Context Navigation

source: trunk/include/functions.inc.php @ 6668

Last change on this file since 6668 was 6668, checked in by rvelices, 14 years ago
removed function get_extra_fields and its usage (unnecessary + perf issue when retrieving many image ids in a section) 2 fixes recent feed.php commit month names were decalated by one strptime function is not implemented under Windows in php added somme missing $ROOT_URL in templates
Property svn:eol-style set to `LF`
File size: 41.6 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2010 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	include_once( PHPWG_ROOT_PATH .'include/functions_user.inc.php' );
25	include_once( PHPWG_ROOT_PATH .'include/functions_cookie.inc.php' );
26	include_once( PHPWG_ROOT_PATH .'include/functions_session.inc.php' );
27	include_once( PHPWG_ROOT_PATH .'include/functions_category.inc.php' );
28	include_once( PHPWG_ROOT_PATH .'include/functions_xml.inc.php' );
29	include_once( PHPWG_ROOT_PATH .'include/functions_html.inc.php' );
30	include_once( PHPWG_ROOT_PATH .'include/functions_tag.inc.php' );
31	include_once( PHPWG_ROOT_PATH .'include/functions_url.inc.php' );
32	include_once( PHPWG_ROOT_PATH .'include/functions_plugins.inc.php' );
33
34	//----------------------------------------------------------- generic functions
35
36	// The function get_moment returns a float value coresponding to the number
37	// of seconds since the unix epoch (1st January 1970) and the microseconds
38	// are precised : e.g. 1052343429.89276600
39	function get_moment()
40	{
41	$t1 = explode( ' ', microtime() );
42	$t2 = explode( '.', $t1[0] );
43	$t2 = $t1[1].'.'.$t2[1];
44	return $t2;
45	}
46
47	// The function get_elapsed_time returns the number of seconds (with 3
48	// decimals precision) between the start time and the end time given.
49	function get_elapsed_time( $start, $end )
50	{
51	return number_format( $end - $start, 3, '.', ' ').' s';
52	}
53
54	// - The replace_space function replaces space and '-' characters
55	// by their HTML equivalent &nbsb; and −
56	// - The function does not replace characters in HTML tags
57	// - This function was created because IE5 does not respect the
58	// CSS "white-space: nowrap;" property unless space and minus
59	// characters are replaced like this function does.
60	// - Example :
61	// <div class="foo">My friend</div>
62	// ( 01234567891111111111222222222233 )
63	// ( 0123456789012345678901 )
64	// becomes :
65	// <div class="foo">My friend</div>
66	function replace_space( $string )
67	{
68	//return $string;
69	$return_string = '';
70	// $remaining is the rest of the string where to replace spaces characters
71	$remaining = $string;
72	// $start represents the position of the next '<' character
73	// $end represents the position of the next '>' character
74	; // -> 0
75	$end = strpos ( $remaining, '>' ); // -> 16
76	// as long as a '<' and his friend '>' are found, we loop
77	while ( ($start=strpos( $remaining, '<' )) !==false
78	and ($end=strpos( $remaining, '>' )) !== false )
79	{
80	// $treatment is the part of the string to treat
81	// In the first loop of our example, this variable is empty, but in the
82	// second loop, it equals 'My friend'
83	$treatment = substr ( $remaining, 0, $start );
84	// Replacement of ' ' by his equivalent ' '
85	$treatment = str_replace( ' ', ' ', $treatment );
86	$treatment = str_replace( '-', '−', $treatment );
87	// composing the string to return by adding the treated string and the
88	// following HTML tag -> 'My friend</div>'
89	$return_string.= $treatment.substr( $remaining, $start, $end-$start+1 );
90	// the remaining string is deplaced to the part after the '>' of this
91	// loop
92	$remaining = substr ( $remaining, $end + 1, strlen( $remaining ) );
93	}
94	$treatment = str_replace( ' ', ' ', $remaining );
95	$treatment = str_replace( '-', '−', $treatment );
96	$return_string.= $treatment;
97
98	return $return_string;
99	}
100
101	// get_extension returns the part of the string after the last "."
102	function get_extension( $filename )
103	{
104	return substr( strrchr( $filename, '.' ), 1, strlen ( $filename ) );
105	}
106
107	// get_filename_wo_extension returns the part of the string before the last
108	// ".".
109	// get_filename_wo_extension( 'test.tar.gz' ) -> 'test.tar'
110	function get_filename_wo_extension( $filename )
111	{
112	$pos = strrpos( $filename, '.' );
113	return ($pos===false) ? $filename : substr( $filename, 0, $pos);
114	}
115
116	/**
117	* returns an array contening sub-directories, excluding ".svn"
118	*
119	* @param string $dir
120	* @return array
121	*/
122	function get_dirs($directory)
123	{
124	$sub_dirs = array();
125	if ($opendir = opendir($directory))
126	{
127	while ($file = readdir($opendir))
128	{
129	if ($file != '.'
130	and $file != '..'
131	and is_dir($directory.'/'.$file)
132	and $file != '.svn')
133	{
134	array_push($sub_dirs, $file);
135	}
136	}
137	closedir($opendir);
138	}
139	return $sub_dirs;
140	}
141
142	define('MKGETDIR_NONE', 0);
143	define('MKGETDIR_RECURSIVE', 1);
144	define('MKGETDIR_DIE_ON_ERROR', 2);
145	define('MKGETDIR_PROTECT_INDEX', 4);
146	define('MKGETDIR_PROTECT_HTACCESS', 8);
147	define('MKGETDIR_DEFAULT', 7);
148	/**
149	* creates directory if not exists; ensures that directory is writable
150	* @param:
151	* string $dir
152	* int $flags combination of MKGETDIR_xxx
153	* @return bool false on error else true
154	*/
155	function mkgetdir($dir, $flags=MKGETDIR_DEFAULT)
156	{
157	if ( !is_dir($dir) )
158	{
159	if (substr(PHP_OS, 0, 3) == 'WIN')
160	{
161	$dir = str_replace('/', DIRECTORY_SEPARATOR, $dir);
162	}
163	$umask = umask(0);
164	$mkd = @mkdir($dir, 0755, ($flags&MKGETDIR_RECURSIVE) ? true:false );
165	umask($umask);
166	if ($mkd==false)
167	{
168	!($flags&MKGETDIR_DIE_ON_ERROR) or fatal_error( "$dir ".l10n('no write access'));
169	return false;
170	}
171	if( $flags&MKGETDIR_PROTECT_HTACCESS )
172	{
173	$file = $dir.'/.htaccess';
174	file_exists($file) or @file_put_contents( $file, 'deny from all' );
175	}
176	if( $flags&MKGETDIR_PROTECT_INDEX )
177	{
178	$file = $dir.'/index.htm';
179	file_exists($file) or @file_put_contents( $file, 'Not allowed!' );
180	}
181	}
182	if ( !is_writable($dir) )
183	{
184	!($flags&MKGETDIR_DIE_ON_ERROR) or fatal_error( "$dir ".l10n('no write access'));
185	return false;
186	}
187	return true;
188	}
189
190	/**
191	* returns thumbnail directory name of input diretoty name
192	* make thumbnail directory is necessary
193	* set error messages on array messages
194	*
195	* @param:
196	* string $dirname
197	* arrayy $errors
198	* @return bool false on error else string directory name
199	*/
200	function mkget_thumbnail_dir($dirname, &$errors)
201	{
202	global $conf;
203
204	$tndir = $dirname.'/'.$conf['dir_thumbnail'];
205	if (! mkgetdir($tndir, MKGETDIR_NONE) )
206	{
207	array_push($errors,
208	'['.$dirname.'] : '.l10n('no write access'));
209	return false;
210	}
211	return $tndir;
212	}
213
214	/* Returns true if the string appears to be encoded in UTF-8. (from wordpress)
215	* @param string Str
216	*/
217	function seems_utf8($Str) { # by bmorel at ssi dot fr
218	for ($i=0; $i<strlen($Str); $i++) {
219	if (ord($Str[$i]) < 0x80) continue; # 0bbbbbbb
220	elseif ((ord($Str[$i]) & 0xE0) == 0xC0) $n=1; # 110bbbbb
221	elseif ((ord($Str[$i]) & 0xF0) == 0xE0) $n=2; # 1110bbbb
222	elseif ((ord($Str[$i]) & 0xF8) == 0xF0) $n=3; # 11110bbb
223	elseif ((ord($Str[$i]) & 0xFC) == 0xF8) $n=4; # 111110bb
224	elseif ((ord($Str[$i]) & 0xFE) == 0xFC) $n=5; # 1111110b
225	else return false; # Does not match any model
226	for ($j=0; $j<$n; $j++) { # n bytes matching 10bbbbbb follow ?
227	if ((++$i == strlen($Str)) \|\| ((ord($Str[$i]) & 0xC0) != 0x80))
228	return false;
229	}
230	}
231	return true;
232	}
233
234	/* Remove accents from a UTF-8 or ISO-859-1 string (from wordpress)
235	* @param string sstring - an UTF-8 or ISO-8859-1 string
236	*/
237	function remove_accents($string)
238	{
239	if ( !preg_match('/[\x80-\xff]/', $string) )
240	return $string;
241
242	if (seems_utf8($string)) {
243	$chars = array(
244	// Decompositions for Latin-1 Supplement
245	chr(195).chr(128) => 'A', chr(195).chr(129) => 'A',
246	chr(195).chr(130) => 'A', chr(195).chr(131) => 'A',
247	chr(195).chr(132) => 'A', chr(195).chr(133) => 'A',
248	chr(195).chr(135) => 'C', chr(195).chr(136) => 'E',
249	chr(195).chr(137) => 'E', chr(195).chr(138) => 'E',
250	chr(195).chr(139) => 'E', chr(195).chr(140) => 'I',
251	chr(195).chr(141) => 'I', chr(195).chr(142) => 'I',
252	chr(195).chr(143) => 'I', chr(195).chr(145) => 'N',
253	chr(195).chr(146) => 'O', chr(195).chr(147) => 'O',
254	chr(195).chr(148) => 'O', chr(195).chr(149) => 'O',
255	chr(195).chr(150) => 'O', chr(195).chr(153) => 'U',
256	chr(195).chr(154) => 'U', chr(195).chr(155) => 'U',
257	chr(195).chr(156) => 'U', chr(195).chr(157) => 'Y',
258	chr(195).chr(159) => 's', chr(195).chr(160) => 'a',
259	chr(195).chr(161) => 'a', chr(195).chr(162) => 'a',
260	chr(195).chr(163) => 'a', chr(195).chr(164) => 'a',
261	chr(195).chr(165) => 'a', chr(195).chr(167) => 'c',
262	chr(195).chr(168) => 'e', chr(195).chr(169) => 'e',
263	chr(195).chr(170) => 'e', chr(195).chr(171) => 'e',
264	chr(195).chr(172) => 'i', chr(195).chr(173) => 'i',
265	chr(195).chr(174) => 'i', chr(195).chr(175) => 'i',
266	chr(195).chr(177) => 'n', chr(195).chr(178) => 'o',
267	chr(195).chr(179) => 'o', chr(195).chr(180) => 'o',
268	chr(195).chr(181) => 'o', chr(195).chr(182) => 'o',
269	chr(195).chr(182) => 'o', chr(195).chr(185) => 'u',
270	chr(195).chr(186) => 'u', chr(195).chr(187) => 'u',
271	chr(195).chr(188) => 'u', chr(195).chr(189) => 'y',
272	chr(195).chr(191) => 'y',
273	// Decompositions for Latin Extended-A
274	chr(196).chr(128) => 'A', chr(196).chr(129) => 'a',
275	chr(196).chr(130) => 'A', chr(196).chr(131) => 'a',
276	chr(196).chr(132) => 'A', chr(196).chr(133) => 'a',
277	chr(196).chr(134) => 'C', chr(196).chr(135) => 'c',
278	chr(196).chr(136) => 'C', chr(196).chr(137) => 'c',
279	chr(196).chr(138) => 'C', chr(196).chr(139) => 'c',
280	chr(196).chr(140) => 'C', chr(196).chr(141) => 'c',
281	chr(196).chr(142) => 'D', chr(196).chr(143) => 'd',
282	chr(196).chr(144) => 'D', chr(196).chr(145) => 'd',
283	chr(196).chr(146) => 'E', chr(196).chr(147) => 'e',
284	chr(196).chr(148) => 'E', chr(196).chr(149) => 'e',
285	chr(196).chr(150) => 'E', chr(196).chr(151) => 'e',
286	chr(196).chr(152) => 'E', chr(196).chr(153) => 'e',
287	chr(196).chr(154) => 'E', chr(196).chr(155) => 'e',
288	chr(196).chr(156) => 'G', chr(196).chr(157) => 'g',
289	chr(196).chr(158) => 'G', chr(196).chr(159) => 'g',
290	chr(196).chr(160) => 'G', chr(196).chr(161) => 'g',
291	chr(196).chr(162) => 'G', chr(196).chr(163) => 'g',
292	chr(196).chr(164) => 'H', chr(196).chr(165) => 'h',
293	chr(196).chr(166) => 'H', chr(196).chr(167) => 'h',
294	chr(196).chr(168) => 'I', chr(196).chr(169) => 'i',
295	chr(196).chr(170) => 'I', chr(196).chr(171) => 'i',
296	chr(196).chr(172) => 'I', chr(196).chr(173) => 'i',
297	chr(196).chr(174) => 'I', chr(196).chr(175) => 'i',
298	chr(196).chr(176) => 'I', chr(196).chr(177) => 'i',
299	chr(196).chr(178) => 'IJ',chr(196).chr(179) => 'ij',
300	chr(196).chr(180) => 'J', chr(196).chr(181) => 'j',
301	chr(196).chr(182) => 'K', chr(196).chr(183) => 'k',
302	chr(196).chr(184) => 'k', chr(196).chr(185) => 'L',
303	chr(196).chr(186) => 'l', chr(196).chr(187) => 'L',
304	chr(196).chr(188) => 'l', chr(196).chr(189) => 'L',
305	chr(196).chr(190) => 'l', chr(196).chr(191) => 'L',
306	chr(197).chr(128) => 'l', chr(197).chr(129) => 'L',
307	chr(197).chr(130) => 'l', chr(197).chr(131) => 'N',
308	chr(197).chr(132) => 'n', chr(197).chr(133) => 'N',
309	chr(197).chr(134) => 'n', chr(197).chr(135) => 'N',
310	chr(197).chr(136) => 'n', chr(197).chr(137) => 'N',
311	chr(197).chr(138) => 'n', chr(197).chr(139) => 'N',
312	chr(197).chr(140) => 'O', chr(197).chr(141) => 'o',
313	chr(197).chr(142) => 'O', chr(197).chr(143) => 'o',
314	chr(197).chr(144) => 'O', chr(197).chr(145) => 'o',
315	chr(197).chr(146) => 'OE',chr(197).chr(147) => 'oe',
316	chr(197).chr(148) => 'R',chr(197).chr(149) => 'r',
317	chr(197).chr(150) => 'R',chr(197).chr(151) => 'r',
318	chr(197).chr(152) => 'R',chr(197).chr(153) => 'r',
319	chr(197).chr(154) => 'S',chr(197).chr(155) => 's',
320	chr(197).chr(156) => 'S',chr(197).chr(157) => 's',
321	chr(197).chr(158) => 'S',chr(197).chr(159) => 's',
322	chr(197).chr(160) => 'S', chr(197).chr(161) => 's',
323	chr(197).chr(162) => 'T', chr(197).chr(163) => 't',
324	chr(197).chr(164) => 'T', chr(197).chr(165) => 't',
325	chr(197).chr(166) => 'T', chr(197).chr(167) => 't',
326	chr(197).chr(168) => 'U', chr(197).chr(169) => 'u',
327	chr(197).chr(170) => 'U', chr(197).chr(171) => 'u',
328	chr(197).chr(172) => 'U', chr(197).chr(173) => 'u',
329	chr(197).chr(174) => 'U', chr(197).chr(175) => 'u',
330	chr(197).chr(176) => 'U', chr(197).chr(177) => 'u',
331	chr(197).chr(178) => 'U', chr(197).chr(179) => 'u',
332	chr(197).chr(180) => 'W', chr(197).chr(181) => 'w',
333	chr(197).chr(182) => 'Y', chr(197).chr(183) => 'y',
334	chr(197).chr(184) => 'Y', chr(197).chr(185) => 'Z',
335	chr(197).chr(186) => 'z', chr(197).chr(187) => 'Z',
336	chr(197).chr(188) => 'z', chr(197).chr(189) => 'Z',
337	chr(197).chr(190) => 'z', chr(197).chr(191) => 's',
338	// Euro Sign
339	chr(226).chr(130).chr(172) => 'E',
340	// GBP (Pound) Sign
341	chr(194).chr(163) => '');
342
343	$string = strtr($string, $chars);
344	} else {
345	// Assume ISO-8859-1 if not UTF-8
346	$chars['in'] = chr(128).chr(131).chr(138).chr(142).chr(154).chr(158)
347	.chr(159).chr(162).chr(165).chr(181).chr(192).chr(193).chr(194)
348	.chr(195).chr(196).chr(197).chr(199).chr(200).chr(201).chr(202)
349	.chr(203).chr(204).chr(205).chr(206).chr(207).chr(209).chr(210)
350	.chr(211).chr(212).chr(213).chr(214).chr(216).chr(217).chr(218)
351	.chr(219).chr(220).chr(221).chr(224).chr(225).chr(226).chr(227)
352	.chr(228).chr(229).chr(231).chr(232).chr(233).chr(234).chr(235)
353	.chr(236).chr(237).chr(238).chr(239).chr(241).chr(242).chr(243)
354	.chr(244).chr(245).chr(246).chr(248).chr(249).chr(250).chr(251)
355	.chr(252).chr(253).chr(255);
356
357	$chars['out'] = "EfSZszYcYuAAAAAACEEEEIIIINOOOOOOUUUUYaaaaaaceeeeiiiinoooooouuuuyy";
358
359	$string = strtr($string, $chars['in'], $chars['out']);
360	$double_chars['in'] = array(chr(140), chr(156), chr(198), chr(208), chr(222), chr(223), chr(230), chr(240), chr(254));
361	$double_chars['out'] = array('OE', 'oe', 'AE', 'DH', 'TH', 'ss', 'ae', 'dh', 'th');
362	$string = str_replace($double_chars['in'], $double_chars['out'], $string);
363	}
364
365	return $string;
366	}
367
368	/**
369	* simplify a string to insert it into an URL
370	*
371	* @param string
372	* @return string
373	*/
374	function str2url($str)
375	{
376	$raw = $str;
377
378	$str = remove_accents($str);
379	$str = preg_replace('/[^a-z0-9_\s\'\:\/\[\],-]/','',strtolower($str));
380	$str = preg_replace('/[\s\'\:\/\[\],-]+/',' ',trim($str));
381	$res = str_replace(' ','_',$str);
382
383	if (empty($res))
384	{
385	$res = $raw;
386	}
387
388	return $res;
389	}
390
391	//-------------------------------------------- Piwigo specific functions
392
393	/**
394	* returns an array with a list of {language_code => language_name}
395	*
396	* @returns array
397	*/
398	function get_languages()
399	{
400	$query = '
401	SELECT id, name
402	FROM '.LANGUAGES_TABLE.'
403	ORDER BY name ASC
404	;';
405	$result = pwg_query($query);
406
407	$languages = array();
408	while ($row = pwg_db_fetch_assoc($result))
409	{
410	if (is_dir(PHPWG_ROOT_PATH.'language/'.$row['id']))
411	{
412	$languages[ $row['id'] ] = $row['name'];
413	}
414	}
415
416	return $languages;
417	}
418
419	function pwg_log($image_id = null, $image_type = null)
420	{
421	global $conf, $user, $page;
422
423	$do_log = $conf['log'];
424	if (is_admin())
425	{
426	$do_log = $conf['history_admin'];
427	}
428	if (is_a_guest())
429	{
430	$do_log = $conf['history_guest'];
431	}
432
433	$do_log = trigger_event('pwg_log_allowed', $do_log, $image_id, $image_type);
434
435	if (!$do_log)
436	{
437	return false;
438	}
439
440	$tags_string = null;
441	if ('tags'==@$page['section'])
442	{
443	$tags_string = implode(',', $page['tag_ids']);
444	}
445
446	$query = '
447	INSERT INTO '.HISTORY_TABLE.'
448	(
449	date,
450	time,
451	user_id,
452	IP,
453	section,
454	category_id,
455	image_id,
456	image_type,
457	tag_ids
458	)
459	VALUES
460	(
461	CURRENT_DATE,
462	CURRENT_TIME,
463	'.$user['id'].',
464	\''.$_SERVER['REMOTE_ADDR'].'\',
465	'.(isset($page['section']) ? "'".$page['section']."'" : 'NULL').',
466	'.(isset($page['category']['id']) ? $page['category']['id'] : 'NULL').',
467	'.(isset($image_id) ? $image_id : 'NULL').',
468	'.(isset($image_type) ? "'".$image_type."'" : 'NULL').',
469	'.(isset($tags_string) ? "'".$tags_string."'" : 'NULL').'
470	)
471	;';
472	pwg_query($query);
473
474	return true;
475	}
476
477	// format_date returns a formatted date for display. The date given in
478	// argument must be an american format (2003-09-15). By option, you can show the time.
479	// The output is internationalized.
480	//
481	// format_date( "2003-09-15", true ) -> "Monday 15 September 2003 21:52"
482	function format_date($date, $show_time = false)
483	{
484	global $lang;
485
486	if (strpos($date, '0') == 0)
487	{
488	return l10n('N/A');
489	}
490
491	$ymdhms = array();
492	$tok = strtok( $date, '- :');
493	while ($tok !== false)
494	{
495	$ymdhms[] = $tok;
496	$tok = strtok('- :');
497	}
498
499	if ( count($ymdhms)<3 )
500	{
501	return false;
502	}
503
504	$formated_date = '';
505	// before 1970, Microsoft Windows can't mktime
506	if ($ymdhms[0] >= 1970)
507	{
508	// we ask midday because Windows think it's prior to midnight with a
509	// zero and refuse to work
510	$formated_date.= $lang['day'][date('w', mktime(12,0,0,$ymdhms[1],$ymdhms[2],$ymdhms[0]))];
511	}
512	$formated_date.= ' '.$ymdhms[2];
513	$formated_date.= ' '.$lang['month'][(int)$ymdhms[1]];
514	$formated_date.= ' '.$ymdhms[0];
515	if ($show_time and count($ymdhms)>=5 )
516	{
517	$formated_date.= ' '.$ymdhms[3].':'.$ymdhms[4];
518	}
519	return $formated_date;
520	}
521
522	function pwg_debug( $string )
523	{
524	global $debug,$t2,$page;
525
526	$now = explode( ' ', microtime() );
527	$now2 = explode( '.', $now[0] );
528	$now2 = $now[1].'.'.$now2[1];
529	$time = number_format( $now2 - $t2, 3, '.', ' ').' s';
530	$debug .= '<p>';
531	$debug.= '['.$time.', ';
532	$debug.= $page['count_queries'].' queries] : '.$string;
533	$debug.= "</p>\n";
534	}
535
536	/**
537	* Redirects to the given URL (HTTP method)
538	*
539	* Note : once this function called, the execution doesn't go further
540	* (presence of an exit() instruction.
541	*
542	* @param string $url
543	* @return void
544	*/
545	function redirect_http( $url )
546	{
547	if (ob_get_length () !== FALSE)
548	{
549	ob_clean();
550	}
551	// default url is on html format
552	$url = html_entity_decode($url);
553	header('Request-URI: '.$url);
554	header('Content-Location: '.$url);
555	header('Location: '.$url);
556	exit();
557	}
558
559	/**
560	* Redirects to the given URL (HTML method)
561	*
562	* Note : once this function called, the execution doesn't go further
563	* (presence of an exit() instruction.
564	*
565	* @param string $url
566	* @param string $title_msg
567	* @param integer $refreh_time
568	* @return void
569	*/
570	function redirect_html( $url , $msg = '', $refresh_time = 0)
571	{
572	global $user, $template, $lang_info, $conf, $lang, $t2, $page, $debug;
573
574	if (!isset($lang_info) \|\| !isset($template) )
575	{
576	$user = build_user( $conf['guest_id'], true);
577	load_language('common.lang');
578	trigger_action('loading_lang');
579	load_language('lang', PHPWG_ROOT_PATH.'local/', array('no_fallback'=>true, 'local'=>true) );
580	$template = new Template(PHPWG_ROOT_PATH.'themes', get_default_theme());
581	}
582
583	if (empty($msg))
584	{
585	$msg = nl2br(l10n('Redirection...'));
586	}
587
588	$refresh = $refresh_time;
589	$url_link = $url;
590	$title = 'redirection';
591
592	$template->set_filenames( array( 'redirect' => 'redirect.tpl' ) );
593
594	include( PHPWG_ROOT_PATH.'include/page_header.php' );
595
596	$template->set_filenames( array( 'redirect' => 'redirect.tpl' ) );
597	$template->assign('REDIRECT_MSG', $msg);
598
599	$template->parse('redirect');
600
601	include( PHPWG_ROOT_PATH.'include/page_tail.php' );
602
603	exit();
604	}
605
606	/**
607	* Redirects to the given URL (Switch to HTTP method or HTML method)
608	*
609	* Note : once this function called, the execution doesn't go further
610	* (presence of an exit() instruction.
611	*
612	* @param string $url
613	* @param string $title_msg
614	* @param integer $refreh_time
615	* @return void
616	*/
617	function redirect( $url , $msg = '', $refresh_time = 0)
618	{
619	global $conf;
620
621	// with RefeshTime <> 0, only html must be used
622	if ($conf['default_redirect_method']=='http'
623	and $refresh_time==0
624	and !headers_sent()
625	)
626	{
627	redirect_http($url);
628	}
629	else
630	{
631	redirect_html($url, $msg, $refresh_time);
632	}
633	}
634
635	/**
636	* returns $_SERVER['QUERY_STRING'] whitout keys given in parameters
637	*
638	* @param array $rejects
639	* @param boolean $escape - if true escape & to & (for html)
640	* @returns string
641	*/
642	function get_query_string_diff($rejects=array(), $escape=true)
643	{
644	$query_string = '';
645
646	$str = $_SERVER['QUERY_STRING'];
647	parse_str($str, $vars);
648
649	$is_first = true;
650	foreach ($vars as $key => $value)
651	{
652	if (!in_array($key, $rejects))
653	{
654	$query_string.= $is_first ? '?' : ($escape ? '&' : '&' );
655	$is_first = false;
656	$query_string.= $key.'='.$value;
657	}
658	}
659
660	return $query_string;
661	}
662
663	function url_is_remote($url)
664	{
665	if ( strncmp($url, 'http://', 7)==0
666	or strncmp($url, 'https://', 8)==0 )
667	{
668	return true;
669	}
670	return false;
671	}
672
673	/**
674	* returns available themes
675	*/
676	function get_pwg_themes()
677	{
678	global $conf;
679
680	$themes = array();
681
682	$query = '
683	SELECT
684	id,
685	name
686	FROM '.THEMES_TABLE.'
687	ORDER BY name ASC
688	;';
689	$result = pwg_query($query);
690	while ($row = pwg_db_fetch_assoc($result))
691	{
692	if (check_theme_installed($row['id']))
693	{
694	$themes[ $row['id'] ] = $row['name'];
695	}
696	}
697
698	// plugins want remove some themes based on user status maybe?
699	$themes = trigger_event('get_pwg_themes', $themes);
700
701	return $themes;
702	}
703
704	function check_theme_installed($theme_id)
705	{
706	global $conf;
707
708	return file_exists($conf['themes_dir'].'/'.$theme_id.'/'.'themeconf.inc.php');
709	}
710
711	/* Returns the PATH to the thumbnail to be displayed. If the element does not
712	* have a thumbnail, the default mime image path is returned. The PATH can be
713	* used in the php script, but not sent to the browser.
714	* @param array element_info assoc array containing element info from db
715	* at least 'path', 'tn_ext' and 'id' should be present
716	*/
717	function get_thumbnail_path($element_info)
718	{
719	$path = get_thumbnail_location($element_info);
720	if ( !url_is_remote($path) )
721	{
722	$path = PHPWG_ROOT_PATH.$path;
723	}
724	return $path;
725	}
726
727	/* Returns the URL of the thumbnail to be displayed. If the element does not
728	* have a thumbnail, the default mime image url is returned. The URL can be
729	* sent to the browser, but not used in the php script.
730	* @param array element_info assoc array containing element info from db
731	* at least 'path', 'tn_ext' and 'id' should be present
732	*/
733	function get_thumbnail_url($element_info)
734	{
735	$path = get_thumbnail_location($element_info);
736	if ( !url_is_remote($path) )
737	{
738	$path = embellish_url(get_root_url().$path);
739	}
740
741	// plugins want another url ?
742	$path = trigger_event('get_thumbnail_url', $path, $element_info);
743	return $path;
744	}
745
746	/* returns the relative path of the thumnail with regards to to the root
747	of piwigo (not the current page!).This function is not intended to be
748	called directly from code.*/
749	function get_thumbnail_location($element_info)
750	{
751	global $conf;
752	if ( !empty( $element_info['tn_ext'] ) )
753	{
754	$path = substr_replace(
755	get_filename_wo_extension($element_info['path']),
756	'/'.$conf['dir_thumbnail'].'/'.$conf['prefix_thumbnail'],
757	strrpos($element_info['path'],'/'),
758	1
759	);
760	$path.= '.'.$element_info['tn_ext'];
761	}
762	else
763	{
764	$path = get_themeconf('mime_icon_dir')
765	.strtolower(get_extension($element_info['path'])).'.png';
766	}
767
768	// plugins want another location ?
769	$path = trigger_event( 'get_thumbnail_location', $path, $element_info);
770	return $path;
771	}
772
773	/* returns the title of the thumnail */
774	function get_thumbnail_title($element_info)
775	{
776	// message in title for the thumbnail
777	if (isset($element_info['file']))
778	{
779	$thumbnail_title = $element_info['file'];
780	}
781	else
782	{
783	$thumbnail_title = '';
784	}
785
786	if (!empty($element_info['filesize']))
787	{
788	$thumbnail_title .= ' : '.sprintf(l10n('%d Kb'), $element_info['filesize']);
789	}
790
791	return $thumbnail_title;
792	}
793
794	/**
795	* fill the current user caddie with given elements, if not already in
796	* caddie
797	*
798	* @param array elements_id
799	*/
800	function fill_caddie($elements_id)
801	{
802	global $user;
803
804	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
805
806	$query = '
807	SELECT element_id
808	FROM '.CADDIE_TABLE.'
809	WHERE user_id = '.$user['id'].'
810	;';
811	$in_caddie = array_from_query($query, 'element_id');
812
813	$caddiables = array_diff($elements_id, $in_caddie);
814
815	$datas = array();
816
817	foreach ($caddiables as $caddiable)
818	{
819	array_push($datas, array('element_id' => $caddiable,
820	'user_id' => $user['id']));
821	}
822
823	if (count($caddiables) > 0)
824	{
825	mass_inserts(CADDIE_TABLE, array('element_id','user_id'), $datas);
826	}
827	}
828
829	/**
830	* returns the element name from its filename
831	*
832	* @param string filename
833	* @return string name
834	*/
835	function get_name_from_file($filename)
836	{
837	return str_replace('_',' ',get_filename_wo_extension($filename));
838	}
839
840	/**
841	* returns the corresponding value from $lang if existing. Else, the key is
842	* returned
843	*
844	* @param string key
845	* @return string
846	*/
847	function l10n($key, $textdomain='messages')
848	{
849	global $lang, $conf;
850
851	if ($conf['debug_l10n'] and !isset($lang[$key]) and !empty($key))
852	{
853	trigger_error('[l10n] language key "'.$key.'" is not defined', E_USER_WARNING);
854	}
855
856	return isset($lang[$key]) ? $lang[$key] : $key;
857	}
858
859	/**
860	* returns the prinft value for strings including %d
861	* return is concorded with decimal value (singular, plural)
862	*
863	* @param singular string key
864	* @param plural string key
865	* @param decimal value
866	* @return string
867	*/
868	function l10n_dec($singular_fmt_key, $plural_fmt_key, $decimal)
869	{
870	global $lang_info;
871
872	return
873	sprintf(
874	l10n((
875	(($decimal > 1) or ($decimal == 0 and $lang_info['zero_plural']))
876	? $plural_fmt_key
877	: $singular_fmt_key
878	)), $decimal);
879	}
880
881	/*
882	* returns a single element to use with l10n_args
883	*
884	* @param string key: translation key
885	* @param array/string/../number args:
886	* arguments to use on sprintf($key, args)
887	* if args is a array, each values are used on sprintf
888	* @return string
889	*/
890	function get_l10n_args($key, $args)
891	{
892	if (is_array($args))
893	{
894	$key_arg = array_merge(array($key), $args);
895	}
896	else
897	{
898	$key_arg = array($key, $args);
899	}
900	return array('key_args' => $key_arg);
901	}
902
903	/*
904	* returns a string with formated with l10n_args elements
905	*
906	* @param element/array $key_args: element or array of l10n_args elements
907	* @param $sep: if $key_args is array,
908	* separator is used when translated l10n_args elements are concated
909	* @return string
910	*/
911	function l10n_args($key_args, $sep = "\n")
912	{
913	if (is_array($key_args))
914	{
915	foreach ($key_args as $key => $element)
916	{
917	if (isset($result))
918	{
919	$result .= $sep;
920	}
921	else
922	{
923	$result = '';
924	}
925
926	if ($key === 'key_args')
927	{
928	array_unshift($element, l10n(array_shift($element)));
929	$result .= call_user_func_array('sprintf', $element);
930	}
931	else
932	{
933	$result .= l10n_args($element, $sep);
934	}
935	}
936	}
937	else
938	{
939	fatal_error('l10n_args: Invalid arguments');
940	}
941
942	return $result;
943	}
944
945	/**
946	* returns the corresponding value from $themeconf if existing. Else, the
947	* key is returned
948	*
949	* @param string key
950	* @return string
951	*/
952	function get_themeconf($key)
953	{
954	global $template;
955
956	return $template->get_themeconf($key);
957	}
958
959	/**
960	* Returns webmaster mail address depending on $conf['webmaster_id']
961	*
962	* @return string
963	*/
964	function get_webmaster_mail_address()
965	{
966	global $conf;
967
968	$query = '
969	SELECT '.$conf['user_fields']['email'].'
970	FROM '.USERS_TABLE.'
971	WHERE '.$conf['user_fields']['id'].' = '.$conf['webmaster_id'].'
972	;';
973	list($email) = pwg_db_fetch_row(pwg_query($query));
974
975	return $email;
976	}
977
978	/**
979	* Add configuration parameters from database to global $conf array
980	*
981	* @return void
982	*/
983	function load_conf_from_db($condition = '')
984	{
985	global $conf;
986
987	$query = '
988	SELECT param, value
989	FROM '.CONFIG_TABLE.'
990	'.(!empty($condition) ? 'WHERE '.$condition : '').'
991	;';
992	$result = pwg_query($query);
993
994	if ((pwg_db_num_rows($result) == 0) and !empty($condition))
995	{
996	fatal_error('No configuration data');
997	}
998
999	while ($row = pwg_db_fetch_assoc($result))
1000	{
1001	$conf[ $row['param'] ] = isset($row['value']) ? $row['value'] : '';
1002
1003	// If the field is true or false, the variable is transformed into a
1004	// boolean value.
1005	if ($conf[$row['param']] == 'true' or $conf[$row['param']] == 'false')
1006	{
1007	$conf[ $row['param'] ] = get_boolean($conf[ $row['param'] ]);
1008	}
1009	}
1010	}
1011
1012	function conf_update_param($param, $value)
1013	{
1014	$query = '
1015	DELETE
1016	FROM '.CONFIG_TABLE.'
1017	WHERE param = \''.$param.'\'
1018	;';
1019	pwg_query($query);
1020
1021	$query = '
1022	INSERT
1023	INTO '.CONFIG_TABLE.'
1024	(param, value)
1025	VALUES(\''.$param.'\', \''.$value.'\')
1026	;';
1027	pwg_query($query);
1028	}
1029
1030	/**
1031	* Prepends and appends a string at each value of the given array.
1032	*
1033	* @param array
1034	* @param string prefix to each array values
1035	* @param string suffix to each array values
1036	*/
1037	function prepend_append_array_items($array, $prepend_str, $append_str)
1038	{
1039	array_walk(
1040	$array,
1041	create_function('&$s', '$s = "'.$prepend_str.'".$s."'.$append_str.'";')
1042	);
1043
1044	return $array;
1045	}
1046
1047	/**
1048	* creates an hashed based on a query, this function is a very common
1049	* pattern used here. Among the selected columns fetched, choose one to be
1050	* the key, another one to be the value.
1051	*
1052	* @param string $query
1053	* @param string $keyname
1054	* @param string $valuename
1055	* @return array
1056	*/
1057	function simple_hash_from_query($query, $keyname, $valuename)
1058	{
1059	$array = array();
1060
1061	$result = pwg_query($query);
1062	while ($row = pwg_db_fetch_assoc($result))
1063	{
1064	$array[ $row[$keyname] ] = $row[$valuename];
1065	}
1066
1067	return $array;
1068	}
1069
1070	/**
1071	* creates an hashed based on a query, this function is a very common
1072	* pattern used here. The key is given as parameter, the value is an associative
1073	* array.
1074	*
1075	* @param string $query
1076	* @param string $keyname
1077	* @return array
1078	*/
1079	function hash_from_query($query, $keyname)
1080	{
1081	$array = array();
1082	$result = pwg_query($query);
1083	while ($row = pwg_db_fetch_assoc($result))
1084	{
1085	$array[ $row[$keyname] ] = $row;
1086	}
1087	return $array;
1088	}
1089
1090	/**
1091	* Return basename of the current script
1092	* Lower case convertion is applied on return value
1093	* Return value is without file extention ".php"
1094	*
1095	* @param void
1096	*
1097	* @return script basename
1098	*/
1099	function script_basename()
1100	{
1101	global $conf;
1102
1103	foreach (array('SCRIPT_NAME', 'SCRIPT_FILENAME', 'PHP_SELF') as $value)
1104	{
1105	if (!empty($_SERVER[$value]))
1106	{
1107	$filename = strtolower($_SERVER[$value]);
1108	if ($conf['php_extension_in_urls'] and get_extension($filename)!=='php')
1109	continue;
1110	$basename = basename($filename, '.php');
1111	if (!empty($basename))
1112	{
1113	return $basename;
1114	}
1115	}
1116	}
1117	return '';
1118	}
1119
1120	/**
1121	* Return value for the current page define on $conf['filter_pages']
1122	* Îf value is not defined, default value are returned
1123	*
1124	* @param value name
1125	*
1126	* @return filter page value
1127	*/
1128	function get_filter_page_value($value_name)
1129	{
1130	global $conf;
1131
1132	$page_name = script_basename();
1133
1134	if (isset($conf['filter_pages'][$page_name][$value_name]))
1135	{
1136	return $conf['filter_pages'][$page_name][$value_name];
1137	}
1138	else if (isset($conf['filter_pages']['default'][$value_name]))
1139	{
1140	return $conf['filter_pages']['default'][$value_name];
1141	}
1142	else
1143	{
1144	return null;
1145	}
1146	}
1147
1148	/**
1149	* returns the character set of data sent to browsers / received from forms
1150	*/
1151	function get_pwg_charset()
1152	{
1153	$pwg_charset = 'utf-8';
1154	if (defined('PWG_CHARSET'))
1155	{
1156	$pwg_charset = PWG_CHARSET;
1157	}
1158	return $pwg_charset;
1159	}
1160
1161	/**
1162	* includes a language file or returns the content of a language file
1163	* availability of the file
1164	*
1165	* in descending order of preference:
1166	* param language, user language, default language
1167	* Piwigo default language.
1168	*
1169	* @param string filename
1170	* @param string dirname
1171	* @param mixed options can contain
1172	* language - language to load (if empty uses user language)
1173	* return - if true the file content is returned otherwise the file is evaluated as php
1174	* target_charset -
1175	* no_fallback - the language must be respected
1176	* local - if true, get local language file
1177	* @return boolean success status or a string if options['return'] is true
1178	*/
1179	function load_language($filename, $dirname = '',
1180	$options = array() )
1181	{
1182	global $user;
1183
1184	if (! @$options['return'] )
1185	{
1186	$filename .= '.php'; //MAYBE to do .. load .po and .mo localization files
1187	}
1188	if (empty($dirname))
1189	{
1190	$dirname = PHPWG_ROOT_PATH;
1191	}
1192	$dirname .= 'language/';
1193
1194	$languages = array();
1195	if ( !empty($options['language']) )
1196	{
1197	$languages[] = $options['language'];
1198	}
1199	if ( !empty($user['language']) )
1200	{
1201	$languages[] = $user['language'];
1202	}
1203	if ( ! @$options['no_fallback'] )
1204	{
1205	if ( defined('PHPWG_INSTALLED') )
1206	{
1207	$languages[] = get_default_language();
1208	}
1209	$languages[] = PHPWG_DEFAULT_LANGUAGE;
1210	}
1211
1212	$languages = array_unique($languages);
1213
1214	if ( empty($options['target_charset']) )
1215	{
1216	$target_charset = get_pwg_charset();
1217	}
1218	else
1219	{
1220	$target_charset = $options['target_charset'];
1221	}
1222	$target_charset = strtolower($target_charset);
1223	$source_file = '';
1224	foreach ($languages as $language)
1225	{
1226	$f = @$options['local'] ?
1227	$dirname.$language.'.'.$filename:
1228	$dirname.$language.'/'.$filename;
1229
1230	if (file_exists($f))
1231	{
1232	$source_file = $f;
1233	break;
1234	}
1235	}
1236
1237	if ( !empty($source_file) )
1238	{
1239	if (! @$options['return'] )
1240	{
1241	@include($source_file);
1242	$load_lang = @$lang;
1243	$load_lang_info = @$lang_info;
1244
1245	global $lang, $lang_info;
1246	if ( !isset($lang) ) $lang=array();
1247	if ( !isset($lang_info) ) $lang_info=array();
1248
1249	if ( 'utf-8'!=$target_charset)
1250	{
1251	if ( is_array($load_lang) )
1252	{
1253	foreach ($load_lang as $k => $v)
1254	{
1255	if ( is_array($v) )
1256	{
1257	$func = create_function('$v', 'return convert_charset($v, "utf-8", "'.$target_charset.'");' );
1258	$lang[$k] = array_map($func, $v);
1259	}
1260	else
1261	$lang[$k] = convert_charset($v, 'utf-8', $target_charset);
1262	}
1263	}
1264	if ( is_array($load_lang_info) )
1265	{
1266	foreach ($load_lang_info as $k => $v)
1267	{
1268	$lang_info[$k] = convert_charset($v, 'utf-8', $target_charset);
1269	}
1270	}
1271	}
1272	else
1273	{
1274	$lang = array_merge( $lang, (array)$load_lang );
1275	$lang_info = array_merge( $lang_info, (array)$load_lang_info );
1276	}
1277	return true;
1278	}
1279	else
1280	{
1281	$content = @file_get_contents($source_file);
1282	$content = convert_charset($content, 'utf-8', $target_charset);
1283	return $content;
1284	}
1285	}
1286	return false;
1287	}
1288
1289	/**
1290	* converts a string from a character set to another character set
1291	* @param string str the string to be converted
1292	* @param string source_charset the character set in which the string is encoded
1293	* @param string dest_charset the destination character set
1294	*/
1295	function convert_charset($str, $source_charset, $dest_charset)
1296	{
1297	if ($source_charset==$dest_charset)
1298	return $str;
1299	if ($source_charset=='iso-8859-1' and $dest_charset=='utf-8')
1300	{
1301	return utf8_encode($str);
1302	}
1303	if ($source_charset=='utf-8' and $dest_charset=='iso-8859-1')
1304	{
1305	return utf8_decode($str);
1306	}
1307	if (function_exists('iconv'))
1308	{
1309	return iconv($source_charset, $dest_charset, $str);
1310	}
1311	if (function_exists('mb_convert_encoding'))
1312	{
1313	return mb_convert_encoding( $str, $dest_charset, $source_charset );
1314	}
1315	return $str; //???
1316	}
1317
1318	/**
1319	* makes sure a index.htm protects the directory from browser file listing
1320	*
1321	* @param string dir directory
1322	*/
1323	function secure_directory($dir)
1324	{
1325	$file = $dir.'/index.htm';
1326	if (!file_exists($file))
1327	{
1328	@file_put_contents($file, 'Not allowed!');
1329	}
1330	}
1331
1332	/**
1333	* returns a "secret key" that is to be sent back when a user enters a comment
1334	*
1335	* @param int image_id
1336	*/
1337	function get_comment_post_key($image_id)
1338	{
1339	global $conf;
1340
1341	$time = time();
1342
1343	return sprintf(
1344	'%s:%s',
1345	$time,
1346	hash_hmac(
1347	'md5',
1348	$time.':'.$image_id,
1349	$conf['secret_key']
1350	)
1351	);
1352	}
1353
1354	/**
1355	* return an array which will be sent to template to display navigation bar
1356	*/
1357	function create_navigation_bar($url, $nb_element, $start, $nb_element_page, $clean_url = false)
1358	{
1359	global $conf;
1360
1361	$navbar = array();
1362	$pages_around = $conf['paginate_pages_around'];
1363	$start_str = $clean_url ? '/start-' : (strpos($url, '?')===false ? '?':'&').'start=';
1364
1365	if (!isset($start) or !is_numeric($start) or (is_numeric($start) and $start < 0))
1366	{
1367	$start = 0;
1368	}
1369
1370	// navigation bar useful only if more than one page to display !
1371	if ($nb_element > $nb_element_page)
1372	{
1373	$cur_page = ceil($start / $nb_element_page) + 1;
1374	$maximum = ceil($nb_element / $nb_element_page);
1375	$previous = $start - $nb_element_page;
1376	$next = $start + $nb_element_page;
1377	$last = ($maximum - 1) * $nb_element_page;
1378
1379	$navbar['CURRENT_PAGE'] = $cur_page;
1380
1381	// link to first page and previous page?
1382	if ($cur_page != 1)
1383	{
1384	$navbar['URL_FIRST'] = $url;
1385	$navbar['URL_PREV'] = $url.($previous > 0 ? $start_str.$previous : '');
1386	}
1387	// link on next page and last page?
1388	if ($cur_page != $maximum)
1389	{
1390	$navbar['URL_NEXT'] = $url.$start_str.$next;
1391	$navbar['URL_LAST'] = $url.$start_str.$last;
1392	}
1393
1394	// pages to display
1395	$navbar['pages'] = array();
1396	$navbar['pages'][1] = $url;
1397	$navbar['pages'][$maximum] = $url.$start_str.$last;
1398
1399	for ($i = max($cur_page - $pages_around , 2), $stop = min($cur_page + $pages_around + 1, $maximum);
1400	$i < $stop; $i++)
1401	{
1402	$navbar['pages'][$i] = $url.$start_str.(($i - 1) * $nb_element_page);
1403	}
1404	ksort($navbar['pages']);
1405	}
1406	return $navbar;
1407	}
1408
1409	/**
1410	* return an array which will be sent to template to display recent icon
1411	*/
1412	function get_icon($date, $is_child_date = false)
1413	{
1414	global $cache, $user;
1415
1416	if (empty($date))
1417	{
1418	return false;
1419	}
1420
1421	if (!isset($cache['get_icon']['title']))
1422	{
1423	$cache['get_icon']['title'] = sprintf(
1424	l10n('images posted during the last %d days'),
1425	$user['recent_period']
1426	);
1427	}
1428
1429	$icon = array(
1430	'TITLE' => $cache['get_icon']['title'],
1431	'IS_CHILD_DATE' => $is_child_date,
1432	);
1433
1434	if (isset($cache['get_icon'][$date]))
1435	{
1436	return $cache['get_icon'][$date] ? $icon : array();
1437	}
1438
1439	if (!isset($cache['get_icon']['sql_recent_date']))
1440	{
1441	// Use MySql date in order to standardize all recent "actions/queries"
1442	$cache['get_icon']['sql_recent_date'] = pwg_db_get_recent_period($user['recent_period']);
1443	}
1444
1445	$cache['get_icon'][$date] = $date > $cache['get_icon']['sql_recent_date'];
1446
1447	return $cache['get_icon'][$date] ? $icon : array();
1448	}
1449
1450	/**
1451	* check token comming from form posted or get params to prevent csrf attacks
1452	* if pwg_token is empty action doesn't require token
1453	* else pwg_token is compare to server token
1454	*
1455	* @return void access denied if token given is not equal to server token
1456	*/
1457	function check_pwg_token()
1458	{
1459	if (!empty($_REQUEST['pwg_token']))
1460	{
1461	if (get_pwg_token() != $_REQUEST['pwg_token'])
1462	{
1463	access_denied();
1464	}
1465	}
1466	else
1467	bad_request('missing token');
1468	}
1469
1470	function get_pwg_token()
1471	{
1472	global $conf;
1473
1474	return hash_hmac('md5', session_id(), $conf['secret_key']);
1475	}
1476
1477	/*
1478	* breaks the script execution if the given value doesn't match the given
1479	* pattern. This should happen only during hacking attempts.
1480	*
1481	* @param string param_name
1482	* @param array param_array
1483	* @param boolean is_array
1484	* @param string pattern
1485	*
1486	* @return void
1487	*/
1488	function check_input_parameter($param_name, $param_array, $is_array, $pattern)
1489	{
1490	$param_value = null;
1491	if (isset($param_array[$param_name]))
1492	{
1493	$param_value = $param_array[$param_name];
1494	}
1495
1496	// it's ok if the input parameter is null
1497	if (empty($param_value))
1498	{
1499	return true;
1500	}
1501
1502	if ($is_array)
1503	{
1504	if (!is_array($param_value))
1505	{
1506	fatal_error('[Hacking attempt] the input parameter "'.$param_name.'" should be an array');
1507	}
1508
1509	foreach ($param_value as $item_to_check)
1510	{
1511	if (!preg_match($pattern, $item_to_check))
1512	{
1513	fatal_error('[Hacking attempt] an item is not valid in input parameter "'.$param_name.'"');
1514	}
1515	}
1516	}
1517	else
1518	{
1519	if (!preg_match($pattern, $param_value))
1520	{
1521	fatal_error('[Hacking attempt] the input parameter "'.$param_name.'" is not valid');
1522	}
1523	}
1524	}
1525
1526
1527	function get_privacy_level_options()
1528	{
1529	global $conf;
1530
1531	$options = array();
1532	foreach (array_reverse($conf['available_permission_levels']) as $level)
1533	{
1534	$label = null;
1535
1536	if (0 == $level)
1537	{
1538	$label = l10n('Everybody');
1539	}
1540	else
1541	{
1542	$labels = array();
1543	$sub_levels = array_reverse($conf['available_permission_levels']);
1544	foreach ($sub_levels as $sub_level)
1545	{
1546	if ($sub_level == 0 or $sub_level < $level)
1547	{
1548	break;
1549	}
1550	array_push(
1551	$labels,
1552	l10n(
1553	sprintf(
1554	'Level %d',
1555	$sub_level
1556	)
1557	)
1558	);
1559	}
1560
1561	$label = implode(', ', $labels);
1562	}
1563	$options[$level] = $label;
1564	}
1565	return $options;
1566	}
1567	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: