New feature: shareable user query (#6052)

* New feature: shareable user query
Share the output of a user query by RSS / HTML / OPML with other people through unique URLs.
Replaces the global admin token, which was the only option (but unsafe) to share RSS outputs with other people.
Also add a new HTML output for people without an RSS reader.

fix https://github.com/FreshRSS/FreshRSS/issues/3066#issuecomment-648977890
fix https://github.com/FreshRSS/FreshRSS/issues/3178#issuecomment-769435504

* Remove unused method

* Fix token saving

* Implement HTML view

* Update i18n for master token

* Revert i18n get_favorite

* Fix missing i18n for user queries from before this PR

* Remove irrelevant tests

* Add link to RSS version

* Fix getGet

* Fix getState

* Fix getSearch

* Alternative getSearch

* Default getOrder

* Explicit default state

* Fix test

* Add OPML sharing

* Remove many redundant SQL queries from original implementation of user queries

* Fix article tags

* Use default user settings

* Prepare public search

* Fixes

* Allow user search on article tags

* Implement user search

* Revert filter bug

* Revert wrong SQL left outer join change

* Implement checkboxes

* Safe check of OPML

* Fix label

* Remove RSS button to favour new sharing method
That sharing button was using a global admin token

* First version of HTTP 304

* Disallow some recusrivity
fix https://github.com/FreshRSS/FreshRSS/issues/6086

* Draft of nav

* Minor httpConditional

* Add support for offset for pagination

* Fix offset pagination

* Fix explicit order ASC

* Add documentation

* Help links i18n

* Note about deprecated master token

* Typo

* Doc about format

2 files changed, 178 insertions, 3 deletions

diff --git a/p/api/greader.php b/p/api/greader.php
index f8390e3ef..615f83567 100644
--- a/p/api/greader.php
+++ b/p/api/greader.php
@@ -572,7 +572,7 @@ final class GReaderAPI {
 				continue;
 			}
 
-			$feed = FreshRSS_CategoryDAO::findFeed($categories, $entry->feedId());
+			$feed = FreshRSS_Category::findFeed($categories, $entry->feedId());
 			if ($feed === null) {
 				continue;
 			}
@@ -694,7 +694,7 @@ final class GReaderAPI {
 		}
 
 		$entryDAO = FreshRSS_Factory::createEntryDao();
-		$entries = $entryDAO->listWhere($type, $include_target, $state, $order === 'o' ? 'ASC' : 'DESC', $count, $continuation, $searches);
+		$entries = $entryDAO->listWhere($type, $include_target, $state, $order === 'o' ? 'ASC' : 'DESC', $count, 0, $continuation, $searches);
 		$entries = iterator_to_array($entries);	//TODO: Improve
 
 		$items = self::entriesToArray($entries);
@@ -746,7 +746,7 @@ final class GReaderAPI {
 		}
 
 		$entryDAO = FreshRSS_Factory::createEntryDao();
-		$ids = $entryDAO->listIdsWhere($type, $id, $state, $order === 'o' ? 'ASC' : 'DESC', $count, $continuation, $searches);
+		$ids = $entryDAO->listIdsWhere($type, $id, $state, $order === 'o' ? 'ASC' : 'DESC', $count, 0, $continuation, $searches);
 		if ($ids === null) {
 			self::internalServerError();
 		}
diff --git a/p/api/query.php b/p/api/query.php
new file mode 100644
index 000000000..0ba14453f
--- /dev/null
+++ b/p/api/query.php
@@ -0,0 +1,175 @@
+<?php
+declare(strict_types=1);
+require(__DIR__ . '/../../constants.php');
+require(LIB_PATH . '/lib_rss.php');	//Includes class autoloader
+
+Minz_Request::init();
+
+$token = Minz_Request::paramString('t');
+if (!ctype_alnum($token)) {
+	header('HTTP/1.1 422 Unprocessable Entity');
+	header('Content-Type: text/plain; charset=UTF-8');
+	die('Invalid token `t`!' . $token);
+}
+
+$format = Minz_Request::paramString('f');
+if (!in_array($format, ['atom', 'html', 'opml', 'rss'], true)) {
+	header('HTTP/1.1 422 Unprocessable Entity');
+	header('Content-Type: text/plain; charset=UTF-8');
+	die('Invalid format `f`!');
+}
+
+$user = Minz_Request::paramString('user');
+if (!FreshRSS_user_Controller::checkUsername($user)) {
+	header('HTTP/1.1 422 Unprocessable Entity');
+	header('Content-Type: text/plain; charset=UTF-8');
+	die('Invalid user!');
+}
+
+Minz_Session::init('FreshRSS', true);
+
+FreshRSS_Context::initSystem();
+if (!FreshRSS_Context::hasSystemConf() || !FreshRSS_Context::systemConf()->api_enabled) {
+	header('HTTP/1.1 503 Service Unavailable');
+	header('Content-Type: text/plain; charset=UTF-8');
+	die('Service Unavailable!');
+}
+
+FreshRSS_Context::initUser($user);
+if (!FreshRSS_Context::hasUserConf()) {
+	usleep(rand(100, 10000));	//Primitive mitigation of scanning for users
+	header('HTTP/1.1 404 Not Found');
+	header('Content-Type: text/plain; charset=UTF-8');
+	die('User not found!');
+} else {
+	usleep(rand(20, 200));
+}
+
+if (!file_exists(DATA_PATH . '/no-cache.txt')) {
+	require(LIB_PATH . '/http-conditional.php');
+	// TODO: Consider taking advantage of $feedMode, only for monotonous queries {all, categories, feeds} and not dynamic ones {read/unread, favourites, user labels}
+	if (httpConditional(FreshRSS_UserDAO::mtime($user) ?: time(), 0, 0, false, PHP_COMPRESSION, false)) {
+		exit();	//No need to send anything
+	}
+}
+
+Minz_Translate::init(FreshRSS_Context::userConf()->language);
+Minz_ExtensionManager::init();
+Minz_ExtensionManager::enableByList(FreshRSS_Context::userConf()->extensions_enabled, 'user');
+
+$query = null;
+$userSearch = null;
+foreach (FreshRSS_Context::userConf()->queries as $raw_query) {
+	if (!empty($raw_query['token']) && $raw_query['token'] === $token) {
+		switch ($format) {
+			case 'atom':
+			case 'html':
+			case 'rss':
+				if (empty($raw_query['shareRss'])) {
+					continue 2;
+				}
+				break;
+			case 'opml':
+				if (empty($raw_query['shareOpml'])) {
+					continue 2;
+				}
+				break;
+			default:
+				continue 2;
+		}
+		$query = new FreshRSS_UserQuery($raw_query, FreshRSS_Context::categories(), FreshRSS_Context::labels());
+		Minz_Request::_param('get', $query->getGet());
+		if (Minz_Request::paramString('order') === '') {
+			Minz_Request::_param('order', $query->getOrder());
+		}
+		Minz_Request::_param('state', $query->getState());
+
+		$search = $query->getSearch()->getRawInput();
+		// Note: we disallow references to user queries in public user search to avoid sniffing internal user queries
+		$userSearch = new FreshRSS_BooleanSearch(Minz_Request::paramString('search'), 0, 'AND', false);
+		if ($userSearch->getRawInput() !== '') {
+			if ($search === '') {
+				$search = $userSearch->getRawInput();
+			} else {
+				$search .= ' (' . $userSearch->getRawInput() . ')';
+			}
+		}
+		Minz_Request::_param('search', $search);
+		break;
+	}
+}
+if ($query === null || $userSearch === null) {
+	usleep(rand(100, 10000));
+	header('HTTP/1.1 404 Not Found');
+	header('Content-Type: text/plain; charset=UTF-8');
+	die('User query not found!');
+}
+
+$view = new FreshRSS_View();
+
+try {
+	FreshRSS_Context::updateUsingRequest(false);
+	Minz_Request::_param('search', $userSearch->getRawInput());	// Restore user search
+	$view->entries = FreshRSS_index_Controller::listEntriesByContext();
+} catch (Minz_Exception $e) {
+	Minz_Error::error(400, 'Bad user query!');
+	die();
+}
+
+$get = FreshRSS_Context::currentGet(true);
+$type = (string)$get[0];
+$id = (int)$get[1];
+
+switch ($type) {
+	case 'c':	// Category
+		$cat = FreshRSS_Context::categories()[$id] ?? null;
+		if ($cat === null) {
+			Minz_Error::error(404, "Category {$id} not found!");
+			die();
+		}
+		$view->categories = [ $cat->id() => $cat ];
+		break;
+	case 'f':	// Feed
+		$feed = FreshRSS_Category::findFeed(FreshRSS_Context::categories(), $id);
+		if ($feed === null) {
+			Minz_Error::error(404, "Feed {$id} not found!");
+			die();
+		}
+		$view->feeds = [ $feed->id() => $feed ];
+		$view->categories = [];
+		break;
+	default:
+		$view->categories = FreshRSS_Context::categories();
+		break;
+}
+
+$view->disable_aside = true;
+$view->excludeMutedFeeds = true;
+$view->internal_rendering = true;
+$view->userQuery = $query;
+$view->html_url = $query->sharedUrlHtml();
+$view->rss_url = $query->sharedUrlRss();
+$view->rss_title = $query->getName();
+if ($query->getName() != '') {
+	FreshRSS_View::_title($query->getName());
+}
+FreshRSS_Context::systemConf()->allow_anonymous = true;
+
+if (in_array($format, ['rss', 'atom'], true)) {
+	header('Content-Type: application/rss+xml; charset=utf-8');
+	$view->_layout(null);
+	$view->_path('index/rss.phtml');
+} elseif ($format === 'opml') {
+	if (!$query->safeForOpml()) {
+		Minz_Error::error(404, 'OPML not allowed for this user query!');
+		die();
+	}
+	header('Content-Type: application/xml; charset=utf-8');
+	$view->_layout(null);
+	$view->_path('index/opml.phtml');
+} else {
+	$view->_layout('layout');
+	$view->_path('index/html.phtml');
+}
+
+$view->build();