<?php
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
header('Content-Type: text/xml; charset=utf-8');
@define('IN_RSS', true);
include('serendipity_config.inc.php');
include(S9Y_INCLUDE_PATH . 'include/functions_rss.inc.php');
if ($serendipity['cors']) {
header('Access-Control-Allow-Origin: *'); // Allow RSS feeds to be read by javascript
}
$version = $_GET['version'] ?? '';
$description = $serendipity['blogDescription'];
$title = $serendipity['blogTitle'];
$comments = FALSE;
if (empty($version)) {
list($version) = serendipity_discover_rss($_GET['file'] ?? null, $_GET['ext'] ?? null);
} else {
# be sure it is an allowed version, to prevent attackers sniffing for unrelated files on the file system
$allowed_versions = ['opml1.0', '0.91', '1.0', '2.0', 'atom0.3', 'atom1.0'];
if (! in_array($version, $allowed_versions, true)) {
header('Status: 404 Not Found');
exit;
}
}
if (isset($_GET['category'])) {
$serendipity['GET']['category'] = $_GET['category'];
}
if (isset($_GET['viewAuthor'])) {
$serendipity['GET']['viewAuthor'] = $_GET['viewAuthor'];
}
if (!isset($_GET['type'])) {
$_GET['type'] = 'content';
}
if (!empty($_SERVER['HTTP_USER_AGENT']) && stristr($_SERVER['HTTP_USER_AGENT'], 'feedburner')) {
$_GET['nocache'] = true;
}
$serendipity['view'] = 'feed';
switch ($_GET['type']) {
case 'comments_and_trackbacks':
case 'trackbacks':
case 'comments':
$latest_entry = serendipity_fetchComments(isset($_GET['cid']) ? $_GET['cid'] : null, 1, 'co.id desc', false, $_GET['type']);
break;
case 'content':
default:
$latest_entry = serendipity_fetchEntries(null, false, 1, false, false, 'last_modified DESC', '', false, true);
break;
}
if (!isset($_GET['nocache'])) {
/*
* Caching logic - Do not send feed if nothing has changed
* Implementation inspired by Simon Willison [http://simon.incutio.com/archive/2003/04/23/conditionalGet], Thiemo Maettig
*/
// See if the client has provided the required headers.
// Always convert the provided header into GMT timezone to allow comparing to the server-side last-modified header
$modified_since = !empty($_SERVER['HTTP_IF_MODIFIED_SINCE'])
? gmdate('D, d M Y H:i:s \G\M\T', strtotime(stripslashes($_SERVER['HTTP_IF_MODIFIED_SINCE'])))
: false;
$none_match = !empty($_SERVER['HTTP_IF_NONE_MATCH'])
? str_replace('"', '', stripslashes($_SERVER['HTTP_IF_NONE_MATCH']))
: false;
if (is_array($latest_entry) && isset($latest_entry[0]['last_modified'])) {
$last_modified = gmdate('D, d M Y H:i:s \G\M\T', serendipity_serverOffsetHour($latest_entry[0]['last_modified'], false));
$etag = '"' . $last_modified . '"';
header('Last-Modified: ' . $last_modified);
header('ETag: ' . $etag);
if (($none_match == $last_modified && $modified_since == $last_modified) ||
(!$none_match && $modified_since == $last_modified) ||
(!$modified_since && $none_match == $last_modified)) {
header('HTTP/1.0 304 Not Modified');
header('Status: 304 Not Modified');
return;
}
}
}
if (isset($modified_since) &&
(stristr($_SERVER['HTTP_USER_AGENT'], 'planet') !== FALSE || $serendipity['enforce_RFC2616'])) {
// People shall get a usual HTTP response according to RFC2616. See serendipity_config.inc.php for details
$modified_since = FALSE;
}
switch ($_GET['type']) {
case 'comments_and_trackbacks':
case 'trackbacks':
case 'comments':
$entries = serendipity_fetchComments(isset($_GET['cid']) ? $_GET['cid'] : null, (int)$serendipity['RSSfetchLimit'], 'co.id desc', false, $_GET['type']);
$description = $title . ' - ' . $description;
if (isset($_GET['cid'])) {
$title = $title . ' - ' . COMMENTS_FROM . ' "' . $latest_entry[0]['title'] . '"';
} else {
$title = $title . ' - ' . COMMENTS;
}
$comments = TRUE;
break;
case 'content':
default:
if (isset($_GET['all']) && $_GET['all']) {
// Fetch all entries in reverse order for later importing. Fetch sticky entries as normal entries.
$entries = serendipity_fetchEntries(null, true, '', false, false, 'id ASC', '', false, true);
} else {
$entries = serendipity_fetchEntries(null, true, $serendipity['RSSfetchLimit'], false, (isset($modified_since) ? $modified_since : false), 'timestamp DESC', '', false, true);
}
break;
}
if (isset($serendipity['serendipityRealname'])) {
$title .= ' (' . LOGIN . ': ' . $serendipity['serendipityRealname'] . ')';
}
if (!empty($serendipity['GET']['category'])) {
$cInfo = serendipity_fetchCategoryInfo((int)$serendipity['GET']['category']);
$title = serendipity_utf8_encode(serendipity_specialchars($title . ' - '. $cInfo['category_name']));
} elseif (!empty($serendipity['GET']['viewAuthor'])) {
list($aInfo) = serendipity_fetchAuthor((int)$serendipity['GET']['viewAuthor']);
$title = serendipity_utf8_encode(serendipity_specialchars($aInfo['realname'] . ' - '. $title ));
} else {
$title = serendipity_utf8_encode(serendipity_specialchars($title));
}
$description = serendipity_utf8_encode(serendipity_specialchars($description));
$metadata = array(
'title' => $title,
'description' => $description,
'language' => $serendipity['lang'],
'additional_fields' => array(),
'link' => $serendipity['baseURL'],
'email' => $serendipity['blogMail'],
'fullFeed' => false,
'showMail' => false,
'version' => $version
);
if (serendipity_get_config_var('feedBannerURL') != '') {
$img = serendipity_get_config_var('feedBannerURL');
$w = serendipity_get_config_var('feedBannerWidth');
$h = serendipity_get_config_var('feedBannerHeight');
} elseif (($banner = serendipity_getTemplateFile('img/rss_banner.png', 'serendipityPath'))) {
$img = serendipity_getTemplateFile('img/rss_banner.png', 'baseURL');
$i = getimagesize($banner);
$w = $i[0];
$h = $i[1];
} else {
$img = serendipity_getTemplateFile('img/s9y_banner_small.png', 'baseURL');
$w = 100;
$h = 21;
}
$metadata['additional_fields']['image'] = <<<IMAGE
<image>
<url>$img</url>
<title>RSS: $title - $description</title>
<link>{$serendipity['baseURL']}</link>
<width>$w</width>
<height>$h</height>
</image>
IMAGE;
$metadata['additional_fields']['image_atom1.0'] = <<<IMAGE
<icon>$img</icon>
IMAGE;
$metadata['additional_fields']['image_rss1.0_channel'] = '<image rdf:resource="' . $img . '" />';
$metadata['additional_fields']['image_rss1.0_rdf'] = <<<IMAGE
<image rdf:about="$img">
<url>$img</url>
<title>RSS: $title - $description</title>
<link>{$serendipity['baseURL']}</link>
<width>$w</width>
<height>$h</height>
</image>
IMAGE;
// Now, if set, stitch together any fields that have been configured in the syndication plugin.
// First, do some sanity checks
$metadata['additional_fields']['channel'] = '';
$rssFields = array('feedManagingEditor' => 'managingEditor', 'feedWebmaster' => 'webMaster', 'feedTtl' => 'ttl', 'feedPubDate' => 'pubDate');
foreach( $rssFields as $configName => $field) {
$fieldValue = serendipity_get_config_var($configName);
switch($field) {
case 'pubDate':
if (serendipity_db_bool($fieldValue)) {
$fieldValue = gmdate('D, d M Y H:i:s \G\M\T', $entries[0]['last_modified']);
} else {
$fieldValue = '';
}
break;
// Each new RSS-field which needs rewrite of its content should get its own case here.
default:
break;
}
if ($fieldValue != '') {
$metadata['additional_fields']['channel'] .= '<' . $field . '>' . $fieldValue . '</' . $field . '>' . "\n";
}
}
if (is_array($metadata['additional_fields'])) {
// Fix up array keys, because "." are not allowed when wanting to output using Smarty
foreach($metadata['additional_fields'] AS $_aid => $af) {
$aid = str_replace('.', '', $_aid);
$metadata['additional_fields'][$aid] = $af;
}
}
$metadata['fullFeed'] = serendipity_get_config_var('feedFull', false);
if ($metadata['fullFeed'] === 'client') {
if ($_GET['fullFeed'] || $serendipity['GET']['fullFeed']) {
$metadata['fullFeed'] = true;
} else {
$metadata['fullFeed'] = false;
}
}
if ($_GET['type'] == 'content' &&
!isset($_GET['category']) &&
!isset($serendipity['GET']['tag']) &&
serendipity_db_bool(serendipity_get_config_var('feedForceCustom', false)) &&
!preg_match('@FeedBurn@i', $_SERVER['HTTP_USER_AGENT']) && // the hardcoded pass for feedburner is for BC. New services should just use the forceLocal-param
!isset($_GET['forceLocal'])
) {
header('Status: 302 Found');
header('Location: ' . serendipity_get_config_var('feedCustom'));
exit;
}
$metadata['showMail'] = serendipity_db_bool(serendipity_get_config_var('feedShowMail', $metadata['showMail']));
$file_version = preg_replace('@[^0-9a-z\.-_]@i', '', $version);
$metadata['template_file'] = 'feed_' . $file_version . '.tpl';
serendipity_smarty_init();
serendipity_plugin_api::hook_event('frontend_rss', $metadata);
$self_url = ($_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . serendipity_specialchars($_SERVER['REQUEST_URI']);
if (!is_array($entries)) {
$entries = array();
}
if ($entries[0]['last_modified']) {
$gm_modified = gmdate('Y-m-d\TH:i:s\Z', serendipity_serverOffsetHour($entries[0]['last_modified']));
} else {
$gm_modified = gmdate('Y-m-d\TH:i:s\Z', serendipity_serverOffsetHour());
}
serendipity_printEntries_rss($entries, $version, $comments, $metadata['fullFeed'], $metadata['showMail']);
$namespace_hook = 'frontend_display:unknown:namespace';
$once_display_dat = '';
switch($version) {
case 'opml1.0':
$namespace_hook = 'frontend_display:opml-1.0:namespace';
break;
case '0.91':
$namespace_hook = 'frontend_display:rss-0.91:namespace';
break;
case '1.0':
$namespace_hook = 'frontend_display:rss-1.0:namespace';
serendipity_plugin_api::hook_event('frontend_display:rss-1.0:once', $entries);
$once_display_dat = $entries['display_dat'];
unset($entries['display_dat']);
break;
case '2.0':
$namespace_hook = 'frontend_display:rss-2.0:namespace';
break;
case 'atom0.3':
$namespace_hook = 'frontend_display:atom-0.3:namespace';
break;
case 'atom1.0':
// For people wanting extra RFC compliance
// header('Content-Type: application/atom+xml; charset=utf-8');
$namespace_hook = 'frontend_display:atom-1.0:namespace';
break;
}
serendipity_plugin_api::hook_event($namespace_hook, $entries);
$namespace_display_dat = $entries['display_dat'] ?? null;
$channel_display_dat = $entries['channel_dat'] ?? null;
unset($entries['display_dat']);
unset($entries['channel_dat']);
$serendipity['smarty']->assignByRef('metadata', $metadata);
$serendipity['smarty']->assignByRef('entries', $entries);
$serendipity['smarty']->assignByRef('namespace_display_dat', $namespace_display_dat);
$serendipity['smarty']->assignByRef('channel_display_dat', $channel_display_dat);
$serendipity['smarty']->assignByRef('once_display_dat', $once_display_dat);
$serendipity['smarty']->assign(
array(
'is_comments' => $comments,
'last_modified' => $gm_modified,
'self_url' => $self_url,
)
);
$serendipity['smarty']->display($metadata['template_file']);
/* vim: set sts=4 ts=4 expandtab : */