You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1092 lines
36 KiB
1092 lines
36 KiB
<?php |
|
/** |
|
== Description == |
|
Server-side API compatible with Google Reader API layer 2 |
|
for the FreshRSS project https://freshrss.org |
|
|
|
== Credits == |
|
* 2014-03: Released by Alexandre Alapetite https://alexandre.alapetite.fr |
|
under GNU AGPL 3 license http://www.gnu.org/licenses/agpl-3.0.html |
|
|
|
== Documentation == |
|
* http://code.google.com/p/pyrfeed/wiki/GoogleReaderAPI |
|
* http://web.archive.org/web/20130718025427/http://undoc.in/ |
|
* http://ranchero.com/downloads/GoogleReaderAPI-2009.pdf |
|
* http://code.google.com/p/google-reader-api/w/list |
|
* http://blog.martindoms.com/2009/10/16/using-the-google-reader-api-part-2/ |
|
* https://github.com/noinnion/newsplus/blob/master/extensions/GoogleReaderCloneExtension/src/com/noinnion/android/newsplus/extension/google_reader/GoogleReaderClient.java |
|
* https://github.com/ericmann/gReader-Library/blob/master/greader.class.php |
|
* https://github.com/devongovett/reader |
|
* https://github.com/theoldreader/api |
|
* https://www.inoreader.com/developers/ |
|
* https://feedhq.readthedocs.io/en/latest/api/index.html |
|
*/ |
|
|
|
require(__DIR__ . '/../../constants.php'); |
|
require(LIB_PATH . '/lib_rss.php'); //Includes class autoloader |
|
|
|
$ORIGINAL_INPUT = file_get_contents('php://input', false, null, 0, 1048576); |
|
|
|
if (PHP_INT_SIZE < 8) { //32-bit |
|
function dec2hex($dec) { |
|
return str_pad(gmp_strval(gmp_init($dec, 10), 16), 16, '0', STR_PAD_LEFT); |
|
} |
|
function hex2dec($hex) { |
|
return gmp_strval(gmp_init($hex, 16), 10); |
|
} |
|
} else { //64-bit |
|
function dec2hex($dec) { //http://code.google.com/p/google-reader-api/wiki/ItemId |
|
return str_pad(dechex($dec), 16, '0', STR_PAD_LEFT); |
|
} |
|
function hex2dec($hex) { |
|
return hexdec($hex); |
|
} |
|
} |
|
|
|
if (version_compare(PHP_VERSION, '5.4.0') >= 0) { |
|
define('JSON_OPTIONS', JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); |
|
} else { |
|
define('JSON_OPTIONS', 0); |
|
} |
|
|
|
function headerVariable($headerName, $varName) { |
|
$header = ''; |
|
$upName = 'HTTP_' . strtoupper($headerName); |
|
if (isset($_SERVER[$upName])) { |
|
$header = $_SERVER[$upName]; |
|
} elseif (isset($_SERVER['REDIRECT_' . $upName])) { |
|
$header = $_SERVER['REDIRECT_' . $upName]; |
|
} elseif (function_exists('getallheaders')) { |
|
$ALL_HEADERS = getallheaders(); |
|
if (isset($ALL_HEADERS[$headerName])) { |
|
$header = $ALL_HEADERS[$headerName]; |
|
} |
|
} |
|
parse_str($header, $pairs); |
|
return isset($pairs[$varName]) ? $pairs[$varName] : null; |
|
} |
|
|
|
function multiplePosts($name) { //https://bugs.php.net/bug.php?id=51633 |
|
global $ORIGINAL_INPUT; |
|
$inputs = explode('&', $ORIGINAL_INPUT); |
|
$result = array(); |
|
$prefix = $name . '='; |
|
$prefixLength = strlen($prefix); |
|
foreach ($inputs as $input) { |
|
if (strpos($input, $prefix) === 0) { |
|
$result[] = urldecode(substr($input, $prefixLength)); |
|
} |
|
} |
|
return $result; |
|
} |
|
|
|
class MyPDO extends Minz_ModelPdo { |
|
function prepare($sql) { |
|
return $this->bd->prepare(str_replace('%_', $this->prefix, $sql)); |
|
} |
|
} |
|
|
|
function debugInfo() { |
|
if (function_exists('getallheaders')) { |
|
$ALL_HEADERS = getallheaders(); |
|
} else { //nginx http://php.net/getallheaders#84262 |
|
$ALL_HEADERS = array(); |
|
foreach ($_SERVER as $name => $value) { |
|
if (substr($name, 0, 5) === 'HTTP_') { |
|
$ALL_HEADERS[str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5)))))] = $value; |
|
} |
|
} |
|
} |
|
global $ORIGINAL_INPUT; |
|
return print_r( |
|
array( |
|
'date' => date('c'), |
|
'headers' => $ALL_HEADERS, |
|
'_SERVER' => $_SERVER, |
|
'_GET' => $_GET, |
|
'_POST' => $_POST, |
|
'_COOKIE' => $_COOKIE, |
|
'INPUT' => $ORIGINAL_INPUT |
|
), true); |
|
} |
|
|
|
function badRequest() { |
|
Minz_Log::warning('badRequest() ' . debugInfo(), API_LOG); |
|
header('HTTP/1.1 400 Bad Request'); |
|
header('Content-Type: text/plain; charset=UTF-8'); |
|
die('Bad Request!'); |
|
} |
|
|
|
function unauthorized() { |
|
Minz_Log::warning('unauthorized() ' . debugInfo(), API_LOG); |
|
header('HTTP/1.1 401 Unauthorized'); |
|
header('Content-Type: text/plain; charset=UTF-8'); |
|
header('Google-Bad-Token: true'); |
|
die('Unauthorized!'); |
|
} |
|
|
|
function notImplemented() { |
|
Minz_Log::warning('notImplemented() ' . debugInfo(), API_LOG); |
|
header('HTTP/1.1 501 Not Implemented'); |
|
header('Content-Type: text/plain; charset=UTF-8'); |
|
die('Not Implemented!'); |
|
} |
|
|
|
function serviceUnavailable() { |
|
Minz_Log::warning('serviceUnavailable() ' . debugInfo(), API_LOG); |
|
header('HTTP/1.1 503 Service Unavailable'); |
|
header('Content-Type: text/plain; charset=UTF-8'); |
|
die('Service Unavailable!'); |
|
} |
|
|
|
function checkCompatibility() { |
|
Minz_Log::warning('checkCompatibility() ' . debugInfo(), API_LOG); |
|
header('Content-Type: text/plain; charset=UTF-8'); |
|
if (PHP_INT_SIZE < 8 && !function_exists('gmp_init')) { |
|
die('FAIL 64-bit or GMP extension! Wrong PHP configuration.'); |
|
} |
|
$headerAuth = headerVariable('Authorization', 'GoogleLogin_auth'); |
|
if ($headerAuth == '') { |
|
die('FAIL get HTTP Authorization header! Wrong Web server configuration.'); |
|
} |
|
echo 'PASS'; |
|
exit(); |
|
} |
|
|
|
function authorizationToUser() { |
|
$headerAuth = headerVariable('Authorization', 'GoogleLogin_auth'); //Input is 'GoogleLogin auth', but PHP replaces spaces by '_' http://php.net/language.variables.external |
|
if ($headerAuth != '') { |
|
$headerAuthX = explode('/', $headerAuth, 2); |
|
if (count($headerAuthX) === 2) { |
|
$user = $headerAuthX[0]; |
|
if (FreshRSS_user_Controller::checkUsername($user)) { |
|
FreshRSS_Context::$user_conf = get_user_configuration($user); |
|
if (FreshRSS_Context::$user_conf == null) { |
|
Minz_Log::warning('Invalid API user ' . $user . ': configuration cannot be found.'); |
|
unauthorized(); |
|
} |
|
if ($headerAuthX[1] === sha1(FreshRSS_Context::$system_conf->salt . $user . FreshRSS_Context::$user_conf->apiPasswordHash)) { |
|
return $user; |
|
} else { |
|
Minz_Log::warning('Invalid API authorisation for user ' . $user . ': ' . $headerAuthX[1], API_LOG); |
|
Minz_Log::warning('Invalid API authorisation for user ' . $user . ': ' . $headerAuthX[1]); |
|
unauthorized(); |
|
} |
|
} else { |
|
badRequest(); |
|
} |
|
} |
|
} |
|
return ''; |
|
} |
|
|
|
function clientLogin($email, $pass) { //http://web.archive.org/web/20130604091042/http://undoc.in/clientLogin.html |
|
if (FreshRSS_user_Controller::checkUsername($email)) { |
|
if (!function_exists('password_verify')) { |
|
include_once(LIB_PATH . '/password_compat.php'); |
|
} |
|
|
|
FreshRSS_Context::$user_conf = get_user_configuration($email); |
|
if (FreshRSS_Context::$user_conf == null) { |
|
Minz_Log::warning('Invalid API user ' . $email . ': configuration cannot be found.'); |
|
unauthorized(); |
|
} |
|
|
|
if (FreshRSS_Context::$user_conf->apiPasswordHash != '' && password_verify($pass, FreshRSS_Context::$user_conf->apiPasswordHash)) { |
|
header('Content-Type: text/plain; charset=UTF-8'); |
|
$auth = $email . '/' . sha1(FreshRSS_Context::$system_conf->salt . $email . FreshRSS_Context::$user_conf->apiPasswordHash); |
|
echo 'SID=', $auth, "\n", |
|
'LSID=null', "\n", //Vienna RSS |
|
'Auth=', $auth, "\n"; |
|
exit(); |
|
} else { |
|
Minz_Log::warning('Password API mismatch for user ' . $email); |
|
unauthorized(); |
|
} |
|
} else { |
|
badRequest(); |
|
} |
|
die(); |
|
} |
|
|
|
function token($conf) { |
|
//http://blog.martindoms.com/2009/08/15/using-the-google-reader-api-part-1/ |
|
//https://github.com/ericmann/gReader-Library/blob/master/greader.class.php |
|
$user = Minz_Session::param('currentUser', '_'); |
|
//Minz_Log::debug('token('. $user . ')', API_LOG); //TODO: Implement real token that expires |
|
$token = str_pad(sha1(FreshRSS_Context::$system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z'); //Must have 57 characters |
|
echo $token, "\n"; |
|
exit(); |
|
} |
|
|
|
function checkToken($conf, $token) { |
|
//http://code.google.com/p/google-reader-api/wiki/ActionToken |
|
$user = Minz_Session::param('currentUser', '_'); |
|
if ($user !== '_' && $token == '') { |
|
return true; //FeedMe //TODO: Check security consequences |
|
} |
|
if ($token === str_pad(sha1(FreshRSS_Context::$system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z')) { |
|
return true; |
|
} |
|
Minz_Log::warning('Invalid POST token: ' . $token, API_LOG); |
|
unauthorized(); |
|
} |
|
|
|
function userInfo() { //https://github.com/theoldreader/api#user-info |
|
$user = Minz_Session::param('currentUser', '_'); |
|
exit(json_encode(array( |
|
'userId' => $user, |
|
'userName' => $user, |
|
'userProfileId' => $user, |
|
'userEmail' => FreshRSS_Context::$user_conf->mail_login, |
|
), JSON_OPTIONS)); |
|
} |
|
|
|
function tagList() { |
|
header('Content-Type: application/json; charset=UTF-8'); |
|
|
|
$pdo = new MyPDO(); |
|
$stm = $pdo->prepare('SELECT c.name FROM `%_category` c'); |
|
$stm->execute(); |
|
$res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); |
|
|
|
$tags = array( |
|
array('id' => 'user/-/state/com.google/starred'), |
|
//array('id' => 'user/-/state/com.google/broadcast', 'sortid' => '2'), |
|
); |
|
|
|
foreach ($res as $cName) { |
|
$tags[] = array( |
|
'id' => 'user/-/label/' . htmlspecialchars_decode($cName, ENT_QUOTES), |
|
//'sortid' => $cName, |
|
'type' => 'folder', //Inoreader |
|
); |
|
} |
|
|
|
unset($res); |
|
|
|
$tagDAO = FreshRSS_Factory::createTagDao(); |
|
$labels = $tagDAO->listTags(true); |
|
foreach ($labels as $label) { |
|
$tags[] = array( |
|
'id' => 'user/-/label/' . htmlspecialchars_decode($label->name(), ENT_QUOTES), |
|
//'sortid' => $cName, |
|
'type' => 'tag', //Inoreader |
|
'unread_count' => $label->nbUnread(), //Inoreader |
|
); |
|
} |
|
|
|
echo json_encode(array('tags' => $tags), JSON_OPTIONS), "\n"; |
|
exit(); |
|
} |
|
|
|
function subscriptionList() { |
|
header('Content-Type: application/json; charset=UTF-8'); |
|
|
|
$pdo = new MyPDO(); |
|
$stm = $pdo->prepare('SELECT f.id, f.name, f.url, f.website, c.id as c_id, c.name as c_name FROM `%_feed` f |
|
INNER JOIN `%_category` c ON c.id = f.category AND f.priority >= :priority_normal'); |
|
$stm->execute(array(':priority_normal' => FreshRSS_Feed::PRIORITY_NORMAL)); |
|
$res = $stm->fetchAll(PDO::FETCH_ASSOC); |
|
|
|
$salt = FreshRSS_Context::$system_conf->salt; |
|
$faviconsUrl = Minz_Url::display('/f.php?', '', true); |
|
$faviconsUrl = str_replace('/api/greader.php/reader/api/0/subscription', '', $faviconsUrl); //Security if base_url is not set properly |
|
$subscriptions = array(); |
|
|
|
foreach ($res as $line) { |
|
$subscriptions[] = array( |
|
'id' => 'feed/' . $line['id'], |
|
'title' => escapeToUnicodeAlternative($line['name'], true), |
|
'categories' => array( |
|
array( |
|
'id' => 'user/-/label/' . htmlspecialchars_decode($line['c_name'], ENT_QUOTES), |
|
'label' => htmlspecialchars_decode($line['c_name'], ENT_QUOTES), |
|
), |
|
), |
|
//'sortid' => $line['name'], |
|
//'firstitemmsec' => 0, |
|
'url' => htmlspecialchars_decode($line['url'], ENT_QUOTES), |
|
'htmlUrl' => htmlspecialchars_decode($line['website'], ENT_QUOTES), |
|
'iconUrl' => $faviconsUrl . hash('crc32b', $salt . $line['url']), |
|
); |
|
} |
|
|
|
echo json_encode(array('subscriptions' => $subscriptions), JSON_OPTIONS), "\n"; |
|
exit(); |
|
} |
|
|
|
function subscriptionEdit($streamNames, $titles, $action, $add = '', $remove = '') { |
|
//https://github.com/mihaip/google-reader-api/blob/master/wiki/ApiSubscriptionEdit.wiki |
|
switch ($action) { |
|
case 'subscribe': |
|
case 'unsubscribe': |
|
case 'edit': |
|
break; |
|
default: |
|
badRequest(); |
|
} |
|
$addCatId = 0; |
|
$categoryDAO = null; |
|
if ($add != '' || $remove != '') { |
|
$categoryDAO = FreshRSS_Factory::createCategoryDao(); |
|
} |
|
$c_name = ''; |
|
if ($add != '' && strpos($add, 'user/') === 0) { //user/-/label/Example ; user/username/label/Example |
|
if (strpos($add, 'user/-/label/') === 0) { |
|
$c_name = substr($add, 13); |
|
} else { |
|
$user = Minz_Session::param('currentUser', '_'); |
|
$prefix = 'user/' . $user . '/label/'; |
|
if (strpos($add, $prefix) === 0) { |
|
$c_name = substr($add, strlen($prefix)); |
|
} else { |
|
$c_name = ''; |
|
} |
|
} |
|
$c_name = htmlspecialchars($c_name, ENT_COMPAT, 'UTF-8'); |
|
$cat = $categoryDAO->searchByName($c_name); |
|
$addCatId = $cat == null ? 0 : $cat->id(); |
|
} else if ($remove != '' && strpos($remove, 'user/-/label/')) { |
|
$addCatId = 1; //Default category |
|
} |
|
$feedDAO = FreshRSS_Factory::createFeedDao(); |
|
if (!is_array($streamNames) || count($streamNames) < 1) { |
|
badRequest(); |
|
} |
|
for ($i = count($streamNames) - 1; $i >= 0; $i--) { |
|
$streamUrl = $streamNames[$i]; //feed/http://example.net/sample.xml ; feed/338 |
|
if (strpos($streamUrl, 'feed/') === 0) { |
|
$streamUrl = substr($streamUrl, 5); |
|
$feedId = 0; |
|
if (ctype_digit($streamUrl)) { |
|
if ($action === 'subscribe') { |
|
continue; |
|
} |
|
$feedId = $streamUrl; |
|
} else { |
|
$streamUrl = htmlspecialchars($streamUrl, ENT_COMPAT, 'UTF-8'); |
|
$feed = $feedDAO->searchByUrl($streamUrl); |
|
$feedId = $feed == null ? -1 : $feed->id(); |
|
} |
|
$title = isset($titles[$i]) ? $titles[$i] : ''; |
|
$title = htmlspecialchars($title, ENT_COMPAT, 'UTF-8'); |
|
switch ($action) { |
|
case 'subscribe': |
|
if ($feedId <= 0) { |
|
$http_auth = ''; |
|
try { |
|
$feed = FreshRSS_feed_Controller::addFeed($streamUrl, $title, $addCatId, $c_name, $http_auth); |
|
continue; |
|
} catch (Exception $e) { |
|
Minz_Log::error('subscriptionEdit error subscribe: ' . $e->getMessage(), API_LOG); |
|
} |
|
} |
|
badRequest(); |
|
break; |
|
case 'unsubscribe': |
|
if (!($feedId > 0 && FreshRSS_feed_Controller::deleteFeed($feedId))) { |
|
badRequest(); |
|
} |
|
break; |
|
case 'edit': |
|
if ($feedId > 0) { |
|
if ($addCatId > 0 || $c_name != '') { |
|
FreshRSS_feed_Controller::moveFeed($feedId, $addCatId, $c_name); |
|
} |
|
if ($title != '') { |
|
FreshRSS_feed_Controller::renameFeed($feedId, $title); |
|
} |
|
} else { |
|
badRequest(); |
|
} |
|
break; |
|
} |
|
} |
|
} |
|
exit('OK'); |
|
} |
|
|
|
function quickadd($url) { |
|
try { |
|
$url = htmlspecialchars($url, ENT_COMPAT, 'UTF-8'); |
|
$feed = FreshRSS_feed_Controller::addFeed($url); |
|
exit(json_encode(array( |
|
'numResults' => 1, |
|
'streamId' => $feed->id(), |
|
), JSON_OPTIONS)); |
|
} catch (Exception $e) { |
|
Minz_Log::error('quickadd error: ' . $e->getMessage(), API_LOG); |
|
die(json_encode(array( |
|
'numResults' => 0, |
|
'error' => $e->getMessage(), |
|
), JSON_OPTIONS)); |
|
} |
|
} |
|
|
|
function unreadCount() { //http://blog.martindoms.com/2009/10/16/using-the-google-reader-api-part-2/#unread-count |
|
header('Content-Type: application/json; charset=UTF-8'); |
|
|
|
$totalUnreads = 0; |
|
$totalLastUpdate = 0; |
|
|
|
$categoryDAO = FreshRSS_Factory::createCategoryDao(); |
|
foreach ($categoryDAO->listCategories(true, true) as $cat) { |
|
$catLastUpdate = 0; |
|
foreach ($cat->feeds() as $feed) { |
|
$lastUpdate = $feed->lastUpdate(); |
|
$unreadcounts[] = array( |
|
'id' => 'feed/' . $feed->id(), |
|
'count' => $feed->nbNotRead(), |
|
'newestItemTimestampUsec' => $lastUpdate . '000000', |
|
); |
|
if ($catLastUpdate < $lastUpdate) { |
|
$catLastUpdate = $lastUpdate; |
|
} |
|
} |
|
$unreadcounts[] = array( |
|
'id' => 'user/-/label/' . htmlspecialchars_decode($cat->name(), ENT_QUOTES), |
|
'count' => $cat->nbNotRead(), |
|
'newestItemTimestampUsec' => $catLastUpdate . '000000', |
|
); |
|
$totalUnreads += $cat->nbNotRead(); |
|
if ($totalLastUpdate < $catLastUpdate) { |
|
$totalLastUpdate = $catLastUpdate; |
|
} |
|
} |
|
|
|
$tagDAO = FreshRSS_Factory::createTagDao(); |
|
foreach ($tagDAO->listTags(true) as $label) { |
|
$unreadcounts[] = array( |
|
'id' => 'user/-/label/' . htmlspecialchars_decode($label->name(), ENT_QUOTES), |
|
'count' => $label->nbUnread(), |
|
); |
|
} |
|
|
|
$unreadcounts[] = array( |
|
'id' => 'user/-/state/com.google/reading-list', |
|
'count' => $totalUnreads, |
|
'newestItemTimestampUsec' => $totalLastUpdate . '000000', |
|
); |
|
|
|
echo json_encode(array( |
|
'max' => $totalUnreads, |
|
'unreadcounts' => $unreadcounts, |
|
), JSON_OPTIONS), "\n"; |
|
exit(); |
|
} |
|
|
|
function entriesToArray($entries) { |
|
if (empty($entries)) { |
|
return array(); |
|
} |
|
$feedDAO = FreshRSS_Factory::createFeedDao(); |
|
$arrayFeedCategoryNames = $feedDAO->arrayFeedCategoryNames(); |
|
$tagDAO = FreshRSS_Factory::createTagDao(); |
|
$entryIdsTagNames = $tagDAO->getEntryIdsTagNames($entries); |
|
if ($entryIdsTagNames == false) { |
|
$entryIdsTagNames = array(); |
|
} |
|
|
|
$items = array(); |
|
foreach ($entries as $entry) { |
|
$f_id = $entry->feed(); |
|
if (isset($arrayFeedCategoryNames[$f_id])) { |
|
$c_name = $arrayFeedCategoryNames[$f_id]['c_name']; |
|
$f_name = $arrayFeedCategoryNames[$f_id]['name']; |
|
} else { |
|
$c_name = '_'; |
|
$f_name = '_'; |
|
} |
|
$item = array( |
|
'id' => 'tag:google.com,2005:reader/item/' . dec2hex($entry->id()), //64-bit hexa http://code.google.com/p/google-reader-api/wiki/ItemId |
|
'crawlTimeMsec' => substr($entry->id(), 0, -3), |
|
'timestampUsec' => '' . $entry->id(), //EasyRSS |
|
'published' => $entry->date(true), |
|
'title' => escapeToUnicodeAlternative($entry->title(), false), |
|
'summary' => array('content' => $entry->content()), |
|
'alternate' => array( |
|
array('href' => htmlspecialchars_decode($entry->link(), ENT_QUOTES)), |
|
), |
|
'categories' => array( |
|
'user/-/state/com.google/reading-list', |
|
'user/-/label/' . htmlspecialchars_decode($c_name, ENT_QUOTES), |
|
), |
|
'origin' => array( |
|
'streamId' => 'feed/' . $f_id, |
|
'title' => escapeToUnicodeAlternative($f_name, true), //EasyRSS |
|
//'htmlUrl' => $line['f_website'], |
|
), |
|
); |
|
$author = $entry->authors(true); |
|
$author = trim($author, '; '); |
|
if ($author != '') { |
|
$item['author'] = escapeToUnicodeAlternative($author, false); |
|
} |
|
if ($entry->isRead()) { |
|
$item['categories'][] = 'user/-/state/com.google/read'; |
|
} |
|
if ($entry->isFavorite()) { |
|
$item['categories'][] = 'user/-/state/com.google/starred'; |
|
} |
|
$tagNames = isset($entryIdsTagNames['e_' . $entry->id()]) ? $entryIdsTagNames['e_' . $entry->id()] : array(); |
|
foreach ($tagNames as $tagName) { |
|
$item['categories'][] = 'user/-/label/' . htmlspecialchars_decode($tagName, ENT_QUOTES); |
|
} |
|
$items[] = $item; |
|
} |
|
return $items; |
|
} |
|
|
|
function streamContentsFilters($type, $streamId, $filter_target, $exclude_target, $start_time, $stop_time) { |
|
switch ($type) { |
|
case 'f': //feed |
|
if ($streamId != '' && !ctype_digit($streamId)) { |
|
$feedDAO = FreshRSS_Factory::createFeedDao(); |
|
$streamId = htmlspecialchars($streamId, ENT_COMPAT, 'UTF-8'); |
|
$feed = $feedDAO->searchByUrl($streamId); |
|
$streamId = $feed == null ? -1 : $feed->id(); |
|
} |
|
break; |
|
case 'c': //category or label |
|
$categoryDAO = FreshRSS_Factory::createCategoryDao(); |
|
$streamId = htmlspecialchars($streamId, ENT_COMPAT, 'UTF-8'); |
|
$cat = $categoryDAO->searchByName($streamId); |
|
if ($cat != null) { |
|
$type = 'c'; |
|
$streamId = $cat->id(); |
|
} else { |
|
$tagDAO = FreshRSS_Factory::createTagDao(); |
|
$tag = $tagDAO->searchByName($streamId); |
|
if ($tag != null) { |
|
$type = 't'; |
|
$streamId = $tag->id(); |
|
} else { |
|
$type = 'A'; |
|
$streamId = -1; |
|
} |
|
} |
|
break; |
|
} |
|
|
|
switch ($filter_target) { |
|
case 'user/-/state/com.google/read': |
|
$state = FreshRSS_Entry::STATE_READ; |
|
break; |
|
case 'user/-/state/com.google/unread': |
|
$state = FreshRSS_Entry::STATE_NOT_READ; |
|
break; |
|
case 'user/-/state/com.google/starred': |
|
$state = FreshRSS_Entry::STATE_FAVORITE; |
|
break; |
|
default: |
|
$state = FreshRSS_Entry::STATE_ALL; |
|
break; |
|
} |
|
|
|
switch ($exclude_target) { |
|
case 'user/-/state/com.google/read': |
|
$state &= FreshRSS_Entry::STATE_NOT_READ; |
|
break; |
|
case 'user/-/state/com.google/unread': |
|
$state &= FreshRSS_Entry::STATE_READ; |
|
break; |
|
case 'user/-/state/com.google/starred': |
|
$state &= FreshRSS_Entry::STATE_NOT_FAVORITE; |
|
break; |
|
} |
|
|
|
$searches = new FreshRSS_BooleanSearch(''); |
|
if ($start_time != '') { |
|
$search = new FreshRSS_Search(''); |
|
$search->setMinDate($start_time); |
|
$searches->add($search); |
|
} |
|
if ($stop_time != '') { |
|
$search = new FreshRSS_Search(''); |
|
$search->setMaxDate($stop_time); |
|
$searches->add($search); |
|
} |
|
|
|
return array($type, $streamId, $state, $searches); |
|
} |
|
|
|
function streamContents($path, $include_target, $start_time, $stop_time, $count, $order, $filter_target, $exclude_target, $continuation) { |
|
//http://code.google.com/p/pyrfeed/wiki/GoogleReaderAPI |
|
//http://blog.martindoms.com/2009/10/16/using-the-google-reader-api-part-2/#feed |
|
header('Content-Type: application/json; charset=UTF-8'); |
|
|
|
switch ($path) { |
|
case 'reading-list': |
|
$type = 'A'; |
|
break; |
|
case 'starred': |
|
$type = 's'; |
|
break; |
|
case 'feed': |
|
$type = 'f'; |
|
break; |
|
case 'label': |
|
$type = 'c'; |
|
break; |
|
default: |
|
$type = 'A'; |
|
break; |
|
} |
|
|
|
list($type, $include_target, $state, $searches) = streamContentsFilters($type, $include_target, $filter_target, $exclude_target, $start_time, $stop_time); |
|
|
|
if ($continuation != '') { |
|
$count++; //Shift by one element |
|
} |
|
|
|
$entryDAO = FreshRSS_Factory::createEntryDao(); |
|
$entries = $entryDAO->listWhere($type, $include_target, $state, $order === 'o' ? 'ASC' : 'DESC', $count, $continuation, $searches); |
|
|
|
$items = entriesToArray($entries); |
|
|
|
if ($continuation != '') { |
|
array_shift($items); //Discard first element that was already sent in the previous response |
|
$count--; |
|
} |
|
|
|
$response = array( |
|
'id' => 'user/-/state/com.google/reading-list', |
|
'updated' => time(), |
|
'items' => $items, |
|
); |
|
if (count($entries) >= $count) { |
|
$entry = end($entries); |
|
if ($entry != false) { |
|
$response['continuation'] = $entry->id(); |
|
} |
|
} |
|
|
|
echo json_encode($response, JSON_OPTIONS), "\n"; |
|
exit(); |
|
} |
|
|
|
function streamContentsItemsIds($streamId, $start_time, $stop_time, $count, $order, $filter_target, $exclude_target, $continuation) { |
|
//http://code.google.com/p/google-reader-api/wiki/ApiStreamItemsIds |
|
//http://code.google.com/p/pyrfeed/wiki/GoogleReaderAPI |
|
//http://blog.martindoms.com/2009/10/16/using-the-google-reader-api-part-2/#feed |
|
$type = 'A'; |
|
$id = ''; |
|
if ($streamId === 'user/-/state/com.google/reading-list') { |
|
$type = 'A'; |
|
} elseif ($streamId === 'user/-/state/com.google/starred') { |
|
$type = 's'; |
|
} elseif (strpos($streamId, 'feed/') === 0) { |
|
$type = 'f'; |
|
$streamId = substr($streamId, 5); |
|
} elseif (strpos($streamId, 'user/-/label/') === 0) { |
|
$type = 'c'; |
|
$streamId = substr($streamId, 13); |
|
} |
|
|
|
list($type, $id, $state, $searches) = streamContentsFilters($type, $streamId, $filter_target, $exclude_target, $start_time, $stop_time); |
|
|
|
if ($continuation != '') { |
|
$count++; //Shift by one element |
|
} |
|
|
|
$entryDAO = FreshRSS_Factory::createEntryDao(); |
|
$ids = $entryDAO->listIdsWhere($type, $id, $state, $order === 'o' ? 'ASC' : 'DESC', $count, $continuation, $searches); |
|
|
|
if ($continuation != '') { |
|
array_shift($ids); //Discard first element that was already sent in the previous response |
|
$count--; |
|
} |
|
|
|
if (empty($ids) && isset($_GET['client']) && $_GET['client'] === 'newsplus') { |
|
$ids[] = 0; //For News+ bug https://github.com/noinnion/newsplus/issues/84#issuecomment-57834632 |
|
} |
|
$itemRefs = array(); |
|
foreach ($ids as $id) { |
|
$itemRefs[] = array( |
|
'id' => $id, //64-bit decimal |
|
); |
|
} |
|
|
|
$response = array( |
|
'itemRefs' => $itemRefs, |
|
); |
|
if (count($ids) >= $count) { |
|
$id = end($ids); |
|
if ($id != false) { |
|
$response['continuation'] = $id; |
|
} |
|
} |
|
|
|
echo json_encode($response, JSON_OPTIONS), "\n"; |
|
exit(); |
|
} |
|
|
|
function streamContentsItems($e_ids, $order) { |
|
header('Content-Type: application/json; charset=UTF-8'); |
|
|
|
foreach ($e_ids as $i => $e_id) { |
|
if (strpos($e_id, '/') !== null) { |
|
$e_id = hex2dec(basename($e_id)); //Strip prefix 'tag:google.com,2005:reader/item/' |
|
} |
|
$e_ids[$i] = $e_id; |
|
} |
|
|
|
$entryDAO = FreshRSS_Factory::createEntryDao(); |
|
$entries = $entryDAO->listByIds($e_ids, $order === 'o' ? 'ASC' : 'DESC'); |
|
|
|
$items = entriesToArray($entries); |
|
|
|
$response = array( |
|
'id' => 'user/-/state/com.google/reading-list', |
|
'updated' => time(), |
|
'items' => $items, |
|
); |
|
|
|
echo json_encode($response, JSON_OPTIONS), "\n"; |
|
exit(); |
|
} |
|
|
|
function editTag($e_ids, $a, $r) { |
|
foreach ($e_ids as $i => $e_id) { |
|
if (strpos($e_id, '/') !== null) { |
|
$e_id = hex2dec(basename($e_id)); //Strip prefix 'tag:google.com,2005:reader/item/' |
|
} |
|
$e_ids[$i] = $e_id; |
|
} |
|
|
|
$entryDAO = FreshRSS_Factory::createEntryDao(); |
|
$tagDAO = FreshRSS_Factory::createTagDao(); |
|
|
|
switch ($a) { |
|
case 'user/-/state/com.google/read': |
|
$entryDAO->markRead($e_ids, true); |
|
break; |
|
case 'user/-/state/com.google/starred': |
|
$entryDAO->markFavorite($e_ids, true); |
|
break; |
|
/*case 'user/-/state/com.google/tracking-kept-unread': |
|
break; |
|
case 'user/-/state/com.google/like': |
|
break; |
|
case 'user/-/state/com.google/broadcast': |
|
break;*/ |
|
default: |
|
$tagName = ''; |
|
if (strpos($a, 'user/-/label/') === 0) { |
|
$tagName = substr($a, 13); |
|
} else { |
|
$user = Minz_Session::param('currentUser', '_'); |
|
$prefix = 'user/' . $user . '/label/'; |
|
if (strpos($a, $prefix) === 0) { |
|
$tagName = substr($a, strlen($prefix)); |
|
} |
|
} |
|
if ($tagName != '') { |
|
$tagName = htmlspecialchars($tagName, ENT_COMPAT, 'UTF-8'); |
|
$tag = $tagDAO->searchByName($tagName); |
|
if ($tag == null) { |
|
$tagDAO->addTag(array('name' => $tagName)); |
|
$tag = $tagDAO->searchByName($tagName); |
|
} |
|
if ($tag != null) { |
|
foreach ($e_ids as $e_id) { |
|
$tagDAO->tagEntry($tag->id(), $e_id, true); |
|
} |
|
} |
|
} |
|
break; |
|
} |
|
switch ($r) { |
|
case 'user/-/state/com.google/read': |
|
$entryDAO->markRead($e_ids, false); |
|
break; |
|
case 'user/-/state/com.google/starred': |
|
$entryDAO->markFavorite($e_ids, false); |
|
break; |
|
default: |
|
if (strpos($r, 'user/-/label/') === 0) { |
|
$tagName = substr($r, 13); |
|
$tagName = htmlspecialchars($tagName, ENT_COMPAT, 'UTF-8'); |
|
$tag = $tagDAO->searchByName($tagName); |
|
if ($tag != null) { |
|
foreach ($e_ids as $e_id) { |
|
$tagDAO->tagEntry($tag->id(), $e_id, false); |
|
} |
|
} |
|
} |
|
break; |
|
} |
|
|
|
exit('OK'); |
|
} |
|
|
|
function renameTag($s, $dest) { |
|
if ($s != '' && strpos($s, 'user/-/label/') === 0 && |
|
$dest != '' && strpos($dest, 'user/-/label/') === 0) { |
|
$s = substr($s, 13); |
|
$s = htmlspecialchars($s, ENT_COMPAT, 'UTF-8'); |
|
$dest = substr($dest, 13); |
|
$dest = htmlspecialchars($dest, ENT_COMPAT, 'UTF-8'); |
|
|
|
$categoryDAO = FreshRSS_Factory::createCategoryDao(); |
|
$cat = $categoryDAO->searchByName($s); |
|
if ($cat != null) { |
|
$categoryDAO->updateCategory($cat->id(), array('name' => $dest)); |
|
exit('OK'); |
|
} else { |
|
$tagDAO = FreshRSS_Factory::createTagDao(); |
|
$tag = $tagDAO->searchByName($s); |
|
if ($tag != null) { |
|
$tagDAO->updateTag($tag->id(), array('name' => $dest)); |
|
exit('OK'); |
|
} |
|
} |
|
} |
|
badRequest(); |
|
} |
|
|
|
function disableTag($s) { |
|
if ($s != '' && strpos($s, 'user/-/label/') === 0) { |
|
$s = substr($s, 13); |
|
$s = htmlspecialchars($s, ENT_COMPAT, 'UTF-8'); |
|
$categoryDAO = FreshRSS_Factory::createCategoryDao(); |
|
$cat = $categoryDAO->searchByName($s); |
|
if ($cat != null) { |
|
$feedDAO = FreshRSS_Factory::createFeedDao(); |
|
$feedDAO->changeCategory($cat->id(), 0); |
|
if ($cat->id() > 1) { |
|
$categoryDAO->deleteCategory($cat->id()); |
|
} |
|
exit('OK'); |
|
} else { |
|
$tagDAO = FreshRSS_Factory::createTagDao(); |
|
$tag = $tagDAO->searchByName($s); |
|
if ($tag != null) { |
|
$tagDAO->deleteTag($tag->id()); |
|
exit('OK'); |
|
} |
|
} |
|
} |
|
badRequest(); |
|
} |
|
|
|
function markAllAsRead($streamId, $olderThanId) { |
|
$entryDAO = FreshRSS_Factory::createEntryDao(); |
|
if (strpos($streamId, 'feed/') === 0) { |
|
$f_id = basename($streamId); |
|
$entryDAO->markReadFeed($f_id, $olderThanId); |
|
} elseif (strpos($streamId, 'user/-/label/') === 0) { |
|
$c_name = substr($streamId, 13); |
|
$c_name = htmlspecialchars($c_name, ENT_COMPAT, 'UTF-8'); |
|
$categoryDAO = FreshRSS_Factory::createCategoryDao(); |
|
$cat = $categoryDAO->searchByName($c_name); |
|
if ($cat != null) { |
|
$entryDAO->markReadCat($cat->id(), $olderThanId); |
|
} else { |
|
$tagDAO = FreshRSS_Factory::createTagDao(); |
|
$tag = $tagDAO->searchByName($c_name); |
|
if ($tag != null) { |
|
$entryDAO->markReadTag($tag->id(), $olderThanId); |
|
} |
|
} |
|
} elseif ($streamId === 'user/-/state/com.google/reading-list') { |
|
$entryDAO->markReadEntries($olderThanId, false, -1); |
|
} |
|
|
|
exit('OK'); |
|
} |
|
|
|
$pathInfo = empty($_SERVER['PATH_INFO']) ? '/Error' : urldecode($_SERVER['PATH_INFO']); |
|
$pathInfos = explode('/', $pathInfo); |
|
|
|
Minz_Configuration::register('system', |
|
DATA_PATH . '/config.php', |
|
FRESHRSS_PATH . '/config.default.php'); |
|
FreshRSS_Context::$system_conf = Minz_Configuration::get('system'); |
|
|
|
//Minz_Log::debug('----------------------------------------------------------------', API_LOG); |
|
//Minz_Log::debug(debugInfo(), API_LOG); |
|
|
|
if (!FreshRSS_Context::$system_conf->api_enabled) { |
|
serviceUnavailable(); |
|
} elseif (count($pathInfos) < 3) { |
|
badRequest(); |
|
} elseif ($pathInfos[1] === 'check' && $pathInfos[2] === 'compatibility') { |
|
checkCompatibility(); |
|
} |
|
|
|
ini_set('session.use_cookies', '0'); |
|
register_shutdown_function('session_destroy'); |
|
Minz_Session::init('FreshRSS'); |
|
|
|
$user = authorizationToUser(); |
|
FreshRSS_Context::$user_conf = null; |
|
if ($user !== '') { |
|
FreshRSS_Context::$user_conf = get_user_configuration($user); |
|
} |
|
|
|
Minz_Session::_param('currentUser', $user); |
|
|
|
if ($pathInfos[1] === 'accounts') { |
|
if (($pathInfos[2] === 'ClientLogin') && isset($_REQUEST['Email']) && isset($_REQUEST['Passwd'])) { |
|
clientLogin($_REQUEST['Email'], $_REQUEST['Passwd']); |
|
} |
|
} elseif ($pathInfos[1] === 'reader' && $pathInfos[2] === 'api' && isset($pathInfos[3]) && $pathInfos[3] === '0' && isset($pathInfos[4])) { |
|
if ($user == '') { |
|
unauthorized(); |
|
} |
|
$timestamp = isset($_GET['ck']) ? intval($_GET['ck']) : 0; //ck=[unix timestamp] : Use the current Unix time here, helps Google with caching. |
|
switch ($pathInfos[4]) { |
|
case 'stream': |
|
/* xt=[exclude target] : Used to exclude certain items from the feed. |
|
* For example, using xt=user/-/state/com.google/read will exclude items |
|
* that the current user has marked as read, or xt=feed/[feedurl] will |
|
* exclude items from a particular feed (obviously not useful in this |
|
* request, but xt appears in other listing requests). */ |
|
$exclude_target = isset($_GET['xt']) ? $_GET['xt'] : ''; |
|
$filter_target = isset($_GET['it']) ? $_GET['it'] : ''; |
|
$count = isset($_GET['n']) ? intval($_GET['n']) : 20; //n=[integer] : The maximum number of results to return. |
|
$order = isset($_GET['r']) ? $_GET['r'] : 'd'; //r=[d|n|o] : Sort order of item results. d or n gives items in descending date order, o in ascending order. |
|
/* ot=[unix timestamp] : The time from which you want to retrieve |
|
* items. Only items that have been crawled by Google Reader after |
|
* this time will be returned. */ |
|
$start_time = isset($_GET['ot']) ? intval($_GET['ot']) : 0; |
|
$stop_time = isset($_GET['nt']) ? intval($_GET['nt']) : 0; |
|
/* Continuation token. If a StreamContents response does not represent |
|
* all items in a timestamp range, it will have a continuation attribute. |
|
* The same request can be re-issued with the value of that attribute put |
|
* in this parameter to get more items */ |
|
$continuation = isset($_GET['c']) ? trim($_GET['c']) : ''; |
|
if (!ctype_digit($continuation)) { |
|
$continuation = ''; |
|
} |
|
if (isset($pathInfos[5]) && $pathInfos[5] === 'contents' && isset($pathInfos[6])) { |
|
if (isset($pathInfos[7])) { |
|
if ($pathInfos[6] === 'feed') { |
|
$include_target = $pathInfos[7]; |
|
if ($include_target != '' && !ctype_digit($include_target)) { |
|
$include_target = empty($_SERVER['REQUEST_URI']) ? '' : $_SERVER['REQUEST_URI']; |
|
if (preg_match('#/reader/api/0/stream/contents/feed/([A-Za-z0-9\'!*()%$_.~+-]+)#', $include_target, $matches) && isset($matches[1])) { |
|
$include_target = urldecode($matches[1]); |
|
} else { |
|
$include_target = ''; |
|
} |
|
} |
|
streamContents($pathInfos[6], $include_target, $start_time, $stop_time, $count, $order, $filter_target, $exclude_target, $continuation); |
|
} elseif ($pathInfos[6] === 'user' && isset($pathInfos[8]) && isset($pathInfos[9])) { |
|
if ($pathInfos[8] === 'state') { |
|
if ($pathInfos[9] === 'com.google' && isset($pathInfos[10])) { |
|
if ($pathInfos[10] === 'reading-list' || $pathInfos[10] === 'starred') { |
|
$include_target = ''; |
|
streamContents($pathInfos[10], $include_target, $start_time, $stop_time, $count, $order, $filter_target, $exclude_target, $continuation); |
|
} |
|
} |
|
} elseif ($pathInfos[8] === 'label') { |
|
$include_target = $pathInfos[9]; |
|
streamContents($pathInfos[8], $include_target, $start_time, $stop_time, $count, $order, $filter_target, $exclude_target, $continuation); |
|
} |
|
} |
|
} else { //EasyRSS |
|
$include_target = ''; |
|
streamContents('reading-list', $include_target, $start_time, $stop_time, $count, $order, $filter_target, $exclude_target, $continuation); |
|
} |
|
} elseif ($pathInfos[5] === 'items') { |
|
if ($pathInfos[6] === 'ids' && isset($_GET['s'])) { |
|
/* StreamId for which to fetch the item IDs. The parameter may |
|
* be repeated to fetch the item IDs from multiple streams at once |
|
* (more efficient from a backend perspective than multiple requests). */ |
|
$streamId = $_GET['s']; |
|
streamContentsItemsIds($streamId, $start_time, $stop_time, $count, $order, $filter_target, $exclude_target, $continuation); |
|
} else if ($pathInfos[6] === 'contents' && isset($_POST['i'])) { //FeedMe |
|
$e_ids = multiplePosts('i'); //item IDs |
|
streamContentsItems($e_ids, $order); |
|
} |
|
} |
|
break; |
|
case 'tag': |
|
if (isset($pathInfos[5]) && $pathInfos[5] === 'list') { |
|
$output = isset($_GET['output']) ? $_GET['output'] : ''; |
|
if ($output !== 'json') notImplemented(); |
|
tagList($output); |
|
} |
|
break; |
|
case 'subscription': |
|
if (isset($pathInfos[5])) { |
|
switch ($pathInfos[5]) { |
|
case 'list': |
|
$output = isset($_GET['output']) ? $_GET['output'] : ''; |
|
if ($output !== 'json') notImplemented(); |
|
subscriptionList($_GET['output']); |
|
break; |
|
case 'edit': |
|
if (isset($_REQUEST['s']) && isset($_REQUEST['ac'])) { |
|
//StreamId to operate on. The parameter may be repeated to edit multiple subscriptions at once |
|
$streamNames = empty($_POST['s']) && isset($_GET['s']) ? array($_GET['s']) : multiplePosts('s'); |
|
/* Title to use for the subscription. For the `subscribe` action, |
|
* if not specified then the feed's current title will be used. Can |
|
* be used with the `edit` action to rename a subscription */ |
|
$titles = empty($_POST['t']) && isset($_GET['t']) ? array($_GET['t']) : multiplePosts('t'); |
|
$action = $_REQUEST['ac']; //Action to perform on the given StreamId. Possible values are `subscribe`, `unsubscribe` and `edit` |
|
$add = isset($_REQUEST['a']) ? $_REQUEST['a'] : ''; //StreamId to add the subscription to (generally a user label) |
|
$remove = isset($_REQUEST['r']) ? $_REQUEST['r'] : ''; //StreamId to remove the subscription from (generally a user label) |
|
subscriptionEdit($streamNames, $titles, $action, $add, $remove); |
|
} |
|
break; |
|
case 'quickadd': //https://github.com/theoldreader/api |
|
if (isset($_GET['quickadd'])) { |
|
quickadd($_GET['quickadd']); |
|
} |
|
break; |
|
} |
|
} |
|
break; |
|
case 'unread-count': |
|
$output = isset($_GET['output']) ? $_GET['output'] : ''; |
|
if ($output !== 'json') notImplemented(); |
|
$all = isset($_GET['all']) ? $_GET['all'] : ''; |
|
unreadCount($all); |
|
break; |
|
case 'edit-tag': //http://blog.martindoms.com/2010/01/20/using-the-google-reader-api-part-3/ |
|
$token = isset($_POST['T']) ? trim($_POST['T']) : ''; |
|
checkToken(FreshRSS_Context::$user_conf, $token); |
|
$a = isset($_POST['a']) ? $_POST['a'] : ''; //Add: user/-/state/com.google/read user/-/state/com.google/starred |
|
$r = isset($_POST['r']) ? $_POST['r'] : ''; //Remove: user/-/state/com.google/read user/-/state/com.google/starred |
|
$e_ids = multiplePosts('i'); //item IDs |
|
editTag($e_ids, $a, $r); |
|
break; |
|
case 'rename-tag': //https://github.com/theoldreader/api |
|
$token = isset($_POST['T']) ? trim($_POST['T']) : ''; |
|
checkToken(FreshRSS_Context::$user_conf, $token); |
|
$s = isset($_POST['s']) ? $_POST['s'] : ''; //user/-/label/Folder |
|
$dest = isset($_POST['dest']) ? $_POST['dest'] : ''; //user/-/label/NewFolder |
|
renameTag($s, $dest); |
|
break; |
|
case 'disable-tag': //https://github.com/theoldreader/api |
|
$token = isset($_POST['T']) ? trim($_POST['T']) : ''; |
|
checkToken(FreshRSS_Context::$user_conf, $token); |
|
$s_s = multiplePosts('s'); |
|
foreach ($s_s as $s) { |
|
disableTag($s); //user/-/label/Folder |
|
} |
|
break; |
|
case 'mark-all-as-read': |
|
$token = isset($_POST['T']) ? trim($_POST['T']) : ''; |
|
checkToken(FreshRSS_Context::$user_conf, $token); |
|
$streamId = $_POST['s']; //StreamId |
|
$ts = isset($_POST['ts']) ? $_POST['ts'] : '0'; //Older than timestamp in nanoseconds |
|
if (!ctype_digit($ts)) { |
|
$ts = '0'; |
|
} |
|
markAllAsRead($streamId, $ts); |
|
break; |
|
case 'token': |
|
token(FreshRSS_Context::$user_conf); |
|
break; |
|
case 'user-info': |
|
userInfo(); |
|
break; |
|
} |
|
} |
|
|
|
badRequest();
|
|
|