Context Navigation

source: trunk/include/functions.inc.php @ 12870

Last change on this file since 12870 was 12870, checked in by patdenice, 12 years ago
feature:2552 Apply trigger render_element_description for thumbnail title (for picture description)
Property svn:eol-style set to `LF`
File size: 43.0 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based photo gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2011 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	include_once( PHPWG_ROOT_PATH .'include/functions_user.inc.php' );
25	include_once( PHPWG_ROOT_PATH .'include/functions_cookie.inc.php' );
26	include_once( PHPWG_ROOT_PATH .'include/functions_session.inc.php' );
27	include_once( PHPWG_ROOT_PATH .'include/functions_category.inc.php' );
28	include_once( PHPWG_ROOT_PATH .'include/functions_xml.inc.php' );
29	include_once( PHPWG_ROOT_PATH .'include/functions_html.inc.php' );
30	include_once( PHPWG_ROOT_PATH .'include/functions_tag.inc.php' );
31	include_once( PHPWG_ROOT_PATH .'include/functions_url.inc.php' );
32	include_once( PHPWG_ROOT_PATH .'include/functions_plugins.inc.php' );
33	include_once( PHPWG_ROOT_PATH .'include/derivative_params.inc.php');
34	include_once( PHPWG_ROOT_PATH .'include/derivative_std_params.inc.php');
35	include_once( PHPWG_ROOT_PATH .'include/derivative.inc.php');
36
37	//----------------------------------------------------------- generic functions
38
39	/**
40	* stupidly returns the current microsecond since Unix epoch
41	*/
42	function micro_seconds()
43	{
44	$t1 = explode(' ', microtime());
45	$t2 = explode('.', $t1[0]);
46	$t2 = $t1[1].substr($t2[1], 0, 6);
47	return $t2;
48	}
49
50	// The function get_moment returns a float value coresponding to the number
51	// of seconds since the unix epoch (1st January 1970) and the microseconds
52	// are precised : e.g. 1052343429.89276600
53	function get_moment()
54	{
55	$t1 = explode( ' ', microtime() );
56	$t2 = explode( '.', $t1[0] );
57	$t2 = $t1[1].'.'.$t2[1];
58	return $t2;
59	}
60
61	// The function get_elapsed_time returns the number of seconds (with 3
62	// decimals precision) between the start time and the end time given.
63	function get_elapsed_time( $start, $end )
64	{
65	return number_format( $end - $start, 3, '.', ' ').' s';
66	}
67
68	// - The replace_space function replaces space and '-' characters
69	// by their HTML equivalent &nbsb; and −
70	// - The function does not replace characters in HTML tags
71	// - This function was created because IE5 does not respect the
72	// CSS "white-space: nowrap;" property unless space and minus
73	// characters are replaced like this function does.
74	// - Example :
75	// <div class="foo">My friend</div>
76	// ( 01234567891111111111222222222233 )
77	// ( 0123456789012345678901 )
78	// becomes :
79	// <div class="foo">My friend</div>
80	function replace_space( $string )
81	{
82	//return $string;
83	$return_string = '';
84	// $remaining is the rest of the string where to replace spaces characters
85	$remaining = $string;
86	// $start represents the position of the next '<' character
87	// $end represents the position of the next '>' character
88	; // -> 0
89	$end = strpos ( $remaining, '>' ); // -> 16
90	// as long as a '<' and his friend '>' are found, we loop
91	while ( ($start=strpos( $remaining, '<' )) !==false
92	and ($end=strpos( $remaining, '>' )) !== false )
93	{
94	// $treatment is the part of the string to treat
95	// In the first loop of our example, this variable is empty, but in the
96	// second loop, it equals 'My friend'
97	$treatment = substr ( $remaining, 0, $start );
98	// Replacement of ' ' by his equivalent ' '
99	$treatment = str_replace( ' ', ' ', $treatment );
100	$treatment = str_replace( '-', '−', $treatment );
101	// composing the string to return by adding the treated string and the
102	// following HTML tag -> 'My friend</div>'
103	$return_string.= $treatment.substr( $remaining, $start, $end-$start+1 );
104	// the remaining string is deplaced to the part after the '>' of this
105	// loop
106	$remaining = substr ( $remaining, $end + 1, strlen( $remaining ) );
107	}
108	$treatment = str_replace( ' ', ' ', $remaining );
109	$treatment = str_replace( '-', '−', $treatment );
110	$return_string.= $treatment;
111
112	return $return_string;
113	}
114
115	// get_extension returns the part of the string after the last "."
116	function get_extension( $filename )
117	{
118	return substr( strrchr( $filename, '.' ), 1, strlen ( $filename ) );
119	}
120
121	// get_filename_wo_extension returns the part of the string before the last
122	// ".".
123	// get_filename_wo_extension( 'test.tar.gz' ) -> 'test.tar'
124	function get_filename_wo_extension( $filename )
125	{
126	$pos = strrpos( $filename, '.' );
127	return ($pos===false) ? $filename : substr( $filename, 0, $pos);
128	}
129
130	/**
131	* returns an array contening sub-directories, excluding ".svn"
132	*
133	* @param string $dir
134	* @return array
135	*/
136	function get_dirs($directory)
137	{
138	$sub_dirs = array();
139	if ($opendir = opendir($directory))
140	{
141	while ($file = readdir($opendir))
142	{
143	if ($file != '.'
144	and $file != '..'
145	and is_dir($directory.'/'.$file)
146	and $file != '.svn')
147	{
148	array_push($sub_dirs, $file);
149	}
150	}
151	closedir($opendir);
152	}
153	return $sub_dirs;
154	}
155
156	define('MKGETDIR_NONE', 0);
157	define('MKGETDIR_RECURSIVE', 1);
158	define('MKGETDIR_DIE_ON_ERROR', 2);
159	define('MKGETDIR_PROTECT_INDEX', 4);
160	define('MKGETDIR_PROTECT_HTACCESS', 8);
161	define('MKGETDIR_DEFAULT', 7);
162	/**
163	* creates directory if not exists; ensures that directory is writable
164	* @param:
165	* string $dir
166	* int $flags combination of MKGETDIR_xxx
167	* @return bool false on error else true
168	*/
169	function mkgetdir($dir, $flags=MKGETDIR_DEFAULT)
170	{
171	if ( !is_dir($dir) )
172	{
173	global $conf;
174	if (substr(PHP_OS, 0, 3) == 'WIN')
175	{
176	$dir = str_replace('/', DIRECTORY_SEPARATOR, $dir);
177	}
178	$umask = umask(0);
179	$mkd = @mkdir($dir, $conf['chmod_value'], ($flags&MKGETDIR_RECURSIVE) ? true:false );
180	umask($umask);
181	if ($mkd==false)
182	{
183	!($flags&MKGETDIR_DIE_ON_ERROR) or fatal_error( "$dir ".l10n('no write access'));
184	return false;
185	}
186	if( $flags&MKGETDIR_PROTECT_HTACCESS )
187	{
188	$file = $dir.'/.htaccess';
189	file_exists($file) or @file_put_contents( $file, 'deny from all' );
190	}
191	if( $flags&MKGETDIR_PROTECT_INDEX )
192	{
193	$file = $dir.'/index.htm';
194	file_exists($file) or @file_put_contents( $file, 'Not allowed!' );
195	}
196	}
197	if ( !is_writable($dir) )
198	{
199	!($flags&MKGETDIR_DIE_ON_ERROR) or fatal_error( "$dir ".l10n('no write access'));
200	return false;
201	}
202	return true;
203	}
204
205	/**
206	* returns thumbnail directory name of input diretoty name
207	* make thumbnail directory is necessary
208	* set error messages on array messages
209	*
210	* @param:
211	* string $dirname
212	* arrayy $errors
213	* @return bool false on error else string directory name
214	*/
215	function mkget_thumbnail_dir($dirname, &$errors)
216	{
217	global $conf;
218
219	$tndir = $dirname.'/'.$conf['dir_thumbnail'];
220	if (! mkgetdir($tndir, MKGETDIR_NONE) )
221	{
222	array_push($errors,
223	'['.$dirname.'] : '.l10n('no write access'));
224	return false;
225	}
226	return $tndir;
227	}
228
229	/* Returns true if the string appears to be encoded in UTF-8. (from wordpress)
230	* @param string Str
231	*/
232	function seems_utf8($Str) { # by bmorel at ssi dot fr
233	for ($i=0; $i<strlen($Str); $i++) {
234	if (ord($Str[$i]) < 0x80) continue; # 0bbbbbbb
235	elseif ((ord($Str[$i]) & 0xE0) == 0xC0) $n=1; # 110bbbbb
236	elseif ((ord($Str[$i]) & 0xF0) == 0xE0) $n=2; # 1110bbbb
237	elseif ((ord($Str[$i]) & 0xF8) == 0xF0) $n=3; # 11110bbb
238	elseif ((ord($Str[$i]) & 0xFC) == 0xF8) $n=4; # 111110bb
239	elseif ((ord($Str[$i]) & 0xFE) == 0xFC) $n=5; # 1111110b
240	else return false; # Does not match any model
241	for ($j=0; $j<$n; $j++) { # n bytes matching 10bbbbbb follow ?
242	if ((++$i == strlen($Str)) \|\| ((ord($Str[$i]) & 0xC0) != 0x80))
243	return false;
244	}
245	}
246	return true;
247	}
248
249	/* Remove accents from a UTF-8 or ISO-859-1 string (from wordpress)
250	* @param string sstring - an UTF-8 or ISO-8859-1 string
251	*/
252	function remove_accents($string)
253	{
254	if ( !preg_match('/[\x80-\xff]/', $string) )
255	return $string;
256
257	if (seems_utf8($string)) {
258	$chars = array(
259	// Decompositions for Latin-1 Supplement
260	"\xc3\x80"=>'A', "\xc3\x81"=>'A',
261	"\xc3\x82"=>'A', "\xc3\x83"=>'A',
262	"\xc3\x84"=>'A', "\xc3\x85"=>'A',
263	"\xc3\x87"=>'C', "\xc3\x88"=>'E',
264	"\xc3\x89"=>'E', "\xc3\x8a"=>'E',
265	"\xc3\x8b"=>'E', "\xc3\x8c"=>'I',
266	"\xc3\x8d"=>'I', "\xc3\x8e"=>'I',
267	"\xc3\x8f"=>'I', "\xc3\x91"=>'N',
268	"\xc3\x92"=>'O', "\xc3\x93"=>'O',
269	"\xc3\x94"=>'O', "\xc3\x95"=>'O',
270	"\xc3\x96"=>'O', "\xc3\x99"=>'U',
271	"\xc3\x9a"=>'U', "\xc3\x9b"=>'U',
272	"\xc3\x9c"=>'U', "\xc3\x9d"=>'Y',
273	"\xc3\x9f"=>'s', "\xc3\xa0"=>'a',
274	"\xc3\xa1"=>'a', "\xc3\xa2"=>'a',
275	"\xc3\xa3"=>'a', "\xc3\xa4"=>'a',
276	"\xc3\xa5"=>'a', "\xc3\xa7"=>'c',
277	"\xc3\xa8"=>'e', "\xc3\xa9"=>'e',
278	"\xc3\xaa"=>'e', "\xc3\xab"=>'e',
279	"\xc3\xac"=>'i', "\xc3\xad"=>'i',
280	"\xc3\xae"=>'i', "\xc3\xaf"=>'i',
281	"\xc3\xb1"=>'n', "\xc3\xb2"=>'o',
282	"\xc3\xb3"=>'o', "\xc3\xb4"=>'o',
283	"\xc3\xb5"=>'o', "\xc3\xb6"=>'o',
284	"\xc3\xb9"=>'u', "\xc3\xba"=>'u',
285	"\xc3\xbb"=>'u', "\xc3\xbc"=>'u',
286	"\xc3\xbd"=>'y', "\xc3\xbf"=>'y',
287	// Decompositions for Latin Extended-A
288	"\xc4\x80"=>'A', "\xc4\x81"=>'a',
289	"\xc4\x82"=>'A', "\xc4\x83"=>'a',
290	"\xc4\x84"=>'A', "\xc4\x85"=>'a',
291	"\xc4\x86"=>'C', "\xc4\x87"=>'c',
292	"\xc4\x88"=>'C', "\xc4\x89"=>'c',
293	"\xc4\x8a"=>'C', "\xc4\x8b"=>'c',
294	"\xc4\x8c"=>'C', "\xc4\x8d"=>'c',
295	"\xc4\x8e"=>'D', "\xc4\x8f"=>'d',
296	"\xc4\x90"=>'D', "\xc4\x91"=>'d',
297	"\xc4\x92"=>'E', "\xc4\x93"=>'e',
298	"\xc4\x94"=>'E', "\xc4\x95"=>'e',
299	"\xc4\x96"=>'E', "\xc4\x97"=>'e',
300	"\xc4\x98"=>'E', "\xc4\x99"=>'e',
301	"\xc4\x9a"=>'E', "\xc4\x9b"=>'e',
302	"\xc4\x9c"=>'G', "\xc4\x9d"=>'g',
303	"\xc4\x9e"=>'G', "\xc4\x9f"=>'g',
304	"\xc4\xa0"=>'G', "\xc4\xa1"=>'g',
305	"\xc4\xa2"=>'G', "\xc4\xa3"=>'g',
306	"\xc4\xa4"=>'H', "\xc4\xa5"=>'h',
307	"\xc4\xa6"=>'H', "\xc4\xa7"=>'h',
308	"\xc4\xa8"=>'I', "\xc4\xa9"=>'i',
309	"\xc4\xaa"=>'I', "\xc4\xab"=>'i',
310	"\xc4\xac"=>'I', "\xc4\xad"=>'i',
311	"\xc4\xae"=>'I', "\xc4\xaf"=>'i',
312	"\xc4\xb0"=>'I', "\xc4\xb1"=>'i',
313	"\xc4\xb2"=>'IJ', "\xc4\xb3"=>'ij',
314	"\xc4\xb4"=>'J', "\xc4\xb5"=>'j',
315	"\xc4\xb6"=>'K', "\xc4\xb7"=>'k',
316	"\xc4\xb8"=>'k', "\xc4\xb9"=>'L',
317	"\xc4\xba"=>'l', "\xc4\xbb"=>'L',
318	"\xc4\xbc"=>'l', "\xc4\xbd"=>'L',
319	"\xc4\xbe"=>'l', "\xc4\xbf"=>'L',
320	"\xc5\x80"=>'l', "\xc5\x81"=>'L',
321	"\xc5\x82"=>'l', "\xc5\x83"=>'N',
322	"\xc5\x84"=>'n', "\xc5\x85"=>'N',
323	"\xc5\x86"=>'n', "\xc5\x87"=>'N',
324	"\xc5\x88"=>'n', "\xc5\x89"=>'N',
325	"\xc5\x8a"=>'n', "\xc5\x8b"=>'N',
326	"\xc5\x8c"=>'O', "\xc5\x8d"=>'o',
327	"\xc5\x8e"=>'O', "\xc5\x8f"=>'o',
328	"\xc5\x90"=>'O', "\xc5\x91"=>'o',
329	"\xc5\x92"=>'OE', "\xc5\x93"=>'oe',
330	"\xc5\x94"=>'R', "\xc5\x95"=>'r',
331	"\xc5\x96"=>'R', "\xc5\x97"=>'r',
332	"\xc5\x98"=>'R', "\xc5\x99"=>'r',
333	"\xc5\x9a"=>'S', "\xc5\x9b"=>'s',
334	"\xc5\x9c"=>'S', "\xc5\x9d"=>'s',
335	"\xc5\x9e"=>'S', "\xc5\x9f"=>'s',
336	"\xc5\xa0"=>'S', "\xc5\xa1"=>'s',
337	"\xc5\xa2"=>'T', "\xc5\xa3"=>'t',
338	"\xc5\xa4"=>'T', "\xc5\xa5"=>'t',
339	"\xc5\xa6"=>'T', "\xc5\xa7"=>'t',
340	"\xc5\xa8"=>'U', "\xc5\xa9"=>'u',
341	"\xc5\xaa"=>'U', "\xc5\xab"=>'u',
342	"\xc5\xac"=>'U', "\xc5\xad"=>'u',
343	"\xc5\xae"=>'U', "\xc5\xaf"=>'u',
344	"\xc5\xb0"=>'U', "\xc5\xb1"=>'u',
345	"\xc5\xb2"=>'U', "\xc5\xb3"=>'u',
346	"\xc5\xb4"=>'W', "\xc5\xb5"=>'w',
347	"\xc5\xb6"=>'Y', "\xc5\xb7"=>'y',
348	"\xc5\xb8"=>'Y', "\xc5\xb9"=>'Z',
349	"\xc5\xba"=>'z', "\xc5\xbb"=>'Z',
350	"\xc5\xbc"=>'z', "\xc5\xbd"=>'Z',
351	"\xc5\xbe"=>'z', "\xc5\xbf"=>'s',
352	// Euro Sign
353	"\xe2\x82\xac"=>'E',
354	// GBP (Pound) Sign
355	"\xc2\xa3"=>'');
356
357	$string = strtr($string, $chars);
358	} else {
359	// Assume ISO-8859-1 if not UTF-8
360	$chars['in'] = chr(128).chr(131).chr(138).chr(142).chr(154).chr(158)
361	.chr(159).chr(162).chr(165).chr(181).chr(192).chr(193).chr(194)
362	.chr(195).chr(196).chr(197).chr(199).chr(200).chr(201).chr(202)
363	.chr(203).chr(204).chr(205).chr(206).chr(207).chr(209).chr(210)
364	.chr(211).chr(212).chr(213).chr(214).chr(216).chr(217).chr(218)
365	.chr(219).chr(220).chr(221).chr(224).chr(225).chr(226).chr(227)
366	.chr(228).chr(229).chr(231).chr(232).chr(233).chr(234).chr(235)
367	.chr(236).chr(237).chr(238).chr(239).chr(241).chr(242).chr(243)
368	.chr(244).chr(245).chr(246).chr(248).chr(249).chr(250).chr(251)
369	.chr(252).chr(253).chr(255);
370
371	$chars['out'] = "EfSZszYcYuAAAAAACEEEEIIIINOOOOOOUUUUYaaaaaaceeeeiiiinoooooouuuuyy";
372
373	$string = strtr($string, $chars['in'], $chars['out']);
374	$double_chars['in'] = array(chr(140), chr(156), chr(198), chr(208), chr(222), chr(223), chr(230), chr(240), chr(254));
375	$double_chars['out'] = array('OE', 'oe', 'AE', 'DH', 'TH', 'ss', 'ae', 'dh', 'th');
376	$string = str_replace($double_chars['in'], $double_chars['out'], $string);
377	}
378
379	return $string;
380	}
381
382	/**
383	* simplify a string to insert it into an URL
384	*
385	* @param string
386	* @return string
387	*/
388	function str2url($str)
389	{
390	$raw = $str;
391
392	$str = remove_accents($str);
393	$str = preg_replace('/[^a-z0-9_\s\'\:\/\[\],-]/','',strtolower($str));
394	$str = preg_replace('/[\s\'\:\/\[\],-]+/',' ',trim($str));
395	$res = str_replace(' ','_',$str);
396
397	if (empty($res))
398	{
399	$res = str_replace(' ','_', $raw);
400	}
401
402	return $res;
403	}
404
405	//-------------------------------------------- Piwigo specific functions
406
407	/**
408	* returns an array with a list of {language_code => language_name}
409	*
410	* @returns array
411	*/
412	function get_languages()
413	{
414	$query = '
415	SELECT id, name
416	FROM '.LANGUAGES_TABLE.'
417	ORDER BY name ASC
418	;';
419	$result = pwg_query($query);
420
421	$languages = array();
422	while ($row = pwg_db_fetch_assoc($result))
423	{
424	if (is_dir(PHPWG_ROOT_PATH.'language/'.$row['id']))
425	{
426	$languages[ $row['id'] ] = $row['name'];
427	}
428	}
429
430	return $languages;
431	}
432
433	function pwg_log($image_id = null, $image_type = null)
434	{
435	global $conf, $user, $page;
436
437	$do_log = $conf['log'];
438	if (is_admin())
439	{
440	$do_log = $conf['history_admin'];
441	}
442	if (is_a_guest())
443	{
444	$do_log = $conf['history_guest'];
445	}
446
447	$do_log = trigger_event('pwg_log_allowed', $do_log, $image_id, $image_type);
448
449	if (!$do_log)
450	{
451	return false;
452	}
453
454	$tags_string = null;
455	if ('tags'==@$page['section'])
456	{
457	$tags_string = implode(',', $page['tag_ids']);
458	}
459
460	$query = '
461	INSERT INTO '.HISTORY_TABLE.'
462	(
463	date,
464	time,
465	user_id,
466	IP,
467	section,
468	category_id,
469	image_id,
470	image_type,
471	tag_ids
472	)
473	VALUES
474	(
475	CURRENT_DATE,
476	CURRENT_TIME,
477	'.$user['id'].',
478	\''.$_SERVER['REMOTE_ADDR'].'\',
479	'.(isset($page['section']) ? "'".$page['section']."'" : 'NULL').',
480	'.(isset($page['category']['id']) ? $page['category']['id'] : 'NULL').',
481	'.(isset($image_id) ? $image_id : 'NULL').',
482	'.(isset($image_type) ? "'".$image_type."'" : 'NULL').',
483	'.(isset($tags_string) ? "'".$tags_string."'" : 'NULL').'
484	)
485	;';
486	pwg_query($query);
487
488	return true;
489	}
490
491	// format_date returns a formatted date for display. The date given in
492	// argument must be an american format (2003-09-15). By option, you can show the time.
493	// The output is internationalized.
494	//
495	// format_date( "2003-09-15", true ) -> "Monday 15 September 2003 21:52"
496	function format_date($date, $show_time = false)
497	{
498	global $lang;
499
500	if (strpos($date, '0') == 0)
501	{
502	return l10n('N/A');
503	}
504
505	$ymdhms = array();
506	$tok = strtok( $date, '- :');
507	while ($tok !== false)
508	{
509	$ymdhms[] = $tok;
510	$tok = strtok('- :');
511	}
512
513	if ( count($ymdhms)<3 )
514	{
515	return false;
516	}
517
518	$formated_date = '';
519	// before 1970, Microsoft Windows can't mktime
520	if ($ymdhms[0] >= 1970)
521	{
522	// we ask midday because Windows think it's prior to midnight with a
523	// zero and refuse to work
524	$formated_date.= $lang['day'][date('w', mktime(12,0,0,$ymdhms[1],$ymdhms[2],$ymdhms[0]))];
525	}
526	$formated_date.= ' '.$ymdhms[2];
527	$formated_date.= ' '.$lang['month'][(int)$ymdhms[1]];
528	$formated_date.= ' '.$ymdhms[0];
529	if ($show_time and count($ymdhms)>=5 )
530	{
531	$formated_date.= ' '.$ymdhms[3].':'.$ymdhms[4];
532	}
533	return $formated_date;
534	}
535
536	function pwg_debug( $string )
537	{
538	global $debug,$t2,$page;
539
540	$now = explode( ' ', microtime() );
541	$now2 = explode( '.', $now[0] );
542	$now2 = $now[1].'.'.$now2[1];
543	$time = number_format( $now2 - $t2, 3, '.', ' ').' s';
544	$debug .= '<p>';
545	$debug.= '['.$time.', ';
546	$debug.= $page['count_queries'].' queries] : '.$string;
547	$debug.= "</p>\n";
548	}
549
550	/**
551	* Redirects to the given URL (HTTP method)
552	*
553	* Note : once this function called, the execution doesn't go further
554	* (presence of an exit() instruction.
555	*
556	* @param string $url
557	* @return void
558	*/
559	function redirect_http( $url )
560	{
561	if (ob_get_length () !== FALSE)
562	{
563	ob_clean();
564	}
565	// default url is on html format
566	$url = html_entity_decode($url);
567	header('Request-URI: '.$url);
568	header('Content-Location: '.$url);
569	header('Location: '.$url);
570	exit();
571	}
572
573	/**
574	* Redirects to the given URL (HTML method)
575	*
576	* Note : once this function called, the execution doesn't go further
577	* (presence of an exit() instruction.
578	*
579	* @param string $url
580	* @param string $title_msg
581	* @param integer $refreh_time
582	* @return void
583	*/
584	function redirect_html( $url , $msg = '', $refresh_time = 0)
585	{
586	global $user, $template, $lang_info, $conf, $lang, $t2, $page, $debug;
587
588	if (!isset($lang_info) \|\| !isset($template) )
589	{
590	$user = build_user( $conf['guest_id'], true);
591	load_language('common.lang');
592	trigger_action('loading_lang');
593	load_language('lang', PHPWG_ROOT_PATH.PWG_LOCAL_DIR, array('no_fallback'=>true, 'local'=>true) );
594	$template = new Template(PHPWG_ROOT_PATH.'themes', get_default_theme());
595	}
596	elseif (defined('IN_ADMIN') and IN_ADMIN)
597	{
598	$template = new Template(PHPWG_ROOT_PATH.'themes', get_default_theme());
599	}
600
601	if (empty($msg))
602	{
603	$msg = nl2br(l10n('Redirection...'));
604	}
605
606	$refresh = $refresh_time;
607	$url_link = $url;
608	$title = 'redirection';
609
610	$template->set_filenames( array( 'redirect' => 'redirect.tpl' ) );
611
612	include( PHPWG_ROOT_PATH.'include/page_header.php' );
613
614	$template->set_filenames( array( 'redirect' => 'redirect.tpl' ) );
615	$template->assign('REDIRECT_MSG', $msg);
616
617	$template->parse('redirect');
618
619	include( PHPWG_ROOT_PATH.'include/page_tail.php' );
620
621	exit();
622	}
623
624	/**
625	* Redirects to the given URL (Switch to HTTP method or HTML method)
626	*
627	* Note : once this function called, the execution doesn't go further
628	* (presence of an exit() instruction.
629	*
630	* @param string $url
631	* @param string $title_msg
632	* @param integer $refreh_time
633	* @return void
634	*/
635	function redirect( $url , $msg = '', $refresh_time = 0)
636	{
637	global $conf;
638
639	// with RefeshTime <> 0, only html must be used
640	if ($conf['default_redirect_method']=='http'
641	and $refresh_time==0
642	and !headers_sent()
643	)
644	{
645	redirect_http($url);
646	}
647	else
648	{
649	redirect_html($url, $msg, $refresh_time);
650	}
651	}
652
653	/**
654	* returns $_SERVER['QUERY_STRING'] whitout keys given in parameters
655	*
656	* @param array $rejects
657	* @param boolean $escape - if true escape & to & (for html)
658	* @returns string
659	*/
660	function get_query_string_diff($rejects=array(), $escape=true)
661	{
662	if (empty($_SERVER['QUERY_STRING']))
663	{
664	return '';
665	}
666
667	$query_string = '';
668
669	$str = $_SERVER['QUERY_STRING'];
670	parse_str($str, $vars);
671
672	$is_first = true;
673	foreach ($vars as $key => $value)
674	{
675	if (!in_array($key, $rejects))
676	{
677	$query_string.= $is_first ? '?' : ($escape ? '&' : '&' );
678	$is_first = false;
679	$query_string.= $key.'='.$value;
680	}
681	}
682
683	return $query_string;
684	}
685
686	function url_is_remote($url)
687	{
688	if ( strncmp($url, 'http://', 7)==0
689	or strncmp($url, 'https://', 8)==0 )
690	{
691	return true;
692	}
693	return false;
694	}
695
696	/**
697	* returns available themes
698	*/
699	function get_pwg_themes()
700	{
701	global $conf;
702
703	$themes = array();
704
705	$query = '
706	SELECT
707	id,
708	name
709	FROM '.THEMES_TABLE.'
710	ORDER BY name ASC
711	;';
712	$result = pwg_query($query);
713	while ($row = pwg_db_fetch_assoc($result))
714	{
715	if (check_theme_installed($row['id']))
716	{
717	$themes[ $row['id'] ] = $row['name'];
718	}
719	}
720
721	// plugins want remove some themes based on user status maybe?
722	$themes = trigger_event('get_pwg_themes', $themes);
723
724	return $themes;
725	}
726
727	function check_theme_installed($theme_id)
728	{
729	global $conf;
730
731	return file_exists($conf['themes_dir'].'/'.$theme_id.'/'.'themeconf.inc.php');
732	}
733
734	/** Transforms an original path to its pwg representative */
735	function original_to_representative($path, $representative_ext)
736	{
737	$pos = strrpos($path, '/');
738	$path = substr_replace($path, 'pwg_representative/', $pos+1, 0);
739	$pos = strrpos($path, '.');
740	return substr_replace($path, $representative_ext, $pos+1);
741	}
742
743	/**
744	* @param element_info array containing element information from db;
745	* at least 'id', 'path' should be present
746	*/
747	function get_element_path($element_info)
748	{
749	$path = $element_info['path'];
750	if ( !url_is_remote($path) )
751	{
752	$path = PHPWG_ROOT_PATH.$path;
753	}
754	return $path;
755	}
756
757
758	/* Returns the PATH to the thumbnail to be displayed. If the element does not
759	* have a thumbnail, the default mime image path is returned. The PATH can be
760	* used in the php script, but not sent to the browser.
761	* @param array element_info assoc array containing element info from db
762	* at least 'path', 'tn_ext' and 'id' should be present
763	*/
764	function get_thumbnail_path($element_info)
765	{
766	$path = get_thumbnail_location($element_info);
767	if ( !url_is_remote($path) )
768	{
769	$path = PHPWG_ROOT_PATH.$path;
770	}
771	return $path;
772	}
773
774	/* Returns the URL of the thumbnail to be displayed. If the element does not
775	* have a thumbnail, the default mime image url is returned. The URL can be
776	* sent to the browser, but not used in the php script.
777	* @param array element_info assoc array containing element info from db
778	* at least 'path', 'tn_ext' and 'id' should be present
779	*/
780	function get_thumbnail_url($element_info)
781	{
782	$loc = $url = get_thumbnail_location($element_info);
783	if ( !url_is_remote($loc) )
784	{
785	$url = (get_root_url().$loc);
786	}
787	// plugins want another url ?
788	$url = trigger_event('get_thumbnail_url', $url, $element_info, $loc);
789	return embellish_url($url);
790	}
791
792	/* returns the relative path of the thumnail with regards to to the root
793	of piwigo (not the current page!).This function is not intended to be
794	called directly from code.*/
795	function get_thumbnail_location($element_info)
796	{
797	global $conf;
798	if ( !empty( $element_info['tn_ext'] ) )
799	{
800	$path = substr_replace(
801	get_filename_wo_extension($element_info['path']),
802	'/'.$conf['dir_thumbnail'].'/'.$conf['prefix_thumbnail'],
803	strrpos($element_info['path'],'/'),
804	1
805	);
806	$path.= '.'.$element_info['tn_ext'];
807	}
808	else
809	{
810	$path = get_themeconf('mime_icon_dir')
811	.strtolower(get_extension($element_info['path'])).'.png';
812	// plugins want another location ?
813	$path = trigger_event( 'get_thumbnail_location', $path, $element_info);
814	}
815	return $path;
816	}
817
818	/**
819	* returns the title of the thumbnail based on photo properties
820	*/
821	function get_thumbnail_title($info)
822	{
823	global $conf, $user;
824
825	$title = get_picture_title($info);
826
827	$details = array();
828
829	if (!empty($info['hit']))
830	{
831	$details[] = $info['hit'].' '.strtolower(l10n('Visits'));
832	}
833
834	if ($conf['rate'] and !empty($info['rating_score']))
835	{
836	$details[] = strtolower(l10n('Rating score')).' '.$info['rating_score'];
837	}
838
839	if (isset($info['nb_comments']) and $info['nb_comments'] != 0)
840	{
841	$details[] = l10n_dec('%d comment', '%d comments', $info['nb_comments']);
842	}
843
844	if (count($details) > 0)
845	{
846	$title.= ' ('.implode(', ', $details).')';
847	}
848
849	if (!empty($info['comment']))
850	{
851	$info['comment'] = trigger_event('render_element_description', $info['comment']);
852	$title.= ' '.substr($info['comment'], 0, 100).(strlen($info['comment']) > 100 ? '...' : '');
853	}
854
855	$title = htmlspecialchars(strip_tags($title));
856
857	$title = trigger_event('get_thumbnail_title', $title, $info);
858
859	return $title;
860	}
861
862	/**
863	* fill the current user caddie with given elements, if not already in
864	* caddie
865	*
866	* @param array elements_id
867	*/
868	function fill_caddie($elements_id)
869	{
870	global $user;
871
872	$query = '
873	SELECT element_id
874	FROM '.CADDIE_TABLE.'
875	WHERE user_id = '.$user['id'].'
876	;';
877	$in_caddie = array_from_query($query, 'element_id');
878
879	$caddiables = array_diff($elements_id, $in_caddie);
880
881	$datas = array();
882
883	foreach ($caddiables as $caddiable)
884	{
885	array_push($datas, array('element_id' => $caddiable,
886	'user_id' => $user['id']));
887	}
888
889	if (count($caddiables) > 0)
890	{
891	mass_inserts(CADDIE_TABLE, array('element_id','user_id'), $datas);
892	}
893	}
894
895	/**
896	* returns the element name from its filename
897	*
898	* @param string filename
899	* @return string name
900	*/
901	function get_name_from_file($filename)
902	{
903	return str_replace('_',' ',get_filename_wo_extension($filename));
904	}
905
906	/**
907	*/
908	function get_picture_title($info)
909	{
910	if (isset($info['name']) and !empty($info['name']))
911	{
912	return trigger_event('render_element_description', $info['name']);
913	}
914
915	return get_name_from_file($info['file']);
916	}
917
918	/**
919	* returns the corresponding value from $lang if existing. Else, the key is
920	* returned
921	*
922	* @param string key
923	* @return string
924	*/
925	function l10n($key, $textdomain='messages')
926	{
927	global $lang, $conf;
928
929	if ($conf['debug_l10n'] and !isset($lang[$key]) and !empty($key))
930	{
931	trigger_error('[l10n] language key "'.$key.'" is not defined', E_USER_WARNING);
932	}
933
934	return isset($lang[$key]) ? $lang[$key] : $key;
935	}
936
937	/**
938	* returns the prinft value for strings including %d
939	* return is concorded with decimal value (singular, plural)
940	*
941	* @param singular string key
942	* @param plural string key
943	* @param decimal value
944	* @return string
945	*/
946	function l10n_dec($singular_fmt_key, $plural_fmt_key, $decimal)
947	{
948	global $lang_info;
949
950	return
951	sprintf(
952	l10n((
953	(($decimal > 1) or ($decimal == 0 and $lang_info['zero_plural']))
954	? $plural_fmt_key
955	: $singular_fmt_key
956	)), $decimal);
957	}
958
959	/*
960	* returns a single element to use with l10n_args
961	*
962	* @param string key: translation key
963	* @param array/string/../number args:
964	* arguments to use on sprintf($key, args)
965	* if args is a array, each values are used on sprintf
966	* @return string
967	*/
968	function get_l10n_args($key, $args)
969	{
970	if (is_array($args))
971	{
972	$key_arg = array_merge(array($key), $args);
973	}
974	else
975	{
976	$key_arg = array($key, $args);
977	}
978	return array('key_args' => $key_arg);
979	}
980
981	/*
982	* returns a string with formated with l10n_args elements
983	*
984	* @param element/array $key_args: element or array of l10n_args elements
985	* @param $sep: if $key_args is array,
986	* separator is used when translated l10n_args elements are concated
987	* @return string
988	*/
989	function l10n_args($key_args, $sep = "\n")
990	{
991	if (is_array($key_args))
992	{
993	foreach ($key_args as $key => $element)
994	{
995	if (isset($result))
996	{
997	$result .= $sep;
998	}
999	else
1000	{
1001	$result = '';
1002	}
1003
1004	if ($key === 'key_args')
1005	{
1006	array_unshift($element, l10n(array_shift($element)));
1007	$result .= call_user_func_array('sprintf', $element);
1008	}
1009	else
1010	{
1011	$result .= l10n_args($element, $sep);
1012	}
1013	}
1014	}
1015	else
1016	{
1017	fatal_error('l10n_args: Invalid arguments');
1018	}
1019
1020	return $result;
1021	}
1022
1023	/**
1024	* returns the corresponding value from $themeconf if existing. Else, the
1025	* key is returned
1026	*
1027	* @param string key
1028	* @return string
1029	*/
1030	function get_themeconf($key)
1031	{
1032	global $template;
1033
1034	return $template->get_themeconf($key);
1035	}
1036
1037	/**
1038	* Returns webmaster mail address depending on $conf['webmaster_id']
1039	*
1040	* @return string
1041	*/
1042	function get_webmaster_mail_address()
1043	{
1044	global $conf;
1045
1046	$query = '
1047	SELECT '.$conf['user_fields']['email'].'
1048	FROM '.USERS_TABLE.'
1049	WHERE '.$conf['user_fields']['id'].' = '.$conf['webmaster_id'].'
1050	;';
1051	list($email) = pwg_db_fetch_row(pwg_query($query));
1052
1053	return $email;
1054	}
1055
1056	/**
1057	* Add configuration parameters from database to global $conf array
1058	*
1059	* @return void
1060	*/
1061	function load_conf_from_db($condition = '')
1062	{
1063	global $conf;
1064
1065	$query = '
1066	SELECT param, value
1067	FROM '.CONFIG_TABLE.'
1068	'.(!empty($condition) ? 'WHERE '.$condition : '').'
1069	;';
1070	$result = pwg_query($query);
1071
1072	if ((pwg_db_num_rows($result) == 0) and !empty($condition))
1073	{
1074	fatal_error('No configuration data');
1075	}
1076
1077	while ($row = pwg_db_fetch_assoc($result))
1078	{
1079	$conf[ $row['param'] ] = isset($row['value']) ? $row['value'] : '';
1080
1081	// If the field is true or false, the variable is transformed into a
1082	// boolean value.
1083	if ($conf[$row['param']] == 'true' or $conf[$row['param']] == 'false')
1084	{
1085	$conf[ $row['param'] ] = get_boolean($conf[ $row['param'] ]);
1086	}
1087	}
1088	}
1089
1090	function conf_update_param($param, $value)
1091	{
1092	$query = '
1093	SELECT
1094	param,
1095	value
1096	FROM '.CONFIG_TABLE.'
1097	WHERE param = \''.$param.'\'
1098	;';
1099	$params = array_from_query($query, 'param');
1100
1101	if (count($params) == 0)
1102	{
1103	$query = '
1104	INSERT
1105	INTO '.CONFIG_TABLE.'
1106	(param, value)
1107	VALUES(\''.$param.'\', \''.$value.'\')
1108	;';
1109	pwg_query($query);
1110	}
1111	else
1112	{
1113	$query = '
1114	UPDATE '.CONFIG_TABLE.'
1115	SET value = \''.$value.'\'
1116	WHERE param = \''.$param.'\'
1117	;';
1118	pwg_query($query);
1119	}
1120	}
1121
1122	/**
1123	* Prepends and appends a string at each value of the given array.
1124	*
1125	* @param array
1126	* @param string prefix to each array values
1127	* @param string suffix to each array values
1128	*/
1129	function prepend_append_array_items($array, $prepend_str, $append_str)
1130	{
1131	array_walk(
1132	$array,
1133	create_function('&$s', '$s = "'.$prepend_str.'".$s."'.$append_str.'";')
1134	);
1135
1136	return $array;
1137	}
1138
1139	/**
1140	* creates an hashed based on a query, this function is a very common
1141	* pattern used here. Among the selected columns fetched, choose one to be
1142	* the key, another one to be the value.
1143	*
1144	* @param string $query
1145	* @param string $keyname
1146	* @param string $valuename
1147	* @return array
1148	*/
1149	function simple_hash_from_query($query, $keyname, $valuename)
1150	{
1151	$array = array();
1152
1153	$result = pwg_query($query);
1154	while ($row = pwg_db_fetch_assoc($result))
1155	{
1156	$array[ $row[$keyname] ] = $row[$valuename];
1157	}
1158
1159	return $array;
1160	}
1161
1162	/**
1163	* creates an hashed based on a query, this function is a very common
1164	* pattern used here. The key is given as parameter, the value is an associative
1165	* array.
1166	*
1167	* @param string $query
1168	* @param string $keyname
1169	* @return array
1170	*/
1171	function hash_from_query($query, $keyname)
1172	{
1173	$array = array();
1174	$result = pwg_query($query);
1175	while ($row = pwg_db_fetch_assoc($result))
1176	{
1177	$array[ $row[$keyname] ] = $row;
1178	}
1179	return $array;
1180	}
1181
1182	/**
1183	* Return basename of the current script
1184	* Lower case convertion is applied on return value
1185	* Return value is without file extention ".php"
1186	*
1187	* @param void
1188	*
1189	* @return script basename
1190	*/
1191	function script_basename()
1192	{
1193	global $conf;
1194
1195	foreach (array('SCRIPT_NAME', 'SCRIPT_FILENAME', 'PHP_SELF') as $value)
1196	{
1197	if (!empty($_SERVER[$value]))
1198	{
1199	$filename = strtolower($_SERVER[$value]);
1200	if ($conf['php_extension_in_urls'] and get_extension($filename)!=='php')
1201	continue;
1202	$basename = basename($filename, '.php');
1203	if (!empty($basename))
1204	{
1205	return $basename;
1206	}
1207	}
1208	}
1209	return '';
1210	}
1211
1212	/**
1213	* Return value for the current page define on $conf['filter_pages']
1214	* Îf value is not defined, default value are returned
1215	*
1216	* @param value name
1217	*
1218	* @return filter page value
1219	*/
1220	function get_filter_page_value($value_name)
1221	{
1222	global $conf;
1223
1224	$page_name = script_basename();
1225
1226	if (isset($conf['filter_pages'][$page_name][$value_name]))
1227	{
1228	return $conf['filter_pages'][$page_name][$value_name];
1229	}
1230	else if (isset($conf['filter_pages']['default'][$value_name]))
1231	{
1232	return $conf['filter_pages']['default'][$value_name];
1233	}
1234	else
1235	{
1236	return null;
1237	}
1238	}
1239
1240	/**
1241	* returns the character set of data sent to browsers / received from forms
1242	*/
1243	function get_pwg_charset()
1244	{
1245	$pwg_charset = 'utf-8';
1246	if (defined('PWG_CHARSET'))
1247	{
1248	$pwg_charset = PWG_CHARSET;
1249	}
1250	return $pwg_charset;
1251	}
1252
1253	/**
1254	* includes a language file or returns the content of a language file
1255	* availability of the file
1256	*
1257	* in descending order of preference:
1258	* param language, user language, default language
1259	* Piwigo default language.
1260	*
1261	* @param string filename
1262	* @param string dirname
1263	* @param mixed options can contain
1264	* language - language to load (if empty uses user language)
1265	* return - if true the file content is returned otherwise the file is evaluated as php
1266	* target_charset -
1267	* no_fallback - the language must be respected
1268	* local - if true, get local language file
1269	* @return boolean success status or a string if options['return'] is true
1270	*/
1271	function load_language($filename, $dirname = '',
1272	$options = array() )
1273	{
1274	global $user;
1275
1276	if (! @$options['return'] )
1277	{
1278	$filename .= '.php'; //MAYBE to do .. load .po and .mo localization files
1279	}
1280	if (empty($dirname))
1281	{
1282	$dirname = PHPWG_ROOT_PATH;
1283	}
1284	$dirname .= 'language/';
1285
1286	$languages = array();
1287	if ( !empty($options['language']) )
1288	{
1289	$languages[] = $options['language'];
1290	}
1291	if ( !empty($user['language']) )
1292	{
1293	$languages[] = $user['language'];
1294	}
1295	if ( ! @$options['no_fallback'] )
1296	{
1297	if ( defined('PHPWG_INSTALLED') )
1298	{
1299	$languages[] = get_default_language();
1300	}
1301	$languages[] = PHPWG_DEFAULT_LANGUAGE;
1302	}
1303
1304	$languages = array_unique($languages);
1305
1306	if ( empty($options['target_charset']) )
1307	{
1308	$target_charset = get_pwg_charset();
1309	}
1310	else
1311	{
1312	$target_charset = $options['target_charset'];
1313	}
1314	$target_charset = strtolower($target_charset);
1315	$source_file = '';
1316	foreach ($languages as $language)
1317	{
1318	$f = @$options['local'] ?
1319	$dirname.$language.'.'.$filename:
1320	$dirname.$language.'/'.$filename;
1321
1322	if (file_exists($f))
1323	{
1324	$source_file = $f;
1325	break;
1326	}
1327	}
1328
1329	if ( !empty($source_file) )
1330	{
1331	if (! @$options['return'] )
1332	{
1333	@include($source_file);
1334	$load_lang = @$lang;
1335	$load_lang_info = @$lang_info;
1336
1337	global $lang, $lang_info;
1338	if ( !isset($lang) ) $lang=array();
1339	if ( !isset($lang_info) ) $lang_info=array();
1340
1341	if ( 'utf-8'!=$target_charset)
1342	{
1343	if ( is_array($load_lang) )
1344	{
1345	foreach ($load_lang as $k => $v)
1346	{
1347	if ( is_array($v) )
1348	{
1349	$func = create_function('$v', 'return convert_charset($v, "utf-8", "'.$target_charset.'");' );
1350	$lang[$k] = array_map($func, $v);
1351	}
1352	else
1353	$lang[$k] = convert_charset($v, 'utf-8', $target_charset);
1354	}
1355	}
1356	if ( is_array($load_lang_info) )
1357	{
1358	foreach ($load_lang_info as $k => $v)
1359	{
1360	$lang_info[$k] = convert_charset($v, 'utf-8', $target_charset);
1361	}
1362	}
1363	}
1364	else
1365	{
1366	$lang = array_merge( $lang, (array)$load_lang );
1367	$lang_info = array_merge( $lang_info, (array)$load_lang_info );
1368	}
1369	return true;
1370	}
1371	else
1372	{
1373	$content = @file_get_contents($source_file);
1374	$content = convert_charset($content, 'utf-8', $target_charset);
1375	return $content;
1376	}
1377	}
1378	return false;
1379	}
1380
1381	/**
1382	* converts a string from a character set to another character set
1383	* @param string str the string to be converted
1384	* @param string source_charset the character set in which the string is encoded
1385	* @param string dest_charset the destination character set
1386	*/
1387	function convert_charset($str, $source_charset, $dest_charset)
1388	{
1389	if ($source_charset==$dest_charset)
1390	return $str;
1391	if ($source_charset=='iso-8859-1' and $dest_charset=='utf-8')
1392	{
1393	return utf8_encode($str);
1394	}
1395	if ($source_charset=='utf-8' and $dest_charset=='iso-8859-1')
1396	{
1397	return utf8_decode($str);
1398	}
1399	if (function_exists('iconv'))
1400	{
1401	return iconv($source_charset, $dest_charset, $str);
1402	}
1403	if (function_exists('mb_convert_encoding'))
1404	{
1405	return mb_convert_encoding( $str, $dest_charset, $source_charset );
1406	}
1407	return $str; //???
1408	}
1409
1410	/**
1411	* makes sure a index.htm protects the directory from browser file listing
1412	*
1413	* @param string dir directory
1414	*/
1415	function secure_directory($dir)
1416	{
1417	$file = $dir.'/index.htm';
1418	if (!file_exists($file))
1419	{
1420	@file_put_contents($file, 'Not allowed!');
1421	}
1422	}
1423
1424	/**
1425	* returns a "secret key" that is to be sent back when a user posts a form
1426	*
1427	* @param int valid_after_seconds - key validity start time from now
1428	*/
1429	function get_ephemeral_key($valid_after_seconds, $aditionnal_data_to_hash = '')
1430	{
1431	global $conf;
1432	$time = round(microtime(true), 1);
1433	return $time.':'.$valid_after_seconds.':'
1434	.hash_hmac(
1435	'md5',
1436	$time.substr($_SERVER['REMOTE_ADDR'],0,5).$valid_after_seconds.$aditionnal_data_to_hash,
1437	$conf['secret_key']);
1438	}
1439
1440	function verify_ephemeral_key($key, $aditionnal_data_to_hash = '')
1441	{
1442	global $conf;
1443	$time = microtime(true);
1444	$key = explode( ':', @$key );
1445	if ( count($key)!=3
1446	or $key[0]>$time-(float)$key[1] // page must have been retrieved more than X sec ago
1447	or $key[0]<$time-3600 // 60 minutes expiration
1448	or hash_hmac(
1449	'md5', $key[0].substr($_SERVER['REMOTE_ADDR'],0,5).$key[1].$aditionnal_data_to_hash, $conf['secret_key']
1450	) != $key[2]
1451	)
1452	{
1453	return false;
1454	}
1455	return true;
1456	}
1457
1458	/**
1459	* return an array which will be sent to template to display navigation bar
1460	*/
1461	function create_navigation_bar($url, $nb_element, $start, $nb_element_page, $clean_url = false)
1462	{
1463	global $conf;
1464
1465	$navbar = array();
1466	$pages_around = $conf['paginate_pages_around'];
1467	$start_str = $clean_url ? '/start-' : (strpos($url, '?')===false ? '?':'&').'start=';
1468
1469	if (!isset($start) or !is_numeric($start) or (is_numeric($start) and $start < 0))
1470	{
1471	$start = 0;
1472	}
1473
1474	// navigation bar useful only if more than one page to display !
1475	if ($nb_element > $nb_element_page)
1476	{
1477	$cur_page = ceil($start / $nb_element_page) + 1;
1478	$maximum = ceil($nb_element / $nb_element_page);
1479	$previous = $start - $nb_element_page;
1480	$next = $start + $nb_element_page;
1481	$last = ($maximum - 1) * $nb_element_page;
1482
1483	$navbar['CURRENT_PAGE'] = $cur_page;
1484
1485	// link to first page and previous page?
1486	if ($cur_page != 1)
1487	{
1488	$navbar['URL_FIRST'] = $url;
1489	$navbar['URL_PREV'] = $url.($previous > 0 ? $start_str.$previous : '');
1490	}
1491	// link on next page and last page?
1492	if ($cur_page != $maximum)
1493	{
1494	$navbar['URL_NEXT'] = $url.$start_str.$next;
1495	$navbar['URL_LAST'] = $url.$start_str.$last;
1496	}
1497
1498	// pages to display
1499	$navbar['pages'] = array();
1500	$navbar['pages'][1] = $url;
1501	$navbar['pages'][$maximum] = $url.$start_str.$last;
1502
1503	for ($i = max($cur_page - $pages_around , 2), $stop = min($cur_page + $pages_around + 1, $maximum);
1504	$i < $stop; $i++)
1505	{
1506	$navbar['pages'][$i] = $url.$start_str.(($i - 1) * $nb_element_page);
1507	}
1508	ksort($navbar['pages']);
1509	}
1510	return $navbar;
1511	}
1512
1513	/**
1514	* return an array which will be sent to template to display recent icon
1515	*/
1516	function get_icon($date, $is_child_date = false)
1517	{
1518	global $cache, $user;
1519
1520	if (empty($date))
1521	{
1522	return false;
1523	}
1524
1525	if (!isset($cache['get_icon']['title']))
1526	{
1527	$cache['get_icon']['title'] = sprintf(
1528	l10n('photos posted during the last %d days'),
1529	$user['recent_period']
1530	);
1531	}
1532
1533	$icon = array(
1534	'TITLE' => $cache['get_icon']['title'],
1535	'IS_CHILD_DATE' => $is_child_date,
1536	);
1537
1538	if (isset($cache['get_icon'][$date]))
1539	{
1540	return $cache['get_icon'][$date] ? $icon : array();
1541	}
1542
1543	if (!isset($cache['get_icon']['sql_recent_date']))
1544	{
1545	// Use MySql date in order to standardize all recent "actions/queries"
1546	$cache['get_icon']['sql_recent_date'] = pwg_db_get_recent_period($user['recent_period']);
1547	}
1548
1549	$cache['get_icon'][$date] = $date > $cache['get_icon']['sql_recent_date'];
1550
1551	return $cache['get_icon'][$date] ? $icon : array();
1552	}
1553
1554	/**
1555	* check token comming from form posted or get params to prevent csrf attacks
1556	* if pwg_token is empty action doesn't require token
1557	* else pwg_token is compare to server token
1558	*
1559	* @return void access denied if token given is not equal to server token
1560	*/
1561	function check_pwg_token()
1562	{
1563	if (!empty($_REQUEST['pwg_token']))
1564	{
1565	if (get_pwg_token() != $_REQUEST['pwg_token'])
1566	{
1567	access_denied();
1568	}
1569	}
1570	else
1571	bad_request('missing token');
1572	}
1573
1574	function get_pwg_token()
1575	{
1576	global $conf;
1577
1578	return hash_hmac('md5', session_id(), $conf['secret_key']);
1579	}
1580
1581	/*
1582	* breaks the script execution if the given value doesn't match the given
1583	* pattern. This should happen only during hacking attempts.
1584	*
1585	* @param string param_name
1586	* @param array param_array
1587	* @param boolean is_array
1588	* @param string pattern
1589	*
1590	* @return void
1591	*/
1592	function check_input_parameter($param_name, $param_array, $is_array, $pattern)
1593	{
1594	$param_value = null;
1595	if (isset($param_array[$param_name]))
1596	{
1597	$param_value = $param_array[$param_name];
1598	}
1599
1600	// it's ok if the input parameter is null
1601	if (empty($param_value))
1602	{
1603	return true;
1604	}
1605
1606	if ($is_array)
1607	{
1608	if (!is_array($param_value))
1609	{
1610	fatal_error('[Hacking attempt] the input parameter "'.$param_name.'" should be an array');
1611	}
1612
1613	foreach ($param_value as $item_to_check)
1614	{
1615	if (!preg_match($pattern, $item_to_check))
1616	{
1617	fatal_error('[Hacking attempt] an item is not valid in input parameter "'.$param_name.'"');
1618	}
1619	}
1620	}
1621	else
1622	{
1623	if (!preg_match($pattern, $param_value))
1624	{
1625	fatal_error('[Hacking attempt] the input parameter "'.$param_name.'" is not valid');
1626	}
1627	}
1628	}
1629
1630
1631	function get_privacy_level_options()
1632	{
1633	global $conf;
1634
1635	$options = array();
1636	foreach (array_reverse($conf['available_permission_levels']) as $level)
1637	{
1638	$label = null;
1639
1640	if (0 == $level)
1641	{
1642	$label = l10n('Everybody');
1643	}
1644	else
1645	{
1646	$labels = array();
1647	$sub_levels = array_reverse($conf['available_permission_levels']);
1648	foreach ($sub_levels as $sub_level)
1649	{
1650	if ($sub_level == 0 or $sub_level < $level)
1651	{
1652	break;
1653	}
1654	array_push(
1655	$labels,
1656	l10n(
1657	sprintf(
1658	'Level %d',
1659	$sub_level
1660	)
1661	)
1662	);
1663	}
1664
1665	$label = implode(', ', $labels);
1666	}
1667	$options[$level] = $label;
1668	}
1669	return $options;
1670	}
1671
1672
1673	/**
1674	* return the branch from the version. For example version 2.2.4 is for branch 2.2
1675	*/
1676	function get_branch_from_version($version)
1677	{
1678	return implode('.', array_slice(explode('.', $version), 0, 2));
1679	}
1680	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: