rss091.php

Revision 454, 3.9 kB (checked in by sven, 2 years ago)
removed some addslashes. replaced some with adodb qstr(). removed some stripslashes. a lot more still want to go, depending on how much we care about showing users even more inappropriate backslashes than currently. fixed a few more php notices.
Property svn:eol-style set to `native`

Line
1	<?php
2	/*
3	NZVLE NOTES (Penny)
4	-------------------
5	this file seems to be deprecated. I can't find where it's accessed from anywhere
6	but I have updated it to use datalib functions anyway. Tested ok.
7	*/
8
9	// ELGG weblog RSS 0.91 page
10
11	// Run includes
12	require_once(dirname(dirname(__FILE__))."/includes.php");
13
14	run("profile:init");
15	run("friends:init");
16	run("weblogs:init");
17
18	global $profile_id;
19	global $individual;
20	global $page_owner;
21
22	$individual = 1;
23
24	$output = "";
25	$trackmaxtime = 0;
26
27	if (isset($page_owner)) {
28
29	$output .= <<< END
30	<?xml version="1.0"?><!DOCTYPE rss SYSTEM "http://my.netscape.com/publish/formats/rss-0.91.dtd">
31
32	<rss version="0.91">
33	END;
34	if ($info = get_record('users','ident',$page_owner)) {
35	$name = htmlspecialchars(stripslashes($info->name), ENT_COMPAT, 'utf-8');
36	$username = htmlspecialchars($info->username, ENT_COMPAT, 'utf-8');
37	$sitename = sitename;
38	$mainurl = htmlspecialchars(url . $username . "/weblog/", ENT_COMPAT, 'utf-8');
39	$output .= <<< END
40	<channel>
41	<title>$name : Weblog</title>
42	<description>The weblog for $name, hosted on $sitename.</description>
43	<language>en-gb</language>
44	<link>$mainurl</link>
45	END;
46	if ($entries = get_records_select('weblog_posts',"weblog = ? AND access = ? ",array($page_owner,'PUBLIC'),'posted DESC','*',0,10)) {
47	foreach($entries as $entry) {
48	$title = htmlspecialchars(stripslashes($entry->title), ENT_COMPAT, 'utf-8');
49	$trackmaxtime = max($trackmaxtime, $entry->posted);
50	$link = url . $username . "/weblog/" . $entry->ident . ".html";
51	$body = (run("weblogs:text:process",stripslashes($entry->body)));
52	$output .= <<< END
53	<item>
54	<title>$title</title>
55	<link>$link</link>
56	<description>$body</description>
57	</item>
58	END;
59	}
60	}
61	$output .= <<< END
62	</channel>
63	</rss>
64	END;
65	}
66
67	if ($output) {
68	header("Pragma: public");
69	header("Cache-Control: public");
70	header('Expires: ' . gmdate("D, d M Y H:i:s", (time()+3600)) . " GMT");
71
72	$if_modified_since = (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) ? preg_replace('/;.*$/', '', $_SERVER['HTTP_IF_MODIFIED_SINCE']) : false;
73	$if_none_match = (isset($_SERVER['HTTP_IF_NONE_MATCH'])) ? preg_replace('/[^0-9a-f]/', '', $_SERVER['HTTP_IF_NONE_MATCH']) : false;
74
75	if (!$trackmaxtime) {
76	$trackmaxtime = time();
77	}
78
79	$lm = gmdate("D, d M Y H:i:s", $trackmaxtime) . " GMT";
80	$etag = md5($output);
81
82	if ($if_modified_since && $if_modified_since == $lm) {
83	header("{$_SERVER['SERVER_PROTOCOL']} 304 Not Modified");
84	exit;
85	}
86	if ($if_none_match && $if_none_match == $etag) {
87	header("{$_SERVER['SERVER_PROTOCOL']} 304 Not Modified");
88	exit;
89	}
90
91	// Send last-modified header to enable if-modified-since requests
92	if ($tstamp < time()) {
93	header("Last-Modified: " . $lm);
94	}
95
96	header("Content-Length: " . strlen($output));
97	header('ETag: "' . $etag . '"');
98
99	header("Content-type: text/xml; charset=utf-8");
100	echo $output;
101	}
102
103
104	}

Note: See TracBrowser for help on using the browser.

root/releases/0.65/_weblog/rss091.php

Download in other formats:

Developers

Discuss

Specialised

Featured