5 replies to this topic

[Cris D.]

File Name: rss This Page
File Submitter: Cris D.
File Submitted: 28 Feb 2008
File Updated: 5 Jul 2008
File Category: Blogs & News

Snippet: RSSFeedThisPage V1.2
Author: Cris D
Date: 2008/02/28
Use: This snippet creates a validated RSS xml document that lets users create live links to every page on your site, one at a time. By using this snippet, you are allowing users to control which pages they can set as RSS. If you want to decide which pages to feed out, use the other RSS snippet RSSFeed.

CHANGELOG:
2008/07/05: Fixed XSS vunerability line 80.

Instructions:
1) Create a template with the template code following... if you have this for the original rss snippet, it you can re-use it OK
2) Create and publish a new page (uncached) using the rssLinkThisPage template called rssThisPage.(note the documentId).
3) In the rssThisPage page under the publishing tab set content type: "text/xml".
4) Call the snippet in the rssThisPage page uncached [!rssThisPage!]
5) Set in the index.php: $etoNotice=false
6) Configure the snippet as per in-snippet documentation (including setting the id of the $feedLinkId- the same as rssThisPageLink snippet).
7) Place the rssThisPage snippet cached[[rssThisPageLink]] in the template of your site so the link will show on every page. You can use the a href or form output... When a user clicks on the link or image, they will see a single page rss feed for the page they are on.
QUOTE A word about cached sippets on linked pages: If your RSS feed snippet is called [[cached]]
and you have a single [!uncached!] snippet on the linked page, just the title is returned.
If your RSS feed is called [!uncached!] and you have [!uncached!] snippets on the linked page,
the snippet call is displayed and the rest of the page is also shown including evaluated
[[cached]] snippets. Therefore, for best results use this snippet [!uncached!] and all snippets on
linked pages [[cached]] unless you have good reason to do otherwise.

Create a template with the following code:
CODE<?xml version="1.0" encoding="[(etomite_charset)]"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" >
<channel>
[*content*]
</channel>
</rss>
Save it as "rssTemplate" (if you already have this template from the original rss snippet you can use it).

Create a link to your rss feed for that page by placing a link in yout site template: saving this as a snippet [[rssThisPageLink]]
Option 1)
CODE//rssThisPageLink snippet option 1) Use a href link

$feedLinkId='148';//set to the page id of the published page using the rssThisPage template.
$output ="<a href=\"".$etomite->makeURL($feedLinkId,'',"?rssThisPage=".$etomite->documentIdentifier."")."\">";
$output .="<img src=\"assets/images/rss.gif\" alt=\"rss\" /></a>";
//set path to an image if you want

return $output;

Option 2)
CODE//rssThisPageLink snippet option 2) Use a form as an rss link

$feedLinkId='148';//set to the page id of the published page using the rssThisPage template.
$output .="<form action=\"".$etomite->makeURL($feedLinkId,'','')."\" method=\"get\">";
$output .="<input type=\"hidden\" name=\"rssThisPage\" value=\"".$etomite->documentIdentifier."\" >";
$output .="<input type=\"submit\" value=\"RSS\">";
$output .="</form>";

return $output;

Click here to download this file

[cathode]

OK,
I'll be the first tester of this snippet

1) Does the rssThisPage page need "rssThisPage" as a title, or the alias?

2) Am I correct in thinking that the rssThisPageLink snippet contents, when using option 1, need to be this:

$feedLinkId='148';//set to the page id of the published page using the rssThisPage template.
$output ="<a href=\"".$etomite->makeURL($feedLinkId,'',"?rssThisPage=".$etomite->documentIdentifier."")."\">";
$output .="<img src=\"assets/images/rss.gif\" alt=\"rss\" /></a>";//set path to an image if you want
return $output;

The, I set the variables. I don't understand your GUID variable description...?

[Cris D.]

Quote

1) Does the rssThisPage page need "rssThisPage" as a title, or the alias?

Neither, call it whatever you want as long as:
1) you place the id of the page in the rssThisPage and the rssThisPageLink snippets.

Quote

2) Am I correct in thinking that the rssThisPageLink snippet contents, when using option 1, need to be this:

Yes, this will allow you to use an image or text for the link to rss the page. Place the id of the rssThisPage page at feedLink='';

You can see how it is applied at the artimental site, I have added the link snippet to the template (in a conspicuous spot) so it is avaliable on every page.

Quote

The, I set the variables. I don't understand your GUID variable description...?

Neither do I, hence the vague desctiption of how to seet it. All I know is it was required (or suggested) as a field by the validator, I don't really understand its function. Having said that, this is what I found but I still don't understand how it can be applied in a real sense.

Quote

<guid> sub-element of <item>

<guid> is an optional sub-element of <item>.

guid stands for globally unique identifier. It's a string that uniquely identifies the item. When present, an aggregator may choose to use this string to determine if an item is new.

<guid>http://some.server.com/weblogItem3207</guid>

There are no rules for the syntax of a guid. Aggregators must view them as a string. It's up to the source of the feed to establish the uniqueness of the string.

If the guid element has an attribute named "isPermaLink" with a value of true, the reader may assume that it is a permalink to the item, that is, a url that can be opened in a Web browser, that points to the full item described by the <item> element. An example:

<guid isPermaLink="true">http://inessential.com/2002/09/01.php#a2</guid>

isPermaLink is optional, its default value is true. If its value is false, the guid may not be assumed to be a url, or a url to anything in particular.

http://cyber.law.harvard.edu/rss/rss.html#...ementOfLtitemgt

Edited by Cris D., 28 February 2008 - 09:14 PM.

[Cris D.]

I just went to install this from the snippet library and realised that it had a type causing a "can not access empty property" error. Line 110.

$feedLink=$etomite->makeURL($feedPage,'','?rssThisPage='.$etomite->$documentIdentifier);//page using template to show feed

has a $ too many in front of the $documentIdentifier...change to:

$feedLink=$etomite->makeURL($feedPage,'','?rssThisPage='.$etomite->documentIdentifier);//page using template to show feed

[updated in the snippet library]

[cathode]

Noted, thanks Cris!

[Cris D.]

Updated to fix possible (very minimal) XSS vunerability that would show for users of your RSS feed for the page.

Testing for valid page identifier on line 80 of the snippet. Action: If you have this snippet on your site, replace the line on line 80:

$feedPage = $_GET['rssThisPage'];

with

$feedPage = is_numeric($_GET['rssThisPage']) ? $_GET['rssThisPage']: $etomite->config['site_start'];

Now by default, if someone tries to use a XSS attack, the rss feed will return the home page of your site for the subscriber.

If this line is changed, the snippet will still operate as normal and be totally compatible with existing installations.

Edited by Cris D., 05 July 2008 - 11:22 AM.