Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
git-svn-id: https://xerteonlinetoolkits.googlecode.com/svn/trunk@106 912cdd6b-5c7d-d5a7-a2ba-d0f0cdb91641
- Loading branch information
Dave Goodwin
committed
Sep 28, 2011
1 parent
4abfaec
commit b527ddf
Showing
1 changed file
with
100 additions
and
103 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,136 +1,133 @@ | ||
| <?PHP /** | ||
| * | ||
| * data page, allows other sites to consume the xml of a toolkit | ||
| * | ||
| * @author Patrick Lockley | ||
| * @version 1.0 | ||
| * @copyright Copyright (c) 2008,2009 University of Nottingham | ||
| * @package | ||
| */ | ||
|
|
||
| require("config.php"); | ||
|
|
||
| require $xerte_toolkits_site->php_library_path . "database_library.php"; | ||
| require $xerte_toolkits_site->php_library_path . "template_status.php"; | ||
| require $xerte_toolkits_site->php_library_path . "display_library.php"; | ||
|
|
||
| /** | ||
| * connect to the database | ||
| */ | ||
|
|
||
| $mysql_id=database_connect("data database connect successful","data database connect failed"); | ||
|
|
||
| /** | ||
| * Check the template ID is a number | ||
| */ | ||
| <?php | ||
| /** | ||
| * | ||
| * data page, allows other sites to consume the xml of a toolkit | ||
| * | ||
| * @author Patrick Lockley | ||
| * @version 1.0 | ||
| * @copyright Copyright (c) 2008,2009 University of Nottingham | ||
| * @package | ||
| */ | ||
|
|
||
| if(is_numeric(mysql_real_escape_string($_GET['template_id']))){ | ||
|
|
||
| /** | ||
| * Run the standard query from config.php, excessive in this case, but suitable | ||
| */ | ||
| require("config.php"); | ||
|
|
||
| $query_to_check_data = "select * from " . $xerte_toolkits_site->database_table_prefix . "additional_sharing where sharing_type=\"xml\" and template_id=\"" . mysql_real_escape_string($_GET['template_id']) . "\""; | ||
| require $xerte_toolkits_site->php_library_path . "database_library.php"; | ||
| require $xerte_toolkits_site->php_library_path . "template_status.php"; | ||
| require $xerte_toolkits_site->php_library_path . "display_library.php"; | ||
|
|
||
| $query_for_data_response = mysql_query($query_to_check_data); | ||
| /** | ||
| * connect to the database | ||
| */ | ||
|
|
||
| /** | ||
| * Check to see if for this ID a data value is set in additional sharing. | ||
| */ | ||
| $mysql_id=database_connect("data database connect successful","data database connect failed"); | ||
|
|
||
| if(mysql_num_rows($query_for_data_response)!=0){ | ||
| /** | ||
| * Check the template ID is a number | ||
| */ | ||
|
|
||
| $row_data = mysql_fetch_array($query_for_data_response); | ||
| if(is_numeric(mysql_real_escape_string($_GET['template_id']))){ | ||
|
|
||
| /** | ||
| * The extra value in this case is the hostname we have limited XML consumption too, and as such see it exists | ||
| */ | ||
| /** | ||
| * Run the standard query from config.php, excessive in this case, but suitable | ||
| */ | ||
|
|
||
| if($row_data['extra']!=""){ | ||
|
|
||
| /** | ||
| * Compare to the host variables | ||
| */ | ||
| $query_to_check_data = "select * from " . $xerte_toolkits_site->database_table_prefix . "additional_sharing where sharing_type=\"xml\" and template_id=\"" . mysql_real_escape_string($_GET['template_id']) . "\""; | ||
|
|
||
| if(($row_data['extra']==$_SERVER['HTTP_REFERER'])||($row_data['extra']==$_SERVER['REMOTE_ADDR'])){ | ||
|
|
||
| /** | ||
| * Fetch and return the XML | ||
| */ | ||
| $query_for_data_response = mysql_query($query_to_check_data); | ||
|
|
||
| $query_for_preview_content = $xerte_toolkits_site->play_edit_preview_query; | ||
|
|
||
| $query_for_preview_content_response = mysql_query($query_for_preview_content); | ||
|
|
||
| $row = mysql_fetch_array($query_for_preview_content_response); | ||
|
|
||
| $query_for_username = "select username from " . $xerte_toolkits_site->database_table_prefix . "logindetails where login_id=\"" . $row['user_id'] . "\""; | ||
|
|
||
| $query_for_username_response = mysql_query($query_for_username); | ||
|
|
||
| $row_username = mysql_fetch_array($query_for_username_response); | ||
|
|
||
| $path = $xerte_toolkits_site->users_file_area_short . $row['template_id'] . "-" . $row_username['username'] . "-" . $row['template_name'] . "/"; | ||
|
|
||
| echo str_replace("FileLocation + '", $xerte_toolkits_site->site_url . $path, file_get_contents($path . "data.xml")); | ||
| /** | ||
| * Check to see if for this ID a data value is set in additional sharing. | ||
| */ | ||
|
|
||
| }else{ | ||
| if(mysql_num_rows($query_for_data_response)!=0){ | ||
|
|
||
| dont_show_template(); | ||
| $row_data = mysql_fetch_array($query_for_data_response); | ||
|
|
||
| } | ||
| /** | ||
| * The extra value in this case is the hostname we have limited XML consumption too, and as such see it exists | ||
| */ | ||
|
|
||
| if($row_data['extra']!=""){ | ||
|
|
||
| }else{ | ||
|
|
||
| /** | ||
| * Fetch and return the XML | ||
| */ | ||
| /** | ||
| * Compare to the host variables | ||
| */ | ||
|
|
||
| $query_for_play_content_strip = str_replace("\" . \$xerte_toolkits_site->database_table_prefix . \"", $xerte_toolkits_site->database_table_prefix, $xerte_toolkits_site->play_edit_preview_query); | ||
|
|
||
| $query_for_play_content = str_replace("TEMPLATE_ID_TO_REPLACE", mysql_real_escape_string($_GET['template_id']), $query_for_play_content_strip); | ||
| if(($row_data['extra']==$_SERVER['HTTP_REFERER'])||($row_data['extra']==$_SERVER['REMOTE_ADDR'])){ | ||
|
|
||
| $query_for_play_content_response = mysql_query($query_for_play_content); | ||
| /** | ||
| * Fetch and return the XML | ||
| */ | ||
|
|
||
| $row = mysql_fetch_array($query_for_play_content_response); | ||
|
|
||
| $query_for_username = "select username from " . $xerte_toolkits_site->database_table_prefix . "logindetails where login_id=\"" . $row['user_id'] . "\""; | ||
|
|
||
| $query_for_username_response = mysql_query($query_for_username); | ||
|
|
||
| $row_username = mysql_fetch_array($query_for_username_response); | ||
|
|
||
| $path = $xerte_toolkits_site->users_file_area_short . $row['template_id'] . "-" . $row_username['username'] . "-" . $row['template_name'] . "/"; | ||
| $query_for_preview_content = $xerte_toolkits_site->play_edit_preview_query; | ||
|
|
||
| echo str_replace("FileLocation + '", $xerte_toolkits_site->site_url . $path, file_get_contents($path . "data.xml")); | ||
| $query_for_preview_content_response = mysql_query($query_for_preview_content); | ||
|
|
||
| $row = mysql_fetch_array($query_for_preview_content_response); | ||
|
|
||
| } | ||
|
|
||
| $query_for_username = "select username from " . $xerte_toolkits_site->database_table_prefix . "logindetails where login_id=\"" . $row['user_id'] . "\""; | ||
|
|
||
| }else{ | ||
| $query_for_username_response = mysql_query($query_for_username); | ||
|
|
||
| /*** | ||
| Display nothing | ||
| */ | ||
| $row_username = mysql_fetch_array($query_for_username_response); | ||
|
|
||
| echo "XML Sharing not set up"; | ||
| $path = $xerte_toolkits_site->users_file_area_short . $row['template_id'] . "-" . $row_username['username'] . "-" . $row['template_name'] . "/"; | ||
|
|
||
| dont_show_template(); | ||
| echo str_replace("FileLocation + '", $xerte_toolkits_site->site_url . $path, file_get_contents($path . "data.xml")); | ||
|
|
||
| } | ||
| }else{ | ||
|
|
||
| }else{ | ||
| dont_show_template(); | ||
|
|
||
| /** | ||
| * Display nothing | ||
| */ | ||
| } | ||
|
|
||
| dont_show_template(); | ||
|
|
||
| } | ||
| }else{ | ||
|
|
||
| /** | ||
| * Fetch and return the XML | ||
| */ | ||
|
|
||
| $query_for_play_content_strip = str_replace("\" . \$xerte_toolkits_site->database_table_prefix . \"", $xerte_toolkits_site->database_table_prefix, $xerte_toolkits_site->play_edit_preview_query); | ||
|
|
||
| ?> | ||
| $query_for_play_content = str_replace("TEMPLATE_ID_TO_REPLACE", mysql_real_escape_string($_GET['template_id']), $query_for_play_content_strip); | ||
|
|
||
| $query_for_play_content_response = mysql_query($query_for_play_content); | ||
|
|
||
| $row = mysql_fetch_array($query_for_play_content_response); | ||
|
|
||
| $query_for_username = "select username from " . $xerte_toolkits_site->database_table_prefix . "logindetails where login_id=\"" . $row['user_id'] . "\""; | ||
|
|
||
| $query_for_username_response = mysql_query($query_for_username); | ||
|
|
||
| $row_username = mysql_fetch_array($query_for_username_response); | ||
|
|
||
| $path = $xerte_toolkits_site->users_file_area_short . $row['template_id'] . "-" . $row_username['username'] . "-" . $row['template_name'] . "/"; | ||
|
|
||
| echo str_replace("FileLocation + '", $xerte_toolkits_site->site_url . $path, file_get_contents($path . "data.xml")); | ||
|
|
||
|
|
||
| } | ||
|
|
||
|
|
||
| }else{ | ||
|
|
||
| /*** | ||
| Display nothing | ||
| */ | ||
|
|
||
| echo "XML Sharing not set up"; | ||
|
|
||
| dont_show_template(); | ||
|
|
||
| } | ||
|
|
||
| }else{ | ||
|
|
||
| /** | ||
| * Display nothing | ||
| */ | ||
|
|
||
| dont_show_template(); | ||
|
|
||
| } |