File: /home/mckernan/public_html/iJournal/includes/journal/statementlist.php
<?php
// list statements
// init database name
$database = DB_PREFIX;
// process request
if ($sid != '')
{
// sid check
require "includes/session/sidck.php";
// init return value
$rv = '<root>' . PHP_EOL;
$rv .= '<statements>' . PHP_EOL;
// fetch database name / open db
if ( isset($_POST['db']) ) $dbn = $_POST['db'];
if ( isset($_GET['db']) ) $dbn = $_GET['db'];
if ($dbn == '') die();
$database .= $dbn;
require "includes/db.php";
// fetch categories
$query = "SELECT per_per FROM periods WHERE NOT ISNULL(per_statements) ORDER BY per_id DESC";
if ($result = $db->query($query))
{
while($row = $result->fetch_assoc())
{
$period = $row['per_per'];
$statement_name = '';
$statement_name = strtolower($period);
$statement_name = str_replace(',', '', $statement_name);
$statement_name = str_replace(' - ', '-', $statement_name);
$statement_name = str_replace(' ', '-', $statement_name);
$rv .= '<statement>' . PHP_EOL;
$rv .= '<period>' . $period . '</period>' . PHP_EOL;
$rv .= '<filename>' . $statement_name . '</filename>' . PHP_EOL;
$rv .= '</statement>' . PHP_EOL;
}
}
// finish output
$rv .= '</statements>' . PHP_EOL;
$rv .= '</root>' . PHP_EOL;
// return data
echo $rv;
die;
}
else
{
header('Server: ');
header('X-Powered-By: ');
header("HTTP/1.0 404 Not Found");
}
?>