Context Navigation

source: trunk/picture.php @ 363

Last change on this file since 363 was 362, checked in by z0rglub, 20 years ago
header global refactoring
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 27.4 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| picture.php \|
4	// +-----------------------------------------------------------------------+
5	// \| application : PhpWebGallery <http://phpwebgallery.net> \|
6	// \| branch : BSF (Best So Far) \|
7	// +-----------------------------------------------------------------------+
8	// \| file : $RCSfile$
9	// \| last update : $Date: 2004-02-11 23:20:38 +0000 (Wed, 11 Feb 2004) $
10	// \| last modifier : $Author: z0rglub $
11	// \| revision : $Revision: 362 $
12	// +-----------------------------------------------------------------------+
13	// \| This program is free software; you can redistribute it and/or modify \|
14	// \| it under the terms of the GNU General Public License as published by \|
15	// \| the Free Software Foundation \|
16	// \| \|
17	// \| This program is distributed in the hope that it will be useful, but \|
18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
20	// \| General Public License for more details. \|
21	// \| \|
22	// \| You should have received a copy of the GNU General Public License \|
23	// \| along with this program; if not, write to the Free Software \|
24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
25	// \| USA. \|
26	// +-----------------------------------------------------------------------+
27	//----------------------------------------------------------- include
28	$phpwg_root_path = './';
29	include_once( $phpwg_root_path.'include/common.inc.php' );
30	//-------------------------------------------------- access authorization check
31	check_cat_id( $_GET['cat'] );
32	check_login_authorization();
33	if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) )
34	{
35	check_restrictions( $page['cat'] );
36	}
37	//---------------------------------------- incrementation of the number of hits
38	$query = 'UPDATE '.IMAGES_TABLE.' SET hit=hit+1';
39	$query.= ' WHERE id='.$_GET['image_id'];
40	$query.= ';';
41	@mysql_query( $query );
42	//-------------------------------------------------------------- initialization
43	initialize_category( 'picture' );
44	//------------------------------------- main picture information initialization
45	$infos = array( 'id','date_available','comment','hit','keywords','author'
46	,'name','file','date_creation','filesize','width','height'
47	,'storage_category_id' );
48
49	$query = 'SELECT '.implode( ',', $infos );
50	if ( is_numeric( $page['cat'] ) ) $query.= ',category_id';
51	$query.= ' FROM '.IMAGES_TABLE;
52	$query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic';
53	$query.= ' ON id = ic.image_id';
54	$query.= $page['where'];
55	$query.= ' AND id = '.$_GET['image_id'];
56	$query.= $conf['order_by'];
57	$query.= ';';
58	$result = mysql_query( $query );
59	// if this image_id doesn't correspond to this category, an error message is
60	// displayed, and execution is stopped
61	if ( mysql_num_rows( $result ) == 0 )
62	{
63	echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
64	echo '<a href="'.add_session_id( './category.php' ).'">';
65	echo $lang['thumbnails'].'</a></div>';
66	exit();
67	}
68	$row = mysql_fetch_array( $result );
69
70	foreach ( $infos as $info ) {
71	if ( isset( $row[$info] ) ) $page[$info] = $row[$info];
72	else $page[$info] = '';
73	}
74	if ( is_numeric( $page['cat'] ) ) $page['category_id'] = $row['category_id'];
75	// retrieving the number of the picture in its category (in order)
76	$query = 'SELECT DISTINCT(id)';
77	$query.= ' FROM '.IMAGES_TABLE;
78	$query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic';
79	$query.= ' ON id = ic.image_id';
80	$query.= $page['where'];
81	$query.= $conf['order_by'];
82	$query.= ';';
83	$result = mysql_query( $query );
84	$page['num'] = 0;
85	$row = mysql_fetch_array( $result );
86	while ( $row['id'] != $page['id'] )
87	{
88	$page['num']++;
89	$row = mysql_fetch_array( $result );
90	}
91	//--------------------------------------------------------- favorite management
92	if ( isset( $_GET['add_fav'] ) )
93	{
94	if ( $_GET['add_fav'] == 1 )
95	{
96	// verify if the picture is already in the favorite of the user
97	$query = 'SELECT COUNT(*) AS nb_fav';
98	$query.= ' FROM '.FAVORITES_TABLE.' WHERE image_id = '.$page['id'];
99	$query.= ' AND user_id = '.$user['id'];
100	$query.= ';';
101	$result = mysql_query( $query );
102	$row = mysql_fetch_array( $result );
103	if ( $row['nb_fav'] == 0 )
104	{
105	$query = 'INSERT INTO '.FAVORITES_TABLE.' (image_id,user_id) VALUES';
106	$query.= ' ('.$page['id'].','.$user['id'].')';
107	$query.= ';';
108	$result = mysql_query( $query );
109	}
110	}
111	if ( $_GET['add_fav'] == 0 )
112	{
113	$query = 'DELETE FROM '.FAVORITES_TABLE.' WHERE user_id = '.$user['id'];
114	$query.= ' AND image_id = '.$page['id'];
115	$query.= ';';
116	$result = mysql_query( $query );
117
118	$page['cat_nb_images'] = $page['cat_nb_images'] - 1;
119	if ( $page['cat_nb_images'] <= 0 )
120	{
121	// there is no favorite picture anymore
122	// we redirect the user to the category page
123	$url = add_session_id( 'category.php' );
124	header( 'Request-URI: '.$url );
125	header( 'Content-Location: '.$url );
126	header( 'Location: '.$url );
127	exit();
128	}
129	// redirection of the user to the picture.php page
130	// with the right picture
131	$page['num'] = $page['num'] - 1;
132	if ( $page['num'] == -1 )
133	{
134	$page['num'] = 0;
135	}
136	$query = 'SELECT id';
137	$query.= ' FROM '.IMAGES_TABLE;
138	$query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic';
139	$query.= ' ON id = ic.image_id';
140	$query.= $page['where'];
141	$query.= $conf['order_by'];
142	$query.= ' LIMIT '.$page['num'].',1';
143	$query.= ';';
144	$result = mysql_query( $query );
145	$row = mysql_fetch_array( $result );
146	$redirect = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
147	$redirect.= '&expand='.$_GET['expand'];
148	if ( $page['cat'] == 'search' )
149	{
150	$redirect.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
151	}
152	$url = add_session_id( $redirect, true );
153	header( 'Request-URI: '.$url );
154	header( 'Content-Location: '.$url );
155	header( 'Location: '.$url );
156	exit();
157	}
158	}
159
160	//---------------------------------------------- next picture thumbnail display
161	$next = 0;
162	if ( $page['num'] < $page['cat_nb_images']-1 )
163	{
164	$next = $page['num'] + 1;
165	$query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id';
166	$query.= ' FROM '.IMAGES_TABLE;
167	$query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic';
168	$query.= ' ON id=ic.image_id';
169	$query.= $page['where'];
170	$query.= $conf['order_by'];
171	$query.= ' LIMIT '.$next.',1';
172	$query.= ';';
173	$result = mysql_query( $query );
174	$row = mysql_fetch_array( $result );
175
176	if ( !isset($array_cat_directories[$row['storage_category_id']]))
177	{
178	$array_cat_directories[$row['storage_category_id']] =
179	get_complete_dir( $row['storage_category_id'] );
180	}
181	$cat_directory = $array_cat_directories[$row['storage_category_id']];
182
183	$file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") );
184	$next_lien_thumbnail = $cat_directory.'thumbnail/';
185	$next_lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext'];
186
187	if ( isset( $row['name'] ) and $row['name'] != '' )
188	{
189	$next_alt_thumbnail = $row['name'];
190	}
191	else
192	{
193	$next_alt_thumbnail = $file;
194	}
195	$next_title = $lang['next_image']." : ".$next_alt_thumbnail;
196
197	$next_url_link = './picture.php?image_id='.$row['id'];
198	$next_url_link.= '&cat='.$page['cat'];
199	if ( isset( $_GET['expand'] ) )
200	$next_url_link.= '&expand='.$_GET['expand'];
201	if ( $page['cat'] == 'search' )
202	{
203	$next_url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
204	}
205	}
206	//----------------------------------------------------- template initialization
207	//
208	// Start output of page
209	//
210	//------------------------------------------------------------------ page title
211	$title = $page['name'];
212	if ( $title == '')
213	{
214	$title = str_replace("_"," ",get_filename_wo_extension($page['file']));
215	}
216	$refresh = 0;
217	if ( isset( $_GET['slideshow'] ) && isset($next_url_link))
218	{
219	$refresh= $_GET['slideshow'];
220	$url_link = $next_url_link;
221	}
222	include('include/page_header.php');
223
224	$handle = $vtp->Open( './template/'.$user['template'].'/picture.vtp' );
225	initialize_template();
226
227	$tpl = array( 'back','submit','comments_title','comments_del','delete',
228	'comments_add','author','slideshow','slideshow_stop',
229	'period_seconds' );
230	templatize_array( $tpl, 'lang', $handle );
231	//-------------------------------------------------------- slideshow management
232	if ( isset( $_GET['slideshow'] ) )
233	{
234	if ( !is_numeric( $_GET['slideshow'] ) )
235	$_GET['slideshow'] = $conf['slideshow_period'][0];
236	$vtp->addSession( $handle, 'stop_slideshow' );
237	$url = './picture.php';
238	$url.= '?image_id='.$page['id'];
239	$url.= '&cat='.$page['cat'];
240	$url.= '&expand='.$_GET['expand'];
241	if ( $page['cat'] == 'search' )
242	{
243	$url.= '&search='.$_GET['search'];
244	$url.= '&mode='.$_GET['mode'];
245	}
246	$vtp->setVar( $handle, 'stop_slideshow.url', add_session_id( $url ) );
247	$vtp->closeSession( $handle, 'stop_slideshow' );
248	}
249	else
250	{
251	$vtp->addSession( $handle, 'start_slideshow' );
252	foreach ( $conf['slideshow_period'] as $option ) {
253	$vtp->addSession( $handle, 'second' );
254	$vtp->setVar( $handle, 'second.option', $option );
255	$url = './picture.php';
256	$url.= '?image_id='.$page['id'];
257	$url.= '&cat='.$page['cat'];
258	if (isset($_GET['expand']))
259	$url.= '&expand='.$_GET['expand'];
260	if ( $page['cat'] == 'search' )
261	{
262	$url.= '&search='.$_GET['search'];
263	$url.= '&mode='.$_GET['mode'];
264	}
265	$url.= '&slideshow='.$option;
266	$vtp->setVar( $handle, 'second.url', add_session_id( $url ) );
267	$vtp->closeSession( $handle, 'second' );
268	}
269	$vtp->closeSession( $handle, 'start_slideshow' );
270	}
271
272	//-------------------------------------------------- previous picture thumbnail
273	if ( $page['num'] >= 1 )
274	{
275	$prev = $page['num'] - 1;
276	$query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id';
277	$query.= ' FROM '.IMAGES_TABLE;
278	$query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic';
279	$query.= ' ON id=ic.image_id';
280	$query.= $page['where'];
281	$query.= $conf['order_by'];
282	$query.= ' LIMIT '.$prev.',1';
283	$query.= ';';
284	$result = mysql_query( $query );
285	$row = mysql_fetch_array( $result );
286
287	if ( !isset($array_cat_directories[$row['storage_category_id']]) )
288	{
289	$array_cat_directories[$row['storage_category_id']] =
290	get_complete_dir( $row['storage_category_id'] );
291	}
292	$cat_directory = $array_cat_directories[$row['storage_category_id']];
293
294	$file = substr( $row['file'], 0, strrpos ( $row['file'], '.' ) );
295	$lien_thumbnail = $cat_directory.'thumbnail/';
296	$lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext'];
297
298	$prev_title = $lang['previous_image'].' : ';
299
300	if ( isset( $row['name'] ) and $row['name'] != '' )
301	$alt_thumbnail = $row['name'];
302	else
303	$alt_thumbnail = $file;
304
305	$prev_title.= $alt_thumbnail;
306
307	$url_link = './picture.php?image_id='.$row['id'].'&cat='.$page['cat'];
308	if ( isset( $_GET['expand'] ) ) $url_link.= '&expand='.$_GET['expand'];
309	if ( $page['cat'] == 'search' )
310	{
311	$url_link.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
312	}
313	// sending vars for display
314	$vtp->addSession( $handle, 'previous' );
315	$vtp->setGlobalVar( $handle, 'previous.url', add_session_id( $url_link ) );
316	$vtp->setGlobalVar( $handle, 'previous.title', $prev_title );
317	$vtp->setGlobalVar( $handle, 'previous.src', $lien_thumbnail );
318	$vtp->setGlobalVar( $handle, 'previous.alt', $alt_thumbnail );
319	$vtp->closeSession( $handle, 'previous' );
320	}
321	else
322	{
323	$vtp->addSession( $handle, 'previous_empty' );
324	$vtp->closeSession( $handle, 'previous_empty' );
325	}
326	//-------------------------------------------------------- main picture display
327	if ( is_numeric( $page['cat'] ) )
328	{
329	$intitule_cat = get_cat_display_name( $page['cat_name'], " - ",
330	"font-style:italic;" );
331	}
332	else
333	{
334	$intitule_cat = $page['title'];
335	}
336
337	if ( !isset($array_cat_directories[$page['storage_category_id']]) )
338	{
339	$array_cat_directories[$page['storage_category_id']] =
340	get_complete_dir( $page['storage_category_id'] );
341	}
342	$cat_directory = $array_cat_directories[$page['storage_category_id']];
343
344	$n = $page['num'] + 1;
345	$intitule_titre = replace_space( $intitule_cat." - " ).$n.'/';
346	$intitule_titre.= $page['cat_nb_images']."<br />";
347	if ( $page['name'] != "" )
348	{
349	$intitule_file = $page['name'];
350	}
351	else
352	{
353	$intitule_file = str_replace( "_", " ",
354	substr( $page['file'], 0,
355	strrpos ( $page['file'], ".") ) );
356	}
357	if ( $page['cat'] == 'search' )
358	{
359	$intitule_file = replace_search( $intitule_file, $_GET['search'] );
360	}
361	$vtp->setGlobalVar( $handle, 'title', $intitule_titre.$intitule_file );
362
363	$lien_image = $cat_directory.$page['file'];
364
365	// calculation of width and height
366	if ( $page['width'] == "" )
367	{
368	$taille_image = @getimagesize( $lien_image );
369	$original_width = $taille_image[0];
370	$original_height = $taille_image[1];
371	}
372	else
373	{
374	$original_width = $page['width'];
375	$original_height = $page['height'];
376	}
377
378	$picture_size = get_picture_size( $original_width, $original_height,
379	$user['maxwidth'], $user['maxheight'] );
380	$final_width = $picture_size[0];
381	$final_height = $picture_size[1];
382
383	$url_link = './category.php?cat='.$page['cat'].'&';
384	$url_link.= 'num='.$page['num'];
385	if (isset($_GET['expand']))
386	$url_link.='&expand='.$_GET['expand'];
387	if ( $page['cat'] == 'search' )
388	{
389	$url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode'];
390	}
391	$vtp->setGlobalVar( $handle, 'picture_link', add_session_id( $url_link ) );
392	$vtp->setGlobalVar( $handle, 'picture_width', $final_width );
393	$vtp->setGlobalVar( $handle, 'picture_height', $final_height );
394	$vtp->setGlobalVar( $handle, 'picture_src', $lien_image );
395	$vtp->setGlobalVar( $handle, 'picture_alt', $page['file'] );
396
397	if ( $page['comment'] != '' )
398	{
399	if ( $page['cat'] == 'search' )
400	{
401	$picture_comment = replace_search( $page['comment'], $_GET['search'] );
402	$vtp->setGlobalVar( $handle, 'picture_comment', $picture_comment );
403	}
404	else
405	{
406	$vtp->setGlobalVar( $handle, 'picture_comment', $page['comment'] );
407	}
408	}
409	//--------------------------------------------------------- picture information
410	// author
411	if ( $page['author'] != "" )
412	{
413	$vtp->addSession( $handle, 'info_line' );
414	$vtp->setVar( $handle, 'info_line.name', $lang['author'].' : ' );
415	$vtp->setVar( $handle, 'info_line.content', $page['author'] );
416	$vtp->closeSession( $handle, 'info_line' );
417	}
418	// creation date
419	if ( $page['date_creation'] != "" )
420	{
421	$vtp->addSession( $handle, 'info_line' );
422	$vtp->setVar( $handle, 'info_line.name', $lang['creation_date'].' : ' );
423	$vtp->setVar( $handle, 'info_line.content',
424	format_date( $page['date_creation'] ) );
425	$vtp->closeSession( $handle, 'info_line' );
426	}
427	// date of availability
428	$vtp->addSession( $handle, 'info_line' );
429	$vtp->setVar( $handle, 'info_line.name', $lang['registration_date'].' : ' );
430	list( $year,$month,$day ) = explode( '-', $page['date_available'] );
431	$vtp->setVar( $handle, 'info_line.content',
432	format_date( $page['date_available'] ) );
433	$vtp->closeSession( $handle, 'info_line' );
434	// size in pixels
435	$vtp->addSession( $handle, 'info_line' );
436	$vtp->setVar( $handle, 'info_line.name', $lang['size'].' : ' );
437	if ( $original_width != $final_width or $original_height != $final_height )
438	{
439	$content = '[ <a href="'.$lien_image.'" title="'.$lang['true_size'].'">';
440	$content.= $original_width.'*'.$original_height.'</a> ]';
441	$vtp->setVar( $handle, 'info_line.content', $content );
442	}
443	else
444	{
445	$content = $original_width.'*'.$original_height;
446	$vtp->setVar( $handle, 'info_line.content', $content );
447	}
448	$vtp->closeSession( $handle, 'info_line' );
449	// file
450	$vtp->addSession( $handle, 'info_line' );
451	$vtp->setVar( $handle, 'info_line.name', $lang['file'].' : ' );
452	if ( $page['cat'] == 'search' )
453	{
454	$content = replace_search( $page['file'], $_GET['search'] );
455	$vtp->setVar( $handle, 'info_line.content', $content );
456	}
457	else
458	{
459	$vtp->setVar( $handle, 'info_line.content', $page['file'] );
460	}
461	$vtp->closeSession( $handle, 'info_line' );
462	// filesize
463	if ( $page['filesize'] == "" )
464	{
465	$poids = floor ( filesize( $lien_image ) / 1024 );
466	}
467	else
468	{
469	$poids = $page['filesize'];
470	}
471	$vtp->addSession( $handle, 'info_line' );
472	$vtp->setVar( $handle, 'info_line.name', $lang['filesize'].' : ' );
473	$vtp->setVar( $handle, 'info_line.content', $poids.' KB' );
474	$vtp->closeSession( $handle, 'info_line' );
475	// keywords
476	if ( $page['keywords'] != '' )
477	{
478	$vtp->addSession( $handle, 'info_line' );
479	$vtp->setVar( $handle, 'info_line.name', $lang['keywords'].' : ' );
480	$keywords = explode( ',', $page['keywords'] );
481	$content = '';
482	$url = './category.php?cat=search';
483	if ( isset( $_GET['expand'] ) ) $url.= '&expand='.$_GET['expand'];
484	$url.= '&mode=OR&search=';
485	foreach ( $keywords as $i => $keyword ) {
486	$local_url = add_session_id( $url.$keyword );
487	if ( $i > 0 ) $content.= ',';
488	$content.= '<a href="'.$local_url.'">'.$keyword.'</a>';
489	}
490	$vtp->setVar( $handle, 'info_line.content', $content );
491	$vtp->closeSession( $handle, 'info_line' );
492	}
493	// number of visits
494	$vtp->addSession( $handle, 'info_line' );
495	$vtp->setVar( $handle, 'info_line.name', $lang['visited'].' : ' );
496	$vtp->setVar( $handle, 'info_line.content', $page['hit'].' '.$lang['times'] );
497	$vtp->closeSession( $handle, 'info_line' );
498	//------------------------------------------------------- favorite manipulation
499	if ( !$user['is_the_guest'] )
500	{
501	// verify if the picture is already in the favorite of the user
502	$query = 'SELECT COUNT(*) AS nb_fav';
503	$query.= ' FROM '.FAVORITES_TABLE.' WHERE image_id = '.$page['id'];
504	$query.= ' AND user_id = '.$user['id'].';';
505	$result = mysql_query( $query );
506	$row = mysql_fetch_array( $result );
507	if (!$row['nb_fav'])
508	{
509	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
510	if (isset($_GET['expand']))
511	$url.= '&expand='.$_GET['expand'];
512	$url.='&add_fav=1';
513	if ( $page['cat'] == 'search' )
514	{
515	$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
516	}
517	$vtp->addSession( $handle, 'favorite' );
518	$vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) );
519	$vtp->setVar( $handle, 'favorite.title', $lang['add_favorites_hint'] );
520	$vtp->setVar( $handle, 'favorite.src',
521	'./template/'.$user['template'].'/theme/favorite.gif' );
522	$vtp->setVar($handle,'favorite.alt','[ '.$lang['add_favorites_alt'].' ]');
523	$vtp->closeSession( $handle, 'favorite' );
524	}
525	else
526	{
527	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
528	$url.= '&expand='.$_GET['expand'].'&add_fav=0';
529	$vtp->addSession( $handle, 'favorite' );
530	$vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) );
531	$vtp->setVar( $handle, 'favorite.title', $lang['del_favorites_hint'] );
532	$vtp->setVar( $handle, 'favorite.src',
533	'./template/'.$user['template'].'/theme/del_favorite.gif' );
534	$vtp->setVar($handle,'favorite.alt','[ '.$lang['del_favorites_alt'].' ]');
535	$vtp->closeSession( $handle, 'favorite' );
536	}
537	}
538	//------------------------------------ admin link for information modifications
539	if ( $user['status'] == 'admin' )
540	{
541	$vtp->addSession( $handle, 'modification' );
542	$url = './admin/admin.php?page=picture_modify&cat_id='.$page['cat'];
543	$url.= '&image_id='.$page['id'];
544	$vtp->setVar( $handle, 'modification.link', add_session_id( $url ) );
545	$vtp->setVar( $handle, 'modification.name', $lang['link_info_image'] );
546	}
547
548	if ( $next )
549	{
550	// sending vars for display
551	$vtp->addSession( $handle, 'next' );
552	$vtp->setGlobalVar( $handle, 'next.url', add_session_id( $next_url_link ) );
553	$vtp->setGlobalVar( $handle, 'next.title', $next_title );
554	$vtp->setGlobalVar( $handle, 'next.src', $next_lien_thumbnail );
555	$vtp->setGlobalVar( $handle, 'next.alt', $next_alt_thumbnail );
556	$vtp->closeSession( $handle, 'next' );
557	}
558	else
559	{
560	$vtp->addSession( $handle, 'next_empty' );
561	$vtp->closeSession( $handle, 'next_empty' );
562	}
563	//---------------------------------------------------- users's comments display
564	if ( $conf['show_comments'] )
565	{
566	$vtp->addSession( $handle, 'comments' );
567	// comment registeration
568	if ( isset( $_POST['content'] ) and $_POST['content'] != '' )
569	{
570	$register_comment = true;
571
572	if ( !$user['is_the_guest'] ) $author = $user['username'];
573	if ( $_POST['author'] != '' ) $author = $_POST['author'];
574	// if a guest try to use the name of an already existing user, he must
575	// be rejected
576	if ( isset( $author ) and $author != $user['username'] )
577	{
578	$query = 'SELECT COUNT(*) AS user_exists';
579	$query.= ' FROM '.PREFIX_TABLE.'users';
580	$query.= " WHERE username = '".$author."'";
581	$query.= ';';
582	$row = mysql_fetch_array( mysql_query( $query ) );
583	if ( $row['user_exists'] == 1 )
584	{
585	$vtp->addSession( $handle, 'information' );
586	$message = $lang['comment_user_exists'];
587	$vtp->setVar( $handle, 'information.content', $message );
588	$vtp->closeSession( $handle, 'information' );
589	$register_comment = false;
590	}
591	}
592
593	if ( $register_comment )
594	{
595	// anti-flood system
596	$reference_date = time() - $conf['anti-flood_time'];
597	$query = 'SELECT id FROM '.COMMENTS_TABLE;
598	$query.= ' WHERE date > '.$reference_date;
599	$query.= " AND author = '".$author."'";
600	$query.= ';';
601	if ( mysql_num_rows( mysql_query( $query ) ) == 0
602	or $conf['anti-flood_time'] == 0 )
603	{
604	$query = 'INSERT INTO '.COMMENTS_TABLE;
605	$query.= ' (author,date,image_id,content,validated) VALUES';
606	$query.= ' (';
607	if ( !isset( $author ) ) $query.= 'NULL';
608	else $query.= "'".$author."'";
609	$query.= ','.time().','.$page['id'];
610	$query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'";
611	if ( !$conf['comments_validation'] or $user['status'] == 'admin' )
612	$query.= ",'true'";
613	else
614	$query.= ",'false'";
615	$query.= ');';
616	mysql_query( $query );
617	// information message
618	$vtp->addSession( $handle, 'information' );
619	$message = $lang['comment_added'];
620	if ( $conf['comments_validation'] and $user['status'] != 'admin' )
621	{
622	$message.= '<br />'.$lang['comment_to_validate'];
623	}
624	$vtp->setVar( $handle, 'information.content', $message );
625	$vtp->closeSession( $handle, 'information' );
626	// notification to the administrators
627	if ( $conf['mail_notification'] )
628	{
629	$cat_name = get_cat_display_name( $page['cat_name'], ' > ', '' );
630	$cat_name = strip_tags( $cat_name );
631	if ( $page['name'] == '' ) $picture = $page['file'];
632	else $picture = $page['name'];
633	notify( 'comment', $cat_name.' > '.$picture );
634	}
635	}
636	else
637	{
638	// information message
639	$vtp->addSession( $handle, 'information' );
640	$message = $lang['comment_anti-flood'];
641	$vtp->setVar( $handle, 'information.content', $message );
642	$vtp->closeSession( $handle, 'information' );
643	}
644	}
645	}
646	// comment deletion
647	if ( isset( $_GET['del'] )
648	and is_numeric( $_GET['del'] )
649	and $user['status'] == 'admin' )
650	{
651	$query = 'DELETE FROM '.COMMENTS_TABLE.' WHERE id = '.$_GET['del'].';';
652	mysql_query( $query );
653	}
654	// number of comment for this picture
655	$query = 'SELECT COUNT(*) AS nb_comments';
656	$query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$page['id'];
657	$query.= " AND validated = 'true'";
658	$query.= ';';
659	$row = mysql_fetch_array( mysql_query( $query ) );
660	$page['nb_comments'] = $row['nb_comments'];
661	// navigation bar creation
662	$url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id'];
663	if (isset($_GET['expand']))
664	$url.= '&expand='.$_GET['expand'];
665	if ( $page['cat'] == 'search' )
666	{
667	$url.= '&search='.$_GET['search'].'&mode='.$_GET['mode'];
668	}
669	if( !isset( $_GET['start'] )
670	or !is_numeric( $_GET['start'] )
671	or ( is_numeric( $_GET['start'] ) and $_GET['start'] < 0 ) )
672	{
673	$page['start'] = 0;
674	}
675	else
676	{
677	$page['start'] = $_GET['start'];
678	}
679	$page['navigation_bar'] = create_navigation_bar( $url, $page['nb_comments'],
680	$page['start'],
681	$conf['nb_comment_page'],
682	'' );
683	// sending vars for display
684	$vtp->setGlobalVar( $handle, 'navigation_bar', $page['navigation_bar'] );
685	$vtp->setGlobalVar( $handle, 'nb_comments', $page['nb_comments'] );
686
687	$query = 'SELECT id,author,date,image_id,content';
688	$query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$page['id'];
689	$query.= " AND validated = 'true'";
690	$query.= ' ORDER BY date ASC';
691	$query.= ' LIMIT '.$page['start'].', '.$conf['nb_comment_page'].';';
692	$result = mysql_query( $query );
693
694	while ( $row = mysql_fetch_array( $result ) )
695	{
696	$vtp->addSession( $handle, 'comment' );
697	$author = $row['author'];
698	if ( $row['author'] == '' ) $author = $lang['guest'];
699	$vtp->setVar( $handle, 'comment.author', $author );
700	$vtp->setVar( $handle, 'comment.date',
701	format_date( $row['date'], 'unix', true ) );
702	$content = nl2br( $row['content'] );
703
704	// replace _word_ by an underlined word
705	$pattern = '/_([^\s]*)_/';
706	$replacement = '<span style="text-decoration:underline;">\1</span>';
707	$content = preg_replace( $pattern, $replacement, $content );
708
709	// replace word by a bolded word
710	$pattern = '/\([^\s])\*/';
711	$replacement = '<span style="font-weight:bold;">\1</span>';
712	$content = preg_replace( $pattern, $replacement, $content );
713
714	// replace /word/ by an italic word
715	$pattern = '/\/([^\s]*)\//';
716	$replacement = '<span style="font-style:italic;">\1</span>';
717	$content = preg_replace( $pattern, $replacement, $content );
718
719	$vtp->setVar( $handle, 'comment.content', $content );
720	if ( $user['status'] == 'admin' )
721	{
722	$vtp->addSession( $handle, 'delete' );
723	$vtp->setVar( $handle, 'delete.link',
724	add_session_id( $url.'&del='.$row['id'] ) );
725	$vtp->closeSession( $handle, 'delete' );
726	}
727	$vtp->closeSession( $handle, 'comment' );
728	}
729
730	if ( !$user['is_the_guest']
731	or ( $user['is_the_guest'] and $conf['comments_forall'] ) )
732	{
733	$vtp->addSession( $handle, 'add_comment' );
734	// form action
735	$action = str_replace( '&', '&', $_SERVER['REQUEST_URI'] );
736	$vtp->setGlobalVar( $handle, 'form_action', $action );
737	// display author field if the user is not logged in
738	if ( !$user['is_the_guest'] )
739	{
740	$vtp->addSession( $handle, 'author_known' );
741	if (isset($user['pseudo']))
742	$vtp->setVar( $handle, 'author_known.value', $user['pseudo'] );
743	$vtp->closeSession( $handle, 'author_known' );
744	}
745	else
746	{
747	$vtp->addSession( $handle, 'author_field' );
748	$vtp->closeSession( $handle, 'author_field' );
749	}
750	$vtp->closeSession( $handle, 'add_comment' );
751	}
752	$vtp->closeSession( $handle, 'comments' );
753	}
754	//------------------------------------------------------------ log informations
755	pwg_log( 'picture', $intitule_cat, $page['file'] );
756	mysql_close();
757	//----------------------------------------------------------- html code display
758	$code = $vtp->Display( $handle, 0 );
759	echo $code;
760
761	include('include/page_tail.php');
762	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: