Context Navigation

source: trunk/picture.php @ 85

Last change on this file since 85 was 85, checked in by z0rglub, 21 years ago
Mail notification for admins
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 26.5 KB

Line
1	<?php
2	/***************************************************************************
3	* picture.php *
4	* ------------------- *
5	* application : PhpWebGallery 1.3 <http://phpwebgallery.net> *
6	* author : Pierrick LE GALL <pierrick@z0rglub.com> *
7	* *
8	* $Id: picture.php 85 2003-09-10 22:24:03Z z0rglub $
9	* *
10	***************************************************************************/
11
12	/***************************************************************************
13	* *
14	* This program is free software; you can redistribute it and/or modify *
15	* it under the terms of the GNU General Public License as published by *
16	* the Free Software Foundation; *
17	* *
18	***************************************************************************/
19
20	// this page shows the image full size
21	//----------------------------------------------------------- personnal include
22	include_once( './include/init.inc.php' );
23	//-------------------------------------------------- access authorization check
24	check_cat_id( $_GET['cat'] );
25	check_login_authorization();
26	$page['plain_structure'] = get_plain_structure();
27	if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) )
28	{
29	check_restrictions( $page['cat'] );
30	}
31	//---------------------------------------- incrementation of the number of hits
32	$query = 'UPDATE '.PREFIX_TABLE.'images';
33	$query.= ' SET hit=hit+1';
34	$query.= ' WHERE id='.$_GET['image_id'];
35	$query.= ';';
36	@mysql_query( $query );
37	//-------------------------------------------------------------- initialization
38	initialize_category( 'picture' );
39	//------------------------------------- main picture information initialization
40	$query = 'SELECT id,date_available,comment,hit,keywords';
41	$query.= ',author,name,file,date_creation,filesize,width,height';
42	$query.= ',storage_category_id';
43	if ( is_numeric( $page['cat'] ) )
44	{
45	$query.= ',category_id';
46	}
47	$query.= ' FROM '.PREFIX_TABLE.'images';
48	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id = ic.image_id';
49	$query.= $page['where'];
50	$query.= ' AND id = '.$_GET['image_id'];
51	$query.= $conf['order_by'];
52	$query.= ';';
53	$result = mysql_query( $query );
54	// if this image_id doesn't correspond to this category, an error message is
55	// displayed, and execution is stopped
56	if ( mysql_num_rows( $result ) == 0 )
57	{
58	echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
59	echo '<a href="'.add_session_id( './category.php' ).'">';
60	echo $lang['thumbnails'].'</a></div>';
61	exit();
62	}
63	$row = mysql_fetch_array( $result );
64	$page['id'] = $row['id'];
65	$page['file'] = $row['file'];
66	$page['name'] = $row['name'];
67	$page['date_available'] = $row['date_available'];
68	$page['comment'] = $row['comment'];
69	$page['hit'] = $row['hit'];
70	$page['author'] = $row['author'];
71	$page['date_creation'] = $row['date_creation'];
72	$page['filesize'] = $row['filesize'];
73	$page['width'] = $row['width'];
74	$page['height'] = $row['height'];
75	$page['category_id'] = $row['category_id'];
76	$page['keywords'] = $row['keywords'];
77	$page['storage_category_id'] = $row['storage_category_id'];
78	// retrieving the number of the picture in its category (in order)
79	$query = 'SELECT DISTINCT(id)';
80	$query.= ' FROM '.PREFIX_TABLE.'images';
81	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id = ic.image_id';
82	$query.= $page['where'];
83	$query.= $conf['order_by'];
84	$query.= ';';
85	$result = mysql_query( $query );
86	$page['num'] = 0;
87	$row = mysql_fetch_array( $result );
88	while ( $row['id'] != $page['id'] )
89	{
90	$page['num']++;
91	$row = mysql_fetch_array( $result );
92	}
93	//--------------------------------------------------------- favorite management
94	if ( isset( $_GET['add_fav'] ) )
95	{
96	if ( $_GET['add_fav'] == 1 )
97	{
98	// verify if the picture is already in the favorite of the user
99	$query = 'SELECT COUNT(*) AS nb_fav';
100	$query.= ' FROM '.PREFIX_TABLE.'favorites';
101	$query.= ' WHERE image_id = '.$page['id'];
102	$query.= ' AND user_id = '.$user['id'];
103	$query.= ';';
104	$result = mysql_query( $query );
105	$row = mysql_fetch_array( $result );
106	if ( $row['nb_fav'] == 0 )
107	{
108	$query = 'INSERT INTO '.PREFIX_TABLE.'favorites';
109	$query.= ' (image_id,user_id) VALUES';
110	$query.= ' ('.$page['id'].','.$user['id'].')';
111	$query.= ';';
112	$result = mysql_query( $query );
113	}
114	}
115	if ( $_GET['add_fav'] == 0 )
116	{
117	$query = 'DELETE FROM '.PREFIX_TABLE.'favorites';
118	$query.= ' WHERE user_id = '.$user['id'];
119	$query.= ' AND image_id = '.$page['id'];
120	$query.= ';';
121	$result = mysql_query( $query );
122
123	$page['cat_nb_images'] = $page['cat_nb_images'] - 1;
124	if ( $page['cat_nb_images'] <= 0 )
125	{
126	// there is no favorite picture anymore
127	// we redirect the user to the category page
128	$url = add_session_id( 'category.php' );
129	header( 'Request-URI: '.$url );
130	header( 'Content-Location: '.$url );
131	header( 'Location: '.$url );
132	exit();
133	}
134	// redirection of the user to the picture.php page
135	// with the right picture
136	$page['num'] = $page['num'] - 1;
137	if ( $page['num'] == -1 )
138	{
139	$page['num'] = 0;
140	}
141	$query = 'SELECT id';
142	$query.= ' FROM '.PREFIX_TABLE.'images';
143	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic';
144	$query.= ' ON id = ic.image_id';
145	$query.= $page['where'];
146	$query.= $conf['order_by'];
147	$query.= ' LIMIT '.$page['num'].',1';
148	$query.= ';';
149	$result = mysql_query( $query );
150	$row = mysql_fetch_array( $result );
151	$redirect = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
152	$redirect.= '&expand='.$_GET['expand'];
153	if ( $page['cat'] == 'search' )
154	{
155	$redirect.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
156	}
157	$url = add_session_id( $redirect, true );
158	header( 'Request-URI: '.$url );
159	header( 'Content-Location: '.$url );
160	header( 'Location: '.$url );
161	exit();
162	}
163	}
164	//----------------------------------------------------- template initialization
165	$vtp = new VTemplate;
166	$handle = $vtp->Open( './template/'.$user['template'].'/picture.vtp' );
167	initialize_template();
168
169	$tpl = array( 'back','submit','comments_title','comments_del','delete',
170	'comments_add','author','slideshow','slideshow_stop',
171	'period_seconds' );
172	templatize_array( $tpl, 'lang', $handle );
173	$vtp->setGlobalVar( $handle, 'user_template', $user['template'] );
174	$vtp->setGlobalVar( $handle, 'text_color', $user['couleur_text'] );
175	//-------------------------------------------------------- slideshow management
176	if ( isset( $_GET['slideshow'] ) )
177	{
178	if ( !is_numeric( $_GET['slideshow'] ) )
179	$_GET['slideshow'] = $conf['slideshow_period'][0];
180	$vtp->addSession( $handle, 'stop_slideshow' );
181	$url = './picture.php';
182	$url.= '?image_id='.$page['id'];
183	$url.= '&cat='.$page['cat'];
184	$url.= '&expand='.$_GET['expand'];
185	if ( $page['cat'] == 'search' )
186	{
187	$url.= '&search='.$_GET['search'];
188	$url.= '&mode='.$_GET['mode'];
189	}
190	$vtp->setVar( $handle, 'stop_slideshow.url', add_session_id( $url ) );
191	$vtp->closeSession( $handle, 'stop_slideshow' );
192	}
193	else
194	{
195	$vtp->addSession( $handle, 'start_slideshow' );
196	foreach ( $conf['slideshow_period'] as $option ) {
197	$vtp->addSession( $handle, 'second' );
198	$vtp->setVar( $handle, 'second.option', $option );
199	$url = './picture.php';
200	$url.= '?image_id='.$page['id'];
201	$url.= '&cat='.$page['cat'];
202	$url.= '&expand='.$_GET['expand'];
203	if ( $page['cat'] == 'search' )
204	{
205	$url.= '&search='.$_GET['search'];
206	$url.= '&mode='.$_GET['mode'];
207	}
208	$url.= '&slideshow='.$option;
209	$vtp->setVar( $handle, 'second.url', add_session_id( $url ) );
210	$vtp->closeSession( $handle, 'second' );
211	}
212	$vtp->closeSession( $handle, 'start_slideshow' );
213	}
214	//------------------------------------------------------------------ page title
215	if ( $page['name'] != '' )
216	{
217	$vtp->setGlobalVar( $handle, 'page_title', $page['name'] );
218	}
219	else
220	{
221	$vtp->setGlobalVar( $handle, 'page_title', $page['file'] );
222	}
223	//-------------------------------------------------- previous picture thumbnail
224	if ( $page['num'] >= 1 )
225	{
226	$prev = $page['num'] - 1;
227	$query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id';
228	$query.= ' FROM '.PREFIX_TABLE.'images';
229	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id=ic.image_id';
230	$query.= $page['where'];
231	$query.= $conf['order_by'];
232	$query.= ' LIMIT '.$prev.',1';
233	$query.= ';';
234	$result = mysql_query( $query );
235	$row = mysql_fetch_array( $result );
236
237	if ( $array_cat_directories[$row['storage_category_id']] == '' )
238	{
239	$array_cat_directories[$row['storage_category_id']] =
240	get_complete_dir( $row['storage_category_id'] );
241	}
242	$cat_directory = $array_cat_directories[$row['storage_category_id']];
243
244	$file = substr( $row['file'], 0, strrpos ( $row['file'], '.' ) );
245	$lien_thumbnail = $cat_directory.'/thumbnail/';
246	$lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext'];
247
248	$prev_title = $lang['previous_image'].' : ';
249	$alt_thumbnaill = '';
250	if ( $row['name'] != '' ) $alt_thumbnail = $row['name'];
251	else $alt_thumbnail = $file;
252	$prev_title.= $alt_thumbnail;
253
254	$url_link = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
255	$url_link.= '&expand='.$_GET['expand'];
256	if ( $page['cat'] == 'search' )
257	{
258	$url_link.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
259	}
260	// sending vars for display
261	$vtp->addSession( $handle, 'previous' );
262	$vtp->setGlobalVar( $handle, 'previous.url', add_session_id( $url_link ) );
263	$vtp->setGlobalVar( $handle, 'previous.title', $prev_title );
264	$vtp->setGlobalVar( $handle, 'previous.src', $lien_thumbnail );
265	$vtp->setGlobalVar( $handle, 'previous.alt', $alt_thumbnail );
266	$vtp->closeSession( $handle, 'previous' );
267	}
268	else
269	{
270	$vtp->addSession( $handle, 'previous_empty' );
271	$vtp->closeSession( $handle, 'previous_empty' );
272	}
273	//-------------------------------------------------------- main picture display
274	if ( is_numeric( $page['cat'] ) )
275	{
276	$intitule_cat = get_cat_display_name( $page['cat_name'], " - ",
277	"font-style:italic;" );
278	}
279	else
280	{
281	$intitule_cat = $page['title'];
282	}
283
284	if ( $array_cat_directories[$page['storage_category_id']] == '' )
285	{
286	$array_cat_directories[$page['storage_category_id']] =
287	get_complete_dir( $page['storage_category_id'] );
288	}
289	$cat_directory = $array_cat_directories[$page['storage_category_id']];
290
291	$n = $page['num'] + 1;
292	$intitule_titre = replace_space( $intitule_cat." - " ).$n.'/'.
293	$intitule_titre.= $page['cat_nb_images']."<br />";
294	if ( $page['name'] != "" )
295	{
296	$intitule_file = $page['name'];
297	}
298	else
299	{
300	$intitule_file = str_replace( "_", " ",
301	substr( $page['file'], 0,
302	strrpos ( $page['file'], ".") ) );
303	}
304	if ( $page['cat'] == 'search' )
305	{
306	$intitule_file = replace_search( $intitule_file, $_GET['search'] );
307	}
308	$vtp->setGlobalVar( $handle, 'title', $intitule_titre.$intitule_file );
309
310	$lien_image = $cat_directory.$page['file'];
311
312	// calculation of width and height
313	if ( $page['width'] == "" )
314	{
315	$taille_image = @getimagesize( $lien_image );
316	$original_width = $taille_image[0];
317	$original_height = $taille_image[1];
318	}
319	else
320	{
321	$original_width = $page['width'];
322	$original_height = $page['height'];
323	}
324
325	$picture_size = get_picture_size( $original_width, $original_height,
326	$user['maxwidth'], $user['maxheight'] );
327	$final_width = $picture_size[0];
328	$final_height = $picture_size[1];
329
330	$url_link = './category.php?cat='.$page['cat'].'&';
331	$url_link.= 'num='.$page['num'].'&expand='.$_GET['expand'];
332	if ( $page['cat'] == 'search' )
333	{
334	$url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
335	}
336	$vtp->setGlobalVar( $handle, 'picture_link', add_session_id( $url_link ) );
337	$vtp->setGlobalVar( $handle, 'picture_width', $final_width );
338	$vtp->setGlobalVar( $handle, 'picture_height', $final_height );
339	$vtp->setGlobalVar( $handle, 'picture_border_color', $user['couleur_text'] );
340	$vtp->setGlobalVar( $handle, 'picture_src', $lien_image );
341	$vtp->setGlobalVar( $handle, 'picture_alt', $page['file'] );
342
343	if ( $page['comment'] != '' )
344	{
345	if ( $page['cat'] == 'search' )
346	{
347	$picture_comment = replace_search( $page['comment'], $_GET['search'] );
348	$vtp->setGlobalVar( $handle, 'picture_comment', $picture_comment );
349	}
350	else
351	{
352	$vtp->setGlobalVar( $handle, 'picture_comment', $page['comment'] );
353	}
354	}
355	//--------------------------------------------------------- picture information
356	// author
357	if ( $page['author'] != "" )
358	{
359	$vtp->addSession( $handle, 'info_line' );
360	$vtp->setVar( $handle, 'info_line.name', $lang['author'].' : ' );
361	$vtp->setVar( $handle, 'info_line.content', $page['author'] );
362	$vtp->closeSession( $handle, 'info_line' );
363	}
364	// creation date
365	if ( $page['date_creation'] != "" )
366	{
367	$vtp->addSession( $handle, 'info_line' );
368	$vtp->setVar( $handle, 'info_line.name', $lang['creation_date'].' : ' );
369	$vtp->setVar( $handle, 'info_line.content',
370	format_date( $page['date_creation'] ) );
371	$vtp->closeSession( $handle, 'info_line' );
372	}
373	// date of availability
374	$vtp->addSession( $handle, 'info_line' );
375	$vtp->setVar( $handle, 'info_line.name', $lang['registration_date'].' : ' );
376	list( $year,$month,$day ) = explode( '-', $page['date_available'] );
377	$vtp->setVar( $handle, 'info_line.content',
378	format_date( $page['date_available'] ) );
379	$vtp->closeSession( $handle, 'info_line' );
380	// size in pixels
381	$vtp->addSession( $handle, 'info_line' );
382	$vtp->setVar( $handle, 'info_line.name', $lang['size'].' : ' );
383	if ( $original_width != $final_width or $original_height != $final_height )
384	{
385	$content = '[ <a href="'.$lien_image.'" title="'.$lang['true_size'].'">';
386	$content.= $original_width.'*'.$original_height.'</a> ]';
387	$vtp->setVar( $handle, 'info_line.content', $content );
388	}
389	else
390	{
391	$content = $original_width.'*'.$original_height;
392	$vtp->setVar( $handle, 'info_line.content', $content );
393	}
394	$vtp->closeSession( $handle, 'info_line' );
395	// file
396	$vtp->addSession( $handle, 'info_line' );
397	$vtp->setVar( $handle, 'info_line.name', $lang['file'].' : ' );
398	if ( $page['cat'] == 'search' )
399	{
400	$content = replace_search( $page['file'], $_GET['search'] );
401	$vtp->setVar( $handle, 'info_line.content', $content );
402	}
403	else
404	{
405	$vtp->setVar( $handle, 'info_line.content', $page['file'] );
406	}
407	$vtp->closeSession( $handle, 'info_line' );
408	// filesize
409	if ( $page['filesize'] == "" )
410	{
411	$poids = floor ( filesize( $lien_image ) / 1024 );
412	}
413	else
414	{
415	$poids = $page['filesize'];
416	}
417	$vtp->addSession( $handle, 'info_line' );
418	$vtp->setVar( $handle, 'info_line.name', $lang['filesize'].' : ' );
419	$vtp->setVar( $handle, 'info_line.content', $poids.' KB' );
420	$vtp->closeSession( $handle, 'info_line' );
421	// keywords
422	if ( $page['keywords'] != '' )
423	{
424	$vtp->addSession( $handle, 'info_line' );
425	$vtp->setVar( $handle, 'info_line.name', $lang['keywords'].' : ' );
426	$keywords = explode( ',', $page['keywords'] );
427	$content = '';
428	$url = './category.php?cat=search&expand='.$_GET['expand'];
429	$url.= '&mode=OR&search=';
430	foreach ( $keywords as $i => $keyword ) {
431	$local_url = add_session_id( $url.$keyword );
432	if ( $i > 0 ) $content.= ',';
433	$content.= '<a href="'.$local_url.'">'.$keyword.'</a>';
434	}
435	$vtp->setVar( $handle, 'info_line.content', $content );
436	$vtp->closeSession( $handle, 'info_line' );
437	}
438	// number of visits
439	$vtp->addSession( $handle, 'info_line' );
440	$vtp->setVar( $handle, 'info_line.name', $lang['visited'].' : ' );
441	$vtp->setVar( $handle, 'info_line.content', $page['hit'].' '.$lang['times'] );
442	$vtp->closeSession( $handle, 'info_line' );
443	//------------------------------------------------------- favorite manipulation
444	if ( $page['cat'] != 'fav' and !$user['is_the_guest'] )
445	{
446	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
447	$url.= '&expand='.$_GET['expand'].'&add_fav=1';
448	if ( $page['cat'] == 'search' )
449	{
450	$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
451	}
452	$vtp->addSession( $handle, 'favorite' );
453	$vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) );
454	$vtp->setVar( $handle, 'favorite.title', $lang['add_favorites_hint'] );
455	$vtp->setVar( $handle, 'favorite.src',
456	'./template/'.$user['template'].'/theme/favorite.gif' );
457	$vtp->setVar( $handle, 'favorite.alt','[ '.$lang['add_favorites_alt'].' ]' );
458	$vtp->closeSession( $handle, 'favorite' );
459	}
460	if ( $page['cat'] == 'fav' )
461	{
462	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
463	$url.= '&expand='.$_GET['expand'].'&add_fav=0';
464	$vtp->addSession( $handle, 'favorite' );
465	$vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) );
466	$vtp->setVar( $handle, 'favorite.title', $lang['del_favorites_hint'] );
467	$vtp->setVar( $handle, 'favorite.src',
468	'./template/'.$user['template'].'/theme/del_favorite.gif' );
469	$vtp->setVar( $handle, 'favorite.alt','[ '.$lang['del_favorites_alt'].' ]' );
470	$vtp->closeSession( $handle, 'favorite' );
471	}
472	//------------------------------------ admin link for information modifications
473	if ( $user['status'] == 'admin' )
474	{
475	$vtp->addSession( $handle, 'modification' );
476	$url = './admin/admin.php?page=picture_modify&cat_id='.$page['cat'];
477	$url.= '&image_id='.$page['id'];
478	$vtp->setVar( $handle, 'modification.link', add_session_id( $url ) );
479	$vtp->setVar( $handle, 'modification.name', $lang['link_info_image'] );
480	}
481	//---------------------------------------------- next picture thumbnail display
482	if ( $page['num'] < $page['cat_nb_images']-1 )
483	{
484	$next = $page['num'] + 1;
485	$query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id';
486	$query.= ' FROM '.PREFIX_TABLE.'images';
487	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id=ic.image_id';
488	$query.= $page['where'];
489	$query.= $conf['order_by'];
490	$query.= ' LIMIT '.$next.',1';
491	$query.= ';';
492	$result = mysql_query( $query );
493	$row = mysql_fetch_array( $result );
494
495	if ( $array_cat_directories[$row['storage_category_id']] == '' )
496	{
497	$array_cat_directories[$row['storage_category_id']] =
498	get_complete_dir( $row['storage_category_id'] );
499	}
500	$cat_directory = $array_cat_directories[$row['storage_category_id']];
501
502	$file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") );
503	$lien_thumbnail = $cat_directory.'thumbnail/';
504	$lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext'];
505
506	if ( $row['name'] != "" )
507	{
508	$alt_thumbnail = $row['name'];
509	}
510	else
511	{
512	$alt_thumbnail = $file;
513	}
514	$next_title = $lang['next_image']." : ".$alt_thumbnail;
515
516	$url_link = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
517	$url_link.= '&expand='.$_GET['expand'];
518	if ( $page['cat'] == 'search' )
519	{
520	$url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
521	}
522	// sending vars for display
523	$vtp->addSession( $handle, 'next' );
524	$vtp->setGlobalVar( $handle, 'next.url', add_session_id( $url_link ) );
525	$vtp->setGlobalVar( $handle, 'next.title', $next_title );
526	$vtp->setGlobalVar( $handle, 'next.src', $lien_thumbnail );
527	$vtp->setGlobalVar( $handle, 'next.alt', $alt_thumbnail );
528	$vtp->closeSession( $handle, 'next' );
529	// slideshow
530	if ( isset( $_GET['slideshow'] ) )
531	{
532	$vtp->addSession( $handle, 'refresh' );
533	$vtp->setVar( $handle, 'refresh.time', 2 );
534	$url = $url_link.'&slideshow='.$_GET['slideshow'];
535	$vtp->setVar( $handle, 'refresh.url', add_session_id( $url ) );
536	$vtp->closeSession( $handle, 'refresh' );
537	}
538	}
539	else
540	{
541	$vtp->addSession( $handle, 'previous_empty' );
542	$vtp->closeSession( $handle, 'previous_empty' );
543	}
544	//---------------------------------------------------- users's comments display
545	if ( $conf['show_comments'] )
546	{
547	$vtp->addSession( $handle, 'comments' );
548	// comment registeration
549	if ( isset( $_POST['content'] ) and $_POST['content'] != '' )
550	{
551	$register_comment = true;
552
553	if ( !$user['is_the_guest'] ) $author = $user['username'];
554	if ( $_POST['author'] != '' ) $author = $_POST['author'];
555	// if a guest try to use the name of an already existing user, he must
556	// be rejected
557	if ( isset( $author ) and $author != $user['username'] )
558	{
559	$query = 'SELECT COUNT(*) AS user_exists';
560	$query.= ' FROM '.PREFIX_TABLE.'users';
561	$query.= " WHERE username = '".$author."'";
562	$query.= ';';
563	$row = mysql_fetch_array( mysql_query( $query ) );
564	if ( $row['user_exists'] == 1 )
565	{
566	$vtp->addSession( $handle, 'information' );
567	$message = $lang['comment_user_exists'];
568	$vtp->setVar( $handle, 'information.content', $message );
569	$vtp->closeSession( $handle, 'information' );
570	$register_comment = false;
571	}
572	}
573
574	if ( $register_comment )
575	{
576	// anti-flood system
577	$reference_date = time() - $conf['anti-flood_time'];
578	$query = 'SELECT id';
579	$query.= ' FROM '.PREFIX_TABLE.'comments';
580	$query.= ' WHERE date > '.$reference_date;
581	$query.= " AND author = '".$author."'";
582	$query.= ';';
583	if ( mysql_num_rows( mysql_query( $query ) ) == 0
584	or $conf['anti-flood_time'] == 0 )
585	{
586	$query = 'INSERT INTO '.PREFIX_TABLE.'comments';
587	$query.= ' (author,date,image_id,content,validated) VALUES';
588	$query.= ' (';
589	if ( !isset( $author ) ) $query.= 'NULL';
590	else $query.= "'".$author."'";
591	$query.= ','.time().','.$page['id'];
592	$query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'";
593	if ( !$conf['comments_validation'] or $user['status'] == 'admin' )
594	$query.= ",'true'";
595	else
596	$query.= ",'false'";
597	$query.= ');';
598	mysql_query( $query );
599	// information message
600	$vtp->addSession( $handle, 'information' );
601	$message = $lang['comment_added'];
602	if ( $conf['comments_validation'] and $user['status'] != 'admin' )
603	{
604	$message.= '<br />'.$lang['comment_to_validate'];
605	}
606	$vtp->setVar( $handle, 'information.content', $message );
607	$vtp->closeSession( $handle, 'information' );
608	// notification to the administrators
609	if ( $conf['mail_notification'] )
610	{
611	$cat_name = get_cat_display_name( $page['cat_name'], ' > ', '' );
612	$cat_name = strip_tags( $cat_name );
613	if ( $page['name'] == '' ) $picture = $page['file'];
614	else $picture = $page['name'];
615	notify( 'comment', $cat_name.' > '.$picture );
616	}
617	}
618	else
619	{
620	// information message
621	$vtp->addSession( $handle, 'information' );
622	$message = $lang['comment_anti-flood'];
623	$vtp->setVar( $handle, 'information.content', $message );
624	$vtp->closeSession( $handle, 'information' );
625	}
626	}
627	}
628	// comment deletion
629	if ( isset( $_GET['del'] )
630	and is_numeric( $_GET['del'] )
631	and $user['status'] == 'admin' )
632	{
633	$query = 'DELETE FROM '.PREFIX_TABLE.'comments';
634	$query.= ' WHERE id = '.$_GET['del'].';';
635	mysql_query( $query );
636	}
637	// number of comment for this picture
638	$query = 'SELECT COUNT(*) AS nb_comments';
639	$query.= ' FROM '.PREFIX_TABLE.'comments';
640	$query.= ' WHERE image_id = '.$page['id'];
641	$query.= " AND validated = 'true'";
642	$query.= ';';
643	$row = mysql_fetch_array( mysql_query( $query ) );
644	$page['nb_comments'] = $row['nb_comments'];
645	// navigation bar creation
646	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
647	$url.= '&expand='.$_GET['expand'];
648	if ( $page['cat'] == 'search' )
649	{
650	$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
651	}
652	if( !isset( $_GET['start'] )
653	or !is_numeric( $_GET['start'] )
654	or ( is_numeric( $_GET['start'] ) and $_GET['start'] < 0 ) )
655	{
656	$page['start'] = 0;
657	}
658	else
659	{
660	$page['start'] = $_GET['start'];
661	}
662	$page['navigation_bar'] = create_navigation_bar( $url, $page['nb_comments'],
663	$page['start'],
664	$conf['nb_comment_page'],
665	'' );
666	// sending vars for display
667	$vtp->setGlobalVar( $handle, 'navigation_bar', $page['navigation_bar'] );
668	$vtp->setGlobalVar( $handle, 'nb_comments', $page['nb_comments'] );
669
670	$query = 'SELECT id,author,date,image_id,content';
671	$query.= ' FROM '.PREFIX_TABLE.'comments';
672	$query.= ' WHERE image_id = '.$page['id'];
673	$query.= " AND validated = 'true'";
674	$query.= ' ORDER BY date ASC';
675	$query.= ' LIMIT '.$page['start'].', '.$conf['nb_comment_page'].';';
676	$result = mysql_query( $query );
677
678	while ( $row = mysql_fetch_array( $result ) )
679	{
680	$vtp->addSession( $handle, 'comment' );
681	$author = $row['author'];
682	if ( $row['author'] == '' ) $author = $lang['guest'];
683	$vtp->setVar( $handle, 'comment.author', $author );
684	$vtp->setVar( $handle, 'comment.date',
685	format_date( $row['date'], 'unix', true ) );
686	$vtp->setVar( $handle, 'comment.content', nl2br( $row['content'] ) );
687	if ( $user['status'] == 'admin' )
688	{
689	$vtp->addSession( $handle, 'delete' );
690	$vtp->setVar( $handle, 'delete.link',
691	add_session_id( $url.'&del='.$row['id'] ) );
692	$vtp->closeSession( $handle, 'delete' );
693	}
694	$vtp->closeSession( $handle, 'comment' );
695	}
696
697	if ( !$user['is_the_guest']
698	or ( $user['is_the_guest'] and $conf['comments_forall'] ) )
699	{
700	$vtp->addSession( $handle, 'add_comment' );
701	// form action
702	$action = str_replace( '&', '&', $_SERVER['REQUEST_URI'] );
703	$vtp->setGlobalVar( $handle, 'form_action', $action );
704	// display author field if the user is not logged in
705	if ( !$user['is_the_guest'] )
706	{
707	$vtp->addSession( $handle, 'author_known' );
708	$vtp->setVar( $handle, 'author_known.value', $user['pseudo'] );
709	$vtp->closeSession( $handle, 'author_known' );
710	}
711	else
712	{
713	$vtp->addSession( $handle, 'author_field' );
714	$vtp->closeSession( $handle, 'author_field' );
715	}
716	$vtp->closeSession( $handle, 'add_comment' );
717	}
718	$vtp->closeSession( $handle, 'comments' );
719	}
720	//------------------------------------------------------------ log informations
721	pwg_log( 'picture', $intitule_cat, $page['file'] );
722	mysql_close();
723	//----------------------------------------------------------- html code display
724	$code = $vtp->Display( $handle, 0 );
725	echo $code;
726	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: