Context Navigation

source: trunk/picture.php @ 345

Last change on this file since 345 was 345, checked in by gweltas, 20 years ago
Merge of the 1.3.1 release Creation of an unique include file (common.php) Creation of an unique define file (include/constants.php) Modification of the installation procedure
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 26.9 KB

Line
1	<?php
2	/***************************************************************************
3	* picture.php *
4	* ------------------- *
5	* application : PhpWebGallery 1.3 <http://phpwebgallery.net> *
6	* author : Pierrick LE GALL <pierrick@z0rglub.com> *
7	* *
8	* $Id: picture.php 345 2004-02-02 00:55:18Z gweltas $
9	* *
10	***************************************************************************/
11
12	/***************************************************************************
13	* *
14	* This program is free software; you can redistribute it and/or modify *
15	* it under the terms of the GNU General Public License as published by *
16	* the Free Software Foundation; *
17	* *
18	***************************************************************************/
19	// this page shows the image full size
20	//----------------------------------------------------------- include
21	$phpwg_root_path = './';
22	include_once( $phpwg_root_path.'common.php' );
23	//-------------------------------------------------- access authorization check
24	check_cat_id( $_GET['cat'] );
25	check_login_authorization();
26	if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) )
27	{
28	check_restrictions( $page['cat'] );
29	}
30	//---------------------------------------- incrementation of the number of hits
31	$query = 'UPDATE '.IMAGES_TABLE.' SET hit=hit+1';
32	$query.= ' WHERE id='.$_GET['image_id'];
33	$query.= ';';
34	@mysql_query( $query );
35	//-------------------------------------------------------------- initialization
36	initialize_category( 'picture' );
37	//------------------------------------- main picture information initialization
38	$infos = array( 'id','date_available','comment','hit','keywords','author'
39	,'name','file','date_creation','filesize','width','height'
40	,'storage_category_id' );
41
42	$query = 'SELECT '.implode( ',', $infos );
43	if ( is_numeric( $page['cat'] ) ) $query.= ',category_id';
44	$query.= ' FROM '.IMAGES_TABLE;
45	$query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic';
46	$query.= ' ON id = ic.image_id';
47	$query.= $page['where'];
48	$query.= ' AND id = '.$_GET['image_id'];
49	$query.= $conf['order_by'];
50	$query.= ';';
51	$result = mysql_query( $query );
52	// if this image_id doesn't correspond to this category, an error message is
53	// displayed, and execution is stopped
54	if ( mysql_num_rows( $result ) == 0 )
55	{
56	echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
57	echo '<a href="'.add_session_id( './category.php' ).'">';
58	echo $lang['thumbnails'].'</a></div>';
59	exit();
60	}
61	$row = mysql_fetch_array( $result );
62
63	foreach ( $infos as $info ) {
64	if ( isset( $row[$info] ) ) $page[$info] = $row[$info];
65	else $page[$info] = '';
66	}
67	if ( is_numeric( $page['cat'] ) ) $page['category_id'] = $row['category_id'];
68	// retrieving the number of the picture in its category (in order)
69	$query = 'SELECT DISTINCT(id)';
70	$query.= ' FROM '.IMAGES_TABLE;
71	$query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic';
72	$query.= ' ON id = ic.image_id';
73	$query.= $page['where'];
74	$query.= $conf['order_by'];
75	$query.= ';';
76	$result = mysql_query( $query );
77	$page['num'] = 0;
78	$row = mysql_fetch_array( $result );
79	while ( $row['id'] != $page['id'] )
80	{
81	$page['num']++;
82	$row = mysql_fetch_array( $result );
83	}
84	//--------------------------------------------------------- favorite management
85	if ( isset( $_GET['add_fav'] ) )
86	{
87	if ( $_GET['add_fav'] == 1 )
88	{
89	// verify if the picture is already in the favorite of the user
90	$query = 'SELECT COUNT(*) AS nb_fav';
91	$query.= ' FROM '.FAVORITES_TABLE.' WHERE image_id = '.$page['id'];
92	$query.= ' AND user_id = '.$user['id'];
93	$query.= ';';
94	$result = mysql_query( $query );
95	$row = mysql_fetch_array( $result );
96	if ( $row['nb_fav'] == 0 )
97	{
98	$query = 'INSERT INTO '.FAVORITES_TABLE.' (image_id,user_id) VALUES';
99	$query.= ' ('.$page['id'].','.$user['id'].')';
100	$query.= ';';
101	$result = mysql_query( $query );
102	}
103	}
104	if ( $_GET['add_fav'] == 0 )
105	{
106	$query = 'DELETE FROM '.FAVORITES_TABLE.' WHERE user_id = '.$user['id'];
107	$query.= ' AND image_id = '.$page['id'];
108	$query.= ';';
109	$result = mysql_query( $query );
110
111	$page['cat_nb_images'] = $page['cat_nb_images'] - 1;
112	if ( $page['cat_nb_images'] <= 0 )
113	{
114	// there is no favorite picture anymore
115	// we redirect the user to the category page
116	$url = add_session_id( 'category.php' );
117	header( 'Request-URI: '.$url );
118	header( 'Content-Location: '.$url );
119	header( 'Location: '.$url );
120	exit();
121	}
122	// redirection of the user to the picture.php page
123	// with the right picture
124	$page['num'] = $page['num'] - 1;
125	if ( $page['num'] == -1 )
126	{
127	$page['num'] = 0;
128	}
129	$query = 'SELECT id';
130	$query.= ' FROM '.IMAGES_TABLE;
131	$query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic';
132	$query.= ' ON id = ic.image_id';
133	$query.= $page['where'];
134	$query.= $conf['order_by'];
135	$query.= ' LIMIT '.$page['num'].',1';
136	$query.= ';';
137	$result = mysql_query( $query );
138	$row = mysql_fetch_array( $result );
139	$redirect = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
140	$redirect.= '&expand='.$_GET['expand'];
141	if ( $page['cat'] == 'search' )
142	{
143	$redirect.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
144	}
145	$url = add_session_id( $redirect, true );
146	header( 'Request-URI: '.$url );
147	header( 'Content-Location: '.$url );
148	header( 'Location: '.$url );
149	exit();
150	}
151	}
152
153	//---------------------------------------------- next picture thumbnail display
154	$next = 0;
155	if ( $page['num'] < $page['cat_nb_images']-1 )
156	{
157	$next = $page['num'] + 1;
158	$query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id';
159	$query.= ' FROM '.IMAGES_TABLE;
160	$query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic';
161	$query.= ' ON id=ic.image_id';
162	$query.= $page['where'];
163	$query.= $conf['order_by'];
164	$query.= ' LIMIT '.$next.',1';
165	$query.= ';';
166	$result = mysql_query( $query );
167	$row = mysql_fetch_array( $result );
168
169	if ( !isset($array_cat_directories[$row['storage_category_id']]))
170	{
171	$array_cat_directories[$row['storage_category_id']] =
172	get_complete_dir( $row['storage_category_id'] );
173	}
174	$cat_directory = $array_cat_directories[$row['storage_category_id']];
175
176	$file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") );
177	$next_lien_thumbnail = $cat_directory.'thumbnail/';
178	$next_lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext'];
179
180	if ( isset( $row['name'] ) and $row['name'] != '' )
181	{
182	$next_alt_thumbnail = $row['name'];
183	}
184	else
185	{
186	$next_alt_thumbnail = $file;
187	}
188	$next_title = $lang['next_image']." : ".$next_alt_thumbnail;
189
190	$next_url_link = './picture.php?image_id='.$row['id'];
191	$next_url_link.= '&cat='.$page['cat'];
192	if ( isset( $_GET['expand'] ) )
193	$next_url_link.= '&expand='.$_GET['expand'];
194	if ( $page['cat'] == 'search' )
195	{
196	$next_url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
197	}
198	}
199	//----------------------------------------------------- template initialization
200	//
201	// Start output of page
202	//
203	//------------------------------------------------------------------ page title
204	$title = $page['name'];
205	if ( $title == '')
206	{
207	$title = str_replace("_"," ",get_filename_wo_extension($page['file']));
208	}
209	$refresh = 0;
210	if ( isset( $_GET['slideshow'] ) && isset($next_url_link))
211	{
212	$refresh= $_GET['slideshow'];
213	$url_link = $next_url_link;
214	}
215	include('include/page_header.php');
216
217	$handle = $vtp->Open( './template/'.$user['template'].'/picture.vtp' );
218	initialize_template();
219
220	$tpl = array( 'back','submit','comments_title','comments_del','delete',
221	'comments_add','author','slideshow','slideshow_stop',
222	'period_seconds' );
223	templatize_array( $tpl, 'lang', $handle );
224	//-------------------------------------------------------- slideshow management
225	if ( isset( $_GET['slideshow'] ) )
226	{
227	if ( !is_numeric( $_GET['slideshow'] ) )
228	$_GET['slideshow'] = $conf['slideshow_period'][0];
229	$vtp->addSession( $handle, 'stop_slideshow' );
230	$url = './picture.php';
231	$url.= '?image_id='.$page['id'];
232	$url.= '&cat='.$page['cat'];
233	$url.= '&expand='.$_GET['expand'];
234	if ( $page['cat'] == 'search' )
235	{
236	$url.= '&search='.$_GET['search'];
237	$url.= '&mode='.$_GET['mode'];
238	}
239	$vtp->setVar( $handle, 'stop_slideshow.url', add_session_id( $url ) );
240	$vtp->closeSession( $handle, 'stop_slideshow' );
241	}
242	else
243	{
244	$vtp->addSession( $handle, 'start_slideshow' );
245	foreach ( $conf['slideshow_period'] as $option ) {
246	$vtp->addSession( $handle, 'second' );
247	$vtp->setVar( $handle, 'second.option', $option );
248	$url = './picture.php';
249	$url.= '?image_id='.$page['id'];
250	$url.= '&cat='.$page['cat'];
251	if (isset($_GET['expand']))
252	$url.= '&expand='.$_GET['expand'];
253	if ( $page['cat'] == 'search' )
254	{
255	$url.= '&search='.$_GET['search'];
256	$url.= '&mode='.$_GET['mode'];
257	}
258	$url.= '&slideshow='.$option;
259	$vtp->setVar( $handle, 'second.url', add_session_id( $url ) );
260	$vtp->closeSession( $handle, 'second' );
261	}
262	$vtp->closeSession( $handle, 'start_slideshow' );
263	}
264
265	//-------------------------------------------------- previous picture thumbnail
266	if ( $page['num'] >= 1 )
267	{
268	$prev = $page['num'] - 1;
269	$query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id';
270	$query.= ' FROM '.IMAGES_TABLE;
271	$query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic';
272	$query.= ' ON id=ic.image_id';
273	$query.= $page['where'];
274	$query.= $conf['order_by'];
275	$query.= ' LIMIT '.$prev.',1';
276	$query.= ';';
277	$result = mysql_query( $query );
278	$row = mysql_fetch_array( $result );
279
280	if ( !isset($array_cat_directories[$row['storage_category_id']]) )
281	{
282	$array_cat_directories[$row['storage_category_id']] =
283	get_complete_dir( $row['storage_category_id'] );
284	}
285	$cat_directory = $array_cat_directories[$row['storage_category_id']];
286
287	$file = substr( $row['file'], 0, strrpos ( $row['file'], '.' ) );
288	$lien_thumbnail = $cat_directory.'thumbnail/';
289	$lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext'];
290
291	$prev_title = $lang['previous_image'].' : ';
292
293	if ( isset( $row['name'] ) and $row['name'] != '' )
294	$alt_thumbnail = $row['name'];
295	else
296	$alt_thumbnail = $file;
297
298	$prev_title.= $alt_thumbnail;
299
300	$url_link = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
301	if ( isset( $_GET['expand'] ) ) $url_link.= '&expand='.$_GET['expand'];
302	if ( $page['cat'] == 'search' )
303	{
304	$url_link.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
305	}
306	// sending vars for display
307	$vtp->addSession( $handle, 'previous' );
308	$vtp->setGlobalVar( $handle, 'previous.url', add_session_id( $url_link ) );
309	$vtp->setGlobalVar( $handle, 'previous.title', $prev_title );
310	$vtp->setGlobalVar( $handle, 'previous.src', $lien_thumbnail );
311	$vtp->setGlobalVar( $handle, 'previous.alt', $alt_thumbnail );
312	$vtp->closeSession( $handle, 'previous' );
313	}
314	else
315	{
316	$vtp->addSession( $handle, 'previous_empty' );
317	$vtp->closeSession( $handle, 'previous_empty' );
318	}
319	//-------------------------------------------------------- main picture display
320	if ( is_numeric( $page['cat'] ) )
321	{
322	$intitule_cat = get_cat_display_name( $page['cat_name'], " - ",
323	"font-style:italic;" );
324	}
325	else
326	{
327	$intitule_cat = $page['title'];
328	}
329
330	if ( !isset($array_cat_directories[$page['storage_category_id']]) )
331	{
332	$array_cat_directories[$page['storage_category_id']] =
333	get_complete_dir( $page['storage_category_id'] );
334	}
335	$cat_directory = $array_cat_directories[$page['storage_category_id']];
336
337	$n = $page['num'] + 1;
338	$intitule_titre = replace_space( $intitule_cat." - " ).$n.'/';
339	$intitule_titre.= $page['cat_nb_images']."<br />";
340	if ( $page['name'] != "" )
341	{
342	$intitule_file = $page['name'];
343	}
344	else
345	{
346	$intitule_file = str_replace( "_", " ",
347	substr( $page['file'], 0,
348	strrpos ( $page['file'], ".") ) );
349	}
350	if ( $page['cat'] == 'search' )
351	{
352	$intitule_file = replace_search( $intitule_file, $_GET['search'] );
353	}
354	$vtp->setGlobalVar( $handle, 'title', $intitule_titre.$intitule_file );
355
356	$lien_image = $cat_directory.$page['file'];
357
358	// calculation of width and height
359	if ( $page['width'] == "" )
360	{
361	$taille_image = @getimagesize( $lien_image );
362	$original_width = $taille_image[0];
363	$original_height = $taille_image[1];
364	}
365	else
366	{
367	$original_width = $page['width'];
368	$original_height = $page['height'];
369	}
370
371	$picture_size = get_picture_size( $original_width, $original_height,
372	$user['maxwidth'], $user['maxheight'] );
373	$final_width = $picture_size[0];
374	$final_height = $picture_size[1];
375
376	$url_link = './category.php?cat='.$page['cat'].'&';
377	$url_link.= 'num='.$page['num'];
378	if (isset($_GET['expand']))
379	$url_link.='&expand='.$_GET['expand'];
380	if ( $page['cat'] == 'search' )
381	{
382	$url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
383	}
384	$vtp->setGlobalVar( $handle, 'picture_link', add_session_id( $url_link ) );
385	$vtp->setGlobalVar( $handle, 'picture_width', $final_width );
386	$vtp->setGlobalVar( $handle, 'picture_height', $final_height );
387	$vtp->setGlobalVar( $handle, 'picture_src', $lien_image );
388	$vtp->setGlobalVar( $handle, 'picture_alt', $page['file'] );
389
390	if ( $page['comment'] != '' )
391	{
392	if ( $page['cat'] == 'search' )
393	{
394	$picture_comment = replace_search( $page['comment'], $_GET['search'] );
395	$vtp->setGlobalVar( $handle, 'picture_comment', $picture_comment );
396	}
397	else
398	{
399	$vtp->setGlobalVar( $handle, 'picture_comment', $page['comment'] );
400	}
401	}
402	//--------------------------------------------------------- picture information
403	// author
404	if ( $page['author'] != "" )
405	{
406	$vtp->addSession( $handle, 'info_line' );
407	$vtp->setVar( $handle, 'info_line.name', $lang['author'].' : ' );
408	$vtp->setVar( $handle, 'info_line.content', $page['author'] );
409	$vtp->closeSession( $handle, 'info_line' );
410	}
411	// creation date
412	if ( $page['date_creation'] != "" )
413	{
414	$vtp->addSession( $handle, 'info_line' );
415	$vtp->setVar( $handle, 'info_line.name', $lang['creation_date'].' : ' );
416	$vtp->setVar( $handle, 'info_line.content',
417	format_date( $page['date_creation'] ) );
418	$vtp->closeSession( $handle, 'info_line' );
419	}
420	// date of availability
421	$vtp->addSession( $handle, 'info_line' );
422	$vtp->setVar( $handle, 'info_line.name', $lang['registration_date'].' : ' );
423	list( $year,$month,$day ) = explode( '-', $page['date_available'] );
424	$vtp->setVar( $handle, 'info_line.content',
425	format_date( $page['date_available'] ) );
426	$vtp->closeSession( $handle, 'info_line' );
427	// size in pixels
428	$vtp->addSession( $handle, 'info_line' );
429	$vtp->setVar( $handle, 'info_line.name', $lang['size'].' : ' );
430	if ( $original_width != $final_width or $original_height != $final_height )
431	{
432	$content = '[ <a href="'.$lien_image.'" title="'.$lang['true_size'].'">';
433	$content.= $original_width.'*'.$original_height.'</a> ]';
434	$vtp->setVar( $handle, 'info_line.content', $content );
435	}
436	else
437	{
438	$content = $original_width.'*'.$original_height;
439	$vtp->setVar( $handle, 'info_line.content', $content );
440	}
441	$vtp->closeSession( $handle, 'info_line' );
442	// file
443	$vtp->addSession( $handle, 'info_line' );
444	$vtp->setVar( $handle, 'info_line.name', $lang['file'].' : ' );
445	if ( $page['cat'] == 'search' )
446	{
447	$content = replace_search( $page['file'], $_GET['search'] );
448	$vtp->setVar( $handle, 'info_line.content', $content );
449	}
450	else
451	{
452	$vtp->setVar( $handle, 'info_line.content', $page['file'] );
453	}
454	$vtp->closeSession( $handle, 'info_line' );
455	// filesize
456	if ( $page['filesize'] == "" )
457	{
458	$poids = floor ( filesize( $lien_image ) / 1024 );
459	}
460	else
461	{
462	$poids = $page['filesize'];
463	}
464	$vtp->addSession( $handle, 'info_line' );
465	$vtp->setVar( $handle, 'info_line.name', $lang['filesize'].' : ' );
466	$vtp->setVar( $handle, 'info_line.content', $poids.' KB' );
467	$vtp->closeSession( $handle, 'info_line' );
468	// keywords
469	if ( $page['keywords'] != '' )
470	{
471	$vtp->addSession( $handle, 'info_line' );
472	$vtp->setVar( $handle, 'info_line.name', $lang['keywords'].' : ' );
473	$keywords = explode( ',', $page['keywords'] );
474	$content = '';
475	$url = './category.php?cat=search';
476	if ( isset( $_GET['expand'] ) ) $url.= '&expand='.$_GET['expand'];
477	$url.= '&mode=OR&search=';
478	foreach ( $keywords as $i => $keyword ) {
479	$local_url = add_session_id( $url.$keyword );
480	if ( $i > 0 ) $content.= ',';
481	$content.= '<a href="'.$local_url.'">'.$keyword.'</a>';
482	}
483	$vtp->setVar( $handle, 'info_line.content', $content );
484	$vtp->closeSession( $handle, 'info_line' );
485	}
486	// number of visits
487	$vtp->addSession( $handle, 'info_line' );
488	$vtp->setVar( $handle, 'info_line.name', $lang['visited'].' : ' );
489	$vtp->setVar( $handle, 'info_line.content', $page['hit'].' '.$lang['times'] );
490	$vtp->closeSession( $handle, 'info_line' );
491	//------------------------------------------------------- favorite manipulation
492	if ( !$user['is_the_guest'] )
493	{
494	// verify if the picture is already in the favorite of the user
495	$query = 'SELECT COUNT(*) AS nb_fav';
496	$query.= ' FROM '.FAVORITES_TABLE.' WHERE image_id = '.$page['id'];
497	$query.= ' AND user_id = '.$user['id'].';';
498	$result = mysql_query( $query );
499	$row = mysql_fetch_array( $result );
500	if (!$row['nb_fav'])
501	{
502	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
503	if (isset($_GET['expand']))
504	$url.= '&expand='.$_GET['expand'];
505	$url.='&add_fav=1';
506	if ( $page['cat'] == 'search' )
507	{
508	$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
509	}
510	$vtp->addSession( $handle, 'favorite' );
511	$vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) );
512	$vtp->setVar( $handle, 'favorite.title', $lang['add_favorites_hint'] );
513	$vtp->setVar( $handle, 'favorite.src',
514	'./template/'.$user['template'].'/theme/favorite.gif' );
515	$vtp->setVar($handle,'favorite.alt','[ '.$lang['add_favorites_alt'].' ]');
516	$vtp->closeSession( $handle, 'favorite' );
517	}
518	else
519	{
520	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
521	$url.= '&expand='.$_GET['expand'].'&add_fav=0';
522	$vtp->addSession( $handle, 'favorite' );
523	$vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) );
524	$vtp->setVar( $handle, 'favorite.title', $lang['del_favorites_hint'] );
525	$vtp->setVar( $handle, 'favorite.src',
526	'./template/'.$user['template'].'/theme/del_favorite.gif' );
527	$vtp->setVar($handle,'favorite.alt','[ '.$lang['del_favorites_alt'].' ]');
528	$vtp->closeSession( $handle, 'favorite' );
529	}
530	}
531	//------------------------------------ admin link for information modifications
532	if ( $user['status'] == 'admin' )
533	{
534	$vtp->addSession( $handle, 'modification' );
535	$url = './admin/admin.php?page=picture_modify&cat_id='.$page['cat'];
536	$url.= '&image_id='.$page['id'];
537	$vtp->setVar( $handle, 'modification.link', add_session_id( $url ) );
538	$vtp->setVar( $handle, 'modification.name', $lang['link_info_image'] );
539	}
540
541	if ( $next )
542	{
543	// sending vars for display
544	$vtp->addSession( $handle, 'next' );
545	$vtp->setGlobalVar( $handle, 'next.url', add_session_id( $next_url_link ) );
546	$vtp->setGlobalVar( $handle, 'next.title', $next_title );
547	$vtp->setGlobalVar( $handle, 'next.src', $next_lien_thumbnail );
548	$vtp->setGlobalVar( $handle, 'next.alt', $next_alt_thumbnail );
549	$vtp->closeSession( $handle, 'next' );
550	}
551	else
552	{
553	$vtp->addSession( $handle, 'next_empty' );
554	$vtp->closeSession( $handle, 'next_empty' );
555	}
556	//---------------------------------------------------- users's comments display
557	if ( $conf['show_comments'] )
558	{
559	$vtp->addSession( $handle, 'comments' );
560	// comment registeration
561	if ( isset( $_POST['content'] ) and $_POST['content'] != '' )
562	{
563	$register_comment = true;
564
565	if ( !$user['is_the_guest'] ) $author = $user['username'];
566	if ( $_POST['author'] != '' ) $author = $_POST['author'];
567	// if a guest try to use the name of an already existing user, he must
568	// be rejected
569	if ( isset( $author ) and $author != $user['username'] )
570	{
571	$query = 'SELECT COUNT(*) AS user_exists';
572	$query.= ' FROM '.PREFIX_TABLE.'users';
573	$query.= " WHERE username = '".$author."'";
574	$query.= ';';
575	$row = mysql_fetch_array( mysql_query( $query ) );
576	if ( $row['user_exists'] == 1 )
577	{
578	$vtp->addSession( $handle, 'information' );
579	$message = $lang['comment_user_exists'];
580	$vtp->setVar( $handle, 'information.content', $message );
581	$vtp->closeSession( $handle, 'information' );
582	$register_comment = false;
583	}
584	}
585
586	if ( $register_comment )
587	{
588	// anti-flood system
589	$reference_date = time() - $conf['anti-flood_time'];
590	$query = 'SELECT id FROM '.COMMENTS_TABLE;
591	$query.= ' WHERE date > '.$reference_date;
592	$query.= " AND author = '".$author."'";
593	$query.= ';';
594	if ( mysql_num_rows( mysql_query( $query ) ) == 0
595	or $conf['anti-flood_time'] == 0 )
596	{
597	$query = 'INSERT INTO '.COMMENTS_TABLE;
598	$query.= ' (author,date,image_id,content,validated) VALUES';
599	$query.= ' (';
600	if ( !isset( $author ) ) $query.= 'NULL';
601	else $query.= "'".$author."'";
602	$query.= ','.time().','.$page['id'];
603	$query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'";
604	if ( !$conf['comments_validation'] or $user['status'] == 'admin' )
605	$query.= ",'true'";
606	else
607	$query.= ",'false'";
608	$query.= ');';
609	mysql_query( $query );
610	// information message
611	$vtp->addSession( $handle, 'information' );
612	$message = $lang['comment_added'];
613	if ( $conf['comments_validation'] and $user['status'] != 'admin' )
614	{
615	$message.= '<br />'.$lang['comment_to_validate'];
616	}
617	$vtp->setVar( $handle, 'information.content', $message );
618	$vtp->closeSession( $handle, 'information' );
619	// notification to the administrators
620	if ( $conf['mail_notification'] )
621	{
622	$cat_name = get_cat_display_name( $page['cat_name'], ' > ', '' );
623	$cat_name = strip_tags( $cat_name );
624	if ( $page['name'] == '' ) $picture = $page['file'];
625	else $picture = $page['name'];
626	notify( 'comment', $cat_name.' > '.$picture );
627	}
628	}
629	else
630	{
631	// information message
632	$vtp->addSession( $handle, 'information' );
633	$message = $lang['comment_anti-flood'];
634	$vtp->setVar( $handle, 'information.content', $message );
635	$vtp->closeSession( $handle, 'information' );
636	}
637	}
638	}
639	// comment deletion
640	if ( isset( $_GET['del'] )
641	and is_numeric( $_GET['del'] )
642	and $user['status'] == 'admin' )
643	{
644	$query = 'DELETE FROM '.COMMENTS_TABLE.' WHERE id = '.$_GET['del'].';';
645	mysql_query( $query );
646	}
647	// number of comment for this picture
648	$query = 'SELECT COUNT(*) AS nb_comments';
649	$query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$page['id'];
650	$query.= " AND validated = 'true'";
651	$query.= ';';
652	$row = mysql_fetch_array( mysql_query( $query ) );
653	$page['nb_comments'] = $row['nb_comments'];
654	// navigation bar creation
655	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
656	if (isset($_GET['expand']))
657	$url.= '&expand='.$_GET['expand'];
658	if ( $page['cat'] == 'search' )
659	{
660	$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
661	}
662	if( !isset( $_GET['start'] )
663	or !is_numeric( $_GET['start'] )
664	or ( is_numeric( $_GET['start'] ) and $_GET['start'] < 0 ) )
665	{
666	$page['start'] = 0;
667	}
668	else
669	{
670	$page['start'] = $_GET['start'];
671	}
672	$page['navigation_bar'] = create_navigation_bar( $url, $page['nb_comments'],
673	$page['start'],
674	$conf['nb_comment_page'],
675	'' );
676	// sending vars for display
677	$vtp->setGlobalVar( $handle, 'navigation_bar', $page['navigation_bar'] );
678	$vtp->setGlobalVar( $handle, 'nb_comments', $page['nb_comments'] );
679
680	$query = 'SELECT id,author,date,image_id,content';
681	$query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$page['id'];
682	$query.= " AND validated = 'true'";
683	$query.= ' ORDER BY date ASC';
684	$query.= ' LIMIT '.$page['start'].', '.$conf['nb_comment_page'].';';
685	$result = mysql_query( $query );
686
687	while ( $row = mysql_fetch_array( $result ) )
688	{
689	$vtp->addSession( $handle, 'comment' );
690	$author = $row['author'];
691	if ( $row['author'] == '' ) $author = $lang['guest'];
692	$vtp->setVar( $handle, 'comment.author', $author );
693	$vtp->setVar( $handle, 'comment.date',
694	format_date( $row['date'], 'unix', true ) );
695	$content = nl2br( $row['content'] );
696
697	// replace _word_ by an underlined word
698	$pattern = '/_([^\s]*)_/';
699	$replacement = '<span style="text-decoration:underline;">\1</span>';
700	$content = preg_replace( $pattern, $replacement, $content );
701
702	// replace word by a bolded word
703	$pattern = '/\([^\s])\*/';
704	$replacement = '<span style="font-weight:bold;">\1</span>';
705	$content = preg_replace( $pattern, $replacement, $content );
706
707	// replace /word/ by an italic word
708	$pattern = '/\/([^\s]*)\//';
709	$replacement = '<span style="font-style:italic;">\1</span>';
710	$content = preg_replace( $pattern, $replacement, $content );
711
712	$vtp->setVar( $handle, 'comment.content', $content );
713	if ( $user['status'] == 'admin' )
714	{
715	$vtp->addSession( $handle, 'delete' );
716	$vtp->setVar( $handle, 'delete.link',
717	add_session_id( $url.'&del='.$row['id'] ) );
718	$vtp->closeSession( $handle, 'delete' );
719	}
720	$vtp->closeSession( $handle, 'comment' );
721	}
722
723	if ( !$user['is_the_guest']
724	or ( $user['is_the_guest'] and $conf['comments_forall'] ) )
725	{
726	$vtp->addSession( $handle, 'add_comment' );
727	// form action
728	$action = str_replace( '&', '&', $_SERVER['REQUEST_URI'] );
729	$vtp->setGlobalVar( $handle, 'form_action', $action );
730	// display author field if the user is not logged in
731	if ( !$user['is_the_guest'] )
732	{
733	$vtp->addSession( $handle, 'author_known' );
734	if (isset($user['pseudo']))
735	$vtp->setVar( $handle, 'author_known.value', $user['pseudo'] );
736	$vtp->closeSession( $handle, 'author_known' );
737	}
738	else
739	{
740	$vtp->addSession( $handle, 'author_field' );
741	$vtp->closeSession( $handle, 'author_field' );
742	}
743	$vtp->closeSession( $handle, 'add_comment' );
744	}
745	$vtp->closeSession( $handle, 'comments' );
746	}
747	//------------------------------------------------------------ log informations
748	pwg_log( 'picture', $intitule_cat, $page['file'] );
749	mysql_close();
750	//----------------------------------------------------------- html code display
751	$code = $vtp->Display( $handle, 0 );
752	echo $code;
753
754	include('include/page_tail.php');
755	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: