Extension:RPED/RPEDAPIReader.php

<?php
/**
 * Remote Page Existence Detection (RPED) API extension by Tisane
 * URL: http://www.mediawiki.org/wiki/Extension:RemotePageExistenceDetection
 *
 * This program is free software. You can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version. You can also redistribute it and/or
 * modify it under the terms of the Creative Commons Attribution 3.0 license.
 *
 * This file gets parameters from a URL and parses them into records to be added or deleted from
 * the page title table in the database.
 *
 */
$url=urldecode  ($_SERVER['QUERY_STRING']);
//global $wgRRAnonOnly, $wgUser,$wgOut,$wgDBserver,$wgDBuser,$wgDBpassword;
$yourHost='localhost';
$yourUsername='wikiuser2';
$yourPassword='password';
$con = mysql_connect($yourHost,$yourUsername,$yourPassword);
if (!$con){
        die('Could not connect: ' . mysql_error());
}
mysql_select_db("page_title_db", $con);
//echo($url);
$myInputNum=0;
$myInput[0]='';
for ($count=0; $count<strlen($url); $count++){
        if (substr($url,$count,1)=='|'){
                $myInputNum++;
        } else {
                if (!isset($myInput[$myInputNum])){
                        $myInput[$myInputNum]='';
                }
                if (substr($url,$count,1)==' '){
                        $myInput[$myInputNum].='_';
                } else {
                $myInput[$myInputNum].=substr($url,$count,1);
                }
        }
}
$sql = "CREATE TABLE password_table(
                password text(1000)
                )";
mysql_query($sql,$con);
$sql="SELECT * FROM password_table";
$result=mysql_query($sql,$con);
$result2=mysql_fetch_array($result);
//$result3=trim($result2['password']);
$result3=$result2['password'];
// echo('<br />Your password: '.$myInput[0].'<br />');
// echo('My password: '.$result3.'<br />');
if ($result3==$myInput[0]){ // The password matches.
        for ($count=1; $count<=$myInputNum; $count++){
                $sql='Bad command';
                if (isset($myInput[$count])){
                                if (substr($myInput[$count],0,4)=='ins='){
                                        $myInput[$count]=substr($myInput[$count],4,strlen($myInput[$count])-4);
                                        $myQuery=sprintf("SELECT * FROM page_title_table WHERE page_title='%s'",
                                                mysql_real_escape_string($myInput[$count]));
                                        $result=mysql_query($myQuery,$con);     
                                        $matches=0;
                                        if ($matches==0){ // If it's not already in the table...
                                                $matches=mysql_num_rows  ( $result  ); // Is this already in the table?
                                                $sql=sprintf("INSERT INTO page_title_table (page_title) VALUES ('%s'",
                                                        mysql_real_escape_string($myInput[$count]));
                                }
                        }
                        elseif (substr($myInput[$count],0,4)=='del='){
                                $myInput[$count]=substr($myInput[$count],4,strlen($myInput[$count])-4);
                                $sql=sprintf("DELETE FROM page_title_table WHERE page_title=('%s')",
                                        mysql_real_escape_string($myInput[$count]));
                        }
                }
                if ($sql!='Bad command'){
                        //echo ($sql);
                        mysql_query($sql,$con);
                }
        }
        echo ('Access granted! '.$myInputNum.' records received and processed.');
}
else{ // The password doesn't match.
        echo("Access denied; the correct password was not provided.");
}