-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathgetposts.php
More file actions
33 lines (31 loc) · 1.17 KB
/
getposts.php
File metadata and controls
33 lines (31 loc) · 1.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
<?php
header("Content-type: text/xml");
echo chr(60) . chr(63) . 'xml version="1.0" encoding="utf-8" ' . chr(63) . chr(62);
?>
<list>
<?php
$ttl = isset($_GET['title']) ? urldecode($_GET['title']): "";
$hostname = "localhost";
$username = "db";
$password = "db";
$dbName = "forum";
mysql_connect($hostname, $username, $password) OR DIE("unable to connect to database ");
mysql_select_db($dbName) or die(mysql_error());
$topicstable = "topics";
$usrtable = "users";
$query = "SELECT * FROM $topicstable WHERE title LIKE '%$ttl%' ";
$result = mysql_query($query);
while ($topics = mysql_fetch_array($result)) {
echo '<post>';
$creator = $topics['creator'];
$usr = mysql_query("SELECT * FROM $usrtable WHERE id=$creator");
$usr = mysql_fetch_array($usr)['nick'];
$dt = $topics['creationdate'];
echo '<title>' . htmlspecialchars($topics['title']) . '</title>';
echo '<creator>' . htmlspecialchars($usr) . '</creator>';
echo '<date>' . htmlspecialchars($dt) . '</date>';
echo '<id>' . htmlspecialchars($topics['id']) . '</id>';
echo '</post>';
}
?>
</list>