Yeah, I'm pretty amazed. What were they thinking?!
M
michaeltyson
@michaeltyson
0
Reputation
2
Posts
12
Profile views
0
Followers
0
Following
Best posts made by michaeltyson
This user hasn't posted anything yet.
Latest posts made by michaeltyson
-
RE: Life Flickr'd before my eyes
-
Life Flickr'd before my eyes
I was after a quick-and-simple way to get a widget on my Wordpress blog's sidebar showing the latest photos from my Flickr feed, so I grabbed a likely contender straight off the Wordpress plugins site and installed it. A minor bug, it showed "michaeltyson posted a photo" in every title, so I opened up the plugin and took a peek under the hood. Then freaked out.
Check it:
[code] if ($javascript) $flickrformat = "json"; else $flickrformat = "php"; ... // Screen name or RSS in $username? if (!ereg("http://api.flickr.com/services/feeds", $username)) $url = "http://api.flickr.com/services/feeds/photos_public.gne?id=".urlencode($user_id)."&format=".$flickrformat."&lang=en-us".$tags; else $url = $username."&format=".$flickrformat.$tags; // Output via php or javascript? if (!$javascript) { eval("?>". file_get_contents($url) . "<?"); $photos = $feed; if ($random) shuffle($photos["items"]); if ($photos) { foreach($photos["items"] as $key => $value) { ...... [/code]
Yep. That's a "php" output format from Flickr that contains PHP code to assign values to a local array. So you just evaluate whatever Flickr gives you and you're good to go.
It's good to know that if Flickr ever get compromised (etc), that everyone using this plugin and any other piece of software that uses this API will have arbitrary code run on their site. Fun!