summaryrefslogtreecommitdiff
path: root/classes/pref
diff options
context:
space:
mode:
Diffstat (limited to 'classes/pref')
-rwxr-xr-xclasses/pref/feeds.php50
-rwxr-xr-xclasses/pref/filters.php12
-rw-r--r--classes/pref/labels.php2
-rw-r--r--classes/pref/prefs.php12
-rw-r--r--classes/pref/system.php174
-rw-r--r--classes/pref/users.php23
6 files changed, 155 insertions, 118 deletions
diff --git a/classes/pref/feeds.php b/classes/pref/feeds.php
index 88c5b7f0e..474f1e1db 100755
--- a/classes/pref/feeds.php
+++ b/classes/pref/feeds.php
@@ -42,14 +42,14 @@ class Pref_Feeds extends Handler_Protected {
private function get_category_items($cat_id) {
- if (clean($_REQUEST['mode']) != 2)
- $search = $_SESSION["prefs_feed_search"];
+ if (clean($_REQUEST['mode'] ?? 0) != 2)
+ $search = $_SESSION["prefs_feed_search"] ?? "";
else
$search = "";
// first one is set by API
- $show_empty_cats = clean($_REQUEST['force_show_empty']) ||
- (clean($_REQUEST['mode']) != 2 && !$search);
+ $show_empty_cats = clean($_REQUEST['force_show_empty'] ?? false) ||
+ (clean($_REQUEST['mode'] ?? 0) != 2 && !$search);
$items = array();
@@ -117,8 +117,8 @@ class Pref_Feeds extends Handler_Protected {
function makefeedtree() {
- if (clean($_REQUEST['mode']) != 2)
- $search = $_SESSION["prefs_feed_search"];
+ if (clean($_REQUEST['mode'] ?? 0) != 2)
+ $search = $_SESSION["prefs_feed_search"] ?? "";
else
$search = "";
@@ -131,7 +131,7 @@ class Pref_Feeds extends Handler_Protected {
$enable_cats = get_pref('ENABLE_FEED_CATS');
- if (clean($_REQUEST['mode']) == 2) {
+ if (clean($_REQUEST['mode'] ?? 0) == 2) {
if ($enable_cats) {
$cat = $this->feedlist_init_cat(-1);
@@ -208,8 +208,8 @@ class Pref_Feeds extends Handler_Protected {
}
if ($enable_cats) {
- $show_empty_cats = clean($_REQUEST['force_show_empty']) ||
- (clean($_REQUEST['mode']) != 2 && !$search);
+ $show_empty_cats = clean($_REQUEST['force_show_empty'] ?? false) ||
+ (clean($_REQUEST['mode'] ?? 0) != 2 && !$search);
$sth = $this->pdo->prepare("SELECT id, title FROM ttrss_feed_categories
WHERE owner_uid = ? AND parent_cat IS NULL ORDER BY order_id, title");
@@ -320,7 +320,7 @@ class Pref_Feeds extends Handler_Protected {
$fl['identifier'] = 'id';
$fl['label'] = 'name';
- if (clean($_REQUEST['mode']) != 2) {
+ if (clean($_REQUEST['mode'] ?? 0) != 2) {
$fl['items'] = array($root);
} else {
$fl['items'] = $root['items'];
@@ -551,11 +551,9 @@ class Pref_Feeds extends Handler_Protected {
regExp='^(http|https)://.*' style='width : 300px'
name='feed_url' value=\"$feed_url\">";
- $last_error = $row["last_error"];
-
- if ($last_error) {
+ if (!empty($row["last_error"])) {
print "&nbsp;<i class=\"material-icons\"
- title=\"".htmlspecialchars($last_error)."\">error</i>";
+ title=\"".htmlspecialchars($row["last_error"])."\">error</i>";
}
print "</fieldset>";
@@ -996,16 +994,16 @@ class Pref_Feeds extends Handler_Protected {
function editsaveops($batch) {
- $feed_title = trim(clean($_POST["title"]));
- $feed_url = trim(clean($_POST["feed_url"]));
- $site_url = trim(clean($_POST["site_url"]));
+ $feed_title = clean($_POST["title"]);
+ $feed_url = clean($_POST["feed_url"]);
+ $site_url = clean($_POST["site_url"]);
$upd_intl = (int) clean($_POST["update_interval"]);
$purge_intl = (int) clean($_POST["purge_interval"]);
$feed_id = (int) clean($_POST["id"]); /* editSave */
$feed_ids = explode(",", clean($_POST["ids"])); /* batchEditSave */
$cat_id = (int) clean($_POST["cat_id"]);
- $auth_login = trim(clean($_POST["auth_login"]));
- $auth_pass = trim(clean($_POST["auth_pass"]));
+ $auth_login = clean($_POST["auth_login"]);
+ $auth_pass = clean($_POST["auth_pass"]);
$private = checkbox_to_sql_bool(clean($_POST["private"]));
$include_in_digest = checkbox_to_sql_bool(
clean($_POST["include_in_digest"]));
@@ -1019,7 +1017,7 @@ class Pref_Feeds extends Handler_Protected {
$mark_unread_on_update = checkbox_to_sql_bool(
clean($_POST["mark_unread_on_update"]));
- $feed_language = trim(clean($_POST["feed_language"]));
+ $feed_language = clean($_POST["feed_language"]);
if (!$batch) {
if (clean($_POST["need_auth"]) !== 'on') {
@@ -1193,7 +1191,7 @@ class Pref_Feeds extends Handler_Protected {
}
function addCat() {
- $feed_cat = trim(clean($_REQUEST["cat"]));
+ $feed_cat = clean($_REQUEST["cat"]);
Feeds::add_feed_category($feed_cat);
}
@@ -1228,12 +1226,12 @@ class Pref_Feeds extends Handler_Protected {
onclick=\"dijit.byId('feedTree').showInactiveFeeds()\">" .
__("Inactive feeds") . "</button>";
- $feed_search = clean($_REQUEST["search"]);
+ $feed_search = clean($_REQUEST["search"] ?? "");
if (array_key_exists("search", $_REQUEST)) {
$_SESSION["prefs_feed_search"] = $feed_search;
} else {
- $feed_search = $_SESSION["prefs_feed_search"];
+ $feed_search = $_SESSION["prefs_feed_search"] ?? "";
}
print '<div dojoType="dijit.layout.BorderContainer" gutters="false">';
@@ -1689,7 +1687,7 @@ class Pref_Feeds extends Handler_Protected {
$cat_id = clean($_REQUEST['cat']);
$feeds = explode("\n", clean($_REQUEST['feeds']));
$login = clean($_REQUEST['login']);
- $pass = trim(clean($_REQUEST['pass']));
+ $pass = clean($_REQUEST['pass']);
$csth = $this->pdo->prepare("SELECT id FROM ttrss_feeds
WHERE feed_url = ? AND owner_uid = ?");
@@ -1756,8 +1754,8 @@ class Pref_Feeds extends Handler_Protected {
private function calculate_children_count($cat) {
$c = 0;
- foreach ($cat['items'] as $child) {
- if ($child['type'] == 'category') {
+ foreach ($cat['items'] ?? [] as $child) {
+ if ($child['type'] ?? '' == 'category') {
$c += $this->calculate_children_count($child);
} else {
$c += 1;
diff --git a/classes/pref/filters.php b/classes/pref/filters.php
index 70b7d0326..993b35c11 100755
--- a/classes/pref/filters.php
+++ b/classes/pref/filters.php
@@ -241,7 +241,7 @@ class Pref_Filters extends Handler_Protected {
$root['enabled'] = true;
$root['items'] = array();
- $filter_search = $_SESSION["prefs_filter_search"];
+ $filter_search = ($_SESSION["prefs_filter_search"] ?? "");
$sth = $this->pdo->prepare("SELECT *,
(SELECT action_param FROM ttrss_filters2_actions
@@ -599,9 +599,9 @@ class Pref_Filters extends Handler_Protected {
function editSave() {
$filter_id = clean($_REQUEST["id"]);
- $enabled = checkbox_to_sql_bool(clean($_REQUEST["enabled"]));
+ $enabled = checkbox_to_sql_bool(clean($_REQUEST["enabled"] ?? false));
$match_any_rule = checkbox_to_sql_bool(clean($_REQUEST["match_any_rule"]));
- $inverse = checkbox_to_sql_bool(clean($_REQUEST["inverse"]));
+ $inverse = checkbox_to_sql_bool(clean($_REQUEST["inverse"] ?? false));
$title = clean($_REQUEST["title"]);
$this->pdo->beginTransaction();
@@ -638,8 +638,8 @@ class Pref_Filters extends Handler_Protected {
$sth = $this->pdo->prepare("DELETE FROM ttrss_filters2_actions WHERE filter_id = ?");
$sth->execute([$filter_id]);
- if (!is_array(clean($_REQUEST["rule"]))) $_REQUEST["rule"] = [];
- if (!is_array(clean($_REQUEST["action"]))) $_REQUEST["action"] = [];
+ if (!is_array(clean($_REQUEST["rule"] ?? ""))) $_REQUEST["rule"] = [];
+ if (!is_array(clean($_REQUEST["action"] ?? ""))) $_REQUEST["action"] = [];
if ($filter_id) {
/* create rules */
@@ -740,7 +740,7 @@ class Pref_Filters extends Handler_Protected {
$filter_search = clean($_REQUEST["search"]);
$_SESSION["prefs_filter_search"] = $filter_search;
} else {
- $filter_search = $_SESSION["prefs_filter_search"];
+ $filter_search = ($_SESSION["prefs_filter_search"] ?? "");
}
print "<div dojoType='dijit.layout.BorderContainer' gutters='false'>";
diff --git a/classes/pref/labels.php b/classes/pref/labels.php
index ec9667441..b4d1236b2 100644
--- a/classes/pref/labels.php
+++ b/classes/pref/labels.php
@@ -166,7 +166,7 @@ class Pref_Labels extends Handler_Protected {
function save() {
$id = clean($_REQUEST["id"]);
- $caption = trim(clean($_REQUEST["caption"]));
+ $caption = clean($_REQUEST["caption"]);
$this->pdo->beginTransaction();
diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php
index 55a15efb8..907c639b3 100644
--- a/classes/pref/prefs.php
+++ b/classes/pref/prefs.php
@@ -321,7 +321,7 @@ class Pref_Prefs extends Handler_Protected {
print "<input dojoType='dijit.form.ValidationTextBox' name='email' required='1' value='$email'>";
print "</fieldset>";
- if (!SINGLE_USER_MODE && !$_SESSION["hide_hello"]) {
+ if (!SINGLE_USER_MODE && !empty($_SESSION["hide_hello"])) {
$access_level = $row["access_level"];
print "<fieldset>";
@@ -595,7 +595,7 @@ class Pref_Prefs extends Handler_Protected {
print '<div dojoType="dijit.layout.ContentPane" region="center" style="overflow-y : auto">';
- $profile = $_SESSION["profile"];
+ $profile = $_SESSION["profile"] ?? null;
if ($profile) {
print_notice(__("Some preferences are only available in default profile."));
@@ -916,7 +916,7 @@ class Pref_Prefs extends Handler_Protected {
foreach ($tmppluginhost->get_plugins() as $name => $plugin) {
$about = $plugin->about();
- if ($about[3]) {
+ if ($about[3] ?? false) {
if (in_array($name, $system_enabled)) {
$checked = "checked='1'";
} else {
@@ -930,7 +930,7 @@ class Pref_Prefs extends Handler_Protected {
dojoType='dijit.form.CheckBox' $checked type='checkbox'>
".htmlspecialchars($about[1]). "</label>";
- if (@$about[4]) {
+ if ($about[4] ?? false) {
print "<button dojoType='dijit.form.Button' class='alt-info'
onclick='window.open(\"".htmlspecialchars($about[4])."\")'>
<i class='material-icons'>open_in_new</i> ".__("More info...")."</button>";
@@ -950,7 +950,7 @@ class Pref_Prefs extends Handler_Protected {
foreach ($tmppluginhost->get_plugins() as $name => $plugin) {
$about = $plugin->about();
- if (!$about[3]) {
+ if ($about[3] ?? true) {
$checked = "";
$disabled = "";
@@ -976,7 +976,7 @@ class Pref_Prefs extends Handler_Protected {
}
}
- if (@$about[4]) {
+ if ($about[4] ?? false) {
print " <button dojoType='dijit.form.Button' class='alt-info'
onclick='window.open(\"".htmlspecialchars($about[4])."\")'>
<i class='material-icons'>open_in_new</i> ".__("More info...")."</button>";
diff --git a/classes/pref/system.php b/classes/pref/system.php
index 89052c6e3..33a567df5 100644
--- a/classes/pref/system.php
+++ b/classes/pref/system.php
@@ -2,6 +2,8 @@
class Pref_System extends Handler_Protected {
+ private $log_page_limit = 15;
+
function before($method) {
if (parent::before($method)) {
if ($_SESSION["access_level"] < 10) {
@@ -23,101 +25,135 @@ class Pref_System extends Handler_Protected {
$this->pdo->query("DELETE FROM ttrss_error_log");
}
- function index() {
+ private function log_viewer(int $page, int $severity) {
+ $errno_values = [];
- $severity = isset($_REQUEST["severity"]) ? (int) clean($_REQUEST["severity"]) : E_USER_WARNING;
+ switch ($severity) {
+ case E_USER_ERROR:
+ $errno_values = [ E_ERROR, E_USER_ERROR, E_PARSE ];
+ break;
+ case E_USER_WARNING:
+ $errno_values = [ E_ERROR, E_USER_ERROR, E_PARSE, E_WARNING, E_USER_WARNING, E_DEPRECATED, E_USER_DEPRECATED ];
+ break;
+ }
- print "<div dojoType='dijit.layout.AccordionContainer' region='center'>";
- print "<div dojoType='dijit.layout.AccordionPane' style='padding : 0'
- title='<i class=\"material-icons\">report</i> ".__('Event Log')."'>";
+ if (count($errno_values) > 0) {
+ $errno_qmarks = arr_qmarks($errno_values);
+ $errno_filter_qpart = "errno IN ($errno_qmarks)";
+ } else {
+ $errno_filter_qpart = "true";
+ }
- if (LOG_DESTINATION == "sql") {
+ $limit = $this->log_page_limit;
+ $offset = $limit * $page;
- print "<div dojoType='dijit.layout.BorderContainer' gutters='false'>";
+ $sth = $this->pdo->prepare("SELECT
+ COUNT(id) AS total_pages
+ FROM
+ ttrss_error_log
+ WHERE
+ $errno_filter_qpart");
- print "<div region='top' dojoType='fox.Toolbar'>";
+ $sth->execute($errno_values);
- print "<button dojoType='dijit.form.Button'
- onclick='Helpers.updateEventLog()'>".__('Refresh')."</button>";
+ if ($res = $sth->fetch()) {
+ $total_pages = (int)($res["total_pages"] / $limit);
+ } else {
+ $total_pages = 0;
+ }
- print "<button dojoType='dijit.form.Button'
- onclick='Helpers.clearEventLog()'>".__('Clear')."</button>";
+ print "<div dojoType='dijit.layout.BorderContainer' gutters='false'>";
- print "<div class='pull-right'>";
+ print "<div region='top' dojoType='fox.Toolbar'>";
- print __("Severity:") . " ";
- print_select_hash("severity", $severity,
- [
- E_USER_ERROR => __("Errors"),
- E_USER_WARNING => __("Warnings"),
- E_USER_NOTICE => __("Everything")
- ], 'dojoType="fox.form.Select" onchange="Helpers.updateEventLog()"');
+ print "<button dojoType='dijit.form.Button'
+ onclick='Helpers.EventLog.refresh()'>".__('Refresh')."</button>";
- print "</div>"; # pull-right
+ print "<button dojoType='dijit.form.Button'
+ onclick='Helpers.EventLog.prevPage()'>".__('&lt;&lt;')."</button>";
- print "</div>"; # toolbar
+ print "<button dojoType='dijit.form.Button' disabled>".T_sprintf('Page %d of %d', $page+1, $total_pages+1)."</button>";
- print '<div style="padding : 0px" dojoType="dijit.layout.ContentPane" region="center">';
+ $next_page_disabled = $page >= $total_pages ? "disabled" : "";
- print "<table width='100%' cellspacing='10' class='prefErrorLog'>";
+ print "<button dojoType='dijit.form.Button' $next_page_disabled
+ onclick='Helpers.EventLog.nextPage()'>".__('&gt;&gt;')."</button>";
- print "<tr class='title'>
- <td width='5%'>".__("Error")."</td>
- <td>".__("Filename")."</td>
- <td>".__("Message")."</td>
- <td width='5%'>".__("User")."</td>
- <td width='5%'>".__("Date")."</td>
- </tr>";
+ print "<button dojoType='dijit.form.Button'
+ onclick='Helpers.EventLog.clear()'>".__('Clear')."</button>";
- $errno_values = [];
+ print "<div class='pull-right'>";
- switch ($severity) {
- case E_USER_ERROR:
- $errno_values = [ E_ERROR, E_USER_ERROR, E_PARSE ];
- break;
- case E_USER_WARNING:
- $errno_values = [ E_ERROR, E_USER_ERROR, E_PARSE, E_WARNING, E_USER_WARNING, E_DEPRECATED, E_USER_DEPRECATED ];
- break;
- }
+ print __("Severity:") . " ";
+ print_select_hash("severity", $severity,
+ [
+ E_USER_ERROR => __("Errors"),
+ E_USER_WARNING => __("Warnings"),
+ E_USER_NOTICE => __("Everything")
+ ], 'dojoType="fox.form.Select" onchange="Helpers.EventLog.refresh()"');
- if (count($errno_values) > 0) {
- $errno_qmarks = arr_qmarks($errno_values);
- $errno_filter_qpart = "errno IN ($errno_qmarks)";
- } else {
- $errno_filter_qpart = "true";
- }
+ print "</div>"; # pull-right
+
+ print "</div>"; # toolbar
- $sth = $this->pdo->prepare("SELECT
- errno, errstr, filename, lineno, created_at, login, context
- FROM
- ttrss_error_log LEFT JOIN ttrss_users ON (owner_uid = ttrss_users.id)
- WHERE
- $errno_filter_qpart
- ORDER BY
- ttrss_error_log.id DESC
- LIMIT 100");
+ print '<div style="padding : 0px" dojoType="dijit.layout.ContentPane" region="center">';
- $sth->execute($errno_values);
+ print "<table width='100%' class='event-log'>";
- while ($line = $sth->fetch()) {
- print "<tr>";
+ print "<tr class='title'>
+ <td width='5%'>".__("Error")."</td>
+ <td>".__("Filename")."</td>
+ <td>".__("Message")."</td>
+ <td width='5%'>".__("User")."</td>
+ <td width='5%'>".__("Date")."</td>
+ </tr>";
- foreach ($line as $k => $v) {
- $line[$k] = htmlspecialchars($v);
- }
+ $sth = $this->pdo->prepare("SELECT
+ errno, errstr, filename, lineno, created_at, login, context
+ FROM
+ ttrss_error_log LEFT JOIN ttrss_users ON (owner_uid = ttrss_users.id)
+ WHERE
+ $errno_filter_qpart
+ ORDER BY
+ ttrss_error_log.id DESC
+ LIMIT $limit OFFSET $offset");
- print "<td class='errno'>" . Logger::$errornames[$line["errno"]] . " (" . $line["errno"] . ")</td>";
- print "<td class='filename'>" . $line["filename"] . ":" . $line["lineno"] . "</td>";
- print "<td class='errstr'>" . $line["errstr"] . "<hr/>" . nl2br($line["context"]) . "</td>";
- print "<td class='login'>" . $line["login"] . "</td>";
+ $sth->execute($errno_values);
- print "<td class='timestamp'>" .
- TimeHelper::make_local_datetime($line["created_at"], false) . "</td>";
+ while ($line = $sth->fetch()) {
+ print "<tr>";
- print "</tr>";
+ foreach ($line as $k => $v) {
+ $line[$k] = htmlspecialchars($v);
}
- print "</table>";
+ print "<td class='errno'>" . Logger::$errornames[$line["errno"]] . " (" . $line["errno"] . ")</td>";
+ print "<td class='filename'>" . $line["filename"] . ":" . $line["lineno"] . "</td>";
+ print "<td class='errstr'>" . $line["errstr"] . "\n" . $line["context"] . "</td>";
+ print "<td class='login'>" . $line["login"] . "</td>";
+
+ print "<td class='timestamp'>" .
+ TimeHelper::make_local_datetime($line["created_at"], false) . "</td>";
+
+ print "</tr>";
+ }
+
+ print "</table>";
+ }
+
+ function index() {
+
+ $severity = (int) ($_REQUEST["severity"] ?? E_USER_WARNING);
+ $page = (int) ($_REQUEST["page"] ?? 0);
+
+ print "<div dojoType='dijit.layout.AccordionContainer' region='center'>";
+ print "<div dojoType='dijit.layout.AccordionPane' style='padding : 0'
+ title='<i class=\"material-icons\">report</i> ".__('Event Log')."'>";
+
+ if (LOG_DESTINATION == "sql") {
+
+ $this->log_viewer($page, $severity);
+
} else {
print_notice("Please set LOG_DESTINATION to 'sql' in config.php to enable database logging.");
}
diff --git a/classes/pref/users.php b/classes/pref/users.php
index 5ec7aa2e6..4d804b8de 100644
--- a/classes/pref/users.php
+++ b/classes/pref/users.php
@@ -191,10 +191,10 @@ class Pref_Users extends Handler_Protected {
}
function editSave() {
- $login = trim(clean($_REQUEST["login"]));
+ $login = clean($_REQUEST["login"]);
$uid = clean($_REQUEST["id"]);
$access_level = (int) clean($_REQUEST["access_level"]);
- $email = trim(clean($_REQUEST["email"]));
+ $email = clean($_REQUEST["email"]);
$password = clean($_REQUEST["password"]);
if ($password) {
@@ -230,7 +230,7 @@ class Pref_Users extends Handler_Protected {
}
function add() {
- $login = trim(clean($_REQUEST["login"]));
+ $login = clean($_REQUEST["login"]);
$tmp_user_pwd = make_password();
$salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
$pwd_hash = encrypt_password($tmp_user_pwd, $salt, true);
@@ -315,12 +315,12 @@ class Pref_Users extends Handler_Protected {
print "<div style='padding : 0px' dojoType='dijit.layout.ContentPane' region='top'>";
print "<div dojoType='fox.Toolbar'>";
- $user_search = trim(clean($_REQUEST["search"]));
+ $user_search = clean($_REQUEST["search"] ?? "");
if (array_key_exists("search", $_REQUEST)) {
$_SESSION["prefs_user_search"] = $user_search;
} else {
- $user_search = $_SESSION["prefs_user_search"];
+ $user_search = ($_SESSION["prefs_user_search"] ?? "");
}
print "<div style='float : right; padding-right : 4px;'>
@@ -330,7 +330,7 @@ class Pref_Users extends Handler_Protected {
__('Search')."</button>
</div>";
- $sort = clean($_REQUEST["sort"]);
+ $sort = clean($_REQUEST["sort"] ?? "");
if (!$sort || $sort == "undefined") {
$sort = "login";
@@ -339,9 +339,9 @@ class Pref_Users extends Handler_Protected {
print "<div dojoType='fox.form.DropDownButton'>".
"<span>" . __('Select')."</span>";
print "<div dojoType='dijit.Menu' style='display: none'>";
- print "<div onclick=\"Tables.select('prefUserList', true)\"
+ print "<div onclick=\"Tables.select('users-list', true)\"
dojoType='dijit.MenuItem'>".__('All')."</div>";
- print "<div onclick=\"Tables.select('prefUserList', false)\"
+ print "<div onclick=\"Tables.select('users-list', false)\"
dojoType='dijit.MenuItem'>".__('None')."</div>";
print "</div></div>";
@@ -380,7 +380,7 @@ class Pref_Users extends Handler_Protected {
ORDER BY $sort");
$sth->execute([":search" => $user_search ? "%$user_search%" : ""]);
- print "<p><table width='100%' cellspacing='0' class='prefUserList' id='prefUserList'>";
+ print "<table width='100%' class='users-list' id='users-list'>";
print "<tr class='title'>
<td align='center' width='5%'>&nbsp;</td>
@@ -457,9 +457,12 @@ class Pref_Users extends Handler_Protected {
}
static function logout_user() {
- @session_destroy();
+ if (session_status() === PHP_SESSION_ACTIVE)
+ session_destroy();
+
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-42000, '/');
+
}
session_commit();
}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-11-15 09:30:33 +0000