<?php 
echo '<?xml version="1.0" standalone="yes" encoding="UTF-8"?'.'>'; 

if (!extension_loaded("sqlite"))
{
        dl("sqlite.so");
}

if ($_GET['tag'] != "")
{
	$tag = $_GET['tag'];
}

if ($_GET['dt'] != "")
{
	$dt = $_GET['dt'];
}

printf ("<posts ");
if ($dt)
{
	printf ("dt='$dt' ");
	$query = "SELECT * FROM bookmarks where date like '%$dt%'";
}
if ($tag)
{
	printf ("tag='$tag'");
	$query = "SELECT * FROM bookmarks where keywords like '% $tag %'";
	// The problem with this is that it matches too much.
	// Using my example, if I search for 'sql' I should get nothing,
	// but instead it matches 'sqlite'
	// Close enough for my purposes, though I should use the stuff I
	// have for extracting the tags.
}
else
{
	printf ("tag=''");
}
printf (" user=''>\n");

if ($tag && $dt)
{
	// A simple change, to prevent false positives: pad the keywords
	// field with spaces :)
	$query = "SELECT * FROM bookmarks where date like '%$dt%' and keywords like '% $tag %'";
}

if (!$tag && !$dt)
{
	$query = "SELECT * FROM bookmarks";
}

if ($debug) echo "<!-- '$query' -->";

if ($db = sqlite_open("/tmp/bookmarks.sqlite", 0666, $err))
{
        $result = sqlite_query ($db, $query);
        while (sqlite_has_more($result))
        {
                $post = sqlite_fetch_array ($result);
		
		$url = 'href="'.htmlentities($post['url']).'"';
		$title = 'description="'.htmlentities($post['title']).'"';
                if ($post['desc'] != "")
		{
	                 $desc = 'extended="'.htmlentities($post['desc']).'"';
		}
		else
		{
			$desc = "";
		}
		$date = 'time="'.$post['date'].'"';
		// Used the wrong variable in the first example
		$hash = 'hash="'.md5($post['url']).'"';
		$tags = 'tag="'.trim($post['keywords']).'"';

		print " <post $url $title $desc $hash $tags $date />";
		printf ("\n");
       }
}
?>		
</posts>

