Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

RSS Syndication Limited content


vinod41

Recommended Posts

Hello,

 

sometimes back i've installed rss syndication to my os site, which displayes full text, which I lately saw that my content was being hijacked (copied) via feed bots in various vbulletin forum or other places.

 

I want to limit the number of character displayed in my rss feeds so that hijacker may not copy whole work.

Need help

 

Here's the content of my rss.php file located in dicrectory/rss.php

 

<?php
/*
 $Id: rss.php,v 1.22 2007/04/13 13:04:02 hpdl Exp $

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/

require('includes/application_top.php');

$navigation->remove_current_page();

$connection = mysql_connect(DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD) or die('Couldn\'t make connection.');
// Select database
$db = mysql_select_db(DB_DATABASE, $connection) or die(mysql_error());

// If the language is not specified
if ($HTTP_GET_VARS['language'] == '') {
 $lang_query = tep_db_query('select languages_id, code from ' . TABLE_LANGUAGES . ' where directory = \'' . $language . '\'');
} else {
 $cur_language = tep_db_output($HTTP_GET_VARS['language']);
 $lang_query = tep_db_query('select languages_id, code from ' . TABLE_LANGUAGES . ' where code = \'' . $cur_language . '\'');
}

// Recover the code (fr, en, etc) and the id (1, 2, etc) of the current language
if (tep_db_num_rows($lang_query)) {
 $lang_a = tep_db_fetch_array($lang_query);
$lang_code = $lang_a['code'];
$lang_id = $lang_a['languages_id'];
}

// If the default of your catalog is not what you want in your RSS feed, then
// please change this three constants:
// Enter an appropriate title for your website
define(RSS_TITLE, STORE_NAME);
// Enter your main shopping cart link
define(WEBLINK, HTTP_SERVER);
// Enter a description of your shopping cart
define(DESCRIPTION, TITLE);
/////////////////////////////////////////////////////////////
//That's it.  No More Editing (Unless you renamed DB tables or need to switch
//to SEO links (Apache Rewrite URL)
/////////////////////////////////////////////////////////////

$store_name = STORE_NAME;
$rss_title = RSS_TITLE;
$weblink = WEBLINK;
$description = DESCRIPTION;
$email_address = STORE_OWNER_EMAIL_ADDRESS;

// Encoding to UTF-8
$store_name =  utf8_encode ($store_name);
$rss_title =  utf8_encode ($rss_title);
$weblink =  utf8_encode ($weblink);
$description =  utf8_encode ($description);
$email_address =  utf8_encode ($email_address);

// Begin sending of the data
Header('Content-Type: application/xml');
echo '<?xml version="1.0" encoding="UTF-8" ?>' . "\n";
echo '<?xml-stylesheet href="http://www.w3.org/2000/08/w3c-synd/style.css" type="text/css"?>' . "\n";
echo '<!-- RSS for ' . $store_name . ', generated on ' . date(r) . ' -->' . "\n";
?>
<rss version="2.0">
<channel>
<title><?php echo $rss_title; ?></title>
<link><?php echo $weblink;?></link>
<description><?php echo $description; ?></description>
<webMaster><?php echo $email_address; ?></webMaster>
<language><?php echo $lang_code; ?></language>
<lastBuildDate><?php echo date(r); ?></lastBuildDate>
<image>
 <url><?php echo $weblink . '/images/rss_logo.jpg';?></url>
 <title><?php echo $rss_title; ?></title>
 <link><?php echo $weblink;?></link>
 <description><?php echo $description; ?></description>
</image>
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
<?php

// Create SQL statement
$category = $HTTP_GET_VARS['cPath'];
if ($category != '') {
 // Check to see if we are in a subcategory
 if (strrpos($category, '_') > 0) {
$category = substr($category, strrpos($category, '_') + 1, strlen($category));
 }
 $sql = 'SELECT p.products_id, products_model, products_image, products_date_added FROM products p, products_to_categories pc WHERE p.products_id = pc.products_id AND pc.categories_id = \'' . $category . '\' AND products_status=1 AND products_to_rss=1 ORDER BY products_id DESC LIMIT ' . MAX_RSS_ARTICLES;
} else {
 $sql = 'SELECT products_id, products_model, products_image, products_date_added FROM products WHERE products_status=1 AND products_to_rss=1 ORDER BY products_id DESC LIMIT ' . MAX_RSS_ARTICLES;
}

// Execute SQL query and get result
$sql_result = mysql_query($sql,$connection) or die('Couldn\'t execute query.');

// Format results by row
while ($row = mysql_fetch_array($sql_result)) {
 $id = $row['products_id'];

 // RSS Links for Ultimate SEO (Gareth Houston 10 May 2005)
 $link = tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $id, 'NONSSL', false);

 $model = $row['products_model'];
 $image = $row['products_image'];
 $added = date(r,strtotime($row['products_date_added']));

 // Select the names and descriptions of the products
 $sql2 = 'SELECT products_name, products_description FROM products_description WHERE products_id = \'' . $id . '\' AND language_id = \'' . $lang_id . '\' LIMIT 1';
 $sql2_result = mysql_query($sql2,$connection) or die('Couldn\'t execute query.');
 $row2 = mysql_fetch_array($sql2_result);

 // Setting and cleaning the data
 $name = $row2['products_name'];
 $desc = $row2['products_description'];

 // Encoding to UTF-8
 $name = utf8_encode ($name);
 $desc = utf8_encode ($desc);
 $link = utf8_encode ($link);

 // Select the categories of the products
 $sql3 = 'SELECT categories_id FROM products_to_categories WHERE products_id = \'' . $id . '\' LIMIT 1';
 $sql3_result = mysql_query($sql3,$connection) or die('Couldn\'t execute query.');
 $row3 = mysql_fetch_array($sql3_result);

 $cat_id = $row3['categories_id'];

 $sql4 = 'SELECT categories_name FROM categories_description WHERE categories_id = \'' . $cat_id . '\' AND language_id = \'' . $lang_id . '\' LIMIT 1';
 $sql4_result = mysql_query($sql4,$connection) or die('Couldn\'t execute query.');
 $row4 = mysql_fetch_array($sql4_result);

 $cat_name = $row4['categories_name'];

 // Encoding to UTF-8
 $cat_name = utf8_encode ($cat_name);

 // Setting the URLs to the images and buttons
 $relative_image_url = tep_image(DIR_WS_IMAGES . $image, $name, SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT, 'style="float: left; margin: 0px 8px 8px 0px;"');
 $relative_image_url = str_replace('">', '', $relative_image_url);
 $relative_image_url = str_replace('<img src="', '', $relative_image_url);
 $image_url = HTTP_SERVER . DIR_WS_CATALOG . $relative_image_url;

 $relative_buy_url = tep_image_button('button_shopping_cart.gif', IMAGE_BUTTON_IN_CART, 'style="margin: 0px;"');
 $relative_buy_url = str_replace('">', '', $relative_buy_url);
 $relative_buy_url = str_replace('<img src="', '', $relative_buy_url);
 $buy_url = HTTP_SERVER . DIR_WS_CATALOG . $relative_buy_url;

 $relative_button_url = tep_image_button('button_more_info.gif', IMAGE_BUTTON_MORE_INFO, 'style="margin: 0px;"');
 $relative_button_url = str_replace('">', '', $relative_button_url);
 $relative_button_url = str_replace('<img src="', '', $relative_button_url);
 $button_url = HTTP_SERVER . DIR_WS_CATALOG . $relative_button_url;

 // http://www.w3.org/TR/REC-xml/#dt-chardata
 // The ampersand character (&) and the left angle bracket (<) MUST NOT appear in their literal form
 $name = str_replace('&','&',$name);
 $desc = str_replace('&','&',$desc);
 $link = str_replace('&','&',$link);
 $cat_name = str_replace('&','&',$cat_name);

 $name = str_replace('<','<',$name);
 $desc = str_replace('<','<',$desc);
 $link = str_replace('<','<',$link);
 $cat_name = str_replace('<','<',$cat_name);

 $name = str_replace('>','>',$name);
 $desc = str_replace('>','>',$desc);
 $link = str_replace('>','>',$link);
 $cat_name = str_replace('>','>',$cat_name);

 // Writing the output
 echo '<item>' . "\n";
 echo '  <title>' . $name . '</title>' . "\n";
 echo '  <category>' . $cat_name . '</category>' . "\n";
 echo '  <link>' . $link . '</link>' . "\n";
 echo '  <description>' . "\n";
 if ($image != '') {
 echo '<![CDATA[<a href="' . $link . '"><img src="' . $image_url . '"></a>]]>';
 }
 echo $desc;
 echo '<![CDATA[<br><br><a href="' . tep_href_link(FILENAME_PRODUCT_INFO, tep_get_all_get_params(array('action')) . 'action=buy_now&products_id=' . $id) . '"><img src="' . $buy_url . '" border="0"></a> ]]>';
 echo '<![CDATA[<a href="' . $link . '"><img src="' . $button_url . '" border="0"></a>]]>' . "\n";
 echo '  </description>' . "\n";
 echo '  <guid>' . $link . '</guid>' . "\n";
 echo '  <pubDate>' . $added . '</pubDate>' . "\n";
 echo '</item>' . "\n";
}
// Free resources and close connection
mysql_free_result($sql_result);
mysql_close($connection);
?>
</channel>
</rss>

Link to comment
Share on other sites

I was expecting some replies... :rolleyes:

 

Hello,

 

sometimes back i've installed rss syndication to my os site, which displayes full text, which I lately saw that my content was being hijacked (copied) via feed bots in various vbulletin forum or other places.

 

I want to limit the number of character displayed in my rss feeds so that hijacker may not copy whole work.

Need help

 

Here's the content of my rss.php file located in dicrectory/rss.php

 

<?php
/*
 $Id: rss.php,v 1.22 2007/04/13 13:04:02 hpdl Exp $

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/

require('includes/application_top.php');

$navigation->remove_current_page();

$connection = mysql_connect(DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD) or die('Couldn\'t make connection.');
// Select database
$db = mysql_select_db(DB_DATABASE, $connection) or die(mysql_error());

// If the language is not specified
if ($HTTP_GET_VARS['language'] == '') {
 $lang_query = tep_db_query('select languages_id, code from ' . TABLE_LANGUAGES . ' where directory = \'' . $language . '\'');
} else {
 $cur_language = tep_db_output($HTTP_GET_VARS['language']);
 $lang_query = tep_db_query('select languages_id, code from ' . TABLE_LANGUAGES . ' where code = \'' . $cur_language . '\'');
}

// Recover the code (fr, en, etc) and the id (1, 2, etc) of the current language
if (tep_db_num_rows($lang_query)) {
 $lang_a = tep_db_fetch_array($lang_query);
$lang_code = $lang_a['code'];
$lang_id = $lang_a['languages_id'];
}

// If the default of your catalog is not what you want in your RSS feed, then
// please change this three constants:
// Enter an appropriate title for your website
define(RSS_TITLE, STORE_NAME);
// Enter your main shopping cart link
define(WEBLINK, HTTP_SERVER);
// Enter a description of your shopping cart
define(DESCRIPTION, TITLE);
/////////////////////////////////////////////////////////////
//That's it.  No More Editing (Unless you renamed DB tables or need to switch
//to SEO links (Apache Rewrite URL)
/////////////////////////////////////////////////////////////

$store_name = STORE_NAME;
$rss_title = RSS_TITLE;
$weblink = WEBLINK;
$description = DESCRIPTION;
$email_address = STORE_OWNER_EMAIL_ADDRESS;

// Encoding to UTF-8
$store_name =  utf8_encode ($store_name);
$rss_title =  utf8_encode ($rss_title);
$weblink =  utf8_encode ($weblink);
$description =  utf8_encode ($description);
$email_address =  utf8_encode ($email_address);

// Begin sending of the data
Header('Content-Type: application/xml');
echo '<?xml version="1.0" encoding="UTF-8" ?>' . "\n";
echo '<?xml-stylesheet href="http://www.w3.org/2000/08/w3c-synd/style.css" type="text/css"?>' . "\n";
echo '<!-- RSS for ' . $store_name . ', generated on ' . date(r) . ' -->' . "\n";
?>
<rss version="2.0">
<channel>
<title><?php echo $rss_title; ?></title>
<link><?php echo $weblink;?></link>
<description><?php echo $description; ?></description>
<webMaster><?php echo $email_address; ?></webMaster>
<language><?php echo $lang_code; ?></language>
<lastBuildDate><?php echo date(r); ?></lastBuildDate>
<image>
 <url><?php echo $weblink . '/images/rss_logo.jpg';?></url>
 <title><?php echo $rss_title; ?></title>
 <link><?php echo $weblink;?></link>
 <description><?php echo $description; ?></description>
</image>
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
<?php

// Create SQL statement
$category = $HTTP_GET_VARS['cPath'];
if ($category != '') {
 // Check to see if we are in a subcategory
 if (strrpos($category, '_') > 0) {
$category = substr($category, strrpos($category, '_') + 1, strlen($category));
 }
 $sql = 'SELECT p.products_id, products_model, products_image, products_date_added FROM products p, products_to_categories pc WHERE p.products_id = pc.products_id AND pc.categories_id = \'' . $category . '\' AND products_status=1 AND products_to_rss=1 ORDER BY products_id DESC LIMIT ' . MAX_RSS_ARTICLES;
} else {
 $sql = 'SELECT products_id, products_model, products_image, products_date_added FROM products WHERE products_status=1 AND products_to_rss=1 ORDER BY products_id DESC LIMIT ' . MAX_RSS_ARTICLES;
}

// Execute SQL query and get result
$sql_result = mysql_query($sql,$connection) or die('Couldn\'t execute query.');

// Format results by row
while ($row = mysql_fetch_array($sql_result)) {
 $id = $row['products_id'];

 // RSS Links for Ultimate SEO (Gareth Houston 10 May 2005)
 $link = tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $id, 'NONSSL', false);

 $model = $row['products_model'];
 $image = $row['products_image'];
 $added = date(r,strtotime($row['products_date_added']));

 // Select the names and descriptions of the products
 $sql2 = 'SELECT products_name, products_description FROM products_description WHERE products_id = \'' . $id . '\' AND language_id = \'' . $lang_id . '\' LIMIT 1';
 $sql2_result = mysql_query($sql2,$connection) or die('Couldn\'t execute query.');
 $row2 = mysql_fetch_array($sql2_result);

 // Setting and cleaning the data
 $name = $row2['products_name'];
 $desc = $row2['products_description'];

 // Encoding to UTF-8
 $name = utf8_encode ($name);
 $desc = utf8_encode ($desc);
 $link = utf8_encode ($link);

 // Select the categories of the products
 $sql3 = 'SELECT categories_id FROM products_to_categories WHERE products_id = \'' . $id . '\' LIMIT 1';
 $sql3_result = mysql_query($sql3,$connection) or die('Couldn\'t execute query.');
 $row3 = mysql_fetch_array($sql3_result);

 $cat_id = $row3['categories_id'];

 $sql4 = 'SELECT categories_name FROM categories_description WHERE categories_id = \'' . $cat_id . '\' AND language_id = \'' . $lang_id . '\' LIMIT 1';
 $sql4_result = mysql_query($sql4,$connection) or die('Couldn\'t execute query.');
 $row4 = mysql_fetch_array($sql4_result);

 $cat_name = $row4['categories_name'];

 // Encoding to UTF-8
 $cat_name = utf8_encode ($cat_name);

 // Setting the URLs to the images and buttons
 $relative_image_url = tep_image(DIR_WS_IMAGES . $image, $name, SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT, 'style="float: left; margin: 0px 8px 8px 0px;"');
 $relative_image_url = str_replace('">', '', $relative_image_url);
 $relative_image_url = str_replace('<img src="', '', $relative_image_url);
 $image_url = HTTP_SERVER . DIR_WS_CATALOG . $relative_image_url;

 $relative_buy_url = tep_image_button('button_shopping_cart.gif', IMAGE_BUTTON_IN_CART, 'style="margin: 0px;"');
 $relative_buy_url = str_replace('">', '', $relative_buy_url);
 $relative_buy_url = str_replace('<img src="', '', $relative_buy_url);
 $buy_url = HTTP_SERVER . DIR_WS_CATALOG . $relative_buy_url;

 $relative_button_url = tep_image_button('button_more_info.gif', IMAGE_BUTTON_MORE_INFO, 'style="margin: 0px;"');
 $relative_button_url = str_replace('">', '', $relative_button_url);
 $relative_button_url = str_replace('<img src="', '', $relative_button_url);
 $button_url = HTTP_SERVER . DIR_WS_CATALOG . $relative_button_url;

 // http://www.w3.org/TR/REC-xml/#dt-chardata
 // The ampersand character (&) and the left angle bracket (<) MUST NOT appear in their literal form
 $name = str_replace('&','&',$name);
 $desc = str_replace('&','&',$desc);
 $link = str_replace('&','&',$link);
 $cat_name = str_replace('&','&',$cat_name);

 $name = str_replace('<','<',$name);
 $desc = str_replace('<','<',$desc);
 $link = str_replace('<','<',$link);
 $cat_name = str_replace('<','<',$cat_name);

 $name = str_replace('>','>',$name);
 $desc = str_replace('>','>',$desc);
 $link = str_replace('>','>',$link);
 $cat_name = str_replace('>','>',$cat_name);

 // Writing the output
 echo '<item>' . "\n";
 echo '  <title>' . $name . '</title>' . "\n";
 echo '  <category>' . $cat_name . '</category>' . "\n";
 echo '  <link>' . $link . '</link>' . "\n";
 echo '  <description>' . "\n";
 if ($image != '') {
 echo '<![CDATA[<a href="' . $link . '"><img src="' . $image_url . '"></a>]]>';
 }
 echo $desc;
 echo '<![CDATA[<br><br><a href="' . tep_href_link(FILENAME_PRODUCT_INFO, tep_get_all_get_params(array('action')) . 'action=buy_now&products_id=' . $id) . '"><img src="' . $buy_url . '" border="0"></a> ]]>';
 echo '<![CDATA[<a href="' . $link . '"><img src="' . $button_url . '" border="0"></a>]]>' . "\n";
 echo '  </description>' . "\n";
 echo '  <guid>' . $link . '</guid>' . "\n";
 echo '  <pubDate>' . $added . '</pubDate>' . "\n";
 echo '</item>' . "\n";
}
// Free resources and close connection
mysql_free_result($sql_result);
mysql_close($connection);
?>
</channel>
</rss>

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...