source: trunk/include/section_init.inc.php @ 4385

Last change on this file since 4385 was 4385, checked in by nikrou, 15 years ago

Feature_1255 :

  • single quotes in queries
  • start using $confdblayer
  • Property svn:eol-style set to LF
File size: 18.1 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2009 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24/**
25 * This included page checks section related parameter and provides
26 * following informations:
27 *
28 * - $page['title']
29 *
30 * - $page['items']: ordered list of items to display
31 *
32 */
33
34// "index.php?/category/12-foo/start-24" or
35// "index.php/category/12-foo/start-24"
36// must return :
37//
38// array(
39//   'section'  => 'categories',
40//   'category' => array('id'=>12, ...),
41//   'start'    => 24
42//   );
43
44$page['items'] = array();
45
46// some ISPs set PATH_INFO to empty string or to SCRIPT_FILENAME while in the
47// default apache implementation it is not set
48if ( $conf['question_mark_in_urls']==false and
49     isset($_SERVER["PATH_INFO"]) and !empty($_SERVER["PATH_INFO"]) )
50{
51  $rewritten = $_SERVER["PATH_INFO"];
52  $rewritten = str_replace('//', '/', $rewritten);
53  $path_count = count( explode('/', $rewritten) );
54  $page['root_path'] = PHPWG_ROOT_PATH.str_repeat('../', $path_count-1);
55}
56else
57{
58  $rewritten = '';
59  foreach (array_keys($_GET) as $keynum => $key)
60  {
61    $rewritten = $key;
62    break;
63  }
64  $page['root_path'] = PHPWG_ROOT_PATH;
65}
66
67// deleting first "/" if displayed
68$tokens = explode('/', ltrim($rewritten, '/') );
69// $tokens = array(
70//   0 => category,
71//   1 => 12-foo,
72//   2 => start-24
73//   );
74
75$next_token = 0;
76if (script_basename() == 'picture') // basename without file extention
77{ // the first token must be the identifier for the picture
78  if ( isset($_GET['image_id'])
79       and isset($_GET['cat']) and is_numeric($_GET['cat']) )
80  {// url compatibility with versions below 1.6
81    $url = make_picture_url( array(
82        'section' => 'categories',
83        'category' => get_cat_info($_GET['cat']),
84        'image_id' => $_GET['image_id']
85      ) );
86    redirect($url);
87  }
88  $token = $tokens[$next_token];
89  $next_token++;
90  if ( is_numeric($token) )
91  {
92    $page['image_id'] = $token;
93    if ($page['image_id']==0)
94    {
95      bad_request('invalid picture identifier');
96    }
97  }
98  else
99  {
100    preg_match('/^(\d+-)?(.*)?$/', $token, $matches);
101    if (isset($matches[1]) and is_numeric($matches[1]=rtrim($matches[1],'-')) )
102    {
103      $page['image_id'] = $matches[1];
104      if ( !empty($matches[2]) )
105      {
106        $page['image_file'] = $matches[2];
107      }
108    }
109    else
110    {
111      $page['image_id'] = 0; // more work in picture.php
112      if ( !empty($matches[2]) )
113      {
114        $page['image_file'] = $matches[2];
115      }
116      else
117      {
118        bad_request('picture identifier is missing');
119      }
120    }
121  }
122}
123
124$page = array_merge( $page, parse_section_url( $tokens, $next_token) );
125
126if ( !isset($page['section']) )
127{
128  $page['section'] = 'categories';
129
130  switch (script_basename())
131  {
132    case 'picture':
133      break;
134    case 'index':
135    {
136      // No section defined, go to selected url
137      if (!empty($conf['random_index_redirect']) and empty($tokens[$next_token]) )
138      {
139        $random_index_redirect = array();
140        foreach ($conf['random_index_redirect'] as $random_url => $random_url_condition)
141        {
142          if (empty($random_url_condition) or eval($random_url_condition))
143          {
144            $random_index_redirect[] = $random_url;
145          }
146        }
147        if (!empty($random_index_redirect))
148        {
149          redirect($random_index_redirect[mt_rand(0, count($random_index_redirect)-1)]);
150        }
151      }
152      break;
153    }
154    default:
155      trigger_error('script_basename "'.script_basename().'" unknown',
156        E_USER_WARNING);
157  }
158}
159
160$page = array_merge( $page, parse_well_known_params_url( $tokens, $next_token) );
161if ( script_basename()=='picture' and 'categories'==$page['section'] and
162      !isset($page['category']) and !isset($page['chronology_field']) )
163{ //access a picture only by id, file or id-file without given section
164  $page['flat']=true;
165}
166
167// $page['nb_image_page'] is the number of picture to display on this page
168// By default, it is the same as the $user['nb_image_page']
169$page['nb_image_page'] = $user['nb_image_page'];
170
171// if flat mode is active, we must consider the image set as a standard set
172// and not as a category set because we can't use the #image_category.rank :
173// displayed images are not directly linked to the displayed category
174if ('categories' == $page['section'] and !isset($page['flat']))
175{
176  $conf['order_by'] = $conf['order_by_inside_category'];
177}
178
179if (pwg_get_session_var('image_order',0) > 0)
180{
181  $image_order_id = pwg_get_session_var('image_order');
182
183  $orders = get_category_preferred_image_orders();
184
185  // the current session stored image_order might be not compatible with
186  // current image set, for example if the current image_order is the rank
187  // and that we are displaying images related to a tag.
188  //
189  // In case of incompatibility, the session stored image_order is removed.
190  if ($orders[$image_order_id][2])
191  {
192    $conf['order_by'] = str_replace(
193      'ORDER BY ',
194      'ORDER BY '.$orders[$image_order_id][1].',',
195      $conf['order_by']
196    );
197    $page['super_order_by'] = true;
198
199  }
200  else
201  {
202    pwg_unset_session_var('image_order');
203    $page['super_order_by'] = false;
204  }
205}
206
207$forbidden = get_sql_condition_FandF(
208      array
209        (
210          'forbidden_categories' => 'category_id',
211          'visible_categories' => 'category_id',
212          'visible_images' => 'id'
213        ),
214      'AND'
215  );
216
217// +-----------------------------------------------------------------------+
218// |                              category                                 |
219// +-----------------------------------------------------------------------+
220if ('categories' == $page['section'])
221{
222  if (isset($page['category']))
223  {
224    $page = array_merge(
225      $page,
226      array(
227        'comment'           =>
228            trigger_event(
229              'render_category_description',
230              $page['category']['comment'],
231              'main_page_category_description'
232            ),
233        'title'             =>
234          get_cat_display_name($page['category']['upper_names'], '', false),
235        )
236      );
237  }
238  else
239  {
240    $page['title'] = l10n('no_category');
241  }
242
243  if
244    (
245      (!isset($page['chronology_field'])) and
246      (
247        (isset($page['category'])) or
248        (isset($page['flat']))
249      )
250    )
251  {
252    if ( !empty($page['category']['image_order']) and !isset($page['super_order_by']) )
253    {
254      $conf[ 'order_by' ] = ' ORDER BY '.$page['category']['image_order'];
255    }
256
257    if (isset($page['flat']))
258    {// flat categories mode
259      if ( isset($page['category']) )
260      { // get all allowed sub-categories
261        $query = '
262SELECT id
263  FROM '.CATEGORIES_TABLE.'
264  WHERE
265    uppercats LIKE "'.$page['category']['uppercats'].',%" '
266    .get_sql_condition_FandF(
267      array
268        (
269          'forbidden_categories' => 'id',
270          'visible_categories' => 'id',
271        ),
272      "\n  AND"
273          );
274        $subcat_ids = array_from_query($query, 'id');
275        $subcat_ids[] = $page['category']['id'];
276        $where_sql = 'category_id IN ('.implode(',',$subcat_ids).')';
277        // remove categories from forbidden because just checked above
278        $forbidden = get_sql_condition_FandF(
279              array( 'visible_images' => 'id' ),
280              'AND'
281          );
282      }
283      else
284      {
285        $where_sql = '1=1';
286      }
287    }
288    else
289    {// Normal mode
290      $where_sql = 'category_id = '.$page['category']['id'];
291    }
292
293    // Main query
294    $query = '
295SELECT DISTINCT(image_id)
296  FROM '.IMAGE_CATEGORY_TABLE.'
297    INNER JOIN '.IMAGES_TABLE.' ON id = image_id
298  WHERE
299    '.$where_sql.'
300'.$forbidden.'
301  '.$conf['order_by'].'
302;';
303
304    $page['items'] = array_from_query($query, 'image_id');
305  } //otherwise the calendar will requery all subitems
306}
307// special sections
308else
309{
310// +-----------------------------------------------------------------------+
311// |                            tags section                               |
312// +-----------------------------------------------------------------------+
313  if ($page['section'] == 'tags')
314  {
315    $page['tag_ids'] = array();
316    foreach ($page['tags'] as $tag)
317    {
318      array_push($page['tag_ids'], $tag['id']);
319    }
320
321    $items = get_image_ids_for_tags($page['tag_ids']);
322
323    // permissions depends on category, so to only keep images that are
324    // reachable to the connected user, we need to check category
325    // associations
326    if (!empty($items) )
327    {
328      $query = '
329SELECT DISTINCT image_id
330  FROM '.IMAGE_CATEGORY_TABLE.' INNER JOIN '.IMAGES_TABLE.' ON image_id=id
331  WHERE image_id IN ('.implode(',', $items).')
332    '.$forbidden.
333    $conf['order_by'].'
334;';
335      $items =  array_from_query($query, 'image_id');
336    }
337
338    $page = array_merge(
339      $page,
340      array(
341        'title' => get_tags_content_title(),
342        'items' => $items,
343        )
344      );
345  }
346// +-----------------------------------------------------------------------+
347// |                           search section                              |
348// +-----------------------------------------------------------------------+
349  if ($page['section'] == 'search')
350  {
351    include_once( PHPWG_ROOT_PATH .'include/functions_search.inc.php' );
352
353    $search_result = get_search_results($page['search'], @$page['super_order_by'] );
354    if ( isset($search_result['qs']) )
355    {//save the details of the query search
356      $page['qsearch_details'] = $search_result['qs'];
357    }
358
359    $page = array_merge(
360      $page,
361      array(
362        'items' => $search_result['items'],
363        'title' => '<a href="'.duplicate_index_url(array('start'=>0)).'">'
364                  .l10n('search_result').'</a>',
365        )
366      );
367  }
368// +-----------------------------------------------------------------------+
369// |                           favorite section                            |
370// +-----------------------------------------------------------------------+
371  else if ($page['section'] == 'favorites')
372  {
373    check_user_favorites();
374
375    $page = array_merge(
376      $page,
377      array(
378        'title' => l10n('favorites')
379            )
380    );
381
382    if (!empty($_GET['action']) && ($_GET['action'] == 'remove_all_from_favorites'))
383    {
384      $query = '
385DELETE FROM '.FAVORITES_TABLE.'
386  WHERE user_id = '.$user['id'].'
387;';
388      pwg_query($query);
389      redirect(make_index_url( array('section'=>'favorites') ));
390    }
391    else
392    {
393      $query = '
394SELECT image_id
395  FROM '.FAVORITES_TABLE.'
396    INNER JOIN '.IMAGES_TABLE.' ON image_id = id
397  WHERE user_id = '.$user['id'].'
398'.get_sql_condition_FandF
399  (
400    array
401      (
402        'visible_images' => 'id'
403      ),
404    'AND'
405  ).'
406  '.$conf['order_by'].'
407;';
408      $page = array_merge(
409        $page,
410        array(
411          'items' => array_from_query($query, 'image_id'),
412         )
413      );
414
415      if (count($page['items'])>0)
416      {
417        $template->assign(
418          'favorite',
419          array(
420            'FAVORITE_IMG'  =>
421            get_root_url().get_themeconf('icon_dir').'/del_all_favorites.png',
422            'U_FAVORITE'    => add_url_params(
423              make_index_url( array('section'=>'favorites') ),
424              array('action'=>'remove_all_from_favorites')
425               ),
426             )
427           );
428      }
429    }
430  }
431// +-----------------------------------------------------------------------+
432// |                       recent pictures section                         |
433// +-----------------------------------------------------------------------+
434  else if ($page['section'] == 'recent_pics')
435  {
436    if ( !isset($page['super_order_by']) )
437    {
438      $conf['order_by'] = str_replace(
439        'ORDER BY ',
440        'ORDER BY date_available DESC,',
441        $conf['order_by']
442        );
443    }
444
445    $query = '
446SELECT DISTINCT(id)
447  FROM '.IMAGES_TABLE.'
448    INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id
449  WHERE
450    date_available >= '.pwg_db_get_recent_period_expression($user['recent_period']).'
451    '.$forbidden.'
452  '.$conf['order_by'].'
453;';
454
455    $page = array_merge(
456      $page,
457      array(
458        'title' => '<a href="'.duplicate_index_url(array('start'=>0)).'">'
459                  .l10n('recent_pics_cat').'</a>',
460        'items' => array_from_query($query, 'id'),
461        )
462      );
463  }
464// +-----------------------------------------------------------------------+
465// |                 recently updated categories section                   |
466// +-----------------------------------------------------------------------+
467  else if ($page['section'] == 'recent_cats')
468  {
469    $page = array_merge(
470      $page,
471      array(
472        'title' => l10n('recent_cats_cat'),
473        )
474      );
475  }
476// +-----------------------------------------------------------------------+
477// |                        most visited section                           |
478// +-----------------------------------------------------------------------+
479  else if ($page['section'] == 'most_visited')
480  {
481    $page['super_order_by'] = true;
482    $conf['order_by'] = ' ORDER BY hit DESC, file ASC';
483    $query = '
484SELECT DISTINCT(id)
485  FROM '.IMAGES_TABLE.'
486    INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id
487  WHERE hit > 0
488    '.$forbidden.'
489    '.$conf['order_by'].'
490  LIMIT '.$conf['top_number'].'
491;';
492
493    $page = array_merge(
494      $page,
495      array(
496        'title' => '<a href="'.duplicate_index_url(array('start'=>0)).'">'
497                  .$conf['top_number'].' '.l10n('most_visited_cat').'</a>',
498        'items' => array_from_query($query, 'id'),
499        )
500      );
501  }
502// +-----------------------------------------------------------------------+
503// |                          best rated section                           |
504// +-----------------------------------------------------------------------+
505  else if ($page['section'] == 'best_rated')
506  {
507    $page['super_order_by'] = true;
508    $conf['order_by'] = ' ORDER BY average_rate DESC, id ASC';
509
510    $query ='
511SELECT DISTINCT(id)
512  FROM '.IMAGES_TABLE.'
513    INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id
514  WHERE average_rate IS NOT NULL
515    '.$forbidden.'
516    '.$conf['order_by'].'
517  LIMIT '.$conf['top_number'].'
518;';
519    $page = array_merge(
520      $page,
521      array(
522        'title' => '<a href="'.duplicate_index_url(array('start'=>0)).'">'
523                  .$conf['top_number'].' '.l10n('best_rated_cat').'</a>',
524        'items' => array_from_query($query, 'id'),
525        )
526      );
527  }
528// +-----------------------------------------------------------------------+
529// |                             list section                              |
530// +-----------------------------------------------------------------------+
531  else if ($page['section'] == 'list')
532  {
533    $query ='
534SELECT DISTINCT(id)
535  FROM '.IMAGES_TABLE.'
536    INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id
537  WHERE image_id IN ('.implode(',', $page['list']).')
538    '.$forbidden.'
539  '.$conf['order_by'].'
540;';
541
542    $page = array_merge(
543      $page,
544      array(
545        'title' => '<a href="'.duplicate_index_url(array('start'=>0)).'">'
546                    .l10n('random_cat').'</a>',
547        'items' => array_from_query($query, 'id'),
548        )
549      );
550  }
551}
552
553// +-----------------------------------------------------------------------+
554// |                             chronology                                |
555// +-----------------------------------------------------------------------+
556
557if (isset($page['chronology_field']))
558{
559  include_once( PHPWG_ROOT_PATH.'include/functions_calendar.inc.php' );
560  initialize_calendar();
561}
562
563// add meta robots noindex, nofollow to avoid unnecesary robot crawls
564$page['meta_robots']=array();
565if ( isset($page['chronology_field'])
566      or ( isset($page['flat']) and isset($page['category']) )
567      or 'list'==$page['section'] or 'recent_pics'==$page['section'] )
568{
569  $page['meta_robots']=array('noindex'=>1, 'nofollow'=>1);
570}
571elseif ('tags' == $page['section'])
572{
573  if ( count($page['tag_ids'])>1 )
574  {
575    $page['meta_robots']=array('noindex'=>1, 'nofollow'=>1);
576  }
577}
578elseif ('recent_cats'==$page['section'])
579{
580  $page['meta_robots']['noindex']=1;
581}
582elseif ('search'==$page['section'])
583{
584  $page['meta_robots']['nofollow']=1;
585}
586if ( $filter['enabled'] )
587{
588  $page['meta_robots']['noindex']=1;
589}
590
591// see if we need a redirect because of a permalink
592if ( 'categories'==$page['section'] and isset($page['category']) )
593{
594  $need_redirect=false;
595  if ( empty($page['category']['permalink']) )
596  {
597    if ( $conf['category_url_style'] == 'id-name' and
598        @$page['hit_by']['cat_url_name'] !== str2url($page['category']['name']) )
599    {
600      $need_redirect=true;
601    }
602  }
603  else
604  {
605    if ( $page['category']['permalink'] !== @$page['hit_by']['cat_permalink'] )
606    {
607      $need_redirect=true;
608    }
609  }
610
611  if ($need_redirect)
612  {
613    $redirect_url = ( script_basename()=='picture'
614        ? duplicate_picture_url()
615          : duplicate_index_url()
616      );
617    if (!headers_sent())
618    { // this is a permanent redirection
619      set_status_header(301);
620      redirect_http( $redirect_url );
621    }
622    redirect( $redirect_url );
623  }
624  unset( $need_redirect, $page['hit_by'] );
625}
626
627trigger_action('loc_end_section_init');
628?>
Note: See TracBrowser for help on using the repository browser.