Context Navigation

source: trunk/picture.php @ 405

Last change on this file since 405 was 405, checked in by z0rglub, 20 years ago
redirections modification : use of a HTML refresh page instead of header PHP function. The purpose is to avoid redirections failure when extra characters are found in included PHP files.
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 19.8 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| picture.php \|
4	// +-----------------------------------------------------------------------+
5	// \| application : PhpWebGallery <http://phpwebgallery.net> \|
6	// \| branch : BSF (Best So Far) \|
7	// +-----------------------------------------------------------------------+
8	// \| file : $RCSfile$
9	// \| last update : $Date: 2004-03-31 20:43:09 +0000 (Wed, 31 Mar 2004) $
10	// \| last modifier : $Author: z0rglub $
11	// \| revision : $Revision: 405 $
12	// +-----------------------------------------------------------------------+
13	// \| This program is free software; you can redistribute it and/or modify \|
14	// \| it under the terms of the GNU General Public License as published by \|
15	// \| the Free Software Foundation \|
16	// \| \|
17	// \| This program is distributed in the hope that it will be useful, but \|
18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
20	// \| General Public License for more details. \|
21	// \| \|
22	// \| You should have received a copy of the GNU General Public License \|
23	// \| along with this program; if not, write to the Free Software \|
24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
25	// \| USA. \|
26	// +-----------------------------------------------------------------------+
27	//----------------------------------------------------------- include
28	define('PHPWG_ROOT_PATH','./');
29	include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
30	//-------------------------------------------------- access authorization check
31	check_cat_id( $_GET['cat'] );
32	check_login_authorization();
33	if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) )
34	{
35	check_restrictions( $page['cat'] );
36	}
37	//---------------------------------------- incrementation of the number of hits
38	$query = 'UPDATE '.IMAGES_TABLE.' SET hit=hit+1';
39	$query.= ' WHERE id='.$_GET['image_id'];
40	$query.= ';';
41	@mysql_query( $query );
42	//-------------------------------------------------------------- initialization
43	initialize_category( 'picture' );
44
45	// if this image_id doesn't correspond to this category, an error message is
46	// displayed, and execution is stopped
47	if ( 0 )
48	{
49	echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
50	echo '<a href="'.add_session_id( PHPWG_ROOT_PATH.'category.php' ).'">';
51	echo $lang['thumbnails'].'</a></div>';
52	exit();
53	}
54
55	// retrieving the number of the picture in its category (in order)
56	$query = 'SELECT DISTINCT(id)';
57	$query.= ' FROM '.IMAGES_TABLE;
58	$query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic';
59	$query.= ' ON id = ic.image_id';
60	$query.= $page['where'];
61	$query.= $conf['order_by'];
62	$query.= ';';
63	$result = mysql_query( $query );
64	$page['num'] = 0;
65	$row = mysql_fetch_array( $result );
66	while ( $row['id'] != $_GET['image_id'] )
67	{
68	$page['num']++;
69	$row = mysql_fetch_array( $result );
70	}
71
72	//------------------------------------- prev, current & next picture management
73	$picture = array();
74	$picture['prev']['name'] = '';
75	$picture['next']['name'] = '';
76	$picture['prev']['thumbnail'] = '';
77	$picture['next']['thumbnail'] = '';
78	$picture['prev']['url'] = '';
79	$picture['next']['url'] = '';
80
81	$next = $page['num'] + 1;
82	$prev = $page['num'] - 1;
83
84	if ( $page['num'] == $page['cat_nb_images'] - 1 )
85	{
86	$next = 0;
87	}
88
89	$query = 'SELECT *';
90	$query.= ' FROM '.IMAGES_TABLE;
91	$query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic';
92	$query.= ' ON id=ic.image_id';
93	$query.= $page['where'];
94	$query.= $conf['order_by'];
95
96	if ( $prev < 0 )
97	{
98	$query.= ' LIMIT 0,2';
99	}
100	else
101	{
102	$query.= ' LIMIT '.$prev.',3';
103	}
104	$query.= ';';
105
106	$result = mysql_query( $query );
107	$nb_row = mysql_num_rows( $result );
108	$index = array('prev','current','next');
109
110	for ( $i = 0; $i < $nb_row; $i++ )
111	{
112	$j=($prev<0)?$index[$i+1]:$index[$i];
113	$row = mysql_fetch_array($result);
114	$picture[$j] = $row;
115
116	if ( !isset($array_cat_directories[$row['storage_category_id']]))
117	{
118	$array_cat_directories[$row['storage_category_id']] =
119	get_complete_dir( $row['storage_category_id'] );
120	}
121	$cat_directory = $array_cat_directories[$row['storage_category_id']];
122	$file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") );
123
124	$picture[$j]['src'] = $cat_directory.$row['file'];
125
126	$picture[$j]['thumbnail'] = $cat_directory.'thumbnail/';
127	$picture[$j]['thumbnail'].= $conf['prefix_thumbnail'].$file;
128	$picture[$j]['thumbnail'].= '.'.$row['tn_ext'];
129
130	if ( !empty( $row['name'] ) )
131	{
132	$picture[$j]['name'] = $row['name'];
133	}
134	else
135	{
136	$picture[$j]['name'] = str_replace( '_', ' ', $file );
137	}
138
139	$picture[$j]['url'] = PHPWG_ROOT_PATH.'picture.php?image_id='.$row['id'];
140	$picture[$j]['url'].= '&cat='.$page['cat'];
141	if ( $page['cat'] == 'search' )
142	{
143	$picture[$j]['url'].= '&search='.$_GET['search'];
144	$picture[$j]['url'].= '&mode='.$_GET['mode'];
145	}
146	}
147
148	$url_home = PHPWG_ROOT_PATH.'category.php?cat='.$page['cat'].'&';
149	$url_home.= 'num='.$page['num'];
150	if ( $page['cat'] == 'search' )
151	{
152	$url_home.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
153	}
154
155	$url_admin = PHPWG_ROOT_PATH.'admin.php?page=picture_modify';
156	$url_admin.= '&cat_id='.$page['cat'];
157	$url_admin.= '&image_id='.$_GET['image_id'];
158
159	//--------------------------------------------------------- favorite management
160	if ( isset( $_GET['add_fav'] ) )
161	{
162	$query = 'DELETE FROM '.FAVORITES_TABLE;
163	$query.= ' WHERE user_id = '.$user['id'];
164	$query.= ' AND image_id = '.$picture['current']['id'];
165	$query.= ';';
166	$result = mysql_query( $query );
167
168	if ( $_GET['add_fav'] == 1 )
169	{
170	$query = 'INSERT INTO '.FAVORITES_TABLE;
171	$query.= ' (image_id,user_id) VALUES';
172	$query.= ' ('.$picture['current']['id'].','.$user['id'].')';
173	$query.= ';';
174	$result = mysql_query( $query );
175	}
176	if ( !$_GET['add_fav'] and $page['cat'] == 'fav' )
177	{
178	if ( $prev < 0 and $nb_row == 1 )
179	{
180	// there is no favorite picture anymore we redirect the user to the
181	// category page
182	$url = add_session_id( $url_home );
183	redirect( $url );
184	}
185	else if ( $prev < 0 )
186	{
187	$url = str_replace( '&', '&', $picture['next']['url'] );
188	$url = add_session_id( $url, true);
189	}
190	else
191	{
192	$url = str_replace('&', '&', $picture['prev']['url'] );
193	$url = add_session_id( $url, true);
194	}
195	redirect( $url );
196	}
197	}
198
199	//------------------------------------------------------ comment registeration
200	if ( isset( $_POST['content'] ) && !empty($_POST['content']) )
201	{
202	$register_comment = true;
203	$author = !empty($_POST['author'])?$_POST['author']:$lang['guest'];
204	// if a guest try to use the name of an already existing user, he must be
205	// rejected
206	if ( $author != $user['username'] )
207	{
208	$query = 'SELECT COUNT(*) AS user_exists';
209	$query.= ' FROM '.USERS_TABLE;
210	$query.= " WHERE username = '".$author."'";
211	$query.= ';';
212	$row = mysql_fetch_array( mysql_query( $query ) );
213	if ( $row['user_exists'] == 1 )
214	{
215	$template->assign_block_vars(
216	'information',
217	array('INFORMATION'=>$lang['comment_user_exists']));
218	$register_comment = false;
219	}
220	}
221
222	if ( $register_comment )
223	{
224	// anti-flood system
225	$reference_date = time() - $conf['anti-flood_time'];
226	$query = 'SELECT id FROM '.COMMENTS_TABLE;
227	$query.= ' WHERE date > '.$reference_date;
228	$query.= " AND author = '".$author."'";
229	$query.= ';';
230	if ( mysql_num_rows( mysql_query( $query ) ) == 0
231	or $conf['anti-flood_time'] == 0 )
232	{
233	$query = 'INSERT INTO '.COMMENTS_TABLE;
234	$query.= ' (author,date,image_id,content,validated) VALUES (';
235	$query.= "'".$author."'";
236	$query.= ','.time().','.$_GET['image_id'];
237	$query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'";
238	if ( !$conf['comments_validation'] or $user['status'] == 'admin' )
239	{
240	$query.= ",'true'";
241	}
242	else
243	{
244	$query.= ",'false'";
245	}
246	$query.= ');';
247	mysql_query( $query );
248	// information message
249	$message = $lang['comment_added'];
250	if ( $conf['comments_validation'] and $user['status'] != 'admin' )
251	{
252	$message.= '<br />'.$lang['comment_to_validate'];
253	}
254	$template->assign_block_vars('information',
255	array('INFORMATION'=>$message));
256	// notification to the administrators
257	if ( $conf['mail_notification'] )
258	{
259	$cat_name = get_cat_display_name( $page['cat_name'], ' > ', '' );
260	$cat_name = strip_tags( $cat_name );
261	notify( 'comment', $cat_name.' > '.$picture['current']['name']);
262	}
263	}
264	else
265	{
266	// information message
267	$template->assign_block_vars(
268	'information',
269	array('INFORMATION'=>$lang['comment_anti-flood']));
270	}
271	}
272	}
273	// comment deletion
274	if ( isset( $_GET['del'] )
275	and is_numeric( $_GET['del'] )
276	and $user['status'] == 'admin' )
277	{
278	$query = 'DELETE FROM '.COMMENTS_TABLE;
279	$query.= ' WHERE id = '.$_GET['del'];
280	$query.= ';';
281	mysql_query( $query );
282	}
283
284	//
285	// Start output of page
286	//
287
288	$title = $picture['current']['name'];
289	$refresh = 0;
290	if ( isset( $_GET['slideshow'] ) and $next )
291	{
292	$refresh= $_GET['slideshow'];
293	$url_link = $picture['next']['url'].'&slideshow='.$refresh;
294	}
295
296	$title_img = $picture['current']['name'];
297	$title_nb = '';
298	if (is_numeric( $page['cat'] ))
299	{
300	$title_img = replace_space(get_cat_display_name( $page['cat_name'], " > "));
301	$n = $page['num'] + 1;
302	$title_nb = "Photo".' '.$n.'/';
303	$title_nb.= $page['cat_nb_images'];
304	//$title_img.= $picture['current']['name'];
305	}
306	else if ( $page['cat'] == 'search' )
307	{
308	$title_img = replace_search( $title_img, $_GET['search'] );
309	}
310
311	// calculation of width and height
312	if ( empty($picture['current']['width']))
313	{
314	$taille_image = @getimagesize( $lien_image );
315	$original_width = $taille_image[0];
316	$original_height = $taille_image[1];
317	}
318	else
319	{
320	$original_width = $picture['current']['width'];
321	$original_height = $picture['current']['height'];
322	}
323
324	$picture_size = get_picture_size( $original_width, $original_height,
325	$user['maxwidth'], $user['maxheight'] );
326
327	include(PHPWG_ROOT_PATH.'include/page_header.php');
328	$template->set_filenames(array('picture'=>'picture.tpl'));
329
330	$template->assign_vars(array(
331	'CATEGORY' => $title_img,
332	'PHOTO' => $title_nb,
333	'TITLE' => $picture['current']['name'],
334	'PREV_TITLE_IMG' => $picture['prev']['name'],
335	'NEXT_TITLE_IMG' => $picture['next']['name'],
336	'PREV_IMG' => $picture['prev']['thumbnail'],
337	'NEXT_IMG' => $picture['next']['thumbnail'],
338	'SRC_IMG' => $picture['current']['src'],
339	'ALT_IMG' => $picture['current']['file'],
340	'WIDTH_IMG' => $picture_size[0],
341	'HEIGHT_IMG' => $picture_size[1],
342	'COMMENT_IMG' => $picture['current']['comment'],
343
344	'L_SLIDESHOW' => $lang['slideshow'],
345	'L_TIME' => $lang['period_seconds'],
346	'L_STOP_SLIDESHOW' => $lang['slideshow_stop'],
347	'L_PREV_IMG' =>$lang['previous_image'].' : ',
348	'L_ADMIN' =>$lang['link_info_image'],
349	'L_BACK' =>$lang['back'],
350	'L_COMMENT_TITLE' =>$lang['comments_title'],
351	'L_ADD_COMMENT' =>$lang['comments_add'],
352	'L_DELETE_COMMENT' =>$lang['comments_del'],
353	'L_DELETE' =>$lang['delete'],
354	'L_SUBMIT' =>$lang['submit'],
355	'L_AUTHOR' =>$lang['author'],
356	'L_COMMENT' =>$lang['comment'],
357
358	'T_DEL_IMG' =>PHPWG_ROOT_PATH.'template/'.$user['template'].'/theme/delete.gif',
359
360	'U_PREV_IMG' => add_session_id($picture['prev']['url']),
361	'U_NEXT_IMG' => add_session_id($picture['next']['url']),
362	'U_HOME' => add_session_id($url_home),
363	'U_ADMIN' => add_session_id($url_admin),
364	'U_ADD_COMMENT' => add_session_id(str_replace( '&', '&', $_SERVER['REQUEST_URI'] ))
365	)
366	);
367
368	//-------------------------------------------------------- slideshow management
369	if ( isset( $_GET['slideshow'] ) )
370	{
371	if ( !is_numeric( $_GET['slideshow'] ) ) $_GET['slideshow'] = $conf['slideshow_period'][0];
372
373	$template->assign_block_vars('stop_slideshow', array(
374	'U_SLIDESHOW'=>add_session_id( $picture['current']['url'] )
375	));
376	}
377	else
378	{
379	$template->assign_block_vars('start_slideshow', array());
380	foreach ( $conf['slideshow_period'] as $option )
381	{
382	$template->assign_block_vars('start_slideshow.second', array(
383	'SLIDESHOW_SPEED'=>$option,
384	'U_SLIDESHOW'=>add_session_id( $picture['current']['url'].'&slideshow='.$option)
385	));
386	}
387	}
388
389	if ($prev>=0) $template->assign_block_vars('previous', array());
390	if ($next) $template->assign_block_vars('next', array());
391
392	//--------------------------------------------------------- picture information
393	// legend
394	if ( !empty($picture['current']['comment']) )
395	{
396	$template->assign_block_vars('legend', array());
397	}
398
399	// author
400	if ( !empty($picture['current']['author']) )
401	{
402	$template->assign_block_vars('info_line', array(
403	'INFO'=>$lang['author'],
404	'VALUE'=>$picture['current']['author']
405	));
406	}
407	// creation date
408	if ( !empty($picture['current']['date_creation']) )
409	{
410	$template->assign_block_vars('info_line', array(
411	'INFO'=>$lang['creation_date'],
412	'VALUE'=>format_date( $picture['current']['date_creation'] )
413	));
414	}
415	// date of availability
416	$template->assign_block_vars('info_line', array(
417	'INFO'=>$lang['registration_date'],
418	'VALUE'=>format_date( $picture['current']['date_available'] )
419	));
420	// size in pixels
421	if ( $original_width != $picture_size[0] or $original_height != $picture_size[1] )
422	{
423	$content = '[ <a href="'.$picture['current']['url'].'" title="'.$lang['true_size'].'">';
424	$content.= $original_width.'*'.$original_height.'</a> ]';
425	}
426	else
427	{
428	$content = $original_width.'*'.$original_height;
429	}
430	$template->assign_block_vars('info_line', array(
431	'INFO'=>$lang['size'],
432	'VALUE'=>$content
433	));
434	// file
435	$template->assign_block_vars('info_line', array(
436	'INFO'=>$lang['file'],
437	'VALUE'=>$picture['current']['file']
438	));
439	// filesize
440	if ( empty($picture['current']['filesize']))
441	{
442	$poids = floor ( filesize( $picture['current']['url'] ) / 1024 );
443	}
444	else
445	{
446	$poids = $picture['current']['filesize'];
447	}
448
449	$template->assign_block_vars('info_line', array(
450	'INFO'=>$lang['filesize'],
451	'VALUE'=>$poids.' KB'
452	));
453	// keywords
454	if ( !empty($picture['current']['keywords']))
455	{
456	$keywords = explode( ',', $picture['current']['keywords'] );
457	$content = '';
458	$url = PHPWG_ROOT_PATH.'category.php?cat=search';
459	$url.= '&mode=OR&search=';
460	foreach ( $keywords as $i => $keyword ) {
461	$local_url = add_session_id( $url.$keyword );
462	if ( $i > 0 ) $content.= ',';
463	$content.= '<a href="'.$local_url.'">'.$keyword.'</a>';
464	}
465	$template->assign_block_vars('info_line', array(
466	'INFO'=>$lang['keywords'],
467	'VALUE'=>$content
468	));
469	}
470	// number of visits
471	$template->assign_block_vars('info_line', array(
472	'INFO'=>$lang['visited'],
473	'VALUE'=>$picture['current']['hit'].' '.$lang['times']
474	));
475
476	//------------------------------------------------------- favorite manipulation
477	if ( !$user['is_the_guest'] )
478	{
479	// verify if the picture is already in the favorite of the user
480	$query = 'SELECT COUNT(*) AS nb_fav';
481	$query.= ' FROM '.FAVORITES_TABLE.' WHERE image_id = '.$_GET['image_id'];
482	$query.= ' AND user_id = '.$user['id'].';';
483	$result = mysql_query( $query );
484	$row = mysql_fetch_array( $result );
485	if (!$row['nb_fav'])
486	{
487	$url = PHPWG_ROOT_PATH.'picture.php?cat='.$page['cat'].'&image_id='.$_GET['image_id'];
488	$url.='&add_fav=1';
489	if ( $page['cat'] == 'search' )
490	{
491	$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
492	}
493	$template->assign_block_vars('favorite', array(
494	'FAVORITE_IMG' => PHPWG_ROOT_PATH.'template/'.$user['template'].'/theme/favorite.gif',
495	'FAVORITE_HINT' =>$lang['add_favorites_hint'],
496	'FAVORITE_ALT' =>'[ '.$lang['add_favorites_alt'].' ]',
497	'U_FAVORITE'=> add_session_id( $url )
498	));
499	}
500	else
501	{
502	$url = PHPWG_ROOT_PATH.'picture.php?cat='.$page['cat'].'&image_id='.$_GET['image_id'];
503	$url.= '&add_fav=0';
504	$template->assign_block_vars('favorite', array(
505	'FAVORITE_IMG' => PHPWG_ROOT_PATH.'template/'.$user['template'].'/theme/del_favorite.gif',
506	'FAVORITE_HINT' =>$lang['del_favorites_hint'],
507	'FAVORITE_ALT' =>'[ '.$lang['del_favorites_alt'].' ]',
508	'U_FAVORITE'=> add_session_id( $url )
509	));
510	}
511	}
512	//------------------------------------ admin link for information modifications
513	if ( $user['status'] == 'admin' )
514	{
515	$template->assign_block_vars('modification', array());
516	}
517
518	//---------------------------------------------------- users's comments display
519	if ( $conf['show_comments'] )
520	{
521	// number of comment for this picture
522	$query = 'SELECT COUNT(*) AS nb_comments';
523	$query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$_GET['image_id'];
524	$query.= " AND validated = 'true'";
525	$query.= ';';
526	$row = mysql_fetch_array( mysql_query( $query ) );
527
528	// navigation bar creation
529	$url = PHPWG_ROOT_PATH.'picture.php?cat='.$page['cat'].'&image_id='.$_GET['image_id'];
530	if ( $page['cat'] == 'search' )
531	{
532	$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
533	}
534	if( !isset( $_GET['start'] )
535	or !is_numeric( $_GET['start'] )
536	or ( is_numeric( $_GET['start'] ) and $_GET['start'] < 0 ) )
537	{
538	$page['start'] = 0;
539	}
540	else
541	{
542	$page['start'] = $_GET['start'];
543	}
544	$page['navigation_bar'] = create_navigation_bar( $url, $row['nb_comments'],
545	$page['start'],
546	$conf['nb_comment_page'],
547	'' );
548	$template->assign_block_vars('comments', array(
549	'NB_COMMENT'=>$row['nb_comments'],
550	'NAV_BAR'=>$page['navigation_bar']));
551
552	$query = 'SELECT id,author,date,image_id,content';
553	$query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$_GET['image_id'];
554	$query.= " AND validated = 'true'";
555	$query.= ' ORDER BY date ASC';
556	$query.= ' LIMIT '.$page['start'].', '.$conf['nb_comment_page'].';';
557	$result = mysql_query( $query );
558
559	while ( $row = mysql_fetch_array( $result ) )
560	{
561	$content = nl2br( $row['content'] );
562
563	// replace _word_ by an underlined word
564	$pattern = '/_([^\s]*)_/';
565	$replacement = '<span style="text-decoration:underline;">\1</span>';
566	$content = preg_replace( $pattern, $replacement, $content );
567
568	// replace word by a bolded word
569	$pattern = '/\([^\s])\*/';
570	$replacement = '<span style="font-weight:bold;">\1</span>';
571	$content = preg_replace( $pattern, $replacement, $content );
572
573	// replace /word/ by an italic word
574	$pattern = '/\/([^\s]*)\//';
575	$replacement = '<span style="font-style:italic;">\1</span>';
576	$content = preg_replace( $pattern, $replacement, $content );
577
578	$template->assign_block_vars('comments.comment', array(
579	'COMMENT_AUTHOR'=>empty($row['author'])?$lang['guest']:$row['author'],
580	'COMMENT_DATE'=>format_date( $row['date'], 'unix', true ),
581	'COMMENT'=>$content
582	));
583
584	if ( $user['status'] == 'admin' )
585	{
586	$template->assign_block_vars('comments.comment.delete', array('U_COMMENT_DELETE'=>add_session_id( $url.'&del='.$row['id'] )));
587	}
588	}
589
590	if ( !$user['is_the_guest']\|\|( $user['is_the_guest'] and $conf['comments_forall'] ) )
591	{
592	$template->assign_block_vars('comments.add_comment', array());
593	// display author field if the user is not logged in
594	if ( !$user['is_the_guest'] )
595	{
596	$template->assign_block_vars('comments.add_comment.author_known', array('KNOWN_AUTHOR'=>$user['username']));
597	}
598	else
599	{
600	$template->assign_block_vars('comments.add_comment.author_field', array());
601	}
602	}
603	}
604	//------------------------------------------------------------ log informations
605	pwg_log( 'picture', $title_img, $picture['current']['file'] );
606	mysql_close();
607
608	$template->pparse('picture');
609	include(PHPWG_ROOT_PATH.'include/page_tail.php');
610	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: