Changeset 1003

branches/branch-1_5/about.php

r897	r1003
46	46	$template->assign_vars(
47	47	array(
48		'U_HOME' => ~~add_session_id(PHPWG_ROOT_PATH.'category.php')~~
	48	'U_HOME' => PHPWG_ROOT_PATH.'category.php'
49	49	)
50	50	);

branches/branch-1_5/admin.php

-                      r957
+                      r1003
 $template->assign_vars(
   array(
     'U_HISTORY'=>add_session_id($link_start.'stats' ),
     'U_FAQ'=>add_session_id($link_start.'help' ),
     'U_SITES'=>add_session_id($link_start.'remote_site'),
     'U_MAINTENANCE'=>add_session_id($link_start.'maintenance'),
     'U_CONFIG_GENERAL'=>add_session_id($conf_link.'general' ),
     'U_CONFIG_COMMENTS'=>add_session_id($conf_link.'comments' ),
     'U_CONFIG_DISPLAY'=>add_session_id($conf_link.'default' ),
     'U_CATEGORIES'=>add_session_id($link_start.'cat_list' ),
     'U_MOVE'=>add_session_id($link_start.'cat_move' ),
     'U_CAT_UPLOAD'=>add_session_id($opt_link.'upload'),
     'U_CAT_COMMENTS'=>add_session_id($opt_link.'comments'),
     'U_CAT_VISIBLE'=>add_session_id($opt_link.'visible'),
     'U_CAT_STATUS'=>add_session_id($opt_link.'status'),
     'U_CAT_OPTIONS'=>add_session_id($link_start.'cat_options'),
     'U_CAT_UPDATE'=>add_session_id($link_start.'update'),
     'U_WAITING'=>add_session_id($link_start.'waiting' ),
     'U_COMMENTS'=>add_session_id($link_start.'comments' ),
     'U_CADDIE'=>add_session_id($link_start.'element_set&amp;cat=caddie'),
     'U_THUMBNAILS'=>add_session_id($link_start.'thumbnail' ),
     'U_USERS'=>add_session_id($link_start.'user_list' ),
     'U_GROUPS'=>add_session_id($link_start.'group_list' ),
     'U_ADMIN'=>add_session_id( PHPWG_ROOT_PATH.'admin.php' ),
     'U_RETURN'=>add_session_id(PHPWG_ROOT_PATH.'category.php')
+    'U_HISTORY'=> $link_start.'stats',
+    'U_FAQ'=> $link_start.'help',
+    'U_SITES'=> $link_start.'remote_site',
+    'U_MAINTENANCE'=> $link_start.'maintenance',
+    'U_CONFIG_GENERAL'=> $conf_link.'general',
+    'U_CONFIG_COMMENTS'=> $conf_link.'comments',
+    'U_CONFIG_DISPLAY'=> $conf_link.'default',
+    'U_CATEGORIES'=> $link_start.'cat_list',
+    'U_MOVE'=> $link_start.'cat_move',
+    'U_CAT_UPLOAD'=> $opt_link.'upload',
+    'U_CAT_COMMENTS'=> $opt_link.'comments',
+    'U_CAT_VISIBLE'=> $opt_link.'visible',
+    'U_CAT_STATUS'=> $opt_link.'status',
+    'U_CAT_OPTIONS'=> $link_start.'cat_options',
+    'U_CAT_UPDATE'=> $link_start.'update',
+    'U_WAITING'=> $link_start.'waiting',
+    'U_COMMENTS'=> $link_start.'comments',
+    'U_CADDIE'=> $link_start.'element_set&amp;cat=caddie',
+    'U_THUMBNAILS'=> $link_start.'thumbnail',
+    'U_USERS'=> $link_start.'user_list',
+    'U_GROUPS'=> $link_start.'group_list',
+    'U_ADMIN'=> PHPWG_ROOT_PATH.'admin.php',
+    'U_RETURN'=> PHPWG_ROOT_PATH.'category.php'
+    )
   );
 …
     'representative',
     array(
       'URL' => add_session_id($opt_link.'representative')
+      'URL' => $opt_link.'representative'
+      )
     );

branches/branch-1_5/admin/cat_list.php

-                      r869
+                      r1003
 $base_url = PHPWG_ROOT_PATH.'admin.php?page=cat_list';
 $navigation = '<a class="" href="'.add_session_id($base_url).'">';
+$navigation = '<a class="" href="'.$base_url.'">';
 $navigation.= $lang['home'];
 $navigation.= '</a>';
 …
   'CATEGORIES_NAV'=>$navigation,
   'NEXT_RANK'=>$next_rank,
   'F_ACTION'=>add_session_id($form_action),
+  'F_ACTION'=>$form_action,
   'L_ADD_VIRTUAL'=>$lang['cat_add'],
 …
       'RANK'=>$category['rank']*10,
+      'U_JUMPTO'=>
+      add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$category['id']),
+      'U_CHILDREN'=>
+      add_session_id($cat_list_url.'&amp;parent_id='.$category['id']),
+      'U_EDIT'=>
+      add_session_id($base_url.'cat_modify&amp;cat_id='.$category['id'])
+      'U_JUMPTO'=>PHPWG_ROOT_PATH.'category.php?cat='.$category['id'],
+      'U_CHILDREN'=>$cat_list_url.'&amp;parent_id='.$category['id'],
+      'U_EDIT'=>$base_url.'cat_modify&amp;cat_id='.$category['id']
+      )
     );
 …
       'category.delete',
       array(
         'URL'=>add_session_id($self_url.'&amp;delete='.$category['id'])
+        'URL'=>$self_url.'&amp;delete='.$category['id']
+        )
       );
 …
       'category.elements',
       array(
         'URL'=>add_session_id($base_url.'element_set&amp;cat='.$category['id'])
+        'URL'=>$base_url.'element_set&amp;cat='.$category['id']
+        )
       );
 …
       'category.permissions',
       array(
         'URL'=>add_session_id($base_url.'cat_perm&amp;cat='.$category['id'])
+        'URL'=>$base_url.'cat_perm&amp;cat='.$category['id']
+        )
       );

branches/branch-1_5/admin/cat_modify.php

-                      r881
+                      r1003
   'L_SET_RANDOM_REPRESENTANT'=>$lang['cat_representant'],
+  'U_JUMPTO'=>
+    add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$category['id']),
+  'U_CHILDREN'=>
+    add_session_id($cat_list_url.'&amp;parent_id='.$category['id']),
+  'U_JUMPTO'=>PHPWG_ROOT_PATH.'category.php?cat='.$category['id'],
+  'U_CHILDREN'=>$cat_list_url.'&amp;parent_id='.$category['id'],
   'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_modify',
   'F_ACTION'=>add_session_id($form_action)
+  'F_ACTION'=>$form_action
   ));
 …
     'permissions',
     array(
       'URL'=>add_session_id($base_url.'cat_perm&amp;cat='.$category['id'])
+      'URL'=>$base_url.'cat_perm&amp;cat='.$category['id']
+        )
     );
 …
     'elements',
     array(
       'URL'=>add_session_id($base_url.'element_set&amp;cat='.$category['id'])
+      'URL'=>$base_url.'element_set&amp;cat='.$category['id']
+      )
     );
 …
     'delete',
     array(
       'URL'=>add_session_id($self_url.'&amp;delete='.$category['id'])
+      'URL'=>$self_url.'&amp;delete='.$category['id']
+      )
     );

branches/branch-1_5/admin/cat_move.php

r881	r1003
69	69	$template->assign_vars(
70	70	array(
71		'F_ACTION' => ~~add_session_id(PHPWG_ROOT_PATH.'admin.php?page=cat_move')~~,
	71	'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=cat_move',
72	72	)
73	73	);

branches/branch-1_5/admin/cat_options.php

r862	r1003
154	154	'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_options',
155	155
156		'F_ACTION'=>~~add_session_id($base_url.$page['section'])~~
	156	'F_ACTION'=>$base_url.$page['section']
157	157	)
158	158	);

branches/branch-1_5/admin/cat_perm.php

-                      r873
+                      r1003
         ),
     'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_perm',
+    'F_ACTION' =>
+      add_session_id(
+        PHPWG_ROOT_PATH.'admin.php?page=cat_perm&amp;cat='.$page['cat']
+        )
+    'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=cat_perm&amp;cat='.$page['cat']
+    )
   );

branches/branch-1_5/admin/comments.php

-                      r839
+                      r1003
 $template->assign_vars(
   array(
     'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=comments')
+    'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=comments'
+    )
   );
 …
     array(
       'U_PICTURE' =>
-        add_session_id(
           PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
+          '&amp;image_id='.$row['image_id']
+          ),
+          '&amp;image_id='.$row['image_id'],
       'ID' => $row['id'],
       'TN_SRC' => get_thumbnail_src($row['path'], @$row['tn_ext']),

branches/branch-1_5/admin/configuration.php

r882	r1003
150	150	'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=configuration',
151	151
152		'F_ACTION'=>~~add_session_id($action)~~
	152	'F_ACTION'=>$action
153	153	));
154	154

branches/branch-1_5/admin/element_set_unit.php

-                      r875
+                      r1003
             $row['name'] : get_name_from_file($row['file']),
         'U_EDIT' =>
-          add_session_id(
             PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
+            '&amp;image_id='.$row['id']
+            ),
+            '&amp;image_id='.$row['id'],
         'ID' => $row['id'],
         'FILENAME' => $row['path'],

branches/branch-1_5/admin/group_list.php

-                      r815
+                      r1003
 $template->assign_vars(
   array(
+    'F_ADD_ACTION' =>
+      add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_list')
+    'F_ADD_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=group_list'
+    )
   );

branches/branch-1_5/admin/group_perm.php

-                      r817
+                      r1003
     'F_ACTION' =>
-      add_session_id(
         PHPWG_ROOT_PATH.
         'admin.php?page=group_perm&amp;group_id='.
         $page['group']
+        )
+    )
   );

branches/branch-1_5/admin/intro.php

-                      r991
+                      r1003
     'DB_GROUPS' => sprintf(l10n('%d groups'), $nb_groups),
     'DB_COMMENTS' => sprintf(l10n('%d comments'), $nb_comments),
+    'U_CHECK_UPGRADE' =>
+      add_session_id(PHPWG_ROOT_PATH.'admin.php?action=check_upgrade'),
+    'U_PHPINFO' =>
+      add_session_id(PHPWG_ROOT_PATH.'admin.php?action=phpinfo')
+    'U_CHECK_UPGRADE' => PHPWG_ROOT_PATH.'admin.php?action=check_upgrade',
+    'U_PHPINFO' => PHPWG_ROOT_PATH.'admin.php?action=phpinfo'
+    )
   );
 …
     'waiting',
     array(
       'URL' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=waiting'),
+      'URL' => PHPWG_ROOT_PATH.'admin.php?page=waiting',
       'INFO' => sprintf(l10n('%d waiting for validation'), $nb_waiting)
+      )
 …
     'unvalidated',
     array(
       'URL' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=comments'),
+      'URL' => PHPWG_ROOT_PATH.'admin.php?page=comments',
       'INFO' => sprintf(l10n('%d waiting for validation'), $nb_comments)
+      )

branches/branch-1_5/admin/maintenance.php

-                      r858
+                      r1003
 $template->assign_vars(
   array(
     'U_MAINT_CATEGORIES' => add_session_id($start_url.'categories'),
     'U_MAINT_IMAGES' => add_session_id($start_url.'images'),
     'U_MAINT_HISTORY' => add_session_id($start_url.'history'),
     'U_MAINT_SESSIONS' => add_session_id($start_url.'sessions'),
     'U_MAINT_FEEDS' => add_session_id($start_url.'feeds'),
+    'U_MAINT_CATEGORIES' => $start_url.'categories',
+    'U_MAINT_IMAGES' => $start_url.'images',
+    'U_MAINT_HISTORY' => $start_url.'history',
+    'U_MAINT_SESSIONS' => $start_url.'sessions',
+    'U_MAINT_FEEDS' => $start_url.'feeds',
     'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=maintenance',
+    )

branches/branch-1_5/admin/picture_modify.php

-                      r825
+                      r1003
   array(
     'U_SYNC' =>
-      add_session_id(
         PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
         '&amp;image_id='.$_GET['image_id'].
         (isset($_GET['cat_id']) ? '&amp;cat_id='.$_GET['cat_id'] : '').
+        '&amp;sync_metadata=1'
+        ),
+        '&amp;sync_metadata=1',
     'PATH'=>$row['path'],
 …
     'F_ACTION' =>
-      add_session_id(
         PHPWG_ROOT_PATH.'admin.php'
         .get_query_string_diff(array('sync_metadata'))
+        )
+    )
   );

branches/branch-1_5/admin/remote_site.php

-                      r929
+                      r1003
     'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=remote_site',
     'F_ACTION'=>add_session_id(PHPWG_ROOT_PATH.'admin.php?page=remote_site')
+    'F_ACTION'=>PHPWG_ROOT_PATH.'admin.php?page=remote_site'
+   )
  );
 …
       array(
         'URL' => $url,
         'U_UPDATE' => add_session_id($base_url.'local_update')
+        'U_UPDATE' => $base_url.'local_update'
+        )
       );
 …
     array(
       'NAME' => $row['galleries_url'],
       'U_GENERATE' => add_session_id($base_url.'generate'),
       'U_UPDATE' => add_session_id($base_url.'update'),
       'U_CLEAN' => add_session_id($base_url.'clean'),
       'U_DELETE' => add_session_id($base_url.'delete')
+      'U_GENERATE' => $base_url.'generate',
+      'U_UPDATE' => $base_url.'update',
+      'U_CLEAN' => $base_url.'clean',
+      'U_DELETE' => $base_url.'delete'
+     )
    );

branches/branch-1_5/admin/stats.php

-                      r918
+                      r1003
   $title_page=$lang['stats_day_title'].' du '.$date_of_day;
   $url_back = PHPWG_ROOT_PATH."admin.php?page=stats";
   $url_back = add_session_id($url_back);
+  $url_back = $url_back;
   $title_details='<a href='.$url_back.'>'.$lang['stats_day_title'].'</a>';
   $title_day = $date_of_day;
 …
   $title_page=$lang['stats_month_title'].' : '.$date_of_day;
   $url_back = PHPWG_ROOT_PATH."admin.php?page=stats";
   $url_back = add_session_id($url_back);
+  $url_back = $url_back;
   $title_details='<a href='.$url_back.'>'.$lang['stats_day_title'].'</a>';
   $title_day=$lang['today'];
 …
   'L_STAT_PICTURE'=>$lang['stats_picture'],
   'IMG_REPORT'=>add_session_id($url_img)
+  'IMG_REPORT'=>$url_img
   ));
 …
+      ;
     $value = '<a href="'.add_session_id($url).'">';
+    $value = '<a href="'.$url.'">';
     $value.= $row['d'].' ('.$week_day.')';
     $value.= "</a>";
 …
+      ;
     $value = '<a href="'.add_session_id($url).'">';
+    $value = '<a href="'.$url.'">';
     $value.= $lang['month'][$row['m']].' '.$row['y'];
     $value.= "</a>";

branches/branch-1_5/admin/thumbnail.php

r862	r1003
359	359	'params',
360	360	array(
361		'F_ACTION'=>~~add_session_id($form_url)~~,
	361	'F_ACTION'=>$form_url,
362	362	$gdlabel=>'checked="checked"',
363	363	$nlabel=>'checked="checked"',

branches/branch-1_5/admin/user_list.php

-                      r997
+                      r1003
 $template->set_filenames(array('user_list'=>'admin/user_list.tpl'));
 $base_url = add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_list');
+$base_url = PHPWG_ROOT_PATH.'admin.php?page=user_list';
 if (isset($_GET['start']) and is_numeric($_GET['start']))
 …
       'ID' => $local_user['id'],
       'CHECKED' => $checked,
       'U_MOD' => add_session_id($profile_url.$local_user['id']),
       'U_PERM' => add_session_id($perm_url.$local_user['id']),
+      'U_MOD' => $profile_url.$local_user['id'],
+      'U_PERM' => $perm_url.$local_user['id'],
       'USERNAME' => $local_user['username'],
       'STATUS' => $lang['user_status_'.$local_user['status']],

branches/branch-1_5/admin/user_perm.php

-                      r818
+                      r1003
     'F_ACTION' =>
-      add_session_id(
         PHPWG_ROOT_PATH.
         'admin.php?page=user_perm'.
         '&amp;user_id='.$page['user']
+        )
+    )
   );

branches/branch-1_5/admin/waiting.php

r849	r1003
149	149	'L_DELETE'=>$lang['delete'],
150	150
151		'F_ACTION'=>~~add_session_id(str_replace( '&', '&', $_SERVER['REQUEST_URI'] )~~)
	151	'F_ACTION'=>str_replace( '&', '&', $_SERVER['REQUEST_URI'])
152	152	));
153	153

branches/branch-1_5/category.php

-                      r999
+                      r1003
 if ( isset( $_GET['act'] )
      and $_GET['act'] == 'logout'
      and isset( $_COOKIE['id'] ) )
+     and isset( $_COOKIE[session_name()] ) )
+{
   // cookie deletion if exists
+  setcookie( 'id', '', 0, cookie_path() );
+  $_SESSION = array();
+  session_unset();
+  session_destroy();
+  setcookie(session_name(),'',0,'/');
   $url = 'category.php';
   redirect( $url );
 …
   'L_REMEMBER_ME' => $lang['remember_me'],
   'F_IDENTIFY' => add_session_id( PHPWG_ROOT_PATH.'identification.php' ),
+  'F_IDENTIFY' => PHPWG_ROOT_PATH.'identification.php',
   'T_RECENT' => $icon_recent,
   'U_HOME' => add_session_id( PHPWG_ROOT_PATH.'category.php' ),
   'U_REGISTER' => add_session_id( PHPWG_ROOT_PATH.'register.php' ),
   'U_LOST_PASSWORD' => add_session_id(PHPWG_ROOT_PATH.'password.php'),
+  'U_HOME' => PHPWG_ROOT_PATH.'category.php',
+  'U_REGISTER' => PHPWG_ROOT_PATH.'register.php',
+  'U_LOST_PASSWORD' => PHPWG_ROOT_PATH.'password.php',
   'U_LOGOUT' => PHPWG_ROOT_PATH.'category.php?act=logout',
   'U_ADMIN'=>add_session_id( PHPWG_ROOT_PATH.'admin.php' ),
   'U_PROFILE'=>add_session_id(PHPWG_ROOT_PATH.'profile.php')
+  'U_ADMIN'=> PHPWG_ROOT_PATH.'admin.php',
+  'U_PROFILE'=> PHPWG_ROOT_PATH.'profile.php'
+  )
 );
 …
     'special_cat',
     array(
       'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=fav'),
+      'URL' => PHPWG_ROOT_PATH.'category.php?cat=fav',
       'TITLE' => $lang['favorite_cat_hint'],
       'NAME' => $lang['favorite_cat']
 …
   'special_cat',
   array(
     'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=most_visited'),
+    'URL' => PHPWG_ROOT_PATH.'category.php?cat=most_visited',
     'TITLE' => $lang['most_visited_cat_hint'],
     'NAME' => $lang['most_visited_cat']
 …
     'special_cat',
     array(
       'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=best_rated'),
+      'URL' => PHPWG_ROOT_PATH.'category.php?cat=best_rated',
       'TITLE' => $lang['best_rated_cat_hint'],
       'NAME' => $lang['best_rated_cat']
 …
   'special_cat',
   array(
     'URL' => add_session_id(PHPWG_ROOT_PATH.'random.php'),
+    'URL' => PHPWG_ROOT_PATH.'random.php',
     'TITLE' => $lang['random_cat_hint'],
     'NAME' => $lang['random_cat']
 …
   'special_cat',
   array(
     'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=recent_pics'),
+    'URL' => PHPWG_ROOT_PATH.'category.php?cat=recent_pics',
     'TITLE' => $lang['recent_pics_cat_hint'],
     'NAME' => $lang['recent_pics_cat']
 …
   'special_cat',
   array(
     'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=recent_cats'),
+    'URL' => PHPWG_ROOT_PATH.'category.php?cat=recent_cats',
     'TITLE' => $lang['recent_cats_cat_hint'],
     'NAME' => $lang['recent_cats_cat']
 …
   'special_cat',
   array(
     'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=calendar'),
+    'URL' => PHPWG_ROOT_PATH.'category.php?cat=calendar',
     'TITLE' => $lang['calendar_hint'],
     'NAME' => $lang['calendar']
 …
 'TITLE'=>$lang['hint_search'],
 'NAME'=>$lang['search'],
 'U_SUMMARY'=>add_session_id( 'search.php' ),
+'U_SUMMARY'=> 'search.php',
 ));
 …
 'TITLE'=>$lang['hint_comments'],
 'NAME'=>$lang['comments'],
 'U_SUMMARY'=>add_session_id( 'comments.php' ),
+'U_SUMMARY'=> 'comments.php',
 ));
 …
 'TITLE'=>$lang['about_page_title'],
 'NAME'=>$lang['About'],
 'U_SUMMARY'=>add_session_id( 'about.php?'.str_replace( '&', '&amp;', $_SERVER['QUERY_STRING'] ) )
+'U_SUMMARY'=> 'about.php?'.str_replace( '&', '&amp;', $_SERVER['QUERY_STRING'] )
 ));
 …
     'TITLE'=>l10n('notification'),
     'NAME'=>l10n('Notification'),
     'U_SUMMARY'=>add_session_id(PHPWG_ROOT_PATH.'notification.php')
+    'U_SUMMARY'=> PHPWG_ROOT_PATH.'notification.php'
 ));
 …
     array(
       'URL' =>
-        add_session_id(
           PHPWG_ROOT_PATH.'admin.php?page=cat_modify'
           .'&amp;cat_id='.$page['cat']
+          )
+      )
     );
 …
       array(
         'URL' =>
-          add_session_id(
             PHPWG_ROOT_PATH.'category.php'
             .get_query_string_diff(array('caddie')).'&amp;caddie=1')
+        )
       );
+  }
 …
     $template->assign_block_vars(
       'upload',
       array('U_UPLOAD'=>add_session_id( $url ))
+      array('U_UPLOAD'=> $url )
       );
+  }

branches/branch-1_5/comments.php

-                      r987
+                      r1003
     'F_AUTHOR'=>@$_GET['author'],
     'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php')
+    'U_HOME' => PHPWG_ROOT_PATH.'category.php'
+    )
   );
 …
         'TITLE_IMG'=>$name,
         'I_THUMB'=>$thumbnail_src,
         'U_THUMB'=>add_session_id($url)
+        'U_THUMB'=>$url
         ));
 …
       'comment',
       array(
         'U_PICTURE' => add_session_id($url),
+        'U_PICTURE' => $url,
         'TN_SRC' => $thumbnail_src,
         'AUTHOR' => $author,

branches/branch-1_5/identification.php

-                      r866
+                      r1003
       $session_length = $conf['remember_me_length'];
+    }
+    $session_id = session_create($row['id'], $session_length);
+    redirect('category.php?id='.$session_id);
+    session_start();
+    $_SESSION['id'] = $row['id'];
+    redirect('category.php');
+  }
   else
 …
     'L_REMEMBER_ME'=>$lang['remember_me'],
     'U_REGISTER' => add_session_id(PHPWG_ROOT_PATH.'register.php'),
     'U_LOST_PASSWORD' => add_session_id(PHPWG_ROOT_PATH.'password.php'),
     'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php'),
+    'U_REGISTER' => PHPWG_ROOT_PATH.'register.php',
+    'U_LOST_PASSWORD' => PHPWG_ROOT_PATH.'password.php',
+    'U_HOME' => PHPWG_ROOT_PATH.'category.php',
     'F_LOGIN_ACTION' => add_session_id(PHPWG_ROOT_PATH.'identification.php')
+    'F_LOGIN_ACTION' => PHPWG_ROOT_PATH.'identification.php'
     ));

branches/branch-1_5/include/category_calendar.inc.php

-                      r896
+                      r1003
     $url = PHPWG_ROOT_PATH.'category.php?cat=calendar';
     $url.= '&amp;year='.$calendar_year;
-    $url = add_session_id($url);
     $years_nav_bar.= ' <a href="'.$url.'">'.$calendar_year.'</a>';
+  }
 …
       $url.= $page['calendar_year'].'.'.sprintf('%02s', $calendar_month);
       $months_nav_bar.= ' ';
       $months_nav_bar.= '<a href="'.add_session_id($url).'">';
+      $months_nav_bar.= '<a href="'.$url.'">';
       $months_nav_bar.= $lang['month'][(int)$calendar_month];
       $months_nav_bar.= '</a>';
 …
         'IMAGE_TITLE'=>$thumbnail_title,
         'U_IMG_LINK'=>add_session_id($url_link)
+        'U_IMG_LINK'=>$url_link
+       )
      );
 …
         'IMAGE_TITLE'=>$thumbnail_title,
         'U_IMG_LINK'=>add_session_id($url_link)
+        'U_IMG_LINK'=>$url_link
+       )
      );
 …
         'IMAGE_TITLE'=>$thumbnail_title,
         'U_IMG_LINK'=>add_session_id($url_link)
+        'U_IMG_LINK'=>$url_link
+         )
        );
 …
         'IMAGE_TITLE'=>$thumbnail_title,
         'U_IMG_LINK'=>add_session_id($url_link)
+        'U_IMG_LINK'=>$url_link
+         )
        );

branches/branch-1_5/include/category_default.inc.php

r803	r1003
90	90	'IMAGE_TS' => get_icon($row['date_available']),
91	91
92		'U_IMG_LINK' => ~~add_session_id($url_link)~~
	92	'U_IMG_LINK' => $url_link
93	93	)
94	94	);

branches/branch-1_5/include/category_recent_cats.inc.php

r760	r1003
79	79	'IMAGE_TITLE' => $lang['hint_category'],
80	80
81		'U_IMG_LINK' => ~~add_session_id($url_link)~~
	81	'U_IMG_LINK' => $url_link
82	82	)
83	83	);

branches/branch-1_5/include/category_subcats.inc.php

r809	r1003
153	153	'IMAGE_TS' => get_icon(@$item['date_last']),
154	154	'U_IMG_LINK' =>
155		~~add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$item['category'])~~
	155	PHPWG_ROOT_PATH.'category.php?cat='.$item['category']
156	156	)
157	157	);

branches/branch-1_5/include/config_default.inc.php

-                      r928
+                      r1003
 // +-----------------------------------------------------------------------+
+// specifies to use cookie to store the session id on client side
+$conf['session_use_cookies'] = 1;
+// specifies to only use cookie to store the session id on client side
+$conf['session_use_only_cookies'] = 1;
+// do not use transparent session id support
+$conf['session_use_trans_sid'] = 0;
+// specifies the name of the session which is used as cookie name
+$conf['session_name'] = 'pwg_id';
+// comment the line below to use file handler for sessions.
+$conf['session_save_handler'] = 'db';
 // authorize_remembering : permits user to stay logged for a long time. It
 // creates a cookie on client side.
 …
 // session_length : time of validity for normal session, in seconds.
 $conf['session_length'] = 3600;
-// session_id_size : a session identifier is compound of alphanumeric
-// characters and is case sensitive. Each character is among 62
-// possibilities. The number of possible sessions is
-// 62^$conf['session_id_size'].
-//
-// 62^5  =             916,132,832
-// 62^10 = 839,299,365,868,340,224
-//
-$conf['session_id_size'] = 10;
 // +-----------------------------------------------------------------------+

branches/branch-1_5/include/functions_category.inc.php

r988	r1003
48	48	{
49	49	echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
50		echo '<a href="~~'.add_session_id( './category.php' ).'~~">';
	50	echo '<a href="./category.php">';
51	51	echo $lang['thumbnails'].'</a></div>';
52	52	exit();

branches/branch-1_5/include/functions_html.inc.php

-                      r1002
+                      r1003
+    {
       $navbar.= '<a href="';
       $navbar.= add_session_id($url.'&amp;start=0');
+      $navbar.= $url.'&amp;start=0';
       $navbar.= '" class="'.$link_class.'">'.$lang['first_page'];
       $navbar.= '</a>';
 …
       $previous = $start - $nb_element_page;
       $navbar.= '<a href="';
       $navbar.= add_session_id( $url.'&amp;start='.$previous );
+      $navbar.= $url.'&amp;start='.$previous;
       $navbar.= '" class="'.$link_class.'">'.$lang['previous_page'];
       $navbar.= '</a>';
 …
+    {
       $navbar.= '&nbsp;<a href="';
       $navbar.= add_session_id($url.'&amp;start=0');
+      $navbar.= $url.'&amp;start=0';
       $navbar.= '" class="'.$link_class.'">1</a>';
       if ($cur_page > $pages_around + 2)
 …
         $temp_start = ($i - 1) * $nb_element_page;
         $navbar.= '&nbsp;<a href="';
         $navbar.= add_session_id($url.'&amp;start='.$temp_start);
+        $navbar.= $url.'&amp;start='.$temp_start;
         $navbar.= '" class="'.$link_class.'">'.$i.'</a>';
+      }
 …
+      }
       $navbar.= ' <a href="';
       $navbar.= add_session_id($url.'&amp;start='.$temp_start);
+      $navbar.= $url.'&amp;start='.$temp_start;
       $navbar.= '" class="'.$link_class.'">'.$maximum.'</a>';
+    }
 …
       $next = $start + $nb_element_page;
       $navbar.= '<a href="';
       $navbar.= add_session_id( $url.'&amp;start='.$next );
+      $navbar.= $url.'&amp;start='.$next;
       $navbar.= '" class="'.$link_class.'">'.$lang['next_page'].'</a>';
+    }
 …
       $temp_start = ($maximum - 1) * $nb_element_page;
       $navbar.= '<a href="';
       $navbar.= add_session_id($url.'&amp;start='.$temp_start);
+      $navbar.= $url.'&amp;start='.$temp_start;
       $navbar.= '" class="'.$link_class.'">'.$lang['last_page'];
       $navbar.= '</a>';
 …
+    {
       $output.= '<a class=""';
       $output.= ' href="'.add_session_id(PHPWG_ROOT_PATH.$url.$id).'">';
+      $output.= ' href="'.PHPWG_ROOT_PATH.$url.$id.'">';
       $output.= $name.'</a>';
+    }
 …
       $output.= '
 <a class=""
    href="'.add_session_id(PHPWG_ROOT_PATH.$url.$category_id).'">'.$name.'</a>';
+   href="'.PHPWG_ROOT_PATH.$url.$category_id.'">'.$name.'</a>';
+    }
+  }
 …
     $menu.= '>';
     $url = add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$category['id']);
+    $url = PHPWG_ROOT_PATH.'category.php?cat='.$category['id'];
     $menu.= "\n".'<a href="'.$url.'">'.$category['name'].'</a>';

branches/branch-1_5/include/functions_session.inc.php

-                      r808
+                      r1003
 // +-----------------------------------------------------------------------+
+// The function generate_key creates a string with pseudo random characters.
+// the size of the string depends on the $conf['session_id_size'].
+// Characters used are a-z A-Z and numerical values. Examples :
+//                    "Er4Tgh6", "Rrp08P", "54gj"
+// input  : none (using global variable)
+// output : $key
+function generate_key($size)
+if (isset($conf['session_save_handler']) and ($conf['session_save_handler'] == 'db')) {
+  session_set_save_handler('pwg_session_open',
+                           'pwg_session_close',
+                           'pwg_session_read',
+                           'pwg_session_write',
+                           'pwg_session_destroy',
+                           'pwg_session_gc'
+                           );
+}
+ini_set('session.use_cookies', $conf['session_use_cookies']);
+ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
+ini_set('session.use_trans_sid', $conf['session_use_trans_sid']);
+ini_set('session.name', $conf['session_name']);
+function pwg_session_open($path, $name)
+{
+  return true;
+}
+function pwg_session_close()
+{
+  pwg_session_gc();
+  return true;
+}
+function pwg_session_read($session_id)
+{
+  $query = "SELECT data FROM " . SESSIONS_TABLE;
+  $query .= " WHERE id = '$session_id'";
+  $result = pwg_query($query);
+  if ($result) {
+    $row = mysql_fetch_assoc($result);
+    return $row['data'];
+  } else {
+    return '';
+  }
+}
+function pwg_session_write($session_id, $data)
+{
+  $query = "SELECT id FROM " . SESSIONS_TABLE;
+  $query .= " WHERE id = '$session_id'";
+  $result = pwg_query($query);
+  if (mysql_num_rows($result)) {
+    $query = "UPDATE " . SESSIONS_TABLE . " SET expiration = now()";
+    $query .= " WHERE id = '$session_id'";
+    pwg_query($query);
+  } else {
+    $query = "INSERT INTO " . SESSIONS_TABLE . " (id,data,expiration)";
+    $query .= " VALUES('$session_id','$data',now())";
+    pwg_query($query);
+  }
+  return true;
+}
+function pwg_session_destroy($session_id)
+{
+  $query = "DELETE FROM " . SESSIONS_TABLE;
+  $query .= " WHERE id = '$session_id'";
+  pwg_query($query);
+  return true;
+}
+function pwg_session_gc()
+{
   global $conf;
+  $md5 = md5(substr(microtime(), 2, 6));
+  $init = '';
+  for ( $i = 0; $i < strlen( $md5 ); $i++ )
+  {
+    if ( is_numeric( $md5[$i] ) ) $init.= $md5[$i];
+  }
+  $init = substr( $init, 0, 8 );
+  mt_srand( $init );
+  $key = '';
+  for ( $i = 0; $i < $size; $i++ )
+  {
+    $c = mt_rand( 0, 2 );
+    if ( $c == 0 )      $key .= chr( mt_rand( 65, 90 ) );
+    else if ( $c == 1 ) $key .= chr( mt_rand( 97, 122 ) );
+    else                $key .= mt_rand( 0, 9 );
+  }
+  return $key;
+}
+/**
+ * create a new session and returns the session identifier
+ *
+ * - find a non-already-used session key
+ * - create a session in database
+ * - return session identifier
+ *
+ * @param int userid
+ * @param int session_lentgh : in seconds
+ * @return string
+ */
+function session_create($userid, $session_length)
+{
+  global $conf;
+  // 1. searching an unused session key
+  $id_found = false;
+  while (!$id_found)
+  {
+    $generated_id = generate_key($conf['session_id_size']);
+    $query = '
+SELECT id
+  FROM '.SESSIONS_TABLE.'
+  WHERE id = \''.$generated_id.'\'
+;';
+    $result = pwg_query($query);
+    if (mysql_num_rows($result) == 0)
+    {
+      $id_found = true;
+    }
+  }
+  // 3. inserting session in database
+  $query = '
+INSERT INTO '.SESSIONS_TABLE.'
+  (id,user_id,expiration)
+  VALUES
+  (\''.$generated_id.'\','.$userid.',
+   ADDDATE(NOW(), INTERVAL '.$session_length.' SECOND))
+;';
+  $query = "DELETE FROM " . SESSIONS_TABLE;
+  $query .= " WHERE UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(expiration) > " . $conf['session_length'];
   pwg_query($query);
+  $expiration = $session_length + time();
+  setcookie('id', $generated_id, $expiration, cookie_path());
+  return $generated_id;
+}
+// add_session_id adds the id of the session to the string given in
+// parameter as $url. If the session id is the first parameter to the url,
+// it is preceded by a '?', else it is preceded by a '&amp;'. If the
+// parameter $redirect is set to true, '&' is used instead of '&'.
+function add_session_id( $url, $redirect = false )
+{
+  global $page, $user, $conf;
+  if ($user['is_the_guest']
+      or $user['has_cookie']
+      or $conf['apache_authentication'])
+  {
+    return $url;
+  }
+  if (preg_match('/\.php\?/', $url))
+  {
+    $separator = $redirect ? '&' : '&amp;';
+  }
+  else
+  {
+    $separator = '?';
+  }
+  return $url.$separator.'id='.$page['session_id'];
+}
+// cookie_path returns the path to use for the PhpWebGallery cookie.
+// If PhpWebGallery is installed on :
+// http://domain.org/meeting/gallery/category.php
+// cookie_path will return : "/meeting/gallery"
+function cookie_path()
+{
+  return substr($_SERVER['PHP_SELF'],0,strrpos( $_SERVER['PHP_SELF'],'/'));
+  return true;
+}
 ?>

branches/branch-1_5/include/page_header.php

r850	r1003
62	62	array(
63	63	'REFRESH_TIME' => $refresh,
64		'U_REFRESH' => ~~add_session_id( $url_link )~~
	64	'U_REFRESH' => $url_link
65	65	));
66	66	$template->assign_block_vars('refresh', array());

branches/branch-1_5/include/user.inc.php

-                      r817
+                      r1003
 // retrieving connected user informations
 if (isset($_COOKIE['id']))
+if (isset($_COOKIE[session_name()]))
+{
+  $session_id = $_COOKIE['id'];
+  $user['has_cookie'] = true;
+}
+else if (isset($_GET['id']))
+ session_start();
+ if (isset($_SESSION['id']))
+ {
+   $user['id'] = $_SESSION['id'];
+ }
+ else
+ {
+   // session timeout
+   $user['id'] = $conf['guest_id'];
+   $user['is_the_guest'] = true;
+ }
+}
+else
+{
+  $session_id = $_GET['id'];
+  $user['has_cookie'] = false;
+}
+else
+{
+  $user['has_cookie'] = false;
+}
+if (isset($session_id)
+    and ereg("^[0-9a-zA-Z]{".$conf['session_id_size']."}$", $session_id))
+{
+  $page['session_id'] = $session_id;
+  $query = '
+SELECT user_id,expiration,NOW() AS now
+  FROM '.SESSIONS_TABLE.'
+  WHERE id = \''.$page['session_id'].'\'
+;';
+  $result = pwg_query($query);
+  if (mysql_num_rows($result) > 0)
+  {
+    $row = mysql_fetch_array($result);
+    if (strnatcmp($row['expiration'], $row['now']) < 0)
+    {
+      // deletion of the session from the database, because it is
+      // out-of-date
+      $delete_query = '
+DELETE FROM '.SESSIONS_TABLE.'
+  WHERE id = \''.$page['session_id'].'\'
+;';
+      pwg_query($delete_query);
+    }
+    else
+    {
+      $user['id'] = $row['user_id'];
+      $user['is_the_guest'] = false;
+    }
+  }
+}
+if (!isset($user['id']))
+{
+  $user['id'] = $conf['guest_id'];
+  $user['is_the_guest'] = true;
+ $user['id'] = $conf['guest_id'];
+ $user['is_the_guest'] = true;
+}

branches/branch-1_5/notification.php

r850	r1003
59	59	array(
60	60	'FEED_URL' => PHPWG_ROOT_PATH.'feed.php?feed='.$page['feed'],
61		'U_HOME' => ~~add_session_id(PHPWG_ROOT_PATH.'category.php')~~
	61	'U_HOME' => PHPWG_ROOT_PATH.'category.php'
62	62	)
63	63	);

branches/branch-1_5/password.php

r901	r1003
177	177	$template->assign_vars(
178	178	array(
179		'U_HOME' => ~~add_session_id(PHPWG_ROOT_PATH.'category.php')~~
	179	'U_HOME' => PHPWG_ROOT_PATH.'category.php'
180	180	)
181	181	);

branches/branch-1_5/picture.php

-                      r989
+                      r1003
+{
   echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
   echo '<a href="'.add_session_id( PHPWG_ROOT_PATH.'category.php' ).'">';
+  echo '<a href="'.PHPWG_ROOT_PATH.'category.php'.'">';
   echo $lang['thumbnails'].'</a></div>';
   exit();
 …
       // there is no favorite picture anymore we redirect the user to the
       // category page
+      $url = add_session_id($url_up);
+      redirect($url);
+      redirect($url_up);
+    }
     else if (!$has_prev)
+    {
       $url = str_replace( '&amp;', '&', $picture['next']['url'] );
       $url = add_session_id( $url, true);
+      redirect( $url );
+    }
     else
+    {
       $url = str_replace('&amp;', '&', $picture['prev']['url'] );
       $url = add_session_id( $url, true);
+      redirect( $url );
+    }
     redirect( $url );
 …
   'L_UP_ALT' => $lang['home'],
   'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php'),
   'U_UP' => add_session_id($url_up),
   'U_METADATA' => add_session_id($url_metadata),
   'U_ADMIN' => add_session_id($url_admin),
   'U_SLIDESHOW'=> add_session_id($url_slide),
   'U_ADD_COMMENT' => add_session_id(str_replace( '&', '&amp;', $_SERVER['REQUEST_URI'] ))
+  'U_HOME' => (PHPWG_ROOT_PATH.'category.php'),
+  'U_UP' => $url_up,
+  'U_METADATA' => $url_metadata,
+  'U_ADMIN' => $url_admin,
+  'U_SLIDESHOW'=> $url_slide,
+  'U_ADD_COMMENT' => str_replace( '&', '&amp;', $_SERVER['REQUEST_URI'] )
+  )
 );
 …
     array(
       'URL' =>
-      add_session_id(
         PHPWG_ROOT_PATH.'picture.php'
         .get_query_string_diff(array('caddie')).'&amp;caddie=1')
+      )
     );
+}
 …
       'TITLE_IMG' => $picture['prev']['name'],
       'IMG' => $picture['prev']['thumbnail'],
       'U_IMG' => add_session_id($picture['prev']['url'])
+      'U_IMG' => $picture['prev']['url']
       ));
+}
 …
       'TITLE_IMG' => $picture['next']['name'],
       'IMG' => $picture['next']['thumbnail'],
       'U_IMG' => add_session_id($picture['next']['url'])
+      'U_IMG' => $picture['next']['url']
       ));
+}
 …
   $infos['INFO_AUTHOR'] =
     '<a href="'.
-    add_session_id(
       PHPWG_ROOT_PATH.'category.php?cat=search'.
       '&amp;search=author:'.$picture['current']['author']
+      ).
+    '">'.$picture['current']['author'].'</a>';
+      .'">'.$picture['current']['author'].'</a>';
+}
 else
 …
   $infos['INFO_CREATION_DATE'] =
     '<a href="'.
-    add_session_id(
       PHPWG_ROOT_PATH.'category.php?cat=search'.
       '&amp;search=date_creation:'.$picture['current']['date_creation']
+      ).
+    '">'.format_date($picture['current']['date_creation']).'</a>';
+      .'">'.format_date($picture['current']['date_creation']).'</a>';
+}
 else
 …
 $infos['INFO_AVAILABILITY_DATE'] =
   '<a href="'.
-  add_session_id(
     PHPWG_ROOT_PATH.'category.php?cat=search'.
     '&amp;search=date_available:'.
     substr($picture['current']['date_available'], 0, 10)
+    ).
+    '">'.
+    .'">'.
   format_date($picture['current']['date_available'], 'mysql_datetime').
   '</a>';
 …
       '/([^,]+)/',
       '<a href="'.
-      add_session_id(
         PHPWG_ROOT_PATH.'category.php?cat=search&amp;search=keywords:$1'
+        ).
+      '">$1</a>',
+        .'">$1</a>',
       $picture['current']['keywords']
       );
 …
   $template->assign_block_vars('stop_slideshow', array(
   'U_SLIDESHOW'=>add_session_id( $picture['current']['url'] )
+  'U_SLIDESHOW'=>$picture['current']['url']
   ));
+}
 …
       $template->assign_block_vars(
         'comments.comment.delete',
         array('U_COMMENT_DELETE'=>add_session_id( $url.'&amp;del='.$row['id'])
+        array('U_COMMENT_DELETE'=> $url.'&amp;del='.$row['id']
           ));
+    }

branches/branch-1_5/profile.php

-                      r902
+                      r1003
     // redirection
     $url = PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING'];
     redirect(add_session_id($url));
+    redirect($url);
+  }
+}
 …
     'L_RETURN_HINT' =>  $lang['home_hint'],
     'U_RETURN' => add_session_id(PHPWG_ROOT_PATH.'category.php'),
     'F_ACTION'=>add_session_id($url_action),
+    'U_RETURN' => PHPWG_ROOT_PATH.'category.php',
+    'F_ACTION'=>$url_action,
     ));

branches/branch-1_5/random.php

r675	r1003
60	60	// +-----------------------------------------------------------------------+
61	61	$url = PHPWG_ROOT_PATH.'category.php?cat=list&list='.implode(',', $ids);
62		redirect(~~add_session_id($url)~~);
	62	redirect($url);
63	63	?>

branches/branch-1_5/register.php

-                      r945
+                      r1003
   'L_EMAIL' => $lang['mail_address'],
   'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php'),
+  'U_HOME' => PHPWG_ROOT_PATH.'category.php',
   'F_ACTION' => add_session_id('register.php'),
+  'F_ACTION' => 'register.php',
   'F_LOGIN' => $login,
   'F_EMAIL' => $email

branches/branch-1_5/search.php

-                      r867
+                      r1003
+{
   $url = 'category.php?cat=search&search='.$search_string;
-  $url = add_session_id($url, true);
   redirect($url);
+}
 …
   'TODAY_MONTH' => date('m', time()),
   'TODAY_YEAR' => date('Y', time()),
   'S_SEARCH_ACTION' => add_session_id( 'search.php' ),
+  'S_SEARCH_ACTION' => 'search.php',
   'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=search',
   'U_HOME' => add_session_id( 'category.php' )
+  'U_HOME' => 'category.php'
+  )
 );

branches/branch-1_5/upload.php

-                      r849
+                      r1003
+  {
     echo '<div style="text-align:center;">'.$lang['upload_forbidden'].'<br />';
     echo '<a href="'.add_session_id( './category.php' ).'">';
+    echo '<a href="./category.php">';
     echo $lang['thumbnails'].'</a></div>';
     exit();
 …
   'L_MANDATORY' =>  $lang['mandatory'],
   'F_ACTION' => add_session_id( $u_form ),
   'U_RETURN' => add_session_id(PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING'])
+  'F_ACTION' => $u_form,
+  'U_RETURN' => PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING']
   ));

Context Navigation

Legend:

Download in other formats: