Context Navigation

source: tags/2.2.5/include/functions.inc.php @ 24061

Last change on this file since 24061 was 12022, checked in by plg, 13 years ago
bug 2421 fixed: no more warning on comments.php when $_SERVERQUERY_STRING is not defined
Property svn:eol-style set to `LF`
File size: 41.1 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based photo gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2011 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	include_once( PHPWG_ROOT_PATH .'include/functions_user.inc.php' );
25	include_once( PHPWG_ROOT_PATH .'include/functions_cookie.inc.php' );
26	include_once( PHPWG_ROOT_PATH .'include/functions_session.inc.php' );
27	include_once( PHPWG_ROOT_PATH .'include/functions_category.inc.php' );
28	include_once( PHPWG_ROOT_PATH .'include/functions_xml.inc.php' );
29	include_once( PHPWG_ROOT_PATH .'include/functions_html.inc.php' );
30	include_once( PHPWG_ROOT_PATH .'include/functions_tag.inc.php' );
31	include_once( PHPWG_ROOT_PATH .'include/functions_url.inc.php' );
32	include_once( PHPWG_ROOT_PATH .'include/functions_plugins.inc.php' );
33
34	//----------------------------------------------------------- generic functions
35
36	/**
37	* stupidly returns the current microsecond since Unix epoch
38	*/
39	function micro_seconds()
40	{
41	$t1 = explode(' ', microtime());
42	$t2 = explode('.', $t1[0]);
43	$t2 = $t1[1].substr($t2[1], 0, 6);
44	return $t2;
45	}
46
47	// The function get_moment returns a float value coresponding to the number
48	// of seconds since the unix epoch (1st January 1970) and the microseconds
49	// are precised : e.g. 1052343429.89276600
50	function get_moment()
51	{
52	$t1 = explode( ' ', microtime() );
53	$t2 = explode( '.', $t1[0] );
54	$t2 = $t1[1].'.'.$t2[1];
55	return $t2;
56	}
57
58	// The function get_elapsed_time returns the number of seconds (with 3
59	// decimals precision) between the start time and the end time given.
60	function get_elapsed_time( $start, $end )
61	{
62	return number_format( $end - $start, 3, '.', ' ').' s';
63	}
64
65	// - The replace_space function replaces space and '-' characters
66	// by their HTML equivalent &nbsb; and −
67	// - The function does not replace characters in HTML tags
68	// - This function was created because IE5 does not respect the
69	// CSS "white-space: nowrap;" property unless space and minus
70	// characters are replaced like this function does.
71	// - Example :
72	// <div class="foo">My friend</div>
73	// ( 01234567891111111111222222222233 )
74	// ( 0123456789012345678901 )
75	// becomes :
76	// <div class="foo">My friend</div>
77	function replace_space( $string )
78	{
79	//return $string;
80	$return_string = '';
81	// $remaining is the rest of the string where to replace spaces characters
82	$remaining = $string;
83	// $start represents the position of the next '<' character
84	// $end represents the position of the next '>' character
85	; // -> 0
86	$end = strpos ( $remaining, '>' ); // -> 16
87	// as long as a '<' and his friend '>' are found, we loop
88	while ( ($start=strpos( $remaining, '<' )) !==false
89	and ($end=strpos( $remaining, '>' )) !== false )
90	{
91	// $treatment is the part of the string to treat
92	// In the first loop of our example, this variable is empty, but in the
93	// second loop, it equals 'My friend'
94	$treatment = substr ( $remaining, 0, $start );
95	// Replacement of ' ' by his equivalent ' '
96	$treatment = str_replace( ' ', ' ', $treatment );
97	$treatment = str_replace( '-', '−', $treatment );
98	// composing the string to return by adding the treated string and the
99	// following HTML tag -> 'My friend</div>'
100	$return_string.= $treatment.substr( $remaining, $start, $end-$start+1 );
101	// the remaining string is deplaced to the part after the '>' of this
102	// loop
103	$remaining = substr ( $remaining, $end + 1, strlen( $remaining ) );
104	}
105	$treatment = str_replace( ' ', ' ', $remaining );
106	$treatment = str_replace( '-', '−', $treatment );
107	$return_string.= $treatment;
108
109	return $return_string;
110	}
111
112	// get_extension returns the part of the string after the last "."
113	function get_extension( $filename )
114	{
115	return substr( strrchr( $filename, '.' ), 1, strlen ( $filename ) );
116	}
117
118	// get_filename_wo_extension returns the part of the string before the last
119	// ".".
120	// get_filename_wo_extension( 'test.tar.gz' ) -> 'test.tar'
121	function get_filename_wo_extension( $filename )
122	{
123	$pos = strrpos( $filename, '.' );
124	return ($pos===false) ? $filename : substr( $filename, 0, $pos);
125	}
126
127	/**
128	* returns an array contening sub-directories, excluding ".svn"
129	*
130	* @param string $dir
131	* @return array
132	*/
133	function get_dirs($directory)
134	{
135	$sub_dirs = array();
136	if ($opendir = opendir($directory))
137	{
138	while ($file = readdir($opendir))
139	{
140	if ($file != '.'
141	and $file != '..'
142	and is_dir($directory.'/'.$file)
143	and $file != '.svn')
144	{
145	array_push($sub_dirs, $file);
146	}
147	}
148	closedir($opendir);
149	}
150	return $sub_dirs;
151	}
152
153	define('MKGETDIR_NONE', 0);
154	define('MKGETDIR_RECURSIVE', 1);
155	define('MKGETDIR_DIE_ON_ERROR', 2);
156	define('MKGETDIR_PROTECT_INDEX', 4);
157	define('MKGETDIR_PROTECT_HTACCESS', 8);
158	define('MKGETDIR_DEFAULT', 7);
159	/**
160	* creates directory if not exists; ensures that directory is writable
161	* @param:
162	* string $dir
163	* int $flags combination of MKGETDIR_xxx
164	* @return bool false on error else true
165	*/
166	function mkgetdir($dir, $flags=MKGETDIR_DEFAULT)
167	{
168	if ( !is_dir($dir) )
169	{
170	if (substr(PHP_OS, 0, 3) == 'WIN')
171	{
172	$dir = str_replace('/', DIRECTORY_SEPARATOR, $dir);
173	}
174	$umask = umask(0);
175	$mkd = @mkdir($dir, 0755, ($flags&MKGETDIR_RECURSIVE) ? true:false );
176	umask($umask);
177	if ($mkd==false)
178	{
179	!($flags&MKGETDIR_DIE_ON_ERROR) or fatal_error( "$dir ".l10n('no write access'));
180	return false;
181	}
182	if( $flags&MKGETDIR_PROTECT_HTACCESS )
183	{
184	$file = $dir.'/.htaccess';
185	file_exists($file) or @file_put_contents( $file, 'deny from all' );
186	}
187	if( $flags&MKGETDIR_PROTECT_INDEX )
188	{
189	$file = $dir.'/index.htm';
190	file_exists($file) or @file_put_contents( $file, 'Not allowed!' );
191	}
192	}
193	if ( !is_writable($dir) )
194	{
195	!($flags&MKGETDIR_DIE_ON_ERROR) or fatal_error( "$dir ".l10n('no write access'));
196	return false;
197	}
198	return true;
199	}
200
201	/**
202	* returns thumbnail directory name of input diretoty name
203	* make thumbnail directory is necessary
204	* set error messages on array messages
205	*
206	* @param:
207	* string $dirname
208	* arrayy $errors
209	* @return bool false on error else string directory name
210	*/
211	function mkget_thumbnail_dir($dirname, &$errors)
212	{
213	global $conf;
214
215	$tndir = $dirname.'/'.$conf['dir_thumbnail'];
216	if (! mkgetdir($tndir, MKGETDIR_NONE) )
217	{
218	array_push($errors,
219	'['.$dirname.'] : '.l10n('no write access'));
220	return false;
221	}
222	return $tndir;
223	}
224
225	/* Returns true if the string appears to be encoded in UTF-8. (from wordpress)
226	* @param string Str
227	*/
228	function seems_utf8($Str) { # by bmorel at ssi dot fr
229	for ($i=0; $i<strlen($Str); $i++) {
230	if (ord($Str[$i]) < 0x80) continue; # 0bbbbbbb
231	elseif ((ord($Str[$i]) & 0xE0) == 0xC0) $n=1; # 110bbbbb
232	elseif ((ord($Str[$i]) & 0xF0) == 0xE0) $n=2; # 1110bbbb
233	elseif ((ord($Str[$i]) & 0xF8) == 0xF0) $n=3; # 11110bbb
234	elseif ((ord($Str[$i]) & 0xFC) == 0xF8) $n=4; # 111110bb
235	elseif ((ord($Str[$i]) & 0xFE) == 0xFC) $n=5; # 1111110b
236	else return false; # Does not match any model
237	for ($j=0; $j<$n; $j++) { # n bytes matching 10bbbbbb follow ?
238	if ((++$i == strlen($Str)) \|\| ((ord($Str[$i]) & 0xC0) != 0x80))
239	return false;
240	}
241	}
242	return true;
243	}
244
245	/* Remove accents from a UTF-8 or ISO-859-1 string (from wordpress)
246	* @param string sstring - an UTF-8 or ISO-8859-1 string
247	*/
248	function remove_accents($string)
249	{
250	if ( !preg_match('/[\x80-\xff]/', $string) )
251	return $string;
252
253	if (seems_utf8($string)) {
254	$chars = array(
255	// Decompositions for Latin-1 Supplement
256	"\xc3\x80"=>'A', "\xc3\x81"=>'A',
257	"\xc3\x82"=>'A', "\xc3\x83"=>'A',
258	"\xc3\x84"=>'A', "\xc3\x85"=>'A',
259	"\xc3\x87"=>'C', "\xc3\x88"=>'E',
260	"\xc3\x89"=>'E', "\xc3\x8a"=>'E',
261	"\xc3\x8b"=>'E', "\xc3\x8c"=>'I',
262	"\xc3\x8d"=>'I', "\xc3\x8e"=>'I',
263	"\xc3\x8f"=>'I', "\xc3\x91"=>'N',
264	"\xc3\x92"=>'O', "\xc3\x93"=>'O',
265	"\xc3\x94"=>'O', "\xc3\x95"=>'O',
266	"\xc3\x96"=>'O', "\xc3\x99"=>'U',
267	"\xc3\x9a"=>'U', "\xc3\x9b"=>'U',
268	"\xc3\x9c"=>'U', "\xc3\x9d"=>'Y',
269	"\xc3\x9f"=>'s', "\xc3\xa0"=>'a',
270	"\xc3\xa1"=>'a', "\xc3\xa2"=>'a',
271	"\xc3\xa3"=>'a', "\xc3\xa4"=>'a',
272	"\xc3\xa5"=>'a', "\xc3\xa7"=>'c',
273	"\xc3\xa8"=>'e', "\xc3\xa9"=>'e',
274	"\xc3\xaa"=>'e', "\xc3\xab"=>'e',
275	"\xc3\xac"=>'i', "\xc3\xad"=>'i',
276	"\xc3\xae"=>'i', "\xc3\xaf"=>'i',
277	"\xc3\xb1"=>'n', "\xc3\xb2"=>'o',
278	"\xc3\xb3"=>'o', "\xc3\xb4"=>'o',
279	"\xc3\xb5"=>'o', "\xc3\xb6"=>'o',
280	"\xc3\xb9"=>'u', "\xc3\xba"=>'u',
281	"\xc3\xbb"=>'u', "\xc3\xbc"=>'u',
282	"\xc3\xbd"=>'y', "\xc3\xbf"=>'y',
283	// Decompositions for Latin Extended-A
284	"\xc4\x80"=>'A', "\xc4\x81"=>'a',
285	"\xc4\x82"=>'A', "\xc4\x83"=>'a',
286	"\xc4\x84"=>'A', "\xc4\x85"=>'a',
287	"\xc4\x86"=>'C', "\xc4\x87"=>'c',
288	"\xc4\x88"=>'C', "\xc4\x89"=>'c',
289	"\xc4\x8a"=>'C', "\xc4\x8b"=>'c',
290	"\xc4\x8c"=>'C', "\xc4\x8d"=>'c',
291	"\xc4\x8e"=>'D', "\xc4\x8f"=>'d',
292	"\xc4\x90"=>'D', "\xc4\x91"=>'d',
293	"\xc4\x92"=>'E', "\xc4\x93"=>'e',
294	"\xc4\x94"=>'E', "\xc4\x95"=>'e',
295	"\xc4\x96"=>'E', "\xc4\x97"=>'e',
296	"\xc4\x98"=>'E', "\xc4\x99"=>'e',
297	"\xc4\x9a"=>'E', "\xc4\x9b"=>'e',
298	"\xc4\x9c"=>'G', "\xc4\x9d"=>'g',
299	"\xc4\x9e"=>'G', "\xc4\x9f"=>'g',
300	"\xc4\xa0"=>'G', "\xc4\xa1"=>'g',
301	"\xc4\xa2"=>'G', "\xc4\xa3"=>'g',
302	"\xc4\xa4"=>'H', "\xc4\xa5"=>'h',
303	"\xc4\xa6"=>'H', "\xc4\xa7"=>'h',
304	"\xc4\xa8"=>'I', "\xc4\xa9"=>'i',
305	"\xc4\xaa"=>'I', "\xc4\xab"=>'i',
306	"\xc4\xac"=>'I', "\xc4\xad"=>'i',
307	"\xc4\xae"=>'I', "\xc4\xaf"=>'i',
308	"\xc4\xb0"=>'I', "\xc4\xb1"=>'i',
309	"\xc4\xb2"=>'IJ', "\xc4\xb3"=>'ij',
310	"\xc4\xb4"=>'J', "\xc4\xb5"=>'j',
311	"\xc4\xb6"=>'K', "\xc4\xb7"=>'k',
312	"\xc4\xb8"=>'k', "\xc4\xb9"=>'L',
313	"\xc4\xba"=>'l', "\xc4\xbb"=>'L',
314	"\xc4\xbc"=>'l', "\xc4\xbd"=>'L',
315	"\xc4\xbe"=>'l', "\xc4\xbf"=>'L',
316	"\xc5\x80"=>'l', "\xc5\x81"=>'L',
317	"\xc5\x82"=>'l', "\xc5\x83"=>'N',
318	"\xc5\x84"=>'n', "\xc5\x85"=>'N',
319	"\xc5\x86"=>'n', "\xc5\x87"=>'N',
320	"\xc5\x88"=>'n', "\xc5\x89"=>'N',
321	"\xc5\x8a"=>'n', "\xc5\x8b"=>'N',
322	"\xc5\x8c"=>'O', "\xc5\x8d"=>'o',
323	"\xc5\x8e"=>'O', "\xc5\x8f"=>'o',
324	"\xc5\x90"=>'O', "\xc5\x91"=>'o',
325	"\xc5\x92"=>'OE', "\xc5\x93"=>'oe',
326	"\xc5\x94"=>'R', "\xc5\x95"=>'r',
327	"\xc5\x96"=>'R', "\xc5\x97"=>'r',
328	"\xc5\x98"=>'R', "\xc5\x99"=>'r',
329	"\xc5\x9a"=>'S', "\xc5\x9b"=>'s',
330	"\xc5\x9c"=>'S', "\xc5\x9d"=>'s',
331	"\xc5\x9e"=>'S', "\xc5\x9f"=>'s',
332	"\xc5\xa0"=>'S', "\xc5\xa1"=>'s',
333	"\xc5\xa2"=>'T', "\xc5\xa3"=>'t',
334	"\xc5\xa4"=>'T', "\xc5\xa5"=>'t',
335	"\xc5\xa6"=>'T', "\xc5\xa7"=>'t',
336	"\xc5\xa8"=>'U', "\xc5\xa9"=>'u',
337	"\xc5\xaa"=>'U', "\xc5\xab"=>'u',
338	"\xc5\xac"=>'U', "\xc5\xad"=>'u',
339	"\xc5\xae"=>'U', "\xc5\xaf"=>'u',
340	"\xc5\xb0"=>'U', "\xc5\xb1"=>'u',
341	"\xc5\xb2"=>'U', "\xc5\xb3"=>'u',
342	"\xc5\xb4"=>'W', "\xc5\xb5"=>'w',
343	"\xc5\xb6"=>'Y', "\xc5\xb7"=>'y',
344	"\xc5\xb8"=>'Y', "\xc5\xb9"=>'Z',
345	"\xc5\xba"=>'z', "\xc5\xbb"=>'Z',
346	"\xc5\xbc"=>'z', "\xc5\xbd"=>'Z',
347	"\xc5\xbe"=>'z', "\xc5\xbf"=>'s',
348	// Euro Sign
349	"\xe2\x82\xac"=>'E',
350	// GBP (Pound) Sign
351	"\xc2\xa3"=>'');
352
353	$string = strtr($string, $chars);
354	} else {
355	// Assume ISO-8859-1 if not UTF-8
356	$chars['in'] = chr(128).chr(131).chr(138).chr(142).chr(154).chr(158)
357	.chr(159).chr(162).chr(165).chr(181).chr(192).chr(193).chr(194)
358	.chr(195).chr(196).chr(197).chr(199).chr(200).chr(201).chr(202)
359	.chr(203).chr(204).chr(205).chr(206).chr(207).chr(209).chr(210)
360	.chr(211).chr(212).chr(213).chr(214).chr(216).chr(217).chr(218)
361	.chr(219).chr(220).chr(221).chr(224).chr(225).chr(226).chr(227)
362	.chr(228).chr(229).chr(231).chr(232).chr(233).chr(234).chr(235)
363	.chr(236).chr(237).chr(238).chr(239).chr(241).chr(242).chr(243)
364	.chr(244).chr(245).chr(246).chr(248).chr(249).chr(250).chr(251)
365	.chr(252).chr(253).chr(255);
366
367	$chars['out'] = "EfSZszYcYuAAAAAACEEEEIIIINOOOOOOUUUUYaaaaaaceeeeiiiinoooooouuuuyy";
368
369	$string = strtr($string, $chars['in'], $chars['out']);
370	$double_chars['in'] = array(chr(140), chr(156), chr(198), chr(208), chr(222), chr(223), chr(230), chr(240), chr(254));
371	$double_chars['out'] = array('OE', 'oe', 'AE', 'DH', 'TH', 'ss', 'ae', 'dh', 'th');
372	$string = str_replace($double_chars['in'], $double_chars['out'], $string);
373	}
374
375	return $string;
376	}
377
378	/**
379	* simplify a string to insert it into an URL
380	*
381	* @param string
382	* @return string
383	*/
384	function str2url($str)
385	{
386	$raw = $str;
387
388	$str = remove_accents($str);
389	$str = preg_replace('/[^a-z0-9_\s\'\:\/\[\],-]/','',strtolower($str));
390	$str = preg_replace('/[\s\'\:\/\[\],-]+/',' ',trim($str));
391	$res = str_replace(' ','_',$str);
392
393	if (empty($res))
394	{
395	$res = str_replace(' ','_', $raw);
396	}
397
398	return $res;
399	}
400
401	//-------------------------------------------- Piwigo specific functions
402
403	/**
404	* returns an array with a list of {language_code => language_name}
405	*
406	* @returns array
407	*/
408	function get_languages()
409	{
410	$query = '
411	SELECT id, name
412	FROM '.LANGUAGES_TABLE.'
413	ORDER BY name ASC
414	;';
415	$result = pwg_query($query);
416
417	$languages = array();
418	while ($row = pwg_db_fetch_assoc($result))
419	{
420	if (is_dir(PHPWG_ROOT_PATH.'language/'.$row['id']))
421	{
422	$languages[ $row['id'] ] = $row['name'];
423	}
424	}
425
426	return $languages;
427	}
428
429	function pwg_log($image_id = null, $image_type = null)
430	{
431	global $conf, $user, $page;
432
433	$do_log = $conf['log'];
434	if (is_admin())
435	{
436	$do_log = $conf['history_admin'];
437	}
438	if (is_a_guest())
439	{
440	$do_log = $conf['history_guest'];
441	}
442
443	$do_log = trigger_event('pwg_log_allowed', $do_log, $image_id, $image_type);
444
445	if (!$do_log)
446	{
447	return false;
448	}
449
450	$tags_string = null;
451	if ('tags'==@$page['section'])
452	{
453	$tags_string = implode(',', $page['tag_ids']);
454	}
455
456	$query = '
457	INSERT INTO '.HISTORY_TABLE.'
458	(
459	date,
460	time,
461	user_id,
462	IP,
463	section,
464	category_id,
465	image_id,
466	image_type,
467	tag_ids
468	)
469	VALUES
470	(
471	CURRENT_DATE,
472	CURRENT_TIME,
473	'.$user['id'].',
474	\''.$_SERVER['REMOTE_ADDR'].'\',
475	'.(isset($page['section']) ? "'".$page['section']."'" : 'NULL').',
476	'.(isset($page['category']['id']) ? $page['category']['id'] : 'NULL').',
477	'.(isset($image_id) ? $image_id : 'NULL').',
478	'.(isset($image_type) ? "'".$image_type."'" : 'NULL').',
479	'.(isset($tags_string) ? "'".$tags_string."'" : 'NULL').'
480	)
481	;';
482	pwg_query($query);
483
484	return true;
485	}
486
487	// format_date returns a formatted date for display. The date given in
488	// argument must be an american format (2003-09-15). By option, you can show the time.
489	// The output is internationalized.
490	//
491	// format_date( "2003-09-15", true ) -> "Monday 15 September 2003 21:52"
492	function format_date($date, $show_time = false)
493	{
494	global $lang;
495
496	if (strpos($date, '0') == 0)
497	{
498	return l10n('N/A');
499	}
500
501	$ymdhms = array();
502	$tok = strtok( $date, '- :');
503	while ($tok !== false)
504	{
505	$ymdhms[] = $tok;
506	$tok = strtok('- :');
507	}
508
509	if ( count($ymdhms)<3 )
510	{
511	return false;
512	}
513
514	$formated_date = '';
515	// before 1970, Microsoft Windows can't mktime
516	if ($ymdhms[0] >= 1970)
517	{
518	// we ask midday because Windows think it's prior to midnight with a
519	// zero and refuse to work
520	$formated_date.= $lang['day'][date('w', mktime(12,0,0,$ymdhms[1],$ymdhms[2],$ymdhms[0]))];
521	}
522	$formated_date.= ' '.$ymdhms[2];
523	$formated_date.= ' '.$lang['month'][(int)$ymdhms[1]];
524	$formated_date.= ' '.$ymdhms[0];
525	if ($show_time and count($ymdhms)>=5 )
526	{
527	$formated_date.= ' '.$ymdhms[3].':'.$ymdhms[4];
528	}
529	return $formated_date;
530	}
531
532	function pwg_debug( $string )
533	{
534	global $debug,$t2,$page;
535
536	$now = explode( ' ', microtime() );
537	$now2 = explode( '.', $now[0] );
538	$now2 = $now[1].'.'.$now2[1];
539	$time = number_format( $now2 - $t2, 3, '.', ' ').' s';
540	$debug .= '<p>';
541	$debug.= '['.$time.', ';
542	$debug.= $page['count_queries'].' queries] : '.$string;
543	$debug.= "</p>\n";
544	}
545
546	/**
547	* Redirects to the given URL (HTTP method)
548	*
549	* Note : once this function called, the execution doesn't go further
550	* (presence of an exit() instruction.
551	*
552	* @param string $url
553	* @return void
554	*/
555	function redirect_http( $url )
556	{
557	if (ob_get_length () !== FALSE)
558	{
559	ob_clean();
560	}
561	// default url is on html format
562	$url = html_entity_decode($url);
563	header('Request-URI: '.$url);
564	header('Content-Location: '.$url);
565	header('Location: '.$url);
566	exit();
567	}
568
569	/**
570	* Redirects to the given URL (HTML method)
571	*
572	* Note : once this function called, the execution doesn't go further
573	* (presence of an exit() instruction.
574	*
575	* @param string $url
576	* @param string $title_msg
577	* @param integer $refreh_time
578	* @return void
579	*/
580	function redirect_html( $url , $msg = '', $refresh_time = 0)
581	{
582	global $user, $template, $lang_info, $conf, $lang, $t2, $page, $debug;
583
584	if (!isset($lang_info) \|\| !isset($template) )
585	{
586	$user = build_user( $conf['guest_id'], true);
587	load_language('common.lang');
588	trigger_action('loading_lang');
589	load_language('lang', PHPWG_ROOT_PATH.PWG_LOCAL_DIR, array('no_fallback'=>true, 'local'=>true) );
590	$template = new Template(PHPWG_ROOT_PATH.'themes', get_default_theme());
591	}
592	elseif (defined('IN_ADMIN') and IN_ADMIN)
593	{
594	$template = new Template(PHPWG_ROOT_PATH.'themes', get_default_theme());
595	}
596
597	if (empty($msg))
598	{
599	$msg = nl2br(l10n('Redirection...'));
600	}
601
602	$refresh = $refresh_time;
603	$url_link = $url;
604	$title = 'redirection';
605
606	$template->set_filenames( array( 'redirect' => 'redirect.tpl' ) );
607
608	include( PHPWG_ROOT_PATH.'include/page_header.php' );
609
610	$template->set_filenames( array( 'redirect' => 'redirect.tpl' ) );
611	$template->assign('REDIRECT_MSG', $msg);
612
613	$template->parse('redirect');
614
615	include( PHPWG_ROOT_PATH.'include/page_tail.php' );
616
617	exit();
618	}
619
620	/**
621	* Redirects to the given URL (Switch to HTTP method or HTML method)
622	*
623	* Note : once this function called, the execution doesn't go further
624	* (presence of an exit() instruction.
625	*
626	* @param string $url
627	* @param string $title_msg
628	* @param integer $refreh_time
629	* @return void
630	*/
631	function redirect( $url , $msg = '', $refresh_time = 0)
632	{
633	global $conf;
634
635	// with RefeshTime <> 0, only html must be used
636	if ($conf['default_redirect_method']=='http'
637	and $refresh_time==0
638	and !headers_sent()
639	)
640	{
641	redirect_http($url);
642	}
643	else
644	{
645	redirect_html($url, $msg, $refresh_time);
646	}
647	}
648
649	/**
650	* returns $_SERVER['QUERY_STRING'] whitout keys given in parameters
651	*
652	* @param array $rejects
653	* @param boolean $escape - if true escape & to & (for html)
654	* @returns string
655	*/
656	function get_query_string_diff($rejects=array(), $escape=true)
657	{
658	if (empty($_SERVER['QUERY_STRING']))
659	{
660	return '';
661	}
662
663	$query_string = '';
664
665	$str = $_SERVER['QUERY_STRING'];
666	parse_str($str, $vars);
667
668	$is_first = true;
669	foreach ($vars as $key => $value)
670	{
671	if (!in_array($key, $rejects))
672	{
673	$query_string.= $is_first ? '?' : ($escape ? '&' : '&' );
674	$is_first = false;
675	$query_string.= $key.'='.$value;
676	}
677	}
678
679	return $query_string;
680	}
681
682	function url_is_remote($url)
683	{
684	if ( strncmp($url, 'http://', 7)==0
685	or strncmp($url, 'https://', 8)==0 )
686	{
687	return true;
688	}
689	return false;
690	}
691
692	/**
693	* returns available themes
694	*/
695	function get_pwg_themes()
696	{
697	global $conf;
698
699	$themes = array();
700
701	$query = '
702	SELECT
703	id,
704	name
705	FROM '.THEMES_TABLE.'
706	ORDER BY name ASC
707	;';
708	$result = pwg_query($query);
709	while ($row = pwg_db_fetch_assoc($result))
710	{
711	if (check_theme_installed($row['id']))
712	{
713	$themes[ $row['id'] ] = $row['name'];
714	}
715	}
716
717	// plugins want remove some themes based on user status maybe?
718	$themes = trigger_event('get_pwg_themes', $themes);
719
720	return $themes;
721	}
722
723	function check_theme_installed($theme_id)
724	{
725	global $conf;
726
727	return file_exists($conf['themes_dir'].'/'.$theme_id.'/'.'themeconf.inc.php');
728	}
729
730	/* Returns the PATH to the thumbnail to be displayed. If the element does not
731	* have a thumbnail, the default mime image path is returned. The PATH can be
732	* used in the php script, but not sent to the browser.
733	* @param array element_info assoc array containing element info from db
734	* at least 'path', 'tn_ext' and 'id' should be present
735	*/
736	function get_thumbnail_path($element_info)
737	{
738	$path = get_thumbnail_location($element_info);
739	if ( !url_is_remote($path) )
740	{
741	$path = PHPWG_ROOT_PATH.$path;
742	}
743	return $path;
744	}
745
746	/* Returns the URL of the thumbnail to be displayed. If the element does not
747	* have a thumbnail, the default mime image url is returned. The URL can be
748	* sent to the browser, but not used in the php script.
749	* @param array element_info assoc array containing element info from db
750	* at least 'path', 'tn_ext' and 'id' should be present
751	*/
752	function get_thumbnail_url($element_info)
753	{
754	$loc = $url = get_thumbnail_location($element_info);
755	if ( !url_is_remote($loc) )
756	{
757	$url = (get_root_url().$loc);
758	}
759	// plugins want another url ?
760	$url = trigger_event('get_thumbnail_url', $url, $element_info, $loc);
761	return embellish_url($url);
762	}
763
764	/* returns the relative path of the thumnail with regards to to the root
765	of piwigo (not the current page!).This function is not intended to be
766	called directly from code.*/
767	function get_thumbnail_location($element_info)
768	{
769	global $conf;
770	if ( !empty( $element_info['tn_ext'] ) )
771	{
772	$path = substr_replace(
773	get_filename_wo_extension($element_info['path']),
774	'/'.$conf['dir_thumbnail'].'/'.$conf['prefix_thumbnail'],
775	strrpos($element_info['path'],'/'),
776	1
777	);
778	$path.= '.'.$element_info['tn_ext'];
779	}
780	else
781	{
782	$path = get_themeconf('mime_icon_dir')
783	.strtolower(get_extension($element_info['path'])).'.png';
784	// plugins want another location ?
785	$path = trigger_event( 'get_thumbnail_location', $path, $element_info);
786	}
787	return $path;
788	}
789
790	/* returns the title of the thumnail */
791	function get_thumbnail_title($element_info)
792	{
793	// message in title for the thumbnail
794	if (isset($element_info['file']))
795	{
796	$thumbnail_title = $element_info['file'];
797	}
798	else
799	{
800	$thumbnail_title = '';
801	}
802
803	if (!empty($element_info['filesize']))
804	{
805	$thumbnail_title .= ' : '.sprintf(l10n('%d Kb'), $element_info['filesize']);
806	}
807
808	return $thumbnail_title;
809	}
810
811	/**
812	* fill the current user caddie with given elements, if not already in
813	* caddie
814	*
815	* @param array elements_id
816	*/
817	function fill_caddie($elements_id)
818	{
819	global $user;
820
821	$query = '
822	SELECT element_id
823	FROM '.CADDIE_TABLE.'
824	WHERE user_id = '.$user['id'].'
825	;';
826	$in_caddie = array_from_query($query, 'element_id');
827
828	$caddiables = array_diff($elements_id, $in_caddie);
829
830	$datas = array();
831
832	foreach ($caddiables as $caddiable)
833	{
834	array_push($datas, array('element_id' => $caddiable,
835	'user_id' => $user['id']));
836	}
837
838	if (count($caddiables) > 0)
839	{
840	mass_inserts(CADDIE_TABLE, array('element_id','user_id'), $datas);
841	}
842	}
843
844	/**
845	* returns the element name from its filename
846	*
847	* @param string filename
848	* @return string name
849	*/
850	function get_name_from_file($filename)
851	{
852	return str_replace('_',' ',get_filename_wo_extension($filename));
853	}
854
855	/**
856	* returns the corresponding value from $lang if existing. Else, the key is
857	* returned
858	*
859	* @param string key
860	* @return string
861	*/
862	function l10n($key, $textdomain='messages')
863	{
864	global $lang, $conf;
865
866	if ($conf['debug_l10n'] and !isset($lang[$key]) and !empty($key))
867	{
868	trigger_error('[l10n] language key "'.$key.'" is not defined', E_USER_WARNING);
869	}
870
871	return isset($lang[$key]) ? $lang[$key] : $key;
872	}
873
874	/**
875	* returns the prinft value for strings including %d
876	* return is concorded with decimal value (singular, plural)
877	*
878	* @param singular string key
879	* @param plural string key
880	* @param decimal value
881	* @return string
882	*/
883	function l10n_dec($singular_fmt_key, $plural_fmt_key, $decimal)
884	{
885	global $lang_info;
886
887	return
888	sprintf(
889	l10n((
890	(($decimal > 1) or ($decimal == 0 and $lang_info['zero_plural']))
891	? $plural_fmt_key
892	: $singular_fmt_key
893	)), $decimal);
894	}
895
896	/*
897	* returns a single element to use with l10n_args
898	*
899	* @param string key: translation key
900	* @param array/string/../number args:
901	* arguments to use on sprintf($key, args)
902	* if args is a array, each values are used on sprintf
903	* @return string
904	*/
905	function get_l10n_args($key, $args)
906	{
907	if (is_array($args))
908	{
909	$key_arg = array_merge(array($key), $args);
910	}
911	else
912	{
913	$key_arg = array($key, $args);
914	}
915	return array('key_args' => $key_arg);
916	}
917
918	/*
919	* returns a string with formated with l10n_args elements
920	*
921	* @param element/array $key_args: element or array of l10n_args elements
922	* @param $sep: if $key_args is array,
923	* separator is used when translated l10n_args elements are concated
924	* @return string
925	*/
926	function l10n_args($key_args, $sep = "\n")
927	{
928	if (is_array($key_args))
929	{
930	foreach ($key_args as $key => $element)
931	{
932	if (isset($result))
933	{
934	$result .= $sep;
935	}
936	else
937	{
938	$result = '';
939	}
940
941	if ($key === 'key_args')
942	{
943	array_unshift($element, l10n(array_shift($element)));
944	$result .= call_user_func_array('sprintf', $element);
945	}
946	else
947	{
948	$result .= l10n_args($element, $sep);
949	}
950	}
951	}
952	else
953	{
954	fatal_error('l10n_args: Invalid arguments');
955	}
956
957	return $result;
958	}
959
960	/**
961	* returns the corresponding value from $themeconf if existing. Else, the
962	* key is returned
963	*
964	* @param string key
965	* @return string
966	*/
967	function get_themeconf($key)
968	{
969	global $template;
970
971	return $template->get_themeconf($key);
972	}
973
974	/**
975	* Returns webmaster mail address depending on $conf['webmaster_id']
976	*
977	* @return string
978	*/
979	function get_webmaster_mail_address()
980	{
981	global $conf;
982
983	$query = '
984	SELECT '.$conf['user_fields']['email'].'
985	FROM '.USERS_TABLE.'
986	WHERE '.$conf['user_fields']['id'].' = '.$conf['webmaster_id'].'
987	;';
988	list($email) = pwg_db_fetch_row(pwg_query($query));
989
990	return $email;
991	}
992
993	/**
994	* Add configuration parameters from database to global $conf array
995	*
996	* @return void
997	*/
998	function load_conf_from_db($condition = '')
999	{
1000	global $conf;
1001
1002	$query = '
1003	SELECT param, value
1004	FROM '.CONFIG_TABLE.'
1005	'.(!empty($condition) ? 'WHERE '.$condition : '').'
1006	;';
1007	$result = pwg_query($query);
1008
1009	if ((pwg_db_num_rows($result) == 0) and !empty($condition))
1010	{
1011	fatal_error('No configuration data');
1012	}
1013
1014	while ($row = pwg_db_fetch_assoc($result))
1015	{
1016	$conf[ $row['param'] ] = isset($row['value']) ? $row['value'] : '';
1017
1018	// If the field is true or false, the variable is transformed into a
1019	// boolean value.
1020	if ($conf[$row['param']] == 'true' or $conf[$row['param']] == 'false')
1021	{
1022	$conf[ $row['param'] ] = get_boolean($conf[ $row['param'] ]);
1023	}
1024	}
1025	}
1026
1027	function conf_update_param($param, $value)
1028	{
1029	$query = '
1030	SELECT
1031	param,
1032	value
1033	FROM '.CONFIG_TABLE.'
1034	WHERE param = \''.$param.'\'
1035	;';
1036	$params = array_from_query($query, 'param');
1037
1038	if (count($params) == 0)
1039	{
1040	$query = '
1041	INSERT
1042	INTO '.CONFIG_TABLE.'
1043	(param, value)
1044	VALUES(\''.$param.'\', \''.$value.'\')
1045	;';
1046	pwg_query($query);
1047	}
1048	else
1049	{
1050	$query = '
1051	UPDATE '.CONFIG_TABLE.'
1052	SET value = \''.$value.'\'
1053	WHERE param = \''.$param.'\'
1054	;';
1055	pwg_query($query);
1056	}
1057	}
1058
1059	/**
1060	* Prepends and appends a string at each value of the given array.
1061	*
1062	* @param array
1063	* @param string prefix to each array values
1064	* @param string suffix to each array values
1065	*/
1066	function prepend_append_array_items($array, $prepend_str, $append_str)
1067	{
1068	array_walk(
1069	$array,
1070	create_function('&$s', '$s = "'.$prepend_str.'".$s."'.$append_str.'";')
1071	);
1072
1073	return $array;
1074	}
1075
1076	/**
1077	* creates an hashed based on a query, this function is a very common
1078	* pattern used here. Among the selected columns fetched, choose one to be
1079	* the key, another one to be the value.
1080	*
1081	* @param string $query
1082	* @param string $keyname
1083	* @param string $valuename
1084	* @return array
1085	*/
1086	function simple_hash_from_query($query, $keyname, $valuename)
1087	{
1088	$array = array();
1089
1090	$result = pwg_query($query);
1091	while ($row = pwg_db_fetch_assoc($result))
1092	{
1093	$array[ $row[$keyname] ] = $row[$valuename];
1094	}
1095
1096	return $array;
1097	}
1098
1099	/**
1100	* creates an hashed based on a query, this function is a very common
1101	* pattern used here. The key is given as parameter, the value is an associative
1102	* array.
1103	*
1104	* @param string $query
1105	* @param string $keyname
1106	* @return array
1107	*/
1108	function hash_from_query($query, $keyname)
1109	{
1110	$array = array();
1111	$result = pwg_query($query);
1112	while ($row = pwg_db_fetch_assoc($result))
1113	{
1114	$array[ $row[$keyname] ] = $row;
1115	}
1116	return $array;
1117	}
1118
1119	/**
1120	* Return basename of the current script
1121	* Lower case convertion is applied on return value
1122	* Return value is without file extention ".php"
1123	*
1124	* @param void
1125	*
1126	* @return script basename
1127	*/
1128	function script_basename()
1129	{
1130	global $conf;
1131
1132	foreach (array('SCRIPT_NAME', 'SCRIPT_FILENAME', 'PHP_SELF') as $value)
1133	{
1134	if (!empty($_SERVER[$value]))
1135	{
1136	$filename = strtolower($_SERVER[$value]);
1137	if ($conf['php_extension_in_urls'] and get_extension($filename)!=='php')
1138	continue;
1139	$basename = basename($filename, '.php');
1140	if (!empty($basename))
1141	{
1142	return $basename;
1143	}
1144	}
1145	}
1146	return '';
1147	}
1148
1149	/**
1150	* Return value for the current page define on $conf['filter_pages']
1151	* Îf value is not defined, default value are returned
1152	*
1153	* @param value name
1154	*
1155	* @return filter page value
1156	*/
1157	function get_filter_page_value($value_name)
1158	{
1159	global $conf;
1160
1161	$page_name = script_basename();
1162
1163	if (isset($conf['filter_pages'][$page_name][$value_name]))
1164	{
1165	return $conf['filter_pages'][$page_name][$value_name];
1166	}
1167	else if (isset($conf['filter_pages']['default'][$value_name]))
1168	{
1169	return $conf['filter_pages']['default'][$value_name];
1170	}
1171	else
1172	{
1173	return null;
1174	}
1175	}
1176
1177	/**
1178	* returns the character set of data sent to browsers / received from forms
1179	*/
1180	function get_pwg_charset()
1181	{
1182	$pwg_charset = 'utf-8';
1183	if (defined('PWG_CHARSET'))
1184	{
1185	$pwg_charset = PWG_CHARSET;
1186	}
1187	return $pwg_charset;
1188	}
1189
1190	/**
1191	* includes a language file or returns the content of a language file
1192	* availability of the file
1193	*
1194	* in descending order of preference:
1195	* param language, user language, default language
1196	* Piwigo default language.
1197	*
1198	* @param string filename
1199	* @param string dirname
1200	* @param mixed options can contain
1201	* language - language to load (if empty uses user language)
1202	* return - if true the file content is returned otherwise the file is evaluated as php
1203	* target_charset -
1204	* no_fallback - the language must be respected
1205	* local - if true, get local language file
1206	* @return boolean success status or a string if options['return'] is true
1207	*/
1208	function load_language($filename, $dirname = '',
1209	$options = array() )
1210	{
1211	global $user;
1212
1213	if (! @$options['return'] )
1214	{
1215	$filename .= '.php'; //MAYBE to do .. load .po and .mo localization files
1216	}
1217	if (empty($dirname))
1218	{
1219	$dirname = PHPWG_ROOT_PATH;
1220	}
1221	$dirname .= 'language/';
1222
1223	$languages = array();
1224	if ( !empty($options['language']) )
1225	{
1226	$languages[] = $options['language'];
1227	}
1228	if ( !empty($user['language']) )
1229	{
1230	$languages[] = $user['language'];
1231	}
1232	if ( ! @$options['no_fallback'] )
1233	{
1234	if ( defined('PHPWG_INSTALLED') )
1235	{
1236	$languages[] = get_default_language();
1237	}
1238	$languages[] = PHPWG_DEFAULT_LANGUAGE;
1239	}
1240
1241	$languages = array_unique($languages);
1242
1243	if ( empty($options['target_charset']) )
1244	{
1245	$target_charset = get_pwg_charset();
1246	}
1247	else
1248	{
1249	$target_charset = $options['target_charset'];
1250	}
1251	$target_charset = strtolower($target_charset);
1252	$source_file = '';
1253	foreach ($languages as $language)
1254	{
1255	$f = @$options['local'] ?
1256	$dirname.$language.'.'.$filename:
1257	$dirname.$language.'/'.$filename;
1258
1259	if (file_exists($f))
1260	{
1261	$source_file = $f;
1262	break;
1263	}
1264	}
1265
1266	if ( !empty($source_file) )
1267	{
1268	if (! @$options['return'] )
1269	{
1270	@include($source_file);
1271	$load_lang = @$lang;
1272	$load_lang_info = @$lang_info;
1273
1274	global $lang, $lang_info;
1275	if ( !isset($lang) ) $lang=array();
1276	if ( !isset($lang_info) ) $lang_info=array();
1277
1278	if ( 'utf-8'!=$target_charset)
1279	{
1280	if ( is_array($load_lang) )
1281	{
1282	foreach ($load_lang as $k => $v)
1283	{
1284	if ( is_array($v) )
1285	{
1286	$func = create_function('$v', 'return convert_charset($v, "utf-8", "'.$target_charset.'");' );
1287	$lang[$k] = array_map($func, $v);
1288	}
1289	else
1290	$lang[$k] = convert_charset($v, 'utf-8', $target_charset);
1291	}
1292	}
1293	if ( is_array($load_lang_info) )
1294	{
1295	foreach ($load_lang_info as $k => $v)
1296	{
1297	$lang_info[$k] = convert_charset($v, 'utf-8', $target_charset);
1298	}
1299	}
1300	}
1301	else
1302	{
1303	$lang = array_merge( $lang, (array)$load_lang );
1304	$lang_info = array_merge( $lang_info, (array)$load_lang_info );
1305	}
1306	return true;
1307	}
1308	else
1309	{
1310	$content = @file_get_contents($source_file);
1311	$content = convert_charset($content, 'utf-8', $target_charset);
1312	return $content;
1313	}
1314	}
1315	return false;
1316	}
1317
1318	/**
1319	* converts a string from a character set to another character set
1320	* @param string str the string to be converted
1321	* @param string source_charset the character set in which the string is encoded
1322	* @param string dest_charset the destination character set
1323	*/
1324	function convert_charset($str, $source_charset, $dest_charset)
1325	{
1326	if ($source_charset==$dest_charset)
1327	return $str;
1328	if ($source_charset=='iso-8859-1' and $dest_charset=='utf-8')
1329	{
1330	return utf8_encode($str);
1331	}
1332	if ($source_charset=='utf-8' and $dest_charset=='iso-8859-1')
1333	{
1334	return utf8_decode($str);
1335	}
1336	if (function_exists('iconv'))
1337	{
1338	return iconv($source_charset, $dest_charset, $str);
1339	}
1340	if (function_exists('mb_convert_encoding'))
1341	{
1342	return mb_convert_encoding( $str, $dest_charset, $source_charset );
1343	}
1344	return $str; //???
1345	}
1346
1347	/**
1348	* makes sure a index.htm protects the directory from browser file listing
1349	*
1350	* @param string dir directory
1351	*/
1352	function secure_directory($dir)
1353	{
1354	$file = $dir.'/index.htm';
1355	if (!file_exists($file))
1356	{
1357	@file_put_contents($file, 'Not allowed!');
1358	}
1359	}
1360
1361	/**
1362	* returns a "secret key" that is to be sent back when a user posts a form
1363	*
1364	* @param int valid_after_seconds - key validity start time from now
1365	*/
1366	function get_ephemeral_key($valid_after_seconds, $aditionnal_data_to_hash = '')
1367	{
1368	global $conf;
1369	$time = round(microtime(true), 1);
1370	return $time.':'.$valid_after_seconds.':'
1371	.hash_hmac(
1372	'md5',
1373	$time.substr($_SERVER['REMOTE_ADDR'],0,5).$valid_after_seconds.$aditionnal_data_to_hash,
1374	$conf['secret_key']);
1375	}
1376
1377	function verify_ephemeral_key($key, $aditionnal_data_to_hash = '')
1378	{
1379	global $conf;
1380	$time = microtime(true);
1381	$key = explode( ':', @$key );
1382	if ( count($key)!=3
1383	or $key[0]>$time-(float)$key[1] // page must have been retrieved more than X sec ago
1384	or $key[0]<$time-3600 // 60 minutes expiration
1385	or hash_hmac(
1386	'md5', $key[0].substr($_SERVER['REMOTE_ADDR'],0,5).$key[1].$aditionnal_data_to_hash, $conf['secret_key']
1387	) != $key[2]
1388	)
1389	{
1390	return false;
1391	}
1392	return true;
1393	}
1394
1395	/**
1396	* return an array which will be sent to template to display navigation bar
1397	*/
1398	function create_navigation_bar($url, $nb_element, $start, $nb_element_page, $clean_url = false)
1399	{
1400	global $conf;
1401
1402	$navbar = array();
1403	$pages_around = $conf['paginate_pages_around'];
1404	$start_str = $clean_url ? '/start-' : (strpos($url, '?')===false ? '?':'&').'start=';
1405
1406	if (!isset($start) or !is_numeric($start) or (is_numeric($start) and $start < 0))
1407	{
1408	$start = 0;
1409	}
1410
1411	// navigation bar useful only if more than one page to display !
1412	if ($nb_element > $nb_element_page)
1413	{
1414	$cur_page = ceil($start / $nb_element_page) + 1;
1415	$maximum = ceil($nb_element / $nb_element_page);
1416	$previous = $start - $nb_element_page;
1417	$next = $start + $nb_element_page;
1418	$last = ($maximum - 1) * $nb_element_page;
1419
1420	$navbar['CURRENT_PAGE'] = $cur_page;
1421
1422	// link to first page and previous page?
1423	if ($cur_page != 1)
1424	{
1425	$navbar['URL_FIRST'] = $url;
1426	$navbar['URL_PREV'] = $url.($previous > 0 ? $start_str.$previous : '');
1427	}
1428	// link on next page and last page?
1429	if ($cur_page != $maximum)
1430	{
1431	$navbar['URL_NEXT'] = $url.$start_str.$next;
1432	$navbar['URL_LAST'] = $url.$start_str.$last;
1433	}
1434
1435	// pages to display
1436	$navbar['pages'] = array();
1437	$navbar['pages'][1] = $url;
1438	$navbar['pages'][$maximum] = $url.$start_str.$last;
1439
1440	for ($i = max($cur_page - $pages_around , 2), $stop = min($cur_page + $pages_around + 1, $maximum);
1441	$i < $stop; $i++)
1442	{
1443	$navbar['pages'][$i] = $url.$start_str.(($i - 1) * $nb_element_page);
1444	}
1445	ksort($navbar['pages']);
1446	}
1447	return $navbar;
1448	}
1449
1450	/**
1451	* return an array which will be sent to template to display recent icon
1452	*/
1453	function get_icon($date, $is_child_date = false)
1454	{
1455	global $cache, $user;
1456
1457	if (empty($date))
1458	{
1459	return false;
1460	}
1461
1462	if (!isset($cache['get_icon']['title']))
1463	{
1464	$cache['get_icon']['title'] = sprintf(
1465	l10n('photos posted during the last %d days'),
1466	$user['recent_period']
1467	);
1468	}
1469
1470	$icon = array(
1471	'TITLE' => $cache['get_icon']['title'],
1472	'IS_CHILD_DATE' => $is_child_date,
1473	);
1474
1475	if (isset($cache['get_icon'][$date]))
1476	{
1477	return $cache['get_icon'][$date] ? $icon : array();
1478	}
1479
1480	if (!isset($cache['get_icon']['sql_recent_date']))
1481	{
1482	// Use MySql date in order to standardize all recent "actions/queries"
1483	$cache['get_icon']['sql_recent_date'] = pwg_db_get_recent_period($user['recent_period']);
1484	}
1485
1486	$cache['get_icon'][$date] = $date > $cache['get_icon']['sql_recent_date'];
1487
1488	return $cache['get_icon'][$date] ? $icon : array();
1489	}
1490
1491	/**
1492	* check token comming from form posted or get params to prevent csrf attacks
1493	* if pwg_token is empty action doesn't require token
1494	* else pwg_token is compare to server token
1495	*
1496	* @return void access denied if token given is not equal to server token
1497	*/
1498	function check_pwg_token()
1499	{
1500	if (!empty($_REQUEST['pwg_token']))
1501	{
1502	if (get_pwg_token() != $_REQUEST['pwg_token'])
1503	{
1504	access_denied();
1505	}
1506	}
1507	else
1508	bad_request('missing token');
1509	}
1510
1511	function get_pwg_token()
1512	{
1513	global $conf;
1514
1515	return hash_hmac('md5', session_id(), $conf['secret_key']);
1516	}
1517
1518	/*
1519	* breaks the script execution if the given value doesn't match the given
1520	* pattern. This should happen only during hacking attempts.
1521	*
1522	* @param string param_name
1523	* @param array param_array
1524	* @param boolean is_array
1525	* @param string pattern
1526	*
1527	* @return void
1528	*/
1529	function check_input_parameter($param_name, $param_array, $is_array, $pattern)
1530	{
1531	$param_value = null;
1532	if (isset($param_array[$param_name]))
1533	{
1534	$param_value = $param_array[$param_name];
1535	}
1536
1537	// it's ok if the input parameter is null
1538	if (empty($param_value))
1539	{
1540	return true;
1541	}
1542
1543	if ($is_array)
1544	{
1545	if (!is_array($param_value))
1546	{
1547	fatal_error('[Hacking attempt] the input parameter "'.$param_name.'" should be an array');
1548	}
1549
1550	foreach ($param_value as $item_to_check)
1551	{
1552	if (!preg_match($pattern, $item_to_check))
1553	{
1554	fatal_error('[Hacking attempt] an item is not valid in input parameter "'.$param_name.'"');
1555	}
1556	}
1557	}
1558	else
1559	{
1560	if (!preg_match($pattern, $param_value))
1561	{
1562	fatal_error('[Hacking attempt] the input parameter "'.$param_name.'" is not valid');
1563	}
1564	}
1565	}
1566
1567
1568	function get_privacy_level_options()
1569	{
1570	global $conf;
1571
1572	$options = array();
1573	foreach (array_reverse($conf['available_permission_levels']) as $level)
1574	{
1575	$label = null;
1576
1577	if (0 == $level)
1578	{
1579	$label = l10n('Everybody');
1580	}
1581	else
1582	{
1583	$labels = array();
1584	$sub_levels = array_reverse($conf['available_permission_levels']);
1585	foreach ($sub_levels as $sub_level)
1586	{
1587	if ($sub_level == 0 or $sub_level < $level)
1588	{
1589	break;
1590	}
1591	array_push(
1592	$labels,
1593	l10n(
1594	sprintf(
1595	'Level %d',
1596	$sub_level
1597	)
1598	)
1599	);
1600	}
1601
1602	$label = implode(', ', $labels);
1603	}
1604	$options[$level] = $label;
1605	}
1606	return $options;
1607	}
1608	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: