small updates

changed authentication call from Mr.Reader so that the reply is also uppercase, since the API-KEY comes in uppercase from clients
fixed debug output while authentication in Mr.Reader with displaying the email adress

README.md

@@ -6,13 +6,13 @@ This plugin is an open source module for TinyTinyRSS which simulates the Fever A
 
 - - -
 
-* <a href="#features">Tested Clients</a>
+* <a href="#features">Features</a>
 * <a href="#download">Downloads</a>
 * <a href="#supported">Supported/Tested Clients</a>
 * <a href="#installation">Installation</a>
+* <a href="#debug">Debugging</a>
 * <a href="#license">License</a>
 * <a href="#changelog">Changelog</a>
-* <a href="#copyright">Copyright</a>
 
 ## <a name="features">Features</a>
 
@@ -24,15 +24,16 @@ Following Features are implemented:
 * setting starred marker for item(s)
 * hot is **not** supported
 
+## <a name="downloads">Downloads</a>
+
+Please click the ```ZIP``` Button to download current version. ;)
+
 ## <a name="supported">Supported/Tested Clients</a>
 
-Full Support
+These clients should be working fine with this API emulation.
 
 * Reeder - iPhone
-
-Limited support
-
-* Mr.Reader - iPad - can currently only load and show items, can **not** read/star items
+* Mr.Reader - iPad
 
 ## <a name="installation">Installation</a>
 
@@ -40,6 +41,14 @@ Upload the ```fever``` folder in the ```plugins``` folder of your TinyTinyRSS in
 
 See [here](http://tt-rss.org/forum/viewtopic.php?f=22&t=1981) for more detailed informations.
 
+## <a name="debug">Debugging</a>
+
+In the file ```fever_api.php``` there are two flags for debugging at the beginning of the file.
+
+* ```DEBUG``` - set this to true to get a fever_debug.txt file in your root folder of the Tiny Tiny RSS installation.
+* ```DEBUG_USER``` - set this to the id (from ttrss_users) of your user you would like to always authenticate on your Tiny Tiny RSS installation. The authentication process is then skipped and the api gets always authentication.
+* ```DEBUG_FILE``` - set this to a filename that suits you for debugging this plugin if you need to.
+
 ## <a name="license">License</a>
 
 Licensed under GNU GPL version 2 (<- I think this is okay for this plugin…)
@@ -53,5 +62,25 @@ v1.0-v1.2 - 2013/5/27 - DigitalDJ version
 v1.3 - 2013/6/27
 
 * fixed several bugs in json output from the plugin
-* added a small fix for Mr.Reader 2.0 so it can complete loading of all items
+* added a small fix for Mr.Reader 2.0 so it can complete loading of all items (see [FAQ](http://www.curioustimes.de/mrreader/faq/))
 * added first Mr.Reader compatiblity without marking items read/starred
+* changed the field ```date_entered``` to ```updated``` for better reading experience
+
+v1.4 - 2013/6/28
+
+* fixed authentication with Mr.Reader 2.0
+* fixed debugging options
+
+v1.4.1 - 2013/6/28
+
+* removed password from debug log file
+
+v1.4.2 - 2013/6/28
+
+* changed the ```DEBUG_USER``` evaluation a little bit for disabling authentication without DEBUG = true
+
+v1.4.3 - 2013/6/28
+
+* added ```DEBUG_FILE``` to debug configuration
+* changed authentication call from Mr.Reader so that the reply is also uppercase, since the API-KEY comes in uppercase from clients
+* fixed debug output while authentication in Mr.Reader with displaying the email adress

fever/fever_api.php

@@ -1,5 +1,7 @@
 <?php
 
+// v1.4.3
+
 class FeverAPI extends Handler {
 
 	const API_LEVEL  = 3;
@@ -7,9 +9,10 @@ class FeverAPI extends Handler {
 	const STATUS_OK  = 1;
 	const STATUS_ERR = 0;
 
-	// debugging only function with JSON
-	const DEBUG = 0; // enable if you need some debug output in your tinytinyrss root
-	const DEBUG_USER = 1; // your user id you need to debug - look it up in your mysql database
+	// debugging only functions with JSON
+	const DEBUG = false; // enable if you need some debug output in your tinytinyrss root
+	const DEBUG_USER = 0; // your user id you need to debug - look it up in your mysql database and set it to a value bigger than 0
+	const DEBUG_FILE = './debug_fever.txt'; // the file for debugging output
 
 	private $xml;
 
@@ -34,9 +37,9 @@ class FeverAPI extends Handler {
 		else
 		{
 			print json_encode($arr);
-			if (DEBUG==1) {
+			if (self::DEBUG) {
 				// debug output
-				file_put_contents('./debug_fever.txt','answer   : '.json_encode($arr)."\n",FILE_APPEND);
+				file_put_contents(self::DEBUG_FILE,'answer   : '.json_encode($arr)."\n",FILE_APPEND);
 			}
 		}
 	}
@@ -116,19 +119,41 @@ class FeverAPI extends Handler {
 	// find the user in the db with a particular api key
 	private function setUser()
 	{
-		if (isset($_REQUEST["api_key"]))
+		$apikey = isset($_REQUEST["api_key"])?$_REQUEST["api_key"]:'';
+		// here comes Mr.Reader special API for logging in
+		if ((strlen($apikey)==0)&&
+			(isset($_REQUEST["action"]))&&
+			($_REQUEST["action"]=='login')&&
+			(isset($_REQUEST["email"]))&&
+			(isset($_REQUEST["password"]))) {
+			$email = $_REQUEST["email"];
+			$password = $_REQUEST["password"];
+			$apikey = strtoupper(md5($email.":".db_escape_string($password)));
+			setcookie('fever_auth',$apikey,time()+60*60*24*30);
+			if (self::DEBUG) {
+				// debug output
+				$output = array();
+				$output['email'] = $email;
+				$output['apikey'] = $apikey;
+				file_put_contents(self::DEBUG_FILE,'auth POST: '.json_encode($output)."\n",FILE_APPEND);
+			}
+		}
+		if ((strlen($apikey)==0)&&isset($_REQUEST['fever_auth'])) { // override for Mr.Reader when doing some stuff
+			$apikey = $_REQUEST['fever_auth'];
+		}
+		if (strlen($apikey)>0)
 		{
 			$result = $this->dbh->query("SELECT	owner_uid
 										 FROM ttrss_plugin_storage
-										 WHERE content = '" . db_escape_string('a:1:{s:8:"password";s:32:"') . db_escape_string(strtolower($_REQUEST["api_key"])) . db_escape_string('";}') . "'");
+										 WHERE content = '" . db_escape_string('a:1:{s:8:"password";s:32:"') . db_escape_string(strtolower($apikey)) . db_escape_string('";}') . "'");
 
 			if ($this->dbh->num_rows($result) > 0)
 			{
 				$_SESSION["uid"] = $this->dbh->fetch_result($result, 0, "owner_uid");
 			}
 
-			if (DEBUG==1) {
-				$_SESSION["uid"] = DEBUG_USER; // always authenticate and set debug user
+			if (self::DEBUG_USER>0) {
+				$_SESSION["uid"] = self::DEBUG_USER; // always authenticate and set debug user
 			}
 		}
 	}
@@ -253,6 +278,7 @@ class FeverAPI extends Handler {
 	function getLinks()
 	{
 		// TODO: is there a 'hot links' alternative in ttrss?
+		// use ttrss_user_entries / score>0
 		$links = array();
 
 		return $links;
@@ -690,9 +716,9 @@ class FeverAPI extends Handler {
 	// validate the api_key, user preferences
 	function before($method) {
 		if (parent::before($method)) {
-			if (DEBUG==1) {
+			if (self::DEBUG) {
 				// add request to debug log
-				file_put_contents('./debug_fever.txt','parameter: '.json_encode($_REQUEST)."\n",FILE_APPEND);
+				file_put_contents(self::DEBUG_FILE,'parameter: '.json_encode($_REQUEST)."\n",FILE_APPEND);
 			}
 
 			// set the user from the db