Context Navigation

source: trunk/include/functions.inc.php @ 12541

Last change on this file since 12541 was 12541, checked in by plg, 12 years ago

merge r12540 from branch 2.3 to trunk

bug 2492 fixed: no need to transmit hit to get_thumbnail_title, this parameter becomes optional to avoid errors in plugins

Property svn:eol-style set to LF

File size: 42.0 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based photo gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2011 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	include_once( PHPWG_ROOT_PATH .'include/functions_user.inc.php' );
25	include_once( PHPWG_ROOT_PATH .'include/functions_cookie.inc.php' );
26	include_once( PHPWG_ROOT_PATH .'include/functions_session.inc.php' );
27	include_once( PHPWG_ROOT_PATH .'include/functions_category.inc.php' );
28	include_once( PHPWG_ROOT_PATH .'include/functions_xml.inc.php' );
29	include_once( PHPWG_ROOT_PATH .'include/functions_html.inc.php' );
30	include_once( PHPWG_ROOT_PATH .'include/functions_tag.inc.php' );
31	include_once( PHPWG_ROOT_PATH .'include/functions_url.inc.php' );
32	include_once( PHPWG_ROOT_PATH .'include/functions_plugins.inc.php' );
33
34	//----------------------------------------------------------- generic functions
35
36	/**
37	* stupidly returns the current microsecond since Unix epoch
38	*/
39	function micro_seconds()
40	{
41	$t1 = explode(' ', microtime());
42	$t2 = explode('.', $t1[0]);
43	$t2 = $t1[1].substr($t2[1], 0, 6);
44	return $t2;
45	}
46
47	// The function get_moment returns a float value coresponding to the number
48	// of seconds since the unix epoch (1st January 1970) and the microseconds
49	// are precised : e.g. 1052343429.89276600
50	function get_moment()
51	{
52	$t1 = explode( ' ', microtime() );
53	$t2 = explode( '.', $t1[0] );
54	$t2 = $t1[1].'.'.$t2[1];
55	return $t2;
56	}
57
58	// The function get_elapsed_time returns the number of seconds (with 3
59	// decimals precision) between the start time and the end time given.
60	function get_elapsed_time( $start, $end )
61	{
62	return number_format( $end - $start, 3, '.', ' ').' s';
63	}
64
65	// - The replace_space function replaces space and '-' characters
66	// by their HTML equivalent &nbsb; and −
67	// - The function does not replace characters in HTML tags
68	// - This function was created because IE5 does not respect the
69	// CSS "white-space: nowrap;" property unless space and minus
70	// characters are replaced like this function does.
71	// - Example :
72	// <div class="foo">My friend</div>
73	// ( 01234567891111111111222222222233 )
74	// ( 0123456789012345678901 )
75	// becomes :
76	// <div class="foo">My friend</div>
77	function replace_space( $string )
78	{
79	//return $string;
80	$return_string = '';
81	// $remaining is the rest of the string where to replace spaces characters
82	$remaining = $string;
83	// $start represents the position of the next '<' character
84	// $end represents the position of the next '>' character
85	; // -> 0
86	$end = strpos ( $remaining, '>' ); // -> 16
87	// as long as a '<' and his friend '>' are found, we loop
88	while ( ($start=strpos( $remaining, '<' )) !==false
89	and ($end=strpos( $remaining, '>' )) !== false )
90	{
91	// $treatment is the part of the string to treat
92	// In the first loop of our example, this variable is empty, but in the
93	// second loop, it equals 'My friend'
94	$treatment = substr ( $remaining, 0, $start );
95	// Replacement of ' ' by his equivalent ' '
96	$treatment = str_replace( ' ', ' ', $treatment );
97	$treatment = str_replace( '-', '−', $treatment );
98	// composing the string to return by adding the treated string and the
99	// following HTML tag -> 'My friend</div>'
100	$return_string.= $treatment.substr( $remaining, $start, $end-$start+1 );
101	// the remaining string is deplaced to the part after the '>' of this
102	// loop
103	$remaining = substr ( $remaining, $end + 1, strlen( $remaining ) );
104	}
105	$treatment = str_replace( ' ', ' ', $remaining );
106	$treatment = str_replace( '-', '−', $treatment );
107	$return_string.= $treatment;
108
109	return $return_string;
110	}
111
112	// get_extension returns the part of the string after the last "."
113	function get_extension( $filename )
114	{
115	return substr( strrchr( $filename, '.' ), 1, strlen ( $filename ) );
116	}
117
118	// get_filename_wo_extension returns the part of the string before the last
119	// ".".
120	// get_filename_wo_extension( 'test.tar.gz' ) -> 'test.tar'
121	function get_filename_wo_extension( $filename )
122	{
123	$pos = strrpos( $filename, '.' );
124	return ($pos===false) ? $filename : substr( $filename, 0, $pos);
125	}
126
127	/**
128	* returns an array contening sub-directories, excluding ".svn"
129	*
130	* @param string $dir
131	* @return array
132	*/
133	function get_dirs($directory)
134	{
135	$sub_dirs = array();
136	if ($opendir = opendir($directory))
137	{
138	while ($file = readdir($opendir))
139	{
140	if ($file != '.'
141	and $file != '..'
142	and is_dir($directory.'/'.$file)
143	and $file != '.svn')
144	{
145	array_push($sub_dirs, $file);
146	}
147	}
148	closedir($opendir);
149	}
150	return $sub_dirs;
151	}
152
153	define('MKGETDIR_NONE', 0);
154	define('MKGETDIR_RECURSIVE', 1);
155	define('MKGETDIR_DIE_ON_ERROR', 2);
156	define('MKGETDIR_PROTECT_INDEX', 4);
157	define('MKGETDIR_PROTECT_HTACCESS', 8);
158	define('MKGETDIR_DEFAULT', 7);
159	/**
160	* creates directory if not exists; ensures that directory is writable
161	* @param:
162	* string $dir
163	* int $flags combination of MKGETDIR_xxx
164	* @return bool false on error else true
165	*/
166	function mkgetdir($dir, $flags=MKGETDIR_DEFAULT)
167	{
168	if ( !is_dir($dir) )
169	{
170	if (substr(PHP_OS, 0, 3) == 'WIN')
171	{
172	$dir = str_replace('/', DIRECTORY_SEPARATOR, $dir);
173	}
174	$umask = umask(0);
175	$mkd = @mkdir($dir, 0755, ($flags&MKGETDIR_RECURSIVE) ? true:false );
176	umask($umask);
177	if ($mkd==false)
178	{
179	!($flags&MKGETDIR_DIE_ON_ERROR) or fatal_error( "$dir ".l10n('no write access'));
180	return false;
181	}
182	if( $flags&MKGETDIR_PROTECT_HTACCESS )
183	{
184	$file = $dir.'/.htaccess';
185	file_exists($file) or @file_put_contents( $file, 'deny from all' );
186	}
187	if( $flags&MKGETDIR_PROTECT_INDEX )
188	{
189	$file = $dir.'/index.htm';
190	file_exists($file) or @file_put_contents( $file, 'Not allowed!' );
191	}
192	}
193	if ( !is_writable($dir) )
194	{
195	!($flags&MKGETDIR_DIE_ON_ERROR) or fatal_error( "$dir ".l10n('no write access'));
196	return false;
197	}
198	return true;
199	}
200
201	/**
202	* returns thumbnail directory name of input diretoty name
203	* make thumbnail directory is necessary
204	* set error messages on array messages
205	*
206	* @param:
207	* string $dirname
208	* arrayy $errors
209	* @return bool false on error else string directory name
210	*/
211	function mkget_thumbnail_dir($dirname, &$errors)
212	{
213	global $conf;
214
215	$tndir = $dirname.'/'.$conf['dir_thumbnail'];
216	if (! mkgetdir($tndir, MKGETDIR_NONE) )
217	{
218	array_push($errors,
219	'['.$dirname.'] : '.l10n('no write access'));
220	return false;
221	}
222	return $tndir;
223	}
224
225	/* Returns true if the string appears to be encoded in UTF-8. (from wordpress)
226	* @param string Str
227	*/
228	function seems_utf8($Str) { # by bmorel at ssi dot fr
229	for ($i=0; $i<strlen($Str); $i++) {
230	if (ord($Str[$i]) < 0x80) continue; # 0bbbbbbb
231	elseif ((ord($Str[$i]) & 0xE0) == 0xC0) $n=1; # 110bbbbb
232	elseif ((ord($Str[$i]) & 0xF0) == 0xE0) $n=2; # 1110bbbb
233	elseif ((ord($Str[$i]) & 0xF8) == 0xF0) $n=3; # 11110bbb
234	elseif ((ord($Str[$i]) & 0xFC) == 0xF8) $n=4; # 111110bb
235	elseif ((ord($Str[$i]) & 0xFE) == 0xFC) $n=5; # 1111110b
236	else return false; # Does not match any model
237	for ($j=0; $j<$n; $j++) { # n bytes matching 10bbbbbb follow ?
238	if ((++$i == strlen($Str)) \|\| ((ord($Str[$i]) & 0xC0) != 0x80))
239	return false;
240	}
241	}
242	return true;
243	}
244
245	/* Remove accents from a UTF-8 or ISO-859-1 string (from wordpress)
246	* @param string sstring - an UTF-8 or ISO-8859-1 string
247	*/
248	function remove_accents($string)
249	{
250	if ( !preg_match('/[\x80-\xff]/', $string) )
251	return $string;
252
253	if (seems_utf8($string)) {
254	$chars = array(
255	// Decompositions for Latin-1 Supplement
256	"\xc3\x80"=>'A', "\xc3\x81"=>'A',
257	"\xc3\x82"=>'A', "\xc3\x83"=>'A',
258	"\xc3\x84"=>'A', "\xc3\x85"=>'A',
259	"\xc3\x87"=>'C', "\xc3\x88"=>'E',
260	"\xc3\x89"=>'E', "\xc3\x8a"=>'E',
261	"\xc3\x8b"=>'E', "\xc3\x8c"=>'I',
262	"\xc3\x8d"=>'I', "\xc3\x8e"=>'I',
263	"\xc3\x8f"=>'I', "\xc3\x91"=>'N',
264	"\xc3\x92"=>'O', "\xc3\x93"=>'O',
265	"\xc3\x94"=>'O', "\xc3\x95"=>'O',
266	"\xc3\x96"=>'O', "\xc3\x99"=>'U',
267	"\xc3\x9a"=>'U', "\xc3\x9b"=>'U',
268	"\xc3\x9c"=>'U', "\xc3\x9d"=>'Y',
269	"\xc3\x9f"=>'s', "\xc3\xa0"=>'a',
270	"\xc3\xa1"=>'a', "\xc3\xa2"=>'a',
271	"\xc3\xa3"=>'a', "\xc3\xa4"=>'a',
272	"\xc3\xa5"=>'a', "\xc3\xa7"=>'c',
273	"\xc3\xa8"=>'e', "\xc3\xa9"=>'e',
274	"\xc3\xaa"=>'e', "\xc3\xab"=>'e',
275	"\xc3\xac"=>'i', "\xc3\xad"=>'i',
276	"\xc3\xae"=>'i', "\xc3\xaf"=>'i',
277	"\xc3\xb1"=>'n', "\xc3\xb2"=>'o',
278	"\xc3\xb3"=>'o', "\xc3\xb4"=>'o',
279	"\xc3\xb5"=>'o', "\xc3\xb6"=>'o',
280	"\xc3\xb9"=>'u', "\xc3\xba"=>'u',
281	"\xc3\xbb"=>'u', "\xc3\xbc"=>'u',
282	"\xc3\xbd"=>'y', "\xc3\xbf"=>'y',
283	// Decompositions for Latin Extended-A
284	"\xc4\x80"=>'A', "\xc4\x81"=>'a',
285	"\xc4\x82"=>'A', "\xc4\x83"=>'a',
286	"\xc4\x84"=>'A', "\xc4\x85"=>'a',
287	"\xc4\x86"=>'C', "\xc4\x87"=>'c',
288	"\xc4\x88"=>'C', "\xc4\x89"=>'c',
289	"\xc4\x8a"=>'C', "\xc4\x8b"=>'c',
290	"\xc4\x8c"=>'C', "\xc4\x8d"=>'c',
291	"\xc4\x8e"=>'D', "\xc4\x8f"=>'d',
292	"\xc4\x90"=>'D', "\xc4\x91"=>'d',
293	"\xc4\x92"=>'E', "\xc4\x93"=>'e',
294	"\xc4\x94"=>'E', "\xc4\x95"=>'e',
295	"\xc4\x96"=>'E', "\xc4\x97"=>'e',
296	"\xc4\x98"=>'E', "\xc4\x99"=>'e',
297	"\xc4\x9a"=>'E', "\xc4\x9b"=>'e',
298	"\xc4\x9c"=>'G', "\xc4\x9d"=>'g',
299	"\xc4\x9e"=>'G', "\xc4\x9f"=>'g',
300	"\xc4\xa0"=>'G', "\xc4\xa1"=>'g',
301	"\xc4\xa2"=>'G', "\xc4\xa3"=>'g',
302	"\xc4\xa4"=>'H', "\xc4\xa5"=>'h',
303	"\xc4\xa6"=>'H', "\xc4\xa7"=>'h',
304	"\xc4\xa8"=>'I', "\xc4\xa9"=>'i',
305	"\xc4\xaa"=>'I', "\xc4\xab"=>'i',
306	"\xc4\xac"=>'I', "\xc4\xad"=>'i',
307	"\xc4\xae"=>'I', "\xc4\xaf"=>'i',
308	"\xc4\xb0"=>'I', "\xc4\xb1"=>'i',
309	"\xc4\xb2"=>'IJ', "\xc4\xb3"=>'ij',
310	"\xc4\xb4"=>'J', "\xc4\xb5"=>'j',
311	"\xc4\xb6"=>'K', "\xc4\xb7"=>'k',
312	"\xc4\xb8"=>'k', "\xc4\xb9"=>'L',
313	"\xc4\xba"=>'l', "\xc4\xbb"=>'L',
314	"\xc4\xbc"=>'l', "\xc4\xbd"=>'L',
315	"\xc4\xbe"=>'l', "\xc4\xbf"=>'L',
316	"\xc5\x80"=>'l', "\xc5\x81"=>'L',
317	"\xc5\x82"=>'l', "\xc5\x83"=>'N',
318	"\xc5\x84"=>'n', "\xc5\x85"=>'N',
319	"\xc5\x86"=>'n', "\xc5\x87"=>'N',
320	"\xc5\x88"=>'n', "\xc5\x89"=>'N',
321	"\xc5\x8a"=>'n', "\xc5\x8b"=>'N',
322	"\xc5\x8c"=>'O', "\xc5\x8d"=>'o',
323	"\xc5\x8e"=>'O', "\xc5\x8f"=>'o',
324	"\xc5\x90"=>'O', "\xc5\x91"=>'o',
325	"\xc5\x92"=>'OE', "\xc5\x93"=>'oe',
326	"\xc5\x94"=>'R', "\xc5\x95"=>'r',
327	"\xc5\x96"=>'R', "\xc5\x97"=>'r',
328	"\xc5\x98"=>'R', "\xc5\x99"=>'r',
329	"\xc5\x9a"=>'S', "\xc5\x9b"=>'s',
330	"\xc5\x9c"=>'S', "\xc5\x9d"=>'s',
331	"\xc5\x9e"=>'S', "\xc5\x9f"=>'s',
332	"\xc5\xa0"=>'S', "\xc5\xa1"=>'s',
333	"\xc5\xa2"=>'T', "\xc5\xa3"=>'t',
334	"\xc5\xa4"=>'T', "\xc5\xa5"=>'t',
335	"\xc5\xa6"=>'T', "\xc5\xa7"=>'t',
336	"\xc5\xa8"=>'U', "\xc5\xa9"=>'u',
337	"\xc5\xaa"=>'U', "\xc5\xab"=>'u',
338	"\xc5\xac"=>'U', "\xc5\xad"=>'u',
339	"\xc5\xae"=>'U', "\xc5\xaf"=>'u',
340	"\xc5\xb0"=>'U', "\xc5\xb1"=>'u',
341	"\xc5\xb2"=>'U', "\xc5\xb3"=>'u',
342	"\xc5\xb4"=>'W', "\xc5\xb5"=>'w',
343	"\xc5\xb6"=>'Y', "\xc5\xb7"=>'y',
344	"\xc5\xb8"=>'Y', "\xc5\xb9"=>'Z',
345	"\xc5\xba"=>'z', "\xc5\xbb"=>'Z',
346	"\xc5\xbc"=>'z', "\xc5\xbd"=>'Z',
347	"\xc5\xbe"=>'z', "\xc5\xbf"=>'s',
348	// Euro Sign
349	"\xe2\x82\xac"=>'E',
350	// GBP (Pound) Sign
351	"\xc2\xa3"=>'');
352
353	$string = strtr($string, $chars);
354	} else {
355	// Assume ISO-8859-1 if not UTF-8
356	$chars['in'] = chr(128).chr(131).chr(138).chr(142).chr(154).chr(158)
357	.chr(159).chr(162).chr(165).chr(181).chr(192).chr(193).chr(194)
358	.chr(195).chr(196).chr(197).chr(199).chr(200).chr(201).chr(202)
359	.chr(203).chr(204).chr(205).chr(206).chr(207).chr(209).chr(210)
360	.chr(211).chr(212).chr(213).chr(214).chr(216).chr(217).chr(218)
361	.chr(219).chr(220).chr(221).chr(224).chr(225).chr(226).chr(227)
362	.chr(228).chr(229).chr(231).chr(232).chr(233).chr(234).chr(235)
363	.chr(236).chr(237).chr(238).chr(239).chr(241).chr(242).chr(243)
364	.chr(244).chr(245).chr(246).chr(248).chr(249).chr(250).chr(251)
365	.chr(252).chr(253).chr(255);
366
367	$chars['out'] = "EfSZszYcYuAAAAAACEEEEIIIINOOOOOOUUUUYaaaaaaceeeeiiiinoooooouuuuyy";
368
369	$string = strtr($string, $chars['in'], $chars['out']);
370	$double_chars['in'] = array(chr(140), chr(156), chr(198), chr(208), chr(222), chr(223), chr(230), chr(240), chr(254));
371	$double_chars['out'] = array('OE', 'oe', 'AE', 'DH', 'TH', 'ss', 'ae', 'dh', 'th');
372	$string = str_replace($double_chars['in'], $double_chars['out'], $string);
373	}
374
375	return $string;
376	}
377
378	/**
379	* simplify a string to insert it into an URL
380	*
381	* @param string
382	* @return string
383	*/
384	function str2url($str)
385	{
386	$raw = $str;
387
388	$str = remove_accents($str);
389	$str = preg_replace('/[^a-z0-9_\s\'\:\/\[\],-]/','',strtolower($str));
390	$str = preg_replace('/[\s\'\:\/\[\],-]+/',' ',trim($str));
391	$res = str_replace(' ','_',$str);
392
393	if (empty($res))
394	{
395	$res = str_replace(' ','_', $raw);
396	}
397
398	return $res;
399	}
400
401	//-------------------------------------------- Piwigo specific functions
402
403	/**
404	* returns an array with a list of {language_code => language_name}
405	*
406	* @returns array
407	*/
408	function get_languages()
409	{
410	$query = '
411	SELECT id, name
412	FROM '.LANGUAGES_TABLE.'
413	ORDER BY name ASC
414	;';
415	$result = pwg_query($query);
416
417	$languages = array();
418	while ($row = pwg_db_fetch_assoc($result))
419	{
420	if (is_dir(PHPWG_ROOT_PATH.'language/'.$row['id']))
421	{
422	$languages[ $row['id'] ] = $row['name'];
423	}
424	}
425
426	return $languages;
427	}
428
429	function pwg_log($image_id = null, $image_type = null)
430	{
431	global $conf, $user, $page;
432
433	$do_log = $conf['log'];
434	if (is_admin())
435	{
436	$do_log = $conf['history_admin'];
437	}
438	if (is_a_guest())
439	{
440	$do_log = $conf['history_guest'];
441	}
442
443	$do_log = trigger_event('pwg_log_allowed', $do_log, $image_id, $image_type);
444
445	if (!$do_log)
446	{
447	return false;
448	}
449
450	$tags_string = null;
451	if ('tags'==@$page['section'])
452	{
453	$tags_string = implode(',', $page['tag_ids']);
454	}
455
456	$query = '
457	INSERT INTO '.HISTORY_TABLE.'
458	(
459	date,
460	time,
461	user_id,
462	IP,
463	section,
464	category_id,
465	image_id,
466	image_type,
467	tag_ids
468	)
469	VALUES
470	(
471	CURRENT_DATE,
472	CURRENT_TIME,
473	'.$user['id'].',
474	\''.$_SERVER['REMOTE_ADDR'].'\',
475	'.(isset($page['section']) ? "'".$page['section']."'" : 'NULL').',
476	'.(isset($page['category']['id']) ? $page['category']['id'] : 'NULL').',
477	'.(isset($image_id) ? $image_id : 'NULL').',
478	'.(isset($image_type) ? "'".$image_type."'" : 'NULL').',
479	'.(isset($tags_string) ? "'".$tags_string."'" : 'NULL').'
480	)
481	;';
482	pwg_query($query);
483
484	return true;
485	}
486
487	// format_date returns a formatted date for display. The date given in
488	// argument must be an american format (2003-09-15). By option, you can show the time.
489	// The output is internationalized.
490	//
491	// format_date( "2003-09-15", true ) -> "Monday 15 September 2003 21:52"
492	function format_date($date, $show_time = false)
493	{
494	global $lang;
495
496	if (strpos($date, '0') == 0)
497	{
498	return l10n('N/A');
499	}
500
501	$ymdhms = array();
502	$tok = strtok( $date, '- :');
503	while ($tok !== false)
504	{
505	$ymdhms[] = $tok;
506	$tok = strtok('- :');
507	}
508
509	if ( count($ymdhms)<3 )
510	{
511	return false;
512	}
513
514	$formated_date = '';
515	// before 1970, Microsoft Windows can't mktime
516	if ($ymdhms[0] >= 1970)
517	{
518	// we ask midday because Windows think it's prior to midnight with a
519	// zero and refuse to work
520	$formated_date.= $lang['day'][date('w', mktime(12,0,0,$ymdhms[1],$ymdhms[2],$ymdhms[0]))];
521	}
522	$formated_date.= ' '.$ymdhms[2];
523	$formated_date.= ' '.$lang['month'][(int)$ymdhms[1]];
524	$formated_date.= ' '.$ymdhms[0];
525	if ($show_time and count($ymdhms)>=5 )
526	{
527	$formated_date.= ' '.$ymdhms[3].':'.$ymdhms[4];
528	}
529	return $formated_date;
530	}
531
532	function pwg_debug( $string )
533	{
534	global $debug,$t2,$page;
535
536	$now = explode( ' ', microtime() );
537	$now2 = explode( '.', $now[0] );
538	$now2 = $now[1].'.'.$now2[1];
539	$time = number_format( $now2 - $t2, 3, '.', ' ').' s';
540	$debug .= '<p>';
541	$debug.= '['.$time.', ';
542	$debug.= $page['count_queries'].' queries] : '.$string;
543	$debug.= "</p>\n";
544	}
545
546	/**
547	* Redirects to the given URL (HTTP method)
548	*
549	* Note : once this function called, the execution doesn't go further
550	* (presence of an exit() instruction.
551	*
552	* @param string $url
553	* @return void
554	*/
555	function redirect_http( $url )
556	{
557	if (ob_get_length () !== FALSE)
558	{
559	ob_clean();
560	}
561	// default url is on html format
562	$url = html_entity_decode($url);
563	header('Request-URI: '.$url);
564	header('Content-Location: '.$url);
565	header('Location: '.$url);
566	exit();
567	}
568
569	/**
570	* Redirects to the given URL (HTML method)
571	*
572	* Note : once this function called, the execution doesn't go further
573	* (presence of an exit() instruction.
574	*
575	* @param string $url
576	* @param string $title_msg
577	* @param integer $refreh_time
578	* @return void
579	*/
580	function redirect_html( $url , $msg = '', $refresh_time = 0)
581	{
582	global $user, $template, $lang_info, $conf, $lang, $t2, $page, $debug;
583
584	if (!isset($lang_info) \|\| !isset($template) )
585	{
586	$user = build_user( $conf['guest_id'], true);
587	load_language('common.lang');
588	trigger_action('loading_lang');
589	load_language('lang', PHPWG_ROOT_PATH.PWG_LOCAL_DIR, array('no_fallback'=>true, 'local'=>true) );
590	$template = new Template(PHPWG_ROOT_PATH.'themes', get_default_theme());
591	}
592	elseif (defined('IN_ADMIN') and IN_ADMIN)
593	{
594	$template = new Template(PHPWG_ROOT_PATH.'themes', get_default_theme());
595	}
596
597	if (empty($msg))
598	{
599	$msg = nl2br(l10n('Redirection...'));
600	}
601
602	$refresh = $refresh_time;
603	$url_link = $url;
604	$title = 'redirection';
605
606	$template->set_filenames( array( 'redirect' => 'redirect.tpl' ) );
607
608	include( PHPWG_ROOT_PATH.'include/page_header.php' );
609
610	$template->set_filenames( array( 'redirect' => 'redirect.tpl' ) );
611	$template->assign('REDIRECT_MSG', $msg);
612
613	$template->parse('redirect');
614
615	include( PHPWG_ROOT_PATH.'include/page_tail.php' );
616
617	exit();
618	}
619
620	/**
621	* Redirects to the given URL (Switch to HTTP method or HTML method)
622	*
623	* Note : once this function called, the execution doesn't go further
624	* (presence of an exit() instruction.
625	*
626	* @param string $url
627	* @param string $title_msg
628	* @param integer $refreh_time
629	* @return void
630	*/
631	function redirect( $url , $msg = '', $refresh_time = 0)
632	{
633	global $conf;
634
635	// with RefeshTime <> 0, only html must be used
636	if ($conf['default_redirect_method']=='http'
637	and $refresh_time==0
638	and !headers_sent()
639	)
640	{
641	redirect_http($url);
642	}
643	else
644	{
645	redirect_html($url, $msg, $refresh_time);
646	}
647	}
648
649	/**
650	* returns $_SERVER['QUERY_STRING'] whitout keys given in parameters
651	*
652	* @param array $rejects
653	* @param boolean $escape - if true escape & to & (for html)
654	* @returns string
655	*/
656	function get_query_string_diff($rejects=array(), $escape=true)
657	{
658	if (empty($_SERVER['QUERY_STRING']))
659	{
660	return '';
661	}
662
663	$query_string = '';
664
665	$str = $_SERVER['QUERY_STRING'];
666	parse_str($str, $vars);
667
668	$is_first = true;
669	foreach ($vars as $key => $value)
670	{
671	if (!in_array($key, $rejects))
672	{
673	$query_string.= $is_first ? '?' : ($escape ? '&' : '&' );
674	$is_first = false;
675	$query_string.= $key.'='.$value;
676	}
677	}
678
679	return $query_string;
680	}
681
682	function url_is_remote($url)
683	{
684	if ( strncmp($url, 'http://', 7)==0
685	or strncmp($url, 'https://', 8)==0 )
686	{
687	return true;
688	}
689	return false;
690	}
691
692	/**
693	* returns available themes
694	*/
695	function get_pwg_themes()
696	{
697	global $conf;
698
699	$themes = array();
700
701	$query = '
702	SELECT
703	id,
704	name
705	FROM '.THEMES_TABLE.'
706	ORDER BY name ASC
707	;';
708	$result = pwg_query($query);
709	while ($row = pwg_db_fetch_assoc($result))
710	{
711	if (check_theme_installed($row['id']))
712	{
713	$themes[ $row['id'] ] = $row['name'];
714	}
715	}
716
717	// plugins want remove some themes based on user status maybe?
718	$themes = trigger_event('get_pwg_themes', $themes);
719
720	return $themes;
721	}
722
723	function check_theme_installed($theme_id)
724	{
725	global $conf;
726
727	return file_exists($conf['themes_dir'].'/'.$theme_id.'/'.'themeconf.inc.php');
728	}
729
730	/* Returns the PATH to the thumbnail to be displayed. If the element does not
731	* have a thumbnail, the default mime image path is returned. The PATH can be
732	* used in the php script, but not sent to the browser.
733	* @param array element_info assoc array containing element info from db
734	* at least 'path', 'tn_ext' and 'id' should be present
735	*/
736	function get_thumbnail_path($element_info)
737	{
738	$path = get_thumbnail_location($element_info);
739	if ( !url_is_remote($path) )
740	{
741	$path = PHPWG_ROOT_PATH.$path;
742	}
743	return $path;
744	}
745
746	/* Returns the URL of the thumbnail to be displayed. If the element does not
747	* have a thumbnail, the default mime image url is returned. The URL can be
748	* sent to the browser, but not used in the php script.
749	* @param array element_info assoc array containing element info from db
750	* at least 'path', 'tn_ext' and 'id' should be present
751	*/
752	function get_thumbnail_url($element_info)
753	{
754	$loc = $url = get_thumbnail_location($element_info);
755	if ( !url_is_remote($loc) )
756	{
757	$url = (get_root_url().$loc);
758	}
759	// plugins want another url ?
760	$url = trigger_event('get_thumbnail_url', $url, $element_info, $loc);
761	return embellish_url($url);
762	}
763
764	/* returns the relative path of the thumnail with regards to to the root
765	of piwigo (not the current page!).This function is not intended to be
766	called directly from code.*/
767	function get_thumbnail_location($element_info)
768	{
769	global $conf;
770	if ( !empty( $element_info['tn_ext'] ) )
771	{
772	$path = substr_replace(
773	get_filename_wo_extension($element_info['path']),
774	'/'.$conf['dir_thumbnail'].'/'.$conf['prefix_thumbnail'],
775	strrpos($element_info['path'],'/'),
776	1
777	);
778	$path.= '.'.$element_info['tn_ext'];
779	}
780	else
781	{
782	$path = get_themeconf('mime_icon_dir')
783	.strtolower(get_extension($element_info['path'])).'.png';
784	// plugins want another location ?
785	$path = trigger_event( 'get_thumbnail_location', $path, $element_info);
786	}
787	return $path;
788	}
789
790	/**
791	* returns the title of the thumbnail based on photo properties
792	*/
793	function get_thumbnail_title($info)
794	{
795	global $conf, $user;
796
797	$title = get_picture_title($info);
798
799	$details = array();
800
801	if (!empty($info['hit']))
802	{
803	$details[] = $info['hit'].' '.strtolower(l10n('Visits'));
804	}
805
806	if ($conf['rate'] and !empty($info['rating_score']))
807	{
808	$details[] = strtolower(l10n('Rating score')).' '.$info['rating_score'];
809	}
810
811	if (isset($info['nb_comments']) and $info['nb_comments'] != 0)
812	{
813	$details[] = l10n_dec('%d comment', '%d comments', $info['nb_comments']);
814	}
815
816	if (count($details) > 0)
817	{
818	$title.= ' ('.implode(', ', $details).')';
819	}
820
821	if (!empty($info['comment']))
822	{
823	$title.= ' '.substr($info['comment'], 0, 100).'...';
824	}
825
826	$title = htmlspecialchars(strip_tags($title));
827
828	$title = trigger_event('get_thumbnail_title', $title, $info);
829
830	return $title;
831	}
832
833	/**
834	* fill the current user caddie with given elements, if not already in
835	* caddie
836	*
837	* @param array elements_id
838	*/
839	function fill_caddie($elements_id)
840	{
841	global $user;
842
843	$query = '
844	SELECT element_id
845	FROM '.CADDIE_TABLE.'
846	WHERE user_id = '.$user['id'].'
847	;';
848	$in_caddie = array_from_query($query, 'element_id');
849
850	$caddiables = array_diff($elements_id, $in_caddie);
851
852	$datas = array();
853
854	foreach ($caddiables as $caddiable)
855	{
856	array_push($datas, array('element_id' => $caddiable,
857	'user_id' => $user['id']));
858	}
859
860	if (count($caddiables) > 0)
861	{
862	mass_inserts(CADDIE_TABLE, array('element_id','user_id'), $datas);
863	}
864	}
865
866	/**
867	* returns the element name from its filename
868	*
869	* @param string filename
870	* @return string name
871	*/
872	function get_name_from_file($filename)
873	{
874	return str_replace('_',' ',get_filename_wo_extension($filename));
875	}
876
877	/**
878	*/
879	function get_picture_title($info)
880	{
881	if (isset($info['name']) and !empty($info['name']))
882	{
883	return trigger_event('render_element_description', $info['name']);
884	}
885
886	return get_name_from_file($info['file']);
887	}
888
889	/**
890	* returns the corresponding value from $lang if existing. Else, the key is
891	* returned
892	*
893	* @param string key
894	* @return string
895	*/
896	function l10n($key, $textdomain='messages')
897	{
898	global $lang, $conf;
899
900	if ($conf['debug_l10n'] and !isset($lang[$key]) and !empty($key))
901	{
902	trigger_error('[l10n] language key "'.$key.'" is not defined', E_USER_WARNING);
903	}
904
905	return isset($lang[$key]) ? $lang[$key] : $key;
906	}
907
908	/**
909	* returns the prinft value for strings including %d
910	* return is concorded with decimal value (singular, plural)
911	*
912	* @param singular string key
913	* @param plural string key
914	* @param decimal value
915	* @return string
916	*/
917	function l10n_dec($singular_fmt_key, $plural_fmt_key, $decimal)
918	{
919	global $lang_info;
920
921	return
922	sprintf(
923	l10n((
924	(($decimal > 1) or ($decimal == 0 and $lang_info['zero_plural']))
925	? $plural_fmt_key
926	: $singular_fmt_key
927	)), $decimal);
928	}
929
930	/*
931	* returns a single element to use with l10n_args
932	*
933	* @param string key: translation key
934	* @param array/string/../number args:
935	* arguments to use on sprintf($key, args)
936	* if args is a array, each values are used on sprintf
937	* @return string
938	*/
939	function get_l10n_args($key, $args)
940	{
941	if (is_array($args))
942	{
943	$key_arg = array_merge(array($key), $args);
944	}
945	else
946	{
947	$key_arg = array($key, $args);
948	}
949	return array('key_args' => $key_arg);
950	}
951
952	/*
953	* returns a string with formated with l10n_args elements
954	*
955	* @param element/array $key_args: element or array of l10n_args elements
956	* @param $sep: if $key_args is array,
957	* separator is used when translated l10n_args elements are concated
958	* @return string
959	*/
960	function l10n_args($key_args, $sep = "\n")
961	{
962	if (is_array($key_args))
963	{
964	foreach ($key_args as $key => $element)
965	{
966	if (isset($result))
967	{
968	$result .= $sep;
969	}
970	else
971	{
972	$result = '';
973	}
974
975	if ($key === 'key_args')
976	{
977	array_unshift($element, l10n(array_shift($element)));
978	$result .= call_user_func_array('sprintf', $element);
979	}
980	else
981	{
982	$result .= l10n_args($element, $sep);
983	}
984	}
985	}
986	else
987	{
988	fatal_error('l10n_args: Invalid arguments');
989	}
990
991	return $result;
992	}
993
994	/**
995	* returns the corresponding value from $themeconf if existing. Else, the
996	* key is returned
997	*
998	* @param string key
999	* @return string
1000	*/
1001	function get_themeconf($key)
1002	{
1003	global $template;
1004
1005	return $template->get_themeconf($key);
1006	}
1007
1008	/**
1009	* Returns webmaster mail address depending on $conf['webmaster_id']
1010	*
1011	* @return string
1012	*/
1013	function get_webmaster_mail_address()
1014	{
1015	global $conf;
1016
1017	$query = '
1018	SELECT '.$conf['user_fields']['email'].'
1019	FROM '.USERS_TABLE.'
1020	WHERE '.$conf['user_fields']['id'].' = '.$conf['webmaster_id'].'
1021	;';
1022	list($email) = pwg_db_fetch_row(pwg_query($query));
1023
1024	return $email;
1025	}
1026
1027	/**
1028	* Add configuration parameters from database to global $conf array
1029	*
1030	* @return void
1031	*/
1032	function load_conf_from_db($condition = '')
1033	{
1034	global $conf;
1035
1036	$query = '
1037	SELECT param, value
1038	FROM '.CONFIG_TABLE.'
1039	'.(!empty($condition) ? 'WHERE '.$condition : '').'
1040	;';
1041	$result = pwg_query($query);
1042
1043	if ((pwg_db_num_rows($result) == 0) and !empty($condition))
1044	{
1045	fatal_error('No configuration data');
1046	}
1047
1048	while ($row = pwg_db_fetch_assoc($result))
1049	{
1050	$conf[ $row['param'] ] = isset($row['value']) ? $row['value'] : '';
1051
1052	// If the field is true or false, the variable is transformed into a
1053	// boolean value.
1054	if ($conf[$row['param']] == 'true' or $conf[$row['param']] == 'false')
1055	{
1056	$conf[ $row['param'] ] = get_boolean($conf[ $row['param'] ]);
1057	}
1058	}
1059	}
1060
1061	function conf_update_param($param, $value)
1062	{
1063	$query = '
1064	SELECT
1065	param,
1066	value
1067	FROM '.CONFIG_TABLE.'
1068	WHERE param = \''.$param.'\'
1069	;';
1070	$params = array_from_query($query, 'param');
1071
1072	if (count($params) == 0)
1073	{
1074	$query = '
1075	INSERT
1076	INTO '.CONFIG_TABLE.'
1077	(param, value)
1078	VALUES(\''.$param.'\', \''.$value.'\')
1079	;';
1080	pwg_query($query);
1081	}
1082	else
1083	{
1084	$query = '
1085	UPDATE '.CONFIG_TABLE.'
1086	SET value = \''.$value.'\'
1087	WHERE param = \''.$param.'\'
1088	;';
1089	pwg_query($query);
1090	}
1091	}
1092
1093	/**
1094	* Prepends and appends a string at each value of the given array.
1095	*
1096	* @param array
1097	* @param string prefix to each array values
1098	* @param string suffix to each array values
1099	*/
1100	function prepend_append_array_items($array, $prepend_str, $append_str)
1101	{
1102	array_walk(
1103	$array,
1104	create_function('&$s', '$s = "'.$prepend_str.'".$s."'.$append_str.'";')
1105	);
1106
1107	return $array;
1108	}
1109
1110	/**
1111	* creates an hashed based on a query, this function is a very common
1112	* pattern used here. Among the selected columns fetched, choose one to be
1113	* the key, another one to be the value.
1114	*
1115	* @param string $query
1116	* @param string $keyname
1117	* @param string $valuename
1118	* @return array
1119	*/
1120	function simple_hash_from_query($query, $keyname, $valuename)
1121	{
1122	$array = array();
1123
1124	$result = pwg_query($query);
1125	while ($row = pwg_db_fetch_assoc($result))
1126	{
1127	$array[ $row[$keyname] ] = $row[$valuename];
1128	}
1129
1130	return $array;
1131	}
1132
1133	/**
1134	* creates an hashed based on a query, this function is a very common
1135	* pattern used here. The key is given as parameter, the value is an associative
1136	* array.
1137	*
1138	* @param string $query
1139	* @param string $keyname
1140	* @return array
1141	*/
1142	function hash_from_query($query, $keyname)
1143	{
1144	$array = array();
1145	$result = pwg_query($query);
1146	while ($row = pwg_db_fetch_assoc($result))
1147	{
1148	$array[ $row[$keyname] ] = $row;
1149	}
1150	return $array;
1151	}
1152
1153	/**
1154	* Return basename of the current script
1155	* Lower case convertion is applied on return value
1156	* Return value is without file extention ".php"
1157	*
1158	* @param void
1159	*
1160	* @return script basename
1161	*/
1162	function script_basename()
1163	{
1164	global $conf;
1165
1166	foreach (array('SCRIPT_NAME', 'SCRIPT_FILENAME', 'PHP_SELF') as $value)
1167	{
1168	if (!empty($_SERVER[$value]))
1169	{
1170	$filename = strtolower($_SERVER[$value]);
1171	if ($conf['php_extension_in_urls'] and get_extension($filename)!=='php')
1172	continue;
1173	$basename = basename($filename, '.php');
1174	if (!empty($basename))
1175	{
1176	return $basename;
1177	}
1178	}
1179	}
1180	return '';
1181	}
1182
1183	/**
1184	* Return value for the current page define on $conf['filter_pages']
1185	* Îf value is not defined, default value are returned
1186	*
1187	* @param value name
1188	*
1189	* @return filter page value
1190	*/
1191	function get_filter_page_value($value_name)
1192	{
1193	global $conf;
1194
1195	$page_name = script_basename();
1196
1197	if (isset($conf['filter_pages'][$page_name][$value_name]))
1198	{
1199	return $conf['filter_pages'][$page_name][$value_name];
1200	}
1201	else if (isset($conf['filter_pages']['default'][$value_name]))
1202	{
1203	return $conf['filter_pages']['default'][$value_name];
1204	}
1205	else
1206	{
1207	return null;
1208	}
1209	}
1210
1211	/**
1212	* returns the character set of data sent to browsers / received from forms
1213	*/
1214	function get_pwg_charset()
1215	{
1216	$pwg_charset = 'utf-8';
1217	if (defined('PWG_CHARSET'))
1218	{
1219	$pwg_charset = PWG_CHARSET;
1220	}
1221	return $pwg_charset;
1222	}
1223
1224	/**
1225	* includes a language file or returns the content of a language file
1226	* availability of the file
1227	*
1228	* in descending order of preference:
1229	* param language, user language, default language
1230	* Piwigo default language.
1231	*
1232	* @param string filename
1233	* @param string dirname
1234	* @param mixed options can contain
1235	* language - language to load (if empty uses user language)
1236	* return - if true the file content is returned otherwise the file is evaluated as php
1237	* target_charset -
1238	* no_fallback - the language must be respected
1239	* local - if true, get local language file
1240	* @return boolean success status or a string if options['return'] is true
1241	*/
1242	function load_language($filename, $dirname = '',
1243	$options = array() )
1244	{
1245	global $user;
1246
1247	if (! @$options['return'] )
1248	{
1249	$filename .= '.php'; //MAYBE to do .. load .po and .mo localization files
1250	}
1251	if (empty($dirname))
1252	{
1253	$dirname = PHPWG_ROOT_PATH;
1254	}
1255	$dirname .= 'language/';
1256
1257	$languages = array();
1258	if ( !empty($options['language']) )
1259	{
1260	$languages[] = $options['language'];
1261	}
1262	if ( !empty($user['language']) )
1263	{
1264	$languages[] = $user['language'];
1265	}
1266	if ( ! @$options['no_fallback'] )
1267	{
1268	if ( defined('PHPWG_INSTALLED') )
1269	{
1270	$languages[] = get_default_language();
1271	}
1272	$languages[] = PHPWG_DEFAULT_LANGUAGE;
1273	}
1274
1275	$languages = array_unique($languages);
1276
1277	if ( empty($options['target_charset']) )
1278	{
1279	$target_charset = get_pwg_charset();
1280	}
1281	else
1282	{
1283	$target_charset = $options['target_charset'];
1284	}
1285	$target_charset = strtolower($target_charset);
1286	$source_file = '';
1287	foreach ($languages as $language)
1288	{
1289	$f = @$options['local'] ?
1290	$dirname.$language.'.'.$filename:
1291	$dirname.$language.'/'.$filename;
1292
1293	if (file_exists($f))
1294	{
1295	$source_file = $f;
1296	break;
1297	}
1298	}
1299
1300	if ( !empty($source_file) )
1301	{
1302	if (! @$options['return'] )
1303	{
1304	@include($source_file);
1305	$load_lang = @$lang;
1306	$load_lang_info = @$lang_info;
1307
1308	global $lang, $lang_info;
1309	if ( !isset($lang) ) $lang=array();
1310	if ( !isset($lang_info) ) $lang_info=array();
1311
1312	if ( 'utf-8'!=$target_charset)
1313	{
1314	if ( is_array($load_lang) )
1315	{
1316	foreach ($load_lang as $k => $v)
1317	{
1318	if ( is_array($v) )
1319	{
1320	$func = create_function('$v', 'return convert_charset($v, "utf-8", "'.$target_charset.'");' );
1321	$lang[$k] = array_map($func, $v);
1322	}
1323	else
1324	$lang[$k] = convert_charset($v, 'utf-8', $target_charset);
1325	}
1326	}
1327	if ( is_array($load_lang_info) )
1328	{
1329	foreach ($load_lang_info as $k => $v)
1330	{
1331	$lang_info[$k] = convert_charset($v, 'utf-8', $target_charset);
1332	}
1333	}
1334	}
1335	else
1336	{
1337	$lang = array_merge( $lang, (array)$load_lang );
1338	$lang_info = array_merge( $lang_info, (array)$load_lang_info );
1339	}
1340	return true;
1341	}
1342	else
1343	{
1344	$content = @file_get_contents($source_file);
1345	$content = convert_charset($content, 'utf-8', $target_charset);
1346	return $content;
1347	}
1348	}
1349	return false;
1350	}
1351
1352	/**
1353	* converts a string from a character set to another character set
1354	* @param string str the string to be converted
1355	* @param string source_charset the character set in which the string is encoded
1356	* @param string dest_charset the destination character set
1357	*/
1358	function convert_charset($str, $source_charset, $dest_charset)
1359	{
1360	if ($source_charset==$dest_charset)
1361	return $str;
1362	if ($source_charset=='iso-8859-1' and $dest_charset=='utf-8')
1363	{
1364	return utf8_encode($str);
1365	}
1366	if ($source_charset=='utf-8' and $dest_charset=='iso-8859-1')
1367	{
1368	return utf8_decode($str);
1369	}
1370	if (function_exists('iconv'))
1371	{
1372	return iconv($source_charset, $dest_charset, $str);
1373	}
1374	if (function_exists('mb_convert_encoding'))
1375	{
1376	return mb_convert_encoding( $str, $dest_charset, $source_charset );
1377	}
1378	return $str; //???
1379	}
1380
1381	/**
1382	* makes sure a index.htm protects the directory from browser file listing
1383	*
1384	* @param string dir directory
1385	*/
1386	function secure_directory($dir)
1387	{
1388	$file = $dir.'/index.htm';
1389	if (!file_exists($file))
1390	{
1391	@file_put_contents($file, 'Not allowed!');
1392	}
1393	}
1394
1395	/**
1396	* returns a "secret key" that is to be sent back when a user posts a form
1397	*
1398	* @param int valid_after_seconds - key validity start time from now
1399	*/
1400	function get_ephemeral_key($valid_after_seconds, $aditionnal_data_to_hash = '')
1401	{
1402	global $conf;
1403	$time = round(microtime(true), 1);
1404	return $time.':'.$valid_after_seconds.':'
1405	.hash_hmac(
1406	'md5',
1407	$time.substr($_SERVER['REMOTE_ADDR'],0,5).$valid_after_seconds.$aditionnal_data_to_hash,
1408	$conf['secret_key']);
1409	}
1410
1411	function verify_ephemeral_key($key, $aditionnal_data_to_hash = '')
1412	{
1413	global $conf;
1414	$time = microtime(true);
1415	$key = explode( ':', @$key );
1416	if ( count($key)!=3
1417	or $key[0]>$time-(float)$key[1] // page must have been retrieved more than X sec ago
1418	or $key[0]<$time-3600 // 60 minutes expiration
1419	or hash_hmac(
1420	'md5', $key[0].substr($_SERVER['REMOTE_ADDR'],0,5).$key[1].$aditionnal_data_to_hash, $conf['secret_key']
1421	) != $key[2]
1422	)
1423	{
1424	return false;
1425	}
1426	return true;
1427	}
1428
1429	/**
1430	* return an array which will be sent to template to display navigation bar
1431	*/
1432	function create_navigation_bar($url, $nb_element, $start, $nb_element_page, $clean_url = false)
1433	{
1434	global $conf;
1435
1436	$navbar = array();
1437	$pages_around = $conf['paginate_pages_around'];
1438	$start_str = $clean_url ? '/start-' : (strpos($url, '?')===false ? '?':'&').'start=';
1439
1440	if (!isset($start) or !is_numeric($start) or (is_numeric($start) and $start < 0))
1441	{
1442	$start = 0;
1443	}
1444
1445	// navigation bar useful only if more than one page to display !
1446	if ($nb_element > $nb_element_page)
1447	{
1448	$cur_page = ceil($start / $nb_element_page) + 1;
1449	$maximum = ceil($nb_element / $nb_element_page);
1450	$previous = $start - $nb_element_page;
1451	$next = $start + $nb_element_page;
1452	$last = ($maximum - 1) * $nb_element_page;
1453
1454	$navbar['CURRENT_PAGE'] = $cur_page;
1455
1456	// link to first page and previous page?
1457	if ($cur_page != 1)
1458	{
1459	$navbar['URL_FIRST'] = $url;
1460	$navbar['URL_PREV'] = $url.($previous > 0 ? $start_str.$previous : '');
1461	}
1462	// link on next page and last page?
1463	if ($cur_page != $maximum)
1464	{
1465	$navbar['URL_NEXT'] = $url.$start_str.$next;
1466	$navbar['URL_LAST'] = $url.$start_str.$last;
1467	}
1468
1469	// pages to display
1470	$navbar['pages'] = array();
1471	$navbar['pages'][1] = $url;
1472	$navbar['pages'][$maximum] = $url.$start_str.$last;
1473
1474	for ($i = max($cur_page - $pages_around , 2), $stop = min($cur_page + $pages_around + 1, $maximum);
1475	$i < $stop; $i++)
1476	{
1477	$navbar['pages'][$i] = $url.$start_str.(($i - 1) * $nb_element_page);
1478	}
1479	ksort($navbar['pages']);
1480	}
1481	return $navbar;
1482	}
1483
1484	/**
1485	* return an array which will be sent to template to display recent icon
1486	*/
1487	function get_icon($date, $is_child_date = false)
1488	{
1489	global $cache, $user;
1490
1491	if (empty($date))
1492	{
1493	return false;
1494	}
1495
1496	if (!isset($cache['get_icon']['title']))
1497	{
1498	$cache['get_icon']['title'] = sprintf(
1499	l10n('photos posted during the last %d days'),
1500	$user['recent_period']
1501	);
1502	}
1503
1504	$icon = array(
1505	'TITLE' => $cache['get_icon']['title'],
1506	'IS_CHILD_DATE' => $is_child_date,
1507	);
1508
1509	if (isset($cache['get_icon'][$date]))
1510	{
1511	return $cache['get_icon'][$date] ? $icon : array();
1512	}
1513
1514	if (!isset($cache['get_icon']['sql_recent_date']))
1515	{
1516	// Use MySql date in order to standardize all recent "actions/queries"
1517	$cache['get_icon']['sql_recent_date'] = pwg_db_get_recent_period($user['recent_period']);
1518	}
1519
1520	$cache['get_icon'][$date] = $date > $cache['get_icon']['sql_recent_date'];
1521
1522	return $cache['get_icon'][$date] ? $icon : array();
1523	}
1524
1525	/**
1526	* check token comming from form posted or get params to prevent csrf attacks
1527	* if pwg_token is empty action doesn't require token
1528	* else pwg_token is compare to server token
1529	*
1530	* @return void access denied if token given is not equal to server token
1531	*/
1532	function check_pwg_token()
1533	{
1534	if (!empty($_REQUEST['pwg_token']))
1535	{
1536	if (get_pwg_token() != $_REQUEST['pwg_token'])
1537	{
1538	access_denied();
1539	}
1540	}
1541	else
1542	bad_request('missing token');
1543	}
1544
1545	function get_pwg_token()
1546	{
1547	global $conf;
1548
1549	return hash_hmac('md5', session_id(), $conf['secret_key']);
1550	}
1551
1552	/*
1553	* breaks the script execution if the given value doesn't match the given
1554	* pattern. This should happen only during hacking attempts.
1555	*
1556	* @param string param_name
1557	* @param array param_array
1558	* @param boolean is_array
1559	* @param string pattern
1560	*
1561	* @return void
1562	*/
1563	function check_input_parameter($param_name, $param_array, $is_array, $pattern)
1564	{
1565	$param_value = null;
1566	if (isset($param_array[$param_name]))
1567	{
1568	$param_value = $param_array[$param_name];
1569	}
1570
1571	// it's ok if the input parameter is null
1572	if (empty($param_value))
1573	{
1574	return true;
1575	}
1576
1577	if ($is_array)
1578	{
1579	if (!is_array($param_value))
1580	{
1581	fatal_error('[Hacking attempt] the input parameter "'.$param_name.'" should be an array');
1582	}
1583
1584	foreach ($param_value as $item_to_check)
1585	{
1586	if (!preg_match($pattern, $item_to_check))
1587	{
1588	fatal_error('[Hacking attempt] an item is not valid in input parameter "'.$param_name.'"');
1589	}
1590	}
1591	}
1592	else
1593	{
1594	if (!preg_match($pattern, $param_value))
1595	{
1596	fatal_error('[Hacking attempt] the input parameter "'.$param_name.'" is not valid');
1597	}
1598	}
1599	}
1600
1601
1602	function get_privacy_level_options()
1603	{
1604	global $conf;
1605
1606	$options = array();
1607	foreach (array_reverse($conf['available_permission_levels']) as $level)
1608	{
1609	$label = null;
1610
1611	if (0 == $level)
1612	{
1613	$label = l10n('Everybody');
1614	}
1615	else
1616	{
1617	$labels = array();
1618	$sub_levels = array_reverse($conf['available_permission_levels']);
1619	foreach ($sub_levels as $sub_level)
1620	{
1621	if ($sub_level == 0 or $sub_level < $level)
1622	{
1623	break;
1624	}
1625	array_push(
1626	$labels,
1627	l10n(
1628	sprintf(
1629	'Level %d',
1630	$sub_level
1631	)
1632	)
1633	);
1634	}
1635
1636	$label = implode(', ', $labels);
1637	}
1638	$options[$level] = $label;
1639	}
1640	return $options;
1641	}
1642
1643
1644	/**
1645	* return the branch from the version. For example version 2.2.4 is for branch 2.2
1646	*/
1647	function get_branch_from_version($version)
1648	{
1649	return implode('.', array_slice(explode('.', $version), 0, 2));
1650	}
1651	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: