added debug section

fixed debugging options

README.md

@@ -6,13 +6,13 @@ This plugin is an open source module for TinyTinyRSS which simulates the Fever A
 
 - - -
 
-* <a href="#features">Tested Clients</a>
+* <a href="#features">Features</a>
 * <a href="#download">Downloads</a>
 * <a href="#supported">Supported/Tested Clients</a>
 * <a href="#installation">Installation</a>
+* <a href="#debug">Debugging</a>
 * <a href="#license">License</a>
 * <a href="#changelog">Changelog</a>
-* <a href="#copyright">Copyright</a>
 
 ## <a name="features">Features</a>
 
@@ -24,15 +24,16 @@ Following Features are implemented:
 * setting starred marker for item(s)
 * hot is **not** supported
 
+## <a name="downloads">Downloads</a>
+
+Please click the ```ZIP``` Button to download current version. ;)
+
 ## <a name="supported">Supported/Tested Clients</a>
 
-Full Support
+These clients should be working fine with this API emulation.
 
 * Reeder - iPhone
-
-Limited support
-
-* Mr.Reader - iPad - can currently only load and show items, can **not** read/star items
+* Mr.Reader - iPad
 
 ## <a name="installation">Installation</a>
 
@@ -40,6 +41,13 @@ Upload the ```fever``` folder in the ```plugins``` folder of your TinyTinyRSS in
 
 See [here](http://tt-rss.org/forum/viewtopic.php?f=22&t=1981) for more detailed informations.
 
+## <a name="debug">Debugging</a>
+
+In the file ```fever_api.php``` there are two flags for debugging at the beginning of the file.
+
+* ```DEBUG``` - set this to true to get a fever_debug.txt file in your root folder of the Tiny Tiny RSS installation.
+* ```DEBUG_USER``` - set this to the id (from ttrss_users) of your user you would like to always authenticate on your Tiny Tiny RSS installation. The authentication process is then skipped and the api gets always authentication.
+
 ## <a name="license">License</a>
 
 Licensed under GNU GPL version 2 (<- I think this is okay for this plugin…)
@@ -53,5 +61,19 @@ v1.0-v1.2 - 2013/5/27 - DigitalDJ version
 v1.3 - 2013/6/27
 
 * fixed several bugs in json output from the plugin
-* added a small fix for Mr.Reader 2.0 so it can complete loading of all items
+* added a small fix for Mr.Reader 2.0 so it can complete loading of all items (see [FAQ](http://www.curioustimes.de/mrreader/faq/))
 * added first Mr.Reader compatiblity without marking items read/starred
+* changed the field ```date_entered``` to ```updated``` for better reading experience
+
+v1.4 - 2013/6/28
+
+* fixed authentication with Mr.Reader 2.0
+* fixed debugging options
+
+v1.4.1 - 2013/6/28
+
+* removed password from debug log file
+
+v1.4.2 - 2013/6/28
+
+* changed the DEBUG_USER evaluation a little bit for disabling authentication without DEBUG = true

fever/fever_api.php

@@ -1,5 +1,7 @@
 <?php
 
+// v1.4.2
+
 class FeverAPI extends Handler {
 
 	const API_LEVEL  = 3;
@@ -7,9 +9,9 @@ class FeverAPI extends Handler {
 	const STATUS_OK  = 1;
 	const STATUS_ERR = 0;
 
-	// debugging only function with JSON
-	const DEBUG = 0; // enable if you need some debug output in your tinytinyrss root
-	const DEBUG_USER = 1; // your user id you need to debug - look it up in your mysql database
+	// debugging only functions with JSON
+	const DEBUG = false; // enable if you need some debug output in your tinytinyrss root
+	const DEBUG_USER = 0; // your user id you need to debug - look it up in your mysql database and set it to a value bigger than 0
 
 	private $xml;
 
@@ -34,7 +36,7 @@ class FeverAPI extends Handler {
 		else
 		{
 			print json_encode($arr);
-			if (DEBUG==1) {
+			if (self::DEBUG) {
 				// debug output
 				file_put_contents('./debug_fever.txt','answer   : '.json_encode($arr)."\n",FILE_APPEND);
 			}
@@ -116,19 +118,42 @@ class FeverAPI extends Handler {
 	// find the user in the db with a particular api key
 	private function setUser()
 	{
-		if (isset($_REQUEST["api_key"]))
+		$apikey = isset($_REQUEST["api_key"])?$_REQUEST["api_key"]:'';
+		// here comes Mr.Reader special API for logging in
+		if ((strlen($apikey)==0)&&
+			(isset($_REQUEST["action"]))&&
+			($_REQUEST["action"]=='login')&&
+			(isset($_REQUEST["email"]))&&
+			(isset($_REQUEST["password"]))) {
+			$email = $_REQUEST["email"];
+			$password = $_REQUEST["password"];
+			$apikey = md5($email.":".db_escape_string($password));
+			setcookie('fever_auth',$apikey,time()+60*60*24*30);
+			if (self::DEBUG) {
+				// debug output
+				$output = array();
+				$output['email'] = $username;
+				$output['password'] = '***not displayed***';
+				$output['apikey'] = $apikey;
+				file_put_contents('./debug_fever.txt','auth POST: '.json_encode($output)."\n",FILE_APPEND);
+			}
+		}
+		if ((strlen($apikey)==0)&&isset($_REQUEST['fever_auth'])) { // override for Mr.Reader when doing some stuff
+			$apikey = $_REQUEST['fever_auth'];
+		}
+		if (strlen($apikey)>0)
 		{
 			$result = $this->dbh->query("SELECT	owner_uid
 										 FROM ttrss_plugin_storage
-										 WHERE content = '" . db_escape_string('a:1:{s:8:"password";s:32:"') . db_escape_string(strtolower($_REQUEST["api_key"])) . db_escape_string('";}') . "'");
+										 WHERE content = '" . db_escape_string('a:1:{s:8:"password";s:32:"') . db_escape_string(strtolower($apikey)) . db_escape_string('";}') . "'");
 
 			if ($this->dbh->num_rows($result) > 0)
 			{
 				$_SESSION["uid"] = $this->dbh->fetch_result($result, 0, "owner_uid");
 			}
 
-			if (DEBUG==1) {
-				$_SESSION["uid"] = DEBUG_USER; // always authenticate and set debug user
+			if (self::DEBUG_USER>0) {
+				$_SESSION["uid"] = self::DEBUG_USER; // always authenticate and set debug user
 			}
 		}
 	}
@@ -690,7 +715,7 @@ class FeverAPI extends Handler {
 	// validate the api_key, user preferences
 	function before($method) {
 		if (parent::before($method)) {
-			if (DEBUG==1) {
+			if (self::DEBUG) {
 				// add request to debug log
 				file_put_contents('./debug_fever.txt','parameter: '.json_encode($_REQUEST)."\n",FILE_APPEND);
 			}