Context Navigation

source: trunk/include/functions.inc.php @ 11511

Last change on this file since 11511 was 11511, checked in by plg, 13 years ago
feature 2365 added: Piwigo version is written in the database (as "piwigo_db_version" in the config table). We only store the branch, not the release : 2.3 and not 2.3.1, because database structure is not changing between minor releases.
Property svn:eol-style set to `LF`
File size: 41.3 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based photo gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2011 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	include_once( PHPWG_ROOT_PATH .'include/functions_user.inc.php' );
25	include_once( PHPWG_ROOT_PATH .'include/functions_cookie.inc.php' );
26	include_once( PHPWG_ROOT_PATH .'include/functions_session.inc.php' );
27	include_once( PHPWG_ROOT_PATH .'include/functions_category.inc.php' );
28	include_once( PHPWG_ROOT_PATH .'include/functions_xml.inc.php' );
29	include_once( PHPWG_ROOT_PATH .'include/functions_html.inc.php' );
30	include_once( PHPWG_ROOT_PATH .'include/functions_tag.inc.php' );
31	include_once( PHPWG_ROOT_PATH .'include/functions_url.inc.php' );
32	include_once( PHPWG_ROOT_PATH .'include/functions_plugins.inc.php' );
33
34	//----------------------------------------------------------- generic functions
35
36	/**
37	* stupidly returns the current microsecond since Unix epoch
38	*/
39	function micro_seconds()
40	{
41	$t1 = explode(' ', microtime());
42	$t2 = explode('.', $t1[0]);
43	$t2 = $t1[1].substr($t2[1], 0, 6);
44	return $t2;
45	}
46
47	// The function get_moment returns a float value coresponding to the number
48	// of seconds since the unix epoch (1st January 1970) and the microseconds
49	// are precised : e.g. 1052343429.89276600
50	function get_moment()
51	{
52	$t1 = explode( ' ', microtime() );
53	$t2 = explode( '.', $t1[0] );
54	$t2 = $t1[1].'.'.$t2[1];
55	return $t2;
56	}
57
58	// The function get_elapsed_time returns the number of seconds (with 3
59	// decimals precision) between the start time and the end time given.
60	function get_elapsed_time( $start, $end )
61	{
62	return number_format( $end - $start, 3, '.', ' ').' s';
63	}
64
65	// - The replace_space function replaces space and '-' characters
66	// by their HTML equivalent &nbsb; and −
67	// - The function does not replace characters in HTML tags
68	// - This function was created because IE5 does not respect the
69	// CSS "white-space: nowrap;" property unless space and minus
70	// characters are replaced like this function does.
71	// - Example :
72	// <div class="foo">My friend</div>
73	// ( 01234567891111111111222222222233 )
74	// ( 0123456789012345678901 )
75	// becomes :
76	// <div class="foo">My friend</div>
77	function replace_space( $string )
78	{
79	//return $string;
80	$return_string = '';
81	// $remaining is the rest of the string where to replace spaces characters
82	$remaining = $string;
83	// $start represents the position of the next '<' character
84	// $end represents the position of the next '>' character
85	; // -> 0
86	$end = strpos ( $remaining, '>' ); // -> 16
87	// as long as a '<' and his friend '>' are found, we loop
88	while ( ($start=strpos( $remaining, '<' )) !==false
89	and ($end=strpos( $remaining, '>' )) !== false )
90	{
91	// $treatment is the part of the string to treat
92	// In the first loop of our example, this variable is empty, but in the
93	// second loop, it equals 'My friend'
94	$treatment = substr ( $remaining, 0, $start );
95	// Replacement of ' ' by his equivalent ' '
96	$treatment = str_replace( ' ', ' ', $treatment );
97	$treatment = str_replace( '-', '−', $treatment );
98	// composing the string to return by adding the treated string and the
99	// following HTML tag -> 'My friend</div>'
100	$return_string.= $treatment.substr( $remaining, $start, $end-$start+1 );
101	// the remaining string is deplaced to the part after the '>' of this
102	// loop
103	$remaining = substr ( $remaining, $end + 1, strlen( $remaining ) );
104	}
105	$treatment = str_replace( ' ', ' ', $remaining );
106	$treatment = str_replace( '-', '−', $treatment );
107	$return_string.= $treatment;
108
109	return $return_string;
110	}
111
112	// get_extension returns the part of the string after the last "."
113	function get_extension( $filename )
114	{
115	return substr( strrchr( $filename, '.' ), 1, strlen ( $filename ) );
116	}
117
118	// get_filename_wo_extension returns the part of the string before the last
119	// ".".
120	// get_filename_wo_extension( 'test.tar.gz' ) -> 'test.tar'
121	function get_filename_wo_extension( $filename )
122	{
123	$pos = strrpos( $filename, '.' );
124	return ($pos===false) ? $filename : substr( $filename, 0, $pos);
125	}
126
127	/**
128	* returns an array contening sub-directories, excluding ".svn"
129	*
130	* @param string $dir
131	* @return array
132	*/
133	function get_dirs($directory)
134	{
135	$sub_dirs = array();
136	if ($opendir = opendir($directory))
137	{
138	while ($file = readdir($opendir))
139	{
140	if ($file != '.'
141	and $file != '..'
142	and is_dir($directory.'/'.$file)
143	and $file != '.svn')
144	{
145	array_push($sub_dirs, $file);
146	}
147	}
148	closedir($opendir);
149	}
150	return $sub_dirs;
151	}
152
153	define('MKGETDIR_NONE', 0);
154	define('MKGETDIR_RECURSIVE', 1);
155	define('MKGETDIR_DIE_ON_ERROR', 2);
156	define('MKGETDIR_PROTECT_INDEX', 4);
157	define('MKGETDIR_PROTECT_HTACCESS', 8);
158	define('MKGETDIR_DEFAULT', 7);
159	/**
160	* creates directory if not exists; ensures that directory is writable
161	* @param:
162	* string $dir
163	* int $flags combination of MKGETDIR_xxx
164	* @return bool false on error else true
165	*/
166	function mkgetdir($dir, $flags=MKGETDIR_DEFAULT)
167	{
168	if ( !is_dir($dir) )
169	{
170	if (substr(PHP_OS, 0, 3) == 'WIN')
171	{
172	$dir = str_replace('/', DIRECTORY_SEPARATOR, $dir);
173	}
174	$umask = umask(0);
175	$mkd = @mkdir($dir, 0755, ($flags&MKGETDIR_RECURSIVE) ? true:false );
176	umask($umask);
177	if ($mkd==false)
178	{
179	!($flags&MKGETDIR_DIE_ON_ERROR) or fatal_error( "$dir ".l10n('no write access'));
180	return false;
181	}
182	if( $flags&MKGETDIR_PROTECT_HTACCESS )
183	{
184	$file = $dir.'/.htaccess';
185	file_exists($file) or @file_put_contents( $file, 'deny from all' );
186	}
187	if( $flags&MKGETDIR_PROTECT_INDEX )
188	{
189	$file = $dir.'/index.htm';
190	file_exists($file) or @file_put_contents( $file, 'Not allowed!' );
191	}
192	}
193	if ( !is_writable($dir) )
194	{
195	!($flags&MKGETDIR_DIE_ON_ERROR) or fatal_error( "$dir ".l10n('no write access'));
196	return false;
197	}
198	return true;
199	}
200
201	/**
202	* returns thumbnail directory name of input diretoty name
203	* make thumbnail directory is necessary
204	* set error messages on array messages
205	*
206	* @param:
207	* string $dirname
208	* arrayy $errors
209	* @return bool false on error else string directory name
210	*/
211	function mkget_thumbnail_dir($dirname, &$errors)
212	{
213	global $conf;
214
215	$tndir = $dirname.'/'.$conf['dir_thumbnail'];
216	if (! mkgetdir($tndir, MKGETDIR_NONE) )
217	{
218	array_push($errors,
219	'['.$dirname.'] : '.l10n('no write access'));
220	return false;
221	}
222	return $tndir;
223	}
224
225	/* Returns true if the string appears to be encoded in UTF-8. (from wordpress)
226	* @param string Str
227	*/
228	function seems_utf8($Str) { # by bmorel at ssi dot fr
229	for ($i=0; $i<strlen($Str); $i++) {
230	if (ord($Str[$i]) < 0x80) continue; # 0bbbbbbb
231	elseif ((ord($Str[$i]) & 0xE0) == 0xC0) $n=1; # 110bbbbb
232	elseif ((ord($Str[$i]) & 0xF0) == 0xE0) $n=2; # 1110bbbb
233	elseif ((ord($Str[$i]) & 0xF8) == 0xF0) $n=3; # 11110bbb
234	elseif ((ord($Str[$i]) & 0xFC) == 0xF8) $n=4; # 111110bb
235	elseif ((ord($Str[$i]) & 0xFE) == 0xFC) $n=5; # 1111110b
236	else return false; # Does not match any model
237	for ($j=0; $j<$n; $j++) { # n bytes matching 10bbbbbb follow ?
238	if ((++$i == strlen($Str)) \|\| ((ord($Str[$i]) & 0xC0) != 0x80))
239	return false;
240	}
241	}
242	return true;
243	}
244
245	/* Remove accents from a UTF-8 or ISO-859-1 string (from wordpress)
246	* @param string sstring - an UTF-8 or ISO-8859-1 string
247	*/
248	function remove_accents($string)
249	{
250	if ( !preg_match('/[\x80-\xff]/', $string) )
251	return $string;
252
253	if (seems_utf8($string)) {
254	$chars = array(
255	// Decompositions for Latin-1 Supplement
256	"\xc3\x80"=>'A', "\xc3\x81"=>'A',
257	"\xc3\x82"=>'A', "\xc3\x83"=>'A',
258	"\xc3\x84"=>'A', "\xc3\x85"=>'A',
259	"\xc3\x87"=>'C', "\xc3\x88"=>'E',
260	"\xc3\x89"=>'E', "\xc3\x8a"=>'E',
261	"\xc3\x8b"=>'E', "\xc3\x8c"=>'I',
262	"\xc3\x8d"=>'I', "\xc3\x8e"=>'I',
263	"\xc3\x8f"=>'I', "\xc3\x91"=>'N',
264	"\xc3\x92"=>'O', "\xc3\x93"=>'O',
265	"\xc3\x94"=>'O', "\xc3\x95"=>'O',
266	"\xc3\x96"=>'O', "\xc3\x99"=>'U',
267	"\xc3\x9a"=>'U', "\xc3\x9b"=>'U',
268	"\xc3\x9c"=>'U', "\xc3\x9d"=>'Y',
269	"\xc3\x9f"=>'s', "\xc3\xa0"=>'a',
270	"\xc3\xa1"=>'a', "\xc3\xa2"=>'a',
271	"\xc3\xa3"=>'a', "\xc3\xa4"=>'a',
272	"\xc3\xa5"=>'a', "\xc3\xa7"=>'c',
273	"\xc3\xa8"=>'e', "\xc3\xa9"=>'e',
274	"\xc3\xaa"=>'e', "\xc3\xab"=>'e',
275	"\xc3\xac"=>'i', "\xc3\xad"=>'i',
276	"\xc3\xae"=>'i', "\xc3\xaf"=>'i',
277	"\xc3\xb1"=>'n', "\xc3\xb2"=>'o',
278	"\xc3\xb3"=>'o', "\xc3\xb4"=>'o',
279	"\xc3\xb5"=>'o', "\xc3\xb6"=>'o',
280	"\xc3\xb9"=>'u', "\xc3\xba"=>'u',
281	"\xc3\xbb"=>'u', "\xc3\xbc"=>'u',
282	"\xc3\xbd"=>'y', "\xc3\xbf"=>'y',
283	// Decompositions for Latin Extended-A
284	"\xc4\x80"=>'A', "\xc4\x81"=>'a',
285	"\xc4\x82"=>'A', "\xc4\x83"=>'a',
286	"\xc4\x84"=>'A', "\xc4\x85"=>'a',
287	"\xc4\x86"=>'C', "\xc4\x87"=>'c',
288	"\xc4\x88"=>'C', "\xc4\x89"=>'c',
289	"\xc4\x8a"=>'C', "\xc4\x8b"=>'c',
290	"\xc4\x8c"=>'C', "\xc4\x8d"=>'c',
291	"\xc4\x8e"=>'D', "\xc4\x8f"=>'d',
292	"\xc4\x90"=>'D', "\xc4\x91"=>'d',
293	"\xc4\x92"=>'E', "\xc4\x93"=>'e',
294	"\xc4\x94"=>'E', "\xc4\x95"=>'e',
295	"\xc4\x96"=>'E', "\xc4\x97"=>'e',
296	"\xc4\x98"=>'E', "\xc4\x99"=>'e',
297	"\xc4\x9a"=>'E', "\xc4\x9b"=>'e',
298	"\xc4\x9c"=>'G', "\xc4\x9d"=>'g',
299	"\xc4\x9e"=>'G', "\xc4\x9f"=>'g',
300	"\xc4\xa0"=>'G', "\xc4\xa1"=>'g',
301	"\xc4\xa2"=>'G', "\xc4\xa3"=>'g',
302	"\xc4\xa4"=>'H', "\xc4\xa5"=>'h',
303	"\xc4\xa6"=>'H', "\xc4\xa7"=>'h',
304	"\xc4\xa8"=>'I', "\xc4\xa9"=>'i',
305	"\xc4\xaa"=>'I', "\xc4\xab"=>'i',
306	"\xc4\xac"=>'I', "\xc4\xad"=>'i',
307	"\xc4\xae"=>'I', "\xc4\xaf"=>'i',
308	"\xc4\xb0"=>'I', "\xc4\xb1"=>'i',
309	"\xc4\xb2"=>'IJ', "\xc4\xb3"=>'ij',
310	"\xc4\xb4"=>'J', "\xc4\xb5"=>'j',
311	"\xc4\xb6"=>'K', "\xc4\xb7"=>'k',
312	"\xc4\xb8"=>'k', "\xc4\xb9"=>'L',
313	"\xc4\xba"=>'l', "\xc4\xbb"=>'L',
314	"\xc4\xbc"=>'l', "\xc4\xbd"=>'L',
315	"\xc4\xbe"=>'l', "\xc4\xbf"=>'L',
316	"\xc5\x80"=>'l', "\xc5\x81"=>'L',
317	"\xc5\x82"=>'l', "\xc5\x83"=>'N',
318	"\xc5\x84"=>'n', "\xc5\x85"=>'N',
319	"\xc5\x86"=>'n', "\xc5\x87"=>'N',
320	"\xc5\x88"=>'n', "\xc5\x89"=>'N',
321	"\xc5\x8a"=>'n', "\xc5\x8b"=>'N',
322	"\xc5\x8c"=>'O', "\xc5\x8d"=>'o',
323	"\xc5\x8e"=>'O', "\xc5\x8f"=>'o',
324	"\xc5\x90"=>'O', "\xc5\x91"=>'o',
325	"\xc5\x92"=>'OE', "\xc5\x93"=>'oe',
326	"\xc5\x94"=>'R', "\xc5\x95"=>'r',
327	"\xc5\x96"=>'R', "\xc5\x97"=>'r',
328	"\xc5\x98"=>'R', "\xc5\x99"=>'r',
329	"\xc5\x9a"=>'S', "\xc5\x9b"=>'s',
330	"\xc5\x9c"=>'S', "\xc5\x9d"=>'s',
331	"\xc5\x9e"=>'S', "\xc5\x9f"=>'s',
332	"\xc5\xa0"=>'S', "\xc5\xa1"=>'s',
333	"\xc5\xa2"=>'T', "\xc5\xa3"=>'t',
334	"\xc5\xa4"=>'T', "\xc5\xa5"=>'t',
335	"\xc5\xa6"=>'T', "\xc5\xa7"=>'t',
336	"\xc5\xa8"=>'U', "\xc5\xa9"=>'u',
337	"\xc5\xaa"=>'U', "\xc5\xab"=>'u',
338	"\xc5\xac"=>'U', "\xc5\xad"=>'u',
339	"\xc5\xae"=>'U', "\xc5\xaf"=>'u',
340	"\xc5\xb0"=>'U', "\xc5\xb1"=>'u',
341	"\xc5\xb2"=>'U', "\xc5\xb3"=>'u',
342	"\xc5\xb4"=>'W', "\xc5\xb5"=>'w',
343	"\xc5\xb6"=>'Y', "\xc5\xb7"=>'y',
344	"\xc5\xb8"=>'Y', "\xc5\xb9"=>'Z',
345	"\xc5\xba"=>'z', "\xc5\xbb"=>'Z',
346	"\xc5\xbc"=>'z', "\xc5\xbd"=>'Z',
347	"\xc5\xbe"=>'z', "\xc5\xbf"=>'s',
348	// Euro Sign
349	"\xe2\x82\xac"=>'E',
350	// GBP (Pound) Sign
351	"\xc2\xa3"=>'');
352
353	$string = strtr($string, $chars);
354	} else {
355	// Assume ISO-8859-1 if not UTF-8
356	$chars['in'] = chr(128).chr(131).chr(138).chr(142).chr(154).chr(158)
357	.chr(159).chr(162).chr(165).chr(181).chr(192).chr(193).chr(194)
358	.chr(195).chr(196).chr(197).chr(199).chr(200).chr(201).chr(202)
359	.chr(203).chr(204).chr(205).chr(206).chr(207).chr(209).chr(210)
360	.chr(211).chr(212).chr(213).chr(214).chr(216).chr(217).chr(218)
361	.chr(219).chr(220).chr(221).chr(224).chr(225).chr(226).chr(227)
362	.chr(228).chr(229).chr(231).chr(232).chr(233).chr(234).chr(235)
363	.chr(236).chr(237).chr(238).chr(239).chr(241).chr(242).chr(243)
364	.chr(244).chr(245).chr(246).chr(248).chr(249).chr(250).chr(251)
365	.chr(252).chr(253).chr(255);
366
367	$chars['out'] = "EfSZszYcYuAAAAAACEEEEIIIINOOOOOOUUUUYaaaaaaceeeeiiiinoooooouuuuyy";
368
369	$string = strtr($string, $chars['in'], $chars['out']);
370	$double_chars['in'] = array(chr(140), chr(156), chr(198), chr(208), chr(222), chr(223), chr(230), chr(240), chr(254));
371	$double_chars['out'] = array('OE', 'oe', 'AE', 'DH', 'TH', 'ss', 'ae', 'dh', 'th');
372	$string = str_replace($double_chars['in'], $double_chars['out'], $string);
373	}
374
375	return $string;
376	}
377
378	/**
379	* simplify a string to insert it into an URL
380	*
381	* @param string
382	* @return string
383	*/
384	function str2url($str)
385	{
386	$raw = $str;
387
388	$str = remove_accents($str);
389	$str = preg_replace('/[^a-z0-9_\s\'\:\/\[\],-]/','',strtolower($str));
390	$str = preg_replace('/[\s\'\:\/\[\],-]+/',' ',trim($str));
391	$res = str_replace(' ','_',$str);
392
393	if (empty($res))
394	{
395	$res = str_replace(' ','_', $raw);
396	}
397
398	return $res;
399	}
400
401	//-------------------------------------------- Piwigo specific functions
402
403	/**
404	* returns an array with a list of {language_code => language_name}
405	*
406	* @returns array
407	*/
408	function get_languages()
409	{
410	$query = '
411	SELECT id, name
412	FROM '.LANGUAGES_TABLE.'
413	ORDER BY name ASC
414	;';
415	$result = pwg_query($query);
416
417	$languages = array();
418	while ($row = pwg_db_fetch_assoc($result))
419	{
420	if (is_dir(PHPWG_ROOT_PATH.'language/'.$row['id']))
421	{
422	$languages[ $row['id'] ] = $row['name'];
423	}
424	}
425
426	return $languages;
427	}
428
429	function pwg_log($image_id = null, $image_type = null)
430	{
431	global $conf, $user, $page;
432
433	$do_log = $conf['log'];
434	if (is_admin())
435	{
436	$do_log = $conf['history_admin'];
437	}
438	if (is_a_guest())
439	{
440	$do_log = $conf['history_guest'];
441	}
442
443	$do_log = trigger_event('pwg_log_allowed', $do_log, $image_id, $image_type);
444
445	if (!$do_log)
446	{
447	return false;
448	}
449
450	$tags_string = null;
451	if ('tags'==@$page['section'])
452	{
453	$tags_string = implode(',', $page['tag_ids']);
454	}
455
456	$query = '
457	INSERT INTO '.HISTORY_TABLE.'
458	(
459	date,
460	time,
461	user_id,
462	IP,
463	section,
464	category_id,
465	image_id,
466	image_type,
467	tag_ids
468	)
469	VALUES
470	(
471	CURRENT_DATE,
472	CURRENT_TIME,
473	'.$user['id'].',
474	\''.$_SERVER['REMOTE_ADDR'].'\',
475	'.(isset($page['section']) ? "'".$page['section']."'" : 'NULL').',
476	'.(isset($page['category']['id']) ? $page['category']['id'] : 'NULL').',
477	'.(isset($image_id) ? $image_id : 'NULL').',
478	'.(isset($image_type) ? "'".$image_type."'" : 'NULL').',
479	'.(isset($tags_string) ? "'".$tags_string."'" : 'NULL').'
480	)
481	;';
482	pwg_query($query);
483
484	return true;
485	}
486
487	// format_date returns a formatted date for display. The date given in
488	// argument must be an american format (2003-09-15). By option, you can show the time.
489	// The output is internationalized.
490	//
491	// format_date( "2003-09-15", true ) -> "Monday 15 September 2003 21:52"
492	function format_date($date, $show_time = false)
493	{
494	global $lang;
495
496	if (strpos($date, '0') == 0)
497	{
498	return l10n('N/A');
499	}
500
501	$ymdhms = array();
502	$tok = strtok( $date, '- :');
503	while ($tok !== false)
504	{
505	$ymdhms[] = $tok;
506	$tok = strtok('- :');
507	}
508
509	if ( count($ymdhms)<3 )
510	{
511	return false;
512	}
513
514	$formated_date = '';
515	// before 1970, Microsoft Windows can't mktime
516	if ($ymdhms[0] >= 1970)
517	{
518	// we ask midday because Windows think it's prior to midnight with a
519	// zero and refuse to work
520	$formated_date.= $lang['day'][date('w', mktime(12,0,0,$ymdhms[1],$ymdhms[2],$ymdhms[0]))];
521	}
522	$formated_date.= ' '.$ymdhms[2];
523	$formated_date.= ' '.$lang['month'][(int)$ymdhms[1]];
524	$formated_date.= ' '.$ymdhms[0];
525	if ($show_time and count($ymdhms)>=5 )
526	{
527	$formated_date.= ' '.$ymdhms[3].':'.$ymdhms[4];
528	}
529	return $formated_date;
530	}
531
532	function pwg_debug( $string )
533	{
534	global $debug,$t2,$page;
535
536	$now = explode( ' ', microtime() );
537	$now2 = explode( '.', $now[0] );
538	$now2 = $now[1].'.'.$now2[1];
539	$time = number_format( $now2 - $t2, 3, '.', ' ').' s';
540	$debug .= '<p>';
541	$debug.= '['.$time.', ';
542	$debug.= $page['count_queries'].' queries] : '.$string;
543	$debug.= "</p>\n";
544	}
545
546	/**
547	* Redirects to the given URL (HTTP method)
548	*
549	* Note : once this function called, the execution doesn't go further
550	* (presence of an exit() instruction.
551	*
552	* @param string $url
553	* @return void
554	*/
555	function redirect_http( $url )
556	{
557	if (ob_get_length () !== FALSE)
558	{
559	ob_clean();
560	}
561	// default url is on html format
562	$url = html_entity_decode($url);
563	header('Request-URI: '.$url);
564	header('Content-Location: '.$url);
565	header('Location: '.$url);
566	exit();
567	}
568
569	/**
570	* Redirects to the given URL (HTML method)
571	*
572	* Note : once this function called, the execution doesn't go further
573	* (presence of an exit() instruction.
574	*
575	* @param string $url
576	* @param string $title_msg
577	* @param integer $refreh_time
578	* @return void
579	*/
580	function redirect_html( $url , $msg = '', $refresh_time = 0)
581	{
582	global $user, $template, $lang_info, $conf, $lang, $t2, $page, $debug;
583
584	if (!isset($lang_info) \|\| !isset($template) )
585	{
586	$user = build_user( $conf['guest_id'], true);
587	load_language('common.lang');
588	trigger_action('loading_lang');
589	load_language('lang', PHPWG_ROOT_PATH.PWG_LOCAL_DIR, array('no_fallback'=>true, 'local'=>true) );
590	$template = new Template(PHPWG_ROOT_PATH.'themes', get_default_theme());
591	}
592	elseif (defined('IN_ADMIN') and IN_ADMIN)
593	{
594	$template = new Template(PHPWG_ROOT_PATH.'themes', get_default_theme());
595	}
596
597	if (empty($msg))
598	{
599	$msg = nl2br(l10n('Redirection...'));
600	}
601
602	$refresh = $refresh_time;
603	$url_link = $url;
604	$title = 'redirection';
605
606	$template->set_filenames( array( 'redirect' => 'redirect.tpl' ) );
607
608	include( PHPWG_ROOT_PATH.'include/page_header.php' );
609
610	$template->set_filenames( array( 'redirect' => 'redirect.tpl' ) );
611	$template->assign('REDIRECT_MSG', $msg);
612
613	$template->parse('redirect');
614
615	include( PHPWG_ROOT_PATH.'include/page_tail.php' );
616
617	exit();
618	}
619
620	/**
621	* Redirects to the given URL (Switch to HTTP method or HTML method)
622	*
623	* Note : once this function called, the execution doesn't go further
624	* (presence of an exit() instruction.
625	*
626	* @param string $url
627	* @param string $title_msg
628	* @param integer $refreh_time
629	* @return void
630	*/
631	function redirect( $url , $msg = '', $refresh_time = 0)
632	{
633	global $conf;
634
635	// with RefeshTime <> 0, only html must be used
636	if ($conf['default_redirect_method']=='http'
637	and $refresh_time==0
638	and !headers_sent()
639	)
640	{
641	redirect_http($url);
642	}
643	else
644	{
645	redirect_html($url, $msg, $refresh_time);
646	}
647	}
648
649	/**
650	* returns $_SERVER['QUERY_STRING'] whitout keys given in parameters
651	*
652	* @param array $rejects
653	* @param boolean $escape - if true escape & to & (for html)
654	* @returns string
655	*/
656	function get_query_string_diff($rejects=array(), $escape=true)
657	{
658	$query_string = '';
659
660	$str = $_SERVER['QUERY_STRING'];
661	parse_str($str, $vars);
662
663	$is_first = true;
664	foreach ($vars as $key => $value)
665	{
666	if (!in_array($key, $rejects))
667	{
668	$query_string.= $is_first ? '?' : ($escape ? '&' : '&' );
669	$is_first = false;
670	$query_string.= $key.'='.$value;
671	}
672	}
673
674	return $query_string;
675	}
676
677	function url_is_remote($url)
678	{
679	if ( strncmp($url, 'http://', 7)==0
680	or strncmp($url, 'https://', 8)==0 )
681	{
682	return true;
683	}
684	return false;
685	}
686
687	/**
688	* returns available themes
689	*/
690	function get_pwg_themes()
691	{
692	global $conf;
693
694	$themes = array();
695
696	$query = '
697	SELECT
698	id,
699	name
700	FROM '.THEMES_TABLE.'
701	ORDER BY name ASC
702	;';
703	$result = pwg_query($query);
704	while ($row = pwg_db_fetch_assoc($result))
705	{
706	if (check_theme_installed($row['id']))
707	{
708	$themes[ $row['id'] ] = $row['name'];
709	}
710	}
711
712	// plugins want remove some themes based on user status maybe?
713	$themes = trigger_event('get_pwg_themes', $themes);
714
715	return $themes;
716	}
717
718	function check_theme_installed($theme_id)
719	{
720	global $conf;
721
722	return file_exists($conf['themes_dir'].'/'.$theme_id.'/'.'themeconf.inc.php');
723	}
724
725	/* Returns the PATH to the thumbnail to be displayed. If the element does not
726	* have a thumbnail, the default mime image path is returned. The PATH can be
727	* used in the php script, but not sent to the browser.
728	* @param array element_info assoc array containing element info from db
729	* at least 'path', 'tn_ext' and 'id' should be present
730	*/
731	function get_thumbnail_path($element_info)
732	{
733	$path = get_thumbnail_location($element_info);
734	if ( !url_is_remote($path) )
735	{
736	$path = PHPWG_ROOT_PATH.$path;
737	}
738	return $path;
739	}
740
741	/* Returns the URL of the thumbnail to be displayed. If the element does not
742	* have a thumbnail, the default mime image url is returned. The URL can be
743	* sent to the browser, but not used in the php script.
744	* @param array element_info assoc array containing element info from db
745	* at least 'path', 'tn_ext' and 'id' should be present
746	*/
747	function get_thumbnail_url($element_info)
748	{
749	$loc = $url = get_thumbnail_location($element_info);
750	if ( !url_is_remote($loc) )
751	{
752	$url = (get_root_url().$loc);
753	}
754	// plugins want another url ?
755	$url = trigger_event('get_thumbnail_url', $url, $element_info, $loc);
756	return embellish_url($url);
757	}
758
759	/* returns the relative path of the thumnail with regards to to the root
760	of piwigo (not the current page!).This function is not intended to be
761	called directly from code.*/
762	function get_thumbnail_location($element_info)
763	{
764	global $conf;
765	if ( !empty( $element_info['tn_ext'] ) )
766	{
767	$path = substr_replace(
768	get_filename_wo_extension($element_info['path']),
769	'/'.$conf['dir_thumbnail'].'/'.$conf['prefix_thumbnail'],
770	strrpos($element_info['path'],'/'),
771	1
772	);
773	$path.= '.'.$element_info['tn_ext'];
774	}
775	else
776	{
777	$path = get_themeconf('mime_icon_dir')
778	.strtolower(get_extension($element_info['path'])).'.png';
779	// plugins want another location ?
780	$path = trigger_event( 'get_thumbnail_location', $path, $element_info);
781	}
782	return $path;
783	}
784
785	/* returns the title of the thumnail */
786	function get_thumbnail_title($element_info)
787	{
788	// message in title for the thumbnail
789	if (isset($element_info['file']))
790	{
791	$thumbnail_title = $element_info['file'];
792	}
793	else
794	{
795	$thumbnail_title = '';
796	}
797
798	if (!empty($element_info['filesize']))
799	{
800	$thumbnail_title .= ' : '.sprintf(l10n('%d Kb'), $element_info['filesize']);
801	}
802
803	return $thumbnail_title;
804	}
805
806	/**
807	* fill the current user caddie with given elements, if not already in
808	* caddie
809	*
810	* @param array elements_id
811	*/
812	function fill_caddie($elements_id)
813	{
814	global $user;
815
816	$query = '
817	SELECT element_id
818	FROM '.CADDIE_TABLE.'
819	WHERE user_id = '.$user['id'].'
820	;';
821	$in_caddie = array_from_query($query, 'element_id');
822
823	$caddiables = array_diff($elements_id, $in_caddie);
824
825	$datas = array();
826
827	foreach ($caddiables as $caddiable)
828	{
829	array_push($datas, array('element_id' => $caddiable,
830	'user_id' => $user['id']));
831	}
832
833	if (count($caddiables) > 0)
834	{
835	mass_inserts(CADDIE_TABLE, array('element_id','user_id'), $datas);
836	}
837	}
838
839	/**
840	* returns the element name from its filename
841	*
842	* @param string filename
843	* @return string name
844	*/
845	function get_name_from_file($filename)
846	{
847	return str_replace('_',' ',get_filename_wo_extension($filename));
848	}
849
850	/**
851	* returns the corresponding value from $lang if existing. Else, the key is
852	* returned
853	*
854	* @param string key
855	* @return string
856	*/
857	function l10n($key, $textdomain='messages')
858	{
859	global $lang, $conf;
860
861	if ($conf['debug_l10n'] and !isset($lang[$key]) and !empty($key))
862	{
863	trigger_error('[l10n] language key "'.$key.'" is not defined', E_USER_WARNING);
864	}
865
866	return isset($lang[$key]) ? $lang[$key] : $key;
867	}
868
869	/**
870	* returns the prinft value for strings including %d
871	* return is concorded with decimal value (singular, plural)
872	*
873	* @param singular string key
874	* @param plural string key
875	* @param decimal value
876	* @return string
877	*/
878	function l10n_dec($singular_fmt_key, $plural_fmt_key, $decimal)
879	{
880	global $lang_info;
881
882	return
883	sprintf(
884	l10n((
885	(($decimal > 1) or ($decimal == 0 and $lang_info['zero_plural']))
886	? $plural_fmt_key
887	: $singular_fmt_key
888	)), $decimal);
889	}
890
891	/*
892	* returns a single element to use with l10n_args
893	*
894	* @param string key: translation key
895	* @param array/string/../number args:
896	* arguments to use on sprintf($key, args)
897	* if args is a array, each values are used on sprintf
898	* @return string
899	*/
900	function get_l10n_args($key, $args)
901	{
902	if (is_array($args))
903	{
904	$key_arg = array_merge(array($key), $args);
905	}
906	else
907	{
908	$key_arg = array($key, $args);
909	}
910	return array('key_args' => $key_arg);
911	}
912
913	/*
914	* returns a string with formated with l10n_args elements
915	*
916	* @param element/array $key_args: element or array of l10n_args elements
917	* @param $sep: if $key_args is array,
918	* separator is used when translated l10n_args elements are concated
919	* @return string
920	*/
921	function l10n_args($key_args, $sep = "\n")
922	{
923	if (is_array($key_args))
924	{
925	foreach ($key_args as $key => $element)
926	{
927	if (isset($result))
928	{
929	$result .= $sep;
930	}
931	else
932	{
933	$result = '';
934	}
935
936	if ($key === 'key_args')
937	{
938	array_unshift($element, l10n(array_shift($element)));
939	$result .= call_user_func_array('sprintf', $element);
940	}
941	else
942	{
943	$result .= l10n_args($element, $sep);
944	}
945	}
946	}
947	else
948	{
949	fatal_error('l10n_args: Invalid arguments');
950	}
951
952	return $result;
953	}
954
955	/**
956	* returns the corresponding value from $themeconf if existing. Else, the
957	* key is returned
958	*
959	* @param string key
960	* @return string
961	*/
962	function get_themeconf($key)
963	{
964	global $template;
965
966	return $template->get_themeconf($key);
967	}
968
969	/**
970	* Returns webmaster mail address depending on $conf['webmaster_id']
971	*
972	* @return string
973	*/
974	function get_webmaster_mail_address()
975	{
976	global $conf;
977
978	$query = '
979	SELECT '.$conf['user_fields']['email'].'
980	FROM '.USERS_TABLE.'
981	WHERE '.$conf['user_fields']['id'].' = '.$conf['webmaster_id'].'
982	;';
983	list($email) = pwg_db_fetch_row(pwg_query($query));
984
985	return $email;
986	}
987
988	/**
989	* Add configuration parameters from database to global $conf array
990	*
991	* @return void
992	*/
993	function load_conf_from_db($condition = '')
994	{
995	global $conf;
996
997	$query = '
998	SELECT param, value
999	FROM '.CONFIG_TABLE.'
1000	'.(!empty($condition) ? 'WHERE '.$condition : '').'
1001	;';
1002	$result = pwg_query($query);
1003
1004	if ((pwg_db_num_rows($result) == 0) and !empty($condition))
1005	{
1006	fatal_error('No configuration data');
1007	}
1008
1009	while ($row = pwg_db_fetch_assoc($result))
1010	{
1011	$conf[ $row['param'] ] = isset($row['value']) ? $row['value'] : '';
1012
1013	// If the field is true or false, the variable is transformed into a
1014	// boolean value.
1015	if ($conf[$row['param']] == 'true' or $conf[$row['param']] == 'false')
1016	{
1017	$conf[ $row['param'] ] = get_boolean($conf[ $row['param'] ]);
1018	}
1019	}
1020	}
1021
1022	function conf_update_param($param, $value)
1023	{
1024	$query = '
1025	SELECT
1026	param,
1027	value
1028	FROM '.CONFIG_TABLE.'
1029	WHERE param = \''.$param.'\'
1030	;';
1031	$params = array_from_query($query, 'param');
1032
1033	if (count($params) == 0)
1034	{
1035	$query = '
1036	INSERT
1037	INTO '.CONFIG_TABLE.'
1038	(param, value)
1039	VALUES(\''.$param.'\', \''.$value.'\')
1040	;';
1041	pwg_query($query);
1042	}
1043	else
1044	{
1045	$query = '
1046	UPDATE '.CONFIG_TABLE.'
1047	SET value = \''.$value.'\'
1048	WHERE param = \''.$param.'\'
1049	;';
1050	pwg_query($query);
1051	}
1052	}
1053
1054	/**
1055	* Prepends and appends a string at each value of the given array.
1056	*
1057	* @param array
1058	* @param string prefix to each array values
1059	* @param string suffix to each array values
1060	*/
1061	function prepend_append_array_items($array, $prepend_str, $append_str)
1062	{
1063	array_walk(
1064	$array,
1065	create_function('&$s', '$s = "'.$prepend_str.'".$s."'.$append_str.'";')
1066	);
1067
1068	return $array;
1069	}
1070
1071	/**
1072	* creates an hashed based on a query, this function is a very common
1073	* pattern used here. Among the selected columns fetched, choose one to be
1074	* the key, another one to be the value.
1075	*
1076	* @param string $query
1077	* @param string $keyname
1078	* @param string $valuename
1079	* @return array
1080	*/
1081	function simple_hash_from_query($query, $keyname, $valuename)
1082	{
1083	$array = array();
1084
1085	$result = pwg_query($query);
1086	while ($row = pwg_db_fetch_assoc($result))
1087	{
1088	$array[ $row[$keyname] ] = $row[$valuename];
1089	}
1090
1091	return $array;
1092	}
1093
1094	/**
1095	* creates an hashed based on a query, this function is a very common
1096	* pattern used here. The key is given as parameter, the value is an associative
1097	* array.
1098	*
1099	* @param string $query
1100	* @param string $keyname
1101	* @return array
1102	*/
1103	function hash_from_query($query, $keyname)
1104	{
1105	$array = array();
1106	$result = pwg_query($query);
1107	while ($row = pwg_db_fetch_assoc($result))
1108	{
1109	$array[ $row[$keyname] ] = $row;
1110	}
1111	return $array;
1112	}
1113
1114	/**
1115	* Return basename of the current script
1116	* Lower case convertion is applied on return value
1117	* Return value is without file extention ".php"
1118	*
1119	* @param void
1120	*
1121	* @return script basename
1122	*/
1123	function script_basename()
1124	{
1125	global $conf;
1126
1127	foreach (array('SCRIPT_NAME', 'SCRIPT_FILENAME', 'PHP_SELF') as $value)
1128	{
1129	if (!empty($_SERVER[$value]))
1130	{
1131	$filename = strtolower($_SERVER[$value]);
1132	if ($conf['php_extension_in_urls'] and get_extension($filename)!=='php')
1133	continue;
1134	$basename = basename($filename, '.php');
1135	if (!empty($basename))
1136	{
1137	return $basename;
1138	}
1139	}
1140	}
1141	return '';
1142	}
1143
1144	/**
1145	* Return value for the current page define on $conf['filter_pages']
1146	* Îf value is not defined, default value are returned
1147	*
1148	* @param value name
1149	*
1150	* @return filter page value
1151	*/
1152	function get_filter_page_value($value_name)
1153	{
1154	global $conf;
1155
1156	$page_name = script_basename();
1157
1158	if (isset($conf['filter_pages'][$page_name][$value_name]))
1159	{
1160	return $conf['filter_pages'][$page_name][$value_name];
1161	}
1162	else if (isset($conf['filter_pages']['default'][$value_name]))
1163	{
1164	return $conf['filter_pages']['default'][$value_name];
1165	}
1166	else
1167	{
1168	return null;
1169	}
1170	}
1171
1172	/**
1173	* returns the character set of data sent to browsers / received from forms
1174	*/
1175	function get_pwg_charset()
1176	{
1177	$pwg_charset = 'utf-8';
1178	if (defined('PWG_CHARSET'))
1179	{
1180	$pwg_charset = PWG_CHARSET;
1181	}
1182	return $pwg_charset;
1183	}
1184
1185	/**
1186	* includes a language file or returns the content of a language file
1187	* availability of the file
1188	*
1189	* in descending order of preference:
1190	* param language, user language, default language
1191	* Piwigo default language.
1192	*
1193	* @param string filename
1194	* @param string dirname
1195	* @param mixed options can contain
1196	* language - language to load (if empty uses user language)
1197	* return - if true the file content is returned otherwise the file is evaluated as php
1198	* target_charset -
1199	* no_fallback - the language must be respected
1200	* local - if true, get local language file
1201	* @return boolean success status or a string if options['return'] is true
1202	*/
1203	function load_language($filename, $dirname = '',
1204	$options = array() )
1205	{
1206	global $user;
1207
1208	if (! @$options['return'] )
1209	{
1210	$filename .= '.php'; //MAYBE to do .. load .po and .mo localization files
1211	}
1212	if (empty($dirname))
1213	{
1214	$dirname = PHPWG_ROOT_PATH;
1215	}
1216	$dirname .= 'language/';
1217
1218	$languages = array();
1219	if ( !empty($options['language']) )
1220	{
1221	$languages[] = $options['language'];
1222	}
1223	if ( !empty($user['language']) )
1224	{
1225	$languages[] = $user['language'];
1226	}
1227	if ( ! @$options['no_fallback'] )
1228	{
1229	if ( defined('PHPWG_INSTALLED') )
1230	{
1231	$languages[] = get_default_language();
1232	}
1233	$languages[] = PHPWG_DEFAULT_LANGUAGE;
1234	}
1235
1236	$languages = array_unique($languages);
1237
1238	if ( empty($options['target_charset']) )
1239	{
1240	$target_charset = get_pwg_charset();
1241	}
1242	else
1243	{
1244	$target_charset = $options['target_charset'];
1245	}
1246	$target_charset = strtolower($target_charset);
1247	$source_file = '';
1248	foreach ($languages as $language)
1249	{
1250	$f = @$options['local'] ?
1251	$dirname.$language.'.'.$filename:
1252	$dirname.$language.'/'.$filename;
1253
1254	if (file_exists($f))
1255	{
1256	$source_file = $f;
1257	break;
1258	}
1259	}
1260
1261	if ( !empty($source_file) )
1262	{
1263	if (! @$options['return'] )
1264	{
1265	@include($source_file);
1266	$load_lang = @$lang;
1267	$load_lang_info = @$lang_info;
1268
1269	global $lang, $lang_info;
1270	if ( !isset($lang) ) $lang=array();
1271	if ( !isset($lang_info) ) $lang_info=array();
1272
1273	if ( 'utf-8'!=$target_charset)
1274	{
1275	if ( is_array($load_lang) )
1276	{
1277	foreach ($load_lang as $k => $v)
1278	{
1279	if ( is_array($v) )
1280	{
1281	$func = create_function('$v', 'return convert_charset($v, "utf-8", "'.$target_charset.'");' );
1282	$lang[$k] = array_map($func, $v);
1283	}
1284	else
1285	$lang[$k] = convert_charset($v, 'utf-8', $target_charset);
1286	}
1287	}
1288	if ( is_array($load_lang_info) )
1289	{
1290	foreach ($load_lang_info as $k => $v)
1291	{
1292	$lang_info[$k] = convert_charset($v, 'utf-8', $target_charset);
1293	}
1294	}
1295	}
1296	else
1297	{
1298	$lang = array_merge( $lang, (array)$load_lang );
1299	$lang_info = array_merge( $lang_info, (array)$load_lang_info );
1300	}
1301	return true;
1302	}
1303	else
1304	{
1305	$content = @file_get_contents($source_file);
1306	$content = convert_charset($content, 'utf-8', $target_charset);
1307	return $content;
1308	}
1309	}
1310	return false;
1311	}
1312
1313	/**
1314	* converts a string from a character set to another character set
1315	* @param string str the string to be converted
1316	* @param string source_charset the character set in which the string is encoded
1317	* @param string dest_charset the destination character set
1318	*/
1319	function convert_charset($str, $source_charset, $dest_charset)
1320	{
1321	if ($source_charset==$dest_charset)
1322	return $str;
1323	if ($source_charset=='iso-8859-1' and $dest_charset=='utf-8')
1324	{
1325	return utf8_encode($str);
1326	}
1327	if ($source_charset=='utf-8' and $dest_charset=='iso-8859-1')
1328	{
1329	return utf8_decode($str);
1330	}
1331	if (function_exists('iconv'))
1332	{
1333	return iconv($source_charset, $dest_charset, $str);
1334	}
1335	if (function_exists('mb_convert_encoding'))
1336	{
1337	return mb_convert_encoding( $str, $dest_charset, $source_charset );
1338	}
1339	return $str; //???
1340	}
1341
1342	/**
1343	* makes sure a index.htm protects the directory from browser file listing
1344	*
1345	* @param string dir directory
1346	*/
1347	function secure_directory($dir)
1348	{
1349	$file = $dir.'/index.htm';
1350	if (!file_exists($file))
1351	{
1352	@file_put_contents($file, 'Not allowed!');
1353	}
1354	}
1355
1356	/**
1357	* returns a "secret key" that is to be sent back when a user posts a form
1358	*
1359	* @param int valid_after_seconds - key validity start time from now
1360	*/
1361	function get_ephemeral_key($valid_after_seconds, $aditionnal_data_to_hash = '')
1362	{
1363	global $conf;
1364	$time = round(microtime(true), 1);
1365	return $time.':'.$valid_after_seconds.':'
1366	.hash_hmac(
1367	'md5',
1368	$time.substr($_SERVER['REMOTE_ADDR'],0,5).$valid_after_seconds.$aditionnal_data_to_hash,
1369	$conf['secret_key']);
1370	}
1371
1372	function verify_ephemeral_key($key, $aditionnal_data_to_hash = '')
1373	{
1374	global $conf;
1375	$time = microtime(true);
1376	$key = explode( ':', @$key );
1377	if ( count($key)!=3
1378	or $key[0]>$time-(float)$key[1] // page must have been retrieved more than X sec ago
1379	or $key[0]<$time-3600 // 60 minutes expiration
1380	or hash_hmac(
1381	'md5', $key[0].substr($_SERVER['REMOTE_ADDR'],0,5).$key[1].$aditionnal_data_to_hash, $conf['secret_key']
1382	) != $key[2]
1383	)
1384	{
1385	return false;
1386	}
1387	return true;
1388	}
1389
1390	/**
1391	* return an array which will be sent to template to display navigation bar
1392	*/
1393	function create_navigation_bar($url, $nb_element, $start, $nb_element_page, $clean_url = false)
1394	{
1395	global $conf;
1396
1397	$navbar = array();
1398	$pages_around = $conf['paginate_pages_around'];
1399	$start_str = $clean_url ? '/start-' : (strpos($url, '?')===false ? '?':'&').'start=';
1400
1401	if (!isset($start) or !is_numeric($start) or (is_numeric($start) and $start < 0))
1402	{
1403	$start = 0;
1404	}
1405
1406	// navigation bar useful only if more than one page to display !
1407	if ($nb_element > $nb_element_page)
1408	{
1409	$cur_page = ceil($start / $nb_element_page) + 1;
1410	$maximum = ceil($nb_element / $nb_element_page);
1411	$previous = $start - $nb_element_page;
1412	$next = $start + $nb_element_page;
1413	$last = ($maximum - 1) * $nb_element_page;
1414
1415	$navbar['CURRENT_PAGE'] = $cur_page;
1416
1417	// link to first page and previous page?
1418	if ($cur_page != 1)
1419	{
1420	$navbar['URL_FIRST'] = $url;
1421	$navbar['URL_PREV'] = $url.($previous > 0 ? $start_str.$previous : '');
1422	}
1423	// link on next page and last page?
1424	if ($cur_page != $maximum)
1425	{
1426	$navbar['URL_NEXT'] = $url.$start_str.$next;
1427	$navbar['URL_LAST'] = $url.$start_str.$last;
1428	}
1429
1430	// pages to display
1431	$navbar['pages'] = array();
1432	$navbar['pages'][1] = $url;
1433	$navbar['pages'][$maximum] = $url.$start_str.$last;
1434
1435	for ($i = max($cur_page - $pages_around , 2), $stop = min($cur_page + $pages_around + 1, $maximum);
1436	$i < $stop; $i++)
1437	{
1438	$navbar['pages'][$i] = $url.$start_str.(($i - 1) * $nb_element_page);
1439	}
1440	ksort($navbar['pages']);
1441	}
1442	return $navbar;
1443	}
1444
1445	/**
1446	* return an array which will be sent to template to display recent icon
1447	*/
1448	function get_icon($date, $is_child_date = false)
1449	{
1450	global $cache, $user;
1451
1452	if (empty($date))
1453	{
1454	return false;
1455	}
1456
1457	if (!isset($cache['get_icon']['title']))
1458	{
1459	$cache['get_icon']['title'] = sprintf(
1460	l10n('photos posted during the last %d days'),
1461	$user['recent_period']
1462	);
1463	}
1464
1465	$icon = array(
1466	'TITLE' => $cache['get_icon']['title'],
1467	'IS_CHILD_DATE' => $is_child_date,
1468	);
1469
1470	if (isset($cache['get_icon'][$date]))
1471	{
1472	return $cache['get_icon'][$date] ? $icon : array();
1473	}
1474
1475	if (!isset($cache['get_icon']['sql_recent_date']))
1476	{
1477	// Use MySql date in order to standardize all recent "actions/queries"
1478	$cache['get_icon']['sql_recent_date'] = pwg_db_get_recent_period($user['recent_period']);
1479	}
1480
1481	$cache['get_icon'][$date] = $date > $cache['get_icon']['sql_recent_date'];
1482
1483	return $cache['get_icon'][$date] ? $icon : array();
1484	}
1485
1486	/**
1487	* check token comming from form posted or get params to prevent csrf attacks
1488	* if pwg_token is empty action doesn't require token
1489	* else pwg_token is compare to server token
1490	*
1491	* @return void access denied if token given is not equal to server token
1492	*/
1493	function check_pwg_token()
1494	{
1495	if (!empty($_REQUEST['pwg_token']))
1496	{
1497	if (get_pwg_token() != $_REQUEST['pwg_token'])
1498	{
1499	access_denied();
1500	}
1501	}
1502	else
1503	bad_request('missing token');
1504	}
1505
1506	function get_pwg_token()
1507	{
1508	global $conf;
1509
1510	return hash_hmac('md5', session_id(), $conf['secret_key']);
1511	}
1512
1513	/*
1514	* breaks the script execution if the given value doesn't match the given
1515	* pattern. This should happen only during hacking attempts.
1516	*
1517	* @param string param_name
1518	* @param array param_array
1519	* @param boolean is_array
1520	* @param string pattern
1521	*
1522	* @return void
1523	*/
1524	function check_input_parameter($param_name, $param_array, $is_array, $pattern)
1525	{
1526	$param_value = null;
1527	if (isset($param_array[$param_name]))
1528	{
1529	$param_value = $param_array[$param_name];
1530	}
1531
1532	// it's ok if the input parameter is null
1533	if (empty($param_value))
1534	{
1535	return true;
1536	}
1537
1538	if ($is_array)
1539	{
1540	if (!is_array($param_value))
1541	{
1542	fatal_error('[Hacking attempt] the input parameter "'.$param_name.'" should be an array');
1543	}
1544
1545	foreach ($param_value as $item_to_check)
1546	{
1547	if (!preg_match($pattern, $item_to_check))
1548	{
1549	fatal_error('[Hacking attempt] an item is not valid in input parameter "'.$param_name.'"');
1550	}
1551	}
1552	}
1553	else
1554	{
1555	if (!preg_match($pattern, $param_value))
1556	{
1557	fatal_error('[Hacking attempt] the input parameter "'.$param_name.'" is not valid');
1558	}
1559	}
1560	}
1561
1562
1563	function get_privacy_level_options()
1564	{
1565	global $conf;
1566
1567	$options = array();
1568	foreach (array_reverse($conf['available_permission_levels']) as $level)
1569	{
1570	$label = null;
1571
1572	if (0 == $level)
1573	{
1574	$label = l10n('Everybody');
1575	}
1576	else
1577	{
1578	$labels = array();
1579	$sub_levels = array_reverse($conf['available_permission_levels']);
1580	foreach ($sub_levels as $sub_level)
1581	{
1582	if ($sub_level == 0 or $sub_level < $level)
1583	{
1584	break;
1585	}
1586	array_push(
1587	$labels,
1588	l10n(
1589	sprintf(
1590	'Level %d',
1591	$sub_level
1592	)
1593	)
1594	);
1595	}
1596
1597	$label = implode(', ', $labels);
1598	}
1599	$options[$level] = $label;
1600	}
1601	return $options;
1602	}
1603
1604
1605	/**
1606	* return the branch from the version. For example version 2.2.4 is for branch 2.2
1607	*/
1608	function get_branch_from_version($version)
1609	{
1610	return implode('.', array_slice(explode('.', $version), 0, 2));
1611	}
1612	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: