Jump to content

Missing XML Formatting


iwato

Recommended Posts

BACKGROUND:  I have recently created the content of an automatically generated podcast using a PHP Class that I found on a webpage found https://www.phpclasses.org/package/2957-PHP-Generate-RSS-2-0-feeds.html.  Unfortunately, when I attempt to display the generated feed all that is displayed are the values of the input variables, or alternatively nothing (see (below)depending on the method of display. In short, the desired formatting -- the reason that I downloaded the PHP Class -- is missing.

The page that creates the above result is a text file with a .php extension and a header( ) function.

$rss_feed->encoding = 'UTF-8';
$rss_feed->version = '2.0';
$rss_feed->createFeed($rss_channel);
header('Content-Type: text/xml;

$rss_channel =  the object that combines the formatting with the values of the input variables and their respective objects.

The Class is relatively straight-forward and easily customized, but for two lines that I do not understand and could well be preventing the display of the XML code, if not properly configured.  Interestingly, whether they are commented out or left in tact, they have no affect on what is displayed.

$selfUrl = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on' ? 'http://' : 'https://');
$selfUrl .= $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];

When I run the .php file the following message appears at the top of the completed page.  Still nothing below the message appears.  Also, I do not know the source of this message. it does not appear to come from the .php document.

Quote

This XML file does not appear to have any style information associated with it. The document tree is shown below.

Now, I have not constructed a style-sheet for the Feed page, but I hardly see how this could stop the feed from appearingl

Please advise.

 

Link to comment
Share on other sites

The browser shows that message because the content type is text/xml, although you have a syntax error on that header line.  I would view the source code of the page and figure out what is actually getting sent, or just comment out that header so the browser displays it normally, and check what is being sent.  Make sure you also have all error messages enabled and displayed or logged.

Link to comment
Share on other sites

OK.  This is the code.  I am exhausted.

<?php
	ini_set('display_errors', 1);
	ini_set('display_startup_errors', 1);
	error_reporting(E_ALL);
	$host = "...";
	$user = "...";
	$pwd = "...";
	$mysqli_obj = new mysqli($host, $user, $pwd);
	if (mysqli_connect_errno()) {
		printf("Connect failed: %s\n", mysqli_connect_error());
		exit();
	}
	$mysqli_obj->set_charset("utf8");
	$db = "thege0_grammarcaptive";
	$mysqli_obj->select_db($db);
	$tbl_name = 'rss2_podcast_channel';
	$sql_1 = "SELECT * FROM ". $tbl_name . " ORDER BY channel_pubdate DESC LIMIT 1";
	$chan_arr = array(); 
	$result_obj = $mysqli_obj->query($sql_1);
	while($row = $result_obj->fetch_assoc()) {
		foreach($row as $key => $value) {
			$chan_arr[$key] = $value;
		}
	}
	$tbl_name = 'rss2_podcast_item';
	$sql_1 = "SELECT * FROM ". $tbl_name . " ORDER BY item_pubdate DESC LIMIT 5";
	$item_arr = array(); 
	$result_obj = $mysqli_obj->query($sql_1);
	while($row = $result_obj->fetch_assoc()) {
		foreach($row as $key => $value) {
			$item_arr[$key] = $value;
		}
		$items[] = $item_arr;
	}
	$tbl_name = 'rss2_podcast_itunes';
	$sql_1 = "SELECT * FROM ". $tbl_name . " ORDER BY publish_date_itunes DESC LIMIT 5";
	$itunes_arr = array(); 
	$result_obj = $mysqli_obj->query($sql_1);
	while($row = $result_obj->fetch_assoc()) {
		foreach($row as $key => $value) {
			$itunes_arr[$key] = $value;
		}
		$itunes[] = $itunes_arr;
	}
	include('/Users/kiusau/Sites/reflexive/php_practice/libraries/rssgen2.0/rss_generator.inc.php');
	$rss_feed = new rssGenerator_rss();
	$atomLinkHref = '../../../../grammarcaptive.com/feed/gc_podcasts.xml';
$chan_categories = array(0 => array('domain' => '', 'name' => $chan_arr['channel_category1']),1 => array('domain' => '', 'name' => $chan_arr['channel_category2']),2 => array('domain' => '', 'name' => $chan_arr['channel_category3'])); 
	$i = 0;
	$length = count($items);
	while ($i < $length) {
		foreach ($items[$i] as $key => $value) {
			if ($key == 'item_category1') {
				$item_categories[$i][$key] = array('domain'=>'','name'=>$value);
			}
			if ($key == 'item_category2') {
				$item_categories[$i][$key] = array('domain'=>'','name'=>$value);
			}
			if ($key == 'item_category3') {
				$item_categories[$i][$key] = array('domain'=>'','name'=>$value);
			}
		}
		$i++;
	}
	$i = 0;
	$length = count($itunes);
	while ($i < $length) {
		foreach ($itunes[$i] as $key => $value) {
			if ($key == 'itunes_category1') {
				$itunes_categories[$i][$key] = array('domain'=>'','name'=>$value);
			}
			if ($key == 'itunes_category2') {
				$itunes_categories[$i][$key] = array('domain'=>'','name'=>$value);
			}
			if ($key == 'itunes_category3') {
				$itunes_categories[$i][$key] = array('domain'=>'','name'=>$value);
			}
		}
		$i++;
	}
	$i = 0;
	$length = count($items);
	while ($i < $length) {
		$rss_item = new rssGenerator_item();
		foreach ($items[$i] as $key => $value) {
			$rss_item->title = $items[$i]['item_title'];
			$rss_item->description = $items[$i]['item_description'];
			$rss_item->link = $items[$i]['item_link'];
			$rss_item->pubDate = $items[$i]['item_pubdate'];
			$rss_item->author = $items[$i]['item_author'];
			$rss_item->comments = $items[$i]['item_comments'];
			$rss_item->guid = $items[$i]['item_guid'];
			$rss_item->guid_isPermaLink = 'false';
			$rss_item->source = 'Grammar Captive';
			$rss_item->source_url = $items[$i]['item_source'];
			$rss_item->enclosure_url = $items[$i]['item_enclurl'];
			$rss_item->enclosure_length = $items[$i]['item_encllength'];
			$rss_item->enclosure_type = $items[$i]['item_encltype'];
			$rss_item->categories = $item_categories[$i];
		}
		$rss_items[] = $rss_item;
		$i++;
	}
	$rss_image = new rssGenerator_image();
	$rss_image->title = $chan_arr['channel_img_title'];
	$rss_image->url = $chan_arr['channel_img_url']; 
	$rss_image->link = $chan_arr['channel_img_link']; 
	$rss_image->width = $chan_arr['channel_img_width']; 
	$rss_image->height = $chan_arr['channel_img_height']; 
	$rss_image->description = $chan_arr['channel_img_description'];
	$rss_channel = new rssGenerator_channel();
	$rss_channel->atomLinkHref = $atomLinkHref;
	$rss_channel->title = $chan_arr['channel_title'];
	$rss_channel->link = $chan_arr['channel_link'];
	$rss_channel->description = $rss_feed->cData($chan_arr['channel_description']);
	$rss_channel->language = $chan_arr['channel_language'];
	$rss_channel->copyright = $chan_arr['channel_copyright'];
	$rss_channel->webMaster = $chan_arr['channel_link'];
	$rss_channel->pubDate = $chan_arr['channel_pubdate'];
	$rss_channel->lastBuildDate = $chan_arr['channel_lastbuilddate'];
	$rss_channel->categories = $chan_categories;
	$rss_channel->image = $rss_image;
	$rss_channel->items = $rss_items;
	$rss_feed->encoding = 'UTF-8';
	$rss_feed->version = '2.0';
	$rss_feed->createFeed($rss_channel);
//	header('Location: gc_podcasts.xml');
	$result_obj->free();
	$mysqli_obj->close();
?>

Now, mind you.  This identical code works in an HTML file with all kinds of HTML mark-up, but when set aside unto its own without the mark-up it fails resulting in the PHP white sheet.

Link to comment
Share on other sites

OK.  i have discovered that the include statement is failing.  Still, I do not understand the statement

$selfUrl = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on' ? 'http://' : 'https://');
$selfUrl .= $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];

 

Link to comment
Share on other sites

If you're asking about where it is in the code, I don't know, it's not in the code you posted.  If you're asking about which URL it is, it's the URL of the current PHP script.  Just print it out if you want to see what it's set to.

Link to comment
Share on other sites

Unfortunately, there is nothing to print.

Catchable fatal error: Object of class rssGenerator_rss could not be converted to string in /Users/kiusau/Sites/reflexive/php_practice/libraries/rssgen2.0/gc_implemenation/rss2gen.php on line 1400

 

Link to comment
Share on other sites

This is the PHP package that I am using.  And, I beginning to feel very sorry that I chose it.  Simply, it appeared better documented than the others that I had viewed.

<?php

/*
  RSS Feed Generator for PHP 4 or higher version
  Version 1.0.3  
  Written by Vagharshak Tozalakyan <vagh@armdex.com>
  License: GNU Public License

  Classes in package:
    class rssGenerator_rss
    class rssGenerator_channel
    class rssGenerator_image
    class rssGenerator_textInput
    class rssGenerator_item

  For additional information please reffer the documentation
*/

class rssGenerator_rss
{
    var $rss_version = '2.0';
    var $encoding = '';
    var $stylesheet = '';

    function cData($str)
    {
        return '<![CDATA[ ' . $str . ' ]]>';
    }

    function createFeed($channel)
    {
        $selfUrl = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on' ? 'http://' : 'https://');
        $selfUrl .= $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
        $rss = '<?xml version="1.0"';
        if (!empty($this->encoding)) {
            $rss .= ' encoding="' . $this->encoding . '"';
        }
        $rss .= '?>' . "\n";
        if (!empty($this->stylesheet)) {
            $rss .= $this->stylesheet . "\n";
        }
        $rss .= '<!-- Generated on ' . date('r') . ' -->' . "\n";
        $rss .= '<rss version="' . $this->rss_version . '" xmlns:atom="http://www.w3.org/2005/Atom">' . "\n";
        $rss .= '  <channel>' . "\n";
	    $rss .= '    <atom:link href="' . ($channel->atomLinkHref ? $channel->atomLinkHref : $selfUrl) . '" rel="self" type="application/rss+xml" />' . "\n";
        $rss .= '    <title>' . $channel->title . '</title>' . "\n";
        $rss .= '    <link>' . $channel->link . '</link>' . "\n";
        $rss .= '    <description>' . $channel->description . '</description>' . "\n";
        if (!empty($channel->language)) {
            $rss .= '    <language>' . $channel->language . '</language>' . "\n";
        }
        if (!empty($channel->copyright)) {
            $rss .= '    <copyright>' . $channel->copyright . '</copyright>' . "\n";
        }
        if (!empty($channel->managingEditor)) {
            $rss .= '    <managingEditor>' . $channel->managingEditor . '</managingEditor>' . "\n";
        }
        if (!empty($channel->webMaster)) {
            $rss .= '    <webMaster>' . $channel->webMaster . '</webMaster>' . "\n";
        }
        if (!empty($channel->pubDate)) {
            $rss .= '    <pubDate>' . $channel->pubDate . '</pubDate>' . "\n";
        }
        if (!empty($channel->lastBuildDate)) {
            $rss .= '    <lastBuildDate>' . $channel->lastBuildDate . '</lastBuildDate>' . "\n";
        }
        foreach ($channel->categories as $category) {
            $rss .= '    <category';
            if (!empty($category['domain'])) {
                $rss .= ' domain="' . $category['domain'] . '"';
            }
            $rss .= '>' . $category['name'] . '</category>' . "\n";
        }
        if (!empty($channel->generator)) {
            $rss .= '    <generator>' . $channel->generator . '</generator>' . "\n";
        }
        if (!empty($channel->docs)) {
            $rss .= '    <docs>' . $channel->docs . '</docs>' . "\n";
        }
        if (!empty($channel->ttl)) {
            $rss .= '    <ttl>' . $channel->ttl . '</ttl>' . "\n";
        }
        if (sizeof($channel->skipHours)) {
            $rss .= '    <skipHours>' . "\n";
            foreach ($channel->skipHours as $hour) {
                $rss .= '      <hour>' . $hour . '</hour>' . "\n";
            }
            $rss .= '    </skipHours>' . "\n";
        }
        if (sizeof($channel->skipDays)) {
            $rss .= '    <skipDays>' . "\n";
            foreach ($channel->skipDays as $day) {
                $rss .= '      <day>' . $day . '</day>' . "\n";
            }
            $rss .= '    </skipDays>' . "\n";
        }
        if (!empty($channel->image)) {
            $image = $channel->image;
            $rss .= '    <image>' . "\n";
            $rss .= '      <url>' . $image->url . '</url>' . "\n";
            $rss .= '      <title>' . $image->title . '</title>' . "\n";
            $rss .= '      <link>' . $image->link . '</link>' . "\n";
            if ($image->width) {
                $rss .= '      <width>' . $image->width . '</width>' . "\n";
            }
            if ($image->height) {
                $rss .= '      <height>' . $image->height . '</height>' . "\n";
            }
            if (!empty($image->description)) {
                $rss .= '      <description>' . $image->description . '</description>' . "\n";
            }
            $rss .= '    </image>' . "\n";
        }
        if (!empty($channel->textInput)) {
            $textInput = $channel->textInput;
            $rss .= '    <textInput>' . "\n";
            $rss .= '      <title>' . $textInput->title . '</title>' . "\n";
            $rss .= '      <description>' . $textInput->description . '</description>' . "\n";
            $rss .= '      <name>' . $textInput->name . '</name>' . "\n";
            $rss .= '      <link>' . $textInput->link . '</link>' . "\n";
            $rss .= '    </textInput>' . "\n";
        }
        if (!empty($channel->cloud_domain) || !empty($channel->cloud_path) || !empty($channel->cloud_registerProcedure) || !empty($channel->cloud_protocol)) {
            $rss .= '    <cloud domain="' . $channel->cloud_domain . '" ';
            $rss .= 'port="' . $channel->cloud_port . '" path="' . $channel->cloud_path . '" ';
            $rss .= 'registerProcedure="' . $channel->cloud_registerProcedure . '" ';
            $rss .= 'protocol="' . $channel->cloud_protocol . '" />' . "\n";
        }
        if (!empty($channel->extraXML)) {
            $rss .= $channel->extraXML . "\n";
        }
        foreach ($channel->items as $item) {
            $rss .= '    <item>' . "\n";
            if (!empty($item->title)) {
                $rss .= '      <title>' . $item->title . '</title>' . "\n";
            }
            if (!empty($item->description)) {
                $rss .= '      <description>' . $item->description . '</description>' . "\n";
            }
            if (!empty($item->link)) {
                $rss .= '      <link>' . $item->link . '</link>' . "\n";
            }
            if (!empty($item->pubDate)) {
                $rss .= '      <pubDate>' . $item->pubDate . '</pubDate>' . "\n";
            }
            if (!empty($item->author)) {
                $rss .= '      <author>' . $item->author . '</author>' . "\n";
            }
            if (!empty($item->comments)) {
                $rss .= '      <comments>' . $item->comments . '</comments>' . "\n";
            }
            if (!empty($item->guid)) {
                $rss .= '      <guid isPermaLink="';
                $rss .= ($item->guid_isPermaLink ? 'true' : 'false') . '">';
                $rss .= $item->guid . '</guid>' . "\n";
            }
/*            if (!empty($item->source_url)) {
                $rss .= '      <source url="' . $item->source_url . '">';
                $rss .= $item->source . '</source>' . "\n";
            }
*/            if (!empty($item->source)) {
                $rss .= '      <source url="' . $item->source_url . '">';
                $rss .= $item->source . '</source>' . "\n";
            }
            if (!empty($item->enclosure_url) || !empty($item->enclosure_type)) {
                $rss .= '      <enclosure url="' . $item->enclosure_url . '" ';
                $rss .= 'length="' . $item->enclosure_length . '" ';
                $rss .= 'type="' . $item->enclosure_type . '" />' . "\n";
            }
            foreach ($item->categories as $category) {
                $rss .= '      <category';
                if (!empty($category['domain'])) {
                    $rss .= ' domain="' . $category['domain'] . '"';
                }
                $rss .= '>' . $category['name'] . '</category>' . "\n";
            }
			$rss .= '  </channel>' . "\r";
			return $rss .= '</rss>';
		}
    }

}

class rssGenerator_channel
{
    var $atomLinkHref = '';
    var $title = '';
    var $link = '';
    var $description = '';
    var $language = '';
    var $copyright = '';
    var $managingEditor = '';
    var $webMaster = '';
    var $pubDate = '';
    var $lastBuildDate = '';
    var $categories = array();
    var $generator = '';
    var $docs = '';
    var $ttl = '';
    var $image = '';
    var $textInput = '';
    var $skipHours = array();
    var $skipDays = array();
    var $cloud_domain = '';
    var $cloud_port = '80';
    var $cloud_path = '';
    var $cloud_registerProcedure = '';
    var $cloud_protocol = '';
    var $items = array();
    var $extraXML = '';

}

class rssGenerator_image
{
    var $url = '';
    var $title = '';
    var $link = '';
    var $width = '88';
    var $height = '31';
    var $description = '';

}

class rssGenerator_textInput
{
    var $title = '';
    var $description = '';
    var $name = '';
    var $link = '';

}

class rssGenerator_item
{
    var $title = '';
    var $description = '';
    var $link = '';
    var $author = '';
    var $pubDate = '';
    var $comments = '';
    var $guid = '';
    var $guid_isPermaLink = true;
    var $source = '';
    var $source_url = '';
    var $enclosure_url = '';
    var $enclosure_length = '0';
    var $enclosure_type = '';
    var $categories = array();

}

?>

Of course, all is not lost, because I have learned a great deal about other matters in the process.  Simply I have now wasted two days trying to figure out why the createFeed( ) function is not doing its job.  As of yet, I still have not received a reply from the author.

Link to comment
Share on other sites

If you want to know what those first 2 lines in createFeed are doing, then add the echo statement after those lines to print the variable.  It's not a global variable, it's only available inside that method.

That code is definitely old, PHP 5 does not use var to define class properties.

Link to comment
Share on other sites

OK. I eliminated the var keyword and am now seeing the following parsing error when I go to load the class file. 

Parse error: parse error, expecting `"function (T_FUNCTION)"' in /Users/kiusau/vendor/phpclasses/rssgen2_0/rss_generator.inc.php on line 20

Is it because the class name is not capitalized?

Edited by iwato
Link to comment
Share on other sites

No, it is not because of capitalization.  I changed all class names to names beginning with caps.  It made no difference.  The error message was the same.

 

Link to comment
Share on other sites

You have to replace "var" with "public," "private," or "protected", as far as I know, you can't do variable assignments directly inside a class definition.

Link to comment
Share on other sites

I have now experimented with my third RSS library, and the same problem persists.  Fortunately, I believe to have discovered the true source of the problem -- Safari and my RSS Bot feed reader.  They are swallowing my code.

Each time I execute a piece of software that is suppose to produce an XML/RSS document either Safari or my RSS Bot software intervenes and asks me whether I want to add it to my list of feeds. Whether I answer yes or know, when I go to open the page that results in the XML document, there is nothing there. At best, I can read the source PHP code that creates the page using PHP's show_source( ) function.

Even when I perform a search on my machine for the whereabouts of the XML/RSS files that my RSS Bot software has consumed nothing appears.

is there not someway for me to fool my RSS feed readers into ignoring my newly created feeds?

I have been trying to automate my RSS feed creation for nearly three weeks and have learned quite a bit, but when I cannot see the result of my effort, it is very frustrating.  Help!

Roddy

Edited by iwato
Link to comment
Share on other sites

At minimum I have finally found an RSS Feed writer that is well assembled -  FeedWriter by Anis Uddin Ahmad and Michael Bremmer.  I can recommend very highly.

Link to comment
Share on other sites

Fortunately, I have discovered a way to view my XML feed documents.  I use Google's Chrome browser.

I do have another question about security and the activation of my feed.

BACKGROUND:  For the moment I am able to generate an RSS2 feed automatically by downloading information from my website's database and processing it using the methods and properties of a PHP library called FeedWriter.  The PHP document that processes my RSS2 feed resides locally and is only available to the internet when I am online.  My goal is to make it available on my website's host server.

CURRENT PROCEDURE

1) Upload the information required to produce a new item to a MySQL database located on my site's host server.

2) Download the information sent to the database onto my local machine and create the XML/RSS2 feed document.

3) Upload the newly produced XML/RSS2 feed document to my website.

MY GOAL:  What I would like to do is simply upload the information to my MySQL database and generate the new feed automatically.

CONSIDERATION

1)  All that is necessary to produce a new feed is to add a new entry to my database and make a call to  the PHP file that creates the RSS2 feed.  Once the call is made the new RSS2 feed appears in the same document window in which the PHP code that produces it resides.  New header information is generated and replaces the old.

2)  Were I to place the PHP document that creates the feed on my website would I be producing a security risk?

 

Link to comment
Share on other sites

<?php
	ini_set('display_errors', 1);
	ini_set('display_startup_errors', 1);
	error_reporting(E_ALL);
	$host = "...";
	$user = "...";
	$pwd = "...";
	$mysqli_obj = new mysqli($host, $user, $pwd);
	if (!$mysqli_obj->set_charset("utf8")) {
		printf("Error loading character set utf8: %s\n", $mysqli_obj->error);
		exit();
	} else {
		$mysqli_obj->character_set_name();
	}
	$db = "...";
	$mysqli_obj->select_db($db);
	$tbl_name = '...';
	$sql_1 = "SELECT * FROM ". $tbl_name . " ORDER BY channel_pubdate DESC LIMIT 1";
	$chan_arr = array(); 
	$result_obj = $mysqli_obj->query($sql_1);
	while($row = $result_obj->fetch_assoc()) {
		foreach($row as $key => $value) {
			$chan_arr[$key] = $value;
		}
	}
	$chan_image = array(
		"title" => $chan_arr['channel_img_title'],
		"url" => $chan_arr['channel_img_url'],
		"link" => $chan_arr['channel_img_link'],
		"width" => $chan_arr['channel_img_width'],
		"height" => $chan_arr['channel_img_height'],
		"description" => $chan_arr['channel_img_description']
	);
	foreach ($chan_arr as $key => $value) {
			if ($key == 'channel_category1') {
				$chancat_name[] = $value;
				$chancat_domain[] = '';
			}
			if ($key == 'channel_category2') {
				$chancat_name[] = $value;
				$chancat_domain[] = '';
			}
			if ($key == 'channel_category3') {
				$chancat_name[] = $value;
				$chancat_domain[] = '';
			}
	}
	$tbl_name = '...';
	$sql_1 = "SELECT * FROM ". $tbl_name . " ORDER BY item_pubdate DESC LIMIT 5";
	$item_arr = array(); 
	$result_obj = $mysqli_obj->query($sql_1);
	while($row = $result_obj->fetch_assoc()) {
		foreach($row as $key => $value) {
			$item_arr[$key] = $value;
		}
		$items[] = $item_arr;
	}
	$tbl_name = 'rss2_podcast_itunes';
	$sql_1 = "SELECT * FROM ". $tbl_name . " ORDER BY publish_date_itunes DESC LIMIT 5";
	$itunes_arr = array(); 
	$result_obj = $mysqli_obj->query($sql_1);
	while($row = $result_obj->fetch_assoc()) {
		foreach($row as $key => $value) {
			$itunes_arr[$key] = $value;
		}
		$itunes[] = $itunes_arr;
	}
	use FeedWriter\RSS2;
	require_once("/Users/.../vendor/autoload.php");
	$rss2 = new RSS2();	
	$prefix = 'itunes';
	$uri = 'http://www.itunes.com/dtds/podcast-1.0.dtd';
	$rss2->addNamespace($prefix,$uri);
	$href_atom = 'http://www.grammarcaptive.com/filepath.xml';
	$rel_atom = 'feed';
	$type_atom = 'application/x.atom+xml';
	$hreflang_atom = 'en';
	$title_atom = 'Grammar Captive Weekly Podcast';
	$length_atom = NULL;
	$rss2->setATOMLink($href_atom,$rel_atom,$type_atom,$hreflang_atom,$title_atom,NULL);
	$rss2->setTitle($chan_arr['channel_title']);
	$rss2->setLink($chan_arr['channel_link']);
	$rss2->setDescription($chan_arr['channel_description']);
	$rss2->setChannelElement('image',$chan_image,NULL,true);
	$i=0;
	$domain = ['domain'=>''];
	$length = count($chancat_name);
	while ($i < $length) {
		$rss2->setChannelElement('category',$chancat_name[$i],$domain, true);
		$i++;
	}
	$tags = ['copyright'];
	$rss2->addCDATAEncoding($tags);
	$rss2->setChannelElement('copyright',$chan_arr['channel_copyright'],NULL,false);
	$rss2->setChannelElement('language',$chan_arr['channel_language'],NULL,false);
	$rss2->setChannelElement('webMaster',$chan_arr['channel_webmaster'],NULL,false);
	$rss2->setDate($chan_arr['channel_lastbuilddate']);
	$rss2->addGenerator();
	$i = 0;
	$length = count($items);
	while ($i < $length) {
		foreach ($items as $key => $value) {
			$item = $rss2->createNewItem();
			$item->setTitle($items[$i]['item_title']);
			$item->setLink($items[$i]['item_link']);
			$item->setDate($items[$i]['item_pubdate']);
			$item->setDescription($items[$i]['item_description']);
			$item->setId($items[$i]['item_guid'],false);
			$item->addEnclosure($items[$i]['item_enclurl'],$items[$i]['item_encllength'],$items[$i]['item_encltype'],false);
			$item->setAuthor($items[$i]['item_author'],$itunes[$i]['itunes_email'],NULL);
			$source_url = ['url' => $items[$i]['item_source']];
			$item->addElement('source',$chan_arr['channel_title'],$source_url,false,false);
			$item->addElement('comments',$items[$i]['item_comments'],NULL,false,false);
		}
		$newItems[] = $item;
		$i++;
	}
	foreach ($newItems as $item) {
		$rss2->addItem($item);
	}
	$rss2->printFeed(true);

On the one hand, it appears that security is not  an issue because I merely read and execute based upon what I have read.  At no time do I write except to publish the final result.  On the other hand, PHP files can easily be read using PHP functions such as the show_source( ) method.  As Ingolme pointed out already many days ago.  If I can see the file on the internet, then others are likely able to see it to.  

Link to comment
Share on other sites

On the other hand, PHP files can easily be read using PHP functions such as the show_source( ) method.  As Ingolme pointed out already many days ago.  If I can see the file on the internet, then others are likely able to see it to.  

You can't look at the source code of arbitrary PHP files.  This forum is using index.php, can you see the code for it?

Depending on where your data comes from, the only issues with that might be something like XSS, but I'm not sure if XSS applies in an RSS feed (I don't know if the Javascript code will get executed).

Link to comment
Share on other sites

  • 2 weeks later...

If I have understood correctly.  The PHP show_source( ) method only works because the method is called within the same domain name as the file that it calls.  Am I correct?

Link to comment
Share on other sites

It only shows the source of files in the same local filesystem, regardless of domain name. If, for some reason, it did load a file from a URL it would only be able to show what was returned by that URL through HTTP.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...