dolgov committed
143 144 145

			print json_encode($headlines);

Andrew Dolgov's avatar
Andrew Dolgov committed
146
			break;
Andrew Dolgov's avatar
Andrew Dolgov committed
147
		case "updateArticle":
148
			$article_ids = split(",", db_escape_string($_REQUEST["article_ids"]));
Andrew Dolgov's avatar
Andrew Dolgov committed
149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178
			$mode = (int) db_escape_string($_REQUEST["mode"]);
			$field_raw = (int)db_escape_string($_REQUEST["field"]);

			$field = "";
			$set_to = "";

			switch ($field_raw) {
				case 0:
					$field = "marked";
					break;
				case 1:
					$field = "published";
					break;
				case 2:
					$field = "unread";
					break;
			};

			switch ($mode) {
				case 1:
					$set_to = "true";
					break;
				case 0:
					$set_to = "false";
					break;
				case 2:
					$set_to = "NOT $field";
					break;
			}

179 180 181 182
			if ($field && $set_to && count($article_ids) > 0) {

				$article_ids = join(", ", $article_ids);

Andrew Dolgov's avatar
Andrew Dolgov committed
183 184 185
				if ($field == "unread") {
					$result = db_query($link, "UPDATE ttrss_user_entries SET $field = $set_to,
						last_read = NOW()
186
						WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
Andrew Dolgov's avatar
Andrew Dolgov committed
187 188
				} else {
					$result = db_query($link, "UPDATE ttrss_user_entries SET $field = $set_to
189
						WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
Andrew Dolgov's avatar
Andrew Dolgov committed
190 191 192 193 194
				}
			}

			break;

Andrew Dolgov's avatar
Andrew Dolgov committed
195 196
		case "getArticle":

197
			$article_id = db_escape_string($_REQUEST["article_id"]);
Andrew Dolgov's avatar
Andrew Dolgov committed
198

199
			$query = "SELECT id,title,link,content,feed_id,comments,int_id,
Andrew Dolgov's avatar
Andrew Dolgov committed
200
				marked,unread,published,
Andrew Dolgov's avatar
Andrew Dolgov committed
201 202 203
				".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
				author
				FROM ttrss_entries,ttrss_user_entries
204
				WHERE	id IN ($article_id) AND ref_id = id AND owner_uid = " . 
Andrew Dolgov's avatar
Andrew Dolgov committed
205 206 207
					$_SESSION["uid"] ;

			$result = db_query($link, $query);
208
		
Andrew Dolgov's avatar
Andrew Dolgov committed
209 210
			if (db_num_rows($result) != 0) {

211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233
				while ($line = db_fetch_assoc($result)) {

					$attachments = get_article_enclosures($link, $line['id']);

					$article = array(
						"id" => $line["id"],
						"title" => $line["title"],
						"link" => $line["link"],
						"labels" => get_article_labels($link, $line['id']),
						"unread" => sql_bool_to_bool($line["unread"]),
						"marked" => sql_bool_to_bool($line["marked"]),
						"published" => sql_bool_to_bool($line["published"]),
						"comments" => $line["comments"],
						"author" => $line["author"],
						"updated" => strtotime($line["updated"]),
						"content" => $line["content"],
						"feed_id" => $line["feed_id"],
						"attachments" => $attachments
					);

					print json_encode($article);
				}
			}
Andrew Dolgov's avatar
Andrew Dolgov committed
234

Andrew Dolgov's avatar
Andrew Dolgov committed
235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253
			break;
		case "getConfig":
			$config = array(
				"icons_dir" => ICONS_DIR,
				"icons_url" => ICONS_URL);

			if (ENABLE_UPDATE_DAEMON) {
				$config["daemon_is_running"] = file_is_locked("update_daemon.lock");
			}

			$result = db_query($link, "SELECT COUNT(*) AS cf FROM
				ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]);

			$num_feeds = db_fetch_result($result, 0, "cf");

			$config["num_feeds"] = (int)$num_feeds;
	
			print json_encode($config);

Andrew Dolgov's avatar
Andrew Dolgov committed
254
			break;
Andrew Dolgov's avatar
Andrew Dolgov committed
255

Andrew Dolgov's avatar
Andrew Dolgov committed
256 257 258
		case "updateFeed":
			$feed_id = db_escape_string($_REQUEST["feed_id"]);

259
			update_rss_feed($link, $feed_id, true);
Andrew Dolgov's avatar
Andrew Dolgov committed
260

Andrew Dolgov's avatar
Andrew Dolgov committed
261 262
			print json_encode(array("status" => "OK"));

Andrew Dolgov's avatar
Andrew Dolgov committed
263 264
			break;

Andrew Dolgov's avatar
Andrew Dolgov committed
265 266 267 268
		case "catchupFeed":
			$feed_id = db_escape_string($_REQUEST["feed_id"]);
			$is_cat = db_escape_string($_REQUEST["category"]);

Andrew Dolgov's avatar
Andrew Dolgov committed
269
			catchup_feed($link, $feed_id, $is_cat);
Andrew Dolgov's avatar
Andrew Dolgov committed
270 271 272 273 274

			print json_encode(array("status" => "OK"));

			break;

Andrew Dolgov's avatar
Andrew Dolgov committed
275 276 277
		case "getPref":
			$pref_name = db_escape_string($_REQUEST["pref_name"]);
			print json_encode(array("value" => get_pref($link, $pref_name)));
Andrew Dolgov's avatar
Andrew Dolgov committed
278
			break;
279 280 281 282 283

		default:
			print json_encode(array("error" => 'UNKNOWN_METHOD'));
			break;

Andrew Dolgov's avatar
Andrew Dolgov committed
284 285 286 287 288
	}

	db_close($link);
	
?>