[12560] | 1 | <?php |
---|
| 2 | if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); |
---|
| 3 | |
---|
[12702] | 4 | include_once(PHPWG_ROOT_PATH .'include/functions_tag.inc.php'); |
---|
| 5 | |
---|
[12560] | 6 | /** |
---|
| 7 | * Send comment to subscribers |
---|
| 8 | * @param array comm |
---|
| 9 | */ |
---|
| 10 | function send_comment_to_subscribers($comm) |
---|
| 11 | { |
---|
| 12 | global $conf, $page, $user; |
---|
| 13 | |
---|
[12600] | 14 | if ( empty($comm) or !is_array($comm) ) |
---|
| 15 | { |
---|
| 16 | trigger_error('send_comment_to_subscribers: undefinided comm', E_USER_WARNING); |
---|
| 17 | return false; |
---|
| 18 | } |
---|
| 19 | |
---|
[12560] | 20 | $type= isset($comm['category_id']) ? 'category' : 'image'; |
---|
| 21 | |
---|
| 22 | // exclude current user |
---|
| 23 | $exclude = null; |
---|
| 24 | if (!empty($_POST['stc_mail'])) $exclude = pwg_db_real_escape_string($_POST['stc_mail']); |
---|
[12561] | 25 | else if (!is_a_guest()) $exclude = $user['email']; |
---|
[12560] | 26 | |
---|
| 27 | // get subscribers emails |
---|
| 28 | $query = ' |
---|
| 29 | SELECT |
---|
| 30 | email |
---|
| 31 | FROM '.SUBSCRIBE_TO_TABLE.' |
---|
| 32 | WHERE |
---|
| 33 | '.$type.'_id = '.$comm[$type.'_id'].' |
---|
| 34 | AND validated = true |
---|
| 35 | AND email != "'.$exclude.'" |
---|
| 36 | '; |
---|
| 37 | $emails = array_from_query($query, 'email'); |
---|
| 38 | |
---|
| 39 | set_make_full_url(); |
---|
[12561] | 40 | if ($type == 'image') |
---|
[12560] | 41 | { |
---|
[12600] | 42 | $element = get_picture_infos($comm['image_id']); |
---|
[12561] | 43 | } |
---|
| 44 | else if ($type == 'category') |
---|
| 45 | { |
---|
[12600] | 46 | $element = get_category_infos($comm['category_id']); |
---|
[12560] | 47 | } |
---|
| 48 | |
---|
| 49 | // get author name |
---|
| 50 | if ($comm['author'] == 'guest') |
---|
| 51 | { |
---|
| 52 | $comm['author'] = l10n('guest'); |
---|
| 53 | } |
---|
| 54 | |
---|
| 55 | // mail content |
---|
| 56 | $mail_args = array( |
---|
| 57 | 'subject' => '['.strip_tags($conf['gallery_title']).'] Re:'.$element['name'], |
---|
| 58 | 'content_format' => 'text/html', |
---|
| 59 | ); |
---|
| 60 | |
---|
| 61 | $generic_content = ' |
---|
[12607] | 62 | <a href="'.$element['url'].'"><img src="'.$element['thumbnail'].'" alt="'.$element['name'].'"></a> |
---|
| 63 | <br> |
---|
[12560] | 64 | <b>.'.trigger_event('render_comment_author', $comm['author']).'</b> wrote : |
---|
| 65 | |
---|
| 66 | <blockquote>'.trigger_event('render_comment_content', $comm['content']).'</blockquote> |
---|
| 67 | |
---|
| 68 | <a href="'.$element['url'].'#comment-'.$comm['id'].'">Link to comment</a> |
---|
| 69 | <br><br> |
---|
| 70 | ================================ |
---|
| 71 | <br><br>'; |
---|
| 72 | |
---|
| 73 | foreach ($emails as $email) |
---|
| 74 | { |
---|
| 75 | $mail_args['content'] = $generic_content.' |
---|
[12600] | 76 | <a href="'.make_stc_url('unsubscribe-'.$type, $email, $element['id']).'">Stop receiving notifications</a><br> |
---|
| 77 | <a href="'.make_stc_url('manage', $email).'">Manage my subscribtions</a>'; |
---|
[12560] | 78 | pwg_mail($email, $mail_args); |
---|
| 79 | } |
---|
| 80 | |
---|
| 81 | unset_make_full_url(); |
---|
| 82 | } |
---|
| 83 | |
---|
[12561] | 84 | |
---|
[12607] | 85 | /** |
---|
[12560] | 86 | * add an email to subscribers list |
---|
| 87 | * @param int (image|category)_id |
---|
| 88 | * @param string email |
---|
| 89 | * @param string type (image|category) |
---|
| 90 | */ |
---|
| 91 | function subscribe_to_comments($element_id, $email, $type='image') |
---|
| 92 | { |
---|
[12600] | 93 | global $page, $conf, $user, $template, $picture; |
---|
[12560] | 94 | |
---|
[12600] | 95 | if ( empty($element_id) or empty($type) ) |
---|
| 96 | { |
---|
| 97 | trigger_error('subscribe_to_comment: missing element_id and/or type', E_USER_WARNING); |
---|
| 98 | return false; |
---|
| 99 | } |
---|
| 100 | |
---|
| 101 | // check email |
---|
[12609] | 102 | if ( ( is_a_guest() or empty($user['email']) ) and empty($email) ) |
---|
[12560] | 103 | { |
---|
[12600] | 104 | return false; |
---|
[12560] | 105 | } |
---|
[12561] | 106 | else if (!is_a_guest()) |
---|
[12560] | 107 | { |
---|
| 108 | $email = $user['email']; |
---|
| 109 | } |
---|
| 110 | |
---|
[12561] | 111 | // don't care if already registered |
---|
[12560] | 112 | $query = ' |
---|
[12600] | 113 | INSERT INTO '.SUBSCRIBE_TO_TABLE.'( |
---|
[12560] | 114 | email, |
---|
| 115 | '.$type.'_id, |
---|
| 116 | registration_date, |
---|
| 117 | validated |
---|
| 118 | ) |
---|
| 119 | VALUES( |
---|
| 120 | "'.pwg_db_real_escape_string($email).'", |
---|
| 121 | '.$element_id.', |
---|
| 122 | NOW(), |
---|
| 123 | "'.(is_a_guest() ? "false" : "true").'" |
---|
| 124 | ) |
---|
[12600] | 125 | ON DUPLICATE KEY UPDATE |
---|
| 126 | registration_date = IF(validated="true", registration_date, NOW()), |
---|
| 127 | validated = IF(validated="true", validated, "'.(is_a_guest() ? "false" : "true").'") |
---|
[12560] | 128 | ;'; |
---|
| 129 | pwg_query($query); |
---|
| 130 | |
---|
[12561] | 131 | // send validation mail |
---|
[12600] | 132 | if ( is_a_guest() and pwg_db_changes(null) != 0 ) |
---|
[12560] | 133 | { |
---|
[12561] | 134 | $element_name = ($type == 'image') ? $picture['current']['name'] : $page['category']['name']; |
---|
| 135 | |
---|
[12560] | 136 | $mail_args = array( |
---|
| 137 | 'subject' => '['.strip_tags($conf['gallery_title']).'] Please confirm your subscribtion to comments', |
---|
| 138 | 'content_format' => 'text/html', |
---|
| 139 | ); |
---|
| 140 | |
---|
| 141 | $mail_args['content'] = ' |
---|
[12561] | 142 | You requested to subscribe by email to comments on <b>'.$element_name.'</b>.<br> |
---|
[12560] | 143 | <br> |
---|
| 144 | We care about your inbox, so we want to confirm this request. Please click the confirm link to activate the subscription.<br> |
---|
| 145 | <br> |
---|
| 146 | <a href="'.make_stc_url('validate-'.$type, $email, $element_id).'">Confirm subscription</a><br> |
---|
| 147 | <br> |
---|
| 148 | If you did not request this action please disregard this message. |
---|
| 149 | '; |
---|
| 150 | |
---|
| 151 | pwg_mail($email, $mail_args); |
---|
[12600] | 152 | return 'confirm_mail'; |
---|
[12560] | 153 | } |
---|
[12600] | 154 | // just display confirmation message |
---|
| 155 | else if (pwg_db_changes(null) != 0) |
---|
[12561] | 156 | { |
---|
[12600] | 157 | return true; |
---|
[12561] | 158 | } |
---|
[12600] | 159 | } |
---|
| 160 | |
---|
[12607] | 161 | |
---|
| 162 | /** |
---|
[12600] | 163 | * remove an email from subscribers list |
---|
| 164 | * @param int (image|category)_id |
---|
| 165 | * @param string email |
---|
| 166 | * @param string type (image|category) |
---|
| 167 | */ |
---|
| 168 | function un_subscribe_to_comments($element_id, $email, $type='image') |
---|
| 169 | { |
---|
| 170 | global $template, $user; |
---|
[12560] | 171 | |
---|
[12600] | 172 | if ( empty($element_id) or empty($type) ) |
---|
| 173 | { |
---|
| 174 | trigger_error('un_subscribe_to_comment: missing element_id and/or type', E_USER_WARNING); |
---|
| 175 | return false; |
---|
| 176 | } |
---|
[12561] | 177 | |
---|
[12600] | 178 | // check email |
---|
[12609] | 179 | if ( ( is_a_guest() or empty($user['email']) ) and empty($email) ) |
---|
[12560] | 180 | { |
---|
[12600] | 181 | return false; |
---|
[12560] | 182 | } |
---|
[12600] | 183 | else if (!is_a_guest()) |
---|
| 184 | { |
---|
| 185 | $email = $user['email']; |
---|
| 186 | } |
---|
| 187 | |
---|
| 188 | // delete subscription |
---|
| 189 | switch ($type) |
---|
| 190 | { |
---|
| 191 | case 'image' : |
---|
| 192 | case 'category' : |
---|
| 193 | $where_clause = $type.'_id = '.pwg_db_real_escape_string($element_id); |
---|
| 194 | case 'all' : |
---|
| 195 | { |
---|
| 196 | $query = ' |
---|
| 197 | DELETE FROM '.SUBSCRIBE_TO_TABLE.' |
---|
| 198 | WHERE |
---|
| 199 | email = "'.pwg_db_real_escape_string($email).'" |
---|
| 200 | '.(!empty($where_clause) ? 'AND '.$where_clause : null).' |
---|
| 201 | ;'; |
---|
| 202 | pwg_query($query); |
---|
| 203 | |
---|
| 204 | return true; |
---|
| 205 | break; |
---|
| 206 | } |
---|
| 207 | } |
---|
| 208 | |
---|
| 209 | return false; |
---|
[12560] | 210 | } |
---|
| 211 | |
---|
[12607] | 212 | |
---|
| 213 | /** |
---|
[12600] | 214 | * validate a subscription |
---|
| 215 | * @param int (image|category)_id |
---|
| 216 | * @param string email |
---|
| 217 | * @param string type (image|category) |
---|
| 218 | */ |
---|
| 219 | function validate_subscriptions($element_id, $email, $type='image') |
---|
| 220 | { |
---|
| 221 | if ( empty($element_id) or empty($email) or empty($type) ) |
---|
| 222 | { |
---|
| 223 | trigger_error('validate_subscriptions: missing element_id and/or email and/or type', E_USER_WARNING); |
---|
| 224 | return false; |
---|
| 225 | } |
---|
| 226 | |
---|
| 227 | switch ($type) |
---|
| 228 | { |
---|
| 229 | case 'image' : |
---|
| 230 | case 'category': |
---|
| 231 | $where_clause = $type.'_id = '.pwg_db_real_escape_string($element_id); |
---|
| 232 | case 'all' : |
---|
| 233 | { |
---|
| 234 | $query = ' |
---|
| 235 | UPDATE '.SUBSCRIBE_TO_TABLE.' |
---|
| 236 | SET validated = "true" |
---|
| 237 | WHERE |
---|
| 238 | email = "'.pwg_db_real_escape_string($email).'" |
---|
| 239 | '.(!empty($where_clause) ? 'AND '.$where_clause : null).' |
---|
| 240 | ;'; |
---|
| 241 | pwg_query($query); |
---|
| 242 | |
---|
| 243 | if (pwg_db_changes(null) != 0) return true; |
---|
| 244 | break; |
---|
| 245 | } |
---|
| 246 | } |
---|
| 247 | |
---|
| 248 | return false; |
---|
| 249 | } |
---|
[12561] | 250 | |
---|
[12607] | 251 | |
---|
[12560] | 252 | /** |
---|
| 253 | * create absolute url to subscriptions section |
---|
| 254 | * @param string action |
---|
| 255 | * @param string email |
---|
| 256 | * @return string |
---|
| 257 | */ |
---|
| 258 | function make_stc_url($action, $email) |
---|
| 259 | { |
---|
[12561] | 260 | if ( empty($action) or empty($email) ) |
---|
| 261 | { |
---|
[12600] | 262 | trigger_error('make_stc_url: missing action and/or mail', E_USER_WARNING); |
---|
[12561] | 263 | return null; |
---|
| 264 | } |
---|
[12560] | 265 | |
---|
| 266 | global $conf; |
---|
| 267 | set_make_full_url(); |
---|
| 268 | |
---|
| 269 | $url_params = array( |
---|
| 270 | 'action' => $action, |
---|
| 271 | 'email' => $email, |
---|
| 272 | ); |
---|
| 273 | |
---|
| 274 | if (func_num_args() > 2) |
---|
| 275 | { |
---|
[12600] | 276 | $url_params['id'] = func_get_arg(2); |
---|
[12560] | 277 | } |
---|
| 278 | |
---|
[12600] | 279 | $url_params['key'] = crypt_value( |
---|
| 280 | $action.$email.(isset($url_params['id'])?$url_params['id']:null), |
---|
| 281 | $conf['secret_key'] |
---|
| 282 | ); |
---|
| 283 | |
---|
[12560] | 284 | $url = add_url_params( |
---|
| 285 | make_index_url( array('section' => 'subscriptions') ), |
---|
| 286 | $url_params |
---|
| 287 | ); |
---|
| 288 | |
---|
| 289 | unset_make_full_url(); |
---|
| 290 | return $url; |
---|
| 291 | } |
---|
| 292 | |
---|
[12607] | 293 | |
---|
[12600] | 294 | /** |
---|
| 295 | * get name and url of a picture |
---|
| 296 | * @param int image_id |
---|
| 297 | * @return array |
---|
| 298 | */ |
---|
| 299 | function get_picture_infos($image_id, $absolute=false) |
---|
| 300 | { |
---|
| 301 | global $page; |
---|
| 302 | |
---|
| 303 | $query = ' |
---|
| 304 | SELECT |
---|
| 305 | id, |
---|
| 306 | name, |
---|
[12607] | 307 | file, |
---|
| 308 | path, |
---|
| 309 | tn_ext |
---|
[12600] | 310 | FROM '.IMAGES_TABLE.' |
---|
| 311 | WHERE id = '.$image_id.' |
---|
| 312 | ;'; |
---|
| 313 | $element = pwg_db_fetch_assoc(pwg_query($query)); |
---|
| 314 | |
---|
| 315 | if (empty($element['name'])) |
---|
| 316 | { |
---|
| 317 | $element['name'] = get_name_from_file($element['file']); |
---|
| 318 | } |
---|
| 319 | |
---|
| 320 | $url_params = array('image_id' => $element['id']); |
---|
| 321 | if ( !empty($page['category']) and !$absolute ) |
---|
| 322 | { |
---|
| 323 | $url_params['section'] = 'categories'; |
---|
| 324 | $url_params['category'] = $page['category']; |
---|
| 325 | } |
---|
| 326 | $element['url'] = make_picture_url($url_params); |
---|
| 327 | |
---|
[12607] | 328 | $element['thumbnail'] = get_thumbnail_url($element); |
---|
| 329 | |
---|
[12600] | 330 | return $element; |
---|
| 331 | } |
---|
[12561] | 332 | |
---|
[12560] | 333 | /** |
---|
[12600] | 334 | * get name and url of a category |
---|
| 335 | * @param int cat_id |
---|
| 336 | * @return array |
---|
| 337 | */ |
---|
| 338 | function get_category_infos($cat_id) |
---|
| 339 | { |
---|
[12607] | 340 | global $conf; |
---|
| 341 | |
---|
[12600] | 342 | $query = ' |
---|
| 343 | SELECT |
---|
[12607] | 344 | cat.id, |
---|
| 345 | cat.name, |
---|
| 346 | cat.permalink, |
---|
| 347 | img.id AS image_id, |
---|
| 348 | img.path, |
---|
| 349 | img.tn_ext |
---|
| 350 | FROM '.CATEGORIES_TABLE.' AS cat |
---|
| 351 | LEFT JOIN '.USER_CACHE_CATEGORIES_TABLE.' AS ucc |
---|
| 352 | ON ucc.cat_id = cat.id AND ucc.user_id = '.$conf['guest_id'].' |
---|
| 353 | LEFT JOIN '.IMAGES_TABLE.' AS img |
---|
| 354 | ON img.id = ucc.user_representative_picture_id |
---|
| 355 | WHERE cat.id = '.$cat_id.' |
---|
[12600] | 356 | ;'; |
---|
| 357 | $element = pwg_db_fetch_assoc(pwg_query($query)); |
---|
[12607] | 358 | // we use guest_id for user_cache beacause we don't know the status of recipient |
---|
[12600] | 359 | |
---|
| 360 | $url_params['section'] = 'categories'; |
---|
| 361 | $url_params['category'] = $element; |
---|
| 362 | $element['url'] = make_index_url($url_params); |
---|
| 363 | |
---|
[12607] | 364 | $element['thumbnail'] = get_thumbnail_url(array( |
---|
| 365 | 'id' => $element['image_id'], |
---|
| 366 | 'path' => $element['path'], |
---|
| 367 | 'tn_ext' => $element['tn_ext'], |
---|
| 368 | )); |
---|
| 369 | |
---|
[12600] | 370 | return $element; |
---|
| 371 | } |
---|
| 372 | |
---|
[12607] | 373 | |
---|
[12600] | 374 | /** |
---|
[12620] | 375 | * crypt a string using mcrypt extension or |
---|
| 376 | * http://stackoverflow.com/questions/800922/how-to-encrypt-string-without-mcrypt-library-in-php/802957#802957 |
---|
[12560] | 377 | * @param string value to crypt |
---|
| 378 | * @param string key |
---|
| 379 | * @return string |
---|
| 380 | */ |
---|
| 381 | function crypt_value($value, $key) |
---|
| 382 | { |
---|
| 383 | if (extension_loaded('mcrypt')) |
---|
| 384 | { |
---|
| 385 | $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); |
---|
| 386 | $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); |
---|
[12620] | 387 | $result = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $value, MCRYPT_MODE_ECB, $iv); |
---|
[12560] | 388 | } |
---|
| 389 | else |
---|
| 390 | { |
---|
[12620] | 391 | $result = null; |
---|
| 392 | for($i = 0; $i < strlen($value); $i++) |
---|
| 393 | { |
---|
| 394 | $char = substr($value, $i, 1); |
---|
| 395 | $keychar = substr($key, ($i % strlen($key))-1, 1); |
---|
| 396 | $char = chr(ord($char) + ord($keychar)); |
---|
| 397 | $result .= $char; |
---|
| 398 | } |
---|
[12560] | 399 | } |
---|
| 400 | |
---|
[12620] | 401 | $result = base64url_encode($result); |
---|
| 402 | return trim($result); |
---|
[12560] | 403 | } |
---|
| 404 | |
---|
| 405 | /** |
---|
| 406 | * decrypt a string crypted with previous function |
---|
| 407 | * @param string value to decrypt |
---|
| 408 | * @param string key |
---|
| 409 | * @return string |
---|
| 410 | */ |
---|
| 411 | function decrypt_value($value, $key) |
---|
| 412 | { |
---|
| 413 | $value = base64url_decode($value); |
---|
| 414 | |
---|
| 415 | if (extension_loaded('mcrypt')) |
---|
| 416 | { |
---|
| 417 | $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); |
---|
| 418 | $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); |
---|
[12620] | 419 | $result = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $value, MCRYPT_MODE_ECB, $iv); |
---|
[12560] | 420 | } |
---|
| 421 | else |
---|
| 422 | { |
---|
[12620] | 423 | $result = null; |
---|
| 424 | for($i = 0; $i < strlen($value); $i++) |
---|
| 425 | { |
---|
| 426 | $char = substr($value, $i, 1); |
---|
| 427 | $keychar = substr($key, ($i % strlen($key))-1, 1); |
---|
| 428 | $char = chr(ord($char) - ord($keychar)); |
---|
| 429 | $result .= $char; |
---|
| 430 | } |
---|
[12560] | 431 | } |
---|
| 432 | |
---|
[12620] | 433 | return trim($result); |
---|
[12560] | 434 | } |
---|
| 435 | |
---|
| 436 | /** |
---|
| 437 | * variant of base64 functions usable into url |
---|
| 438 | * http://fr.php.net/manual/fr/function.base64-encode.php#103849 |
---|
| 439 | */ |
---|
| 440 | function base64url_encode($data) |
---|
| 441 | { |
---|
| 442 | return rtrim(strtr(base64_encode($data), '+/', '-_'), '='); |
---|
| 443 | } |
---|
| 444 | function base64url_decode($data) |
---|
| 445 | { |
---|
| 446 | return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT)); |
---|
| 447 | } |
---|
| 448 | |
---|
| 449 | ?> |
---|