Context Navigation

source: tags/bug-1_3beta-007/picture.php @ 20321

Last change on this file since 20321 was 118, checked in by z0rglub, 21 years ago
Using the real asked slideshow refresh time instead of the hard coded "2" value
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 26.5 KB

Line
1	<?php
2	/***************************************************************************
3	* picture.php *
4	* ------------------- *
5	* application : PhpWebGallery 1.3 <http://phpwebgallery.net> *
6	* author : Pierrick LE GALL <pierrick@z0rglub.com> *
7	* *
8	* $Id: picture.php 118 2003-09-15 19:24:18Z z0rglub $
9	* *
10	***************************************************************************/
11
12	/***************************************************************************
13	* *
14	* This program is free software; you can redistribute it and/or modify *
15	* it under the terms of the GNU General Public License as published by *
16	* the Free Software Foundation; *
17	* *
18	***************************************************************************/
19
20	// this page shows the image full size
21	//----------------------------------------------------------- personnal include
22	include_once( './include/init.inc.php' );
23	//-------------------------------------------------- access authorization check
24	check_cat_id( $_GET['cat'] );
25	check_login_authorization();
26	$page['plain_structure'] = get_plain_structure();
27	if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) )
28	{
29	check_restrictions( $page['cat'] );
30	}
31	//---------------------------------------- incrementation of the number of hits
32	$query = 'UPDATE '.PREFIX_TABLE.'images';
33	$query.= ' SET hit=hit+1';
34	$query.= ' WHERE id='.$_GET['image_id'];
35	$query.= ';';
36	@mysql_query( $query );
37	//-------------------------------------------------------------- initialization
38	initialize_category( 'picture' );
39	//------------------------------------- main picture information initialization
40	$query = 'SELECT id,date_available,comment,hit,keywords';
41	$query.= ',author,name,file,date_creation,filesize,width,height';
42	$query.= ',storage_category_id';
43	if ( is_numeric( $page['cat'] ) )
44	{
45	$query.= ',category_id';
46	}
47	$query.= ' FROM '.PREFIX_TABLE.'images';
48	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id = ic.image_id';
49	$query.= $page['where'];
50	$query.= ' AND id = '.$_GET['image_id'];
51	$query.= $conf['order_by'];
52	$query.= ';';
53	$result = mysql_query( $query );
54	// if this image_id doesn't correspond to this category, an error message is
55	// displayed, and execution is stopped
56	if ( mysql_num_rows( $result ) == 0 )
57	{
58	echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
59	echo '<a href="'.add_session_id( './category.php' ).'">';
60	echo $lang['thumbnails'].'</a></div>';
61	exit();
62	}
63	$row = mysql_fetch_array( $result );
64	$page['id'] = $row['id'];
65	$page['file'] = $row['file'];
66	$page['name'] = $row['name'];
67	$page['date_available'] = $row['date_available'];
68	$page['comment'] = $row['comment'];
69	$page['hit'] = $row['hit'];
70	$page['author'] = $row['author'];
71	$page['date_creation'] = $row['date_creation'];
72	$page['filesize'] = $row['filesize'];
73	$page['width'] = $row['width'];
74	$page['height'] = $row['height'];
75	$page['category_id'] = $row['category_id'];
76	$page['keywords'] = $row['keywords'];
77	$page['storage_category_id'] = $row['storage_category_id'];
78	// retrieving the number of the picture in its category (in order)
79	$query = 'SELECT DISTINCT(id)';
80	$query.= ' FROM '.PREFIX_TABLE.'images';
81	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id = ic.image_id';
82	$query.= $page['where'];
83	$query.= $conf['order_by'];
84	$query.= ';';
85	$result = mysql_query( $query );
86	$page['num'] = 0;
87	$row = mysql_fetch_array( $result );
88	while ( $row['id'] != $page['id'] )
89	{
90	$page['num']++;
91	$row = mysql_fetch_array( $result );
92	}
93	//--------------------------------------------------------- favorite management
94	if ( isset( $_GET['add_fav'] ) )
95	{
96	if ( $_GET['add_fav'] == 1 )
97	{
98	// verify if the picture is already in the favorite of the user
99	$query = 'SELECT COUNT(*) AS nb_fav';
100	$query.= ' FROM '.PREFIX_TABLE.'favorites';
101	$query.= ' WHERE image_id = '.$page['id'];
102	$query.= ' AND user_id = '.$user['id'];
103	$query.= ';';
104	$result = mysql_query( $query );
105	$row = mysql_fetch_array( $result );
106	if ( $row['nb_fav'] == 0 )
107	{
108	$query = 'INSERT INTO '.PREFIX_TABLE.'favorites';
109	$query.= ' (image_id,user_id) VALUES';
110	$query.= ' ('.$page['id'].','.$user['id'].')';
111	$query.= ';';
112	$result = mysql_query( $query );
113	}
114	}
115	if ( $_GET['add_fav'] == 0 )
116	{
117	$query = 'DELETE FROM '.PREFIX_TABLE.'favorites';
118	$query.= ' WHERE user_id = '.$user['id'];
119	$query.= ' AND image_id = '.$page['id'];
120	$query.= ';';
121	$result = mysql_query( $query );
122
123	$page['cat_nb_images'] = $page['cat_nb_images'] - 1;
124	if ( $page['cat_nb_images'] <= 0 )
125	{
126	// there is no favorite picture anymore
127	// we redirect the user to the category page
128	$url = add_session_id( 'category.php' );
129	header( 'Request-URI: '.$url );
130	header( 'Content-Location: '.$url );
131	header( 'Location: '.$url );
132	exit();
133	}
134	// redirection of the user to the picture.php page
135	// with the right picture
136	$page['num'] = $page['num'] - 1;
137	if ( $page['num'] == -1 )
138	{
139	$page['num'] = 0;
140	}
141	$query = 'SELECT id';
142	$query.= ' FROM '.PREFIX_TABLE.'images';
143	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic';
144	$query.= ' ON id = ic.image_id';
145	$query.= $page['where'];
146	$query.= $conf['order_by'];
147	$query.= ' LIMIT '.$page['num'].',1';
148	$query.= ';';
149	$result = mysql_query( $query );
150	$row = mysql_fetch_array( $result );
151	$redirect = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
152	$redirect.= '&expand='.$_GET['expand'];
153	if ( $page['cat'] == 'search' )
154	{
155	$redirect.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
156	}
157	$url = add_session_id( $redirect, true );
158	header( 'Request-URI: '.$url );
159	header( 'Content-Location: '.$url );
160	header( 'Location: '.$url );
161	exit();
162	}
163	}
164	//----------------------------------------------------- template initialization
165	$vtp = new VTemplate;
166	$handle = $vtp->Open( './template/'.$user['template'].'/picture.vtp' );
167	initialize_template();
168
169	$tpl = array( 'back','submit','comments_title','comments_del','delete',
170	'comments_add','author','slideshow','slideshow_stop',
171	'period_seconds' );
172	templatize_array( $tpl, 'lang', $handle );
173	$vtp->setGlobalVar( $handle, 'user_template', $user['template'] );
174	$vtp->setGlobalVar( $handle, 'text_color', $user['couleur_text'] );
175	//-------------------------------------------------------- slideshow management
176	if ( isset( $_GET['slideshow'] ) )
177	{
178	if ( !is_numeric( $_GET['slideshow'] ) )
179	$_GET['slideshow'] = $conf['slideshow_period'][0];
180	$vtp->addSession( $handle, 'stop_slideshow' );
181	$url = './picture.php';
182	$url.= '?image_id='.$page['id'];
183	$url.= '&cat='.$page['cat'];
184	$url.= '&expand='.$_GET['expand'];
185	if ( $page['cat'] == 'search' )
186	{
187	$url.= '&search='.$_GET['search'];
188	$url.= '&mode='.$_GET['mode'];
189	}
190	$vtp->setVar( $handle, 'stop_slideshow.url', add_session_id( $url ) );
191	$vtp->closeSession( $handle, 'stop_slideshow' );
192	}
193	else
194	{
195	$vtp->addSession( $handle, 'start_slideshow' );
196	foreach ( $conf['slideshow_period'] as $option ) {
197	$vtp->addSession( $handle, 'second' );
198	$vtp->setVar( $handle, 'second.option', $option );
199	$url = './picture.php';
200	$url.= '?image_id='.$page['id'];
201	$url.= '&cat='.$page['cat'];
202	$url.= '&expand='.$_GET['expand'];
203	if ( $page['cat'] == 'search' )
204	{
205	$url.= '&search='.$_GET['search'];
206	$url.= '&mode='.$_GET['mode'];
207	}
208	$url.= '&slideshow='.$option;
209	$vtp->setVar( $handle, 'second.url', add_session_id( $url ) );
210	$vtp->closeSession( $handle, 'second' );
211	}
212	$vtp->closeSession( $handle, 'start_slideshow' );
213	}
214	//------------------------------------------------------------------ page title
215	if ( $page['name'] != '' )
216	{
217	$vtp->setGlobalVar( $handle, 'page_title', $page['name'] );
218	}
219	else
220	{
221	$vtp->setGlobalVar( $handle, 'page_title', $page['file'] );
222	}
223	//-------------------------------------------------- previous picture thumbnail
224	if ( $page['num'] >= 1 )
225	{
226	$prev = $page['num'] - 1;
227	$query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id';
228	$query.= ' FROM '.PREFIX_TABLE.'images';
229	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id=ic.image_id';
230	$query.= $page['where'];
231	$query.= $conf['order_by'];
232	$query.= ' LIMIT '.$prev.',1';
233	$query.= ';';
234	$result = mysql_query( $query );
235	$row = mysql_fetch_array( $result );
236
237	if ( $array_cat_directories[$row['storage_category_id']] == '' )
238	{
239	$array_cat_directories[$row['storage_category_id']] =
240	get_complete_dir( $row['storage_category_id'] );
241	}
242	$cat_directory = $array_cat_directories[$row['storage_category_id']];
243
244	$file = substr( $row['file'], 0, strrpos ( $row['file'], '.' ) );
245	$lien_thumbnail = $cat_directory.'/thumbnail/';
246	$lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext'];
247
248	$prev_title = $lang['previous_image'].' : ';
249	$alt_thumbnaill = '';
250	if ( $row['name'] != '' ) $alt_thumbnail = $row['name'];
251	else $alt_thumbnail = $file;
252	$prev_title.= $alt_thumbnail;
253
254	$url_link = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
255	$url_link.= '&expand='.$_GET['expand'];
256	if ( $page['cat'] == 'search' )
257	{
258	$url_link.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
259	}
260	// sending vars for display
261	$vtp->addSession( $handle, 'previous' );
262	$vtp->setGlobalVar( $handle, 'previous.url', add_session_id( $url_link ) );
263	$vtp->setGlobalVar( $handle, 'previous.title', $prev_title );
264	$vtp->setGlobalVar( $handle, 'previous.src', $lien_thumbnail );
265	$vtp->setGlobalVar( $handle, 'previous.alt', $alt_thumbnail );
266	$vtp->closeSession( $handle, 'previous' );
267	}
268	else
269	{
270	$vtp->addSession( $handle, 'previous_empty' );
271	$vtp->closeSession( $handle, 'previous_empty' );
272	}
273	//-------------------------------------------------------- main picture display
274	if ( is_numeric( $page['cat'] ) )
275	{
276	$intitule_cat = get_cat_display_name( $page['cat_name'], " - ",
277	"font-style:italic;" );
278	}
279	else
280	{
281	$intitule_cat = $page['title'];
282	}
283
284	if ( $array_cat_directories[$page['storage_category_id']] == '' )
285	{
286	$array_cat_directories[$page['storage_category_id']] =
287	get_complete_dir( $page['storage_category_id'] );
288	}
289	$cat_directory = $array_cat_directories[$page['storage_category_id']];
290
291	$n = $page['num'] + 1;
292	$intitule_titre = replace_space( $intitule_cat." - " ).$n.'/'.
293	$intitule_titre.= $page['cat_nb_images']."<br />";
294	if ( $page['name'] != "" )
295	{
296	$intitule_file = $page['name'];
297	}
298	else
299	{
300	$intitule_file = str_replace( "_", " ",
301	substr( $page['file'], 0,
302	strrpos ( $page['file'], ".") ) );
303	}
304	if ( $page['cat'] == 'search' )
305	{
306	$intitule_file = replace_search( $intitule_file, $_GET['search'] );
307	}
308	$vtp->setGlobalVar( $handle, 'title', $intitule_titre.$intitule_file );
309
310	$lien_image = $cat_directory.$page['file'];
311
312	// calculation of width and height
313	if ( $page['width'] == "" )
314	{
315	$taille_image = @getimagesize( $lien_image );
316	$original_width = $taille_image[0];
317	$original_height = $taille_image[1];
318	}
319	else
320	{
321	$original_width = $page['width'];
322	$original_height = $page['height'];
323	}
324
325	$picture_size = get_picture_size( $original_width, $original_height,
326	$user['maxwidth'], $user['maxheight'] );
327	$final_width = $picture_size[0];
328	$final_height = $picture_size[1];
329
330	$url_link = './category.php?cat='.$page['cat'].'&';
331	$url_link.= 'num='.$page['num'].'&expand='.$_GET['expand'];
332	if ( $page['cat'] == 'search' )
333	{
334	$url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
335	}
336	$vtp->setGlobalVar( $handle, 'picture_link', add_session_id( $url_link ) );
337	$vtp->setGlobalVar( $handle, 'picture_width', $final_width );
338	$vtp->setGlobalVar( $handle, 'picture_height', $final_height );
339	$vtp->setGlobalVar( $handle, 'picture_border_color', $user['couleur_text'] );
340	$vtp->setGlobalVar( $handle, 'picture_src', $lien_image );
341	$vtp->setGlobalVar( $handle, 'picture_alt', $page['file'] );
342
343	if ( $page['comment'] != '' )
344	{
345	if ( $page['cat'] == 'search' )
346	{
347	$picture_comment = replace_search( $page['comment'], $_GET['search'] );
348	$vtp->setGlobalVar( $handle, 'picture_comment', $picture_comment );
349	}
350	else
351	{
352	$vtp->setGlobalVar( $handle, 'picture_comment', $page['comment'] );
353	}
354	}
355	//--------------------------------------------------------- picture information
356	// author
357	if ( $page['author'] != "" )
358	{
359	$vtp->addSession( $handle, 'info_line' );
360	$vtp->setVar( $handle, 'info_line.name', $lang['author'].' : ' );
361	$vtp->setVar( $handle, 'info_line.content', $page['author'] );
362	$vtp->closeSession( $handle, 'info_line' );
363	}
364	// creation date
365	if ( $page['date_creation'] != "" )
366	{
367	$vtp->addSession( $handle, 'info_line' );
368	$vtp->setVar( $handle, 'info_line.name', $lang['creation_date'].' : ' );
369	$vtp->setVar( $handle, 'info_line.content',
370	format_date( $page['date_creation'] ) );
371	$vtp->closeSession( $handle, 'info_line' );
372	}
373	// date of availability
374	$vtp->addSession( $handle, 'info_line' );
375	$vtp->setVar( $handle, 'info_line.name', $lang['registration_date'].' : ' );
376	list( $year,$month,$day ) = explode( '-', $page['date_available'] );
377	$vtp->setVar( $handle, 'info_line.content',
378	format_date( $page['date_available'] ) );
379	$vtp->closeSession( $handle, 'info_line' );
380	// size in pixels
381	$vtp->addSession( $handle, 'info_line' );
382	$vtp->setVar( $handle, 'info_line.name', $lang['size'].' : ' );
383	if ( $original_width != $final_width or $original_height != $final_height )
384	{
385	$content = '[ <a href="'.$lien_image.'" title="'.$lang['true_size'].'">';
386	$content.= $original_width.'*'.$original_height.'</a> ]';
387	$vtp->setVar( $handle, 'info_line.content', $content );
388	}
389	else
390	{
391	$content = $original_width.'*'.$original_height;
392	$vtp->setVar( $handle, 'info_line.content', $content );
393	}
394	$vtp->closeSession( $handle, 'info_line' );
395	// file
396	$vtp->addSession( $handle, 'info_line' );
397	$vtp->setVar( $handle, 'info_line.name', $lang['file'].' : ' );
398	if ( $page['cat'] == 'search' )
399	{
400	$content = replace_search( $page['file'], $_GET['search'] );
401	$vtp->setVar( $handle, 'info_line.content', $content );
402	}
403	else
404	{
405	$vtp->setVar( $handle, 'info_line.content', $page['file'] );
406	}
407	$vtp->closeSession( $handle, 'info_line' );
408	// filesize
409	if ( $page['filesize'] == "" )
410	{
411	$poids = floor ( filesize( $lien_image ) / 1024 );
412	}
413	else
414	{
415	$poids = $page['filesize'];
416	}
417	$vtp->addSession( $handle, 'info_line' );
418	$vtp->setVar( $handle, 'info_line.name', $lang['filesize'].' : ' );
419	$vtp->setVar( $handle, 'info_line.content', $poids.' KB' );
420	$vtp->closeSession( $handle, 'info_line' );
421	// keywords
422	if ( $page['keywords'] != '' )
423	{
424	$vtp->addSession( $handle, 'info_line' );
425	$vtp->setVar( $handle, 'info_line.name', $lang['keywords'].' : ' );
426	$keywords = explode( ',', $page['keywords'] );
427	$content = '';
428	$url = './category.php?cat=search&expand='.$_GET['expand'];
429	$url.= '&mode=OR&search=';
430	foreach ( $keywords as $i => $keyword ) {
431	$local_url = add_session_id( $url.$keyword );
432	if ( $i > 0 ) $content.= ',';
433	$content.= '<a href="'.$local_url.'">'.$keyword.'</a>';
434	}
435	$vtp->setVar( $handle, 'info_line.content', $content );
436	$vtp->closeSession( $handle, 'info_line' );
437	}
438	// number of visits
439	$vtp->addSession( $handle, 'info_line' );
440	$vtp->setVar( $handle, 'info_line.name', $lang['visited'].' : ' );
441	$vtp->setVar( $handle, 'info_line.content', $page['hit'].' '.$lang['times'] );
442	$vtp->closeSession( $handle, 'info_line' );
443	//------------------------------------------------------- favorite manipulation
444	if ( $page['cat'] != 'fav' and !$user['is_the_guest'] )
445	{
446	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
447	$url.= '&expand='.$_GET['expand'].'&add_fav=1';
448	if ( $page['cat'] == 'search' )
449	{
450	$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
451	}
452	$vtp->addSession( $handle, 'favorite' );
453	$vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) );
454	$vtp->setVar( $handle, 'favorite.title', $lang['add_favorites_hint'] );
455	$vtp->setVar( $handle, 'favorite.src',
456	'./template/'.$user['template'].'/theme/favorite.gif' );
457	$vtp->setVar( $handle, 'favorite.alt','[ '.$lang['add_favorites_alt'].' ]' );
458	$vtp->closeSession( $handle, 'favorite' );
459	}
460	if ( $page['cat'] == 'fav' )
461	{
462	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
463	$url.= '&expand='.$_GET['expand'].'&add_fav=0';
464	$vtp->addSession( $handle, 'favorite' );
465	$vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) );
466	$vtp->setVar( $handle, 'favorite.title', $lang['del_favorites_hint'] );
467	$vtp->setVar( $handle, 'favorite.src',
468	'./template/'.$user['template'].'/theme/del_favorite.gif' );
469	$vtp->setVar( $handle, 'favorite.alt','[ '.$lang['del_favorites_alt'].' ]' );
470	$vtp->closeSession( $handle, 'favorite' );
471	}
472	//------------------------------------ admin link for information modifications
473	if ( $user['status'] == 'admin' )
474	{
475	$vtp->addSession( $handle, 'modification' );
476	$url = './admin/admin.php?page=picture_modify&cat_id='.$page['cat'];
477	$url.= '&image_id='.$page['id'];
478	$vtp->setVar( $handle, 'modification.link', add_session_id( $url ) );
479	$vtp->setVar( $handle, 'modification.name', $lang['link_info_image'] );
480	}
481	//---------------------------------------------- next picture thumbnail display
482	if ( $page['num'] < $page['cat_nb_images']-1 )
483	{
484	$next = $page['num'] + 1;
485	$query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id';
486	$query.= ' FROM '.PREFIX_TABLE.'images';
487	$query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id=ic.image_id';
488	$query.= $page['where'];
489	$query.= $conf['order_by'];
490	$query.= ' LIMIT '.$next.',1';
491	$query.= ';';
492	$result = mysql_query( $query );
493	$row = mysql_fetch_array( $result );
494
495	if ( $array_cat_directories[$row['storage_category_id']] == '' )
496	{
497	$array_cat_directories[$row['storage_category_id']] =
498	get_complete_dir( $row['storage_category_id'] );
499	}
500	$cat_directory = $array_cat_directories[$row['storage_category_id']];
501
502	$file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") );
503	$lien_thumbnail = $cat_directory.'thumbnail/';
504	$lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext'];
505
506	if ( $row['name'] != "" )
507	{
508	$alt_thumbnail = $row['name'];
509	}
510	else
511	{
512	$alt_thumbnail = $file;
513	}
514	$next_title = $lang['next_image']." : ".$alt_thumbnail;
515
516	$url_link = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
517	$url_link.= '&expand='.$_GET['expand'];
518	if ( $page['cat'] == 'search' )
519	{
520	$url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
521	}
522	// sending vars for display
523	$vtp->addSession( $handle, 'next' );
524	$vtp->setGlobalVar( $handle, 'next.url', add_session_id( $url_link ) );
525	$vtp->setGlobalVar( $handle, 'next.title', $next_title );
526	$vtp->setGlobalVar( $handle, 'next.src', $lien_thumbnail );
527	$vtp->setGlobalVar( $handle, 'next.alt', $alt_thumbnail );
528	$vtp->closeSession( $handle, 'next' );
529	// slideshow
530	if ( isset( $_GET['slideshow'] ) )
531	{
532	$vtp->addSession( $handle, 'refresh' );
533	$vtp->setVar( $handle, 'refresh.time', $_GET['slideshow'] );
534	$url = $url_link.'&slideshow='.$_GET['slideshow'];
535	$vtp->setVar( $handle, 'refresh.url', add_session_id( $url ) );
536	$vtp->closeSession( $handle, 'refresh' );
537	}
538	}
539	else
540	{
541	$vtp->addSession( $handle, 'previous_empty' );
542	$vtp->closeSession( $handle, 'previous_empty' );
543	}
544	//---------------------------------------------------- users's comments display
545	if ( $conf['show_comments'] )
546	{
547	$vtp->addSession( $handle, 'comments' );
548	// comment registeration
549	if ( isset( $_POST['content'] ) and $_POST['content'] != '' )
550	{
551	$register_comment = true;
552
553	if ( !$user['is_the_guest'] ) $author = $user['username'];
554	if ( $_POST['author'] != '' ) $author = $_POST['author'];
555	// if a guest try to use the name of an already existing user, he must
556	// be rejected
557	if ( isset( $author ) and $author != $user['username'] )
558	{
559	$query = 'SELECT COUNT(*) AS user_exists';
560	$query.= ' FROM '.PREFIX_TABLE.'users';
561	$query.= " WHERE username = '".$author."'";
562	$query.= ';';
563	$row = mysql_fetch_array( mysql_query( $query ) );
564	if ( $row['user_exists'] == 1 )
565	{
566	$vtp->addSession( $handle, 'information' );
567	$message = $lang['comment_user_exists'];
568	$vtp->setVar( $handle, 'information.content', $message );
569	$vtp->closeSession( $handle, 'information' );
570	$register_comment = false;
571	}
572	}
573
574	if ( $register_comment )
575	{
576	// anti-flood system
577	$reference_date = time() - $conf['anti-flood_time'];
578	$query = 'SELECT id';
579	$query.= ' FROM '.PREFIX_TABLE.'comments';
580	$query.= ' WHERE date > '.$reference_date;
581	$query.= " AND author = '".$author."'";
582	$query.= ';';
583	if ( mysql_num_rows( mysql_query( $query ) ) == 0
584	or $conf['anti-flood_time'] == 0 )
585	{
586	$query = 'INSERT INTO '.PREFIX_TABLE.'comments';
587	$query.= ' (author,date,image_id,content,validated) VALUES';
588	$query.= ' (';
589	if ( !isset( $author ) ) $query.= 'NULL';
590	else $query.= "'".$author."'";
591	$query.= ','.time().','.$page['id'];
592	$query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'";
593	if ( !$conf['comments_validation'] or $user['status'] == 'admin' )
594	$query.= ",'true'";
595	else
596	$query.= ",'false'";
597	$query.= ');';
598	mysql_query( $query );
599	// information message
600	$vtp->addSession( $handle, 'information' );
601	$message = $lang['comment_added'];
602	if ( $conf['comments_validation'] and $user['status'] != 'admin' )
603	{
604	$message.= '<br />'.$lang['comment_to_validate'];
605	}
606	$vtp->setVar( $handle, 'information.content', $message );
607	$vtp->closeSession( $handle, 'information' );
608	// notification to the administrators
609	if ( $conf['mail_notification'] )
610	{
611	$cat_name = get_cat_display_name( $page['cat_name'], ' > ', '' );
612	$cat_name = strip_tags( $cat_name );
613	if ( $page['name'] == '' ) $picture = $page['file'];
614	else $picture = $page['name'];
615	notify( 'comment', $cat_name.' > '.$picture );
616	}
617	}
618	else
619	{
620	// information message
621	$vtp->addSession( $handle, 'information' );
622	$message = $lang['comment_anti-flood'];
623	$vtp->setVar( $handle, 'information.content', $message );
624	$vtp->closeSession( $handle, 'information' );
625	}
626	}
627	}
628	// comment deletion
629	if ( isset( $_GET['del'] )
630	and is_numeric( $_GET['del'] )
631	and $user['status'] == 'admin' )
632	{
633	$query = 'DELETE FROM '.PREFIX_TABLE.'comments';
634	$query.= ' WHERE id = '.$_GET['del'].';';
635	mysql_query( $query );
636	}
637	// number of comment for this picture
638	$query = 'SELECT COUNT(*) AS nb_comments';
639	$query.= ' FROM '.PREFIX_TABLE.'comments';
640	$query.= ' WHERE image_id = '.$page['id'];
641	$query.= " AND validated = 'true'";
642	$query.= ';';
643	$row = mysql_fetch_array( mysql_query( $query ) );
644	$page['nb_comments'] = $row['nb_comments'];
645	// navigation bar creation
646	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
647	$url.= '&expand='.$_GET['expand'];
648	if ( $page['cat'] == 'search' )
649	{
650	$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
651	}
652	if( !isset( $_GET['start'] )
653	or !is_numeric( $_GET['start'] )
654	or ( is_numeric( $_GET['start'] ) and $_GET['start'] < 0 ) )
655	{
656	$page['start'] = 0;
657	}
658	else
659	{
660	$page['start'] = $_GET['start'];
661	}
662	$page['navigation_bar'] = create_navigation_bar( $url, $page['nb_comments'],
663	$page['start'],
664	$conf['nb_comment_page'],
665	'' );
666	// sending vars for display
667	$vtp->setGlobalVar( $handle, 'navigation_bar', $page['navigation_bar'] );
668	$vtp->setGlobalVar( $handle, 'nb_comments', $page['nb_comments'] );
669
670	$query = 'SELECT id,author,date,image_id,content';
671	$query.= ' FROM '.PREFIX_TABLE.'comments';
672	$query.= ' WHERE image_id = '.$page['id'];
673	$query.= " AND validated = 'true'";
674	$query.= ' ORDER BY date ASC';
675	$query.= ' LIMIT '.$page['start'].', '.$conf['nb_comment_page'].';';
676	$result = mysql_query( $query );
677
678	while ( $row = mysql_fetch_array( $result ) )
679	{
680	$vtp->addSession( $handle, 'comment' );
681	$author = $row['author'];
682	if ( $row['author'] == '' ) $author = $lang['guest'];
683	$vtp->setVar( $handle, 'comment.author', $author );
684	$vtp->setVar( $handle, 'comment.date',
685	format_date( $row['date'], 'unix', true ) );
686	$vtp->setVar( $handle, 'comment.content', nl2br( $row['content'] ) );
687	if ( $user['status'] == 'admin' )
688	{
689	$vtp->addSession( $handle, 'delete' );
690	$vtp->setVar( $handle, 'delete.link',
691	add_session_id( $url.'&del='.$row['id'] ) );
692	$vtp->closeSession( $handle, 'delete' );
693	}
694	$vtp->closeSession( $handle, 'comment' );
695	}
696
697	if ( !$user['is_the_guest']
698	or ( $user['is_the_guest'] and $conf['comments_forall'] ) )
699	{
700	$vtp->addSession( $handle, 'add_comment' );
701	// form action
702	$action = str_replace( '&', '&', $_SERVER['REQUEST_URI'] );
703	$vtp->setGlobalVar( $handle, 'form_action', $action );
704	// display author field if the user is not logged in
705	if ( !$user['is_the_guest'] )
706	{
707	$vtp->addSession( $handle, 'author_known' );
708	$vtp->setVar( $handle, 'author_known.value', $user['pseudo'] );
709	$vtp->closeSession( $handle, 'author_known' );
710	}
711	else
712	{
713	$vtp->addSession( $handle, 'author_field' );
714	$vtp->closeSession( $handle, 'author_field' );
715	}
716	$vtp->closeSession( $handle, 'add_comment' );
717	}
718	$vtp->closeSession( $handle, 'comments' );
719	}
720	//------------------------------------------------------------ log informations
721	pwg_log( 'picture', $intitule_cat, $page['file'] );
722	mysql_close();
723	//----------------------------------------------------------- html code display
724	$code = $vtp->Display( $handle, 0 );
725	echo $code;
726	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: