<?php if (isset($_GET['page'])) { include_once "../include/db.php"; $db = new Database(); $db->qry("SELECT name, url FROM pages WHERE enabled = 1"); $foundEntry = false; while ($row = $db->fetchLast()) { if ($_GET['page'] == $row['name']) { $foundEntry = true; if (file_exists($row['url'])) { include $row['url']; } else { header("page in db does not exist", true, 501); } } } if (!$foundEntry) { header("invalid page link", true, 404); } //this will not run if page is already included } else { header("accessed page directly", true, 500); }
<?php //header header("content-type: text/xml"); //includes include_once "../include/db.php"; //create objects $newObj = new Database(); echo "<?xml version=\"1.0\" ?>"; //suggested output: echo "<shoutbox>"; $query = $newObj->qry("SELECT users.username as username, shoutbox.time as time, shoutbox.message as message FROM users,shoutbox WHERE shoutbox.uid = users.id ORDER BY time DESC LIMIT 0,5"); while ($values = $newObj->fetchLast()) { echo "<message><user>{$values['username']}</user><time>{$values['time']}</time><content>{$values['message']}</content></message>"; } echo "</shoutbox>";