<?php
/**
 * pragmaMx  Content Management System
 * Copyright (c) 2005 pragmaMx Dev Team - http://pragmaMx.org
 * 
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 * 
 * $Source: /home/cvs/pragmamx/stable/backend.php,v $
 * $Revision: 1.10 $
 * $Author: tora60 $
 * $Date: 2005/11/14 02:47:08 $
 */

/**
 * How to use the rss-syndication file ?
 * Simple: In your RSS-Reader use this URL:
 * http://www.YourDomain.tld/backend.php
 * then you will get from all sources (stories,downloads,links,eboard)
 * in $limit limited ammount of news in RSS1.0 Format
 * to specify one source you have to add ?op=sourcename after the
 * backend.php where sourcename ca be one of story,downs,link or board
 * eg http://www.YourDomain.tdl/backend.php?op=downs for Download
 * to specify a Feed-format, add a version=XXX where xxx can be one of
 * RSS0.91, RSS1.0, RSS2.0, OPML, mbox, PIE0.1, JS, HTML or ATOM0.3
 * eg http://www.YourDomain.tdl/backend.php?version=RSS2.0 for RSS2.0
 * to select one or more of the sources use following syntax:
 * http://www.YourDomain.tdl/backend.php?op=auswahl&feed1=XXX[&feed2=XXX&feed3=XXX]
 * where XXX can be one of story,downs,link or board also in this case
 * you can add the format at the end (&version=XXX)
 */

include_once("mainfile.php");
# error_reporting(E_ALL);
error_reporting(0);

if (empty($backend_active)) {
    die('sorry, rss-feed is not active');
} 

include_once("includes/feedcreator.class.php");

/* URL zur Logo-Bilddatei (ohne führenden Slash und ohne Domainangabe */
$logo = $backend_logo;
if (is_file($backend_logo)) {
    $logo = $backend_logo;
} 
// / die folgenden Einstellungen können durch _GET Parameter überschrieben werden
/* wieviel einzelne Punkte in den jeweiligen feeds anzeigen (15 maximal !) = _GET[limit] */
$limit = intval($backend_limit);
if (isset($_GET['limit']) && is_numeric($_GET['limit']) && $_GET['limit'] > 0 && $_GET['limit'] < 16) {
    $limit = intval($_GET['limit']);
} 
/* max. Angezeigte Länge der RSS-Beschreibung                              = _GET[rdt]   */
$rssdecriptiontrunk = intval($backend_rssdecriptiontrunk);
if (isset($_GET['rdt']) && is_numeric($_GET['rdt']) && $_GET['rdt'] > 0) {
    $rssdecriptiontrunk = intval($_GET['rdt']);
} 
/* max. Angezeigte Länge der Image-Beschreibung                            = _GET[pdt]   */
$imagedescriptiontrunk = intval($backend_imagedescriptiontrunk);
if (isset($_GET['pdt']) && is_numeric($_GET['pdt']) && $_GET['pdt'] > 0) {
    $imagedescriptiontrunk = intval($_GET['pdt']);
} 
/* max. Angezeigte Länge der einzelnen Item-Beschreibung                   = _GET[idt]   */
$itemdescriptiontrunk = intval($backend_itemdescriptiontrunk);
if (isset($_GET['idt']) && is_numeric($_GET['idt']) && $_GET['idt'] > 0) {
    $itemdescriptiontrunk = intval($_GET['idt']);
} 
# ## global informations for rss-syndication
$rss = new UniversalFeedCreator(); 
# $rss->useCached();
$rss->descriptionTruncSize = $rssdecriptiontrunk;
$rss->descriptionHtmlSyndicated = false;
$rss->title = htmlspecialchars($sitename);
$rss->description = htmlspecialchars($backend_title);
$rss->language = $backend_language;
$rss->link = MX_HOME_URL . '/';
$rss->syndicationURL = MX_HOME_URL . '/' . basename(__file__);
$image = new FeedImage();
$image->descriptionTruncSize = $imagedescriptiontrunk;
$image->descriptionHtmlSyndicated = false;
$image->title = $sitename . "-Logo";
$image->url = MX_HOME_URL . "/" . $logo;
$image->link = MX_HOME_URL . '/';
$image->description = "Feed provided by " . MX_HOME_URL . ". Click to visit.";
$rss->image = $image;
# ## end global informations
$modules = sql_query("SELECT title, active FROM " . $prefix . "_modules");
while (list($modulename, $modulactive) = sql_fetch_row($modules)) {
    $modcheck[$modulename] = $modulactive;
} 

$actions = array("news", "story", "downs", "board", "link", "auswahl", "smf", "all");
$versions = array("RSS0.91", "RSS1.0", "RSS2.0", "OPML", "mbox", "PIE0.1", "ATOM0.3", "HTML", "JS");

function stories ($version)
{
    global $rss, $limit, $prefix, $itemdescriptiontrunk, $modcheck;
    $heute = time();
    $result = sql_query("SELECT sid, title, hometext, UNIX_TIMESTAMP(time)AS date, informant FROM " . $prefix . "_stories where (UNIX_TIMESTAMP(time) <= " . $heute . ")  ORDER BY `time` DESC limit " . $limit);
    if (!$result) {
        echo "An error occured";
    } else {
        if ((mxModuleAllowed("News")) && ($modcheck['News'])) {
            while ($data_stories = sql_fetch_object($result)) {
                $item = new FeedItem();
                $item->descriptionTruncSize = $itemdescriptiontrunk;
                $item->title = strip_tags (rss_bbencode($data_stories->title));
                $item->link = MX_HOME_URL . "/modules.php?name=News&file=article&sid=" . $data_stories->sid;
                $item->description = strip_tags (rss_bbencode($data_stories->hometext));
                $item->date = intval($data_stories->date);
                $item->source = MX_HOME_URL . "/modules.php?name=News";
                $item->author = $data_stories->informant;
                $rss->addItem($item);
            } 
        } else {
            moduleerror("News");
        } 
    } 
    unset ($result, $data_stories);
} 

function eBoard ($version)
{
    global $rss, $limit, $prefix, $itemdescriptiontrunk, $modcheck ;
    if (!@include("modules/eBoard/settings.php")) {
        moduleerror("eBoard");
        return;
    } 
    $result = sql_query("SELECT a.tid, a.subject, a.message, a.lastpost, a.dateline, b.private, b.userlist FROM " . $table_threads . " AS a LEFT JOIN " . $table_forums . " AS b ON a.fid =b.fid WHERE private='' AND userlist='' ORDER BY a.lastpost DESC limit " . $limit);
    if (!$result) {
        echo "An error occured";
    } else {
        if ((mxModuleAllowed("eBoard")) && ($modcheck['eBoard'])) {
            while ($data_board = sql_fetch_object($result)) {
                $item = new FeedItem();
                $item->descriptionTruncSize = $itemdescriptiontrunk;
                $item->title = strip_tags(rss_bbencode($data_board->subject));
                $item->link = MX_HOME_URL . "/modules.php?op=modload&name=eBoard&file=viewthread&tid=" . $data_board->tid;
                $item->description = strip_tags(rss_bbencode($data_board->message));
                $datum = substr($data_board->lastpost, 0, (strpos($data_board->lastpost, "|")));
                $informant = substr(strrchr($data_board->lastpost, "|"), 1);
                $item->date = intval($datum);
                $item->source = MX_HOME_URL . "/modules.php?name=eBoard";
                $item->author = $informant;
                $rss->addItem($item);
            } 
        } else {
            moduleerror("eBoard");
        } 
    } 
    unset ($result, $data_board, $informant, $datum);
} 

function links ($version)
{
    global $rss, $limit, $prefix, $itemdescriptiontrunk, $modcheck ;
    $result = sql_query("select lid, title, description, UNIX_TIMESTAMP(date)AS datum, submitter from " . $prefix . "_links_links order by date DESC limit " . $limit);
    if (!$result) {
        echo "An error occured";
    } else {
        if ((mxModuleAllowed("Web_Links")) && ($modcheck['Web_Links'])) {
            while ($data_links = sql_fetch_object($result)) {
                $item = new FeedItem();
                $item->descriptionTruncSize = $itemdescriptiontrunk;
                $item->title = strip_tags(rss_bbencode($data_links->title));
                $item->link = MX_HOME_URL . "/modules.php?name=Web_Links&l_op=viewlinkdetails&lid=" . $data_links->lid . "&ttitle=" . urlencode(trim($data_links->title));
                $item->description = strip_tags(rss_bbencode($data_links->description));
                $item->date = intval($data_links->datum);
                $item->source = MX_HOME_URL . "/modules.php?name=WebLinks";
                $item->author = $data_links->submitter;
                $rss->addItem($item);
            } 
        } else {
            moduleerror("Web_Links");
        } 
    } 
    unset ($result, $data_links);
} 

function downloads ($version)
{
    global $rss, $limit, $prefix, $itemdescriptiontrunk, $modcheck ;
    $result = sql_query("select lid, title, description, UNIX_TIMESTAMP(date)AS datum, submitter from " . $prefix . "_downloads_downloads order by date DESC limit " . $limit);
    if (!$result) {
        echo "An error occured";
    } else {
        if ((mxModuleAllowed("Downloads")) && ($modcheck['Downloads'])) {
            while ($data_down = sql_fetch_object($result)) {
                if (($version == "RSS1.0")or($version == "RSS2.0")) {
                    $data_down->description = rss_bbencode($data_down->description);
                    $data_down->title = rss_bbencode($data_down->title);
                } 
                $item = new FeedItem();
                $item->descriptionTruncSize = $itemdescriptiontrunk;
                $item->title = strip_tags(rss_bbencode($data_down->title));
                $item->link = MX_HOME_URL . "/modules.php?name=Downloads&d_op=viewdownloaddetails&lid=" . $data_down->lid . "&ttitle=" . urlencode(trim($data_down->title));
                $item->description = strip_tags(rss_bbencode($data_down->description));
                $item->date = intval($data_down->datum);
                $item->source = MX_HOME_URL . "/modules.php?name=Downloads";
                $item->author = $data_down->submitter;
                $rss->addItem($item);
            } 
        } else {
            moduleerror("Downloads");
        } 
    } 
    unset ($result, $data_down);
} 

function simple($version)
{
    global $rss, $limit, $prefix, $itemdescriptiontrunk, $scripturl, $modcheck;
    if ((mxModuleAllowed("Forum")) && ($modcheck['Forum'])) {
        if (!@include("modules/Forum/smf/Settings.php")) {
            return;
        } 
        $user_info['query_see_board'] = 'FIND_IN_SET(-1, b.memberGroups)';
        $board = ""; 
        # $db_prefix="mx_org_smf_";
        # $db_prefix=$prefix."_".$db_prefix;
        $scripturl = $boardurl . '/index.php';
        $search = array ("'<script[^>]*?>.*?</script>'si", // Strip out javascript
            "'<[\/\!]*?[^<>]*?>'si", // Strip out html tags
            "'([\r\n])[\s]+'", // Strip out white space
            "'(\ )+'",
            "'&(quot|#34);'i", // Replace html entities
            "'&(amp|#38);'i",
            "'&(lt|#60);'i",
            "'&(gt|#62);'i",
            "'&(nbsp|#160);'i",
            "'&(iexcl|#161);'i",
            "'&(cent|#162);'i",
            "'&(pound|#163);'i",
            "'&(copy|#169);'i",
            "'&#(\d+);'e"); // evaluate as php
        
        $replace = array ("",
            " ",
            "\\1",
            " ",
            "\"",
            "&",
            "<",
            ">",
            " ",
            chr(161),
            chr(162),
            chr(163),
            chr(169),
            "chr(\\1)");

        $result = sql_query("SELECT
			m.smileysEnabled, m.posterTime, m.ID_MSG, m.subject, m.body, t.ID_TOPIC, t.ID_BOARD,
			b.name AS bname, t.numReplies, m.ID_MEMBER, IFNULL(mem.realName, m.posterName) AS posterName,
			mem.hideEmail, IFNULL(mem.emailAddress, m.posterEmail) AS posterEmail
		FROM " . $db_prefix . "topics AS t, " . $db_prefix . "messages AS m, " . $db_prefix . "boards AS b
			LEFT JOIN " . $db_prefix . "members AS mem ON (mem.ID_MEMBER = m.ID_MEMBER)
		WHERE b.ID_BOARD =  t.ID_BOARD
			AND m.ID_MSG = t.ID_LAST_MSG
			AND FIND_IN_SET(-1, b.memberGroups)
		ORDER BY m.ID_MSG DESC
		LIMIT " . $limit);
        while ($row = sql_fetch_object($result)) {
            // Limit the length of the message, if the option is set.
            if (!empty($itemdescriptiontrunk) && strlen(str_replace('<br />', "\n", $row->body)) > $itemdescriptiontrunk)
                $row->body = strtr(substr(str_replace('<br />', "\n", $row->body), 0, $itemdescriptiontrunk - 3), array("\n" => '<br />')) . '...'; 
            // Being news, this actually makes sense in rss format.
            /*if (($version=="RSS1.0")or($version=="RSS2.0"))
			{
				$row->subject = rss_bbencode($row->subject);
				$row->body = rss_bbencode($row->body);
			}*/
            $item = new FeedItem();
            $item->descriptionTruncSize = $itemdescriptiontrunk;
            $item->title = preg_replace($search, $replace, $row->subject);
            $item->link = MX_HOME_URL . "/modules.php?name=Forum&topic=" . $row->ID_TOPIC . ".msg" . $row->ID_MSG . "#msg" . $row->ID_MSG;
            $item->description = preg_replace($search, $replace, $row->body);
            $item->date = intval($row->posterTime);
            $item->source = MX_HOME_URL . "/modules.php?name=Forum";
            $item->author = $row->posterName;
            $rss->addItem($item);
        } 
    } else {
        moduleerror("Forum");
    } 
    unset ($row);
} 

function rss_bbencode($msg)
{
    $pattern = '#(\<(img|i?frame|object|i?layer|script|link|embed)[^\&g t;]+([[:space:]]{0,})(src|rel)([[:space:]]{0,})?=([^\>]+)?admin\.php\?[^ \>]+\>)|(\[img\](.+)?(admin\.php\?).+?\[/img\])#si';
    if (preg_match($pattern, $msg)) {
        mxErrorScreen("found malicious Code in BBCode");
    } 
    $msg = preg_replace("#\[quote\](.*?)\[/quote]#si", "<TABLE BORDER=0 ALIGN=CENTER WIDTH=85%><TR><TD><font size=-1>Quote</font><HR></TD></TR><TR><TD><FONT SIZE=-1><BLOCKQUOTE>\\1</BLOCKQUOTE></FONT></TD></TR><TR><TD><HR></TD></TR></TABLE>", $msg);
    $msg = preg_replace("#\[b\](.*?)\[/b\]#si", "<B>\\1</B>", $msg);
    $msg = preg_replace("#\[i\](.*?)\[/i\]#si", "<I>\\1</I>", $msg);
    $msg = preg_replace("#\[url\](http://)?(.*?)\[/url\]#si", "<A HREF=\"http://\\2\" TARGET=\"_blank\">\\2</A>", $msg);
    $msg = preg_replace("#\[u\](.*?)\[/u\]#si", "<U>\\1</U>", $msg);
    $msg = preg_replace("#\[url=(http://)?(.*?)\](.*?)\[/url\]#si", "<A HREF=\"http://\\2\" TARGET=\"_blank\">\\3</A>", $msg);
    $msg = preg_replace("#\[email\](.*?)\[/email\]#si", "<A HREF=\"mailto:\\1\">\\1</A>", $msg);
    $msg = preg_replace("#\[img\](.*?)\[/img\]#si", "<IMG SRC=\"\\1\">", $msg);
    $matchCount = preg_match_all("#\[list\](.*?)\[/list\]#si", $msg, $matches);
    for ($i = 0; $i < $matchCount; $i++) {
        $currMatchTextBefore = preg_quote($matches[1][$i]);
        $currMatchTextAfter = preg_replace("#\[\*\]#si", "<LI>", $matches[1][$i]);
        $msg = preg_replace("#\[list\]$currMatchTextBefore\[/list\]#si", "<UL>$currMatchTextAfter</UL>", $msg);
    } 
    $matchCount = preg_match_all("#\[list=([a1])\](.*?)\[/list\]#si", $msg, $matches);
    for ($i = 0; $i < $matchCount; $i++) {
        $currMatchTextBefore = preg_quote($matches[2][$i]);
        $currMatchTextAfter = preg_replace("#\[\*\]#si", "<LI>", $matches[2][$i]);
        $msg = preg_replace("#\[list=([a1])\]$currMatchTextBefore\[/list\]#si", "<OL TYPE=\\1>$currMatchTextAfter</OL>", $msg);
    } 
    return($msg);
} 

function moduleerror($modulename)
{
    global $rss, $limit, $prefix, $itemdescriptiontrunk ;
    $item = new FeedItem();
    $item->descriptionTruncSize = $itemdescriptiontrunk;
    $item->title = "Fehler im RSS-Feed";
    $item->link = MX_HOME_URL;
    $item->description = "Das Modul " . $modulename . " ist nicht aktiviert oder nicht für anonyme Besucher freigegeben. Bitte wählen sie einen anderen Newsfeed";
    $item->date = intval(time());
    $item->source = MX_HOME_URL;
    $item->author = "Administrator";
    $rss->addItem($item);
} 

function auswahl ()
{
    global $actions, $version;
    $wert[] = (empty($_GET["feed1"])) ? "" : ($_GET["feed1"]);
    $wert[] = (empty($_GET["feed2"])) ? "" : ($_GET["feed2"]);
    $wert[] = (empty($_GET["feed3"])) ? "" : ($_GET["feed3"]);
    $i = 0;
    while ($i < 3) {
        if (!in_array ($wert[$i], $actions)) {
            $wert[$i] = "oo";
        } 
        switch ($wert[$i]) {
            case "oo":
                break;

            case "news":
            case "story":
                stories($version);
                break;

            case "board":
                eBoard($version);
                break;

            case "downs":
                downloads ($version);
                break;

            case "link":
                links($version);
                break;

            case "smf":
                simple($version);
                break;
        } 
        $i++;
    } 
    unset ($i, $wert);
} 

$version = (empty($_REQUEST['version'])) ? "" : ($_REQUEST['version']);
if (!in_array($version, $versions)) {
    $version = "RSS0.91";
} 
switch ($version) {
    case "RSS0.91":
        $content_type = "text/xml";
        break;
    case "RSS1.0":
        $content_type = "text/xml";
        break;
    case "RSS2.0":
        $content_type = "text/xml";
        break;
    case "OPML":
        $content_type = "text/xml";
        break;
    case "mbox":
        $content_type = "text/plain";
        break;
    case "PIE0.1":
        $content_type = "text/xml";
        break;
    case "ATOM0.3":
        $content_type = "application/atom+xml";
        break;
    case "HTML":
        $content_type = "text/html";
        break;
    case "JS":
        $content_type = "text/javascript";
        break;
} 

$op = (empty($_GET['op'])) ? "" : $_GET['op'];
if (!in_array($op, $actions)) {
    $op = "story";
} 
switch ($op) {
    case "news":
    case "story":
        stories($version);
        break;

    case "board":
        eBoard($version);
        break;

    case "downs":
        downloads($version);
        break;

    case "link":
        links($version);
        break;

    case "auswahl":
        auswahl($version);
        break;

    case "smf":
        simple($version);
        break;

    case "all":
        stories($version);
        eBoard($version);
        downloads($version);
        links($version);
        simple($version);
        break;
} 
// by Andi: das wird benötigt für das Link-Anzeigescript welches ich gerade baue ;-)
if (defined('MX_RSS_LIST')) {
    return;
} 

header("Content-Type: " . $content_type);
$out = $rss->createFeed($version);
// / Ersetzen der Links in ein suchmaschinenfreundliches Format.
// / Der Ausgabepuffer wurde in mx_baseconfig explizit gestartet!
// / falls doch leer, ist nix mit mod_rewrite
if (!empty($GLOBALS['mxUseModrewrite']['anony']) && $out) {
    if (is_file('.htaccess') && is_file('includes/mx_modrewrite.php')) {
        @include_once('includes/mx_modrewrite.php');
        if (function_exists('mxPrepareModRewrite')) {
            $out = mxPrepareModRewrite($out);
        } 
    } 
} 

echo $out;