Context Navigation

picture.php @ 295

Last change on this file since 295 was 290, checked in by gweltas, 20 years ago

Conformity with the XHTML 1.0 transitional standard
Creation of the following files :

template/default/header.php and template/default/footer.php to ensure a common standard
default.css to be CSS valid

Obsolescence of the following files :

template/default/theme/conf.php
template/default/style.inc.php

Custom galleries should reflect those changes.

Property svn:eol-style set to native
Property svn:keywords set to Author Date Id Revision

File size: 27.0 KB

Line
1	<?php
2	/***************************************************************************
3	* picture.php *
4	* ------------------- *
5	* application : PhpWebGallery 1.3 <http://phpwebgallery.net> *
6	* author : Pierrick LE GALL <pierrick@z0rglub.com> *
7	* *
8	* $Id: picture.php 290 2004-01-18 02:13:02Z gweltas $
9	* *
10	***************************************************************************/
11
12	/***************************************************************************
13	* *
14	* This program is free software; you can redistribute it and/or modify *
15	* it under the terms of the GNU General Public License as published by *
16	* the Free Software Foundation; *
17	* *
18	***************************************************************************/
19	// this page shows the image full size
20	//----------------------------------------------------------- personnal include
21	include_once( './include/init.inc.php' );
22	//-------------------------------------------------- access authorization check
23	check_cat_id( $_GET['cat'] );
24	check_login_authorization();
25	if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) )
26	{
27	check_restrictions( $page['cat'] );
28	}
29	//---------------------------------------- incrementation of the number of hits
30	$query = 'UPDATE '.PREFIX_TABLE.'images';
31	$query.= ' SET hit=hit+1';
32	$query.= ' WHERE id='.$_GET['image_id'];
33	$query.= ';';
34	@mysql_query( $query );
35	//-------------------------------------------------------------- initialization
36	initialize_category( 'picture' );
37	//------------------------------------- main picture information initialization
38	$query = 'SELECT id,date_available,comment,hit,keywords';
39	$query.= ',author,name,file,date_creation,filesize,width,height';
40	$query.= ',storage_category_id';
41	if ( is_numeric( $page['cat'] ) )
42	{
43	$query.= ',category_id';
44	}
45	$query.= ' FROM '.PREFIX_TABLE.'images';
46	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id = ic.image_id';
47	$query.= $page['where'];
48	$query.= ' AND id = '.$_GET['image_id'];
49	$query.= $conf['order_by'];
50	$query.= ';';
51	$result = mysql_query( $query );
52	// if this image_id doesn't correspond to this category, an error message is
53	// displayed, and execution is stopped
54	if ( mysql_num_rows( $result ) == 0 )
55	{
56	echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
57	echo '<a href="'.add_session_id( './category.php' ).'">';
58	echo $lang['thumbnails'].'</a></div>';
59	exit();
60	}
61	$row = mysql_fetch_array( $result );
62	$page['id'] = $row['id'];
63	$page['file'] = $row['file'];
64	$page['name'] = $row['name'];
65	$page['date_available'] = $row['date_available'];
66	$page['comment'] = $row['comment'];
67	$page['hit'] = $row['hit'];
68	$page['author'] = $row['author'];
69	$page['date_creation'] = $row['date_creation'];
70	$page['filesize'] = $row['filesize'];
71	$page['width'] = $row['width'];
72	$page['height'] = $row['height'];
73	if (is_numeric( $page['cat'] ))
74	$page['category_id'] = $row['category_id'];
75	$page['keywords'] = $row['keywords'];
76	$page['storage_category_id'] = $row['storage_category_id'];
77	// retrieving the number of the picture in its category (in order)
78	$query = 'SELECT DISTINCT(id)';
79	$query.= ' FROM '.PREFIX_TABLE.'images';
80	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id = ic.image_id';
81	$query.= $page['where'];
82	$query.= $conf['order_by'];
83	$query.= ';';
84	$result = mysql_query( $query );
85	$page['num'] = 0;
86	$row = mysql_fetch_array( $result );
87	while ( $row['id'] != $page['id'] )
88	{
89	$page['num']++;
90	$row = mysql_fetch_array( $result );
91	}
92	//--------------------------------------------------------- favorite management
93	if ( isset( $_GET['add_fav'] ) )
94	{
95	if ( $_GET['add_fav'] == 1 )
96	{
97	// verify if the picture is already in the favorite of the user
98	$query = 'SELECT COUNT(*) AS nb_fav';
99	$query.= ' FROM '.PREFIX_TABLE.'favorites';
100	$query.= ' WHERE image_id = '.$page['id'];
101	$query.= ' AND user_id = '.$user['id'];
102	$query.= ';';
103	$result = mysql_query( $query );
104	$row = mysql_fetch_array( $result );
105	if ( $row['nb_fav'] == 0 )
106	{
107	$query = 'INSERT INTO '.PREFIX_TABLE.'favorites';
108	$query.= ' (image_id,user_id) VALUES';
109	$query.= ' ('.$page['id'].','.$user['id'].')';
110	$query.= ';';
111	$result = mysql_query( $query );
112	}
113	}
114	if ( $_GET['add_fav'] == 0 )
115	{
116	$query = 'DELETE FROM '.PREFIX_TABLE.'favorites';
117	$query.= ' WHERE user_id = '.$user['id'];
118	$query.= ' AND image_id = '.$page['id'];
119	$query.= ';';
120	$result = mysql_query( $query );
121
122	$page['cat_nb_images'] = $page['cat_nb_images'] - 1;
123	if ( $page['cat_nb_images'] <= 0 )
124	{
125	// there is no favorite picture anymore
126	// we redirect the user to the category page
127	$url = add_session_id( 'category.php' );
128	header( 'Request-URI: '.$url );
129	header( 'Content-Location: '.$url );
130	header( 'Location: '.$url );
131	exit();
132	}
133	// redirection of the user to the picture.php page
134	// with the right picture
135	$page['num'] = $page['num'] - 1;
136	if ( $page['num'] == -1 )
137	{
138	$page['num'] = 0;
139	}
140	$query = 'SELECT id';
141	$query.= ' FROM '.PREFIX_TABLE.'images';
142	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic';
143	$query.= ' ON id = ic.image_id';
144	$query.= $page['where'];
145	$query.= $conf['order_by'];
146	$query.= ' LIMIT '.$page['num'].',1';
147	$query.= ';';
148	$result = mysql_query( $query );
149	$row = mysql_fetch_array( $result );
150	$redirect = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
151	$redirect.= '&expand='.$_GET['expand'];
152	if ( $page['cat'] == 'search' )
153	{
154	$redirect.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
155	}
156	$url = add_session_id( $redirect, true );
157	header( 'Request-URI: '.$url );
158	header( 'Content-Location: '.$url );
159	header( 'Location: '.$url );
160	exit();
161	}
162	}
163
164	//---------------------------------------------- next picture thumbnail display
165	$next = 0;
166	if ( $page['num'] < $page['cat_nb_images']-1 )
167	{
168	$next = $page['num'] + 1;
169	$query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id';
170	$query.= ' FROM '.PREFIX_TABLE.'images';
171	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id=ic.image_id';
172	$query.= $page['where'];
173	$query.= $conf['order_by'];
174	$query.= ' LIMIT '.$next.',1';
175	$query.= ';';
176	$result = mysql_query( $query );
177	$row = mysql_fetch_array( $result );
178
179	if ( !isset($array_cat_directories[$row['storage_category_id']]))
180	{
181	$array_cat_directories[$row['storage_category_id']] =
182	get_complete_dir( $row['storage_category_id'] );
183	}
184	$cat_directory = $array_cat_directories[$row['storage_category_id']];
185
186	$file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") );
187	$next_lien_thumbnail = $cat_directory.'thumbnail/';
188	$next_lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext'];
189
190	if ( $row['name'] != "" )
191	{
192	$next_alt_thumbnail = $row['name'];
193	}
194	else
195	{
196	$next_alt_thumbnail = $file;
197	}
198	$next_title = $lang['next_image']." : ".$next_alt_thumbnail;
199
200	$next_url_link = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
201	$next_url_link.= '&expand='.$_GET['expand'];
202	if ( $page['cat'] == 'search' )
203	{
204	$next_url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
205	}
206	}
207	//----------------------------------------------------- template initialization
208	//
209	// Start output of page
210	//
211	//------------------------------------------------------------------ page title
212	$title = $page['name'];
213	if ( $title == '')
214	{
215	$title = str_replace("_"," ",get_filename_wo_extension($page['file']));
216	}
217	$refresh = 0;
218	if ( isset( $_GET['slideshow'] ) && isset($next_url_link))
219	{
220	$refresh= $_GET['slideshow'];
221	$url_link = $next_url_link;
222	}
223	include('include/page_header.php');
224
225	$handle = $vtp->Open( './template/'.$user['template'].'/picture.vtp' );
226	initialize_template();
227
228	$tpl = array( 'back','submit','comments_title','comments_del','delete',
229	'comments_add','author','slideshow','slideshow_stop',
230	'period_seconds' );
231	templatize_array( $tpl, 'lang', $handle );
232	//-------------------------------------------------------- slideshow management
233	if ( isset( $_GET['slideshow'] ) )
234	{
235	if ( !is_numeric( $_GET['slideshow'] ) )
236	$_GET['slideshow'] = $conf['slideshow_period'][0];
237	$vtp->addSession( $handle, 'stop_slideshow' );
238	$url = './picture.php';
239	$url.= '?image_id='.$page['id'];
240	$url.= '&cat='.$page['cat'];
241	$url.= '&expand='.$_GET['expand'];
242	if ( $page['cat'] == 'search' )
243	{
244	$url.= '&search='.$_GET['search'];
245	$url.= '&mode='.$_GET['mode'];
246	}
247	$vtp->setVar( $handle, 'stop_slideshow.url', add_session_id( $url ) );
248	$vtp->closeSession( $handle, 'stop_slideshow' );
249	}
250	else
251	{
252	$vtp->addSession( $handle, 'start_slideshow' );
253	foreach ( $conf['slideshow_period'] as $option ) {
254	$vtp->addSession( $handle, 'second' );
255	$vtp->setVar( $handle, 'second.option', $option );
256	$url = './picture.php';
257	$url.= '?image_id='.$page['id'];
258	$url.= '&cat='.$page['cat'];
259	if (isset($_GET['expand']))
260	$url.= '&expand='.$_GET['expand'];
261	if ( $page['cat'] == 'search' )
262	{
263	$url.= '&search='.$_GET['search'];
264	$url.= '&mode='.$_GET['mode'];
265	}
266	$url.= '&slideshow='.$option;
267	$vtp->setVar( $handle, 'second.url', add_session_id( $url ) );
268	$vtp->closeSession( $handle, 'second' );
269	}
270	$vtp->closeSession( $handle, 'start_slideshow' );
271	}
272
273	//-------------------------------------------------- previous picture thumbnail
274	if ( $page['num'] >= 1 )
275	{
276	$prev = $page['num'] - 1;
277	$query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id';
278	$query.= ' FROM '.PREFIX_TABLE.'images';
279	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id=ic.image_id';
280	$query.= $page['where'];
281	$query.= $conf['order_by'];
282	$query.= ' LIMIT '.$prev.',1';
283	$query.= ';';
284	$result = mysql_query( $query );
285	$row = mysql_fetch_array( $result );
286
287	if ( !isset($array_cat_directories[$row['storage_category_id']]) )
288	{
289	$array_cat_directories[$row['storage_category_id']] =
290	get_complete_dir( $row['storage_category_id'] );
291	}
292	$cat_directory = $array_cat_directories[$row['storage_category_id']];
293
294	$file = substr( $row['file'], 0, strrpos ( $row['file'], '.' ) );
295	$lien_thumbnail = $cat_directory.'thumbnail/';
296	$lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext'];
297
298	$prev_title = $lang['previous_image'].' : ';
299	$alt_thumbnaill = '';
300	if ( $row['name'] != '' ) $alt_thumbnail = $row['name'];
301	else $alt_thumbnail = $file;
302	$prev_title.= $alt_thumbnail;
303
304	$url_link = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
305	$url_link.= '&expand='.$_GET['expand'];
306	if ( $page['cat'] == 'search' )
307	{
308	$url_link.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
309	}
310	// sending vars for display
311	$vtp->addSession( $handle, 'previous' );
312	$vtp->setGlobalVar( $handle, 'previous.url', add_session_id( $url_link ) );
313	$vtp->setGlobalVar( $handle, 'previous.title', $prev_title );
314	$vtp->setGlobalVar( $handle, 'previous.src', $lien_thumbnail );
315	$vtp->setGlobalVar( $handle, 'previous.alt', $alt_thumbnail );
316	$vtp->closeSession( $handle, 'previous' );
317	}
318	else
319	{
320	$vtp->addSession( $handle, 'previous_empty' );
321	$vtp->closeSession( $handle, 'previous_empty' );
322	}
323	//-------------------------------------------------------- main picture display
324	if ( is_numeric( $page['cat'] ) )
325	{
326	$intitule_cat = get_cat_display_name( $page['cat_name'], " - ",
327	"font-style:italic;" );
328	}
329	else
330	{
331	$intitule_cat = $page['title'];
332	}
333
334	if ( !isset($array_cat_directories[$page['storage_category_id']]) )
335	{
336	$array_cat_directories[$page['storage_category_id']] =
337	get_complete_dir( $page['storage_category_id'] );
338	}
339	$cat_directory = $array_cat_directories[$page['storage_category_id']];
340
341	$n = $page['num'] + 1;
342	$intitule_titre = replace_space( $intitule_cat." - " ).$n.'/';
343	$intitule_titre.= $page['cat_nb_images']."<br />";
344	if ( $page['name'] != "" )
345	{
346	$intitule_file = $page['name'];
347	}
348	else
349	{
350	$intitule_file = str_replace( "_", " ",
351	substr( $page['file'], 0,
352	strrpos ( $page['file'], ".") ) );
353	}
354	if ( $page['cat'] == 'search' )
355	{
356	$intitule_file = replace_search( $intitule_file, $_GET['search'] );
357	}
358	$vtp->setGlobalVar( $handle, 'title', $intitule_titre.$intitule_file );
359
360	$lien_image = $cat_directory.$page['file'];
361
362	// calculation of width and height
363	if ( $page['width'] == "" )
364	{
365	$taille_image = @getimagesize( $lien_image );
366	$original_width = $taille_image[0];
367	$original_height = $taille_image[1];
368	}
369	else
370	{
371	$original_width = $page['width'];
372	$original_height = $page['height'];
373	}
374
375	$picture_size = get_picture_size( $original_width, $original_height,
376	$user['maxwidth'], $user['maxheight'] );
377	$final_width = $picture_size[0];
378	$final_height = $picture_size[1];
379
380	$url_link = './category.php?cat='.$page['cat'].'&';
381	$url_link.= 'num='.$page['num'];
382	if (isset($_GET['expand']))
383	$url_link.='&expand='.$_GET['expand'];
384	if ( $page['cat'] == 'search' )
385	{
386	$url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
387	}
388	$vtp->setGlobalVar( $handle, 'picture_link', add_session_id( $url_link ) );
389	$vtp->setGlobalVar( $handle, 'picture_width', $final_width );
390	$vtp->setGlobalVar( $handle, 'picture_height', $final_height );
391	$vtp->setGlobalVar( $handle, 'picture_src', $lien_image );
392	$vtp->setGlobalVar( $handle, 'picture_alt', $page['file'] );
393
394	if ( $page['comment'] != '' )
395	{
396	if ( $page['cat'] == 'search' )
397	{
398	$picture_comment = replace_search( $page['comment'], $_GET['search'] );
399	$vtp->setGlobalVar( $handle, 'picture_comment', $picture_comment );
400	}
401	else
402	{
403	$vtp->setGlobalVar( $handle, 'picture_comment', $page['comment'] );
404	}
405	}
406	//--------------------------------------------------------- picture information
407	// author
408	if ( $page['author'] != "" )
409	{
410	$vtp->addSession( $handle, 'info_line' );
411	$vtp->setVar( $handle, 'info_line.name', $lang['author'].' : ' );
412	$vtp->setVar( $handle, 'info_line.content', $page['author'] );
413	$vtp->closeSession( $handle, 'info_line' );
414	}
415	// creation date
416	if ( $page['date_creation'] != "" )
417	{
418	$vtp->addSession( $handle, 'info_line' );
419	$vtp->setVar( $handle, 'info_line.name', $lang['creation_date'].' : ' );
420	$vtp->setVar( $handle, 'info_line.content',
421	format_date( $page['date_creation'] ) );
422	$vtp->closeSession( $handle, 'info_line' );
423	}
424	// date of availability
425	$vtp->addSession( $handle, 'info_line' );
426	$vtp->setVar( $handle, 'info_line.name', $lang['registration_date'].' : ' );
427	list( $year,$month,$day ) = explode( '-', $page['date_available'] );
428	$vtp->setVar( $handle, 'info_line.content',
429	format_date( $page['date_available'] ) );
430	$vtp->closeSession( $handle, 'info_line' );
431	// size in pixels
432	$vtp->addSession( $handle, 'info_line' );
433	$vtp->setVar( $handle, 'info_line.name', $lang['size'].' : ' );
434	if ( $original_width != $final_width or $original_height != $final_height )
435	{
436	$content = '[ <a href="'.$lien_image.'" title="'.$lang['true_size'].'">';
437	$content.= $original_width.'*'.$original_height.'</a> ]';
438	$vtp->setVar( $handle, 'info_line.content', $content );
439	}
440	else
441	{
442	$content = $original_width.'*'.$original_height;
443	$vtp->setVar( $handle, 'info_line.content', $content );
444	}
445	$vtp->closeSession( $handle, 'info_line' );
446	// file
447	$vtp->addSession( $handle, 'info_line' );
448	$vtp->setVar( $handle, 'info_line.name', $lang['file'].' : ' );
449	if ( $page['cat'] == 'search' )
450	{
451	$content = replace_search( $page['file'], $_GET['search'] );
452	$vtp->setVar( $handle, 'info_line.content', $content );
453	}
454	else
455	{
456	$vtp->setVar( $handle, 'info_line.content', $page['file'] );
457	}
458	$vtp->closeSession( $handle, 'info_line' );
459	// filesize
460	if ( $page['filesize'] == "" )
461	{
462	$poids = floor ( filesize( $lien_image ) / 1024 );
463	}
464	else
465	{
466	$poids = $page['filesize'];
467	}
468	$vtp->addSession( $handle, 'info_line' );
469	$vtp->setVar( $handle, 'info_line.name', $lang['filesize'].' : ' );
470	$vtp->setVar( $handle, 'info_line.content', $poids.' KB' );
471	$vtp->closeSession( $handle, 'info_line' );
472	// keywords
473	if ( $page['keywords'] != '' )
474	{
475	$vtp->addSession( $handle, 'info_line' );
476	$vtp->setVar( $handle, 'info_line.name', $lang['keywords'].' : ' );
477	$keywords = explode( ',', $page['keywords'] );
478	$content = '';
479	$url = './category.php?cat=search&expand='.$_GET['expand'];
480	$url.= '&mode=OR&search=';
481	foreach ( $keywords as $i => $keyword ) {
482	$local_url = add_session_id( $url.$keyword );
483	if ( $i > 0 ) $content.= ',';
484	$content.= '<a href="'.$local_url.'">'.$keyword.'</a>';
485	}
486	$vtp->setVar( $handle, 'info_line.content', $content );
487	$vtp->closeSession( $handle, 'info_line' );
488	}
489	// number of visits
490	$vtp->addSession( $handle, 'info_line' );
491	$vtp->setVar( $handle, 'info_line.name', $lang['visited'].' : ' );
492	$vtp->setVar( $handle, 'info_line.content', $page['hit'].' '.$lang['times'] );
493	$vtp->closeSession( $handle, 'info_line' );
494	//------------------------------------------------------- favorite manipulation
495	if ( $page['cat'] != 'fav' and !$user['is_the_guest'] )
496	{
497	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
498	if (isset($_GET['expand']))
499	$url.= '&expand='.$_GET['expand'];
500	$url.='&add_fav=1';
501	if ( $page['cat'] == 'search' )
502	{
503	$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
504	}
505	$vtp->addSession( $handle, 'favorite' );
506	$vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) );
507	$vtp->setVar( $handle, 'favorite.title', $lang['add_favorites_hint'] );
508	$vtp->setVar( $handle, 'favorite.src',
509	'./template/'.$user['template'].'/theme/favorite.gif' );
510	$vtp->setVar( $handle, 'favorite.alt','[ '.$lang['add_favorites_alt'].' ]' );
511	$vtp->closeSession( $handle, 'favorite' );
512	}
513	if ( $page['cat'] == 'fav' )
514	{
515	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
516	$url.= '&expand='.$_GET['expand'].'&add_fav=0';
517	$vtp->addSession( $handle, 'favorite' );
518	$vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) );
519	$vtp->setVar( $handle, 'favorite.title', $lang['del_favorites_hint'] );
520	$vtp->setVar( $handle, 'favorite.src',
521	'./template/'.$user['template'].'/theme/del_favorite.gif' );
522	$vtp->setVar( $handle, 'favorite.alt','[ '.$lang['del_favorites_alt'].' ]' );
523	$vtp->closeSession( $handle, 'favorite' );
524	}
525	//------------------------------------ admin link for information modifications
526	if ( $user['status'] == 'admin' )
527	{
528	$vtp->addSession( $handle, 'modification' );
529	$url = './admin/admin.php?page=picture_modify&cat_id='.$page['cat'];
530	$url.= '&image_id='.$page['id'];
531	$vtp->setVar( $handle, 'modification.link', add_session_id( $url ) );
532	$vtp->setVar( $handle, 'modification.name', $lang['link_info_image'] );
533	}
534
535	if ( $next )
536	{
537	// sending vars for display
538	$vtp->addSession( $handle, 'next' );
539	$vtp->setGlobalVar( $handle, 'next.url', add_session_id( $next_url_link ) );
540	$vtp->setGlobalVar( $handle, 'next.title', $next_title );
541	$vtp->setGlobalVar( $handle, 'next.src', $next_lien_thumbnail );
542	$vtp->setGlobalVar( $handle, 'next.alt', $next_alt_thumbnail );
543	$vtp->closeSession( $handle, 'next' );
544	}
545	else
546	{
547	$vtp->addSession( $handle, 'next_empty' );
548	$vtp->closeSession( $handle, 'next_empty' );
549	}
550	//---------------------------------------------------- users's comments display
551	if ( $conf['show_comments'] )
552	{
553	$vtp->addSession( $handle, 'comments' );
554	// comment registeration
555	if ( isset( $_POST['content'] ) and $_POST['content'] != '' )
556	{
557	$register_comment = true;
558
559	if ( !$user['is_the_guest'] ) $author = $user['username'];
560	if ( $_POST['author'] != '' ) $author = $_POST['author'];
561	// if a guest try to use the name of an already existing user, he must
562	// be rejected
563	if ( isset( $author ) and $author != $user['username'] )
564	{
565	$query = 'SELECT COUNT(*) AS user_exists';
566	$query.= ' FROM '.PREFIX_TABLE.'users';
567	$query.= " WHERE username = '".$author."'";
568	$query.= ';';
569	$row = mysql_fetch_array( mysql_query( $query ) );
570	if ( $row['user_exists'] == 1 )
571	{
572	$vtp->addSession( $handle, 'information' );
573	$message = $lang['comment_user_exists'];
574	$vtp->setVar( $handle, 'information.content', $message );
575	$vtp->closeSession( $handle, 'information' );
576	$register_comment = false;
577	}
578	}
579
580	if ( $register_comment )
581	{
582	// anti-flood system
583	$reference_date = time() - $conf['anti-flood_time'];
584	$query = 'SELECT id';
585	$query.= ' FROM '.PREFIX_TABLE.'comments';
586	$query.= ' WHERE date > '.$reference_date;
587	$query.= " AND author = '".$author."'";
588	$query.= ';';
589	if ( mysql_num_rows( mysql_query( $query ) ) == 0
590	or $conf['anti-flood_time'] == 0 )
591	{
592	$query = 'INSERT INTO '.PREFIX_TABLE.'comments';
593	$query.= ' (author,date,image_id,content,validated) VALUES';
594	$query.= ' (';
595	if ( !isset( $author ) ) $query.= 'NULL';
596	else $query.= "'".$author."'";
597	$query.= ','.time().','.$page['id'];
598	$query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'";
599	if ( !$conf['comments_validation'] or $user['status'] == 'admin' )
600	$query.= ",'true'";
601	else
602	$query.= ",'false'";
603	$query.= ');';
604	mysql_query( $query );
605	// information message
606	$vtp->addSession( $handle, 'information' );
607	$message = $lang['comment_added'];
608	if ( $conf['comments_validation'] and $user['status'] != 'admin' )
609	{
610	$message.= '<br />'.$lang['comment_to_validate'];
611	}
612	$vtp->setVar( $handle, 'information.content', $message );
613	$vtp->closeSession( $handle, 'information' );
614	// notification to the administrators
615	if ( $conf['mail_notification'] )
616	{
617	$cat_name = get_cat_display_name( $page['cat_name'], ' > ', '' );
618	$cat_name = strip_tags( $cat_name );
619	if ( $page['name'] == '' ) $picture = $page['file'];
620	else $picture = $page['name'];
621	notify( 'comment', $cat_name.' > '.$picture );
622	}
623	}
624	else
625	{
626	// information message
627	$vtp->addSession( $handle, 'information' );
628	$message = $lang['comment_anti-flood'];
629	$vtp->setVar( $handle, 'information.content', $message );
630	$vtp->closeSession( $handle, 'information' );
631	}
632	}
633	}
634	// comment deletion
635	if ( isset( $_GET['del'] )
636	and is_numeric( $_GET['del'] )
637	and $user['status'] == 'admin' )
638	{
639	$query = 'DELETE FROM '.PREFIX_TABLE.'comments';
640	$query.= ' WHERE id = '.$_GET['del'].';';
641	mysql_query( $query );
642	}
643	// number of comment for this picture
644	$query = 'SELECT COUNT(*) AS nb_comments';
645	$query.= ' FROM '.PREFIX_TABLE.'comments';
646	$query.= ' WHERE image_id = '.$page['id'];
647	$query.= " AND validated = 'true'";
648	$query.= ';';
649	$row = mysql_fetch_array( mysql_query( $query ) );
650	$page['nb_comments'] = $row['nb_comments'];
651	// navigation bar creation
652	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
653	if (isset($_GET['expand']))
654	$url.= '&expand='.$_GET['expand'];
655	if ( $page['cat'] == 'search' )
656	{
657	$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
658	}
659	if( !isset( $_GET['start'] )
660	or !is_numeric( $_GET['start'] )
661	or ( is_numeric( $_GET['start'] ) and $_GET['start'] < 0 ) )
662	{
663	$page['start'] = 0;
664	}
665	else
666	{
667	$page['start'] = $_GET['start'];
668	}
669	$page['navigation_bar'] = create_navigation_bar( $url, $page['nb_comments'],
670	$page['start'],
671	$conf['nb_comment_page'],
672	'' );
673	// sending vars for display
674	$vtp->setGlobalVar( $handle, 'navigation_bar', $page['navigation_bar'] );
675	$vtp->setGlobalVar( $handle, 'nb_comments', $page['nb_comments'] );
676
677	$query = 'SELECT id,author,date,image_id,content';
678	$query.= ' FROM '.PREFIX_TABLE.'comments';
679	$query.= ' WHERE image_id = '.$page['id'];
680	$query.= " AND validated = 'true'";
681	$query.= ' ORDER BY date ASC';
682	$query.= ' LIMIT '.$page['start'].', '.$conf['nb_comment_page'].';';
683	$result = mysql_query( $query );
684
685	while ( $row = mysql_fetch_array( $result ) )
686	{
687	$vtp->addSession( $handle, 'comment' );
688	$author = $row['author'];
689	if ( $row['author'] == '' ) $author = $lang['guest'];
690	$vtp->setVar( $handle, 'comment.author', $author );
691	$vtp->setVar( $handle, 'comment.date',
692	format_date( $row['date'], 'unix', true ) );
693	$content = nl2br( $row['content'] );
694
695	// replace _word_ by an underlined word
696	$pattern = '/_([^\s]*)_/';
697	$replacement = '<span style="text-decoration:underline;">\1</span>';
698	$content = preg_replace( $pattern, $replacement, $content );
699
700	// replace word by a bolded word
701	$pattern = '/\([^\s])\*/';
702	$replacement = '<span style="font-weight:bold;">\1</span>';
703	$content = preg_replace( $pattern, $replacement, $content );
704
705	// replace /word/ by an italic word
706	$pattern = '/\/([^\s]*)\//';
707	$replacement = '<span style="font-style:italic;">\1</span>';
708	$content = preg_replace( $pattern, $replacement, $content );
709
710	$vtp->setVar( $handle, 'comment.content', $content );
711	if ( $user['status'] == 'admin' )
712	{
713	$vtp->addSession( $handle, 'delete' );
714	$vtp->setVar( $handle, 'delete.link',
715	add_session_id( $url.'&del='.$row['id'] ) );
716	$vtp->closeSession( $handle, 'delete' );
717	}
718	$vtp->closeSession( $handle, 'comment' );
719	}
720
721	if ( !$user['is_the_guest']
722	or ( $user['is_the_guest'] and $conf['comments_forall'] ) )
723	{
724	$vtp->addSession( $handle, 'add_comment' );
725	// form action
726	$action = str_replace( '&', '&', $_SERVER['REQUEST_URI'] );
727	$vtp->setGlobalVar( $handle, 'form_action', $action );
728	// display author field if the user is not logged in
729	if ( !$user['is_the_guest'] )
730	{
731	$vtp->addSession( $handle, 'author_known' );
732	if (isset($user['pseudo']))
733	$vtp->setVar( $handle, 'author_known.value', $user['pseudo'] );
734	$vtp->closeSession( $handle, 'author_known' );
735	}
736	else
737	{
738	$vtp->addSession( $handle, 'author_field' );
739	$vtp->closeSession( $handle, 'author_field' );
740	}
741	$vtp->closeSession( $handle, 'add_comment' );
742	}
743	$vtp->closeSession( $handle, 'comments' );
744	}
745	//------------------------------------------------------------ log informations
746	pwg_log( 'picture', $intitule_cat, $page['file'] );
747	mysql_close();
748	//----------------------------------------------------------- html code display
749	$code = $vtp->Display( $handle, 0 );
750	echo $code;
751
752	include('include/page_tail.php');
753	?>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: branches/release-1_3/picture.php @ 295

Download in other formats: