<?php
if (isset($_GET['page'])) {
include_once "../include/db.php";
$db = new Database();
$db->qry("SELECT name, url FROM pages WHERE enabled = 1");
$foundEntry = false;
while ($row = $db->fetchLast()) {
if ($_GET['page'] == $row['name']) {
$foundEntry = true;
if (file_exists($row['url'])) {
include $row['url'];
} else {
header("page in db does not exist", true, 501);
}
}
}
if (!$foundEntry) {
header("invalid page link", true, 404);
}
//this will not run if page is already included
} else {
header("accessed page directly", true, 500);
}
<?php
//header
header("content-type: text/xml");
//includes
include_once "../include/db.php";
//create objects
$newObj = new Database();
echo "<?xml version=\"1.0\" ?>";
//suggested output:
echo "<shoutbox>";
$query = $newObj->qry("SELECT users.username as username, shoutbox.time as time, shoutbox.message as message FROM users,shoutbox WHERE shoutbox.uid = users.id ORDER BY time DESC LIMIT 0,5");
while ($values = $newObj->fetchLast()) {
echo "<message><user>{$values['username']}</user><time>{$values['time']}</time><content>{$values['message']}</content></message>";
}
echo "</shoutbox>";
