1<?php 2 3# token required, since this should only get accessed from rsync.php.net 4if (!isset($_REQUEST['token']) || md5($_REQUEST['token']) != "19a3ec370affe2d899755f005e5cd90e") 5 die("token not correct."); 6 7// Changed old mysql_* stuff to PDO 8try { 9 $dbh = new PDO('mysql:host=localhost;dbname=phpmasterdb', 'nobody', ''); 10 $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 11 $dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, 0); 12} catch (PDOException $e) { 13 // Old error handling was to simply exit. Do we want to log anything here??? 14 exit; 15} 16 17try { 18 $query = "SELECT DISTINCT note.id,note.sect,note.user,note.note,UNIX_TIMESTAMP(note.ts) AS ts,"; 19 $query .= "SUM(votes.vote) AS up, (COUNT(votes.vote) - SUM(votes.vote)) AS down,"; 20 $query .= "ROUND((SUM(votes.vote) / COUNT(votes.vote)) * 100) AS rate"; 21 $query .= " FROM note"; 22 $query .= " LEFT JOIN (votes) ON (note.id = votes.note_id)"; 23 //Only select notes that have been approved 24 $query .= " WHERE note.status is NULL"; 25 $query .= " GROUP BY note.id"; 26 $query .= " ORDER BY note.sect,ts DESC"; 27 28 $stmt = $dbh->prepare($query); 29 $stmt->execute(); 30} catch (PDOException $e) { 31 // Old error handling was to simply exit. Do we want to log anything here??? 32 exit; 33} 34 35// Print out a row for all notes, obfuscating the 36// email addresses as needed 37while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { 38 $user = $row['user']; 39 $row['rate'] = empty($row['rate']) ? 0 : $row['rate']; 40 if ($user != "php-general@lists.php.net" && $user != "user@example.com") { 41 if (preg_match("!(.+)@(.+)\.(.+)!", $user)) { 42 $user = str_replace(['@', '.'], [' at ', ' dot '], $user); 43 } 44 } else { 45 $user = ''; 46 } 47 // Output here 48 echo "$row[id]|$row[sect]|$row[rate]|$row[ts]|$user|", 49 base64_encode(gzcompress($row['note'],3)),"|$row[up]|$row[down]\n"; 50} 51
