Context Navigation

source: branches/release-1_3/picture.php @ 300

Last change on this file since 300 was 300, checked in by gweltas, 20 years ago
Favorite management
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 27.2 KB

Line
1	<?php
2	/***************************************************************************
3	* picture.php *
4	* ------------------- *
5	* application : PhpWebGallery 1.3 <http://phpwebgallery.net> *
6	* author : Pierrick LE GALL <pierrick@z0rglub.com> *
7	* *
8	* $Id: picture.php 300 2004-01-18 23:46:57Z gweltas $
9	* *
10	***************************************************************************/
11
12	/***************************************************************************
13	* *
14	* This program is free software; you can redistribute it and/or modify *
15	* it under the terms of the GNU General Public License as published by *
16	* the Free Software Foundation; *
17	* *
18	***************************************************************************/
19	// this page shows the image full size
20	//----------------------------------------------------------- personnal include
21	include_once( './include/init.inc.php' );
22	//-------------------------------------------------- access authorization check
23	check_cat_id( $_GET['cat'] );
24	check_login_authorization();
25	if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) )
26	{
27	check_restrictions( $page['cat'] );
28	}
29	//---------------------------------------- incrementation of the number of hits
30	$query = 'UPDATE '.PREFIX_TABLE.'images';
31	$query.= ' SET hit=hit+1';
32	$query.= ' WHERE id='.$_GET['image_id'];
33	$query.= ';';
34	@mysql_query( $query );
35	//-------------------------------------------------------------- initialization
36	initialize_category( 'picture' );
37	//------------------------------------- main picture information initialization
38	$query = 'SELECT id,date_available,comment,hit,keywords';
39	$query.= ',author,name,file,date_creation,filesize,width,height';
40	$query.= ',storage_category_id';
41	if ( is_numeric( $page['cat'] ) )
42	{
43	$query.= ',category_id';
44	}
45	$query.= ' FROM '.PREFIX_TABLE.'images';
46	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id = ic.image_id';
47	$query.= $page['where'];
48	$query.= ' AND id = '.$_GET['image_id'];
49	$query.= $conf['order_by'];
50	$query.= ';';
51	$result = mysql_query( $query );
52	// if this image_id doesn't correspond to this category, an error message is
53	// displayed, and execution is stopped
54	if ( mysql_num_rows( $result ) == 0 )
55	{
56	echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
57	echo '<a href="'.add_session_id( './category.php' ).'">';
58	echo $lang['thumbnails'].'</a></div>';
59	exit();
60	}
61	$row = mysql_fetch_array( $result );
62	$page['id'] = $row['id'];
63	$page['file'] = $row['file'];
64	$page['name'] = $row['name'];
65	$page['date_available'] = $row['date_available'];
66	$page['comment'] = $row['comment'];
67	$page['hit'] = $row['hit'];
68	$page['author'] = $row['author'];
69	$page['date_creation'] = $row['date_creation'];
70	$page['filesize'] = $row['filesize'];
71	$page['width'] = $row['width'];
72	$page['height'] = $row['height'];
73	if (is_numeric( $page['cat'] ))
74	$page['category_id'] = $row['category_id'];
75	$page['keywords'] = $row['keywords'];
76	$page['storage_category_id'] = $row['storage_category_id'];
77	// retrieving the number of the picture in its category (in order)
78	$query = 'SELECT DISTINCT(id)';
79	$query.= ' FROM '.PREFIX_TABLE.'images';
80	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id = ic.image_id';
81	$query.= $page['where'];
82	$query.= $conf['order_by'];
83	$query.= ';';
84	$result = mysql_query( $query );
85	$page['num'] = 0;
86	$row = mysql_fetch_array( $result );
87	while ( $row['id'] != $page['id'] )
88	{
89	$page['num']++;
90	$row = mysql_fetch_array( $result );
91	}
92	//--------------------------------------------------------- favorite management
93	if ( isset( $_GET['add_fav'] ) )
94	{
95	if ( $_GET['add_fav'] == 1 )
96	{
97	// verify if the picture is already in the favorite of the user
98	$query = 'SELECT COUNT(*) AS nb_fav';
99	$query.= ' FROM '.PREFIX_TABLE.'favorites';
100	$query.= ' WHERE image_id = '.$page['id'];
101	$query.= ' AND user_id = '.$user['id'];
102	$query.= ';';
103	$result = mysql_query( $query );
104	$row = mysql_fetch_array( $result );
105	if ( $row['nb_fav'] == 0 )
106	{
107	$query = 'INSERT INTO '.PREFIX_TABLE.'favorites';
108	$query.= ' (image_id,user_id) VALUES';
109	$query.= ' ('.$page['id'].','.$user['id'].')';
110	$query.= ';';
111	$result = mysql_query( $query );
112	}
113	}
114	if ( $_GET['add_fav'] == 0 )
115	{
116	$query = 'DELETE FROM '.PREFIX_TABLE.'favorites';
117	$query.= ' WHERE user_id = '.$user['id'];
118	$query.= ' AND image_id = '.$page['id'];
119	$query.= ';';
120	$result = mysql_query( $query );
121
122	$page['cat_nb_images'] = $page['cat_nb_images'] - 1;
123	if ( $page['cat_nb_images'] <= 0 )
124	{
125	// there is no favorite picture anymore
126	// we redirect the user to the category page
127	$url = add_session_id( 'category.php' );
128	header( 'Request-URI: '.$url );
129	header( 'Content-Location: '.$url );
130	header( 'Location: '.$url );
131	exit();
132	}
133	// redirection of the user to the picture.php page
134	// with the right picture
135	$page['num'] = $page['num'] - 1;
136	if ( $page['num'] == -1 )
137	{
138	$page['num'] = 0;
139	}
140	$query = 'SELECT id';
141	$query.= ' FROM '.PREFIX_TABLE.'images';
142	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic';
143	$query.= ' ON id = ic.image_id';
144	$query.= $page['where'];
145	$query.= $conf['order_by'];
146	$query.= ' LIMIT '.$page['num'].',1';
147	$query.= ';';
148	$result = mysql_query( $query );
149	$row = mysql_fetch_array( $result );
150	$redirect = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
151	$redirect.= '&expand='.$_GET['expand'];
152	if ( $page['cat'] == 'search' )
153	{
154	$redirect.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
155	}
156	$url = add_session_id( $redirect, true );
157	header( 'Request-URI: '.$url );
158	header( 'Content-Location: '.$url );
159	header( 'Location: '.$url );
160	exit();
161	}
162	}
163
164	//---------------------------------------------- next picture thumbnail display
165	$next = 0;
166	if ( $page['num'] < $page['cat_nb_images']-1 )
167	{
168	$next = $page['num'] + 1;
169	$query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id';
170	$query.= ' FROM '.PREFIX_TABLE.'images';
171	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id=ic.image_id';
172	$query.= $page['where'];
173	$query.= $conf['order_by'];
174	$query.= ' LIMIT '.$next.',1';
175	$query.= ';';
176	$result = mysql_query( $query );
177	$row = mysql_fetch_array( $result );
178
179	if ( !isset($array_cat_directories[$row['storage_category_id']]))
180	{
181	$array_cat_directories[$row['storage_category_id']] =
182	get_complete_dir( $row['storage_category_id'] );
183	}
184	$cat_directory = $array_cat_directories[$row['storage_category_id']];
185
186	$file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") );
187	$next_lien_thumbnail = $cat_directory.'thumbnail/';
188	$next_lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext'];
189
190	if ( $row['name'] != "" )
191	{
192	$next_alt_thumbnail = $row['name'];
193	}
194	else
195	{
196	$next_alt_thumbnail = $file;
197	}
198	$next_title = $lang['next_image']." : ".$next_alt_thumbnail;
199
200	$next_url_link = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
201	$next_url_link.= '&expand='.$_GET['expand'];
202	if ( $page['cat'] == 'search' )
203	{
204	$next_url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
205	}
206	}
207	//----------------------------------------------------- template initialization
208	//
209	// Start output of page
210	//
211	//------------------------------------------------------------------ page title
212	$title = $page['name'];
213	if ( $title == '')
214	{
215	$title = str_replace("_"," ",get_filename_wo_extension($page['file']));
216	}
217	$refresh = 0;
218	if ( isset( $_GET['slideshow'] ) && isset($next_url_link))
219	{
220	$refresh= $_GET['slideshow'];
221	$url_link = $next_url_link;
222	}
223	include('include/page_header.php');
224
225	$handle = $vtp->Open( './template/'.$user['template'].'/picture.vtp' );
226	initialize_template();
227
228	$tpl = array( 'back','submit','comments_title','comments_del','delete',
229	'comments_add','author','slideshow','slideshow_stop',
230	'period_seconds' );
231	templatize_array( $tpl, 'lang', $handle );
232	//-------------------------------------------------------- slideshow management
233	if ( isset( $_GET['slideshow'] ) )
234	{
235	if ( !is_numeric( $_GET['slideshow'] ) )
236	$_GET['slideshow'] = $conf['slideshow_period'][0];
237	$vtp->addSession( $handle, 'stop_slideshow' );
238	$url = './picture.php';
239	$url.= '?image_id='.$page['id'];
240	$url.= '&cat='.$page['cat'];
241	$url.= '&expand='.$_GET['expand'];
242	if ( $page['cat'] == 'search' )
243	{
244	$url.= '&search='.$_GET['search'];
245	$url.= '&mode='.$_GET['mode'];
246	}
247	$vtp->setVar( $handle, 'stop_slideshow.url', add_session_id( $url ) );
248	$vtp->closeSession( $handle, 'stop_slideshow' );
249	}
250	else
251	{
252	$vtp->addSession( $handle, 'start_slideshow' );
253	foreach ( $conf['slideshow_period'] as $option ) {
254	$vtp->addSession( $handle, 'second' );
255	$vtp->setVar( $handle, 'second.option', $option );
256	$url = './picture.php';
257	$url.= '?image_id='.$page['id'];
258	$url.= '&cat='.$page['cat'];
259	if (isset($_GET['expand']))
260	$url.= '&expand='.$_GET['expand'];
261	if ( $page['cat'] == 'search' )
262	{
263	$url.= '&search='.$_GET['search'];
264	$url.= '&mode='.$_GET['mode'];
265	}
266	$url.= '&slideshow='.$option;
267	$vtp->setVar( $handle, 'second.url', add_session_id( $url ) );
268	$vtp->closeSession( $handle, 'second' );
269	}
270	$vtp->closeSession( $handle, 'start_slideshow' );
271	}
272
273	//-------------------------------------------------- previous picture thumbnail
274	if ( $page['num'] >= 1 )
275	{
276	$prev = $page['num'] - 1;
277	$query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id';
278	$query.= ' FROM '.PREFIX_TABLE.'images';
279	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id=ic.image_id';
280	$query.= $page['where'];
281	$query.= $conf['order_by'];
282	$query.= ' LIMIT '.$prev.',1';
283	$query.= ';';
284	$result = mysql_query( $query );
285	$row = mysql_fetch_array( $result );
286
287	if ( !isset($array_cat_directories[$row['storage_category_id']]) )
288	{
289	$array_cat_directories[$row['storage_category_id']] =
290	get_complete_dir( $row['storage_category_id'] );
291	}
292	$cat_directory = $array_cat_directories[$row['storage_category_id']];
293
294	$file = substr( $row['file'], 0, strrpos ( $row['file'], '.' ) );
295	$lien_thumbnail = $cat_directory.'thumbnail/';
296	$lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext'];
297
298	$prev_title = $lang['previous_image'].' : ';
299	$alt_thumbnaill = '';
300	if ( $row['name'] != '' ) $alt_thumbnail = $row['name'];
301	else $alt_thumbnail = $file;
302	$prev_title.= $alt_thumbnail;
303
304	$url_link = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
305	$url_link.= '&expand='.$_GET['expand'];
306	if ( $page['cat'] == 'search' )
307	{
308	$url_link.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
309	}
310	// sending vars for display
311	$vtp->addSession( $handle, 'previous' );
312	$vtp->setGlobalVar( $handle, 'previous.url', add_session_id( $url_link ) );
313	$vtp->setGlobalVar( $handle, 'previous.title', $prev_title );
314	$vtp->setGlobalVar( $handle, 'previous.src', $lien_thumbnail );
315	$vtp->setGlobalVar( $handle, 'previous.alt', $alt_thumbnail );
316	$vtp->closeSession( $handle, 'previous' );
317	}
318	else
319	{
320	$vtp->addSession( $handle, 'previous_empty' );
321	$vtp->closeSession( $handle, 'previous_empty' );
322	}
323	//-------------------------------------------------------- main picture display
324	if ( is_numeric( $page['cat'] ) )
325	{
326	$intitule_cat = get_cat_display_name( $page['cat_name'], " - ",
327	"font-style:italic;" );
328	}
329	else
330	{
331	$intitule_cat = $page['title'];
332	}
333
334	if ( !isset($array_cat_directories[$page['storage_category_id']]) )
335	{
336	$array_cat_directories[$page['storage_category_id']] =
337	get_complete_dir( $page['storage_category_id'] );
338	}
339	$cat_directory = $array_cat_directories[$page['storage_category_id']];
340
341	$n = $page['num'] + 1;
342	$intitule_titre = replace_space( $intitule_cat." - " ).$n.'/';
343	$intitule_titre.= $page['cat_nb_images']."<br />";
344	if ( $page['name'] != "" )
345	{
346	$intitule_file = $page['name'];
347	}
348	else
349	{
350	$intitule_file = str_replace( "_", " ",
351	substr( $page['file'], 0,
352	strrpos ( $page['file'], ".") ) );
353	}
354	if ( $page['cat'] == 'search' )
355	{
356	$intitule_file = replace_search( $intitule_file, $_GET['search'] );
357	}
358	$vtp->setGlobalVar( $handle, 'title', $intitule_titre.$intitule_file );
359
360	$lien_image = $cat_directory.$page['file'];
361
362	// calculation of width and height
363	if ( $page['width'] == "" )
364	{
365	$taille_image = @getimagesize( $lien_image );
366	$original_width = $taille_image[0];
367	$original_height = $taille_image[1];
368	}
369	else
370	{
371	$original_width = $page['width'];
372	$original_height = $page['height'];
373	}
374
375	$picture_size = get_picture_size( $original_width, $original_height,
376	$user['maxwidth'], $user['maxheight'] );
377	$final_width = $picture_size[0];
378	$final_height = $picture_size[1];
379
380	$url_link = './category.php?cat='.$page['cat'].'&';
381	$url_link.= 'num='.$page['num'];
382	if (isset($_GET['expand']))
383	$url_link.='&expand='.$_GET['expand'];
384	if ( $page['cat'] == 'search' )
385	{
386	$url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
387	}
388	$vtp->setGlobalVar( $handle, 'picture_link', add_session_id( $url_link ) );
389	$vtp->setGlobalVar( $handle, 'picture_width', $final_width );
390	$vtp->setGlobalVar( $handle, 'picture_height', $final_height );
391	$vtp->setGlobalVar( $handle, 'picture_src', $lien_image );
392	$vtp->setGlobalVar( $handle, 'picture_alt', $page['file'] );
393
394	if ( $page['comment'] != '' )
395	{
396	if ( $page['cat'] == 'search' )
397	{
398	$picture_comment = replace_search( $page['comment'], $_GET['search'] );
399	$vtp->setGlobalVar( $handle, 'picture_comment', $picture_comment );
400	}
401	else
402	{
403	$vtp->setGlobalVar( $handle, 'picture_comment', $page['comment'] );
404	}
405	}
406	//--------------------------------------------------------- picture information
407	// author
408	if ( $page['author'] != "" )
409	{
410	$vtp->addSession( $handle, 'info_line' );
411	$vtp->setVar( $handle, 'info_line.name', $lang['author'].' : ' );
412	$vtp->setVar( $handle, 'info_line.content', $page['author'] );
413	$vtp->closeSession( $handle, 'info_line' );
414	}
415	// creation date
416	if ( $page['date_creation'] != "" )
417	{
418	$vtp->addSession( $handle, 'info_line' );
419	$vtp->setVar( $handle, 'info_line.name', $lang['creation_date'].' : ' );
420	$vtp->setVar( $handle, 'info_line.content',
421	format_date( $page['date_creation'] ) );
422	$vtp->closeSession( $handle, 'info_line' );
423	}
424	// date of availability
425	$vtp->addSession( $handle, 'info_line' );
426	$vtp->setVar( $handle, 'info_line.name', $lang['registration_date'].' : ' );
427	list( $year,$month,$day ) = explode( '-', $page['date_available'] );
428	$vtp->setVar( $handle, 'info_line.content',
429	format_date( $page['date_available'] ) );
430	$vtp->closeSession( $handle, 'info_line' );
431	// size in pixels
432	$vtp->addSession( $handle, 'info_line' );
433	$vtp->setVar( $handle, 'info_line.name', $lang['size'].' : ' );
434	if ( $original_width != $final_width or $original_height != $final_height )
435	{
436	$content = '[ <a href="'.$lien_image.'" title="'.$lang['true_size'].'">';
437	$content.= $original_width.'*'.$original_height.'</a> ]';
438	$vtp->setVar( $handle, 'info_line.content', $content );
439	}
440	else
441	{
442	$content = $original_width.'*'.$original_height;
443	$vtp->setVar( $handle, 'info_line.content', $content );
444	}
445	$vtp->closeSession( $handle, 'info_line' );
446	// file
447	$vtp->addSession( $handle, 'info_line' );
448	$vtp->setVar( $handle, 'info_line.name', $lang['file'].' : ' );
449	if ( $page['cat'] == 'search' )
450	{
451	$content = replace_search( $page['file'], $_GET['search'] );
452	$vtp->setVar( $handle, 'info_line.content', $content );
453	}
454	else
455	{
456	$vtp->setVar( $handle, 'info_line.content', $page['file'] );
457	}
458	$vtp->closeSession( $handle, 'info_line' );
459	// filesize
460	if ( $page['filesize'] == "" )
461	{
462	$poids = floor ( filesize( $lien_image ) / 1024 );
463	}
464	else
465	{
466	$poids = $page['filesize'];
467	}
468	$vtp->addSession( $handle, 'info_line' );
469	$vtp->setVar( $handle, 'info_line.name', $lang['filesize'].' : ' );
470	$vtp->setVar( $handle, 'info_line.content', $poids.' KB' );
471	$vtp->closeSession( $handle, 'info_line' );
472	// keywords
473	if ( $page['keywords'] != '' )
474	{
475	$vtp->addSession( $handle, 'info_line' );
476	$vtp->setVar( $handle, 'info_line.name', $lang['keywords'].' : ' );
477	$keywords = explode( ',', $page['keywords'] );
478	$content = '';
479	$url = './category.php?cat=search&expand='.$_GET['expand'];
480	$url.= '&mode=OR&search=';
481	foreach ( $keywords as $i => $keyword ) {
482	$local_url = add_session_id( $url.$keyword );
483	if ( $i > 0 ) $content.= ',';
484	$content.= '<a href="'.$local_url.'">'.$keyword.'</a>';
485	}
486	$vtp->setVar( $handle, 'info_line.content', $content );
487	$vtp->closeSession( $handle, 'info_line' );
488	}
489	// number of visits
490	$vtp->addSession( $handle, 'info_line' );
491	$vtp->setVar( $handle, 'info_line.name', $lang['visited'].' : ' );
492	$vtp->setVar( $handle, 'info_line.content', $page['hit'].' '.$lang['times'] );
493	$vtp->closeSession( $handle, 'info_line' );
494	//------------------------------------------------------- favorite manipulation
495	if ( !$user['is_the_guest'] )
496	{
497	// verify if the picture is already in the favorite of the user
498	$query = 'SELECT COUNT(*) AS nb_fav FROM '.PREFIX_TABLE.'favorites WHERE image_id = '.$page['id'];
499	$query.= ' AND user_id = '.$user['id'].';';
500	$result = mysql_query( $query );
501	$row = mysql_fetch_array( $result );
502	if (!$row['nb_fav'])
503	{
504	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
505	if (isset($_GET['expand']))
506	$url.= '&expand='.$_GET['expand'];
507	$url.='&add_fav=1';
508	if ( $page['cat'] == 'search' )
509	{
510	$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
511	}
512	$vtp->addSession( $handle, 'favorite' );
513	$vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) );
514	$vtp->setVar( $handle, 'favorite.title', $lang['add_favorites_hint'] );
515	$vtp->setVar( $handle, 'favorite.src',
516	'./template/'.$user['template'].'/theme/favorite.gif' );
517	$vtp->setVar( $handle, 'favorite.alt','[ '.$lang['add_favorites_alt'].' ]' );
518	$vtp->closeSession( $handle, 'favorite' );
519	}
520	else
521	{
522	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
523	$url.= '&expand='.$_GET['expand'].'&add_fav=0';
524	$vtp->addSession( $handle, 'favorite' );
525	$vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) );
526	$vtp->setVar( $handle, 'favorite.title', $lang['del_favorites_hint'] );
527	$vtp->setVar( $handle, 'favorite.src',
528	'./template/'.$user['template'].'/theme/del_favorite.gif' );
529	$vtp->setVar( $handle, 'favorite.alt','[ '.$lang['del_favorites_alt'].' ]' );
530	$vtp->closeSession( $handle, 'favorite' );
531	}
532	}
533	//------------------------------------ admin link for information modifications
534	if ( $user['status'] == 'admin' )
535	{
536	$vtp->addSession( $handle, 'modification' );
537	$url = './admin/admin.php?page=picture_modify&cat_id='.$page['cat'];
538	$url.= '&image_id='.$page['id'];
539	$vtp->setVar( $handle, 'modification.link', add_session_id( $url ) );
540	$vtp->setVar( $handle, 'modification.name', $lang['link_info_image'] );
541	}
542
543	if ( $next )
544	{
545	// sending vars for display
546	$vtp->addSession( $handle, 'next' );
547	$vtp->setGlobalVar( $handle, 'next.url', add_session_id( $next_url_link ) );
548	$vtp->setGlobalVar( $handle, 'next.title', $next_title );
549	$vtp->setGlobalVar( $handle, 'next.src', $next_lien_thumbnail );
550	$vtp->setGlobalVar( $handle, 'next.alt', $next_alt_thumbnail );
551	$vtp->closeSession( $handle, 'next' );
552	}
553	else
554	{
555	$vtp->addSession( $handle, 'next_empty' );
556	$vtp->closeSession( $handle, 'next_empty' );
557	}
558	//---------------------------------------------------- users's comments display
559	if ( $conf['show_comments'] )
560	{
561	$vtp->addSession( $handle, 'comments' );
562	// comment registeration
563	if ( isset( $_POST['content'] ) and $_POST['content'] != '' )
564	{
565	$register_comment = true;
566
567	if ( !$user['is_the_guest'] ) $author = $user['username'];
568	if ( $_POST['author'] != '' ) $author = $_POST['author'];
569	// if a guest try to use the name of an already existing user, he must
570	// be rejected
571	if ( isset( $author ) and $author != $user['username'] )
572	{
573	$query = 'SELECT COUNT(*) AS user_exists';
574	$query.= ' FROM '.PREFIX_TABLE.'users';
575	$query.= " WHERE username = '".$author."'";
576	$query.= ';';
577	$row = mysql_fetch_array( mysql_query( $query ) );
578	if ( $row['user_exists'] == 1 )
579	{
580	$vtp->addSession( $handle, 'information' );
581	$message = $lang['comment_user_exists'];
582	$vtp->setVar( $handle, 'information.content', $message );
583	$vtp->closeSession( $handle, 'information' );
584	$register_comment = false;
585	}
586	}
587
588	if ( $register_comment )
589	{
590	// anti-flood system
591	$reference_date = time() - $conf['anti-flood_time'];
592	$query = 'SELECT id';
593	$query.= ' FROM '.PREFIX_TABLE.'comments';
594	$query.= ' WHERE date > '.$reference_date;
595	$query.= " AND author = '".$author."'";
596	$query.= ';';
597	if ( mysql_num_rows( mysql_query( $query ) ) == 0
598	or $conf['anti-flood_time'] == 0 )
599	{
600	$query = 'INSERT INTO '.PREFIX_TABLE.'comments';
601	$query.= ' (author,date,image_id,content,validated) VALUES';
602	$query.= ' (';
603	if ( !isset( $author ) ) $query.= 'NULL';
604	else $query.= "'".$author."'";
605	$query.= ','.time().','.$page['id'];
606	$query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'";
607	if ( !$conf['comments_validation'] or $user['status'] == 'admin' )
608	$query.= ",'true'";
609	else
610	$query.= ",'false'";
611	$query.= ');';
612	mysql_query( $query );
613	// information message
614	$vtp->addSession( $handle, 'information' );
615	$message = $lang['comment_added'];
616	if ( $conf['comments_validation'] and $user['status'] != 'admin' )
617	{
618	$message.= '<br />'.$lang['comment_to_validate'];
619	}
620	$vtp->setVar( $handle, 'information.content', $message );
621	$vtp->closeSession( $handle, 'information' );
622	// notification to the administrators
623	if ( $conf['mail_notification'] )
624	{
625	$cat_name = get_cat_display_name( $page['cat_name'], ' > ', '' );
626	$cat_name = strip_tags( $cat_name );
627	if ( $page['name'] == '' ) $picture = $page['file'];
628	else $picture = $page['name'];
629	notify( 'comment', $cat_name.' > '.$picture );
630	}
631	}
632	else
633	{
634	// information message
635	$vtp->addSession( $handle, 'information' );
636	$message = $lang['comment_anti-flood'];
637	$vtp->setVar( $handle, 'information.content', $message );
638	$vtp->closeSession( $handle, 'information' );
639	}
640	}
641	}
642	// comment deletion
643	if ( isset( $_GET['del'] )
644	and is_numeric( $_GET['del'] )
645	and $user['status'] == 'admin' )
646	{
647	$query = 'DELETE FROM '.PREFIX_TABLE.'comments';
648	$query.= ' WHERE id = '.$_GET['del'].';';
649	mysql_query( $query );
650	}
651	// number of comment for this picture
652	$query = 'SELECT COUNT(*) AS nb_comments';
653	$query.= ' FROM '.PREFIX_TABLE.'comments';
654	$query.= ' WHERE image_id = '.$page['id'];
655	$query.= " AND validated = 'true'";
656	$query.= ';';
657	$row = mysql_fetch_array( mysql_query( $query ) );
658	$page['nb_comments'] = $row['nb_comments'];
659	// navigation bar creation
660	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
661	if (isset($_GET['expand']))
662	$url.= '&expand='.$_GET['expand'];
663	if ( $page['cat'] == 'search' )
664	{
665	$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
666	}
667	if( !isset( $_GET['start'] )
668	or !is_numeric( $_GET['start'] )
669	or ( is_numeric( $_GET['start'] ) and $_GET['start'] < 0 ) )
670	{
671	$page['start'] = 0;
672	}
673	else
674	{
675	$page['start'] = $_GET['start'];
676	}
677	$page['navigation_bar'] = create_navigation_bar( $url, $page['nb_comments'],
678	$page['start'],
679	$conf['nb_comment_page'],
680	'' );
681	// sending vars for display
682	$vtp->setGlobalVar( $handle, 'navigation_bar', $page['navigation_bar'] );
683	$vtp->setGlobalVar( $handle, 'nb_comments', $page['nb_comments'] );
684
685	$query = 'SELECT id,author,date,image_id,content';
686	$query.= ' FROM '.PREFIX_TABLE.'comments';
687	$query.= ' WHERE image_id = '.$page['id'];
688	$query.= " AND validated = 'true'";
689	$query.= ' ORDER BY date ASC';
690	$query.= ' LIMIT '.$page['start'].', '.$conf['nb_comment_page'].';';
691	$result = mysql_query( $query );
692
693	while ( $row = mysql_fetch_array( $result ) )
694	{
695	$vtp->addSession( $handle, 'comment' );
696	$author = $row['author'];
697	if ( $row['author'] == '' ) $author = $lang['guest'];
698	$vtp->setVar( $handle, 'comment.author', $author );
699	$vtp->setVar( $handle, 'comment.date',
700	format_date( $row['date'], 'unix', true ) );
701	$content = nl2br( $row['content'] );
702
703	// replace _word_ by an underlined word
704	$pattern = '/_([^\s]*)_/';
705	$replacement = '<span style="text-decoration:underline;">\1</span>';
706	$content = preg_replace( $pattern, $replacement, $content );
707
708	// replace word by a bolded word
709	$pattern = '/\([^\s])\*/';
710	$replacement = '<span style="font-weight:bold;">\1</span>';
711	$content = preg_replace( $pattern, $replacement, $content );
712
713	// replace /word/ by an italic word
714	$pattern = '/\/([^\s]*)\//';
715	$replacement = '<span style="font-style:italic;">\1</span>';
716	$content = preg_replace( $pattern, $replacement, $content );
717
718	$vtp->setVar( $handle, 'comment.content', $content );
719	if ( $user['status'] == 'admin' )
720	{
721	$vtp->addSession( $handle, 'delete' );
722	$vtp->setVar( $handle, 'delete.link',
723	add_session_id( $url.'&del='.$row['id'] ) );
724	$vtp->closeSession( $handle, 'delete' );
725	}
726	$vtp->closeSession( $handle, 'comment' );
727	}
728
729	if ( !$user['is_the_guest']
730	or ( $user['is_the_guest'] and $conf['comments_forall'] ) )
731	{
732	$vtp->addSession( $handle, 'add_comment' );
733	// form action
734	$action = str_replace( '&', '&', $_SERVER['REQUEST_URI'] );
735	$vtp->setGlobalVar( $handle, 'form_action', $action );
736	// display author field if the user is not logged in
737	if ( !$user['is_the_guest'] )
738	{
739	$vtp->addSession( $handle, 'author_known' );
740	if (isset($user['pseudo']))
741	$vtp->setVar( $handle, 'author_known.value', $user['pseudo'] );
742	$vtp->closeSession( $handle, 'author_known' );
743	}
744	else
745	{
746	$vtp->addSession( $handle, 'author_field' );
747	$vtp->closeSession( $handle, 'author_field' );
748	}
749	$vtp->closeSession( $handle, 'add_comment' );
750	}
751	$vtp->closeSession( $handle, 'comments' );
752	}
753	//------------------------------------------------------------ log informations
754	pwg_log( 'picture', $intitule_cat, $page['file'] );
755	mysql_close();
756	//----------------------------------------------------------- html code display
757	$code = $vtp->Display( $handle, 0 );
758	echo $code;
759
760	include('include/page_tail.php');
761	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: