News.php 36 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972
  1. <?php
  2. /**
  3. * Simple Machines Forum (SMF)
  4. *
  5. * @package SMF
  6. * @author Simple Machines http://www.simplemachines.org
  7. * @copyright 2011 Simple Machines
  8. * @license http://www.simplemachines.org/about/smf/license.php BSD
  9. *
  10. * @version 2.0
  11. */
  12. if (!defined('SMF'))
  13. die('Hacking attempt...');
  14. /* This file contains the files necessary to display news as an XML feed.
  15. void ShowXmlFeed()
  16. - is called to output xml information.
  17. - can be passed four subactions which decide what is output: 'recent'
  18. for recent posts, 'news' for news topics, 'members' for recently
  19. registered members, and 'profile' for a member's profile.
  20. - To display a member's profile, a user id has to be given. (;u=1)
  21. - uses the Stats language file.
  22. - outputs an rss feed instead of a proprietary one if the 'type' get
  23. parameter is 'rss' or 'rss2'.
  24. - does not use any templates, sub templates, or template layers.
  25. - is accessed via ?action=.xml.
  26. void dumpTags(array data, int indentation, string tag = use_array,
  27. string format)
  28. - formats data retrieved in other functions into xml format.
  29. - additionally formats data based on the specific format passed.
  30. - the data parameter is the array to output as xml data.
  31. - indentation is the amount of indentation to use.
  32. - if a tag is specified, it will be used instead of the keys of data.
  33. - this function is recursively called to handle sub arrays of data.
  34. array getXmlMembers(string format)
  35. - is called to retrieve list of members from database.
  36. - the array will be generated to match the format.
  37. - returns array of data.
  38. array getXmlNews(string format)
  39. - is called to retrieve news topics from database.
  40. - the array will be generated to match the format.
  41. - returns array of topics.
  42. array getXmlRecent(string format)
  43. - is called to retrieve list of recent topics.
  44. - the array will be generated to match the format.
  45. - returns an array of recent posts.
  46. array getXmlProfile(string format)
  47. - is called to retrieve profile information for member into array.
  48. - the array will be generated to match the format.
  49. - returns an array of data.
  50. */
  51. // Show an xml file representing recent information or a profile.
  52. function ShowXmlFeed()
  53. {
  54. global $board, $board_info, $context, $scripturl, $txt, $modSettings, $user_info;
  55. global $query_this_board, $smcFunc, $forum_version, $cdata_override;
  56. // If it's not enabled, die.
  57. if (empty($modSettings['xmlnews_enable']))
  58. obExit(false);
  59. loadLanguage('Stats');
  60. // Default to latest 5. No more than 255, please.
  61. $_GET['limit'] = empty($_GET['limit']) || (int) $_GET['limit'] < 1 ? 5 : min((int) $_GET['limit'], 255);
  62. // Handle the cases where a board, boards, or category is asked for.
  63. $query_this_board = 1;
  64. $context['optimize_msg'] = array(
  65. 'highest' => 'm.id_msg <= b.id_last_msg',
  66. );
  67. if (!empty($_REQUEST['c']) && empty($board))
  68. {
  69. $_REQUEST['c'] = explode(',', $_REQUEST['c']);
  70. foreach ($_REQUEST['c'] as $i => $c)
  71. $_REQUEST['c'][$i] = (int) $c;
  72. if (count($_REQUEST['c']) == 1)
  73. {
  74. $request = $smcFunc['db_query']('', '
  75. SELECT name
  76. FROM {db_prefix}categories
  77. WHERE id_cat = {int:current_category}',
  78. array(
  79. 'current_category' => (int) $_REQUEST['c'][0],
  80. )
  81. );
  82. list ($feed_title) = $smcFunc['db_fetch_row']($request);
  83. $smcFunc['db_free_result']($request);
  84. $feed_title = ' - ' . strip_tags($feed_title);
  85. }
  86. $request = $smcFunc['db_query']('', '
  87. SELECT b.id_board, b.num_posts
  88. FROM {db_prefix}boards AS b
  89. WHERE b.id_cat IN ({array_int:current_category_list})
  90. AND {query_see_board}',
  91. array(
  92. 'current_category_list' => $_REQUEST['c'],
  93. )
  94. );
  95. $total_cat_posts = 0;
  96. $boards = array();
  97. while ($row = $smcFunc['db_fetch_assoc']($request))
  98. {
  99. $boards[] = $row['id_board'];
  100. $total_cat_posts += $row['num_posts'];
  101. }
  102. $smcFunc['db_free_result']($request);
  103. if (!empty($boards))
  104. $query_this_board = 'b.id_board IN (' . implode(', ', $boards) . ')';
  105. // Try to limit the number of messages we look through.
  106. if ($total_cat_posts > 100 && $total_cat_posts > $modSettings['totalMessages'] / 15)
  107. $context['optimize_msg']['lowest'] = 'm.id_msg >= ' . max(0, $modSettings['maxMsgID'] - 400 - $_GET['limit'] * 5);
  108. }
  109. elseif (!empty($_REQUEST['boards']))
  110. {
  111. $_REQUEST['boards'] = explode(',', $_REQUEST['boards']);
  112. foreach ($_REQUEST['boards'] as $i => $b)
  113. $_REQUEST['boards'][$i] = (int) $b;
  114. $request = $smcFunc['db_query']('', '
  115. SELECT b.id_board, b.num_posts, b.name
  116. FROM {db_prefix}boards AS b
  117. WHERE b.id_board IN ({array_int:board_list})
  118. AND {query_see_board}
  119. LIMIT ' . count($_REQUEST['boards']),
  120. array(
  121. 'board_list' => $_REQUEST['boards'],
  122. )
  123. );
  124. // Either the board specified doesn't exist or you have no access.
  125. $num_boards = $smcFunc['db_num_rows']($request);
  126. if ($num_boards == 0)
  127. fatal_lang_error('no_board');
  128. $total_posts = 0;
  129. $boards = array();
  130. while ($row = $smcFunc['db_fetch_assoc']($request))
  131. {
  132. if ($num_boards == 1)
  133. $feed_title = ' - ' . strip_tags($row['name']);
  134. $boards[] = $row['id_board'];
  135. $total_posts += $row['num_posts'];
  136. }
  137. $smcFunc['db_free_result']($request);
  138. if (!empty($boards))
  139. $query_this_board = 'b.id_board IN (' . implode(', ', $boards) . ')';
  140. // The more boards, the more we're going to look through...
  141. if ($total_posts > 100 && $total_posts > $modSettings['totalMessages'] / 12)
  142. $context['optimize_msg']['lowest'] = 'm.id_msg >= ' . max(0, $modSettings['maxMsgID'] - 500 - $_GET['limit'] * 5);
  143. }
  144. elseif (!empty($board))
  145. {
  146. $request = $smcFunc['db_query']('', '
  147. SELECT num_posts
  148. FROM {db_prefix}boards
  149. WHERE id_board = {int:current_board}
  150. LIMIT 1',
  151. array(
  152. 'current_board' => $board,
  153. )
  154. );
  155. list ($total_posts) = $smcFunc['db_fetch_row']($request);
  156. $smcFunc['db_free_result']($request);
  157. $feed_title = ' - ' . strip_tags($board_info['name']);
  158. $query_this_board = 'b.id_board = ' . $board;
  159. // Try to look through just a few messages, if at all possible.
  160. if ($total_posts > 80 && $total_posts > $modSettings['totalMessages'] / 10)
  161. $context['optimize_msg']['lowest'] = 'm.id_msg >= ' . max(0, $modSettings['maxMsgID'] - 600 - $_GET['limit'] * 5);
  162. }
  163. else
  164. {
  165. $query_this_board = '{query_see_board}' . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
  166. AND b.id_board != ' . $modSettings['recycle_board'] : '');
  167. $context['optimize_msg']['lowest'] = 'm.id_msg >= ' . max(0, $modSettings['maxMsgID'] - 100 - $_GET['limit'] * 5);
  168. }
  169. // Show in rss or proprietary format?
  170. $xml_format = isset($_GET['type']) && in_array($_GET['type'], array('smf', 'rss', 'rss2', 'atom', 'rdf', 'webslice')) ? $_GET['type'] : 'smf';
  171. // !!! Birthdays?
  172. // List all the different types of data they can pull.
  173. $subActions = array(
  174. 'recent' => array('getXmlRecent', 'recent-post'),
  175. 'news' => array('getXmlNews', 'article'),
  176. 'members' => array('getXmlMembers', 'member'),
  177. 'profile' => array('getXmlProfile', null),
  178. );
  179. if (empty($_GET['sa']) || !isset($subActions[$_GET['sa']]))
  180. $_GET['sa'] = 'recent';
  181. //!!! Temp - webslices doesn't do everything yet.
  182. if ($xml_format == 'webslice' && $_GET['sa'] != 'recent')
  183. $xml_format = 'rss2';
  184. // If this is webslices we kinda cheat - we allow a template that we call direct for the HTML, and we override the CDATA.
  185. elseif ($xml_format == 'webslice')
  186. {
  187. $context['user'] += $user_info;
  188. $cdata_override = true;
  189. loadTemplate('Xml');
  190. }
  191. // We only want some information, not all of it.
  192. $cachekey = array($xml_format, $_GET['action'], $_GET['limit'], $_GET['sa']);
  193. foreach (array('board', 'boards', 'c') as $var)
  194. if (isset($_REQUEST[$var]))
  195. $cachekey[] = $_REQUEST[$var];
  196. $cachekey = md5(serialize($cachekey) . (!empty($query_this_board) ? $query_this_board : ''));
  197. $cache_t = microtime();
  198. // Get the associative array representing the xml.
  199. if (!empty($modSettings['cache_enable']) && (!$user_info['is_guest'] || $modSettings['cache_enable'] >= 3))
  200. $xml = cache_get_data('xmlfeed-' . $xml_format . ':' . ($user_info['is_guest'] ? '' : $user_info['id'] . '-') . $cachekey, 240);
  201. if (empty($xml))
  202. {
  203. $xml = $subActions[$_GET['sa']][0]($xml_format);
  204. if (!empty($modSettings['cache_enable']) && (($user_info['is_guest'] && $modSettings['cache_enable'] >= 3)
  205. || (!$user_info['is_guest'] && (array_sum(explode(' ', microtime())) - array_sum(explode(' ', $cache_t)) > 0.2))))
  206. cache_put_data('xmlfeed-' . $xml_format . ':' . ($user_info['is_guest'] ? '' : $user_info['id'] . '-') . $cachekey, $xml, 240);
  207. }
  208. $feed_title = htmlspecialchars(strip_tags($context['forum_name'])) . (isset($feed_title) ? $feed_title : '');
  209. // This is an xml file....
  210. ob_end_clean();
  211. if (!empty($modSettings['enableCompressedOutput']))
  212. @ob_start('ob_gzhandler');
  213. else
  214. ob_start();
  215. if ($xml_format == 'smf' || isset($_REQUEST['debug']))
  216. header('Content-Type: text/xml; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set']));
  217. elseif ($xml_format == 'rss' || $xml_format == 'rss2' || $xml_format == 'webslice')
  218. header('Content-Type: application/rss+xml; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set']));
  219. elseif ($xml_format == 'atom')
  220. header('Content-Type: application/atom+xml; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set']));
  221. elseif ($xml_format == 'rdf')
  222. header('Content-Type: ' . ($context['browser']['is_ie'] ? 'text/xml' : 'application/rdf+xml') . '; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set']));
  223. // First, output the xml header.
  224. echo '<?xml version="1.0" encoding="', $context['character_set'], '"?' . '>';
  225. // Are we outputting an rss feed or one with more information?
  226. if ($xml_format == 'rss' || $xml_format == 'rss2')
  227. {
  228. // Start with an RSS 2.0 header.
  229. echo '
  230. <rss version=', $xml_format == 'rss2' ? '"2.0"' : '"0.92"', ' xml:lang="', strtr($txt['lang_locale'], '_', '-'), '">
  231. <channel>
  232. <title>', $feed_title, '</title>
  233. <link>', $scripturl, '</link>
  234. <description><![CDATA[', strip_tags($txt['xml_rss_desc']), ']]></description>';
  235. // Output all of the associative array, start indenting with 2 tabs, and name everything "item".
  236. dumpTags($xml, 2, 'item', $xml_format);
  237. // Output the footer of the xml.
  238. echo '
  239. </channel>
  240. </rss>';
  241. }
  242. elseif ($xml_format == 'webslice')
  243. {
  244. $context['recent_posts_data'] = $xml;
  245. // This always has RSS 2
  246. echo '
  247. <rss version="2.0" xmlns:mon="http://www.microsoft.com/schemas/rss/monitoring/2007" xml:lang="', strtr($txt['lang_locale'], '_', '-'), '">
  248. <channel>
  249. <title>', $feed_title, ' - ', $txt['recent_posts'], '</title>
  250. <link>', $scripturl, '?action=recent</link>
  251. <description><![CDATA[', strip_tags($txt['xml_rss_desc']), ']]></description>
  252. <item>
  253. <title>', $feed_title, ' - ', $txt['recent_posts'], '</title>
  254. <link>', $scripturl, '?action=recent</link>
  255. <description><![CDATA[
  256. ', template_webslice_header_above(), '
  257. ', template_webslice_recent_posts(), '
  258. ', template_webslice_header_below(), '
  259. ]]></description>
  260. </item>
  261. </channel>
  262. </rss>';
  263. }
  264. elseif ($xml_format == 'atom')
  265. {
  266. echo '
  267. <feed xmlns="http://www.w3.org/2005/Atom">
  268. <title>', $feed_title, '</title>
  269. <link rel="alternate" type="text/html" href="', $scripturl, '" />
  270. <modified>', gmstrftime('%Y-%m-%dT%H:%M:%SZ'), '</modified>
  271. <tagline><![CDATA[', strip_tags($txt['xml_rss_desc']), ']]></tagline>
  272. <generator uri="http://www.simplemachines.org" version="', strtr($forum_version, array('SMF' => '')), '">SMF</generator>
  273. <author>
  274. <name>', strip_tags($context['forum_name']), '</name>
  275. </author>';
  276. dumpTags($xml, 2, 'entry', $xml_format);
  277. echo '
  278. </feed>';
  279. }
  280. elseif ($xml_format == 'rdf')
  281. {
  282. echo '
  283. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns="http://purl.org/rss/1.0/">
  284. <channel rdf:about="', $scripturl, '">
  285. <title>', $feed_title, '</title>
  286. <link>', $scripturl, '</link>
  287. <description><![CDATA[', strip_tags($txt['xml_rss_desc']), ']]></description>
  288. <items>
  289. <rdf:Seq>';
  290. foreach ($xml as $item)
  291. echo '
  292. <rdf:li rdf:resource="', $item['link'], '" />';
  293. echo '
  294. </rdf:Seq>
  295. </items>
  296. </channel>
  297. ';
  298. dumpTags($xml, 1, 'item', $xml_format);
  299. echo '
  300. </rdf:RDF>';
  301. }
  302. // Otherwise, we're using our proprietary formats - they give more data, though.
  303. else
  304. {
  305. echo '
  306. <smf:xml-feed xmlns:smf="http://www.simplemachines.org/" xmlns="http://www.simplemachines.org/xml/', $_GET['sa'], '" xml:lang="', strtr($txt['lang_locale'], '_', '-'), '">';
  307. // Dump out that associative array. Indent properly.... and use the right names for the base elements.
  308. dumpTags($xml, 1, $subActions[$_GET['sa']][1], $xml_format);
  309. echo '
  310. </smf:xml-feed>';
  311. }
  312. obExit(false);
  313. }
  314. function fix_possible_url($val)
  315. {
  316. global $modSettings, $context, $scripturl;
  317. if (substr($val, 0, strlen($scripturl)) != $scripturl)
  318. return $val;
  319. call_integration_hook('integrate_fix_url', array(&$val));
  320. if (empty($modSettings['queryless_urls']) || ($context['server']['is_cgi'] && @ini_get('cgi.fix_pathinfo') == 0 && @get_cfg_var('cgi.fix_pathinfo') == 0) || (!$context['server']['is_apache'] && !$context['server']['is_lighttpd']))
  321. return $val;
  322. $val = preg_replace('/^' . preg_quote($scripturl, '/') . '\?((?:board|topic)=[^#"]+)(#[^"]*)?$/e', '\'\' . $scripturl . \'/\' . strtr(\'$1\', \'&;=\', \'//,\') . \'.html$2\'', $val);
  323. return $val;
  324. }
  325. function cdata_parse($data, $ns = '')
  326. {
  327. global $smcFunc, $cdata_override;
  328. // Are we not doing it?
  329. if (!empty($cdata_override))
  330. return $data;
  331. $cdata = '<![CDATA[';
  332. for ($pos = 0, $n = $smcFunc['strlen']($data); $pos < $n; null)
  333. {
  334. $positions = array(
  335. $smcFunc['strpos']($data, '&', $pos),
  336. $smcFunc['strpos']($data, ']', $pos),
  337. );
  338. if ($ns != '')
  339. $positions[] = $smcFunc['strpos']($data, '<', $pos);
  340. foreach ($positions as $k => $dummy)
  341. {
  342. if ($dummy === false)
  343. unset($positions[$k]);
  344. }
  345. $old = $pos;
  346. $pos = empty($positions) ? $n : min($positions);
  347. if ($pos - $old > 0)
  348. $cdata .= $smcFunc['substr']($data, $old, $pos - $old);
  349. if ($pos >= $n)
  350. break;
  351. if ($smcFunc['substr']($data, $pos, 1) == '<')
  352. {
  353. $pos2 = $smcFunc['strpos']($data, '>', $pos);
  354. if ($pos2 === false)
  355. $pos2 = $n;
  356. if ($smcFunc['substr']($data, $pos + 1, 1) == '/')
  357. $cdata .= ']]></' . $ns . ':' . $smcFunc['substr']($data, $pos + 2, $pos2 - $pos - 1) . '<![CDATA[';
  358. else
  359. $cdata .= ']]><' . $ns . ':' . $smcFunc['substr']($data, $pos + 1, $pos2 - $pos) . '<![CDATA[';
  360. $pos = $pos2 + 1;
  361. }
  362. elseif ($smcFunc['substr']($data, $pos, 1) == ']')
  363. {
  364. $cdata .= ']]>&#093;<![CDATA[';
  365. $pos++;
  366. }
  367. elseif ($smcFunc['substr']($data, $pos, 1) == '&')
  368. {
  369. $pos2 = $smcFunc['strpos']($data, ';', $pos);
  370. if ($pos2 === false)
  371. $pos2 = $n;
  372. $ent = $smcFunc['substr']($data, $pos + 1, $pos2 - $pos - 1);
  373. if ($smcFunc['substr']($data, $pos + 1, 1) == '#')
  374. $cdata .= ']]>' . $smcFunc['substr']($data, $pos, $pos2 - $pos + 1) . '<![CDATA[';
  375. elseif (in_array($ent, array('amp', 'lt', 'gt', 'quot')))
  376. $cdata .= ']]>' . $smcFunc['substr']($data, $pos, $pos2 - $pos + 1) . '<![CDATA[';
  377. // !!! ??
  378. $pos = $pos2 + 1;
  379. }
  380. }
  381. $cdata .= ']]>';
  382. return strtr($cdata, array('<![CDATA[]]>' => ''));
  383. }
  384. function dumpTags($data, $i, $tag = null, $xml_format = '')
  385. {
  386. global $modSettings, $context, $scripturl;
  387. // For every array in the data...
  388. foreach ($data as $key => $val)
  389. {
  390. // Skip it, it's been set to null.
  391. if ($val === null)
  392. continue;
  393. // If a tag was passed, use it instead of the key.
  394. $key = isset($tag) ? $tag : $key;
  395. // First let's indent!
  396. echo "\n", str_repeat("\t", $i);
  397. // Grr, I hate kludges... almost worth doing it properly, here, but not quite.
  398. if ($xml_format == 'atom' && $key == 'link')
  399. {
  400. echo '<link rel="alternate" type="text/html" href="', fix_possible_url($val), '" />';
  401. continue;
  402. }
  403. // If it's empty/0/nothing simply output an empty tag.
  404. if ($val == '')
  405. echo '<', $key, ' />';
  406. else
  407. {
  408. // Beginning tag.
  409. if ($xml_format == 'rdf' && $key == 'item' && isset($val['link']))
  410. {
  411. echo '<', $key, ' rdf:about="', fix_possible_url($val['link']), '">';
  412. echo "\n", str_repeat("\t", $i + 1);
  413. echo '<dc:format>text/html</dc:format>';
  414. }
  415. elseif ($xml_format == 'atom' && $key == 'summary')
  416. echo '<', $key, ' type="html">';
  417. else
  418. echo '<', $key, '>';
  419. if (is_array($val))
  420. {
  421. // An array. Dump it, and then indent the tag.
  422. dumpTags($val, $i + 1, null, $xml_format);
  423. echo "\n", str_repeat("\t", $i), '</', $key, '>';
  424. }
  425. // A string with returns in it.... show this as a multiline element.
  426. elseif (strpos($val, "\n") !== false || strpos($val, '<br />') !== false)
  427. echo "\n", fix_possible_url($val), "\n", str_repeat("\t", $i), '</', $key, '>';
  428. // A simple string.
  429. else
  430. echo fix_possible_url($val), '</', $key, '>';
  431. }
  432. }
  433. }
  434. function getXmlMembers($xml_format)
  435. {
  436. global $scripturl, $smcFunc;
  437. if (!allowedTo('view_mlist'))
  438. return array();
  439. // Find the most recent members.
  440. $request = $smcFunc['db_query']('', '
  441. SELECT id_member, member_name, real_name, date_registered, last_login
  442. FROM {db_prefix}members
  443. ORDER BY id_member DESC
  444. LIMIT {int:limit}',
  445. array(
  446. 'limit' => $_GET['limit'],
  447. )
  448. );
  449. $data = array();
  450. while ($row = $smcFunc['db_fetch_assoc']($request))
  451. {
  452. // Make the data look rss-ish.
  453. if ($xml_format == 'rss' || $xml_format == 'rss2')
  454. $data[] = array(
  455. 'title' => cdata_parse($row['real_name']),
  456. 'link' => $scripturl . '?action=profile;u=' . $row['id_member'],
  457. 'comments' => $scripturl . '?action=pm;sa=send;u=' . $row['id_member'],
  458. 'pubDate' => gmdate('D, d M Y H:i:s \G\M\T', $row['date_registered']),
  459. 'guid' => $scripturl . '?action=profile;u=' . $row['id_member'],
  460. );
  461. elseif ($xml_format == 'rdf')
  462. $data[] = array(
  463. 'title' => cdata_parse($row['real_name']),
  464. 'link' => $scripturl . '?action=profile;u=' . $row['id_member'],
  465. );
  466. elseif ($xml_format == 'atom')
  467. $data[] = array(
  468. 'title' => cdata_parse($row['real_name']),
  469. 'link' => $scripturl . '?action=profile;u=' . $row['id_member'],
  470. 'published' => gmstrftime('%Y-%m-%dT%H:%M:%SZ', $row['date_registered']),
  471. 'updated' => gmstrftime('%Y-%m-%dT%H:%M:%SZ', $row['last_login']),
  472. 'id' => $scripturl . '?action=profile;u=' . $row['id_member'],
  473. );
  474. // More logical format for the data, but harder to apply.
  475. else
  476. $data[] = array(
  477. 'name' => cdata_parse($row['real_name']),
  478. 'time' => htmlspecialchars(strip_tags(timeformat($row['date_registered']))),
  479. 'id' => $row['id_member'],
  480. 'link' => $scripturl . '?action=profile;u=' . $row['id_member']
  481. );
  482. }
  483. $smcFunc['db_free_result']($request);
  484. return $data;
  485. }
  486. function getXmlNews($xml_format)
  487. {
  488. global $user_info, $scripturl, $modSettings, $board;
  489. global $query_this_board, $smcFunc, $settings, $context;
  490. /* Find the latest posts that:
  491. - are the first post in their topic.
  492. - are on an any board OR in a specified board.
  493. - can be seen by this user.
  494. - are actually the latest posts. */
  495. $done = false;
  496. $loops = 0;
  497. while (!$done)
  498. {
  499. $optimize_msg = implode(' AND ', $context['optimize_msg']);
  500. $request = $smcFunc['db_query']('', '
  501. SELECT
  502. m.smileys_enabled, m.poster_time, m.id_msg, m.subject, m.body, m.modified_time,
  503. m.icon, t.id_topic, t.id_board, t.num_replies,
  504. b.name AS bname,
  505. mem.hide_email, IFNULL(mem.id_member, 0) AS id_member,
  506. IFNULL(mem.email_address, m.poster_email) AS poster_email,
  507. IFNULL(mem.real_name, m.poster_name) AS poster_name
  508. FROM {db_prefix}topics AS t
  509. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
  510. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  511. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
  512. WHERE ' . $query_this_board . (empty($optimize_msg) ? '' : '
  513. AND {raw:optimize_msg}') . (empty($board) ? '' : '
  514. AND t.id_board = {int:current_board}') . ($modSettings['postmod_active'] ? '
  515. AND t.approved = {int:is_approved}' : '') . '
  516. ORDER BY t.id_first_msg DESC
  517. LIMIT {int:limit}',
  518. array(
  519. 'current_board' => $board,
  520. 'is_approved' => 1,
  521. 'limit' => $_GET['limit'],
  522. 'optimize_msg' => $optimize_msg,
  523. )
  524. );
  525. // If we don't have $_GET['limit'] results, try again with an unoptimized version covering all rows.
  526. if ($loops < 2 && $smcFunc['db_num_rows']($request) < $_GET['limit'])
  527. {
  528. $smcFunc['db_free_result']($request);
  529. if (empty($_REQUEST['boards']) && empty($board))
  530. unset($context['optimize_msg']['lowest']);
  531. else
  532. $context['optimize_msg']['lowest'] = 'm.id_msg >= t.id_first_msg';
  533. $context['optimize_msg']['highest'] = 'm.id_msg <= t.id_last_msg';
  534. $loops++;
  535. }
  536. else
  537. $done = true;
  538. }
  539. $data = array();
  540. while ($row = $smcFunc['db_fetch_assoc']($request))
  541. {
  542. // Limit the length of the message, if the option is set.
  543. if (!empty($modSettings['xmlnews_maxlen']) && $smcFunc['strlen'](str_replace('<br />', "\n", $row['body'])) > $modSettings['xmlnews_maxlen'])
  544. $row['body'] = strtr($smcFunc['substr'](str_replace('<br />', "\n", $row['body']), 0, $modSettings['xmlnews_maxlen'] - 3), array("\n" => '<br />')) . '...';
  545. $row['body'] = parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']);
  546. censorText($row['body']);
  547. censorText($row['subject']);
  548. // Being news, this actually makes sense in rss format.
  549. if ($xml_format == 'rss' || $xml_format == 'rss2')
  550. $data[] = array(
  551. 'title' => cdata_parse($row['subject']),
  552. 'link' => $scripturl . '?topic=' . $row['id_topic'] . '.0',
  553. 'description' => cdata_parse($row['body']),
  554. 'author' => in_array(showEmailAddress(!empty($row['hide_email']), $row['id_member']), array('yes', 'yes_permission_override')) ? $row['poster_email'] : null,
  555. 'comments' => $scripturl . '?action=post;topic=' . $row['id_topic'] . '.0',
  556. 'category' => '<![CDATA[' . $row['bname'] . ']]>',
  557. 'pubDate' => gmdate('D, d M Y H:i:s \G\M\T', $row['poster_time']),
  558. 'guid' => $scripturl . '?topic=' . $row['id_topic'] . '.0',
  559. );
  560. elseif ($xml_format == 'rdf')
  561. $data[] = array(
  562. 'title' => cdata_parse($row['subject']),
  563. 'link' => $scripturl . '?topic=' . $row['id_topic'] . '.0',
  564. 'description' => cdata_parse($row['body']),
  565. );
  566. elseif ($xml_format == 'atom')
  567. $data[] = array(
  568. 'title' => cdata_parse($row['subject']),
  569. 'link' => $scripturl . '?topic=' . $row['id_topic'] . '.0',
  570. 'summary' => cdata_parse($row['body']),
  571. 'category' => array('term' => $row['id_board'], 'label' => cdata_parse($row['bname'])),
  572. 'author' => array(
  573. 'name' => $row['poster_name'],
  574. 'email' => in_array(showEmailAddress(!empty($row['hide_email']), $row['id_member']), array('yes', 'yes_permission_override')) ? $row['poster_email'] : null,
  575. 'uri' => !empty($row['id_member']) ? $scripturl . '?action=profile;u=' . $row['id_member'] : '',
  576. ),
  577. 'published' => gmstrftime('%Y-%m-%dT%H:%M:%SZ', $row['poster_time']),
  578. 'modified' => gmstrftime('%Y-%m-%dT%H:%M:%SZ', empty($row['modified_time']) ? $row['poster_time'] : $row['modified_time']),
  579. 'id' => $scripturl . '?topic=' . $row['id_topic'] . '.0',
  580. 'icon' => $settings['images_url'] . '/icons/' . $row['icon'] . '.gif',
  581. );
  582. // The biggest difference here is more information.
  583. else
  584. $data[] = array(
  585. 'time' => htmlspecialchars(strip_tags(timeformat($row['poster_time']))),
  586. 'id' => $row['id_topic'],
  587. 'subject' => cdata_parse($row['subject']),
  588. 'body' => cdata_parse($row['body']),
  589. 'poster' => array(
  590. 'name' => cdata_parse($row['poster_name']),
  591. 'id' => $row['id_member'],
  592. 'link' => !empty($row['id_member']) ? $scripturl . '?action=profile;u=' . $row['id_member'] : '',
  593. ),
  594. 'topic' => $row['id_topic'],
  595. 'board' => array(
  596. 'name' => cdata_parse($row['bname']),
  597. 'id' => $row['id_board'],
  598. 'link' => $scripturl . '?board=' . $row['id_board'] . '.0',
  599. ),
  600. 'link' => $scripturl . '?topic=' . $row['id_topic'] . '.0',
  601. );
  602. }
  603. $smcFunc['db_free_result']($request);
  604. return $data;
  605. }
  606. function getXmlRecent($xml_format)
  607. {
  608. global $user_info, $scripturl, $modSettings, $board;
  609. global $query_this_board, $smcFunc, $settings, $context;
  610. $done = false;
  611. $loops = 0;
  612. while (!$done)
  613. {
  614. $optimize_msg = implode(' AND ', $context['optimize_msg']);
  615. $request = $smcFunc['db_query']('', '
  616. SELECT m.id_msg
  617. FROM {db_prefix}messages AS m
  618. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  619. INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
  620. WHERE ' . $query_this_board . (empty($optimize_msg) ? '' : '
  621. AND {raw:optimize_msg}') . (empty($board) ? '' : '
  622. AND m.id_board = {int:current_board}') . ($modSettings['postmod_active'] ? '
  623. AND m.approved = {int:is_approved}' : '') . '
  624. ORDER BY m.id_msg DESC
  625. LIMIT {int:limit}',
  626. array(
  627. 'limit' => $_GET['limit'],
  628. 'current_board' => $board,
  629. 'is_approved' => 1,
  630. 'optimize_msg' => $optimize_msg,
  631. )
  632. );
  633. // If we don't have $_GET['limit'] results, try again with an unoptimized version covering all rows.
  634. if ($loops < 2 && $smcFunc['db_num_rows']($request) < $_GET['limit'])
  635. {
  636. $smcFunc['db_free_result']($request);
  637. if (empty($_REQUEST['boards']) && empty($board))
  638. unset($context['optimize_msg']['lowest']);
  639. else
  640. $context['optimize_msg']['lowest'] = $loops ? 'm.id_msg >= t.id_first_msg' : 'm.id_msg >= (t.id_last_msg - t.id_first_msg) / 2';
  641. $loops++;
  642. }
  643. else
  644. $done = true;
  645. }
  646. $messages = array();
  647. while ($row = $smcFunc['db_fetch_assoc']($request))
  648. $messages[] = $row['id_msg'];
  649. $smcFunc['db_free_result']($request);
  650. if (empty($messages))
  651. return array();
  652. // Find the most recent posts this user can see.
  653. $request = $smcFunc['db_query']('', '
  654. SELECT
  655. m.smileys_enabled, m.poster_time, m.id_msg, m.subject, m.body, m.id_topic, t.id_board,
  656. b.name AS bname, t.num_replies, m.id_member, m.icon, mf.id_member AS id_first_member,
  657. IFNULL(mem.real_name, m.poster_name) AS poster_name, mf.subject AS first_subject,
  658. IFNULL(memf.real_name, mf.poster_name) AS first_poster_name, mem.hide_email,
  659. IFNULL(mem.email_address, m.poster_email) AS poster_email, m.modified_time
  660. FROM {db_prefix}messages AS m
  661. INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
  662. INNER JOIN {db_prefix}messages AS mf ON (mf.id_msg = t.id_first_msg)
  663. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  664. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
  665. LEFT JOIN {db_prefix}members AS memf ON (memf.id_member = mf.id_member)
  666. WHERE m.id_msg IN ({array_int:message_list})
  667. ' . (empty($board) ? '' : 'AND t.id_board = {int:current_board}') . '
  668. ORDER BY m.id_msg DESC
  669. LIMIT {int:limit}',
  670. array(
  671. 'limit' => $_GET['limit'],
  672. 'current_board' => $board,
  673. 'message_list' => $messages,
  674. )
  675. );
  676. $data = array();
  677. while ($row = $smcFunc['db_fetch_assoc']($request))
  678. {
  679. // Limit the length of the message, if the option is set.
  680. if (!empty($modSettings['xmlnews_maxlen']) && $smcFunc['strlen'](str_replace('<br />', "\n", $row['body'])) > $modSettings['xmlnews_maxlen'])
  681. $row['body'] = strtr($smcFunc['substr'](str_replace('<br />', "\n", $row['body']), 0, $modSettings['xmlnews_maxlen'] - 3), array("\n" => '<br />')) . '...';
  682. $row['body'] = parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']);
  683. censorText($row['body']);
  684. censorText($row['subject']);
  685. // Doesn't work as well as news, but it kinda does..
  686. if ($xml_format == 'rss' || $xml_format == 'rss2')
  687. $data[] = array(
  688. 'title' => $row['subject'],
  689. 'link' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg'],
  690. 'description' => cdata_parse($row['body']),
  691. 'author' => in_array(showEmailAddress(!empty($row['hide_email']), $row['id_member']), array('yes', 'yes_permission_override')) ? $row['poster_email'] : null,
  692. 'category' => cdata_parse($row['bname']),
  693. 'comments' => $scripturl . '?action=post;topic=' . $row['id_topic'] . '.0',
  694. 'pubDate' => gmdate('D, d M Y H:i:s \G\M\T', $row['poster_time']),
  695. 'guid' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg']
  696. );
  697. elseif ($xml_format == 'rdf')
  698. $data[] = array(
  699. 'title' => $row['subject'],
  700. 'link' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg'],
  701. 'description' => cdata_parse($row['body']),
  702. );
  703. elseif ($xml_format == 'atom')
  704. $data[] = array(
  705. 'title' => $row['subject'],
  706. 'link' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg'],
  707. 'summary' => cdata_parse($row['body']),
  708. 'category' => array(
  709. 'term' => $row['id_board'],
  710. 'label' => cdata_parse($row['bname'])
  711. ),
  712. 'author' => array(
  713. 'name' => $row['poster_name'],
  714. 'email' => in_array(showEmailAddress(!empty($row['hide_email']), $row['id_member']), array('yes', 'yes_permission_override')) ? $row['poster_email'] : null,
  715. 'uri' => !empty($row['id_member']) ? $scripturl . '?action=profile;u=' . $row['id_member'] : ''
  716. ),
  717. 'published' => gmstrftime('%Y-%m-%dT%H:%M:%SZ', $row['poster_time']),
  718. 'updated' => gmstrftime('%Y-%m-%dT%H:%M:%SZ', empty($row['modified_time']) ? $row['poster_time'] : $row['modified_time']),
  719. 'id' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg'],
  720. 'icon' => $settings['images_url'] . '/icons/' . $row['icon'] . '.gif',
  721. );
  722. // A lot of information here. Should be enough to please the rss-ers.
  723. else
  724. $data[] = array(
  725. 'time' => htmlspecialchars(strip_tags(timeformat($row['poster_time']))),
  726. 'id' => $row['id_msg'],
  727. 'subject' => cdata_parse($row['subject']),
  728. 'body' => cdata_parse($row['body']),
  729. 'starter' => array(
  730. 'name' => cdata_parse($row['first_poster_name']),
  731. 'id' => $row['id_first_member'],
  732. 'link' => !empty($row['id_first_member']) ? $scripturl . '?action=profile;u=' . $row['id_first_member'] : ''
  733. ),
  734. 'poster' => array(
  735. 'name' => cdata_parse($row['poster_name']),
  736. 'id' => $row['id_member'],
  737. 'link' => !empty($row['id_member']) ? $scripturl . '?action=profile;u=' . $row['id_member'] : ''
  738. ),
  739. 'topic' => array(
  740. 'subject' => cdata_parse($row['first_subject']),
  741. 'id' => $row['id_topic'],
  742. 'link' => $scripturl . '?topic=' . $row['id_topic'] . '.new#new'
  743. ),
  744. 'board' => array(
  745. 'name' => cdata_parse($row['bname']),
  746. 'id' => $row['id_board'],
  747. 'link' => $scripturl . '?board=' . $row['id_board'] . '.0'
  748. ),
  749. 'link' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg']
  750. );
  751. }
  752. $smcFunc['db_free_result']($request);
  753. return $data;
  754. }
  755. function getXmlProfile($xml_format)
  756. {
  757. global $scripturl, $memberContext, $user_profile, $modSettings, $user_info;
  758. // You must input a valid user....
  759. if (empty($_GET['u']) || loadMemberData((int) $_GET['u']) === false)
  760. return array();
  761. // Make sure the id is a number and not "I like trying to hack the database".
  762. $_GET['u'] = (int) $_GET['u'];
  763. // Load the member's contextual information!
  764. if (!loadMemberContext($_GET['u']) || !allowedTo('profile_view_any'))
  765. return array();
  766. // Okay, I admit it, I'm lazy. Stupid $_GET['u'] is long and hard to type.
  767. $profile = &$memberContext[$_GET['u']];
  768. if ($xml_format == 'rss' || $xml_format == 'rss2')
  769. $data = array(array(
  770. 'title' => cdata_parse($profile['name']),
  771. 'link' => $scripturl . '?action=profile;u=' . $profile['id'],
  772. 'description' => cdata_parse(isset($profile['group']) ? $profile['group'] : $profile['post_group']),
  773. 'comments' => $scripturl . '?action=pm;sa=send;u=' . $profile['id'],
  774. 'pubDate' => gmdate('D, d M Y H:i:s \G\M\T', $user_profile[$profile['id']]['date_registered']),
  775. 'guid' => $scripturl . '?action=profile;u=' . $profile['id'],
  776. ));
  777. elseif ($xml_format == 'rdf')
  778. $data = array(array(
  779. 'title' => cdata_parse($profile['name']),
  780. 'link' => $scripturl . '?action=profile;u=' . $profile['id'],
  781. 'description' => cdata_parse(isset($profile['group']) ? $profile['group'] : $profile['post_group']),
  782. ));
  783. elseif ($xml_format == 'atom')
  784. $data[] = array(
  785. 'title' => cdata_parse($profile['name']),
  786. 'link' => $scripturl . '?action=profile;u=' . $profile['id'],
  787. 'summary' => cdata_parse(isset($profile['group']) ? $profile['group'] : $profile['post_group']),
  788. 'author' => array(
  789. 'name' => $profile['real_name'],
  790. 'email' => in_array(showEmailAddress(!empty($profile['hide_email']), $profile['id']), array('yes', 'yes_permission_override')) ? $profile['email'] : null,
  791. 'uri' => !empty($profile['website']) ? $profile['website']['url'] : ''
  792. ),
  793. 'published' => gmstrftime('%Y-%m-%dT%H:%M:%SZ', $user_profile[$profile['id']]['date_registered']),
  794. 'updated' => gmstrftime('%Y-%m-%dT%H:%M:%SZ', $user_profile[$profile['id']]['last_login']),
  795. 'id' => $scripturl . '?action=profile;u=' . $profile['id'],
  796. 'logo' => !empty($profile['avatar']) ? $profile['avatar']['url'] : '',
  797. );
  798. else
  799. {
  800. $data = array(
  801. 'username' => $user_info['is_admin'] || $user_info['id'] == $profile['id'] ? cdata_parse($profile['username']) : '',
  802. 'name' => cdata_parse($profile['name']),
  803. 'link' => $scripturl . '?action=profile;u=' . $profile['id'],
  804. 'posts' => $profile['posts'],
  805. 'post-group' => cdata_parse($profile['post_group']),
  806. 'language' => cdata_parse($profile['language']),
  807. 'last-login' => gmdate('D, d M Y H:i:s \G\M\T', $user_profile[$profile['id']]['last_login']),
  808. 'registered' => gmdate('D, d M Y H:i:s \G\M\T', $user_profile[$profile['id']]['date_registered'])
  809. );
  810. // Everything below here might not be set, and thus maybe shouldn't be displayed.
  811. if ($profile['gender']['name'] != '')
  812. $data['gender'] = cdata_parse($profile['gender']['name']);
  813. if ($profile['avatar']['name'] != '')
  814. $data['avatar'] = $profile['avatar']['url'];
  815. // If they are online, show an empty tag... no reason to put anything inside it.
  816. if ($profile['online']['is_online'])
  817. $data['online'] = '';
  818. if ($profile['signature'] != '')
  819. $data['signature'] = cdata_parse($profile['signature']);
  820. if ($profile['blurb'] != '')
  821. $data['blurb'] = cdata_parse($profile['blurb']);
  822. if ($profile['location'] != '')
  823. $data['location'] = cdata_parse($profile['location']);
  824. if ($profile['title'] != '')
  825. $data['title'] = cdata_parse($profile['title']);
  826. if (!empty($profile['icq']['name']) && !(!empty($modSettings['guest_hideContacts']) && $user_info['is_guest']))
  827. $data['icq'] = $profile['icq']['name'];
  828. if ($profile['aim']['name'] != '' && !(!empty($modSettings['guest_hideContacts']) && $user_info['is_guest']))
  829. $data['aim'] = $profile['aim']['name'];
  830. if ($profile['msn']['name'] != '' && !(!empty($modSettings['guest_hideContacts']) && $user_info['is_guest']))
  831. $data['msn'] = $profile['msn']['name'];
  832. if ($profile['yim']['name'] != '' && !(!empty($modSettings['guest_hideContacts']) && $user_info['is_guest']))
  833. $data['yim'] = $profile['yim']['name'];
  834. if ($profile['website']['title'] != '')
  835. $data['website'] = array(
  836. 'title' => cdata_parse($profile['website']['title']),
  837. 'link' => $profile['website']['url']
  838. );
  839. if ($profile['group'] != '')
  840. $data['position'] = cdata_parse($profile['group']);
  841. if (!empty($modSettings['karmaMode']))
  842. $data['karma'] = array(
  843. 'good' => $profile['karma']['good'],
  844. 'bad' => $profile['karma']['bad']
  845. );
  846. if (in_array($profile['show_email'], array('yes', 'yes_permission_override')))
  847. $data['email'] = $profile['email'];
  848. if (!empty($profile['birth_date']) && substr($profile['birth_date'], 0, 4) != '0000')
  849. {
  850. list ($birth_year, $birth_month, $birth_day) = sscanf($profile['birth_date'], '%d-%d-%d');
  851. $datearray = getdate(forum_time());
  852. $data['age'] = $datearray['year'] - $birth_year - (($datearray['mon'] > $birth_month || ($datearray['mon'] == $birth_month && $datearray['mday'] >= $birth_day)) ? 0 : 1);
  853. }
  854. }
  855. // Save some memory.
  856. unset($profile, $memberContext[$_GET['u']]);
  857. return $data;
  858. }
  859. ?>