2009-03-12 Evi Vanoost <vanooste@rcbi.rochester.edu>
* include/functions.php: Added safe_output_xml which makes variables clean for output converting html entities into numeric entities understood by all XML validators * operation/events/events_rss.php: Used safe_output_xml where needed. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1531 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
guruevi
parent
b647e6cb19
commit
a0092ef384
|
|
@ -1,3 +1,11 @@
|
|||
2009-03-12 Evi Vanoost <vanooste@rcbi.rochester.edu>
|
||||
|
||||
* include/functions.php: Added safe_output_xml which makes variables
|
||||
clean for output converting html entities into numeric entities understood
|
||||
by all XML validators
|
||||
|
||||
* operation/events/events_rss.php: Used safe_output_xml where needed.
|
||||
|
||||
2009-03-12 Esteban Sanchez <estebans@artica.es>
|
||||
|
||||
* reporting/fgraph.php: Fixed interval in combined graphs. Fixed
|
||||
|
|
|
|||
|
|
@ -49,6 +49,42 @@ function safe_input ($value) {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Cleans a string by encoding to UTF-8 and replacing the HTML
|
||||
* entities to their numeric counterparts (possibly double encoding)
|
||||
*
|
||||
* @param mixed String or array of strings to be cleaned.
|
||||
*
|
||||
* @return mixed The cleaned string or array.
|
||||
*/
|
||||
function safe_output_xml ($string) {
|
||||
if (is_numeric ($value))
|
||||
return $value;
|
||||
|
||||
if (is_array ($value)) {
|
||||
array_walk ($value, 'safe_output_xml');
|
||||
return $value;
|
||||
}
|
||||
|
||||
static $table;
|
||||
static $replace;
|
||||
|
||||
if (empty ($table)) {
|
||||
$table = get_html_translation_table (HTML_ENTITIES, ENT_QUOTES);
|
||||
$replace = array ();
|
||||
|
||||
foreach ($table as $key => $value){
|
||||
$table[$key] = "/".$value."/";
|
||||
$char = htmlentities ($key, ENT_QUOTES, "UTF-8");
|
||||
$replace[$char] = "&#".ord ($key).";";
|
||||
}
|
||||
}
|
||||
|
||||
//now perform a replacement using preg_replace
|
||||
//each matched value in $table will be replaced with the corresponding value in $replace
|
||||
return preg_replace ($table, $replace, $value);
|
||||
}
|
||||
|
||||
/**
|
||||
* Cleans an object or an array and casts all values as integers
|
||||
*
|
||||
|
|
|
|||
|
|
@ -19,6 +19,8 @@
|
|||
ini_set ('display_errors', 0); //Don't display other errors, messes up XML
|
||||
header("Content-Type: application/xml; charset=UTF-8"); //Send header before starting to output
|
||||
|
||||
|
||||
|
||||
require_once "../../include/config.php";
|
||||
require_once "../../include/functions.php";
|
||||
require_once "../../include/functions_db.php";
|
||||
|
|
@ -35,7 +37,7 @@ function rss_error_handler ($errno, $errstr, $errfile, $errline) {
|
|||
$rss_feed .= '<channel><title>Pandora RSS Feed</title><description>Latest events on Pandora</description>';
|
||||
$rss_feed .= '<lastBuildDate>'.date (DATE_RFC822, 0).'</lastBuildDate>';
|
||||
$rss_feed .= '<link>'.$url.'</link>'; //Link back to the main Pandora page
|
||||
$rss_feed .= '<atom:link href="'.htmlentities ($selfurl).'" rel="self" type="application/rss+xml" />'; //Alternative for Atom feeds. It's the same.
|
||||
$rss_feed .= '<atom:link href="'.safe_input ($selfurl).'" rel="self" type="application/rss+xml" />'; //Alternative for Atom feeds. It's the same.
|
||||
|
||||
$rss_feed .= '<item><guid>'.$url.'/index.php?sec=eventos&sec2=operation/events/events</guid><title>Error creating feed</title>';
|
||||
$rss_feed .= '<description>There was an error creating the feed: '.$errno.' - '.$errstr.' in '.$errfile.' on line '.$errline.'</description>';
|
||||
|
|
@ -45,6 +47,7 @@ function rss_error_handler ($errno, $errstr, $errfile, $errline) {
|
|||
}
|
||||
|
||||
set_error_handler ('rss_error_handler', E_ALL); //Errors output as RSS
|
||||
|
||||
$ev_group = get_parameter ("ev_group", 0); // group
|
||||
$search = get_parameter ("search", ""); // free search
|
||||
$event_type = get_parameter ("event_type", ''); // 0 all
|
||||
|
|
@ -93,33 +96,33 @@ if (empty ($result)) {
|
|||
$lastbuild = (int) $result[0]['unix_timestamp'];
|
||||
}
|
||||
|
||||
$rss_feed = '<?xml version="1.0" encoding="utf-8" ?>'; //' Fixes certain highlighters freaking out on the PHP closing tag
|
||||
$rss_feed = '<?xml version="1.0" encoding="utf-8" ?>'; // ' <?php ' -- Fixes highlighters thinking that the closing tag is PHP
|
||||
$rss_feed .= '<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">';
|
||||
$rss_feed .= '<channel><title>Pandora RSS Feed</title><description>Latest events on Pandora</description>';
|
||||
$rss_feed .= '<lastBuildDate>'.date (DATE_RFC822, $lastbuild).'</lastBuildDate>'; //Last build date is the last event - that way readers won't mark it as having new posts
|
||||
$rss_feed .= '<link>'.$url.'</link>'; //Link back to the main Pandora page
|
||||
$rss_feed .= '<atom:link href="'.htmlentities ($selfurl).'" rel="self" type="application/rss+xml" />'; //Alternative for Atom feeds. It's the same.
|
||||
$rss_feed .= '<atom:link href="'.safe_input ($selfurl).'" rel="self" type="application/rss+xml" />'; //Alternative for Atom feeds. It's the same.
|
||||
|
||||
if (empty ($result)) {
|
||||
$result = array();
|
||||
$rss_feed .= '<item><guid>'.$url.'/index.php?sec=eventos&sec2=operation/events/events</guid><title>No results</title>';
|
||||
$rss_feed .= '<item><guid>'.safe_input ($url.'/index.php?sec=eventos&sec2=operation/events/events').'</guid><title>No results</title>';
|
||||
$rss_feed .= '<description>There are no results. Click on the link to see all Pending events</description>';
|
||||
$rss_feed .= '<link>'.$url.'/index.php?sec=eventos&sec2=operation/events/events</link></item>';
|
||||
$rss_feed .= '<link>'.safe_input ($url.'/index.php?sec=eventos&sec2=operation/events/events').'</link></item>';
|
||||
}
|
||||
|
||||
foreach ($result as $row) {
|
||||
//This is mandatory
|
||||
$rss_feed .= '<item><guid>';
|
||||
$rss_feed .= htmlentities ($url . "/index.php?sec=eventos&sec2=operation/events/events&id_event=" . $row['event_id']);
|
||||
$rss_feed .= safe_input ($url . "/index.php?sec=eventos&sec2=operation/events/events&id_event=" . $row['event_id']);
|
||||
$rss_feed .= '</guid><title>';
|
||||
$rss_feed .= htmlentities ($row['agent_name']);
|
||||
$rss_feed .= safe_output_xml ($row['agent_name']);
|
||||
$rss_feed .= '</title><description>';
|
||||
$rss_feed .= htmlentities ($row['event_descr']);
|
||||
$rss_feed .= safe_output_xml ($row['event_descr']);
|
||||
if($row['validated'] == 1) {
|
||||
$rss_feed .= '<br /><br />Validated by ' . $row['validated_by'];
|
||||
$rss_feed .= '<br /><br />Validated by ' . safe_output_xml ($row['validated_by']);
|
||||
}
|
||||
$rss_feed .= '</description><link>';
|
||||
$rss_feed .= htmlentities ($url . "/index.php?sec=eventos&sec2=operation/events/events&id_event=" . $row["event_id"]);
|
||||
$rss_feed .= safe_input ($url . "/index.php?sec=eventos&sec2=operation/events/events&id_event=" . $row["event_id"]);
|
||||
$rss_feed .= '</link>';
|
||||
|
||||
//The rest is optional
|
||||
|
|
|
|||
Loading…
Reference in New Issue