// Help prevent register_globals injection define('VISIOLIST', 1); $CONF = array(); $FORM = array(); $TMPL = array(); // Set encoding for multi-byte string functions mb_internal_encoding("UTF-8"); // Change the path to your full path if necessary $CONF['path'] = '.'; // Connect to the database require_once("{$CONF['path']}/settings_sql.php"); require_once("{$CONF['path']}/sources/sql/{$CONF['sql']}.php"); $DB = "sql_{$CONF['sql']}"; $DB = new $DB; $DB->connect($CONF['sql_host'], $CONF['sql_username'], $CONF['sql_password'], $CONF['sql_database']); // Settings $settings = $DB->fetch("SELECT * FROM {$CONF['sql_prefix']}_settings", __FILE__, __LINE__); $CONF = array_merge($CONF, $settings); // Combine the GET and POST input $FORM = array_merge($_GET, $_POST); // The language file $LNG['charset'] = "utf-8"; require_once("{$CONF['path']}/languages/english.php"); require_once("{$CONF['path']}/languages/{$CONF['default_language']}.php"); if($CONF['clean_url'] == 1) { $TMPL['url_tail'] = '/'; $TMPL['url_helper_a'] = '/'; $TMPL['url_helper_u'] = '/'; $TMPL['url_helper_cat'] = '/category/'; }else{ $TMPL['url_tail'] = ''; $TMPL['url_helper_a'] = '/?a='; $TMPL['url_helper_u'] = '&u='; $TMPL['url_helper_cat'] = '/?cat='; } $result = $DB->query("SELECT category, skin FROM {$CONF['sql_prefix']}_categories ORDER BY category", __FILE__, __LINE__); while (list($category, $skin) = $DB->fetch_array($result)) { $CONF['categories'][$category] = $skin; } // Does FORM['cat'] exist? foreach ($CONF['categories'] as $cat => $skin) { // Unchanged category name array $category_name[] = $cat; // Rewrite category name to structure of category links $category_match[] = preg_replace('/((\&)|(\s))+/', '-', $cat); // Combine name and match, so we can use it to compare $category_combined = array_combine($category_name, $category_match); // See if $FORM cat match value from combined array ($category_match) // This assures that $FORM cat = category_match, therefore we have our needed CONF category // Use tag below to validate category in url instead of isset $TMPL['cat_exist'] = array_search($FORM['cat'], $category_combined); } // Get the category, default to no category if ($TMPL['cat_exist']) { $TMPL['category'] = $TMPL['cat_exist']; $category_escaped = $DB->escape($TMPL['category']); $category_sql = "AND category = '{$category_escaped}'"; $category_text = preg_replace('/((\&)|(\s))+/', ' ', $TMPL['cat_exist']); $category_url_prepare = preg_replace('/((\&)|(\s))+/', '-', $TMPL['cat_exist']); $category_url = $TMPL['url_helper_cat'].$category_url_prepare.$TMPL['url_tail']; } else { $category_text = $LNG['main_all']; $category_sql = ''; $category_url = ''; } $category_text = htmlspecialchars($category_text,ENT_QUOTES, "UTF-8"); $CONF['list_url'] = htmlspecialchars($CONF['list_url'],ENT_QUOTES, "UTF-8"); $CONF['list_name'] = htmlspecialchars($CONF['list_name'],ENT_QUOTES, "UTF-8"); // Make ORDER BY clause require_once("{$CONF['path']}/sources/misc/classes.php"); $order_by = base::rank_by()." DESC"; header('Content-Type: application/xml'); echo ""; // Get the category, default to no category if ($TMPL['cat_exist']) { $TMPL['category'] = $TMPL['cat_exist']; $category_escaped = $DB->escape($TMPL['category']); $category_text = preg_replace('/[\&|\s]+/', ' ', $TMPL['cat_exist']); $category_sql = "AND category = '{$category_escaped}'"; } $result = $DB->select_limit("SELECT * FROM {$CONF['sql_prefix']}_sites sites, {$CONF['sql_prefix']}_stats stats WHERE sites.username = stats.username AND active = 1 {$category_sql} ORDER BY {$order_by} ", 10, 0, __FILE__, __LINE__); ?> <?php echo "{$CONF['list_name']} - {$category_text}"; ?> http://blogs.law.harvard.edu/tech/rss Visiolist Topsites <?php echo "{$CONF['list_name']} - {$category_text}"; ?> / fetch_array($result); $rank++) { $row['title'] = htmlspecialchars($row['title'],ENT_QUOTES, "UTF-8"); $row['description'] = htmlspecialchars($row['description'],ENT_QUOTES, "UTF-8"); ?> <?php echo $rank . ' - ' . $row['title']; ?> /index.php?a=out&u=&go=1