X-Git-Url: https://dev.renevier.net/gitweb.cgi?a=blobdiff_plain;f=items.php;h=a2a04464e398110e1cd1e2bc71f66b3d87a9e3c8;hb=b8be7edca1802692be4d330c7065e5260fb348f6;hp=cd2cd91bb14c6aff37a52a2f250ce4e2231b4c26;hpb=3b38ca36fc18d34999073625a9c66dc2f05747a3;p=syp.git
diff --git a/items.php b/items.php
index cd2cd91..a2a0446 100644
--- a/items.php
+++ b/items.php
@@ -2,10 +2,6 @@
/* Copyright (c) 2009 Arnaud Renevier, Inc, published under the modified BSD
license. */
-require_once ("./inc/settings.php");
-require_once ("./inc/utils.php");
-require_once ("./inc/db/mysql.php");
-
function headers_callback ($output) {
$etag = md5 ($output);
if ((isset ($_SERVER ["HTTP_IF_NONE_MATCH"])) &&
@@ -29,7 +25,7 @@ function main ($features) {
';
if (SITETITLE) {
- printf (' %s', SITETITLE);
+ printf (' %s', htmlspecialchars (SITETITLE));
}
foreach ($features as $feature) {
$id = $feature->id;
@@ -77,6 +73,12 @@ function main ($features) {
';
}
+if (!@include_once ("./inc/settings.php")) {
+ exit ("server error");
+}
+require_once ("./inc/utils.php");
+require_once ("./inc/db/mysql.php");
+
try {
$connection->connect (DBHOST, DBUSER, DBPWD, DBNAME, DBPREFIX);
$features = $connection->listfeatures ($_GET ['from_user']);