1 | <?php |
---|
2 | // +-----------------------------------------------------------------------+ |
---|
3 | // | Piwigo - a PHP based photo gallery | |
---|
4 | // +-----------------------------------------------------------------------+ |
---|
5 | // | Copyright(C) 2008-2011 Piwigo Team http://piwigo.org | |
---|
6 | // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | |
---|
7 | // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | |
---|
8 | // +-----------------------------------------------------------------------+ |
---|
9 | // | This program is free software; you can redistribute it and/or modify | |
---|
10 | // | it under the terms of the GNU General Public License as published by | |
---|
11 | // | the Free Software Foundation | |
---|
12 | // | | |
---|
13 | // | This program is distributed in the hope that it will be useful, but | |
---|
14 | // | WITHOUT ANY WARRANTY; without even the implied warranty of | |
---|
15 | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
---|
16 | // | General Public License for more details. | |
---|
17 | // | | |
---|
18 | // | You should have received a copy of the GNU General Public License | |
---|
19 | // | along with this program; if not, write to the Free Software | |
---|
20 | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
---|
21 | // | USA. | |
---|
22 | // +-----------------------------------------------------------------------+ |
---|
23 | |
---|
24 | if( !defined("PHPWG_ROOT_PATH") ) |
---|
25 | { |
---|
26 | die ("Hacking attempt!"); |
---|
27 | } |
---|
28 | |
---|
29 | include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); |
---|
30 | include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php'); |
---|
31 | |
---|
32 | // +-----------------------------------------------------------------------+ |
---|
33 | // | Check Access and exit when user status is not ok | |
---|
34 | // +-----------------------------------------------------------------------+ |
---|
35 | check_status(ACCESS_ADMINISTRATOR); |
---|
36 | |
---|
37 | //-------------------------------------------------------- sections definitions |
---|
38 | if (!isset($_GET['section'])) |
---|
39 | { |
---|
40 | $page['section'] = 'main'; |
---|
41 | } |
---|
42 | else |
---|
43 | { |
---|
44 | $page['section'] = $_GET['section']; |
---|
45 | } |
---|
46 | |
---|
47 | $main_checkboxes = array( |
---|
48 | 'gallery_locked', |
---|
49 | 'allow_user_registration', |
---|
50 | 'obligatory_user_mail_address', |
---|
51 | 'rate', |
---|
52 | 'rate_anonymous', |
---|
53 | 'email_admin_on_new_user', |
---|
54 | 'allow_user_customization', |
---|
55 | ); |
---|
56 | |
---|
57 | $history_checkboxes = array( |
---|
58 | 'log', |
---|
59 | 'history_admin', |
---|
60 | 'history_guest' |
---|
61 | ); |
---|
62 | |
---|
63 | $comments_checkboxes = array( |
---|
64 | 'comments_forall', |
---|
65 | 'comments_validation', |
---|
66 | 'email_admin_on_comment', |
---|
67 | 'email_admin_on_comment_validation', |
---|
68 | 'user_can_delete_comment', |
---|
69 | 'user_can_edit_comment', |
---|
70 | 'email_admin_on_comment_edition', |
---|
71 | 'email_admin_on_comment_deletion' |
---|
72 | ); |
---|
73 | |
---|
74 | $display_checkboxes = array( |
---|
75 | 'menubar_filter_icon', |
---|
76 | 'index_sort_order_input', |
---|
77 | 'index_flat_icon', |
---|
78 | 'index_posted_date_icon', |
---|
79 | 'index_created_date_icon', |
---|
80 | 'index_slideshow_icon', |
---|
81 | 'picture_metadata_icon', |
---|
82 | 'picture_slideshow_icon', |
---|
83 | 'picture_favorite_icon', |
---|
84 | 'picture_download_icon', |
---|
85 | 'picture_navigation_icons', |
---|
86 | 'picture_navigation_thumb', |
---|
87 | 'picture_menu', |
---|
88 | ); |
---|
89 | |
---|
90 | $display_info_checkboxes = array( |
---|
91 | 'author', |
---|
92 | 'created_on', |
---|
93 | 'posted_on', |
---|
94 | 'dimensions', |
---|
95 | 'file', |
---|
96 | 'filesize', |
---|
97 | 'tags', |
---|
98 | 'categories', |
---|
99 | 'visits', |
---|
100 | 'average_rate', |
---|
101 | 'privacy_level', |
---|
102 | ); |
---|
103 | |
---|
104 | $order_options = array( |
---|
105 | ' ORDER BY date_available DESC, file ASC, id ASC' => 'date_available DESC, file ASC, id ASC', |
---|
106 | ' ORDER BY file DESC, date_available DESC' => 'file DESC, date_available DESC', |
---|
107 | 'custom' => l10n('Custom'), |
---|
108 | ); |
---|
109 | |
---|
110 | //------------------------------ verification and registration of modifications |
---|
111 | if (isset($_POST['submit'])) |
---|
112 | { |
---|
113 | $int_pattern = '/^\d+$/'; |
---|
114 | |
---|
115 | switch ($page['section']) |
---|
116 | { |
---|
117 | case 'main' : |
---|
118 | { |
---|
119 | $order_regex = '#^(( *)(id|file|name|date_available|date_creation|hit|average_rate|comment|author|filesize|width|height|high_filesize|high_width|high_height) (ASC|DESC),{1}){1,}$#'; |
---|
120 | // process 'order_by_perso' string |
---|
121 | if ($_POST['order_by'] == 'custom' AND !empty($_POST['order_by_perso'])) |
---|
122 | { |
---|
123 | $_POST['order_by'] = str_ireplace( |
---|
124 | array('order by ', 'asc', 'desc'), |
---|
125 | array(null, 'ASC', 'DESC'), |
---|
126 | trim($_POST['order_by_perso']) |
---|
127 | ); |
---|
128 | |
---|
129 | if (preg_match($order_regex, $_POST['order_by'].',')) |
---|
130 | { |
---|
131 | $_POST['order_by'] = ' ORDER BY '.$_POST['order_by']; |
---|
132 | } |
---|
133 | else |
---|
134 | { |
---|
135 | array_push($page['errors'], l10n('Invalid order string').' « '.$_POST['order_by'].' »'); |
---|
136 | } |
---|
137 | } |
---|
138 | else if ($_POST['order_by'] == 'custom') |
---|
139 | { |
---|
140 | array_push($page['errors'], l10n('Invalid order string')); |
---|
141 | } |
---|
142 | // process 'order_by_inside_category_perso' string |
---|
143 | if ($_POST['order_by_inside_category'] == 'as_order_by') |
---|
144 | { |
---|
145 | $_POST['order_by_inside_category'] = $_POST['order_by']; |
---|
146 | } |
---|
147 | else if ($_POST['order_by_inside_category'] == 'custom' AND !empty($_POST['order_by_inside_category_perso'])) |
---|
148 | { |
---|
149 | $_POST['order_by_inside_category'] = str_ireplace( |
---|
150 | array('order by ', 'asc', 'desc'), |
---|
151 | array(null, 'ASC', 'DESC'), |
---|
152 | trim($_POST['order_by_inside_category_perso']) |
---|
153 | ); |
---|
154 | |
---|
155 | if (preg_match($order_regex, $_POST['order_by_inside_category'].',')) |
---|
156 | { |
---|
157 | $_POST['order_by_inside_category'] = ' ORDER BY '.$_POST['order_by_inside_category']; |
---|
158 | } |
---|
159 | else |
---|
160 | { |
---|
161 | array_push($page['errors'], l10n('Invalid order string').' « '.$_POST['order_by_inside_category'].' »'); |
---|
162 | } |
---|
163 | } |
---|
164 | else if ($_POST['order_by_inside_category'] == 'custom') |
---|
165 | { |
---|
166 | array_push($page['errors'], l10n('Invalid order string')); |
---|
167 | } |
---|
168 | |
---|
169 | if (empty($_POST['gallery_locked']) and $conf['gallery_locked']) |
---|
170 | { |
---|
171 | $tpl_var = & $template->get_template_vars('header_msgs'); |
---|
172 | $msg_key = array_search(l10n('The gallery is locked for maintenance. Please, come back later.'), $tpl_var); |
---|
173 | unset($tpl_var[$msg_key]); |
---|
174 | } |
---|
175 | elseif (!empty($_POST['gallery_locked']) and !$conf['gallery_locked']) |
---|
176 | { |
---|
177 | $template->append('header_msgs', l10n('The gallery is locked for maintenance. Please, come back later.')); |
---|
178 | } |
---|
179 | foreach( $main_checkboxes as $checkbox) |
---|
180 | { |
---|
181 | $_POST[$checkbox] = empty($_POST[$checkbox])?'false':'true'; |
---|
182 | } |
---|
183 | break; |
---|
184 | } |
---|
185 | case 'history' : |
---|
186 | { |
---|
187 | foreach( $history_checkboxes as $checkbox) |
---|
188 | { |
---|
189 | $_POST[$checkbox] = empty($_POST[$checkbox])?'false':'true'; |
---|
190 | } |
---|
191 | break; |
---|
192 | } |
---|
193 | case 'comments' : |
---|
194 | { |
---|
195 | // the number of comments per page must be an integer between 5 and 50 |
---|
196 | // included |
---|
197 | if (!preg_match($int_pattern, $_POST['nb_comment_page']) |
---|
198 | or $_POST['nb_comment_page'] < 5 |
---|
199 | or $_POST['nb_comment_page'] > 50) |
---|
200 | { |
---|
201 | array_push($page['errors'], l10n('The number of comments a page must be between 5 and 50 included.')); |
---|
202 | } |
---|
203 | foreach( $comments_checkboxes as $checkbox) |
---|
204 | { |
---|
205 | $_POST[$checkbox] = empty($_POST[$checkbox])?'false':'true'; |
---|
206 | } |
---|
207 | break; |
---|
208 | } |
---|
209 | case 'default' : |
---|
210 | { |
---|
211 | // Never go here |
---|
212 | break; |
---|
213 | } |
---|
214 | case 'display' : |
---|
215 | { |
---|
216 | foreach( $display_checkboxes as $checkbox) |
---|
217 | { |
---|
218 | $_POST[$checkbox] = empty($_POST[$checkbox])?'false':'true'; |
---|
219 | } |
---|
220 | foreach( $display_info_checkboxes as $checkbox) |
---|
221 | { |
---|
222 | $_POST['picture_informations'][$checkbox] = |
---|
223 | empty($_POST['picture_informations'][$checkbox])? false : true; |
---|
224 | } |
---|
225 | $_POST['picture_informations'] = addslashes(serialize($_POST['picture_informations'])); |
---|
226 | break; |
---|
227 | } |
---|
228 | } |
---|
229 | |
---|
230 | // updating configuration if no error found |
---|
231 | if (count($page['errors']) == 0) |
---|
232 | { |
---|
233 | //echo '<pre>'; print_r($_POST); echo '</pre>'; |
---|
234 | $result = pwg_query('SELECT param FROM '.CONFIG_TABLE); |
---|
235 | while ($row = pwg_db_fetch_assoc($result)) |
---|
236 | { |
---|
237 | if (isset($_POST[$row['param']])) |
---|
238 | { |
---|
239 | $value = $_POST[$row['param']]; |
---|
240 | |
---|
241 | if ('gallery_title' == $row['param']) |
---|
242 | { |
---|
243 | if (!$conf['allow_html_descriptions']) |
---|
244 | { |
---|
245 | $value = strip_tags($value); |
---|
246 | } |
---|
247 | } |
---|
248 | |
---|
249 | $query = ' |
---|
250 | UPDATE '.CONFIG_TABLE.' |
---|
251 | SET value = \''. str_replace("\'", "''", $value).'\' |
---|
252 | WHERE param = \''.$row['param'].'\' |
---|
253 | ;'; |
---|
254 | pwg_query($query); |
---|
255 | } |
---|
256 | } |
---|
257 | array_push($page['infos'], l10n('Information data registered in database')); |
---|
258 | } |
---|
259 | |
---|
260 | //------------------------------------------------------ $conf reinitialization |
---|
261 | load_conf_from_db(); |
---|
262 | } |
---|
263 | |
---|
264 | //----------------------------------------------------- template initialization |
---|
265 | $template->set_filename('config', 'configuration.tpl'); |
---|
266 | |
---|
267 | // TabSheet |
---|
268 | $tabsheet = new tabsheet(); |
---|
269 | // TabSheet initialization |
---|
270 | $tabsheet->add('main', l10n('Main'), $conf_link.'main'); |
---|
271 | $tabsheet->add('display', l10n('Display'), $conf_link.'display'); |
---|
272 | $tabsheet->add('history', l10n('History'), $conf_link.'history'); |
---|
273 | $tabsheet->add('comments', l10n('Comments'), $conf_link.'comments'); |
---|
274 | $tabsheet->add('default', l10n('Guest Settings'), $conf_link.'default'); |
---|
275 | // TabSheet selection |
---|
276 | $tabsheet->select($page['section']); |
---|
277 | // Assign tabsheet to template |
---|
278 | $tabsheet->assign(); |
---|
279 | |
---|
280 | $action = get_root_url().'admin.php?page=configuration'; |
---|
281 | $action.= '&section='.$page['section']; |
---|
282 | |
---|
283 | $template->assign( |
---|
284 | array( |
---|
285 | 'U_HELP' => get_root_url().'admin/popuphelp.php?page=configuration', |
---|
286 | 'F_ACTION'=>$action |
---|
287 | )); |
---|
288 | |
---|
289 | switch ($page['section']) |
---|
290 | { |
---|
291 | case 'main' : |
---|
292 | { |
---|
293 | // process 'order_by' string |
---|
294 | if (array_key_exists($conf['order_by'], $order_options)) |
---|
295 | { |
---|
296 | $order_by_selected = $conf['order_by']; |
---|
297 | $order_by_perso = null; |
---|
298 | } |
---|
299 | else |
---|
300 | { |
---|
301 | $order_by_selected = 'custom'; |
---|
302 | $order_by_perso = str_replace(' ORDER BY ', null, $conf['order_by']); |
---|
303 | } |
---|
304 | // process 'order_by_inside_category' string |
---|
305 | if ($conf['order_by_inside_category'] == $conf['order_by']) |
---|
306 | { |
---|
307 | $order_by_inside_category_selected = 'as_order_by'; |
---|
308 | $order_by_inside_category_perso = null; |
---|
309 | } |
---|
310 | else if (array_key_exists($conf['order_by_inside_category'], $order_options)) |
---|
311 | { |
---|
312 | $order_by_inside_category_selected = $conf['order_by_inside_category']; |
---|
313 | $order_by_inside_category_perso = null; |
---|
314 | } |
---|
315 | else |
---|
316 | { |
---|
317 | $order_by_inside_category_selected = 'custom'; |
---|
318 | $order_by_inside_category_perso = str_replace(' ORDER BY ', null, $conf['order_by_inside_category']); |
---|
319 | } |
---|
320 | |
---|
321 | $template->assign( |
---|
322 | 'main', |
---|
323 | array( |
---|
324 | 'CONF_GALLERY_TITLE' => htmlspecialchars($conf['gallery_title']), |
---|
325 | 'CONF_PAGE_BANNER' => htmlspecialchars($conf['page_banner']), |
---|
326 | 'CONF_GALLERY_URL' => $conf['gallery_url'], |
---|
327 | 'week_starts_on_options' => array( |
---|
328 | 'sunday' => $lang['day'][0], |
---|
329 | 'monday' => $lang['day'][1], |
---|
330 | ), |
---|
331 | 'week_starts_on_options_selected' => $conf['week_starts_on'], |
---|
332 | 'order_by_options' => $order_options, |
---|
333 | 'order_by_selected' => $order_by_selected, |
---|
334 | 'order_by_perso' => $order_by_perso, |
---|
335 | 'order_by_inside_category_options' => |
---|
336 | array_merge( |
---|
337 | array('as_order_by'=>l10n('As default order')), |
---|
338 | $order_options |
---|
339 | ), |
---|
340 | 'order_by_inside_category_selected' => $order_by_inside_category_selected, |
---|
341 | 'order_by_inside_category_perso' => $order_by_inside_category_perso, |
---|
342 | )); |
---|
343 | |
---|
344 | foreach ($main_checkboxes as $checkbox) |
---|
345 | { |
---|
346 | $template->append( |
---|
347 | 'main', |
---|
348 | array( |
---|
349 | $checkbox => $conf[$checkbox] |
---|
350 | ), |
---|
351 | true |
---|
352 | ); |
---|
353 | } |
---|
354 | break; |
---|
355 | } |
---|
356 | case 'history' : |
---|
357 | { |
---|
358 | //Necessary for merge_block_vars |
---|
359 | foreach ($history_checkboxes as $checkbox) |
---|
360 | { |
---|
361 | $template->append( |
---|
362 | 'history', |
---|
363 | array( |
---|
364 | $checkbox => $conf[$checkbox] |
---|
365 | ), |
---|
366 | true |
---|
367 | ); |
---|
368 | } |
---|
369 | break; |
---|
370 | } |
---|
371 | case 'comments' : |
---|
372 | { |
---|
373 | $template->assign( |
---|
374 | 'comments', |
---|
375 | array( |
---|
376 | 'NB_COMMENTS_PAGE'=>$conf['nb_comment_page'], |
---|
377 | )); |
---|
378 | |
---|
379 | foreach ($comments_checkboxes as $checkbox) |
---|
380 | { |
---|
381 | $template->append( |
---|
382 | 'comments', |
---|
383 | array( |
---|
384 | $checkbox => $conf[$checkbox] |
---|
385 | ), |
---|
386 | true |
---|
387 | ); |
---|
388 | } |
---|
389 | break; |
---|
390 | } |
---|
391 | case 'default' : |
---|
392 | { |
---|
393 | $edit_user = build_user($conf['guest_id'], false); |
---|
394 | include_once(PHPWG_ROOT_PATH.'profile.php'); |
---|
395 | |
---|
396 | $errors = array(); |
---|
397 | if (save_profile_from_post($edit_user, $errors)) |
---|
398 | { |
---|
399 | // Reload user |
---|
400 | $edit_user = build_user($conf['guest_id'], false); |
---|
401 | array_push($page['infos'], l10n('Information data registered in database')); |
---|
402 | } |
---|
403 | $page['errors'] = array_merge($page['errors'], $errors); |
---|
404 | |
---|
405 | load_profile_in_template( |
---|
406 | $action, |
---|
407 | '', |
---|
408 | $edit_user |
---|
409 | ); |
---|
410 | $template->assign('default', array()); |
---|
411 | break; |
---|
412 | } |
---|
413 | case 'display' : |
---|
414 | { |
---|
415 | foreach ($display_checkboxes as $checkbox) |
---|
416 | { |
---|
417 | $template->append( |
---|
418 | 'display', |
---|
419 | array( |
---|
420 | $checkbox => $conf[$checkbox] |
---|
421 | ), |
---|
422 | true |
---|
423 | ); |
---|
424 | } |
---|
425 | $template->append( |
---|
426 | 'display', |
---|
427 | array( |
---|
428 | 'picture_informations' => unserialize($conf['picture_informations']) |
---|
429 | ), |
---|
430 | true |
---|
431 | ); |
---|
432 | break; |
---|
433 | } |
---|
434 | } |
---|
435 | |
---|
436 | //----------------------------------------------------------- sending html code |
---|
437 | $template->assign_var_from_handle('ADMIN_CONTENT', 'config'); |
---|
438 | ?> |
---|