diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/feedbrowser.php | 106 | ||||
| -rwxr-xr-x | include/functions.php | 53 | ||||
| -rwxr-xr-x | include/login_form.php | 3 | ||||
| -rwxr-xr-x | include/sanity_check.php | 7 |
4 files changed, 41 insertions, 128 deletions
diff --git a/include/feedbrowser.php b/include/feedbrowser.php deleted file mode 100644 index 77ae9d649..000000000 --- a/include/feedbrowser.php +++ /dev/null @@ -1,106 +0,0 @@ -<?php - function make_feed_browser($search, $limit, $mode = 1) { - - if (defined('_DISABLE_FEED_BROWSER') && _DISABLE_FEED_BROWSER) return; - - $rv = ''; - - $pdo = Db::pdo(); - - if ($search) { - $search = $pdo->quote($search); - - $search_qpart = "AND (UPPER(feed_url) LIKE UPPER('%$search%') OR - UPPER(title) LIKE UPPER('%$search%'))"; - } else { - $search_qpart = ""; - } - - if ($mode == 1) { - $sth = $pdo->prepare("SELECT feed_url, site_url, title, SUM(subscribers) AS subscribers FROM - (SELECT feed_url, site_url, title, subscribers FROM ttrss_feedbrowser_cache UNION ALL - SELECT feed_url, site_url, title, subscribers FROM ttrss_linked_feeds) AS qqq - WHERE - (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf - WHERE tf.feed_url = qqq.feed_url - AND owner_uid = ?) $search_qpart - GROUP BY feed_url, site_url, title ORDER BY subscribers DESC LIMIT " . (int)$limit); - $sth->execute([$_SESSION['uid']]); - - } else if ($mode == 2) { - $sth = $pdo->prepare("SELECT *, - (SELECT COUNT(*) FROM ttrss_user_entries WHERE - orig_feed_id = ttrss_archived_feeds.id) AS articles_archived - FROM - ttrss_archived_feeds - WHERE - (SELECT COUNT(*) FROM ttrss_feeds - WHERE ttrss_feeds.feed_url = ttrss_archived_feeds.feed_url AND - owner_uid = :uid) = 0 AND - owner_uid = :uid $search_qpart - ORDER BY id DESC LIMIT " . (int)$limit); - - $sth->execute([":uid" => $_SESSION['uid']]); - } - - $feedctr = 0; - - while ($line = $sth->fetch()) { - - if ($mode == 1) { - - $feed_url = htmlspecialchars($line["feed_url"]); - $site_url = htmlspecialchars($line["site_url"]); - $subscribers = $line["subscribers"]; - - $check_box = "<input onclick='Lists.onRowChecked(this)' - dojoType=\"dijit.form.CheckBox\" - type=\"checkbox\" \">"; - - $site_url = "<a target=\"_blank\" rel=\"noopener noreferrer\" - href=\"$site_url\"> - <span class=\"fb_feedTitle\">". - htmlspecialchars($line["title"])."</span></a>"; - - $feed_url = "<a target=\"_blank\" rel=\"noopener noreferrer\" class=\"fb_feedUrl\" - href=\"$feed_url\"><i class='icon-syndicate material-icons'>rss_feed</i></a>"; - - $rv .= "<li>$check_box $feed_url $site_url". - " <span class='subscribers'>($subscribers)</span></li>"; - - } else if ($mode == 2) { - $feed_url = htmlspecialchars($line["feed_url"]); - $site_url = htmlspecialchars($line["site_url"]); - - $check_box = "<input onclick='Lists.onRowChecked(this)' dojoType=\"dijit.form.CheckBox\" - type=\"checkbox\">"; - - if ($line['articles_archived'] > 0) { - $archived = sprintf(_ngettext("%d archived article", "%d archived articles", (int) $line['articles_archived']), $line['articles_archived']); - $archived = " <span class='subscribers'>($archived)</span>"; - } else { - $archived = ''; - } - - $site_url = "<a target=\"_blank\" rel=\"noopener noreferrer\" - href=\"$site_url\"> - <span class=\"fb_feedTitle\">". - htmlspecialchars($line["title"])."</span></a>"; - - $feed_url = "<a target=\"_blank\" rel=\"noopener noreferrer\" class=\"fb_feedUrl\" - href=\"$feed_url\"><i class='icon-syndicate material-icons'>rss_feed</i></a>"; - - - $rv .= "<li id=\"FBROW-".$line["id"]."\">". - "$check_box $feed_url $site_url $archived</li>"; - } - - ++$feedctr; - } - - if ($feedctr == 0) { - $rv .= "<li style=\"text-align : center\"><p>".__('No feeds found.')."</p></li>"; - } - - return $rv; - } diff --git a/include/functions.php b/include/functions.php index a1aeb7135..2ab43e0b6 100755 --- a/include/functions.php +++ b/include/functions.php @@ -1,6 +1,6 @@ <?php define('EXPECTED_CONFIG_VERSION', 26); - define('SCHEMA_VERSION', 135); + define('SCHEMA_VERSION', 136); define('LABEL_BASE_INDEX', -1024); define('PLUGIN_FEED_BASE_INDEX', -128); @@ -141,7 +141,6 @@ } _bindtextdomain("messages", "locale"); - _textdomain("messages"); _bind_textdomain_codeset("messages", "UTF-8"); } @@ -738,21 +737,28 @@ } } - function make_password($length = 8) { - + function make_password($length = 12) { $password = ""; - $possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ"; + $possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ*%+^"; - $i = 0; + $i = 0; while ($i < $length) { - $char = substr($possible, mt_rand(0, strlen($possible)-1), 1); + + try { + $idx = function_exists("random_int") ? random_int(0, strlen($possible) - 1) : mt_rand(0, strlen($possible) - 1); + } catch (Exception $e) { + $idx = mt_rand(0, strlen($possible) - 1); + } + + $char = substr($possible, $idx, 1); if (!strstr($password, $char)) { $password .= $char; $i++; } } + return $password; } @@ -1981,7 +1987,7 @@ return true; } - function add_feed_category($feed_cat, $parent_cat_id = false) { + function add_feed_category($feed_cat, $parent_cat_id = false, $order_id = 0) { if (!$feed_cat) return false; @@ -2004,9 +2010,9 @@ if (!$sth->fetch()) { - $sth = $pdo->prepare("INSERT INTO ttrss_feed_categories (owner_uid,title,parent_cat) - VALUES (?, ?, ?)"); - $sth->execute([$_SESSION['uid'], $feed_cat, $parent_cat_id]); + $sth = $pdo->prepare("INSERT INTO ttrss_feed_categories (owner_uid,title,parent_cat,order_id) + VALUES (?, ?, ?, ?)"); + $sth->execute([$_SESSION['uid'], $feed_cat, $parent_cat_id, (int)$order_id]); if (!$tr_in_progress) $pdo->commit(); @@ -2403,18 +2409,23 @@ return __((parseInt(n) > 1) ? msg2 : msg1); }'; - $l10n = _get_reader(); + global $text_domains; - for ($i = 0; $i < $l10n->total; $i++) { - $orig = $l10n->get_original_string($i); - if(strpos($orig, "\000") !== FALSE) { // Plural forms - $key = explode(chr(0), $orig); - print T_js_decl($key[0], _ngettext($key[0], $key[1], 1)); // Singular - print T_js_decl($key[1], _ngettext($key[0], $key[1], 2)); // Plural - } else { - $translation = __($orig); - print T_js_decl($orig, $translation); + foreach (array_keys($text_domains) as $domain) { + $l10n = _get_reader($domain); + + for ($i = 0; $i < $l10n->total; $i++) { + $orig = $l10n->get_original_string($i); + if(strpos($orig, "\000") !== FALSE) { // Plural forms + $key = explode(chr(0), $orig); + print T_js_decl($key[0], _ngettext($key[0], $key[1], 1)); // Singular + print T_js_decl($key[1], _ngettext($key[0], $key[1], 2)); // Plural + } else { + $translation = _dgettext($domain,$orig); + print T_js_decl($orig, $translation); + } } + } } diff --git a/include/login_form.php b/include/login_form.php index 68ebcef29..6c6aaf8cf 100755 --- a/include/login_form.php +++ b/include/login_form.php @@ -1,4 +1,5 @@ <?php startup_gettext(); ?> +<!DOCTYPE html> <html> <head> <title>Tiny Tiny RSS : Login</title> @@ -60,7 +61,7 @@ function bwLimitChange(elem) { } </script> -<?php $return = urlencode($_SERVER["REQUEST_URI"]) ?> +<?php $return = urlencode(make_self_url()) ?> <div class="container"> diff --git a/include/sanity_check.php b/include/sanity_check.php index c2ecee368..654c83e38 100755 --- a/include/sanity_check.php +++ b/include/sanity_check.php @@ -14,6 +14,12 @@ * If you come crying when stuff inevitably breaks, you will be mocked and told * to get out. */ + function make_self_url() { + $proto = is_server_https() ? 'https' : 'http'; + + return $proto . '://' . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]; + } + function make_self_url_path() { $proto = is_server_https() ? 'https' : 'http'; $url_path = $proto . '://' . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); @@ -176,6 +182,7 @@ } if (count($errors) > 0 && $_SERVER['REQUEST_URI']) { ?> + <!DOCTYPE html> <html> <head> <title>Startup failed</title> |