diff --git a/includes/pages/user_atom.php b/includes/pages/user_atom.php index e0093886..19abca61 100644 --- a/includes/pages/user_atom.php +++ b/includes/pages/user_atom.php @@ -3,40 +3,53 @@ // publically available page to feed the news to feedreaders function user_atom() { global $user, $DISPLAY_NEWS; - - if (isset ($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) + + if (isset($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) { $key = $_REQUEST['key']; - else - die("Missing key."); - + } else { + engelsystem_error("Missing key."); + } + $user = User_by_api_key($key); - if($user === false) - die("Unable to find user."); - if($user == null) - die("Key invalid."); - if(!in_array('atom', privileges_for_user($user['UID']))) - die("No privilege for atom."); - - $news = sql_select("SELECT * FROM `News` " . (empty($_REQUEST['meetings'])? '' : 'WHERE `Treffen` = 1 ') . "ORDER BY `ID` DESC LIMIT " . sql_escape($DISPLAY_NEWS)); - + if ($user === false) { + engelsystem_error("Unable to find user."); + } + if ($user == null) { + engelsystem_error("Key invalid."); + } + if (! in_array('atom', privileges_for_user($user['UID']))) { + engelsystem_error("No privilege for atom."); + } + + $news = sql_select("SELECT * FROM `News` " . (empty($_REQUEST['meetings']) ? '' : 'WHERE `Treffen` = 1 ') . "ORDER BY `ID` DESC LIMIT " . sql_escape($DISPLAY_NEWS)); + + $output = make_atom_entries_from_news($news); + header('Content-Type: application/atom+xml; charset=utf-8'); + header("Content-Length: " . strlen($output)); + raw_output($html); +} + +function make_atom_entries_from_news($news_entries) { $html = ' Engelsystem ' . $_SERVER['HTTP_HOST'] . htmlspecialchars(preg_replace('#[&?]key=[a-f0-9]{32}#', '', $_SERVER['REQUEST_URI'])) . ' ' . date('Y-m-d\TH:i:sP', $news[0]['Datum']) . "\n"; - foreach ($news as $news_entry) { - $html .= " + foreach ($news_entries as $news_entry) { + $html .= make_atom_entry_from_news($news_entry); + } + $html .= ""; + return $html; +} + +function make_atom_entry_from_news($news_entry) { + return " " . htmlspecialchars($news_entry['Betreff']) . " - " . preg_replace('#^https?://#', '', page_link_to_absolute("news")) . "-${news_entry['ID']} - " . date('Y-m-d\TH:i:sP', $news_entry['Datum']) . " + " . preg_replace('#^https?://#', '', page_link_to_absolute("news")) . "-${news_entry['ID']} + " . date('Y-m-d\TH:i:sP', $news_entry['Datum']) . " " . htmlspecialchars($news_entry['Text']) . " \n"; } -$html .= ""; -header("Content-Length: " . strlen($html)); -echo $html; -die(); -} ?>