Changeset 402 for trunk/picture.php
- Timestamp:
- Mar 30, 2004, 12:40:21 AM (20 years ago)
- File:
-
- 1 edited
-
trunk/picture.php (modified) (9 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/picture.php
r394 r402 70 70 } 71 71 72 //------------------------------------- ---prev, current & next picture management73 $picture =array();74 $picture['prev']['name'] ='';75 $picture['next']['name'] ='';76 $picture['prev']['thumbnail'] ='';77 $picture['next']['thumbnail'] ='';78 $picture['prev']['url'] ='';79 $picture['next']['url'] ='';72 //------------------------------------- prev, current & next picture management 73 $picture = array(); 74 $picture['prev']['name'] = ''; 75 $picture['next']['name'] = ''; 76 $picture['prev']['thumbnail'] = ''; 77 $picture['next']['thumbnail'] = ''; 78 $picture['prev']['url'] = ''; 79 $picture['next']['url'] = ''; 80 80 81 81 $next = $page['num'] + 1; 82 82 $prev = $page['num'] - 1; 83 83 84 if ( $page['num'] == $page['cat_nb_images'] -1)84 if ( $page['num'] == $page['cat_nb_images'] - 1 ) 85 85 { 86 86 $next = 0; 87 87 } 88 88 89 $query = 'SELECT * FROM '.IMAGES_TABLE; 89 $query = 'SELECT *'; 90 $query.= ' FROM '.IMAGES_TABLE; 90 91 $query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic'; 91 92 $query.= ' ON id=ic.image_id'; … … 93 94 $query.= $conf['order_by']; 94 95 95 if ($prev <0) 96 if ( $prev < 0 ) 97 { 96 98 $query.= ' LIMIT 0,2'; 99 } 97 100 else 101 { 98 102 $query.= ' LIMIT '.$prev.',3'; 99 103 } 100 104 $query.= ';'; 101 105 102 106 $result = mysql_query( $query ); 103 $nb_row = mysql_num_rows( $result);107 $nb_row = mysql_num_rows( $result ); 104 108 $index = array('prev','current','next'); 105 for ($i=0; $i<$nb_row;$i++) 109 110 for ( $i = 0; $i < $nb_row; $i++ ) 106 111 { 107 112 $j=($prev<0)?$index[$i+1]:$index[$i]; … … 116 121 $cat_directory = $array_cat_directories[$row['storage_category_id']]; 117 122 $file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") ); 123 118 124 $picture[$j]['src'] = $cat_directory.$row['file']; 125 119 126 $picture[$j]['thumbnail'] = $cat_directory.'thumbnail/'; 120 $picture[$j]['thumbnail'].= $conf['prefix_thumbnail'].$file.".".$row['tn_ext']; 121 122 if (!empty($row['name'])) 127 $picture[$j]['thumbnail'].= $conf['prefix_thumbnail'].$file; 128 $picture[$j]['thumbnail'].= '.'.$row['tn_ext']; 129 130 if ( !empty( $row['name'] ) ) 123 131 { 124 132 $picture[$j]['name'] = $row['name']; … … 126 134 else 127 135 { 128 $picture[$j]['name'] = str_replace( "_", " ",$file);136 $picture[$j]['name'] = str_replace( '_', ' ', $file ); 129 137 } 130 138 … … 133 141 if ( $page['cat'] == 'search' ) 134 142 { 135 $picture[$j]['url'].= "&search=".$_GET['search'].'&mode='.$_GET['mode']; 143 $picture[$j]['url'].= '&search='.$_GET['search']; 144 $picture[$j]['url'].= '&mode='.$_GET['mode']; 136 145 } 137 146 } … … 144 153 } 145 154 146 $url_admin = PHPWG_ROOT_PATH.'admin.php?page=picture_modify&cat_id='.$page['cat']; 155 $url_admin = PHPWG_ROOT_PATH.'admin.php?page=picture_modify'; 156 $url_admin.= '&cat_id='.$page['cat']; 147 157 $url_admin.= '&image_id='.$_GET['image_id']; 148 158 … … 150 160 if ( isset( $_GET['add_fav'] ) ) 151 161 { 152 $query = 'DELETE FROM '.FAVORITES_TABLE.' WHERE user_id = '.$user['id']; 153 $query.= ' AND image_id = '.$picture['current']['id'].';'; 162 $query = 'DELETE FROM '.FAVORITES_TABLE; 163 $query.= ' WHERE user_id = '.$user['id']; 164 $query.= ' AND image_id = '.$picture['current']['id']; 165 $query.= ';'; 154 166 $result = mysql_query( $query ); 155 167 156 168 if ( $_GET['add_fav'] == 1 ) 157 169 { 158 $query = 'INSERT INTO '.FAVORITES_TABLE.' (image_id,user_id) VALUES'; 159 $query.= ' ('.$picture['current']['id'].','.$user['id'].');'; 160 $result = mysql_query( $query ); 161 } 162 if ( !$_GET['add_fav'] && $page['cat']=='fav') 163 { 164 if ( $prev < 0 && $nb_row==1 ) 165 { 166 // there is no favorite picture anymore 167 // we redirect the user to the category page 170 $query = 'INSERT INTO '.FAVORITES_TABLE; 171 $query.= ' (image_id,user_id) VALUES'; 172 $query.= ' ('.$picture['current']['id'].','.$user['id'].')'; 173 $query.= ';'; 174 $result = mysql_query( $query ); 175 } 176 if ( !$_GET['add_fav'] and $page['cat'] == 'fav' ) 177 { 178 if ( $prev < 0 and $nb_row == 1 ) 179 { 180 // there is no favorite picture anymore we redirect the user to the 181 // category page 168 182 $url = add_session_id( $url_home ); 169 183 header( 'Request-URI: '.$url ); … … 172 186 exit(); 173 187 } 174 else if ( $prev < 0 ) 175 { 176 $url = add_session_id( str_replace('&','&',$picture['next']['url']), true); 177 } 178 else 179 { 180 $url = add_session_id( str_replace('&','&',$picture['prev']['url']), true); 181 } 182 header( 'Request-URI: '.$url ); 183 header( 'Content-Location: '.$url ); 184 header( 'Location: '.$url ); 185 exit(); 186 } 187 } 188 189 //--------------------------------------------------------- comment registeration 190 if ( isset( $_POST['content'] ) && !empty($_POST['content']) ) 191 { 192 $register_comment = true; 193 $author = !empty($_POST['author'])?$_POST['author']:$lang['guest']; 194 // if a guest try to use the name of an already existing user, he must 195 // be rejected 196 if ( $author != $user['username'] ) 197 { 198 $query = 'SELECT COUNT(*) AS user_exists'; 199 $query.= ' FROM '.USERS_TABLE; 200 $query.= " WHERE username = '".$author."'"; 201 $query.= ';'; 202 $row = mysql_fetch_array( mysql_query( $query ) ); 203 if ( $row['user_exists'] == 1 ) 204 { 205 $template->assign_block_vars('information', array('INFORMATION'=>$lang['comment_user_exists'])); 206 $register_comment = false; 207 } 208 } 209 210 if ( $register_comment ) 211 { 212 // anti-flood system 213 $reference_date = time() - $conf['anti-flood_time']; 214 $query = 'SELECT id FROM '.COMMENTS_TABLE; 215 $query.= ' WHERE date > '.$reference_date; 216 $query.= " AND author = '".$author."'"; 217 $query.= ';'; 218 if ( mysql_num_rows( mysql_query( $query ) ) == 0 219 || $conf['anti-flood_time'] == 0 ) 220 { 221 $query = 'INSERT INTO '.COMMENTS_TABLE; 222 $query.= ' (author,date,image_id,content,validated) VALUES ('; 223 $query.= "'".$author."'"; 224 $query.= ','.time().','.$_GET['image_id']; 225 $query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'"; 226 if ( !$conf['comments_validation'] || $user['status'] == 'admin' ) 227 $query.= ",'true'"; 228 else 229 $query.= ",'false'"; 230 $query.= ');'; 231 mysql_query( $query ); 232 // information message 233 $message = $lang['comment_added']; 234 if ( $conf['comments_validation'] and $user['status'] != 'admin' ) 235 { 236 $message.= '<br />'.$lang['comment_to_validate']; 237 } 238 $template->assign_block_vars('information', array('INFORMATION'=>$message)); 239 // notification to the administrators 240 if ( $conf['mail_notification'] ) 241 { 242 $cat_name = get_cat_display_name( $page['cat_name'], ' > ', '' ); 243 $cat_name = strip_tags( $cat_name ); 244 notify( 'comment', $cat_name.' > '.$picture['current']['name']); 245 } 188 else if ( $prev < 0 ) 189 { 190 $url = str_replace( '&', '&', $picture['next']['url'] ); 191 $url = add_session_id( $url, true); 192 } 193 else 194 { 195 $url = str_replace('&', '&', $picture['prev']['url'] ); 196 $url = add_session_id( $url, true); 197 } 198 header( 'Request-URI: '.$url ); 199 header( 'Content-Location: '.$url ); 200 header( 'Location: '.$url ); 201 exit(); 202 } 203 } 204 205 //------------------------------------------------------ comment registeration 206 if ( isset( $_POST['content'] ) && !empty($_POST['content']) ) 207 { 208 $register_comment = true; 209 $author = !empty($_POST['author'])?$_POST['author']:$lang['guest']; 210 // if a guest try to use the name of an already existing user, he must be 211 // rejected 212 if ( $author != $user['username'] ) 213 { 214 $query = 'SELECT COUNT(*) AS user_exists'; 215 $query.= ' FROM '.USERS_TABLE; 216 $query.= " WHERE username = '".$author."'"; 217 $query.= ';'; 218 $row = mysql_fetch_array( mysql_query( $query ) ); 219 if ( $row['user_exists'] == 1 ) 220 { 221 $template->assign_block_vars( 222 'information', 223 array('INFORMATION'=>$lang['comment_user_exists'])); 224 $register_comment = false; 225 } 226 } 227 228 if ( $register_comment ) 229 { 230 // anti-flood system 231 $reference_date = time() - $conf['anti-flood_time']; 232 $query = 'SELECT id FROM '.COMMENTS_TABLE; 233 $query.= ' WHERE date > '.$reference_date; 234 $query.= " AND author = '".$author."'"; 235 $query.= ';'; 236 if ( mysql_num_rows( mysql_query( $query ) ) == 0 237 or $conf['anti-flood_time'] == 0 ) 238 { 239 $query = 'INSERT INTO '.COMMENTS_TABLE; 240 $query.= ' (author,date,image_id,content,validated) VALUES ('; 241 $query.= "'".$author."'"; 242 $query.= ','.time().','.$_GET['image_id']; 243 $query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'"; 244 if ( !$conf['comments_validation'] or $user['status'] == 'admin' ) 245 { 246 $query.= ",'true'"; 246 247 } 247 248 else 248 249 { 249 // information message 250 $template->assign_block_vars('information', array('INFORMATION'=>$lang['comment_anti-flood'])); 250 $query.= ",'false'"; 251 251 } 252 } 253 } 254 // comment deletion 255 if ( isset( $_GET['del'] ) 256 && is_numeric( $_GET['del'] ) 257 && $user['status'] == 'admin' ) 258 { 259 $query = 'DELETE FROM '.COMMENTS_TABLE.' WHERE id = '.$_GET['del'].';'; 260 mysql_query( $query ); 261 } 252 $query.= ');'; 253 mysql_query( $query ); 254 // information message 255 $message = $lang['comment_added']; 256 if ( $conf['comments_validation'] and $user['status'] != 'admin' ) 257 { 258 $message.= '<br />'.$lang['comment_to_validate']; 259 } 260 $template->assign_block_vars('information', 261 array('INFORMATION'=>$message)); 262 // notification to the administrators 263 if ( $conf['mail_notification'] ) 264 { 265 $cat_name = get_cat_display_name( $page['cat_name'], ' > ', '' ); 266 $cat_name = strip_tags( $cat_name ); 267 notify( 'comment', $cat_name.' > '.$picture['current']['name']); 268 } 269 } 270 else 271 { 272 // information message 273 $template->assign_block_vars( 274 'information', 275 array('INFORMATION'=>$lang['comment_anti-flood'])); 276 } 277 } 278 } 279 // comment deletion 280 if ( isset( $_GET['del'] ) 281 and is_numeric( $_GET['del'] ) 282 and $user['status'] == 'admin' ) 283 { 284 $query = 'DELETE FROM '.COMMENTS_TABLE; 285 $query.= ' WHERE id = '.$_GET['del']; 286 $query.= ';'; 287 mysql_query( $query ); 288 } 262 289 263 290 // … … 267 294 $title = $picture['current']['name']; 268 295 $refresh = 0; 269 if ( isset( $_GET['slideshow'] ) && $next)270 { 271 272 296 if ( isset( $_GET['slideshow'] ) and $next ) 297 { 298 $refresh= $_GET['slideshow']; 299 $url_link = $picture['next']['url']; 273 300 } 274 301
Note: See TracChangeset
for help on using the changeset viewer.
