token; $token_param = Minz_Request::param('token', ''); $token_is_ok = ($token != '' && $token == $token_param); $action = Minz_Request::actionName(); $allow_anonymous_refresh = FreshRSS_Context::$system_conf->allow_anonymous_refresh; if ($action !== 'actualize' || !($allow_anonymous_refresh || $token_is_ok)) { Minz_Error::error(403); } } } public static function addFeed($url, $title = '', $cat_id = 0, $new_cat_name = '', $http_auth = '') { FreshRSS_UserDAO::touch(); @set_time_limit(300); $catDAO = new FreshRSS_CategoryDAO(); $cat = null; if ($cat_id > 0) { $cat = $catDAO->searchById($cat_id); } if ($cat == null && $new_cat_name != '') { $cat = $catDAO->addCategory(array('name' => $new_cat_name)); } if ($cat == null) { $catDAO->checkDefault(); } $cat_id = $cat == null ? FreshRSS_CategoryDAO::defaultCategoryId : $cat->id(); $feed = new FreshRSS_Feed($url); //Throws FreshRSS_BadUrl_Exception $feed->_httpAuth($http_auth); $feed->load(true); //Throws FreshRSS_Feed_Exception, Minz_FileNotExistException $feed->_category($cat_id); $feedDAO = FreshRSS_Factory::createFeedDao(); if ($feedDAO->searchByUrl($feed->url())) { throw new FreshRSS_AlreadySubscribed_Exception($url, $feed->name()); } // Call the extension hook $feed = Minz_ExtensionManager::callHook('feed_before_insert', $feed); if ($feed === null) { throw new FreshRSS_FeedNotAdded_Exception($url, $feed->name()); } $values = array( 'url' => $feed->url(), 'category' => $feed->category(), 'name' => $title != '' ? $title : $feed->name(), 'website' => $feed->website(), 'description' => $feed->description(), 'lastUpdate' => time(), 'httpAuth' => $feed->httpAuth(), ); $id = $feedDAO->addFeed($values); if (!$id) { // There was an error in database... we cannot say what here. throw new FreshRSS_FeedNotAdded_Exception($url, $feed->name()); } $feed->_id($id); // Ok, feed has been added in database. Now we have to refresh entries. self::actualizeFeed($id, $url, false, null, true); return $feed; } /** * This action subscribes to a feed. * * It can be reached by both GET and POST requests. * * GET request displays a form to add and configure a feed. * Request parameter is: * - url_rss (default: false) * * POST request adds a feed in database. * Parameters are: * - url_rss (default: false) * - category (default: false) * - new_category (required if category == 'nc') * - http_user (default: false) * - http_pass (default: false) * It tries to get website information from RSS feed. * If no category is given, feed is added to the default one. * * If url_rss is false, nothing happened. */ public function addAction() { $url = Minz_Request::param('url_rss'); if ($url === false) { // No url, do nothing Minz_Request::forward(array( 'c' => 'subscription', 'a' => 'index' ), true); } $feedDAO = FreshRSS_Factory::createFeedDao(); $url_redirect = array( 'c' => 'subscription', 'a' => 'index', 'params' => array(), ); $limits = FreshRSS_Context::$system_conf->limits; $this->view->feeds = $feedDAO->listFeeds(); if (count($this->view->feeds) >= $limits['max_feeds']) { Minz_Request::bad(_t('feedback.sub.feed.over_max', $limits['max_feeds']), $url_redirect); } if (Minz_Request::isPost()) { $cat = Minz_Request::param('category'); $new_cat_name = ''; if ($cat === 'nc') { // User want to create a new category, new_category parameter // must exist $new_cat = Minz_Request::param('new_category'); $new_cat_name = isset($new_cat['name']) ? $new_cat['name'] : ''; } // HTTP information are useful if feed is protected behind a // HTTP authentication $user = trim(Minz_Request::param('http_user', '')); $pass = Minz_Request::param('http_pass', ''); $http_auth = ''; if ($user != '' && $pass != '') { //TODO: Sanitize $http_auth = $user . ':' . $pass; } try { $feed = self::addFeed($url, '', $cat, $new_cat_name, $http_auth); } catch (FreshRSS_BadUrl_Exception $e) { // Given url was not a valid url! Minz_Log::warning($e->getMessage()); Minz_Request::bad(_t('feedback.sub.feed.invalid_url', $url), $url_redirect); } catch (FreshRSS_Feed_Exception $e) { // Something went bad (timeout, server not found, etc.) Minz_Log::warning($e->getMessage()); Minz_Request::bad(_t('feedback.sub.feed.internal_problem', _url('index', 'logs')), $url_redirect); } catch (Minz_FileNotExistException $e) { // Cache directory doesn't exist! Minz_Log::error($e->getMessage()); Minz_Request::bad(_t('feedback.sub.feed.internal_problem', _url('index', 'logs')), $url_redirect); } catch (FreshRSS_AlreadySubscribed_Exception $e) { Minz_Request::bad(_t('feedback.sub.feed.already_subscribed', $e->feedName()), $url_redirect); } catch (FreshRSS_FeedNotAdded_Exception $e) { Minz_Request::bad(_t('feedback.sub.feed.not_added', $e->feedName()), $url_redirect); } // Entries are in DB, we redirect to feed configuration page. $url_redirect['params']['id'] = $feed->id(); Minz_Request::good(_t('feedback.sub.feed.added', $feed->name()), $url_redirect); } else { // GET request: we must ask confirmation to user before adding feed. Minz_View::prependTitle(_t('sub.feed.title_add') . ' · '); $this->catDAO = new FreshRSS_CategoryDAO(); $this->view->categories = $this->catDAO->listCategories(false); $this->view->feed = new FreshRSS_Feed($url); try { // We try to get more information about the feed. $this->view->feed->load(true); $this->view->load_ok = true; } catch (Exception $e) { $this->view->load_ok = false; } $feed = $feedDAO->searchByUrl($this->view->feed->url()); if ($feed) { // Already subscribe so we redirect to the feed configuration page. $url_redirect['params']['id'] = $feed->id(); Minz_Request::good(_t('feedback.sub.feed.already_subscribed', $feed->name()), $url_redirect); } } } /** * This action remove entries from a given feed. * * It should be reached by a POST action. * * Parameter is: * - id (default: false) */ public function truncateAction() { $id = Minz_Request::param('id'); $url_redirect = array( 'c' => 'subscription', 'a' => 'index', 'params' => array('id' => $id) ); if (!Minz_Request::isPost()) { Minz_Request::forward($url_redirect, true); } $feedDAO = FreshRSS_Factory::createFeedDao(); $n = $feedDAO->truncate($id); invalidateHttpCache(); if ($n === false) { Minz_Request::bad(_t('feedback.sub.feed.error'), $url_redirect); } else { Minz_Request::good(_t('feedback.sub.feed.n_entries_deleted', $n), $url_redirect); } } public static function actualizeFeed($feed_id, $feed_url, $force, $simplePiePush = null, $isNewFeed = false) { @set_time_limit(300); $feedDAO = FreshRSS_Factory::createFeedDao(); $entryDAO = FreshRSS_Factory::createEntryDao(); // Create a list of feeds to actualize. // If feed_id is set and valid, corresponding feed is added to the list but // alone in order to automatize further process. $feeds = array(); if ($feed_id > 0 || $feed_url) { $feed = $feed_id > 0 ? $feedDAO->searchById($feed_id) : $feedDAO->searchByUrl($feed_url); if ($feed) { $feeds[] = $feed; } } else { $feeds = $feedDAO->listFeedsOrderUpdate(-1); } // Calculate date of oldest entries we accept in DB. $nb_month_old = max(FreshRSS_Context::$user_conf->old_entries, 1); $date_min = time() - (3600 * 24 * 30 * $nb_month_old); // PubSubHubbub support $pubsubhubbubEnabledGeneral = FreshRSS_Context::$system_conf->pubsubhubbub_enabled; $pshbMinAge = time() - (3600 * 24); //TODO: Make a configuration. $updated_feeds = 0; $is_read = FreshRSS_Context::$user_conf->mark_when['reception'] ? 1 : 0; foreach ($feeds as $feed) { $url = $feed->url(); //For detection of HTTP 301 $pubSubHubbubEnabled = $pubsubhubbubEnabledGeneral && $feed->pubSubHubbubEnabled(); if ((!$simplePiePush) && (!$feed_id) && $pubSubHubbubEnabled && ($feed->lastUpdate() > $pshbMinAge)) { //$text = 'Skip pull of feed using PubSubHubbub: ' . $url; //Minz_Log::debug($text); //file_put_contents(USERS_PATH . '/_/log_pshb.txt', date('c') . "\t" . $text . "\n", FILE_APPEND); continue; //When PubSubHubbub is used, do not pull refresh so often } $mtime = 0; $ttl = $feed->ttl(); if ($ttl == -1) { continue; //Feed refresh is disabled } if ((!$simplePiePush) && (!$feed_id) && ($feed->lastUpdate() + 10 >= time() - ($ttl == -2 ? FreshRSS_Context::$user_conf->ttl_default : $ttl))) { //Too early to refresh from source, but check whether the feed was updated by another user $mtime = $feed->cacheModifiedTime(); if ($feed->lastUpdate() + 10 >= $mtime) { continue; //Nothing newer from other users } //Minz_Log::debug($feed->url() . ' was updated at ' . date('c', $mtime) . ' by another user'); //Will take advantage of the newer cache } if (!$feed->lock()) { Minz_Log::notice('Feed already being actualized: ' . $feed->url()); continue; } try { if ($simplePiePush) { $feed->loadEntries($simplePiePush); //Used by PubSubHubbub } else { $feed->load(false, $isNewFeed); } } catch (FreshRSS_Feed_Exception $e) { Minz_Log::warning($e->getMessage()); $feedDAO->updateLastUpdate($feed->id(), true); $feed->unlock(); continue; } $feed_history = $feed->keepHistory(); if ($isNewFeed) { $feed_history = -1; //∞ } elseif ($feed_history == -2) { // TODO: -2 must be a constant! // -2 means we take the default value from configuration $feed_history = FreshRSS_Context::$user_conf->keep_history_default; } // We want chronological order and SimplePie uses reverse order. $entries = array_reverse($feed->entries()); if (count($entries) > 0) { $newGuids = array(); foreach ($entries as $entry) { $newGuids[] = safe_ascii($entry->guid()); } // For this feed, check existing GUIDs already in database. $existingHashForGuids = $entryDAO->listHashForFeedGuids($feed->id(), $newGuids); unset($newGuids); $oldGuids = array(); // Add entries in database if possible. foreach ($entries as $entry) { $entry_date = $entry->date(true); if (isset($existingHashForGuids[$entry->guid()])) { $existingHash = $existingHashForGuids[$entry->guid()]; if (strcasecmp($existingHash, $entry->hash()) === 0 || trim($existingHash, '0') == '') { //This entry already exists and is unchanged. TODO: Remove the test with the zero'ed hash in FreshRSS v1.3 $oldGuids[] = $entry->guid(); } else { //This entry already exists but has been updated //Minz_Log::debug('Entry with GUID `' . $entry->guid() . '` updated in feed ' . $feed->id() . //', old hash ' . $existingHash . ', new hash ' . $entry->hash()); //TODO: Make an updated/is_read policy by feed, in addition to the global one. $entry->_isRead(FreshRSS_Context::$user_conf->mark_updated_article_unread ? false : null); //Change is_read according to policy. if (!$entryDAO->inTransaction()) { $entryDAO->beginTransaction(); } $entryDAO->updateEntry($entry->toArray()); } } elseif ($feed_history == 0 && $entry_date < $date_min) { // This entry should not be added considering configuration and date. $oldGuids[] = $entry->guid(); } else { if ($isNewFeed) { $id = min(time(), $entry_date) . uSecString(); } elseif ($entry_date < $date_min) { $id = min(time(), $entry_date) . uSecString(); $entry->_isRead(true); //Old article that was not in database. Probably an error, so mark as read } else { $id = uTimeString(); $entry->_isRead($is_read); } $entry->_id($id); $entry = Minz_ExtensionManager::callHook('entry_before_insert', $entry); if ($entry === null) { // An extension has returned a null value, there is nothing to insert. continue; } if ($pubSubHubbubEnabled && !$simplePiePush) { //We use push, but have discovered an article by pull! $text = 'An article was discovered by pull although we use PubSubHubbub!: Feed ' . $url . ' GUID ' . $entry->guid(); file_put_contents(USERS_PATH . '/_/log_pshb.txt', date('c') . "\t" . $text . "\n", FILE_APPEND); Minz_Log::warning($text); $pubSubHubbubEnabled = false; $feed->pubSubHubbubError(true); } if (!$entryDAO->inTransaction()) { $entryDAO->beginTransaction(); } $entryDAO->addEntry($entry->toArray()); } } $entryDAO->updateLastSeen($feed->id(), $oldGuids, $mtime); } if ($feed_history >= 0 && rand(0, 30) === 1) { // TODO: move this function in web cron when available (see entry::purge) // Remove old entries once in 30. if (!$entryDAO->inTransaction()) { $entryDAO->beginTransaction(); } $nb = $feedDAO->cleanOldEntries($feed->id(), $date_min, max($feed_history, count($entries) + 10)); if ($nb > 0) { Minz_Log::debug($nb . ' old entries cleaned in feed [' . $feed->url() . ']'); } } $feedDAO->updateLastUpdate($feed->id(), false, $entryDAO->inTransaction(), $mtime); if ($entryDAO->inTransaction()) { $entryDAO->commit(); } if ($feed->hubUrl() && $feed->selfUrl()) { //selfUrl has priority for PubSubHubbub if ($feed->selfUrl() !== $url) { //https://code.google.com/p/pubsubhubbub/wiki/MovingFeedsOrChangingHubs $selfUrl = checkUrl($feed->selfUrl()); if ($selfUrl) { Minz_Log::debug('PubSubHubbub unsubscribe ' . $feed->url()); if (!$feed->pubSubHubbubSubscribe(false)) { //Unsubscribe Minz_Log::warning('Error while PubSubHubbub unsubscribing from ' . $feed->url()); } $feed->_url($selfUrl, false); Minz_Log::notice('Feed ' . $url . ' canonical address moved to ' . $feed->url()); $feedDAO->updateFeed($feed->id(), array('url' => $feed->url())); } } } elseif ($feed->url() !== $url) { // HTTP 301 Moved Permanently Minz_Log::notice('Feed ' . $url . ' moved permanently to ' . $feed->url()); $feedDAO->updateFeed($feed->id(), array('url' => $feed->url())); } $feed->faviconPrepare(); if ($pubsubhubbubEnabledGeneral && $feed->pubSubHubbubPrepare()) { Minz_Log::notice('PubSubHubbub subscribe ' . $feed->url()); if (!$feed->pubSubHubbubSubscribe(true)) { //Subscribe Minz_Log::warning('Error while PubSubHubbub subscribing to ' . $feed->url()); } } $feed->unlock(); $updated_feeds++; unset($feed); // No more than 10 feeds unless $force is true to avoid overloading // the server. if ($updated_feeds >= 10 && !$force) { break; } } return array($updated_feeds, reset($feeds)); } /** * This action actualizes entries from one or several feeds. * * Parameters are: * - id (default: false): Feed ID * - url (default: false): Feed URL * - force (default: false) * If id and url are not specified, all the feeds are actualized. But if force is * false, process stops at 10 feeds to avoid time execution problem. */ public function actualizeAction() { Minz_Session::_param('actualize_feeds', false); $id = Minz_Request::param('id'); $url = Minz_Request::param('url'); $force = Minz_Request::param('force'); list($updated_feeds, $feed) = self::actualizeFeed($id, $url, $force); if (Minz_Request::param('ajax')) { // Most of the time, ajax request is for only one feed. But since // there are several parallel requests, we should return that there // are several updated feeds. $notif = array( 'type' => 'good', 'content' => _t('feedback.sub.feed.actualizeds') ); Minz_Session::_param('notification', $notif); // No layout in ajax request. $this->view->_useLayout(false); } else { // Redirect to the main page with correct notification. if ($updated_feeds === 1) { Minz_Request::good(_t('feedback.sub.feed.actualized', $feed->name()), array( 'params' => array('get' => 'f_' . $feed->id()) )); } elseif ($updated_feeds > 1) { Minz_Request::good(_t('feedback.sub.feed.n_actualized', $updated_feeds), array()); } else { Minz_Request::good(_t('feedback.sub.feed.no_refresh'), array()); } } return $updated_feeds; } public static function renameFeed($feed_id, $feed_name) { if ($feed_id <= 0 || $feed_name == '') { return false; } FreshRSS_UserDAO::touch(); $feedDAO = FreshRSS_Factory::createFeedDao(); return $feedDAO->updateFeed($feed_id, array('name' => $feed_name)); } public static function moveFeed($feed_id, $cat_id, $new_cat_name = '') { if ($feed_id <= 0 || ($cat_id <= 0 && $new_cat_name == '')) { return false; } FreshRSS_UserDAO::touch(); $catDAO = new FreshRSS_CategoryDAO(); if ($cat_id > 0) { $cat = $catDAO->searchById($cat_id); $cat_id = $cat == null ? 0 : $cat->id(); } if ($cat_id <= 1 && $new_cat_name != '') { $cat_id = $catDAO->addCategory(array('name' => $new_cat_name)); } if ($cat_id <= 1) { $catDAO->checkDefault(); $cat_id = FreshRSS_CategoryDAO::defaultCategoryId; } $feedDAO = FreshRSS_Factory::createFeedDao(); return $feedDAO->updateFeed($feed_id, array('category' => $cat_id)); } /** * This action changes the category of a feed. * * This page must be reached by a POST request. * * Parameters are: * - f_id (default: false) * - c_id (default: false) * If c_id is false, default category is used. * * @todo should handle order of the feed inside the category. */ public function moveAction() { if (!Minz_Request::isPost()) { Minz_Request::forward(array('c' => 'subscription'), true); } $feed_id = Minz_Request::param('f_id'); $cat_id = Minz_Request::param('c_id'); if (self::moveFeed($feed_id, $cat_id)) { // TODO: return something useful } else { Minz_Log::warning('Cannot move feed `' . $feed_id . '` ' . 'in the category `' . $cat_id . '`'); Minz_Error::error(404); } } public static function deleteFeed($feed_id) { FreshRSS_UserDAO::touch(); $feedDAO = FreshRSS_Factory::createFeedDao(); if ($feedDAO->deleteFeed($feed_id)) { // TODO: Delete old favicon // Remove related queries FreshRSS_Context::$user_conf->queries = remove_query_by_get( 'f_' . $feed_id, FreshRSS_Context::$user_conf->queries); FreshRSS_Context::$user_conf->save(); return true; } return false; } /** * This action deletes a feed. * * This page must be reached by a POST request. * If there are related queries, they are deleted too. * * Parameters are: * - id (default: false) * - r (default: false) * r permits to redirect to a given page at the end of this action. * * @todo handle "r" redirection in Minz_Request::forward()? */ public function deleteAction() { $redirect_url = Minz_Request::param('r', false, true); if (!$redirect_url) { $redirect_url = array('c' => 'subscription', 'a' => 'index'); } if (!Minz_Request::isPost()) { Minz_Request::forward($redirect_url, true); } $id = Minz_Request::param('id'); if (self::deleteFeed($id)) { Minz_Request::good(_t('feedback.sub.feed.deleted'), $redirect_url); } else { Minz_Request::bad(_t('feedback.sub.feed.error'), $redirect_url); } } }