Redesigned newsentry.php:

+ prevention of using undefined $_GET['entry']
+ simplify file search for news entry content

Signed-off-by: Slávek Banko <slavek.banko@axis.cz>

1 files changed, 18 insertions, 39 deletions

diff --git a/newsentry.php b/newsentry.php
index 71389ef..12835a3 100644
--- a/newsentry.php
+++ b/newsentry.php
@@ -28,53 +28,32 @@ function writeNewsEntry($file, $prefix) {
 	}
 }
 
-if ($handle = opendir('./news/')) {
-$filenames = array();
-while ($file = readdir($handle)) {
-	$filenames[] = $file;
-}
-rsort($filenames);
-
-$entryfound = 0;
-foreach($filenames as $file) {
-	if ($file == $_GET["entry"]) {
-		writeNewsEntry($file, 'news');
-		$entryfound = 1;
-	}
-}
-closedir($handle);
-
-if ($entryfound == 0) {
-	if ($handle = opendir('./rssentries/')) {
-		$filenames = array();
-		while ($file = readdir($handle)) {
-			$filenames[] = $file;
-		}
-		rsort($filenames);
-		
-		$entryfound = 0;
-		foreach($filenames as $file) {
-			if ($file == $_GET["entry"]) {
-				writeNewsEntry($file, 'rssentries');
-				$entryfound = 1;
-			}
-		}
-		closedir($handle);
-	
-		if ($entryfound == 0) {
-			echo '<font color="red">Requested news entry not found!</font>';
-			echo "<p>";
+$entryFound = false;
+if (!empty($_GET['entry']))
+{
+	$sources = ['news', 'rssentries'];
+	foreach ($sources as $source)
+	{
+		$filenames = scandir('./'.$source.'/', SCANDIR_SORT_DESCENDING);
+		if (in_array($_GET['entry'], $filenames))
+		{
+			writeNewsEntry($_GET['entry'], $source);
+			$entryFound = true;
+			break;
 		}
 	}
 }
+if (!$entryFound)
+{
+	echo '<font color="red">Requested news entry not found!</font>';
+	echo "<p>";
+}
 
 echo '<a href="/news.php">Go back to News</a>';
 echo "<p>";
-}
+
 ?>
 
 <?php
 	doFooter();
 ?>
-
-