1 | <?php |
---|
2 | if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); |
---|
3 | |
---|
4 | include_once(PHPWG_ROOT_PATH .'include/functions_tag.inc.php'); |
---|
5 | |
---|
6 | /** |
---|
7 | * Send comment to subscribers |
---|
8 | * @param array comm |
---|
9 | */ |
---|
10 | function send_comment_to_subscribers($comm) |
---|
11 | { |
---|
12 | global $conf, $page, $user; |
---|
13 | |
---|
14 | if ( empty($comm) or !is_array($comm) ) |
---|
15 | { |
---|
16 | trigger_error('send_comment_to_subscribers: undefinided comm', E_USER_WARNING); |
---|
17 | return false; |
---|
18 | } |
---|
19 | |
---|
20 | $type= isset($comm['category_id']) ? 'category' : 'image'; |
---|
21 | |
---|
22 | // exclude current user |
---|
23 | $exclude = null; |
---|
24 | if (!empty($_POST['stc_mail'])) $exclude = pwg_db_real_escape_string($_POST['stc_mail']); |
---|
25 | else if (!is_a_guest()) $exclude = $user['email']; |
---|
26 | |
---|
27 | // get subscribers emails |
---|
28 | $query = ' |
---|
29 | SELECT |
---|
30 | email |
---|
31 | FROM '.SUBSCRIBE_TO_TABLE.' |
---|
32 | WHERE |
---|
33 | '.$type.'_id = '.$comm[$type.'_id'].' |
---|
34 | AND validated = true |
---|
35 | AND email != "'.$exclude.'" |
---|
36 | '; |
---|
37 | $emails = array_from_query($query, 'email'); |
---|
38 | |
---|
39 | set_make_full_url(); |
---|
40 | if ($type == 'image') |
---|
41 | { |
---|
42 | $element = get_picture_infos($comm['image_id']); |
---|
43 | } |
---|
44 | else if ($type == 'category') |
---|
45 | { |
---|
46 | $element = get_category_infos($comm['category_id']); |
---|
47 | } |
---|
48 | |
---|
49 | // get author name |
---|
50 | if ($comm['author'] == 'guest') |
---|
51 | { |
---|
52 | $comm['author'] = l10n('guest'); |
---|
53 | } |
---|
54 | |
---|
55 | // mail content |
---|
56 | $mail_args = array( |
---|
57 | 'subject' => '['.strip_tags($conf['gallery_title']).'] Re:'.$element['name'], |
---|
58 | 'content_format' => 'text/html', |
---|
59 | ); |
---|
60 | |
---|
61 | $generic_content = ' |
---|
62 | <a href="'.$element['url'].'"><img src="'.$element['thumbnail'].'" alt="'.$element['name'].'"></a> |
---|
63 | <br> |
---|
64 | <b>.'.trigger_event('render_comment_author', $comm['author']).'</b> wrote : |
---|
65 | |
---|
66 | <blockquote>'.trigger_event('render_comment_content', $comm['content']).'</blockquote> |
---|
67 | |
---|
68 | <a href="'.$element['url'].'#comment-'.$comm['id'].'">Link to comment</a> |
---|
69 | <br><br> |
---|
70 | ================================ |
---|
71 | <br><br>'; |
---|
72 | |
---|
73 | foreach ($emails as $email) |
---|
74 | { |
---|
75 | $mail_args['content'] = $generic_content.' |
---|
76 | <a href="'.make_stc_url('unsubscribe-'.$type, $email, $element['id']).'">Stop receiving notifications</a><br> |
---|
77 | <a href="'.make_stc_url('manage', $email).'">Manage my subscribtions</a>'; |
---|
78 | pwg_mail($email, $mail_args); |
---|
79 | } |
---|
80 | |
---|
81 | unset_make_full_url(); |
---|
82 | } |
---|
83 | |
---|
84 | |
---|
85 | /** |
---|
86 | * add an email to subscribers list |
---|
87 | * @param int (image|category)_id |
---|
88 | * @param string email |
---|
89 | * @param string type (image|category) |
---|
90 | */ |
---|
91 | function subscribe_to_comments($element_id, $email, $type='image') |
---|
92 | { |
---|
93 | global $page, $conf, $user, $template, $picture; |
---|
94 | |
---|
95 | if ( empty($element_id) or empty($type) ) |
---|
96 | { |
---|
97 | trigger_error('subscribe_to_comment: missing element_id and/or type', E_USER_WARNING); |
---|
98 | return false; |
---|
99 | } |
---|
100 | |
---|
101 | // check email |
---|
102 | if ( ( is_a_guest() or empty($user['email']) ) and empty($email) ) |
---|
103 | { |
---|
104 | return false; |
---|
105 | } |
---|
106 | else if (!is_a_guest()) |
---|
107 | { |
---|
108 | $email = $user['email']; |
---|
109 | } |
---|
110 | |
---|
111 | // don't care if already registered |
---|
112 | $query = ' |
---|
113 | INSERT INTO '.SUBSCRIBE_TO_TABLE.'( |
---|
114 | email, |
---|
115 | '.$type.'_id, |
---|
116 | registration_date, |
---|
117 | validated |
---|
118 | ) |
---|
119 | VALUES( |
---|
120 | "'.pwg_db_real_escape_string($email).'", |
---|
121 | '.$element_id.', |
---|
122 | NOW(), |
---|
123 | "'.(is_a_guest() ? "false" : "true").'" |
---|
124 | ) |
---|
125 | ON DUPLICATE KEY UPDATE |
---|
126 | registration_date = IF(validated="true", registration_date, NOW()), |
---|
127 | validated = IF(validated="true", validated, "'.(is_a_guest() ? "false" : "true").'") |
---|
128 | ;'; |
---|
129 | pwg_query($query); |
---|
130 | |
---|
131 | // send validation mail |
---|
132 | if ( is_a_guest() and pwg_db_changes(null) != 0 ) |
---|
133 | { |
---|
134 | $element_name = ($type == 'image') ? $picture['current']['name'] : $page['category']['name']; |
---|
135 | |
---|
136 | $mail_args = array( |
---|
137 | 'subject' => '['.strip_tags($conf['gallery_title']).'] Please confirm your subscribtion to comments', |
---|
138 | 'content_format' => 'text/html', |
---|
139 | ); |
---|
140 | |
---|
141 | $mail_args['content'] = ' |
---|
142 | You requested to subscribe by email to comments on <b>'.$element_name.'</b>.<br> |
---|
143 | <br> |
---|
144 | We care about your inbox, so we want to confirm this request. Please click the confirm link to activate the subscription.<br> |
---|
145 | <br> |
---|
146 | <a href="'.make_stc_url('validate-'.$type, $email, $element_id).'">Confirm subscription</a><br> |
---|
147 | <br> |
---|
148 | If you did not request this action please disregard this message. |
---|
149 | '; |
---|
150 | |
---|
151 | pwg_mail($email, $mail_args); |
---|
152 | return 'confirm_mail'; |
---|
153 | } |
---|
154 | // just display confirmation message |
---|
155 | else if (pwg_db_changes(null) != 0) |
---|
156 | { |
---|
157 | return true; |
---|
158 | } |
---|
159 | } |
---|
160 | |
---|
161 | |
---|
162 | /** |
---|
163 | * remove an email from subscribers list |
---|
164 | * @param int (image|category)_id |
---|
165 | * @param string email |
---|
166 | * @param string type (image|category) |
---|
167 | */ |
---|
168 | function un_subscribe_to_comments($element_id, $email, $type='image') |
---|
169 | { |
---|
170 | global $template, $user; |
---|
171 | |
---|
172 | if ( empty($element_id) or empty($type) ) |
---|
173 | { |
---|
174 | trigger_error('un_subscribe_to_comment: missing element_id and/or type', E_USER_WARNING); |
---|
175 | return false; |
---|
176 | } |
---|
177 | |
---|
178 | // check email |
---|
179 | if ( ( is_a_guest() or empty($user['email']) ) and empty($email) ) |
---|
180 | { |
---|
181 | return false; |
---|
182 | } |
---|
183 | else if (!is_a_guest()) |
---|
184 | { |
---|
185 | $email = $user['email']; |
---|
186 | } |
---|
187 | |
---|
188 | // delete subscription |
---|
189 | switch ($type) |
---|
190 | { |
---|
191 | case 'image' : |
---|
192 | case 'category' : |
---|
193 | $where_clause = $type.'_id = '.pwg_db_real_escape_string($element_id); |
---|
194 | case 'all' : |
---|
195 | { |
---|
196 | $query = ' |
---|
197 | DELETE FROM '.SUBSCRIBE_TO_TABLE.' |
---|
198 | WHERE |
---|
199 | email = "'.pwg_db_real_escape_string($email).'" |
---|
200 | '.(!empty($where_clause) ? 'AND '.$where_clause : null).' |
---|
201 | ;'; |
---|
202 | pwg_query($query); |
---|
203 | |
---|
204 | return true; |
---|
205 | break; |
---|
206 | } |
---|
207 | } |
---|
208 | |
---|
209 | return false; |
---|
210 | } |
---|
211 | |
---|
212 | |
---|
213 | /** |
---|
214 | * validate a subscription |
---|
215 | * @param int (image|category)_id |
---|
216 | * @param string email |
---|
217 | * @param string type (image|category) |
---|
218 | */ |
---|
219 | function validate_subscriptions($element_id, $email, $type='image') |
---|
220 | { |
---|
221 | if ( empty($element_id) or empty($email) or empty($type) ) |
---|
222 | { |
---|
223 | trigger_error('validate_subscriptions: missing element_id and/or email and/or type', E_USER_WARNING); |
---|
224 | return false; |
---|
225 | } |
---|
226 | |
---|
227 | switch ($type) |
---|
228 | { |
---|
229 | case 'image' : |
---|
230 | case 'category': |
---|
231 | $where_clause = $type.'_id = '.pwg_db_real_escape_string($element_id); |
---|
232 | case 'all' : |
---|
233 | { |
---|
234 | $query = ' |
---|
235 | UPDATE '.SUBSCRIBE_TO_TABLE.' |
---|
236 | SET validated = "true" |
---|
237 | WHERE |
---|
238 | email = "'.pwg_db_real_escape_string($email).'" |
---|
239 | '.(!empty($where_clause) ? 'AND '.$where_clause : null).' |
---|
240 | ;'; |
---|
241 | pwg_query($query); |
---|
242 | |
---|
243 | if (pwg_db_changes(null) != 0) return true; |
---|
244 | break; |
---|
245 | } |
---|
246 | } |
---|
247 | |
---|
248 | return false; |
---|
249 | } |
---|
250 | |
---|
251 | |
---|
252 | /** |
---|
253 | * create absolute url to subscriptions section |
---|
254 | * @param string action |
---|
255 | * @param string email |
---|
256 | * @return string |
---|
257 | */ |
---|
258 | function make_stc_url($action, $email) |
---|
259 | { |
---|
260 | if ( empty($action) or empty($email) ) |
---|
261 | { |
---|
262 | trigger_error('make_stc_url: missing action and/or mail', E_USER_WARNING); |
---|
263 | return null; |
---|
264 | } |
---|
265 | |
---|
266 | global $conf; |
---|
267 | set_make_full_url(); |
---|
268 | |
---|
269 | $url_params = array( |
---|
270 | 'action' => $action, |
---|
271 | 'email' => $email, |
---|
272 | ); |
---|
273 | |
---|
274 | if (func_num_args() > 2) |
---|
275 | { |
---|
276 | $url_params['id'] = func_get_arg(2); |
---|
277 | } |
---|
278 | |
---|
279 | $url_params['key'] = crypt_value( |
---|
280 | $action.$email.(isset($url_params['id'])?$url_params['id']:null), |
---|
281 | $conf['secret_key'] |
---|
282 | ); |
---|
283 | |
---|
284 | $url = add_url_params( |
---|
285 | make_index_url( array('section' => 'subscriptions') ), |
---|
286 | $url_params |
---|
287 | ); |
---|
288 | |
---|
289 | unset_make_full_url(); |
---|
290 | return $url; |
---|
291 | } |
---|
292 | |
---|
293 | |
---|
294 | /** |
---|
295 | * get name and url of a picture |
---|
296 | * @param int image_id |
---|
297 | * @return array |
---|
298 | */ |
---|
299 | function get_picture_infos($image_id, $absolute=false) |
---|
300 | { |
---|
301 | global $page; |
---|
302 | |
---|
303 | $query = ' |
---|
304 | SELECT |
---|
305 | id, |
---|
306 | name, |
---|
307 | file, |
---|
308 | path, |
---|
309 | tn_ext |
---|
310 | FROM '.IMAGES_TABLE.' |
---|
311 | WHERE id = '.$image_id.' |
---|
312 | ;'; |
---|
313 | $element = pwg_db_fetch_assoc(pwg_query($query)); |
---|
314 | |
---|
315 | if (empty($element['name'])) |
---|
316 | { |
---|
317 | $element['name'] = get_name_from_file($element['file']); |
---|
318 | } |
---|
319 | |
---|
320 | $url_params = array('image_id' => $element['id']); |
---|
321 | if ( !empty($page['category']) and !$absolute ) |
---|
322 | { |
---|
323 | $url_params['section'] = 'categories'; |
---|
324 | $url_params['category'] = $page['category']; |
---|
325 | } |
---|
326 | $element['url'] = make_picture_url($url_params); |
---|
327 | |
---|
328 | $element['thumbnail'] = get_thumbnail_url($element); |
---|
329 | |
---|
330 | return $element; |
---|
331 | } |
---|
332 | |
---|
333 | /** |
---|
334 | * get name and url of a category |
---|
335 | * @param int cat_id |
---|
336 | * @return array |
---|
337 | */ |
---|
338 | function get_category_infos($cat_id) |
---|
339 | { |
---|
340 | global $conf; |
---|
341 | |
---|
342 | $query = ' |
---|
343 | SELECT |
---|
344 | cat.id, |
---|
345 | cat.name, |
---|
346 | cat.permalink, |
---|
347 | img.id AS image_id, |
---|
348 | img.path, |
---|
349 | img.tn_ext |
---|
350 | FROM '.CATEGORIES_TABLE.' AS cat |
---|
351 | LEFT JOIN '.USER_CACHE_CATEGORIES_TABLE.' AS ucc |
---|
352 | ON ucc.cat_id = cat.id AND ucc.user_id = '.$conf['guest_id'].' |
---|
353 | LEFT JOIN '.IMAGES_TABLE.' AS img |
---|
354 | ON img.id = ucc.user_representative_picture_id |
---|
355 | WHERE cat.id = '.$cat_id.' |
---|
356 | ;'; |
---|
357 | $element = pwg_db_fetch_assoc(pwg_query($query)); |
---|
358 | // we use guest_id for user_cache beacause we don't know the status of recipient |
---|
359 | |
---|
360 | $url_params['section'] = 'categories'; |
---|
361 | $url_params['category'] = $element; |
---|
362 | $element['url'] = make_index_url($url_params); |
---|
363 | |
---|
364 | $element['thumbnail'] = get_thumbnail_url(array( |
---|
365 | 'id' => $element['image_id'], |
---|
366 | 'path' => $element['path'], |
---|
367 | 'tn_ext' => $element['tn_ext'], |
---|
368 | )); |
---|
369 | |
---|
370 | return $element; |
---|
371 | } |
---|
372 | |
---|
373 | |
---|
374 | /** |
---|
375 | * crypt a string using mcrypt extension or |
---|
376 | * http://stackoverflow.com/questions/800922/how-to-encrypt-string-without-mcrypt-library-in-php/802957#802957 |
---|
377 | * @param string value to crypt |
---|
378 | * @param string key |
---|
379 | * @return string |
---|
380 | */ |
---|
381 | function crypt_value($value, $key) |
---|
382 | { |
---|
383 | if (extension_loaded('mcrypt')) |
---|
384 | { |
---|
385 | $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); |
---|
386 | $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); |
---|
387 | $result = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $value, MCRYPT_MODE_ECB, $iv); |
---|
388 | } |
---|
389 | else |
---|
390 | { |
---|
391 | $result = null; |
---|
392 | for($i = 0; $i < strlen($value); $i++) |
---|
393 | { |
---|
394 | $char = substr($value, $i, 1); |
---|
395 | $keychar = substr($key, ($i % strlen($key))-1, 1); |
---|
396 | $char = chr(ord($char) + ord($keychar)); |
---|
397 | $result .= $char; |
---|
398 | } |
---|
399 | } |
---|
400 | |
---|
401 | $result = base64url_encode($result); |
---|
402 | return trim($result); |
---|
403 | } |
---|
404 | |
---|
405 | /** |
---|
406 | * decrypt a string crypted with previous function |
---|
407 | * @param string value to decrypt |
---|
408 | * @param string key |
---|
409 | * @return string |
---|
410 | */ |
---|
411 | function decrypt_value($value, $key) |
---|
412 | { |
---|
413 | $value = base64url_decode($value); |
---|
414 | |
---|
415 | if (extension_loaded('mcrypt')) |
---|
416 | { |
---|
417 | $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); |
---|
418 | $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); |
---|
419 | $result = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $value, MCRYPT_MODE_ECB, $iv); |
---|
420 | } |
---|
421 | else |
---|
422 | { |
---|
423 | $result = null; |
---|
424 | for($i = 0; $i < strlen($value); $i++) |
---|
425 | { |
---|
426 | $char = substr($value, $i, 1); |
---|
427 | $keychar = substr($key, ($i % strlen($key))-1, 1); |
---|
428 | $char = chr(ord($char) - ord($keychar)); |
---|
429 | $result .= $char; |
---|
430 | } |
---|
431 | } |
---|
432 | |
---|
433 | return trim($result); |
---|
434 | } |
---|
435 | |
---|
436 | /** |
---|
437 | * variant of base64 functions usable into url |
---|
438 | * http://fr.php.net/manual/fr/function.base64-encode.php#103849 |
---|
439 | */ |
---|
440 | function base64url_encode($data) |
---|
441 | { |
---|
442 | return rtrim(strtr(base64_encode($data), '+/', '-_'), '='); |
---|
443 | } |
---|
444 | function base64url_decode($data) |
---|
445 | { |
---|
446 | return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT)); |
---|
447 | } |
---|
448 | |
---|
449 | ?> |
---|