Changeset 345
- Timestamp:
- Feb 2, 2004, 1:55:18 AM (20 years ago)
- Location:
- trunk
- Files:
-
- 16 added
- 4 deleted
- 59 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/about.php
r57 r345 18 18 ***************************************************************************/ 19 19 20 //----------------------------------------------------------- personnal include 21 include_once( './include/init.inc.php' ); 20 //----------------------------------------------------------- include 21 $phpwg_root_path = './'; 22 include_once( $phpwg_root_path.'common.php' ); 22 23 //----------------------------------------------------- template initialization 23 $vtp = new VTemplate; 24 // 25 // Start output of page 26 // 27 $title= $lang['about_page_title']; 28 include('include/page_header.php'); 29 24 30 $handle = $vtp->Open( './template/'.$user['template'].'/about.vtp' ); 25 31 initialize_template(); 26 32 27 $tpl = array('about_ page_title','about_title','about_message','about_return');33 $tpl = array('about_title','about_message','about_return'); 28 34 templatize_array( $tpl, 'lang', $handle ); 29 35 $vtp->setVar( $handle, 'user_template', $user['template'] ); … … 34 40 $code = $vtp->Display( $handle, 0 ); 35 41 echo $code; 42 include('include/page_tail.php'); 36 43 ?> -
trunk/admin.php
r228 r345 18 18 ***************************************************************************/ 19 19 20 //----------------------------------------------------------- personnal include 20 //----------------------------------------------------------- include 21 $phpwg_root_path = './'; 22 include_once( $phpwg_root_path.'common.php' ); 21 23 include_once( './admin/include/isadmin.inc.php' ); 22 24 //----------------------------------------------------- template initialization … … 35 37 $page_valide = false; 36 38 $title = ''; 39 if (isset( $_GET['page'] )) 37 40 switch ( $_GET['page'] ) 38 41 { -
trunk/admin/cat_list.php
r226 r345 19 19 ***************************************************************************/ 20 20 include_once( './admin/include/isadmin.inc.php' ); 21 21 22 //----------------------------------------------------- template initialization 22 23 $sub = $vtp->Open( './template/'.$user['template'].'/admin/cat_list.vtp' ); 23 24 $tpl = array( 'cat_edit','cat_up','cat_down','cat_image_info', 24 25 'cat_permission','cat_update','cat_add','cat_parent','submit', 25 'cat_virtual','delete','cat_first','cat_last' );26 'cat_virtual','delete','cat_first','cat_last','errors_title' ); 26 27 templatize_array( $tpl, 'lang', $sub ); 27 28 $vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); … … 30 31 if ( isset( $_POST['submit'] ) ) 31 32 { 32 if ( !preg_match( '/^\s*$/', $_POST['virtual_name'] ) ) 33 // is the given category name only containing blank spaces ? 34 if ( preg_match( '/^\s*$/', $_POST['virtual_name'] ) ) 35 array_push( $errors, $lang['cat_error_name'] ); 36 // does the uppercat id exists in the database ? 37 if ( $_POST['associate'] == '' ) 38 { 39 $_POST['associate'] = -1; 40 } 41 else if ( !is_numeric( $_POST['associate'] ) ) 42 { 43 array_push( $errors, $lang['cat_unknown_id'] ); 44 } 45 else 46 { 47 $query = 'SELECT id'; 48 $query.= ' FROM '.PREFIX_TABLE.'categories'; 49 $query.= ' WHERE id = '.$_POST['associate']; 50 $query.= ';'; 51 if ( mysql_num_rows( mysql_query( $query ) ) == 0 ) 52 array_push( $errors, $lang['cat_unknown_id'] ); 53 } 54 55 if ( count( $errors ) == 0 ) 33 56 { 34 57 // we have then to add the virtual category … … 42 65 $query.= ';'; 43 66 mysql_query( $query ); 44 } 45 else 46 { 47 array_push( $errors, $lang['cat_error_name'] ); 67 synchronize_all_users(); 48 68 } 49 69 } … … 172 192 { 173 193 delete_category( $_GET['delete'] ); 194 synchronize_all_users(); 174 195 } 175 196 //------------------------------------------------------------------ reordering … … 234 255 $result = mysql_query( $query ); 235 256 $row = mysql_fetch_array( $result ); 257 if ( !isset( $row['min'] ) ) $row['min'] = 0; 258 if ( !isset( $row['max'] ) ) $row['max'] = 0; 236 259 $min_rank = $row['min']; 237 260 $max_rank = $row['max']; … … 259 282 { 260 283 $subcat_visible = true; 284 if ( !isset( $row['dir'] ) ) $row['dir'] = ''; 261 285 262 286 $vtp->addSession( $sub, 'cat' ); 287 // is the category expanded or not ? 288 if ( isset($page['expand']) && $page['expand'] == 'all' ) 289 { 290 $vtp->addSession( $sub, 'bullet_wo_link' ); 291 $vtp->closeSession( $sub, 'bullet_wo_link' ); 292 } 293 else if ( isset($page['tab_expand']) && in_array( $row['id'], $page['tab_expand'] ) ) 294 { 295 $vtp->addSession( $sub, 'bullet_expanded' ); 296 $tab_expand = array_diff( $page['tab_expand'], array( $row['id'] ) ); 297 $expand = implode( ',', $tab_expand ); 298 $url = './admin.php?page=cat_list&expand='.$expand; 299 $vtp->setVar( $sub, 'bullet_expanded.link', add_session_id( $url ) ); 300 $vtp->closeSession( $sub, 'bullet_expanded' ); 301 } 302 else 303 { 304 $vtp->addSession( $sub, 'bullet_collapsed' ); 305 $tab_expand = array_merge( $page['tab_expand'], array( $row['id'] ) ); 306 $expand = implode( ',', $tab_expand ); 307 $url = './admin.php?page=cat_list&expand='.$expand; 308 $vtp->setVar( $sub, 'bullet_collapsed.link', add_session_id( $url ) ); 309 $vtp->closeSession( $sub, 'bullet_collapsed' ); 310 } 311 263 312 $vtp->setVar( $sub, 'cat.td', $td ); 264 313 $vtp->setVar( $sub, 'cat.class', $class ); 265 314 $vtp->setVar( $sub, 'cat.indent', $indent ); 266 315 $vtp->setVar( $sub, 'cat.name', $row['name'] ); 267 $vtp->setVar( $sub, 'cat.id', $row['id'] ); 316 268 317 if ( $row['dir'] != '' ) 269 318 { … … 281 330 // category can be deleted 282 331 $vtp->addSession( $sub, 'delete' ); 283 $url = './admin.php?page=cat_list&delete='.$row['id']; 332 $url = './admin.php?page=cat_list&expand='.$page['expand']; 333 $url.= '&delete='.$row['id']; 284 334 $vtp->setVar( $sub, 'delete.delete_url', add_session_id( $url ) ); 285 335 $vtp->closeSession( $sub, 'delete' ); … … 300 350 { 301 351 $vtp->addSession( $sub, 'up' ); 302 $ vtp->setVar( $sub, 'up.id', $row['id'] );303 $url = add_session_id( './admin.php?page=cat_list&up='.$row['id'] );304 $vtp->setVar( $sub, 'up.up_url', $url);352 $url = './admin.php?page=cat_list&expand='.$page['expand']; 353 $url.= '&up='.$row['id']; 354 $vtp->setVar( $sub, 'up.up_url', add_session_id( $url ) ); 305 355 $vtp->closeSession( $sub, 'up' ); 306 356 } … … 308 358 { 309 359 $vtp->addSession( $sub, 'no_up' ); 310 $ vtp->setVar( $sub, 'no_up.id', $row['id'] );311 $url = add_session_id( './admin.php?page=cat_list&last='.$row['id']);312 $vtp->setVar( $sub, 'no_up.last_url', $url);360 $url = './admin.php?page=cat_list&expand='.$page['expand']; 361 $url.= '&last='.$row['id']; 362 $vtp->setVar( $sub, 'no_up.last_url', add_session_id( $url ) ); 313 363 $vtp->closeSession( $sub, 'no_up' ); 314 364 } … … 316 366 { 317 367 $vtp->addSession( $sub, 'down' ); 318 $ vtp->setVar( $sub, 'down.id', $row['id'] );319 $url = add_session_id( './admin.php?page=cat_list&down='.$row['id']);320 $vtp->setVar( $sub, 'down.down_url', $url);368 $url = './admin.php?page=cat_list&expand='.$page['expand']; 369 $url.= '&down='.$row['id']; 370 $vtp->setVar( $sub, 'down.down_url', add_session_id( $url ) ); 321 371 $vtp->closeSession( $sub, 'down' ); 322 372 } … … 324 374 { 325 375 $vtp->addSession( $sub, 'no_down' ); 326 $ vtp->setVar( $sub, 'no_down.id', $row['id'] );327 $url = add_session_id('./admin.php?page=cat_list&first='.$row['id']);328 $vtp->setVar( $sub, 'no_down.first_url', $url);376 $url = './admin.php?page=cat_list&expand='.$page['expand']; 377 $url.= '&first='.$row['id']; 378 $vtp->setVar( $sub, 'no_down.first_url', add_session_id( $url ) ); 329 379 $vtp->closeSession( $sub, 'no_down' ); 330 380 } … … 332 382 { 333 383 $vtp->addSession( $sub, 'image_info' ); 334 $url = add_session_id( './admin.php?page=infos_images&cat_id=' 335 .$row['id'] ); 336 $vtp->setVar( $sub, 'image_info.image_info_url', $url ); 384 $url = './admin.php?page=infos_images&cat_id='.$row['id']; 385 $vtp->setVar( $sub, 'image_info.image_info_url', add_session_id($url) ); 337 386 $vtp->closeSession( $sub, 'image_info' ); 338 387 } … … 372 421 $vtp->closeSession( $sub, 'cat' ); 373 422 374 display_cat_manager( $row['id'], $indent.str_repeat( ' ', 4 ), 375 $subcat_visible, $level + 1 ); 423 if ( in_array( $row['id'], $page['tab_expand'] ) 424 or $page['expand'] == 'all') 425 display_cat_manager( $row['id'], $indent.str_repeat( ' ', 4 ), 426 $subcat_visible, $level + 1 ); 376 427 } 377 428 } 378 429 display_cat_manager( 'NULL', str_repeat( ' ', 4 ), true, 0 ); 379 430 // add a virtual category ? 380 $vtp->addSession( $sub, 'associate_cat' ); 381 $vtp->setVar( $sub, 'associate_cat.value', '-1' ); 382 $vtp->setVar( $sub, 'associate_cat.content', '' ); 383 $vtp->closeSession( $sub, 'associate_cat' ); 384 $page['plain_structure'] = get_plain_structure(); 385 $structure = create_structure( '', array() ); 386 display_categories( $structure, ' ' ); 431 // We only show a List Of Values if the number of categories is less than 432 // $conf['max_LOV_categories'] 433 $query = 'SELECT COUNT(id) AS nb_total_categories'; 434 $query.= ' FROM '.PREFIX_TABLE.'categories'; 435 $query.= ';'; 436 $row = mysql_fetch_array( mysql_query( $query ) ); 437 if ( $row['nb_total_categories'] < $conf['max_LOV_categories'] ) 438 { 439 $vtp->addSession( $sub, 'associate_LOV' ); 440 $vtp->addSession( $sub, 'associate_cat' ); 441 $vtp->setVar( $sub, 'associate_cat.value', '-1' ); 442 $vtp->setVar( $sub, 'associate_cat.content', '' ); 443 $vtp->closeSession( $sub, 'associate_cat' ); 444 $page['plain_structure'] = get_plain_structure( true ); 445 $structure = create_structure( '', array() ); 446 display_categories( $structure, ' ' ); 447 $vtp->closeSession( $sub, 'associate_LOV' ); 448 } 449 // else, we only display a small text field, we suppose the administrator 450 // knows the id of its category 451 else 452 { 453 $vtp->addSession( $sub, 'associate_text' ); 454 $vtp->closeSession( $sub, 'associate_text' ); 455 } 387 456 //----------------------------------------------------------- sending html code 388 457 $vtp->Parse( $handle , 'sub', $sub ); -
trunk/admin/cat_modify.php
r226 r345 41 41 $query.= ';'; 42 42 $row = mysql_fetch_array( mysql_query( $query ) ); 43 44 $query = 'UPDATE '.PREFIX_TABLE.'categories'; 45 46 $query.= ' SET name = '; 47 if ( $_POST['name'] == '' ) 48 $query.= 'NULL'; 49 else 50 $query.= "'".htmlentities( $_POST['name'], ENT_QUOTES)."'"; 51 52 $query.= ', comment = '; 53 if ( $_POST['comment'] == '' ) 54 $query.= 'NULL'; 55 else 56 $query.= "'".htmlentities( $_POST['comment'], ENT_QUOTES )."'"; 57 58 $query.= ", status = '".$_POST['status']."'"; 59 $query.= ", visible = '".$_POST['visible']."'"; 60 61 if ( isset( $_POST['uploadable'] ) ) 62 $query.= ", uploadable = '".$_POST['uploadable']."'"; 63 64 if ( isset( $_POST['associate'] ) ) 65 { 66 $query.= ', id_uppercat = '; 67 if ( $_POST['associate'] == -1 or $_POST['associate'] == '' ) 68 $query.= 'NULL'; 69 else 70 $query.= $_POST['associate']; 71 } 72 $query.= ' WHERE id = '.$_GET['cat']; 73 $query.= ';'; 74 mysql_query( $query ); 43 75 44 76 if ( $_POST['status'] != $row['status'] ) … … 54 86 $query.= ' WHERE cat_id = '.$_GET['cat']; 55 87 mysql_query( $query ); 56 } 57 58 $query = 'UPDATE '.PREFIX_TABLE.'categories'; 59 60 $query.= ' SET name = '; 61 if ( $_POST['name'] == '' ) 62 $query.= 'NULL'; 63 else 64 $query.= "'".htmlentities( $_POST['name'], ENT_QUOTES)."'"; 65 66 $query.= ', comment = '; 67 if ( $_POST['comment'] == '' ) 68 $query.= 'NULL'; 69 else 70 $query.= "'".htmlentities( $_POST['comment'], ENT_QUOTES )."'"; 71 72 $query.= ", status = '".$_POST['status']."'"; 73 $query.= ", visible = '".$_POST['visible']."'"; 74 75 if ( isset( $_POST['uploadable'] ) ) 76 $query.= ", uploadable = '".$_POST['uploadable']."'"; 77 78 if ( isset( $_POST['associate'] ) ) 79 { 80 $query.= ', id_uppercat = '; 81 if ( $_POST['associate'] == -1 ) $query.= 'NULL'; 82 else $query.= $_POST['associate']; 83 } 84 $query.= ' WHERE id = '.$_GET['cat']; 85 $query.= ';'; 86 mysql_query( $query ); 88 // resynchronize all users 89 synchronize_all_users(); 90 } 87 91 88 92 // checking users favorites … … 112 116 $query.= ';'; 113 117 $row = mysql_fetch_array( mysql_query( $query ) ); 118 119 if ( !isset( $row['dir'] ) ) $row['dir'] = ''; 120 if ( !isset( $row['id_uppercat'] ) ) $row['id_uppercat'] = ''; 121 114 122 $result = get_cat_info( $row['id'] ); 115 123 // cat name … … 136 144 } 137 145 $vtp->setVar( $sub, 'name', $row['name'] ); 146 if ( !isset( $row['comment'] ) ) $row['comment'] = ''; 138 147 $vtp->setVar( $sub, 'comment', $row['comment'] ); 139 148 // status : public, private... … … 204 213 { 205 214 $vtp->addSession( $sub, 'parent' ); 206 $vtp->addSession( $sub, 'associate_cat' ); 207 $vtp->setVar( $sub, 'associate_cat.value', '-1' ); 208 $vtp->setVar( $sub, 'associate_cat.content', '' ); 209 $vtp->closeSession( $sub, 'associate_cat' ); 210 $structure = create_structure( '', array() ); 211 display_categories( $structure, ' ', $row['id_uppercat'], $row['id'] ); 215 // We only show a List Of Values if the number of categories is less than 216 // $conf['max_LOV_categories'] 217 $query = 'SELECT COUNT(id) AS nb_total_categories'; 218 $query.= ' FROM '.PREFIX_TABLE.'categories'; 219 $query.= ';'; 220 $countrow = mysql_fetch_array( mysql_query( $query ) ); 221 if ( $countrow['nb_total_categories'] < $conf['max_LOV_categories'] ) 222 { 223 $vtp->addSession( $sub, 'associate_LOV' ); 224 $vtp->addSession( $sub, 'associate_cat' ); 225 $vtp->setVar( $sub, 'associate_cat.value', '-1' ); 226 $vtp->setVar( $sub, 'associate_cat.content', '' ); 227 $vtp->closeSession( $sub, 'associate_cat' ); 228 $page['plain_structure'] = get_plain_structure( true ); 229 $structure = create_structure( '', array() ); 230 display_categories( $structure, ' ', $row['id_uppercat'],$row['id'] ); 231 $vtp->closeSession( $sub, 'associate_LOV' ); 232 } 233 // else, we only display a small text field, we suppose the administrator 234 // knows the id of its category 235 else 236 { 237 $vtp->addSession( $sub, 'associate_text' ); 238 $vtp->setVar( $sub, 'associate_text.value', $row['id_uppercat'] ); 239 $vtp->closeSession( $sub, 'associate_text' ); 240 } 212 241 $vtp->closeSession( $sub, 'parent' ); 213 242 } -
trunk/admin/cat_perm.php
r226 r345 84 84 check_favorites( $row['id'] ); 85 85 } 86 // resynchronize all users 87 synchronize_all_users(); 86 88 } 87 89 //---------------------------------------------------------------------- groups … … 150 152 // for color of user : (red means access forbidden, green authorized) we 151 153 // ask all forbidden categories, including the groups rights 152 $restrictions = get_ restrictions( $row['id'], $row['status'], false );154 $restrictions = get_user_restrictions( $row['id'], $row['status'], false ); 153 155 $is_user_allowed = is_user_allowed( $page['cat'], $restrictions ); 154 156 if ( $is_user_allowed == 0 ) … … 162 164 // for permission update button, we only ask forbidden categories for the 163 165 // user, not taking into account the groups the user belongs to 164 $restrictions = get_ restrictions( $row['id'], $row['status'], false, false);166 $restrictions = get_user_restrictions($row['id'],$row['status'],false,false); 165 167 $is_user_allowed = is_user_allowed( $page['cat'], $restrictions ); 166 168 if ( $is_user_allowed == 2 ) -
trunk/admin/comments.php
r231 r345 37 37 $subrow = mysql_fetch_array( $subresult ); 38 38 39 if ( $array_cat_directories[$subrow['cat_id']] == '')39 if ( !isset( $array_cat_directories[$subrow['cat_id']] ) ) 40 40 { 41 41 $array_cat_directories[$subrow['cat_id']] = … … 50 50 // name of the picture 51 51 $name = $array_cat_names[$subrow['cat_id']].' > '; 52 if ( $subrow['name'] != '' )52 if ( isset( $subrow['name'] ) and $subrow['name'] != '' ) 53 53 { 54 54 $name.= $subrow['name']; … … 160 160 $vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); 161 161 //--------------------------------------------------- number of days to display 162 if ( isset( $_GET['last_days'] ) ) define( "MAX_DAYS", $_GET['last_days'] );163 else define( "MAX_DAYS", 0 );162 if ( isset( $_GET['last_days'] ) ) define( 'MAX_DAYS', $_GET['last_days'] ); 163 else define( 'MAX_DAYS', 0 ); 164 164 //----------------------------------------- non specific section initialization 165 165 $array_cat_directories = array(); -
trunk/admin/configuration.php
r228 r345 61 61 } 62 62 // deletion of site as asked 63 $site_deleted = false; 63 64 $query = 'SELECT id'; 64 65 $query.= ' FROM '.PREFIX_TABLE.'sites'; … … 71 72 { 72 73 delete_site( $row['id'] ); 73 // if any picture of this site were linked to another categories, we 74 // have to update the informations of those categories. To make it 75 // simple, we just update all the categories 76 update_category( 'all' ); 74 $site_deleted = true; 77 75 } 76 } 77 // if any picture of this site were linked to another categories, we have 78 // to update the informations of those categories. To make it simple, we 79 // just update all the categories 80 if ( $site_deleted ) 81 { 82 update_category( 'all' ); 83 synchronize_all_users(); 78 84 } 79 85 // thumbnail prefix must not contain accentuated characters … … 235 241 { 236 242 //--------------------------------------------------------- data initialization 237 $query = 'SELECT'; 238 foreach ( $conf_infos as $i => $conf_info ) { 239 if ( $i > 0 ) $query.= ','; 240 else $query.= ' '; 241 $query.= $conf_info; 242 } 243 $query = 'SELECT '.implode( ',', $conf_infos ); 243 244 $query .= ' FROM '.PREFIX_TABLE.'config;'; 244 245 $row = mysql_fetch_array( mysql_query( $query ) ); 245 foreach ( $conf_infos as $conf_info ) { 246 $$conf_info = $row[$conf_info]; 247 } 248 249 $query = 'SELECT'; 250 foreach ( $default_user_infos as $i => $default_user_info ) { 251 if ( $i > 0 ) $query.= ','; 252 else $query.= ' '; 253 $query.= $default_user_info; 254 } 246 foreach ( $conf_infos as $info ) { 247 if ( isset( $row[$info] ) ) $$info = $row[$info]; 248 else $$info = ''; 249 } 250 251 $query = 'SELECT '.implode( ',', $default_user_infos ); 255 252 $query.= ' FROM '.PREFIX_TABLE.'users'; 256 253 $query.= " WHERE username = 'guest'"; 257 254 $query.= ';'; 258 255 $row = mysql_fetch_array( mysql_query( $query ) ); 259 foreach ( $default_user_infos as $default_user_info ) { 260 $$default_user_info = $row[$default_user_info]; 256 foreach ( $default_user_infos as $info ) { 257 if ( isset( $row[$info] ) ) $$info = $row[$info]; 258 else $$info = ''; 261 259 } 262 260 } … … 654 652 $vtp->setVar( $sub, 'select.name', 'template' ); 655 653 $option = get_dirs( './template/' ); 654 656 655 for ( $i = 0; $i < sizeof( $option ); $i++ ) 657 656 { -
trunk/admin/create_listing_file.php
r161 r345 10 10 ***************************************************************************/ 11 11 12 $prefix_thumbnail = 'TN-'; 13 12 $conf['prefix_thumbnail'] = 'TN-'; 14 13 $conf['picture_ext'] = array ( 'jpg', 'gif', 'png', 'JPG', 'GIF', 'PNG' ); 15 14 … … 21 20 22 21 $listing.= '<url>'.$url.'</url>'; 23 22 23 /** 24 * returns an array with all picture files according to $conf['picture_ext'] 25 * 26 * @param string $dir 27 * @return array 28 */ 29 function get_picture_files( $dir ) 30 { 31 global $conf; 32 33 $pictures = array(); 34 if ( $opendir = opendir( $dir ) ) 35 { 36 while ( $file = readdir( $opendir ) ) 37 { 38 if ( in_array( get_extension( $file ), $conf['picture_ext'] ) ) 39 { 40 array_push( $pictures, $file ); 41 } 42 } 43 } 44 return $pictures; 45 } 46 47 /** 48 * returns an array with all thumbnails according to $conf['picture_ext'] 49 * and $conf['prefix_thumbnail'] 50 * 51 * @param string $dir 52 * @return array 53 */ 54 function get_thumb_files( $dir ) 55 { 56 global $conf; 57 58 $prefix_length = strlen( $conf['prefix_thumbnail'] ); 59 60 $thumbnails = array(); 61 if ( $opendir = @opendir( $dir ) ) 62 { 63 while ( $file = readdir( $opendir ) ) 64 { 65 if ( in_array( get_extension( $file ), $conf['picture_ext'] ) 66 and substr($file,0,$prefix_length) == $conf['prefix_thumbnail'] ) 67 { 68 array_push( $thumbnails, $file ); 69 } 70 } 71 } 72 return $thumbnails; 73 } 74 24 75 // get_dirs retourne un tableau contenant tous les sous-répertoires d'un 25 76 // répertoire 26 function get_dirs( $ rep, $indent, $level )77 function get_dirs( $basedir, $indent, $level ) 27 78 { 28 $sub_rep = array(); 29 $i = 0; 79 $fs_dirs = array(); 30 80 $dirs = ""; 31 if ( $opendir = opendir ( $rep ) ) 81 82 if ( $opendir = opendir( $basedir ) ) 32 83 { 33 while ( $file = readdir 84 while ( $file = readdir( $opendir ) ) 34 85 { 35 if ( $file != "."36 and $file != ".."37 and is_dir ( $ rep."/".$file )38 and $file != "thumbnail")86 if ( $file != '.' 87 and $file != '..' 88 and is_dir ( $basedir.'/'.$file ) 89 and $file != 'thumbnail' ) 39 90 { 40 $sub_rep[$i++] = $file;91 array_push( $fs_dirs, $file ); 41 92 if ( !preg_match( '/^[a-zA-Z0-9-_.]+$/', $file ) ) 42 93 { … … 50 101 } 51 102 // write of the dirs 52 for ( $i = 0; $i < sizeof( $sub_rep ); $i++ ) 53 { 54 $dirs.= "\n".$indent.'<dir'.$level.' name="'.$sub_rep[$i].'">'; 55 $dirs.= get_pictures( $rep.'/'.$sub_rep[$i], $indent.' ' ); 56 $dirs.= get_dirs( $rep.'/'.$sub_rep[$i], $indent.' ', $level + 1 ); 103 foreach ( $fs_dirs as $fs_dir ) { 104 $dirs.= "\n".$indent.'<dir'.$level.' name="'.$fs_dir.'">'; 105 $dirs.= get_pictures( $basedir.'/'.$fs_dir, $indent.' ' ); 106 $dirs.= get_dirs( $basedir.'/'.$fs_dir, $indent.' ', $level + 1 ); 57 107 $dirs.= "\n".$indent.'</dir'.$level.'>'; 58 108 } … … 74 124 } 75 125 76 function is_image( $filename)126 function get_pictures( $dir, $indent ) 77 127 { 78 128 global $conf; 129 130 // fs means filesystem : $fs_pictures contains pictures in the filesystem 131 // found in $dir, $fs_thumbnails contains thumbnails... 132 $fs_pictures = get_picture_files( $dir ); 133 $fs_thumbnails = get_thumb_files( $dir.'/thumbnail' ); 79 134 80 if ( !is_dir( $filename ) 81 and in_array( get_extension( $filename ), $conf['picture_ext'] ) ) 82 { 83 return true; 84 } 85 return false; 86 } 135 $root = "\n".$indent.'<root>'; 87 136 88 function TN_exists( $dir, $file ) 89 { 90 global $conf, $prefix_thumbnail; 137 foreach ( $fs_pictures as $fs_picture ) { 138 $file_wo_ext = get_filename_wo_extension( $fs_picture ); 139 $tn_ext = ''; 140 foreach ( $conf['picture_ext'] as $ext ) { 141 $test = $conf['prefix_thumbnail'].$file_wo_ext.'.'.$ext; 142 if ( !in_array( $test, $fs_thumbnails ) ) continue; 143 else { $tn_ext = $ext; break; } 144 } 145 // if we found a thumnbnail corresponding to our picture... 146 if ( $tn_ext != '' ) 147 { 148 list( $width,$height ) = @getimagesize( $dir.'/'.$fs_picture ); 91 149 92 $titre = get_filename_wo_extension( $file ); 93 94 for ( $i = 0; $i < sizeof ( $conf['picture_ext'] ); $i++ ) 95 { 96 $base_tn_name = $dir.'/thumbnail/'.$prefix_thumbnail.$titre.'.'; 97 $ext = $conf['picture_ext'][$i]; 98 if ( is_file( $base_tn_name.$ext ) ) 150 $root.= "\n".$indent.' '; 151 $root.= '<picture'; 152 $root.= ' file="'. $fs_picture.'"'; 153 $root.= ' tn_ext="'. $tn_ext.'"'; 154 $root.= ' filesize="'.floor(filesize($dir.'/'.$fs_picture)/1024).'"'; 155 $root.= ' width="'. $width.'"'; 156 $root.= ' height="'. $height.'"'; 157 $root.= ' />'; 158 159 if ( !preg_match( '/^[a-zA-Z0-9-_.]+$/', $fs_picture ) ) 160 { 161 echo '<span style="color:red;">"'.$fs_picture.'" : '; 162 echo 'The name of the picture should be composed of '; 163 echo 'letters, figures, "-", "_" or "." ONLY'; 164 echo '</span><br />'; 165 } 166 } 167 else 99 168 { 100 return $ext; 169 echo 'The thumbnail is missing for '.$dir.'/'.$fs_picture; 170 echo '-> '.$dir.'/thumbnail/'; 171 echo $conf['prefix_thumbnail'].$file_wo_ext.'.xxx'; 172 echo ' ("xxx" can be : '; 173 echo implode( ', ', $conf['picture_ext'] ); 174 echo ')<br />'; 101 175 } 102 176 } 103 echo 'The thumbnail is missing for '.$dir.'/'.$file;104 echo '-> '.$dir.'/thumbnail/'.$prefix_thumbnail.$titre.'.xxx';105 echo ' ("xxx" can be : ';106 for ( $i = 0; $i < sizeof ( $conf['picture_ext'] ); $i++ )107 {108 if ( $i > 0 )109 {110 echo ', ';111 }112 echo '"'.$conf['picture_ext'][$i].'"';113 }114 echo ')<br />';115 return false;116 }117 177 118 function get_pictures( $rep, $indent ) 119 { 120 $pictures = array(); 178 $root.= "\n".$indent.'</root>'; 121 179 122 $tn_ext = '';123 $root = '';124 if ( $opendir = opendir ( $rep ) )125 {126 while ( $file = readdir ( $opendir ) )127 {128 if ( is_image( $file ) and $tn_ext = TN_exists( $rep, $file ) )129 {130 $picture = array();131 132 $picture['file'] = $file;133 $picture['tn_ext'] = $tn_ext;134 $picture['date'] = date('Y-m-d',filemtime( $rep.'/'.$file ) );135 $picture['filesize'] = floor( filesize( $rep."/".$file ) / 1024 );136 $image_size = @getimagesize( $rep."/".$file );137 $picture['width'] = $image_size[0];138 $picture['height'] = $image_size[1];139 140 array_push( $pictures, $picture );141 142 if ( !preg_match( '/^[a-zA-Z0-9-_.]+$/', $file ) )143 {144 echo '<span style="color:red;">"'.$file.'" : ';145 echo 'The name of the picture should be composed of ';146 echo 'letters, figures, "-", "_" or "." ONLY';147 echo '</span><br />';148 }149 }150 }151 }152 // write of the node <root> with all the pictures at the root of the153 // directory154 $root.= "\n".$indent."<root>";155 if ( sizeof( $pictures ) > 0 )156 {157 for( $i = 0; $i < sizeof( $pictures ); $i++ )158 {159 $root.= "\n".$indent.' ';160 $root.= '<picture';161 $root.= ' file="'. $pictures[$i]['file']. '"';162 $root.= ' tn_ext="'. $pictures[$i]['tn_ext']. '"';163 $root.= ' date="'. $pictures[$i]['date']. '"';164 $root.= ' filesize="'. $pictures[$i]['filesize']. '"';165 $root.= ' width="'. $pictures[$i]['width']. '"';166 $root.= ' height="'. $pictures[$i]['height']. '"';167 $root.= ' />';168 }169 }170 $root.= "\n".$indent.'</root>';171 180 return $root; 172 181 } … … 178 187 fwrite( $fp, $listing ); 179 188 fclose( $fp ); 189 echo "listing.xml created"; 180 190 } 181 191 else … … 183 193 echo "I can't write the file listing.xml"; 184 194 } 185 186 echo "listing.xml created";187 195 ?> -
trunk/admin/group_list.php
r226 r345 34 34 $row = mysql_fetch_array( mysql_query( $query ) ); 35 35 // confirm group deletion ? 36 if ( $_GET['confirm'] != 1 )36 if ( !isset( $_GET['confirm'] ) or $_GET['confirm'] != 1 ) 37 37 { 38 38 $vtp->addSession( $sub, 'deletion' ); -
trunk/admin/group_perm.php
r226 r345 61 61 check_favorites( $row['id'] ); 62 62 } 63 // synchronization of calculated data 64 synchronize_group( $_GET['group_id'] ); 63 65 // confirmation display 64 66 $vtp->addSession( $sub, 'confirmation' ); -
trunk/admin/include/functions.php
r196 r345 54 54 return false; 55 55 } 56 56 57 /** 58 * returns an array with all picture files according to $conf['picture_ext'] 59 * 60 * @param string $dir 61 * @return array 62 */ 63 function get_picture_files( $dir ) 64 { 65 global $conf; 66 67 $pictures = array(); 68 if ( $opendir = opendir( $dir ) ) 69 { 70 while ( $file = readdir( $opendir ) ) 71 { 72 if ( in_array( get_extension( $file ), $conf['picture_ext'] ) ) 73 { 74 array_push( $pictures, $file ); 75 } 76 } 77 } 78 return $pictures; 79 } 80 81 /** 82 * returns an array with all thumbnails according to $conf['picture_ext'] 83 * and $conf['prefix_thumbnail'] 84 * 85 * @param string $dir 86 * @return array 87 */ 88 function get_thumb_files( $dir ) 89 { 90 global $conf; 91 92 $prefix_length = strlen( $conf['prefix_thumbnail'] ); 93 94 $thumbnails = array(); 95 if ( $opendir = @opendir( $dir ) ) 96 { 97 while ( $file = readdir( $opendir ) ) 98 { 99 if ( in_array( get_extension( $file ), $conf['picture_ext'] ) 100 and substr($file,0,$prefix_length) == $conf['prefix_thumbnail'] ) 101 { 102 array_push( $thumbnails, $file ); 103 } 104 } 105 } 106 return $thumbnails; 107 } 108 57 109 function TN_exists( $dir, $file ) 58 110 { … … 68 120 } 69 121 return false; 70 } 122 } 71 123 124 72 125 // The function delete_site deletes a site 73 126 // and call the function delete_category for each primary category of the site … … 92 145 } 93 146 147 94 148 // The function delete_category deletes the category identified by the $id 95 149 // It also deletes (in the database) : … … 145 199 } 146 200 201 147 202 // The function delete_image deletes the image identified by the $id 148 203 // It also deletes (in the database) : … … 179 234 $count_deleted++; 180 235 } 181 236 182 237 // The delete_user function delete a user identified by the $user_id 183 238 // It also deletes : … … 186 241 // - all the favorites linked to this user 187 242 // - all sessions linked to this user 243 // - all categories informations linked to this user 188 244 function delete_user( $user_id ) 189 245 { … … 211 267 $query.= ';'; 212 268 mysql_query( $query ); 213 269 270 // destruction of the categories informations linked with the user 271 $query = 'DELETE FROM '.PREFIX_TABLE.'user_category'; 272 $query.= ' WHERE user_id = '.$user_id; 273 $query.= ';'; 274 mysql_query( $query ); 275 214 276 // destruction of the user 215 277 $query = 'DELETE FROM '.PREFIX_TABLE.'users'; … … 231 293 mysql_query( $query ); 232 294 233 // destruction of the group links for this group 295 // synchronize all users linked to the group 296 synchronize_group( $group_id ); 297 298 // destruction of the users links for this group 234 299 $query = 'DELETE FROM '.PREFIX_TABLE.'user_group'; 235 300 $query.= ' WHERE group_id = '.$group_id; … … 249 314 function check_favorites( $user_id ) 250 315 { 251 $query = 'SELECT status ';316 $query = 'SELECT status,forbidden_categories'; 252 317 $query.= ' FROM '.PREFIX_TABLE.'users'; 253 318 $query.= ' WHERE id = '.$user_id; … … 256 321 $status = $row['status']; 257 322 // retrieving all the restricted categories for this user 258 $restricted_cat = get_all_restrictions( $user_id, $status ); 323 if ( isset( $row['forbidden_categories'] ) ) 324 $restricted_cat = explode( ',', $row['forbidden_categories'] ); 325 else 326 $restricted_cat = array(); 259 327 // retrieving all the favorites for this user and comparing their 260 328 // categories to the restricted categories … … 315 383 $query.= ' WHERE category_id = '.$id; 316 384 $query.= ';'; 317 $row = mysql_fetch_array( mysql_query( $query ) ); 385 list( $nb_images ) = mysql_fetch_array( mysql_query( $query ) ); 386 // updating the date_last 387 $query = 'SELECT MAX(date_available) AS date_available'; 388 $query.= ' FROM '.PREFIX_TABLE.'images'; 389 $query.= ' INNER JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; 390 $query.= ' WHERE category_id = '.$id; 391 $query.= ';'; 392 list( $date_available ) = mysql_fetch_array( mysql_query( $query ) ); 393 318 394 $query = 'UPDATE '.PREFIX_TABLE.'categories'; 319 $query.= ' SET nb_images = '.$row['nb_images']; 395 $query.= " SET date_last = '".$date_available."'"; 396 $query.= ', nb_images = '.$nb_images; 320 397 $query.= ' WHERE id = '.$id; 321 398 $query.= ';'; 322 399 mysql_query( $query ); 323 // updating the date_last 324 $query = 'SELECT date_available'; 325 $query.= ' FROM '.PREFIX_TABLE.'images'; 326 $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; 327 $query.= ' WHERE category_id = '.$id; 328 $query.= ' ORDER BY date_available DESC'; 329 $query.= ' LIMIT 0,1'; 330 $query.= ';'; 331 $row = mysql_fetch_array( mysql_query( $query ) ); 332 $query = 'UPDATE '.PREFIX_TABLE.'categories'; 333 $query.= " SET date_last = '".$row['date_available']."'"; 334 $query.= ' WHERE id = '.$id; 335 $query.= ';'; 336 mysql_query( $query ); 400 337 401 // updating the representative_picture_id : if the representative 338 402 // picture of the category is not any more linked to the category, we … … 344 408 // if the category has no representative picture (ie 345 409 // representative_picture_id == NULL) we don't update anything 346 if ( $row['representative_picture_id'] != '')410 if ( isset( $row['representative_picture_id'] ) ) 347 411 { 348 412 $query = 'SELECT image_id'; … … 367 431 { 368 432 // date arrives at this format : DD/MM/YYYY 369 list($day,$month,$year) = explode( '/', $date );433 @list($day,$month,$year) = explode( '/', $date ); 370 434 return @checkdate( $month, $day, $year ); 371 435 } … … 433 497 } 434 498 } 499 500 /** 501 * Complete plain structure of the gallery 502 * 503 * Returns the plain structure (one level array) of the gallery. In the 504 * returned array, each element is an array with jeys 'id' and 505 * 'id_uppercat'. The function also fills the array $page['subcats'] which 506 * associate (category_id => array of sub-categories id). 507 * 508 * @param bool $use_name 509 * @return array 510 */ 511 function get_plain_structure( $use_name = false ) 512 { 513 global $page; 514 515 $plain_structure = array(); 516 517 $query = 'SELECT id,id_uppercat'; 518 if ( $use_name ) $query.= ',name'; 519 $query.= ' FROM '.PREFIX_TABLE.'categories'; 520 $query.= ' ORDER BY id_uppercat ASC, rank ASC'; 521 $query.= ';'; 522 523 $subcats = array(); 524 $id_uppercat = 'NULL'; 525 526 $result = mysql_query( $query ); 527 while ( $row = mysql_fetch_array( $result ) ) 528 { 529 $plain_structure[$row['id']]['id'] = $row['id']; 530 if ( !isset( $row['id_uppercat'] ) ) $row['id_uppercat'] = 'NULL'; 531 $plain_structure[$row['id']]['id_uppercat'] = $row['id_uppercat']; 532 if ( $use_name ) $plain_structure[$row['id']]['name'] = $row['name']; 533 // subcats list 534 if ( $row['id_uppercat'] != $id_uppercat ) 535 { 536 $page['subcats'][$id_uppercat] = $subcats; 537 538 $subcats = array(); 539 $id_uppercat = $row['id_uppercat']; 540 } 541 array_push( $subcats, $row['id'] ); 542 } 543 mysql_free_result( $result ); 544 545 $page['subcats'][$id_uppercat] = $subcats; 546 547 return $plain_structure; 548 } 549 550 /** 551 * get N levels array representing structure under the given category 552 * 553 * create_structure returns the N levels array representing structure under 554 * the given gategory id. It also updates the 555 * $page['plain_structure'][id]['all_subcats_id'] and 556 * $page['plain_structure'][id]['direct_subcats_ids'] for each sub category. 557 * 558 * @param int $id_uppercat 559 * @return array 560 */ 561 function create_structure( $id_uppercat ) 562 { 563 global $page; 564 565 $structure = array(); 566 $ids = get_subcats_ids( $id_uppercat ); 567 foreach ( $ids as $id ) { 568 $category = $page['plain_structure'][$id]; 569 570 $category['subcats'] = create_structure( $id ); 571 572 $page['plain_structure'][$id]['all_subcats_ids'] = 573 get_all_subcats_ids( $id ); 574 575 $page['plain_structure'][$id]['direct_subcats_ids'] = 576 get_subcats_ids( $id ); 577 578 array_push( $structure, $category ); 579 } 580 return $structure; 581 } 582 583 /** 584 * returns direct sub-categories ids 585 * 586 * Returns an array containing all the direct sub-categories ids of the 587 * given category. It uses the $page['subcats'] global array. 588 * 589 * @param int $id_uppercat 590 * @return array 591 */ 592 function get_subcats_ids( $id_uppercat ) 593 { 594 global $page; 595 596 if ( $id_uppercat == '' ) $id_uppercat = 'NULL'; 597 598 if ( isset( $page['subcats'][$id_uppercat] ) ) 599 return $page['subcats'][$id_uppercat]; 600 else 601 return array(); 602 } 603 604 /** 605 * returns all sub-categories ids, not only direct ones 606 * 607 * Returns an array containing all the sub-categories ids of the given 608 * category, not only direct ones. This function is recursive. 609 * 610 * @param int $category_id 611 * @return array 612 */ 613 function get_all_subcats_ids( $category_id ) 614 { 615 $ids = array(); 616 617 $subcats = get_subcats_ids( $category_id ); 618 $ids = array_merge( $ids, $subcats ); 619 foreach ( $subcats as $subcat ) { 620 // recursive call 621 $sub_subcats = get_all_subcats_ids( $subcat ); 622 $ids = array_merge( $ids, $sub_subcats ); 623 } 624 return array_unique( $ids ); 625 } 626 627 /** 628 * prepares the query to update the table user_category 629 * 630 * Prepares the query (global variable $values) to update table 631 * user_category : for a couple (user,category) the number of sub-categories 632 * and the last date of the category (all sub-categories taken into 633 * account). It also calls function update_uppercats for each category. The 634 * function is recursive. 635 * 636 * @param array $categories 637 * @return void 638 */ 639 function update_user_category( $categories ) 640 { 641 global $page,$user_restrictions,$value_num,$values; 642 643 foreach ( $categories as $category ) { 644 // recursive call 645 update_user_category( $category['subcats'] ); 646 // 1. update the table user_category 647 foreach ( $user_restrictions as $user_id => $restrictions ) { 648 // if the category is forbidden to this user, go to next user 649 if ( in_array( $category['id'], $restrictions ) ) continue; 650 651 // how many sub_categories for this user ? 652 $user_subcats = array_diff( 653 $page['plain_structure'][$category['id']]['direct_subcats_ids'], 654 $restrictions ); 655 $user_nb_subcats = count( array_unique( $user_subcats ) ); 656 // last date of the category 657 $user_all_subcats = array_unique( array_diff( 658 $page['plain_structure'][$category['id']]['all_subcats_ids'], 659 $restrictions ) ); 660 661 $query = 'SELECT MAX(date_last) AS last_date'; 662 $query.= ' FROM '.PREFIX_TABLE.'categories'; 663 $query.= ' WHERE id IN ('.$category['id']; 664 if ( count( $user_all_subcats ) > 0 ) 665 $query.= ','.implode( ',', $user_all_subcats ); 666 $query.= ')'; 667 $query.= ';'; 668 $row = mysql_fetch_array( mysql_query( $query ) ); 669 670 // insert a new line in database 671 if ( $value_num++ > 0 ) $values.= ', '; 672 else $values.= ' '; 673 $values.= '('.$user_id.",".$category['id']; 674 if ( isset( $row['last_date'] ) ) $values.= ",'".$row['last_date']."'"; 675 else $values.= ',NULL'; 676 $values.= ','.$user_nb_subcats.')'; 677 } 678 update_uppercats( $category['id'] ); 679 } 680 } 681 682 /** 683 * updates the column categories.uppercats 684 * 685 * @param int $category_id 686 * @return void 687 */ 688 function update_uppercats( $category_id ) 689 { 690 global $page; 691 692 $final_id = $category_id; 693 $uppercats = array(); 694 695 array_push( $uppercats, $category_id ); 696 $uppercat = $page['plain_structure'][$category_id]['id_uppercat']; 697 698 while ( $uppercat != 'NULL' ) 699 { 700 array_push( $uppercats, $uppercat ); 701 $category_id = $page['plain_structure'][$category_id]['id_uppercat']; 702 $uppercat = $page['plain_structure'][$category_id]['id_uppercat']; 703 } 704 705 $string_uppercats = implode( ',', array_reverse( $uppercats ) ); 706 $query = 'UPDATE '.PREFIX_TABLE.'categories'; 707 $query.= ' SET uppercats = '."'".$string_uppercats."'"; 708 $query.= ' WHERE id = '.$final_id; 709 $query.= ';'; 710 mysql_query( $query ); 711 } 712 713 /** 714 * returns an array with the ids of the restricted categories for the user 715 * 716 * Returns an array with the ids of the restricted categories for the 717 * user. If the $check_invisible parameter is set to true, invisible 718 * categorie are added to the restricted one in the array. 719 * 720 * @param int $user_id 721 * @param string $user_status 722 * @param bool $check_invisible 723 * @param bool $use_groups 724 * @return array 725 */ 726 function get_user_restrictions( $user_id, $user_status, 727 $check_invisible, $use_groups = true ) 728 { 729 // 1. retrieving ids of private categories 730 $query = 'SELECT id'; 731 $query.= ' FROM '.PREFIX_TABLE.'categories'; 732 $query.= " WHERE status = 'private'"; 733 $query.= ';'; 734 $result = mysql_query( $query ); 735 $privates = array(); 736 while ( $row = mysql_fetch_array( $result ) ) 737 { 738 array_push( $privates, $row['id'] ); 739 } 740 // 2. retrieving all authorized categories for the user 741 $authorized = array(); 742 // 2.1. retrieving authorized categories thanks to personnal user 743 // authorization 744 $query = 'SELECT cat_id'; 745 $query.= ' FROM '.PREFIX_TABLE.'user_access'; 746 $query.= ' WHERE user_id = '.$user_id; 747 $query.= ';'; 748 $result = mysql_query( $query ); 749 while ( $row = mysql_fetch_array( $result ) ) 750 { 751 array_push( $authorized, $row['cat_id'] ); 752 } 753 // 2.2. retrieving authorized categories thanks to group authorization to 754 // which the user is a member 755 if ( $use_groups ) 756 { 757 $query = 'SELECT ga.cat_id'; 758 $query.= ' FROM '.PREFIX_TABLE.'user_group as ug'; 759 $query.= ', '.PREFIX_TABLE.'group_access as ga'; 760 $query.= ' WHERE ug.group_id = ga.group_id'; 761 $query.= ' AND ug.user_id = '.$user_id; 762 $query.= ';'; 763 $result = mysql_query( $query ); 764 while ( $row = mysql_fetch_array( $result ) ) 765 { 766 array_push( $authorized, $row['cat_id'] ); 767 } 768 $authorized = array_unique( $authorized ); 769 } 770 771 $forbidden = array(); 772 foreach ( $privates as $private ) { 773 if ( !in_array( $private, $authorized ) ) 774 { 775 array_push( $forbidden, $private ); 776 } 777 } 778 779 if ( $check_invisible ) 780 { 781 // 3. adding to the restricted categories, the invisible ones 782 if ( $user_status != 'admin' ) 783 { 784 $query = 'SELECT id'; 785 $query.= ' FROM '.PREFIX_TABLE.'categories'; 786 $query.= " WHERE visible = 'false';"; 787 $result = mysql_query( $query ); 788 while ( $row = mysql_fetch_array( $result ) ) 789 { 790 array_push( $forbidden, $row['id'] ); 791 } 792 } 793 } 794 return array_unique( $forbidden ); 795 } 796 797 /** 798 * finalizes operation for user_category table update 799 * 800 * This function is called by synchronization_*. It creates the 801 * $page['plain_structure'] and $page['structure'], get the SQL query to 802 * update user_category, clean user_category, and finally update the 803 * table. The users updates depends on the global array $user_restrictions. 804 * 805 * @return void 806 */ 807 function synchronize() 808 { 809 global $user_restrictions,$page,$values; 810 811 update_user_category( $page['structure'] ); 812 813 // cleaning user_category table for users to update 814 foreach( $user_restrictions as $user_id => $restrictions ) { 815 $query = 'DELETE'; 816 $query.= ' FROM '.PREFIX_TABLE.'user_category'; 817 $query.= ' WHERE user_id = '.$user_id; 818 $query.= ';'; 819 mysql_query( $query ); 820 } 821 822 $query = 'INSERT INTO '.PREFIX_TABLE.'user_category'; 823 $query.= ' (user_id,category_id,date_last,nb_sub_categories) VALUES '; 824 $query.= $values; 825 $query.= ';'; 826 mysql_query( $query ); 827 } 828 829 /** 830 * synchronizes all users calculated informations 831 * 832 * fills global array $user_restrictions with all users and related 833 * restrictions before calling synchronize. 834 * 835 * @return void 836 */ 837 function synchronize_all_users() 838 { 839 global $user_restrictions,$page; 840 841 $page['plain_structure'] = get_plain_structure(); 842 $page['structure'] = create_structure( '' ); 843 844 $user_restrictions = array(); 845 846 $query = 'SELECT id'; 847 $query.= ' FROM '.PREFIX_TABLE.'users'; 848 $query.= ';'; 849 $result = mysql_query( $query ); 850 while ( $row = mysql_fetch_array( $result ) ) 851 { 852 $user_restrictions[$row['id']] = update_user_restrictions( $row['id'] ); 853 } 854 synchronize(); 855 } 856 857 /** 858 * synchronizes 1 user calculated informations 859 * 860 * fills global array $user_restrictions with the user id and its related 861 * restrictions before calling synchronize. 862 * 863 * @param int $user_id 864 * @return void 865 */ 866 function synchronize_user( $user_id ) 867 { 868 global $user_restrictions,$page; 869 870 $page['plain_structure'] = get_plain_structure(); 871 $page['structure'] = create_structure( '' ); 872 873 $user_restrictions = array(); 874 $user_restrictions[$user_id] = update_user_restrictions( $user_id ); 875 synchronize(); 876 } 877 878 /** 879 * synchronizes all users (belonging to the group) calculated informations 880 * 881 * fills global array $user_restrictions with all users and related 882 * restrictions before calling synchronize. 883 * 884 * @return void 885 */ 886 function synchronize_group( $group_id ) 887 { 888 global $user_restrictions,$page; 889 890 $page['plain_structure'] = get_plain_structure(); 891 $page['structure'] = create_structure( '' ); 892 893 $user_restrictions = array(); 894 895 $query = 'SELECT id'; 896 $query.= ' FROM '.PREFIX_TABLE.'users'; 897 $query.= ', '.PREFIX_TABLE.'user_group'; 898 $query.= ' WHERE group_id = '.$group_id; 899 $query.= ' AND id = user_id'; 900 $query.= ';'; 901 $result = mysql_query( $query ); 902 while ( $row = mysql_fetch_array( $result ) ) 903 { 904 $user_restrictions[$row['id']] = update_user_restrictions( $row['id'] ); 905 } 906 synchronize(); 907 } 908 909 /** 910 * updates the calculated data users.forbidden_categories, it includes 911 * sub-categories of the direct forbidden categories 912 * 913 * @param nt $user_id 914 * @return array 915 */ 916 function update_user_restrictions( $user_id ) 917 { 918 $restrictions = get_user_all_restrictions( $user_id ); 919 920 // update the users.forbidden_categories in database 921 $query = 'UPDATE '.PREFIX_TABLE.'users'; 922 $query.= ' SET forbidden_categories = '; 923 if ( count( $restrictions ) > 0 ) 924 $query.= "'".implode( ',', $restrictions )."'"; 925 else 926 $query.= 'NULL'; 927 $query .= ' WHERE id = '.$user_id; 928 $query.= ';'; 929 mysql_query( $query ); 930 931 return $restrictions; 932 } 933 934 /** 935 * returns all the restricted categories ids including sub-categories 936 * 937 * @param int $user_id 938 * @return array 939 */ 940 function get_user_all_restrictions( $user_id ) 941 { 942 global $page; 943 944 $query = 'SELECT status'; 945 $query.= ' FROM '.PREFIX_TABLE.'users'; 946 $query.= ' WHERE id = '.$user_id; 947 $query.= ';'; 948 $row = mysql_fetch_array( mysql_query( $query ) ); 949 950 $base_restrictions=get_user_restrictions($user_id,$row['status'],true,true); 951 952 $restrictions = $base_restrictions; 953 foreach ( $base_restrictions as $category_id ) { 954 echo $category_id.' is forbidden to user '.$user_id.'<br />'; 955 $restrictions = 956 array_merge( $restrictions, 957 $page['plain_structure'][$category_id]['all_subcats_ids'] ); 958 } 959 960 return array_unique( $restrictions ); 961 } 962 963 // The function is_user_allowed returns : 964 // - 0 : if the category is allowed with this $restrictions array 965 // - 1 : if this category is not allowed 966 // - 2 : if an uppercat category is not allowed 967 // Note : the restrictions array must represent ONLY direct forbidden 968 // categories, not all forbidden categories 969 function is_user_allowed( $category_id, $restrictions ) 970 { 971 if ( in_array( $category_id, $restrictions ) ) return 1; 972 973 $query = 'SELECT uppercats'; 974 $query.= ' FROM '.PREFIX_TABLE.'categories'; 975 $query.= ' WHERE id = '.$category_id; 976 $query.= ';'; 977 $row = mysql_fetch_array( mysql_query( $query ) ); 978 $uppercats = explode( ',', $row['uppercats'] ); 979 foreach ( $uppercats as $category_id ) { 980 if ( in_array( $category_id, $restrictions ) ) return 2; 981 } 982 983 // no restriction found : the user is allowed to access this category 984 return 0; 985 } 986 987 /** 988 * returns an array containing sub-directories which can be a category 989 * 990 * directories nammed "thumbnail" are omitted 991 * 992 * @param string $basedir 993 * @return array 994 */ 995 function get_category_directories( $basedir ) 996 { 997 $sub_dirs = array(); 998 999 if ( $opendir = opendir( $basedir ) ) 1000 { 1001 while ( $file = readdir( $opendir ) ) 1002 { 1003 if ( $file != '.' and $file != '..' 1004 and is_dir( $basedir.'/'.$file ) 1005 and $file != 'thumbnail' ) 1006 { 1007 array_push( $sub_dirs, $file ); 1008 } 1009 } 1010 } 1011 return $sub_dirs; 1012 } 435 1013 ?> -
trunk/admin/include/isadmin.inc.php
r231 r345 17 17 * * 18 18 ***************************************************************************/ 19 define( "PREFIX_INCLUDE", '' );20 19 21 include_once( './include/config.inc.php' );22 include_once( './include/user.inc.php' );23 20 include( './admin/include/functions.php' ); 24 21 -
trunk/admin/infos_images.php
r228 r345 21 21 include_once( './template/'.$user['template'].'/htmlfunctions.inc.php' ); 22 22 //-------------------------------------------------------------- initialization 23 $page['nb_image_page'] = 5; 24 23 25 check_cat_id( $_GET['cat_id'] ); 26 27 $errors = array(); 28 24 29 if ( isset( $page['cat'] ) ) 25 30 { 26 31 //--------------------------------------------------- update individual options 27 $query = 'SELECT id,file'; 28 $query.= ' FROM '.PREFIX_TABLE.'images'; 29 $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; 30 $query.= ' WHERE category_id = '.$page['cat']; 31 $query.= ';'; 32 $result = mysql_query( $query ); 33 $i = 1; 34 while ( $row = mysql_fetch_array( $result ) ) 35 { 36 $name = 'name-'.$row['id']; 37 $author = 'author-'.$row['id']; 38 $comment = 'comment-'.$row['id']; 39 $date_creation = 'date_creation-'.$row['id']; 40 $keywords = 'keywords-'.$row['id']; 41 if ( isset( $_POST[$name] ) ) 42 { 43 $query = 'UPDATE '.PREFIX_TABLE.'images'; 44 45 $query.= ' SET name = '; 46 if ( $_POST[$name] == '' ) 47 $query.= 'NULL'; 32 if ( isset( $_POST['submit'] ) ) 33 { 34 if ( isset( $_POST['associate'] ) and $_POST['associate'] != '' ) 35 { 36 // does the uppercat id exists in the database ? 37 if ( !is_numeric( $_POST['associate'] ) ) 38 { 39 array_push( $errors, $lang['cat_unknown_id'] ); 40 } 48 41 else 49 $query.= "'".htmlentities( $_POST[$name], ENT_QUOTES )."'"; 50 51 $query.= ', author = '; 52 if ( $_POST[$author] == '' ) 53 $query.= 'NULL'; 54 else 55 $query.= "'".htmlentities($_POST[$author],ENT_QUOTES)."'"; 56 57 $query.= ', comment = '; 58 if ( $_POST[$comment] == '' ) 59 $query.= 'NULL'; 60 else 61 $query.= "'".htmlentities($_POST[$comment],ENT_QUOTES)."'"; 62 63 $query.= ', date_creation = '; 64 if ( check_date_format( $_POST[$date_creation] ) ) 65 $query.= "'".date_convert( $_POST[$date_creation] )."'"; 66 else if ( $_POST[$date_creation] == '' ) 67 $query.= 'NULL'; 68 69 $query.= ', keywords = '; 70 $keywords_array = get_keywords( $_POST[$keywords] ); 71 if ( count( $keywords_array ) == 0 ) 72 $query.= 'NULL'; 73 else 74 { 75 $query.= "'"; 76 foreach ( $keywords_array as $i => $keyword ) { 77 if ( $i > 0 ) $query.= ','; 78 $query.= $keyword; 79 } 80 $query.= "'"; 81 } 82 83 $query.= ' WHERE id = '.$row['id']; 84 $query.= ';'; 85 mysql_query( $query ); 86 } 87 // add link to another category 88 if ( $_POST['check-'.$row['id']] == 1 ) 89 { 90 $query = 'INSERT INTO '.PREFIX_TABLE.'image_category'; 91 $query.= ' (image_id,category_id) VALUES'; 92 $query.= ' ('.$row['id'].','.$_POST['associate'].')'; 93 $query.= ';'; 94 mysql_query( $query ); 95 } 96 } 97 update_category( $_POST['associate'] ); 98 //------------------------------------------------------ update general options 99 if ( $_POST['use_common_author'] == 1 ) 100 { 101 $query = 'SELECT image_id'; 102 $query.= ' FROM '.PREFIX_TABLE.'image_category'; 42 { 43 $query = 'SELECT id'; 44 $query.= ' FROM '.PREFIX_TABLE.'categories'; 45 $query.= ' WHERE id = '.$_POST['associate']; 46 $query.= ';'; 47 if ( mysql_num_rows( mysql_query( $query ) ) == 0 ) 48 array_push( $errors, $lang['cat_unknown_id'] ); 49 } 50 } 51 52 $associate = false; 53 54 $query = 'SELECT id,file'; 55 $query.= ' FROM '.PREFIX_TABLE.'images'; 56 $query.= ' INNER JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; 103 57 $query.= ' WHERE category_id = '.$page['cat']; 58 $query.= ';'; 104 59 $result = mysql_query( $query ); 105 60 while ( $row = mysql_fetch_array( $result ) ) 106 61 { 107 $query = 'UPDATE '.PREFIX_TABLE.'images'; 108 if ( $_POST['author_cat'] == '' ) 109 { 110 $query.= ' SET author = NULL'; 111 } 112 else 113 { 114 $query.= ' SET author = '; 115 $query.= "'".htmlentities( $_POST['author_cat'], ENT_QUOTES )."'"; 116 } 117 $query.= ' WHERE id = '.$row['image_id']; 118 $query.= ';'; 119 mysql_query( $query ); 120 } 121 } 122 if ( $_POST['use_common_date_creation'] == 1 ) 123 { 124 if ( check_date_format( $_POST['date_creation_cat'] ) ) 125 { 126 $date = date_convert( $_POST['date_creation_cat'] ); 62 $name = 'name-'.$row['id']; 63 $author = 'author-'.$row['id']; 64 $comment = 'comment-'.$row['id']; 65 $date_creation = 'date_creation-'.$row['id']; 66 $keywords = 'keywords-'.$row['id']; 67 if ( isset( $_POST[$name] ) ) 68 { 69 $query = 'UPDATE '.PREFIX_TABLE.'images'; 70 71 $query.= ' SET name = '; 72 if ( $_POST[$name] == '' ) 73 $query.= 'NULL'; 74 else 75 $query.= "'".htmlentities( $_POST[$name], ENT_QUOTES )."'"; 76 77 $query.= ', author = '; 78 if ( $_POST[$author] == '' ) 79 $query.= 'NULL'; 80 else 81 $query.= "'".htmlentities($_POST[$author],ENT_QUOTES)."'"; 82 83 $query.= ', comment = '; 84 if ( $_POST[$comment] == '' ) 85 $query.= 'NULL'; 86 else 87 $query.= "'".htmlentities($_POST[$comment],ENT_QUOTES)."'"; 88 89 $query.= ', date_creation = '; 90 if ( check_date_format( $_POST[$date_creation] ) ) 91 $query.= "'".date_convert( $_POST[$date_creation] )."'"; 92 else if ( $_POST[$date_creation] == '' ) 93 $query.= 'NULL'; 94 95 $query.= ', keywords = '; 96 97 $keywords_array = get_keywords( $_POST[$keywords] ); 98 if ( count( $keywords_array ) == 0 ) $query.= 'NULL'; 99 else $query.= "'".implode( ',', $keywords_array )."'"; 100 101 $query.= ' WHERE id = '.$row['id']; 102 $query.= ';'; 103 mysql_query( $query ); 104 } 105 // add link to another category 106 if ( isset( $_POST['check-'.$row['id']] ) and count( $errors ) == 0 ) 107 { 108 $query = 'INSERT INTO '.PREFIX_TABLE.'image_category'; 109 $query.= ' (image_id,category_id) VALUES'; 110 $query.= ' ('.$row['id'].','.$_POST['associate'].')'; 111 $query.= ';'; 112 mysql_query( $query ); 113 $associate = true; 114 } 115 } 116 update_category( $_POST['associate'] ); 117 if ( $associate ) synchronize_all_users(); 118 //------------------------------------------------------ update general options 119 if ( isset( $_POST['use_common_author'] ) ) 120 { 127 121 $query = 'SELECT image_id'; 128 122 $query.= ' FROM '.PREFIX_TABLE.'image_category'; … … 132 126 { 133 127 $query = 'UPDATE '.PREFIX_TABLE.'images'; 134 if ( $_POST['date_creation_cat'] == '' ) 135 { 136 $query.= ' SET date_creation = NULL'; 137 } 138 else 139 { 140 $query.= " SET date_creation = '".$date."'"; 128 if ( $_POST['author_cat'] == '' ) 129 { 130 $query.= ' SET author = NULL'; 131 } 132 else 133 { 134 $query.= ' SET author = '; 135 $query.= "'".htmlentities( $_POST['author_cat'], ENT_QUOTES )."'"; 141 136 } 142 137 $query.= ' WHERE id = '.$row['image_id']; … … 145 140 } 146 141 } 147 else 148 { 149 echo $lang['err_date']; 150 } 151 } 152 if ( isset( $_POST['common_keywords'] ) and $_POST['keywords_cat'] != '' ) 153 { 154 $query = 'SELECT id,keywords'; 155 $query.= ' FROM '.PREFIX_TABLE.'images'; 156 $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; 157 $query.= ' WHERE category_id = '.$page['cat']; 158 $query.= ';'; 159 $result = mysql_query( $query ); 160 while ( $row = mysql_fetch_array( $result ) ) 161 { 162 $specific_keywords = explode( ',', $row['keywords'] ); 163 $common_keywords = get_keywords( $_POST['keywords_cat'] ); 164 // first possiblity : adding the given keywords to all the pictures 165 if ( $_POST['common_keywords'] == 'add' ) 166 { 167 $keywords = array_merge( $specific_keywords, $common_keywords ); 168 $keywords = array_unique( $keywords ); 169 } 170 // second possiblity : removing the given keywords from all pictures 171 // (without deleting the other specific keywords 172 if ( $_POST['common_keywords'] == 'remove' ) 173 { 174 $keywords = array_diff( $specific_keywords, $common_keywords ); 175 } 176 // cleaning the keywords array, sometimes, an empty value still remain 177 $keywords = array_remove( $keywords, '' ); 178 // updating the picture with new keywords array 179 $query = 'UPDATE '.PREFIX_TABLE.'images'; 180 $query.= ' SET keywords = '; 181 if ( count( $keywords ) == 0 ) 182 { 183 $query.= 'NULL'; 142 if ( isset( $_POST['use_common_date_creation'] ) ) 143 { 144 if ( check_date_format( $_POST['date_creation_cat'] ) ) 145 { 146 $date = date_convert( $_POST['date_creation_cat'] ); 147 $query = 'SELECT image_id'; 148 $query.= ' FROM '.PREFIX_TABLE.'image_category'; 149 $query.= ' WHERE category_id = '.$page['cat']; 150 $result = mysql_query( $query ); 151 while ( $row = mysql_fetch_array( $result ) ) 152 { 153 $query = 'UPDATE '.PREFIX_TABLE.'images'; 154 if ( $_POST['date_creation_cat'] == '' ) 155 { 156 $query.= ' SET date_creation = NULL'; 157 } 158 else 159 { 160 $query.= " SET date_creation = '".$date."'"; 161 } 162 $query.= ' WHERE id = '.$row['image_id']; 163 $query.= ';'; 164 mysql_query( $query ); 165 } 184 166 } 185 167 else 186 168 { 187 $query.= '"';188 $i = 0;189 foreach ( $keywords as $keyword ) {190 if ( $i++ > 0 ) $query.= ',';191 $query.= $keyword;192 }193 $query.= '"';194 }195 $query.= ' WHERE id = '.$row['id'];169 array_push( $errors, $lang['err_date'] ); 170 } 171 } 172 if ( isset( $_POST['common_keywords'] ) and $_POST['keywords_cat'] != '' ) 173 { 174 $query = 'SELECT id,keywords'; 175 $query.= ' FROM '.PREFIX_TABLE.'images'; 176 $query.= ' INNER JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; 177 $query.= ' WHERE category_id = '.$page['cat']; 196 178 $query.= ';'; 197 mysql_query( $query ); 179 $result = mysql_query( $query ); 180 while ( $row = mysql_fetch_array( $result ) ) 181 { 182 if ( !isset( $row['keywords'] ) ) $specific_keywords = array(); 183 else $specific_keywords = explode( ',', $row['keywords'] ); 184 185 $common_keywords = get_keywords( $_POST['keywords_cat'] ); 186 // first possiblity : adding the given keywords to all the pictures 187 if ( $_POST['common_keywords'] == 'add' ) 188 { 189 $keywords = array_merge( $specific_keywords, $common_keywords ); 190 $keywords = array_unique( $keywords ); 191 } 192 // second possiblity : removing the given keywords from all pictures 193 // (without deleting the other specific keywords 194 if ( $_POST['common_keywords'] == 'remove' ) 195 { 196 $keywords = array_diff( $specific_keywords, $common_keywords ); 197 } 198 // cleaning the keywords array, sometimes, an empty value still remain 199 $keywords = array_remove( $keywords, '' ); 200 // updating the picture with new keywords array 201 $query = 'UPDATE '.PREFIX_TABLE.'images'; 202 $query.= ' SET keywords = '; 203 if ( count( $keywords ) == 0 ) 204 { 205 $query.= 'NULL'; 206 } 207 else 208 { 209 $query.= '"'; 210 $i = 0; 211 foreach ( $keywords as $keyword ) { 212 if ( $i++ > 0 ) $query.= ','; 213 $query.= $keyword; 214 } 215 $query.= '"'; 216 } 217 $query.= ' WHERE id = '.$row['id']; 218 $query.= ';'; 219 mysql_query( $query ); 220 } 198 221 } 199 222 } 200 223 //--------------------------------------------------------- form initialization 201 $page['nb_image_page'] = 5;202 203 224 if( !isset( $_GET['start'] ) 204 225 or !is_numeric( $_GET['start'] ) … … 212 233 } 213 234 214 if ( is _numeric( $_GET['num']) and $_GET['num'] >= 0 )235 if ( isset($_GET['num']) and is_numeric($_GET['num']) and $_GET['num'] >= 0 ) 215 236 { 216 237 $page['start'] = … … 218 239 } 219 240 // retrieving category information 220 $page['plain_structure'] = get_plain_structure();221 241 $result = get_cat_info( $page['cat'] ); 222 242 $cat['name'] = $result['name']; … … 229 249 'infoimage_creation_date','keywords', 230 250 'infoimage_addtoall','infoimage_removefromall', 231 'infoimage_keyword_separation','infoimage_associate' ); 251 'infoimage_keyword_separation','infoimage_associate', 252 'errors_title' ); 232 253 templatize_array( $tpl, 'lang', $sub ); 233 254 $vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); 255 //-------------------------------------------------------------- errors display 256 if ( count( $errors ) != 0 ) 257 { 258 $vtp->addSession( $sub, 'errors' ); 259 foreach ( $errors as $error ) { 260 $vtp->addSession( $sub, 'li' ); 261 $vtp->setVar( $sub, 'li.content', $error ); 262 $vtp->closeSession( $sub, 'li' ); 263 } 264 $vtp->closeSession( $sub, 'errors' ); 265 } 234 266 //------------------------------------------------------------------------ form 235 267 $url = './admin.php?page=infos_images&cat_id='.$page['cat']; … … 244 276 $array_cat_directories = array(); 245 277 246 $query = 'SELECT id,file,comment,author,tn_ext,name,date_creation,keywords'; 247 $query.= ',storage_category_id,category_id'; 278 $infos = array( 'id','file','comment','author','tn_ext','name' 279 ,'date_creation','keywords','storage_category_id' 280 ,'category_id' ); 281 282 $query = 'SELECT '.implode( ',', $infos ); 248 283 $query.= ' FROM '.PREFIX_TABLE.'images'; 249 $query.= ' LEFTJOIN '.PREFIX_TABLE.'image_category ON id = image_id';284 $query.= ' INNER JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; 250 285 $query.= ' WHERE category_id = '.$page['cat']; 251 286 $query.= $conf['order_by']; … … 255 290 while ( $row = mysql_fetch_array( $result ) ) 256 291 { 292 foreach ($infos as $info) { if (!isset($row[$info])) $row[$info] = ''; } 293 257 294 $vtp->addSession( $sub, 'picture' ); 258 295 $vtp->setVar( $sub, 'picture.id', $row['id'] ); … … 267 304 $vtp->setVar( $sub, 'picture.default_name', $file ); 268 305 // creating url to thumbnail 269 if ( $array_cat_directories[$row['storage_category_id']] == '')306 if ( !isset( $array_cat_directories[$row['storage_category_id']] ) ) 270 307 { 271 308 $array_cat_directories[$row['storage_category_id']] = … … 280 317 $vtp->closeSession( $sub, 'picture' ); 281 318 } 282 $structure = create_structure( '', array() ); 283 display_categories( $structure, ' ' ); 319 // Virtualy associate a picture to a category 320 // 321 // We only show a List Of Values if the number of categories is less than 322 // $conf['max_LOV_categories'] 323 $query = 'SELECT COUNT(id) AS nb_total_categories'; 324 $query.= ' FROM '.PREFIX_TABLE.'categories'; 325 $query.= ';'; 326 $row = mysql_fetch_array( mysql_query( $query ) ); 327 if ( $row['nb_total_categories'] < $conf['max_LOV_categories'] ) 328 { 329 $vtp->addSession( $sub, 'associate_LOV' ); 330 $page['plain_structure'] = get_plain_structure( true ); 331 $structure = create_structure( '', array() ); 332 display_categories( $structure, ' ' ); 333 $vtp->closeSession( $sub, 'associate_LOV' ); 334 } 335 // else, we only display a small text field, we suppose the administrator 336 // knows the id of its category 337 else 338 { 339 $vtp->addSession( $sub, 'associate_text' ); 340 $vtp->closeSession( $sub, 'associate_text' ); 341 } 284 342 } 285 343 //----------------------------------------------------------- sending html code -
trunk/admin/phpwebgallery_structure.sql
r266 r345 1 1 -- MySQL dump 8.21 2 2 -- 3 -- Host: localhost Database: devel3 -- Host: localhost Database: perfs_test 4 4 --------------------------------------------------------- 5 5 -- Server version 3.23.49-log … … 24 24 uploadable enum('true','false') NOT NULL default 'false', 25 25 representative_picture_id mediumint(8) unsigned default NULL, 26 PRIMARY KEY (id) 26 uppercats varchar(255) NOT NULL default '', 27 PRIMARY KEY (id), 28 KEY id (id), 29 KEY id_uppercat (id_uppercat) 27 30 ) TYPE=MyISAM; 28 31 … … 126 129 image_id mediumint(8) unsigned NOT NULL default '0', 127 130 category_id smallint(5) unsigned NOT NULL default '0', 128 PRIMARY KEY (image_id,category_id) 131 PRIMARY KEY (image_id,category_id), 132 KEY category_id (category_id), 133 KEY image_id (image_id) 129 134 ) TYPE=MyISAM; 130 135 … … 187 192 cat_id smallint(5) unsigned NOT NULL default '0', 188 193 PRIMARY KEY (user_id,cat_id) 194 ) TYPE=MyISAM; 195 196 -- 197 -- Table structure for table 'phpwebgallery_user_category' 198 -- 199 200 DROP TABLE IF EXISTS phpwebgallery_user_category; 201 CREATE TABLE phpwebgallery_user_category ( 202 user_id smallint(5) unsigned NOT NULL default '0', 203 category_id smallint(5) unsigned NOT NULL default '0', 204 date_last date default NULL, 205 nb_sub_categories smallint(5) unsigned NOT NULL default '0', 206 PRIMARY KEY (user_id,category_id) 189 207 ) TYPE=MyISAM; 190 208 … … 221 239 long_period tinyint(3) unsigned NOT NULL default '14', 222 240 template varchar(255) NOT NULL default 'default', 241 forbidden_categories text, 223 242 PRIMARY KEY (id), 224 243 UNIQUE KEY username (username) -
trunk/admin/picture_modify.php
r226 r345 19 19 20 20 include_once( './admin/include/isadmin.inc.php' ); 21 //----------------------------------------- categories structure initialization22 $page['plain_structure'] = get_plain_structure();23 21 //--------------------------------------------------------- update informations 24 22 $errors = array(); … … 88 86 // category, the category is updated in the database (without wondering 89 87 // if this picture was already the representative one) 90 if ( $_POST['representative-'.$row['category_id']] == 1)88 if ( isset($_POST['representative-'.$row['category_id']]) ) 91 89 { 92 90 $query = 'UPDATE '.PREFIX_TABLE.'categories'; … … 98 96 // if the user ask this picture to be not any more the representative, 99 97 // we have to set the representative_picture_id of this category to NULL 100 else if ( $row['representative_picture_id'] == $_GET['image_id'] ) 98 else if ( isset( $row['representative_picture_id'] ) 99 and $row['representative_picture_id'] == $_GET['image_id'] ) 101 100 { 102 101 $query = 'UPDATE '.PREFIX_TABLE.'categories'; … … 107 106 } 108 107 } 108 $associate_or_dissociate = false; 109 109 // associate with a new category ? 110 if ( $_POST['associate'] != '-1' ) 110 if ( $_POST['associate'] != '-1' and $_POST['associate'] != '' ) 111 { 112 // does the uppercat id exists in the database ? 113 if ( !is_numeric( $_POST['associate'] ) ) 114 { 115 array_push( $errors, $lang['cat_unknown_id'] ); 116 } 117 else 118 { 119 $query = 'SELECT id'; 120 $query.= ' FROM '.PREFIX_TABLE.'categories'; 121 $query.= ' WHERE id = '.$_POST['associate']; 122 $query.= ';'; 123 if ( mysql_num_rows( mysql_query( $query ) ) == 0 ) 124 array_push( $errors, $lang['cat_unknown_id'] ); 125 } 126 } 127 if ( $_POST['associate'] != '-1' 128 and $_POST['associate'] != '' 129 and count( $errors ) == 0 ) 111 130 { 112 131 $query = 'INSERT INTO '.PREFIX_TABLE.'image_category'; … … 115 134 $query.= ';'; 116 135 mysql_query( $query); 136 $associate_or_dissociate = true; 117 137 update_category( $_POST['associate'] ); 118 138 } … … 126 146 while ( $row = mysql_fetch_array( $result ) ) 127 147 { 128 if ( $_POST['dissociate-'.$row['category_id']] == 1)148 if ( isset($_POST['dissociate-'.$row['category_id']]) ) 129 149 { 130 150 $query = 'DELETE FROM '.PREFIX_TABLE.'image_category'; … … 133 153 $query.= ';'; 134 154 mysql_query( $query ); 155 $associate_or_dissociate = true; 135 156 update_category( $row['category_id'] ); 136 157 } 158 } 159 if ( $associate_or_dissociate ) 160 { 161 synchronize_all_users(); 137 162 } 138 163 } … … 163 188 $vtp->setVar( $sub, 'form_action', $action ); 164 189 // retrieving direct information about picture 165 $query = 'SELECT file,date_available,date_creation,tn_ext,name,filesize'; 166 $query.= ',width,height,author,comment,keywords,storage_category_id'; 190 $infos = array( 'file','date_available','date_creation','tn_ext','name' 191 ,'filesize','width','height','author','comment','keywords' 192 ,'storage_category_id' ); 193 $query = 'SELECT '. implode( ',', $infos ); 167 194 $query.= ' FROM '.PREFIX_TABLE.'images'; 168 195 $query.= ' WHERE id = '.$_GET['image_id']; 169 196 $query.= ';'; 170 197 $row = mysql_fetch_array( mysql_query( $query ) ); 198 199 foreach ( $infos as $info ) { 200 if ( !isset( $row[$info] ) ) $row[$info] = ''; 201 } 202 171 203 // picture title 172 204 if ( $row['name'] == '' ) … … 291 323 } 292 324 293 if ( $row['representative_picture_id'] == $_GET['image_id'] ) 325 if ( isset( $row['representative_picture_id'] ) 326 and $row['representative_picture_id'] == $_GET['image_id'] ) 294 327 { 295 328 $vtp->setVar( $sub, 'linked_category.representative_checked', … … 307 340 } 308 341 // associate to another category ? 309 $vtp->addSession( $sub, 'associate_cat' ); 310 $vtp->setVar( $sub, 'associate_cat.value', '-1' ); 311 $vtp->setVar( $sub, 'associate_cat.content', '' ); 312 $vtp->closeSession( $sub, 'associate_cat' ); 313 $structure = create_structure( '', array() ); 314 display_categories( $structure, ' ' ); 342 // 343 // We only show a List Of Values if the number of categories is less than 344 // $conf['max_LOV_categories'] 345 $query = 'SELECT COUNT(id) AS nb_total_categories'; 346 $query.= ' FROM '.PREFIX_TABLE.'categories'; 347 $query.= ';'; 348 $row = mysql_fetch_array( mysql_query( $query ) ); 349 if ( $row['nb_total_categories'] < $conf['max_LOV_categories'] ) 350 { 351 $vtp->addSession( $sub, 'associate_LOV' ); 352 $vtp->addSession( $sub, 'associate_cat' ); 353 $vtp->setVar( $sub, 'associate_cat.value', '-1' ); 354 $vtp->setVar( $sub, 'associate_cat.content', '' ); 355 $vtp->closeSession( $sub, 'associate_cat' ); 356 $page['plain_structure'] = get_plain_structure( true ); 357 $structure = create_structure( '', array() ); 358 display_categories( $structure, ' ' ); 359 $vtp->closeSession( $sub, 'associate_LOV' ); 360 } 361 // else, we only display a small text field, we suppose the administrator 362 // knows the id of its category 363 else 364 { 365 $vtp->addSession( $sub, 'associate_text' ); 366 $vtp->closeSession( $sub, 'associate_text' ); 367 } 315 368 //----------------------------------------------------------- sending html code 316 369 $vtp->Parse( $handle , 'sub', $sub ); -
trunk/admin/stats.php
r231 r345 43 43 $vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); 44 44 //--------------------------------------------------- number of days to display 45 if ( isset( $_GET['last_days'] ) ) define( "MAX_DAYS", $_GET['last_days'] );46 else define( "MAX_DAYS", 0 );45 if ( isset( $_GET['last_days'] ) ) define( 'MAX_DAYS', $_GET['last_days'] ); 46 else define( 'MAX_DAYS', 0 ); 47 47 48 48 foreach ( $conf['last_days'] as $option ) { 49 49 $vtp->addSession( $sub, 'last_day_option' ); 50 50 $vtp->setVar( $sub, 'last_day_option.option', $option ); 51 $url = './admin.php?page=stats&expand='.$_GET['expand']; 51 $url = './admin.php?page=stats'; 52 if (isset($_GET['expand'])) 53 $url .='&expand='.$_GET['expand']; 52 54 $url.= '&last_days='.($option - 1); 53 55 $vtp->setVar( $sub, 'last_day_option.link', add_session_id( $url ) ); … … 60 62 //---------------------------------------------------------------- log history 61 63 // empty link 62 $url = './admin.php?page=stats&last_days='.$_GET['last_days']; 63 $url.= '&expand='.$_GET['expand']; 64 $url = './admin.php?page=stats'; 65 if (isset($_GET['last_days'])) 66 $url .='&last_days='.$_GET['last_days']; 67 // expand array management 68 $expand_days = array(); 69 if (isset($_GET['expand'])) 70 { 71 $url.= '&expand='.$_GET['expand']; 72 $expand_days = explode( ',', $_GET['expand'] ); 73 } 64 74 $url.= '&act=empty'; 65 75 $vtp->setVar( $sub, 'emply_url', add_session_id( $url ) ); 66 // expand array management67 $expand_days = explode( ',', $_GET['expand'] );68 76 $page['expand_days'] = array(); 69 77 foreach ( $expand_days as $expand_day ) { … … 100 108 array_push( $local_expand, $i ); 101 109 } 102 $url = './admin.php?page=stats&last_days='.$_GET['last_days']; 110 $url = './admin.php?page=stats'; 111 if (isset($_GET['last_days'])) 112 $url.= '&last_days='.$_GET['last_days']; 103 113 $url.= '&expand='.implode( ',', $local_expand ); 104 114 $vtp->setVar( $sub, 'day.url', add_session_id( $url ) ); -
trunk/admin/thumbnail.php
r228 r345 254 254 $vtp->closeSession( $sub, 'dir' ); 255 255 // recursive call 256 $dirs.= get_displayed_dirs( $dir.'/'.$sub_dir, 257 $indent+30 ); 258 256 get_displayed_dirs( $dir.'/'.$sub_dir, 257 $indent+30 ); 259 258 } 260 259 } … … 360 359 $vtp->setVar( $sub, 'params.action', add_session_id( $url ) ); 361 360 // GD version selected... 362 if ( $_POST['gd'] == 1 )361 if ( isset( $_POST['gd'] ) and $_POST['gd'] == 1 ) 363 362 { 364 363 $vtp->setVar( $sub, 'params.gd1_checked', ' checked="checked"' ); … … 388 387 // options for the number of picture to miniaturize : "n" 389 388 $options = array( 5,10,20,40 ); 389 if ( isset( $_POST['n'] ) ) $n = $_POST['n']; 390 else $n = 5; 390 391 foreach ( $options as $option ) { 391 392 $vtp->addSession( $sub, 'n_option' ); 392 393 $vtp->setVar( $sub, 'n_option.option', $option ); 393 if ( $option == $ _POST['n'])394 if ( $option == $n ) 394 395 { 395 396 $vtp->setVar( $sub, 'n_option.selected', ' selected="selected"' ); -
trunk/admin/update.php
r228 r345 3 3 * update.php * 4 4 * ------------------ * 5 * application : PhpWebGallery 1. 3<http://phpwebgallery.net> *5 * application : PhpWebGallery 1.4 <http://phpwebgallery.net> * 6 6 * author : Pierrick LE GALL <pierrick@z0rglub.com> * 7 7 * * … … 20 20 include_once( './admin/include/isadmin.inc.php' ); 21 21 //------------------------------------------------------------------- functions 22 function insert_local_category( $ cat_id)22 function insert_local_category( $id_uppercat ) 23 23 { 24 24 global $conf, $page, $user, $lang; 25 26 $site_id = 1; 25 26 $uppercats = ''; 27 $output = ''; 27 28 28 29 // 0. retrieving informations on the category to display 29 30 $cat_directory = './galleries'; 30 31 if ( is_numeric( $cat_id ) ) 32 { 33 $cat_directory.= '/'.get_local_dir( $cat_id ); 34 $result = get_cat_info( $cat_id ); 31 if ( is_numeric( $id_uppercat ) ) 32 { 33 $query = 'SELECT name,uppercats,dir'; 34 $query.= ' FROM '.PREFIX_TABLE.'categories'; 35 $query.= ' WHERE id = '.$id_uppercat; 36 $query.= ';'; 37 $row = mysql_fetch_array( mysql_query( $query ) ); 38 $uppercats = $row['uppercats']; 39 $name = $row['name']; 40 $dir = $row['dir']; 41 42 $upper_array = explode( ',', $uppercats ); 43 44 $local_dir = ''; 45 46 $database_dirs = array(); 47 $query = 'SELECT id,dir'; 48 $query.= ' FROM '.PREFIX_TABLE.'categories'; 49 $query.= ' WHERE id IN ('.$uppercats.')'; 50 $query.= ';'; 51 $result = mysql_query( $query ); 52 while( $row = mysql_fetch_array( $result ) ) 53 { 54 $database_dirs[$row['id']] = $row['dir']; 55 } 56 foreach ( $upper_array as $id ) { 57 $local_dir.= $database_dirs[$id].'/'; 58 } 59 60 $cat_directory.= '/'.$local_dir; 61 35 62 // 1. display the category name to update 36 63 $src = './template/'.$user['template'].'/admin/images/puce.gif'; 37 64 $output = '<img src="'.$src.'" alt=">" />'; 38 $output.= '<span style="font-weight:bold;">'.$ result['name'][0].'</span>';39 $output.= ' [ '.$ result['dir'].' ]';65 $output.= '<span style="font-weight:bold;">'.$name.'</span>'; 66 $output.= ' [ '.$dir.' ]'; 40 67 $output.= '<div class="retrait">'; 41 68 … … 44 71 if ( isset( $page['cat'] ) or $_GET['update'] == 'all' ) 45 72 { 46 $output.= insert_local_image( $cat_directory, $cat_id ); 47 } 48 } 49 73 $output.= insert_local_image( $cat_directory, $id_uppercat ); 74 } 75 } 76 77 $sub_dirs = get_category_directories( $cat_directory ); 78 79 $sub_category_dirs = array(); 80 $query = 'SELECT id,dir'; 81 $query.= ' FROM '.PREFIX_TABLE.'categories'; 82 $query.= ' WHERE site_id = 1'; 83 if (!is_numeric($id_uppercat)) $query.= ' AND id_uppercat IS NULL'; 84 else $query.= ' AND id_uppercat = '.$id_uppercat; 85 $query.= ' AND dir IS NOT NULL'; // virtual categories not taken 86 $query.= ';'; 87 $result = mysql_query( $query ); 88 while ( $row = mysql_fetch_array( $result ) ) 89 { 90 $sub_category_dirs[$row['id']] = $row['dir']; 91 } 92 50 93 // 3. we have to remove the categories of the database not present anymore 94 foreach ( $sub_category_dirs as $id => $dir ) { 95 if ( !in_array( $dir, $sub_dirs ) ) delete_category( $id ); 96 } 97 98 // array of new categories to insert 99 $inserts = array(); 100 101 foreach ( $sub_dirs as $sub_dir ) { 102 // 5. Is the category already existing ? we create a subcat if not 103 // existing 104 $category_id = array_search( $sub_dir, $sub_category_dirs ); 105 if ( !is_numeric( $category_id ) ) 106 { 107 if ( preg_match( '/^[a-zA-Z0-9-_.]+$/', $sub_dir ) ) 108 { 109 $name = str_replace( '_', ' ', $sub_dir ); 110 111 $value = "('".$sub_dir."','".$name."',1"; 112 if ( !is_numeric( $id_uppercat ) ) $value.= ',NULL'; 113 else $value.= ','.$id_uppercat; 114 $value.= ",'undef'"; 115 $value.= ')'; 116 array_push( $inserts, $value ); 117 } 118 else 119 { 120 $output.= '<span style="color:red;">"'.$sub_dir.'" : '; 121 $output.= $lang['update_wrong_dirname'].'</span><br />'; 122 } 123 } 124 } 125 126 // we have to create the category 127 if ( count( $inserts ) > 0 ) 128 { 129 $query = 'INSERT INTO '.PREFIX_TABLE.'categories'; 130 $query.= ' (dir,name,site_id,id_uppercat,uppercats) VALUES '; 131 $query.= implode( ',', $inserts ); 132 $query.= ';'; 133 mysql_query( $query ); 134 // updating uppercats field 135 $query = 'UPDATE '.PREFIX_TABLE.'categories'; 136 $query.= ' SET uppercats = '; 137 if ( $uppercats != '' ) $query.= "CONCAT('".$uppercats."',',',id)"; 138 else $query.= 'id'; 139 $query.= ' WHERE id_uppercat '; 140 if (!is_numeric($id_uppercat)) $query.= 'IS NULL'; 141 else $query.= '= '.$id_uppercat; 142 $query.= ';'; 143 mysql_query( $query ); 144 } 145 146 // Recursive call on the sub-categories (not virtual ones) 51 147 $query = 'SELECT id'; 52 148 $query.= ' FROM '.PREFIX_TABLE.'categories'; 53 $query.= ' WHERE site_id = '.$site_id; 54 if ( !is_numeric( $cat_id ) ) 55 { 56 $query.= ' AND id_uppercat IS NULL'; 57 } 58 else 59 { 60 $query.= ' AND id_uppercat = '.$cat_id; 61 } 62 $query.= ';'; 63 $result = mysql_query( $query ); 64 while ( $row = mysql_fetch_array( $result ) ) 65 { 66 // retrieving the directory 67 $rep = './galleries/'.get_local_dir( $row['id'] ); 68 // is the directory present ? 69 if ( !is_dir( $rep ) ) delete_category( $row['id'] ); 70 } 71 // 4. retrieving the sub-directories 72 $subdirs = array(); 73 $dirs = ''; 74 if ( $opendir = opendir( $cat_directory ) ) 75 { 76 while ( $file = readdir( $opendir ) ) 77 { 78 if ( $file != '.' 79 and $file != '..' 80 and is_dir ( $cat_directory.'/'.$file ) 81 and $file != 'thumbnail' ) 82 { 83 if ( preg_match( '/^[a-zA-Z0-9-_.]+$/', $file ) ) 84 array_push( $subdirs, $file ); 85 else 86 { 87 $output.= '<span style="color:red;">"'.$file.'" : '; 88 $output.= $lang['update_wrong_dirname'].'</span><br />'; 89 // if the category even exists (from a previous release of 90 // PhpWebGallery), we keep it in our $subdirs array 91 $query = 'SELECT id'; 92 $query.= ' FROM '.PREFIX_TABLE.'categories'; 93 $query.= ' WHERE site_id = '.$site_id; 94 $query.= " AND dir = '".$file."'"; 95 $query.= ' AND id_uppercat'; 96 if ( !is_numeric( $cat_id ) ) $query.= ' IS NULL'; 97 else $query.= ' = '.$cat_id; 98 $query.= ';'; 99 $result = mysql_query( $query ); 100 if ( mysql_num_rows( $result ) != 0 ) 101 { 102 array_push( $subdirs, $file ); 103 } 104 } 105 } 106 } 107 } 108 foreach ( $subdirs as $subdir ) { 109 // 5. Is the category already existing ? we create a subcat if not 110 // existing 111 $category_id = ''; 112 $query = 'SELECT id'; 113 $query.= ' FROM '.PREFIX_TABLE.'categories'; 114 $query.= ' WHERE site_id = '.$site_id; 115 $query.= " AND dir = '".$subdir."'"; 116 $query.= ' AND id_uppercat'; 117 if ( !is_numeric( $cat_id ) ) $query.= ' IS NULL'; 118 else $query.= ' = '.$cat_id; 119 $query.= ';'; 120 $result = mysql_query( $query ); 121 if ( mysql_num_rows( $result ) == 0 ) 122 { 123 $name = str_replace( '_', ' ', $subdir ); 124 // we have to create the category 125 $query = 'INSERT INTO '.PREFIX_TABLE.'categories'; 126 $query.= ' (dir,name,site_id,id_uppercat) VALUES'; 127 $query.= " ('".$subdir."','".$name."','".$site_id."'"; 128 if ( !is_numeric( $cat_id ) ) $query.= ',NULL'; 129 else $query.= ",'".$cat_id."'"; 130 $query.= ');'; 131 mysql_query( $query ); 132 $category_id = mysql_insert_id(); 133 // regeneration of the plain_structure to integrate the new category 134 $page['plain_structure'] = get_plain_structure(); 135 } 136 else 137 { 138 // we get the already registered id 139 $row = mysql_fetch_array( $result ); 140 $category_id = $row['id']; 141 } 142 // 6. recursive call 143 $output.= insert_local_category( $category_id ); 144 } 145 146 if ( is_numeric( $cat_id ) ) 149 $query.= ' WHERE site_id = 1'; 150 if (!is_numeric($id_uppercat)) $query.= ' AND id_uppercat IS NULL'; 151 else $query.= ' AND id_uppercat = '.$id_uppercat; 152 $query.= ' AND dir IS NOT NULL'; // virtual categories not taken 153 $query.= ';'; 154 $result = mysql_query( $query ); 155 while ( $row = mysql_fetch_array( $result ) ) 156 { 157 $output.= insert_local_category( $row['id'] ); 158 } 159 160 if ( is_numeric( $id_uppercat ) ) 147 161 { 148 162 $output.= '</div>'; … … 150 164 return $output; 151 165 } 152 153 function insert_local_image( $ rep, $category_id )166 167 function insert_local_image( $dir, $category_id ) 154 168 { 155 169 global $lang,$conf,$count_new; 156 170 157 171 $output = ''; 172 173 // fs means filesystem : $fs_pictures contains pictures in the filesystem 174 // found in $dir, $fs_thumbnails contains thumbnails... 175 $fs_pictures = get_picture_files( $dir ); 176 $fs_thumbnails = get_thumb_files( $dir.'thumbnail' ); 177 158 178 // we have to delete all the images from the database that : 159 179 // - are not in the directory anymore … … 166 186 while ( $row = mysql_fetch_array( $result ) ) 167 187 { 168 $lien_image = $rep.'/'.$row['file']; 169 $lien_thumbnail = $rep.'/thumbnail/'.$conf['prefix_thumbnail']; 170 $lien_thumbnail.= get_filename_wo_extension( $row['file'] ); 171 $lien_thumbnail.= '.'.$row['tn_ext']; 172 173 if ( !is_file ( $lien_image ) or !is_file ( $lien_thumbnail ) ) 174 { 175 if ( !is_file ( $lien_image ) ) 188 $pic_to_delete = false; 189 if ( !in_array( $row['file'], $fs_pictures ) ) 190 { 191 $output.= $row['file']; 192 $output.= ' <span style="font-weight:bold;">'; 193 $output.= $lang['update_disappeared'].'</span><br />'; 194 $pic_to_delete = true; 195 } 196 197 $thumbnail = $conf['prefix_thumbnail']; 198 $thumbnail.= get_filename_wo_extension( $row['file'] ); 199 $thumbnail.= '.'.$row['tn_ext']; 200 if ( !in_array( $thumbnail, $fs_thumbnails ) ) 201 { 202 $output.= $row['file']; 203 $output.= ' : <span style="font-weight:bold;">'; 204 $output.= $lang['update_disappeared_tn'].'</span><br />'; 205 $pic_to_delete = true; 206 } 207 208 if ( $pic_to_delete ) delete_image( $row['id'] ); 209 } 210 211 $registered_pictures = array(); 212 $query = 'SELECT file'; 213 $query.= ' FROM '.PREFIX_TABLE.'images'; 214 $query.= ' WHERE storage_category_id = '.$category_id; 215 $query.= ';'; 216 $result = mysql_query( $query ); 217 while ( $row = mysql_fetch_array( $result ) ) 218 { 219 array_push( $registered_pictures, $row['file'] ); 220 } 221 222 // validated pictures are picture uploaded by users, validated by an admin 223 // and not registered (visible) yet 224 $validated_pictures = array(); 225 $unvalidated_pictures = array(); 226 227 $query = 'SELECT file,infos,validated'; 228 $query.= ' FROM '.PREFIX_TABLE.'waiting'; 229 $query.= ' WHERE storage_category_id = '.$category_id; 230 $query.= ';'; 231 $result = mysql_query( $query ); 232 while ( $row = mysql_fetch_array( $result ) ) 233 { 234 if ( $row['validated'] == 'true' ) 235 $validated_pictures[$row['file']] = $row['infos']; 236 else 237 array_push( $unvalidated_pictures, $row['file'] ); 238 } 239 240 // we only search among the picture present in the filesystem and not 241 // present in the database yet. If we know that this picture is known as 242 // an uploaded one but not validated, it's not tested neither 243 $unregistered_pictures = array_diff( $fs_pictures 244 ,$registered_pictures 245 ,$unvalidated_pictures ); 246 247 $inserts = array(); 248 249 foreach ( $unregistered_pictures as $unregistered_picture ) { 250 if ( preg_match( '/^[a-zA-Z0-9-_.]+$/', $unregistered_picture ) ) 251 { 252 $file_wo_ext = get_filename_wo_extension( $unregistered_picture ); 253 $tn_ext = ''; 254 foreach ( $conf['picture_ext'] as $ext ) { 255 $test = $conf['prefix_thumbnail'].$file_wo_ext.'.'.$ext; 256 if ( !in_array( $test, $fs_thumbnails ) ) continue; 257 else { $tn_ext = $ext; break; } 258 } 259 // if we found a thumnbnail corresponding to our picture... 260 if ( $tn_ext != '' ) 176 261 { 177 $output.= $row['file']; 262 $image_size = @getimagesize( $dir.$unregistered_picture ); 263 // (file, storage_category_id, date_available, tn_ext, filesize, 264 // width, height, name, author, comment, date_creation)' 265 $value = '('; 266 $value.= "'".$unregistered_picture."'"; 267 $value.= ','.$category_id; 268 $value.= ",'".date( 'Y-m-d' )."'"; 269 $value.= ",'".$tn_ext."'"; 270 $value.= ','.floor( filesize( $dir.$unregistered_picture) / 1024 ); 271 $value.= ','.$image_size[0]; 272 $value.= ','.$image_size[1]; 273 if ( isset( $validated_pictures[$unregistered_picture] ) ) 274 { 275 // retrieving infos from the XML description from waiting table 276 $infos = nl2br( $validated_pictures[$unregistered_picture] ); 277 278 $unixtime = getAttribute( $infos, 'date_creation' ); 279 if ($unixtime != '') $date_creation ="'".date('Y-m-d',$unixtime)."'"; 280 else $date_creation = 'NULL'; 281 282 $value.= ",'".getAttribute( $infos, 'name' )."'"; 283 $value.= ",'".getAttribute( $infos, 'author' )."'"; 284 $value.= ",'".getAttribute( $infos, 'comment')."'"; 285 $value.= ','.$date_creation; 286 287 // deleting the waiting element 288 $query = 'DELETE FROM '.PREFIX_TABLE.'waiting'; 289 $query.= " WHERE file = '".$unregistered_picture."'"; 290 $query.= ' AND storage_category_id = '.$category_id; 291 $query.= ';'; 292 mysql_query( $query ); 293 } 294 else 295 { 296 $value.= ",'','','',NULL"; 297 } 298 $value.= ')'; 299 300 $count_new++; 301 $output.= $unregistered_picture; 178 302 $output.= ' <span style="font-weight:bold;">'; 179 $output.= $lang['update_disappeared'].'</span><br />'; 303 $output.= $lang['update_research_added'].'</span>'; 304 $output.= ' ('.$lang['update_research_tn_ext'].' '.$tn_ext.')'; 305 $output.= '<br />'; 306 array_push( $inserts, $value ); 180 307 } 181 if ( !is_file ( $lien_thumbnail ) )308 else 182 309 { 183 $output.= $row['file']; 184 $output.= ' : <span style="font-weight:bold;">'; 185 $output.= $lang['update_disappeared_tn'].'</span><br />'; 310 $output.= '<span style="color:red;">'; 311 $output.= $lang['update_missing_tn'].' : '.$unregistered_picture; 312 $output.= ' (<span style="font-weight:bold;">'; 313 $output.= $conf['prefix_thumbnail']; 314 $output.= get_filename_wo_extension( $unregistered_picture ); 315 $output.= '.XXX</span>'; 316 $output.= ', XXX = '; 317 $output.= implode( ', ', $conf['picture_ext'] ); 318 $output.= ')</span><br />'; 186 319 } 187 // suppression de la base : 188 delete_image( $row['id'] ); 189 } 190 } 191 192 // searching the new images in the directory 193 $pictures = array(); 194 $tn_ext = ''; 195 if ( $opendir = opendir( $rep ) ) 196 { 197 while ( $file = readdir( $opendir ) ) 198 { 199 if ( is_file( $rep.'/'.$file ) and is_image( $rep.'/'.$file ) ) 200 { 201 // is the picture waiting for validation by an administrator ? 202 $query = 'SELECT id,validated,infos'; 203 $query.= ' FROM '.PREFIX_TABLE.'waiting'; 204 $query.= ' WHERE storage_category_id = '.$category_id; 205 $query.= " AND file = '".$file."'"; 206 $query.= ';'; 207 $result = mysql_query( $query ); 208 $waiting = mysql_fetch_array( $result ); 209 if (mysql_num_rows( $result ) == 0 or $waiting['validated'] == 'true') 210 { 211 if ( $tn_ext = TN_exists( $rep, $file ) ) 212 { 213 // is the picture already in the database ? 214 $query = 'SELECT id'; 215 $query.= ' FROM '.PREFIX_TABLE.'images'; 216 $query.= ' WHERE storage_category_id = '.$category_id; 217 $query.= " AND file = '".$file."'"; 218 $query.= ';'; 219 $result = mysql_query( $query ); 220 if ( mysql_num_rows( $result ) == 0 ) 221 { 222 // the name of the file must not use acentuated characters or 223 // blank space.. 224 if ( preg_match( '/^[a-zA-Z0-9-_.]+$/', $file ) ) 225 { 226 $picture = array(); 227 $picture['file'] = $file; 228 $picture['tn_ext'] = $tn_ext; 229 $picture['date'] = date( 'Y-m-d', filemtime($rep.'/'.$file) ); 230 $picture['filesize'] = floor( filesize($rep.'/'.$file) / 1024); 231 $image_size = @getimagesize( $rep.'/'.$file ); 232 $picture['width'] = $image_size[0]; 233 $picture['height'] = $image_size[1]; 234 if ( $waiting['validated'] == 'true' ) 235 { 236 // retrieving infos from the XML description of 237 // $waiting['infos'] 238 $infos = nl2br( $waiting['infos'] ); 239 $picture['author'] = getAttribute( $infos, 'author' ); 240 $picture['comment'] = getAttribute( $infos, 'comment'); 241 $unixtime = getAttribute( $infos, 'date_creation' ); 242 $picture['date_creation'] = ''; 243 if ( $unixtime != '' ) 244 $picture['date_creation'] = date( 'Y-m-d', $unixtime ); 245 $picture['name'] = getAttribute( $infos, 'name' ); 246 // deleting the waiting element 247 $query = 'DELETE FROM '.PREFIX_TABLE.'waiting'; 248 $query.= ' WHERE id = '.$waiting['id']; 249 $query.= ';'; 250 mysql_query( $query ); 251 } 252 array_push( $pictures, $picture ); 253 } 254 else 255 { 256 $output.= '<span style="color:red;">"'.$file.'" : '; 257 $output.= $lang['update_wrong_dirname'].'</span><br />'; 258 } 259 260 } 261 } 262 else 263 { 264 $output.= '<span style="color:red;">'; 265 $output.= $lang['update_missing_tn'].' : '.$file; 266 $output.= ' (<span style="font-weight:bold;">'; 267 $output.= $conf['prefix_thumbnail']; 268 $output.= get_filename_wo_extension( $file ).'.XXX</span>'; 269 $output.= ', XXX = '; 270 $output.= implode( ', ', $conf['picture_ext'] ); 271 $output.= ')</span><br />'; 272 } 273 } 274 } 275 } 276 } 277 // inserting the pictures found in the directory 278 foreach ( $pictures as $picture ) { 320 } 321 else 322 { 323 $output.= '<span style="color:red;">"'.$unregistered_picture.'" : '; 324 $output.= $lang['update_wrong_dirname'].'</span><br />'; 325 } 326 } 327 328 if ( count( $inserts ) > 0 ) 329 { 330 // inserts all found pictures 279 331 $query = 'INSERT INTO '.PREFIX_TABLE.'images'; 280 332 $query.= ' (file,storage_category_id,date_available,tn_ext'; … … 282 334 $query.= ',name,author,comment,date_creation)'; 283 335 $query.= ' VALUES '; 284 $query.= "('".$picture['file']."','".$category_id."'"; 285 $query.= ",'".$picture['date']."','".$picture['tn_ext']."'"; 286 $query.= ",'".$picture['filesize']."','".$picture['width']."'"; 287 $query.= ",'".$picture['height']."','".$picture['name']."'"; 288 $query.= ",'".$picture['author']."','".$picture['comment']."'"; 289 if ( $picture['date_creation'] != '' ) 290 { 291 $query.= ",'".$picture['date_creation']."'"; 292 } 293 else 294 { 295 $query.= ',NULL'; 296 } 297 $query.= ');'; 298 mysql_query( $query ); 299 $count_new++; 300 // retrieving the id of newly inserted picture 336 $query.= implode( ',', $inserts ); 337 $query.= ';'; 338 mysql_query( $query ); 339 340 // what are the ids of the pictures in the $category_id ? 341 $ids = array(); 342 301 343 $query = 'SELECT id'; 302 344 $query.= ' FROM '.PREFIX_TABLE.'images'; 303 345 $query.= ' WHERE storage_category_id = '.$category_id; 304 $query.= " AND file = '".$picture['file']."'"; 305 $query.= ';'; 306 list( $image_id ) = mysql_fetch_array( mysql_query( $query ) ); 307 // adding the link between this picture and its storage category 346 $query.= ';'; 347 $result = mysql_query( $query ); 348 while ( $row = mysql_fetch_array( $result ) ) 349 { 350 array_push( $ids, $row['id'] ); 351 } 352 353 // recreation of the links between this storage category pictures and 354 // its storage category 355 $query = 'DELETE FROM '.PREFIX_TABLE.'image_category'; 356 $query.= ' WHERE category_id = '.$category_id; 357 $query.= ' AND image_id IN ('.implode( ',', $ids ).')'; 358 $query.= ';'; 359 mysql_query( $query ); 360 308 361 $query = 'INSERT INTO '.PREFIX_TABLE.'image_category'; 309 $query.= ' (image_id,category_id) VALUES '; 310 $query.= ' ('.$image_id.','.$category_id.')'; 311 $query.= ';'; 312 mysql_query( $query ); 313 314 $output.= $picture['file']; 315 $output.= ' <span style="font-weight:bold;">'; 316 $output.= $lang['update_research_added'].'</span>'; 317 $output.= ' ('.$lang['update_research_tn_ext'].' '.$picture['tn_ext'].')'; 318 $output.= '<br />'; 362 $query.= '(category_id,image_id) VALUES '; 363 foreach ( $ids as $num => $image_id ) { 364 if ( $num > 0 ) $query.= ','; 365 $query.= '('.$category_id.','.$image_id.')'; 366 } 367 $query.= ';'; 368 mysql_query( $query ); 319 369 } 320 370 return $output; … … 368 418 // function also deletes the categories that are in the database and not in 369 419 // the xml_file. 370 function insert_remote_category( $xml_dir, $site_id, $id_uppercat, $level ) 371 { 372 global $conf,$user; 373 420 function insert_remote_category( $xml_content, $site_id, $id_uppercat, $level ) 421 { 422 global $conf, $page, $user, $lang; 423 424 $uppercats = ''; 374 425 $output = ''; 375 $categories = array(); 376 $list_dirs = getChildren( $xml_dir, 'dir'.$level ); 377 for ( $i = 0; $i < sizeof( $list_dirs ); $i++ ) 378 { 379 // is the category already existing ? 380 $category_id = ''; 381 $dir = getAttribute( $list_dirs[$i], 'name' ); 382 $categories[$i] = $dir; 383 426 // 0. retrieving informations on the category to display 427 $cat_directory = '../galleries'; 428 429 if ( is_numeric( $id_uppercat ) ) 430 { 431 $query = 'SELECT name,uppercats,dir'; 432 $query.= ' FROM '.PREFIX_TABLE.'categories'; 433 $query.= ' WHERE id = '.$id_uppercat; 434 $query.= ';'; 435 $row = mysql_fetch_array( mysql_query( $query ) ); 436 $uppercats = $row['uppercats']; 437 $name = $row['name']; 438 439 // 1. display the category name to update 384 440 $src = './template/'.$user['template'].'/admin/images/puce.gif'; 385 $output.= '<img src="'.$src.'" alt=">" />'; 386 $output.= '<span style="font-weight:bold;">'.$dir.'</span>'; 441 $output = '<img src="'.$src.'" alt=">" />'; 442 $output.= '<span style="font-weight:bold;">'.$name.'</span>'; 443 $output.= ' [ '.$row['dir'].' ]'; 387 444 $output.= '<div class="retrait">'; 388 445 389 $query = 'SELECT id'; 390 $query.= ' FROM '.PREFIX_TABLE.'categories'; 391 $query.= ' WHERE site_id = '.$site_id; 392 $query.= " AND dir = '".$dir."'"; 393 if ( $id_uppercat == 'NULL' ) 394 { 395 $query.= ' AND id_uppercat IS NULL'; 396 } 397 else 398 { 399 $query.= ' AND id_uppercat = '.$id_uppercat; 400 } 401 $query.= ';'; 402 $result = mysql_query( $query ); 403 if ( mysql_num_rows( $result ) == 0 ) 404 { 405 $name = str_replace( '_', ' ', $dir ); 406 // we have to create the category 407 $query = 'INSERT INTO '.PREFIX_TABLE.'categories'; 408 $query.= ' (name,dir,site_id,id_uppercat) VALUES '; 409 $query.= "('".$name."','".$dir."',".$site_id; 410 if ( !is_numeric( $id_uppercat ) ) 411 { 412 $query.= ',NULL'; 413 } 414 else 415 { 416 $query.= ','.$id_uppercat; 417 } 418 $query.= ');'; 419 mysql_query( $query ); 420 $category_id = mysql_insert_id(); 421 } 422 else 423 { 424 // we get the already registered id 425 $row = mysql_fetch_array( $result ); 426 $category_id = $row['id']; 427 } 428 $output.= insert_remote_image( $list_dirs[$i], $category_id ); 429 $output.= insert_remote_category( $list_dirs[$i], $site_id, 430 $category_id, $level+1 ); 431 $output.= '</div>'; 432 } 433 // we have to remove the categories of the database not present in the xml 434 // file (ie deleted from the picture storage server) 435 $query = 'SELECT dir,id'; 446 // 2. we search pictures of the category only if the update is for all 447 // or a cat_id is specified 448 $output.= insert_remote_image( $xml_content, $id_uppercat ); 449 } 450 451 // $xml_dirs contains dir names contained in the xml file for this 452 // id_uppercat 453 $xml_dirs = array(); 454 $temp_dirs = getChildren( $xml_content, 'dir'.$level ); 455 foreach ( $temp_dirs as $temp_dir ) { 456 array_push( $xml_dirs, getAttribute( $temp_dir, 'name' ) ); 457 } 458 459 // $database_dirs contains dir names contained in the database for this 460 // id_uppercat and site_id 461 $database_dirs = array(); 462 $query = 'SELECT id,dir'; 436 463 $query.= ' FROM '.PREFIX_TABLE.'categories'; 437 464 $query.= ' WHERE site_id = '.$site_id; 438 if ( !is_numeric( $id_uppercat ) ) 439 { 440 $query.= ' AND id_uppercat IS NULL'; 441 } 442 else 443 { 444 $query.= ' AND id_uppercat = '.$id_uppercat; 445 } 446 $query.= ';'; 447 $result = mysql_query( $query ); 448 while ( $row = mysql_fetch_array( $result ) ) 449 { 450 // is the category in the xml file ? 451 if ( !in_array( $row['dir'], $categories ) ) 452 { 453 delete_category( $row['id'] ); 454 } 455 } 465 if (!is_numeric($id_uppercat)) $query.= ' AND id_uppercat IS NULL'; 466 else $query.= ' AND id_uppercat = '.$id_uppercat; 467 $query.= ' AND dir IS NOT NULL'; // virtual categories not taken 468 $query.= ';'; 469 $result = mysql_query( $query ); 470 while ( $row = mysql_fetch_array( $result ) ) 471 { 472 $database_dirs[$row['id']] = $row['dir']; 473 } 474 475 // 3. we have to remove the categories of the database not present anymore 476 foreach ( $database_dirs as $id => $dir ) { 477 if ( !in_array( $dir, $xml_dirs ) ) delete_category( $id ); 478 } 479 480 // array of new categories to insert 481 $inserts = array(); 482 483 foreach ( $xml_dirs as $xml_dir ) { 484 // 5. Is the category already existing ? we create a subcat if not 485 // existing 486 $category_id = array_search( $xml_dir, $database_dirs ); 487 if ( !is_numeric( $category_id ) ) 488 { 489 $name = str_replace( '_', ' ', $xml_dir ); 490 491 $value = "('".$xml_dir."','".$name."',".$site_id; 492 if ( !is_numeric( $id_uppercat ) ) $value.= ',NULL'; 493 else $value.= ','.$id_uppercat; 494 $value.= ",'undef'"; 495 $value.= ')'; 496 array_push( $inserts, $value ); 497 } 498 } 499 500 // we have to create the category 501 if ( count( $inserts ) > 0 ) 502 { 503 $query = 'INSERT INTO '.PREFIX_TABLE.'categories'; 504 $query.= ' (dir,name,site_id,id_uppercat,uppercats) VALUES '; 505 $query.= implode( ',', $inserts ); 506 $query.= ';'; 507 mysql_query( $query ); 508 // updating uppercats field 509 $query = 'UPDATE '.PREFIX_TABLE.'categories'; 510 $query.= ' SET uppercats = '; 511 if ( $uppercats != '' ) $query.= "CONCAT('".$uppercats."',',',id)"; 512 else $query.= 'id'; 513 $query.= ' WHERE id_uppercat '; 514 if (!is_numeric($id_uppercat)) $query.= 'IS NULL'; 515 else $query.= '= '.$id_uppercat; 516 $query.= ';'; 517 mysql_query( $query ); 518 } 519 520 // Recursive call on the sub-categories (not virtual ones) 521 $query = 'SELECT id,dir'; 522 $query.= ' FROM '.PREFIX_TABLE.'categories'; 523 $query.= ' WHERE site_id = '.$site_id; 524 if (!is_numeric($id_uppercat)) $query.= ' AND id_uppercat IS NULL'; 525 else $query.= ' AND id_uppercat = '.$id_uppercat; 526 $query.= ' AND dir IS NOT NULL'; // virtual categories not taken 527 $query.= ';'; 528 $result = mysql_query( $query ); 529 while ( $row = mysql_fetch_array( $result ) ) 530 { 531 $database_dirs[$row['dir']] = $row['id']; 532 } 533 foreach ( $temp_dirs as $temp_dir ) { 534 $dir = getAttribute( $temp_dir, 'name' ); 535 $id_uppercat = $database_dirs[$dir]; 536 $output.= insert_remote_category( $temp_dir, $site_id, 537 $id_uppercat,$level+1 ); 538 } 539 540 if ( is_numeric( $id_uppercat ) ) $output.= '</div>'; 456 541 457 542 return $output; 458 543 } 459 544 460 545 // insert_remote_image searchs the "root" node of the xml_dir given and 461 546 // insert the contained pictures if the are not in the database yet. … … 466 551 $output = ''; 467 552 $root = getChild( $xml_dir, 'root' ); 468 $pictures = array(); 553 554 $fs_pictures = array(); 469 555 $xml_pictures = getChildren( $root, 'picture' ); 470 for ( $j = 0; $j < sizeof( $xml_pictures ); $j++ ) 471 { 472 //<picture file="albatros.jpg" tn_ext="png" date="2002-04-14" 473 // filesize="35" width="640" height="480" /> 474 $file = getAttribute( $xml_pictures[$j], 'file' ); 475 $tn_ext = getAttribute( $xml_pictures[$j], 'tn_ext' ); 476 $date = getAttribute( $xml_pictures[$j], 'date' ); 477 $filesize = getAttribute( $xml_pictures[$j], 'filesize' ); 478 $width = getAttribute( $xml_pictures[$j], 'width' ); 479 $height = getAttribute( $xml_pictures[$j], 'height' ); 480 481 $pictures[$j] = $file; 482 556 foreach ( $xml_pictures as $xml_picture ) { 557 array_push( $fs_pictures, getAttribute( $xml_picture, 'file' ) ); 558 } 559 560 // we have to delete all the images from the database that are not in the 561 // directory anymore (not in the XML anymore) 562 $query = 'SELECT id,file'; 563 $query.= ' FROM '.PREFIX_TABLE.'images'; 564 $query.= ' WHERE storage_category_id = '.$category_id; 565 $query.= ';'; 566 $result = mysql_query( $query ); 567 while ( $row = mysql_fetch_array( $result ) ) 568 { 569 if ( !in_array( $row['file'], $fs_pictures ) ) 570 { 571 $output.= $row['file']; 572 $output.= ' <span style="font-weight:bold;">'; 573 $output.= $lang['update_disappeared'].'</span><br />'; 574 delete_image( $row['id'] ); 575 } 576 } 577 578 $database_pictures = array(); 579 $query = 'SELECT file'; 580 $query.= ' FROM '.PREFIX_TABLE.'images'; 581 $query.= ' WHERE storage_category_id = '.$category_id; 582 $query.= ';'; 583 $result = mysql_query( $query ); 584 while ( $row = mysql_fetch_array( $result ) ) 585 { 586 array_push( $database_pictures, $row['file'] ); 587 } 588 589 $inserts = array(); 590 $xml_pictures = getChildren( $root, 'picture' ); 591 foreach ( $xml_pictures as $xml_picture ) { 592 // <picture file="albatros.jpg" tn_ext="png" filesize="35" width="640" 593 // height="480" /> 594 $file = getAttribute( $xml_picture, 'file' ); 595 483 596 // is the picture already existing in the database ? 484 $query = 'SELECT id,tn_ext'; 485 $query.= ' FROM '.PREFIX_TABLE.'images'; 486 $query.= ' WHERE storage_category_id = '.$category_id; 487 $query.= " AND file = '".$file."'"; 488 $query.= ';'; 489 $result = mysql_query( $query ); 490 $query = ''; 491 if ( mysql_num_rows( $result ) == 0 ) 492 { 493 $query = 'INSERT INTO '.PREFIX_TABLE.'images'; 494 $query.= ' (file,storage_category_id,date_available,tn_ext'; 495 $query.= ',filesize,width,height)'; 496 $query.= ' VALUES ('; 497 $query.= "'".$file."'"; 498 $query.= ",'".$category_id."'"; 499 $query.= ",'".$date."'"; 500 $query.= ",'".$tn_ext."'"; 501 $query.= ",'".$filesize."'"; 502 $query.= ",'".$width."'"; 503 $query.= ",'".$height."'"; 504 $query.= ')'; 505 $query.= ';'; 506 mysql_query( $query ); 507 // retrieving the id of newly inserted picture 508 $query = 'SELECT id'; 509 $query.= ' FROM '.PREFIX_TABLE.'images'; 510 $query.= ' WHERE storage_category_id = '.$category_id; 511 $query.= " AND file = '".$file."'"; 512 $query.= ';'; 513 list( $image_id ) = mysql_fetch_array( mysql_query( $query ) ); 514 // adding the link between this picture and its storage category 515 $query = 'INSERT INTO '.PREFIX_TABLE.'image_category'; 516 $query.= ' (image_id,category_id) VALUES '; 517 $query.= ' ('.$image_id.','.$category_id.')'; 518 $query.= ';'; 519 mysql_query( $query ); 520 597 if ( !in_array( $file, $database_pictures ) ) 598 { 599 $tn_ext = getAttribute( $xml_picture, 'tn_ext' ); 600 // (file, storage_category_id, date_available, tn_ext, filesize, 601 // width, height) 602 $value = '('; 603 $value.= "'".$file."'"; 604 $value.= ','.$category_id; 605 $value.= ",'".date( 'Y-m-d' )."'"; 606 $value.= ",'".$tn_ext."'"; 607 $value.= ','.getAttribute( $xml_picture, 'filesize' ); 608 $value.= ','.getAttribute( $xml_picture, 'width' ); 609 $value.= ','.getAttribute( $xml_picture, 'height' ); 610 $value.= ')'; 611 612 $count_new++; 521 613 $output.= $file; 522 614 $output.= ' <span style="font-weight:bold;">'; 523 615 $output.= $lang['update_research_added'].'</span>'; 524 $output.= ' ('.$lang['update_research_tn_ext'].' '.$tn_ext.')<br />'; 525 526 $count_new++; 527 } 528 else 529 { 530 // is the tn_ext the same in the xml file and in the database ? 531 $row = mysql_fetch_array( $result ); 532 if ( $row['tn_ext'] != $tn_ext ) 533 { 534 $query = 'UPDATE '.PREFIX_TABLE.'images'; 535 $query.= ' SET'; 536 $query.= " tn_ext = '".$tn_ext."'"; 537 $query.= ' WHERE storage_category_id = '.$category_id; 538 $query.= " AND file = '".$file."'"; 539 $query.= ';'; 540 } 541 } 542 // execution of the query 543 if ( $query != '' ) 544 { 545 mysql_query( $query ); 546 } 547 } 548 // we have to remove the pictures of the database not present in the xml file 549 // (ie deleted from the picture storage server) 550 $query = 'SELECT id,file'; 551 $query.= ' FROM '.PREFIX_TABLE.'images'; 552 $query.= ' WHERE storage_category_id = '.$category_id; 553 $query.= ';'; 554 $result = mysql_query( $query ); 555 while ( $row = mysql_fetch_array( $result ) ) 556 { 557 // is the file in the xml file ? 558 if ( !in_array( $row['file'], $pictures ) ) 559 { 560 delete_image( $row['id'] ); 561 } 562 } 616 $output.= ' ('.$lang['update_research_tn_ext'].' '.$tn_ext.')'; 617 $output.= '<br />'; 618 array_push( $inserts, $value ); 619 } 620 } 621 622 if ( count( $inserts ) > 0 ) 623 { 624 // inserts all found pictures 625 $query = 'INSERT INTO '.PREFIX_TABLE.'images'; 626 $query.= ' (file,storage_category_id,date_available,tn_ext'; 627 $query.= ',filesize,width,height)'; 628 $query.= ' VALUES '; 629 $query.= implode( ',', $inserts ); 630 $query.= ';'; 631 mysql_query( $query ); 632 633 // what are the ids of the pictures in the $category_id ? 634 $ids = array(); 635 636 $query = 'SELECT id'; 637 $query.= ' FROM '.PREFIX_TABLE.'images'; 638 $query.= ' WHERE storage_category_id = '.$category_id; 639 $query.= ';'; 640 $result = mysql_query( $query ); 641 while ( $row = mysql_fetch_array( $result ) ) 642 { 643 array_push( $ids, $row['id'] ); 644 } 645 646 // recreation of the links between this storage category pictures and 647 // its storage category 648 $query = 'DELETE FROM '.PREFIX_TABLE.'image_category'; 649 $query.= ' WHERE category_id = '.$category_id; 650 $query.= ' AND image_id IN ('.implode( ',', $ids ).')'; 651 $query.= ';'; 652 mysql_query( $query ); 653 654 $query = 'INSERT INTO '.PREFIX_TABLE.'image_category'; 655 $query.= '(category_id,image_id) VALUES '; 656 foreach ( $ids as $num => $image_id ) { 657 if ( $num > 0 ) $query.= ','; 658 $query.= '('.$category_id.','.$image_id.')'; 659 } 660 $query.= ';'; 661 mysql_query( $query ); 662 } 663 563 664 return $output; 564 665 } … … 570 671 templatize_array( $tpl, 'lang', $sub ); 571 672 $vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); 572 //-------------------------------------------------------- categories structure573 $page['plain_structure'] = get_plain_structure();574 673 //-------------------------------------------- introduction : choices of update 575 674 // Display choice if "update" var is not specified 576 check_cat_id( $_GET['update'] ); 577 if ( !isset( $_GET['update'] ) 578 and !( isset( $page['cat'] ) 579 or $_GET['update'] == 'cats' 580 or $_GET['update'] == 'all' ) ) 675 if (!isset( $_GET['update'] )) 581 676 { 582 677 $vtp->addSession( $sub, 'introduction' ); … … 592 687 else 593 688 { 689 check_cat_id( $_GET['update'] ); 690 $start = get_moment(); 594 691 $count_new = 0; 595 692 $count_deleted = 0; … … 603 700 $categories = insert_local_category( 'NULL' ); 604 701 } 702 $end = get_moment(); 703 echo get_elapsed_time( $start, $end ).' for update <br />'; 605 704 $vtp->setVar( $sub, 'local_update.categories', $categories ); 606 705 $vtp->setVar( $sub, 'local_update.count_new', $count_new ); … … 614 713 $count_deleted = 0; 615 714 $vtp->addSession( $sub, 'remote_update' ); 616 715 716 $start = get_moment(); 617 717 remote_images(); 718 $end = get_moment(); 719 echo get_elapsed_time( $start, $end ).' for remote_images<br />'; 720 618 721 $vtp->setVar( $sub, 'remote_update.count_new', $count_new ); 619 722 $vtp->setVar( $sub, 'remote_update.count_deleted', $count_deleted ); … … 622 725 } 623 726 //---------------------------------------- update informations about categories 624 update_category( 'all' ); 727 if ( isset( $_GET['update'] ) 728 or isset( $page['cat'] ) 729 or @is_file( './listing.xml' ) ) 730 { 731 $start = get_moment(); 732 update_category( 'all' ); 733 $end = get_moment(); 734 echo get_elapsed_time( $start, $end ).' for update_category( all )<br />'; 735 736 $start = get_moment(); 737 synchronize_all_users(); 738 $end = get_moment(); 739 echo get_elapsed_time( $start, $end ).' for synchronize_all_users<br />'; 740 } 625 741 //----------------------------------------------------------- sending html code 626 742 $vtp->Parse( $handle , 'sub', $sub ); -
trunk/admin/user_list.php
r226 r345 59 59 $row = mysql_fetch_array( mysql_query( $query ) ); 60 60 // confirm user deletion ? 61 if ( $_GET['confirm'] != 1)61 if ( !isset( $_GET['confirm'] ) ) 62 62 { 63 63 $vtp->addSession( $sub, 'deletion' ); … … 110 110 $action = './admin.php?'.$_SERVER['QUERY_STRING']; 111 111 $vtp->setVar( $sub, 'add_user.form_action', $action ); 112 $vtp->setVar( $sub, 'add_user.f_username', $_POST['username'] ); 112 if (isset( $_POST['username'])) 113 $vtp->setVar( $sub, 'add_user.f_username', $_POST['username'] ); 113 114 $vtp->closeSession( $sub, 'add_user' ); 114 115 … … 150 151 $vtp->addSession( $sub, 'user' ); 151 152 // checkbox for mail management if the user has a mail address 152 if ( $row['mail_address'] != ''and $row['username'] != 'guest' )153 if ( isset( $row['mail_address'] ) and $row['username'] != 'guest' ) 153 154 { 154 155 $vtp->addSession( $sub, 'checkbox' ); … … 230 231 while ( $row = mysql_fetch_array( $result ) ) 231 232 { 232 if ( $_POST['mail-'.$row['id']] == 1)233 if ( isset( $_POST['mail-'.$row['id']] ) ) 233 234 array_push( $mails, $row['mail_address'] ); 234 235 } -
trunk/admin/user_modify.php
r226 r345 40 40 $page['username'] = $row['username']; 41 41 $page['status'] = $row['status']; 42 if ( !isset( $row['mail_address'] ) ) $row['mail_address'] = ''; 42 43 $page['mail_address'] = $row['mail_address']; 43 44 // user is not modifiable if : … … 63 64 // shall we use a new password and overwrite the old one ? 64 65 $use_new_password = false; 65 if ( $_POST['use_new_pwd'] == 1) 66 { 67 $use_new_password = true; 68 } 66 if ( isset( $_POST['use_new_pwd'] ) ) $use_new_password = true; 69 67 // if we try to update the webmaster infos, we have to set the status to 70 68 // 'admin' … … 89 87 { 90 88 $dissociate = 'dissociate-'.$row['id']; 91 if ( $_POST[$dissociate] == 1)89 if ( isset( $_POST[$dissociate] ) ) 92 90 { 93 91 $query = 'DELETE FROM '.PREFIX_TABLE.'user_group'; … … 104 102 $query.= ';'; 105 103 mysql_query( $query ); 104 // synchronize category informations for this user 105 synchronize_user( $_GET['user_id'] ); 106 106 } 107 107 //-------------------------------------------------------------- errors display … … 125 125 $vtp->setVar( $sub, 'confirmation.url', $url ); 126 126 $vtp->closeSession( $sub, 'confirmation' ); 127 if ( $use_new_p wd )127 if ( $use_new_password ) 128 128 { 129 129 $vtp->addSession( $sub, 'password_updated' ); -
trunk/admin/user_perm.php
r226 r345 53 53 } 54 54 check_favorites( $_GET['user_id'] ); 55 synchronize_user( $_GET['user_id'] ); 55 56 $vtp->addSession( $sub, 'confirmation' ); 56 57 $url = './admin.php?page=user_list'; … … 59 60 } 60 61 //---------------------------------------------------------------- form display 61 $restrictions = get_ restrictions( $_GET['user_id'], $page['user_status'],62 $restrictions = get_user_restrictions( $_GET['user_id'], $page['user_status'], 62 63 false, false ); 63 64 $action = './admin.php?page=user_perm&user_id='.$_GET['user_id']; -
trunk/admin/waiting.php
r226 r345 117 117 $vtp->setVar( $sub, 'picture.file', $row['file'] ); 118 118 // is there an existing associated thumnail ? 119 if ( $row['tn_ext'] != '' )119 if ( isset( $row['tn_ext'] ) and $row['tn_ext'] != '' ) 120 120 { 121 121 $vtp->addSession( $sub, 'thumbnail' ); -
trunk/category.php
r228 r345 17 17 * * 18 18 ***************************************************************************/ 19 // determine the initial instant to indicate the generation time of this page 20 $t1 = explode( ' ', microtime() ); 21 $t2 = explode( '.', $t1[0] ); 22 $t2 = $t1[1].'.'.$t2[1]; 23 //----------------------------------------------------------- personnal include 24 include_once( './include/init.inc.php' ); 19 //----------------------------------------------------------- include 20 $phpwg_root_path = './'; 21 include_once( $phpwg_root_path.'common.php' ); 25 22 //---------------------------------------------------------------------- logout 26 if ( $_GET['act'] == 'logout' and isset( $_COOKIE['id'] ) ) 23 if ( isset( $_GET['act'] ) 24 and $_GET['act'] == 'logout' 25 and isset( $_COOKIE['id'] ) ) 27 26 { 28 27 // cookie deletion if exists … … 35 34 } 36 35 //-------------------------------------------------- access authorization check 37 // creating the plain structure : array of all the available categories and 38 // their relative informations, see the definition of the function 39 // get_plain_structure for further details. 40 $page['plain_structure'] = get_plain_structure(); 41 42 check_cat_id( $_GET['cat'] ); 36 if ( isset( $_GET['cat'] ) ) check_cat_id( $_GET['cat'] ); 43 37 check_login_authorization(); 44 38 if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) ) … … 47 41 } 48 42 //-------------------------------------------------------------- initialization 43 // detection of the start picture to display 44 if ( !isset( $_GET['start'] ) 45 or !is_numeric( $_GET['start'] ) 46 or ( is_numeric( $_GET['start'] ) and $_GET['start'] < 0 ) ) 47 $page['start'] = 0; 48 else 49 $page['start'] = $_GET['start']; 50 51 initialize_category(); 52 49 53 // creation of the array containing the cat ids to expand in the menu 50 54 // $page['tab_expand'] contains an array with the category ids … … 57 61 if ( is_numeric( $id ) ) array_push( $page['tab_expand'], $id ); 58 62 } 59 if ( is_numeric( $page['cat'] ) ) 60 { 61 // the category displayed (in the URL cat=23) must be seen in the menu -> 62 // parent categories must be expanded 63 $parent = $page['plain_structure'][$page['cat']]['id_uppercat']; 64 while ( $parent != '' ) 65 { 66 array_push( $page['tab_expand'], $parent ); 67 $parent = $page['plain_structure'][$parent]['id_uppercat']; 68 } 69 } 70 $page['expand'] = implode( ',', $page['tab_expand'] ); 71 } 63 } 64 if ( isset($page['cat']) && is_numeric( $page['cat'] ) ) 65 { 66 // the category displayed (in the URL cat=23) must be seen in the menu -> 67 // parent categories must be expanded 68 $uppercats = explode( ',', $page['uppercats'] ); 69 foreach ( $uppercats as $uppercat ) { 70 array_push( $page['tab_expand'], $uppercat ); 71 } 72 } 73 $page['tab_expand'] = array_unique( $page['tab_expand'] ); 74 $page['expand'] = implode( ',', $page['tab_expand'] ); 72 75 // in case of expanding all authorized cats 73 76 // The $page['expand'] equals 'all' and 74 77 // $page['tab_expand'] contains all the authorized cat ids 75 if ( $user['expand'] or $_GET['expand'] == 'all' ) 78 if ( $user['expand'] 79 or ( isset( $_GET['expand'] ) and $_GET['expand'] == 'all' ) ) 76 80 { 77 81 $page['tab_expand'] = array(); 78 82 $page['expand'] = 'all'; 79 }80 // detection of the start picture to display81 if ( !isset( $_GET['start'] )82 or !is_numeric( $_GET['start'] )83 or ( is_numeric( $_GET['start'] ) and $_GET['start'] < 0 ) )84 {85 $page['start'] = 0;86 }87 else88 {89 $page['start'] = $_GET['start'];90 83 } 91 84 // Sometimes, a "num" is provided in the URL. It is the number … … 93 86 // We have to find the right $page['start'] that show the num picture 94 87 // in this category 95 if ( is_numeric( $_GET['num'] ) and $_GET['num'] >= 0 ) 88 if ( isset( $_GET['num'] ) 89 and is_numeric( $_GET['num'] ) 90 and $_GET['num'] >= 0 ) 96 91 { 97 92 $page['start'] = floor( $_GET['num'] / $user['nb_image_page'] ); … … 99 94 } 100 95 // creating the structure of the categories (useful for displaying the menu) 101 $page['structure'] = create_structure( '', $user['restrictions'] ); 96 // creating the plain structure : array of all the available categories and 97 // their relative informations, see the definition of the function 98 // get_user_plain_structure for further details. 99 $page['plain_structure'] = get_user_plain_structure(); 100 $page['structure'] = create_user_structure( '' ); 102 101 $page['structure'] = update_structure( $page['structure'] ); 103 initialize_category(); 102 104 103 //----------------------------------------------------- template initialization 105 $vtp = new VTemplate; 104 105 // 106 // Start output of page 107 // 108 $title = $page['title']; 109 include('include/page_header.php'); 110 106 111 $handle = $vtp->Open( './template/'.$user['template'].'/category.vtp' ); 107 112 initialize_template(); … … 109 114 'categories','hint_category','sub-cat','images_available','total', 110 115 'title_menu','nb_image_category','send_mail','title_send_mail', 111 ' generation_time','connected_user','recent_image','days','generation_time',116 'connected_user','recent_image','days', 112 117 'favorite_cat_hint','favorite_cat','stats','most_visited_cat_hint', 113 118 'most_visited_cat','recent_cat','recent_cat_hint','upload_picture', … … 115 120 templatize_array( $tpl, 'lang', $handle ); 116 121 117 $tpl = array( 'mail_webmaster','webmaster','top_number' ,'version','site_url');122 $tpl = array( 'mail_webmaster','webmaster','top_number'); 118 123 templatize_array( $tpl, 'conf', $handle ); 119 124 … … 121 126 templatize_array( $tpl, 'user', $handle ); 122 127 123 $tpl = array( ' title','navigation_bar','cat_comment','cat_nb_images' );128 $tpl = array( 'navigation_bar','cat_comment','cat_nb_images' ); 124 129 templatize_array( $tpl, 'page', $handle ); 125 130 … … 128 133 $icon_long = get_icon( time() - ( $user['short_period'] * 24 * 60 * 60 + 1 ) ); 129 134 $vtp->setGlobalVar( $handle, 'icon_long', $icon_long ); 130 $nb_total_pictures = count_ images( $page['structure']);135 $nb_total_pictures = count_user_total_images(); 131 136 $vtp->setGlobalVar( $handle, 'nb_total_pictures',$nb_total_pictures ); 137 132 138 //------------------------------------------------------------- categories menu 139 $vtp->setVar( $handle, 'home_url', add_session_id( 'category.php' ) ); 133 140 // normal categories 134 141 foreach ( $page['structure'] as $category ) { … … 144 151 // searching the number of favorite picture 145 152 $query = 'SELECT COUNT(*) AS count'; 146 $query.= ' FROM '. PREFIX_TABLE.'favorites';153 $query.= ' FROM '.FAVORITES_TABLE; 147 154 $query.= ' WHERE user_id = '.$user['id'].';'; 148 155 $result = mysql_query( $query ); … … 182 189 // customization link 183 190 $vtp->addSession( $handle, 'summary' ); 184 $url = './profile.php?cat='.$page['cat']; 185 $url.= '&expand='.$page['expand']; 186 if ( $page['cat'] == 'search' ) 191 $url = './profile.php'; 192 if (isset($page['cat']) && isset($page['expand'])) 193 $url.='?cat='.$page['cat'].'&expand='.$page['expand']; 194 if ( isset($page['cat']) && $page['cat'] == 'search' ) 187 195 { 188 196 $url.= '&search='.$_GET['search'].'&mode='.$_GET['mode']; … … 254 262 $query = 'SELECT distinct(id),file,date_available,tn_ext,name,filesize'; 255 263 $query.= ',storage_category_id'; 256 $query.= ' FROM '. PREFIX_TABLE.'imagesAS i';257 $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_categoryAS ic ON id=ic.image_id';264 $query.= ' FROM '.IMAGES_TABLE.' AS i'; 265 $query.=' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id=ic.image_id'; 258 266 $query.= $page['where']; 259 267 $query.= $conf['order_by']; … … 271 279 { 272 280 // retrieving the storage dir of the picture 273 if ( $array_cat_directories[$row['storage_category_id']] == '')281 if ( !isset($array_cat_directories[$row['storage_category_id']])) 274 282 { 275 283 $array_cat_directories[$row['storage_category_id']] = … … 280 288 $file = get_filename_wo_extension( $row['file'] ); 281 289 // name of the picture 282 if ( $row['name'] != '' ) $name = $row['name'];283 else 290 if ( isset( $row['name'] ) and $row['name'] != '' ) $name = $row['name']; 291 else $name = str_replace( '_', ' ', $file ); 284 292 285 293 if ( $page['cat'] == 'search' ) … … 321 329 $vtp->addSession( $handle, 'nb_comments' ); 322 330 $query = 'SELECT COUNT(*) AS nb_comments'; 323 $query.= ' FROM '.PREFIX_TABLE.'comments'; 324 $query.= ' WHERE image_id = '.$row['id']; 331 $query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$row['id']; 325 332 $query.= " AND validated = 'true'"; 326 333 $query.= ';'; … … 351 358 elseif ( ( isset( $page['cat'] ) 352 359 and is_numeric( $page['cat'] ) 353 and $page['cat_nb_images'] == 0 ) 354 or $_GET['cat'] == '' ) 360 and $page['cat_nb_images'] == 0 361 and $page['plain_structure'][$page['cat']]['nb_sub_categories'] > 0) 362 or (!isset($_GET['cat']))) 355 363 { 356 364 $vtp->addSession( $handle, 'thumbnails' ); 357 365 $vtp->addSession( $handle, 'line' ); 358 366 359 $subcats = get_non_empty_subcat_ids( $page['cat'] ); 367 $subcats=array(); 368 if (isset($page['cat'])) $subcats = get_non_empty_subcat_ids( $page['cat'] ); 369 else $subcats = get_non_empty_subcat_ids( '' ); 360 370 $cell_number = 1; 361 371 $i = 0; … … 369 379 // searching the representative picture of the category 370 380 $query = 'SELECT representative_picture_id'; 371 $query.= ' FROM '. PREFIX_TABLE.'categories';372 $query.= ' WHERE id = '.$non_empty_id;381 $query.= ' FROM '.CATEGORIES_TABLE.' WHERE id = '.$non_empty_id; 382 $query.= ';'; 373 383 $row = mysql_fetch_array( mysql_query( $query ) ); 374 384 375 385 $query = 'SELECT file,tn_ext,storage_category_id'; 376 $query.= ' FROM '.PREFIX_TABLE.'images'; 377 $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; 386 $query.= ' FROM '.IMAGES_TABLE.', '.IMAGE_CATEGORY_TABLE; 378 387 $query.= ' WHERE category_id = '.$non_empty_id; 388 $query.= ' AND id = image_id'; 379 389 // if the category has a representative picture, this is its thumbnail 380 // tha will be displayed !381 if ( $row['representative_picture_id'] != '')390 // that will be displayed ! 391 if ( isset( $row['representative_picture_id'] ) ) 382 392 $query.= ' AND id = '.$row['representative_picture_id']; 383 393 else … … 398 408 399 409 $url_link = './category.php?cat='.$subcat_id; 400 if ( !in_array( $page['cat'], $page['tab_expand'] ) )410 if ( isset($page['cat'])&& !in_array( $page['cat'], $page['tab_expand'] ) ) 401 411 { 402 412 array_push( $page['tab_expand'], $page['cat'] ); … … 460 470 get_cat_display_name( $page['cat_name'], ' - ', 461 471 'font-style:italic;' ) ); 472 // upload a picture in the category 473 if ( $page['cat_site_id'] == 1 474 and $conf['upload_available'] 475 and $page['cat_uploadable'] ) 476 { 477 $vtp->addSession( $handle, 'upload' ); 478 $url = './upload.php?cat='.$page['cat'].'&expand='.$page['expand']; 479 $vtp->setVar( $handle, 'upload.url', add_session_id( $url ) ); 480 $vtp->closeSession( $handle, 'upload' ); 481 } 462 482 } 463 483 else … … 465 485 $vtp->setVar( $handle, 'cat_infos.cat_name', $page['title'] ); 466 486 } 467 // upload a picture in the category 468 if ( $page['cat_site_id'] == 1 469 and $conf['upload_available'] 470 and $page['cat_uploadable'] ) 471 { 472 $vtp->addSession( $handle, 'upload' ); 473 $url = './upload.php?cat='.$page['cat'].'&expand='.$page['expand']; 474 $vtp->setVar( $handle, 'upload.url', add_session_id( $url ) ); 475 $vtp->closeSession( $handle, 'upload' ); 476 } 487 477 488 $vtp->closeSession( $handle, 'cat_infos' ); 478 489 } … … 480 491 pwg_log( 'category', $page['title'] ); 481 492 mysql_close(); 482 //------------------------------------------------------------- generation time483 $time = get_elapsed_time( $t2, get_moment() );484 $vtp->setGlobalVar( $handle, 'time', $time );485 493 //----------------------------------------------------------- html code display 486 494 $code = $vtp->Display( $handle, 0 ); 487 495 echo $code; 496 497 include('include/page_tail.php'); 488 498 ?> -
trunk/comments.php
r231 r345 18 18 ***************************************************************************/ 19 19 20 include_once( './include/init.inc.php' ); 20 //----------------------------------------------------------- include 21 $phpwg_root_path = './'; 22 include_once( $phpwg_root_path.'common.php' ); 23 21 24 //------------------------------------------------------------------- functions 22 25 function display_pictures( $mysql_result, $maxtime, $forbidden_cat_ids ) … … 47 50 $category_id = $subrow['category_id']; 48 51 49 if ( $array_cat_directories[$category_id] == '')52 if ( !isset($array_cat_directories[$category_id])) 50 53 { 51 54 $array_cat_directories[$category_id] = … … 134 137 } 135 138 //----------------------------------------------------- template initialization 136 $vtp = new VTemplate; 139 // 140 // Start output of page 141 // 142 $title= $lang['title_comments']; 143 include('include/page_header.php'); 144 137 145 $handle = $vtp->Open( './template/'.$user['template'].'/comments.vtp' ); 138 146 initialize_template(); 139 147 $tpl = array( 'title_comments','stats_last_days','search_return_main_page' ); 140 148 templatize_array( $tpl, 'lang', $handle ); 141 $vtp->setGlobalVar( $handle, 'text_color', $user['couleur_text'] );142 149 //--------------------------------------------------- number of days to display 143 if ( isset( $_GET['last_days'] ) ) define( "MAX_DAYS", $_GET['last_days'] );144 else define( "MAX_DAYS", 0 );150 if ( isset( $_GET['last_days'] ) ) define( 'MAX_DAYS', $_GET['last_days'] ); 151 else define( 'MAX_DAYS', 0 ); 145 152 //----------------------------------------- non specific section initialization 146 153 $array_cat_directories = array(); … … 169 176 $query.= ' WHERE c.image_id = ic.image_id'; 170 177 $query.= ' AND date > '.$maxtime; 178 $query.= " AND validated = 'true'"; 171 179 // we must not show pictures of a forbidden category 172 $restricted_cats = get_all_restrictions( $user['id'],$user['status'] ); 173 if ( count( $restricted_cats ) > 0 ) 180 if ( $user['forbidden_categories'] != '' ) 174 181 { 175 $query.= ' AND category_id NOT IN ('; 176 foreach ( $restricted_cats as $i => $restricted_cat ) { 177 if ( $i > 0 ) $query.= ','; 178 $query.= $restricted_cat; 179 } 180 $query.= ')'; 182 $query.= ' AND category_id NOT IN '; 183 $query.= '('.$user['forbidden_categories'].')'; 181 184 } 182 185 $query.= ' ORDER BY ic.image_id DESC'; 183 186 $query.= ';'; 184 187 $result = mysql_query( $query ); 185 display_pictures( $result, $maxtime, $ restricted_cats);188 display_pictures( $result, $maxtime, $user['restrictions'] ); 186 189 //----------------------------------------------------------- html code display 187 190 $code = $vtp->Display( $handle, 0 ); 188 191 echo $code; 192 include('include/page_tail.php'); 189 193 ?> -
trunk/identification.php
r104 r345 18 18 ***************************************************************************/ 19 19 20 //----------------------------------------------------------- personnal include 21 include_once( "./include/init.inc.php" ); 20 //----------------------------------------------------------- include 21 $phpwg_root_path = './'; 22 include_once( $phpwg_root_path.'common.php' ); 23 22 24 //-------------------------------------------------------------- identification 23 25 $errors = array(); … … 26 28 // retrieving the encrypted password of the login submitted 27 29 $query = 'SELECT password'; 28 $query.= ' FROM '. PREFIX_TABLE.'users';30 $query.= ' FROM '.USERS_TABLE; 29 31 $query.= " WHERE username = '".$_POST['login']."';"; 30 32 $row = mysql_fetch_array( mysql_query( $query ) ); … … 44 46 } 45 47 //----------------------------------------------------- template initialization 46 $vtp = new VTemplate; 48 // 49 // Start output of page 50 // 51 $title = $lang['ident_page_title']; 52 include('include/page_header.php'); 53 47 54 $handle = $vtp->Open( './template/default/identification.vtp' ); 48 55 // language 49 $vtp->setGlobalVar( $handle, 'ident_page_title', $lang['ident_page_title'] );50 56 $vtp->setGlobalVar( $handle, 'ident_title', $lang['ident_title'] ); 51 57 $vtp->setGlobalVar( $handle, 'login', $lang['login'] ); … … 74 80 //------------------------------------------------------------------ users list 75 81 // retrieving all the users login 76 $query = 'select username from '. PREFIX_TABLE.'users;';82 $query = 'select username from '.USERS_TABLE.';'; 77 83 $result = mysql_query( $query ); 78 84 if ( mysql_num_rows ( $result ) < $conf['max_user_listbox'] ) … … 110 116 $code = $vtp->Display( $handle, 0 ); 111 117 echo $code; 118 include('include/page_tail.php'); 112 119 ?> -
trunk/include/config.inc.php
r215 r345 3 3 * config.inc.php * 4 4 * ------------------- * 5 * application : PhpWebGallery 1. 3<http://phpwebgallery.net> *5 * application : PhpWebGallery 1.4 <http://phpwebgallery.net> * 6 6 * author : Pierrick LE GALL <pierrick@z0rglub.com> * 7 7 * * … … 17 17 * * 18 18 ***************************************************************************/ 19 unset( $conf, $page, $user, $lang );20 $conf = array();21 $page = array();22 $user = array();23 $lang = array();24 25 include_once( PREFIX_INCLUDE.'./include/functions.inc.php' );26 include_once( PREFIX_INCLUDE.'./include/vtemplate.class.php' );27 19 // How to change the order of display for images in a category ? 28 20 // … … 45 37 $conf['slideshow_period'] = array(2,5,10); 46 38 $conf['last_days'] = array(1,2,3,10,30,365); 47 $conf['version'] = ' devel';39 $conf['version'] = '1.4 - devel'; 48 40 $conf['site_url'] = 'http://www.phpwebgallery.net'; 49 41 $conf['forum_url'] = 'http://forum.phpwebgallery.net'; … … 52 44 $conf['top_number'] = 10; 53 45 $conf['anti-flood_time'] = 60; // seconds between 2 comments : 0 to disable 46 $conf['max_LOV_categories'] = 50; 54 47 55 database_connection();56 // rertieving the configuration informations for site57 // $infos array is used to know the fields to retrieve in the table "config"58 // Each field becomes an information of the array $conf.59 // Example :60 // prefix_thumbnail --> $conf['prefix_thumbnail']61 $infos = array( 'prefix_thumbnail', 'webmaster', 'mail_webmaster', 'access',62 'session_id_size', 'session_keyword', 'session_time',63 'max_user_listbox', 'show_comments', 'nb_comment_page',64 'upload_available', 'upload_maxfilesize', 'upload_maxwidth',65 'upload_maxheight', 'upload_maxwidth_thumbnail',66 'upload_maxheight_thumbnail','log','comments_validation',67 'comments_forall','authorize_cookies','mail_notification' );68 69 $query = 'SELECT ';70 foreach ( $infos as $i => $info ) {71 if ( $i > 0 ) $query.= ',';72 $query.= $info;73 }74 $query.= ' FROM '.PREFIX_TABLE.'config;';75 76 $row = mysql_fetch_array( mysql_query( $query ) );77 78 // affectation of each field of the table "config" to an information of the79 // array $conf.80 foreach ( $infos as $info ) {81 $conf[$info] = $row[$info];82 // If the field is true or false, the variable is transformed into a boolean83 // value.84 if ( $row[$info] == 'true' or $row[$info] == 'false' )85 {86 $conf[$info] = get_boolean( $row[$info] );87 }88 }89 48 ?> -
trunk/include/functions.inc.php
r235 r345 1 1 <?php 2 // +-----------------------------------------------------------------------+ 3 // | functions.inc.php | 4 // +-----------------------------------------------------------------------+ 5 // | application : PhpWebGallery 1.3 <http://phpwebgallery.net> | 6 // | author : Pierrick LE GALL <pierrick@z0rglub.com> | 7 // +-----------------------------------------------------------------------+ 8 // | file : $RCSfile$ 9 // | tag : $Name$ 10 // | last update : $Date$ 11 // | revision : $Revision$ 12 // +-----------------------------------------------------------------------+ 13 // | This program is free software; you can redistribute it and/or modify | 14 // | it under the terms of the GNU General Public License as published by | 15 // | the Free Software Foundation; | 16 // +-----------------------------------------------------------------------+ 17 2 /*************************************************************************** 3 * functions.inc.php * 4 * ------------------- * 5 * application : PhpWebGallery 1.3 <http://phpwebgallery.net> * 6 * author : Pierrick LE GALL <pierrick@z0rglub.com> * 7 * * 8 * $Id$ 9 * * 10 *************************************************************************** 11 12 *************************************************************************** 13 * * 14 * This program is free software; you can redistribute it and/or modify * 15 * it under the terms of the GNU General Public License as published by * 16 * the Free Software Foundation; * 17 * * 18 ***************************************************************************/ 18 19 include( PREFIX_INCLUDE.'./include/functions_user.inc.php' ); 19 20 include( PREFIX_INCLUDE.'./include/functions_session.inc.php' ); … … 167 168 } 168 169 169 // get_dirs retourne un tableau contenant tous les sous-répertoires d'un 170 // répertoire 171 function get_dirs( $rep ) 172 { 173 $sub_rep = array(); 174 175 if ( $opendir = opendir ( $rep ) ) 170 /** 171 * returns an array contening sub-directories 172 * 173 * @param string $dir 174 * @return array 175 */ 176 function get_dirs( $directory ) 177 { 178 $sub_dirs = array(); 179 180 if ( $opendir = opendir( $directory ) ) 176 181 { 177 182 while ( $file = readdir ( $opendir ) ) 178 183 { 179 if ( $file != '.' and $file != '..' and is_dir ( $ rep.$file ) )184 if ( $file != '.' and $file != '..' and is_dir ( $directory.'/'.$file ) ) 180 185 { 181 array_push( $sub_ rep, $file );186 array_push( $sub_dirs, $file ); 182 187 } 183 188 } 184 189 } 185 return $sub_ rep;190 return $sub_dirs; 186 191 } 187 192 … … 266 271 } 267 272 268 // get_themes retourne un tableau contenant tous les "template - couleur"269 function get_themes( $theme_dir )270 {271 $themes = array();272 $main_themes = get_dirs( $theme_dir );273 for ( $i = 0; $i < sizeof( $main_themes ); $i++ )274 {275 $colors = get_dirs( $theme_dir.$main_themes[$i].'/' );276 for ( $j = 0; $j < sizeof( $colors ); $j++ )277 {278 array_push( $themes, $main_themes[$i].' - '.$colors[$j] );279 }280 }281 return $themes;282 }283 284 273 // - add_style replaces the 285 274 // $search into <span style="$style">$search</span> … … 325 314 } 326 315 327 function database_connection()328 {329 include( PREFIX_INCLUDE.'./include/mysql.inc.php' );330 define( "PREFIX_TABLE", $prefixeTable );331 332 @mysql_connect( $cfgHote, $cfgUser, $cfgPassword )333 or die ( "Could not connect to server" );334 @mysql_select_db( $cfgBase )335 or die ( "Could not connect to database" );336 }337 338 316 function pwg_log( $file, $category, $picture = '' ) 339 317 { … … 356 334 357 335 foreach ( $array as $value ) { 336 if (isset(${$global_array_name}[$value])) 358 337 $vtp->setGlobalVar( $handle, $value, ${$global_array_name}[$value] ); 359 338 } … … 433 412 } 434 413 } 414 415 function pwg_write_debug() 416 { 417 global $debug; 418 419 $fp = @fopen( './log/debug.log', 'a+' ); 420 fwrite( $fp, "\n\n" ); 421 fwrite( $fp, $debug ); 422 fclose( $fp ); 423 } 424 425 function pwg_query( $query ) 426 { 427 global $count_queries,$queries_time; 428 429 $start = get_moment(); 430 $output = ''; 431 432 $count_queries++; 433 $output.= '<br /><br />['.$count_queries.'] '.$query; 434 $result = mysql_query( $query ); 435 $time = get_moment() - $start; 436 $queries_time+= $time; 437 $output.= '<b>('.number_format( $time, 3, '.', ' ').' s)</b>'; 438 $output.= '('.number_format( $queries_time, 3, '.', ' ').' s)'; 439 440 // echo $output; 441 442 return $result; 443 } 444 445 function pwg_debug( $string ) 446 { 447 global $debug,$t2,$count_queries; 448 449 $now = explode( ' ', microtime() ); 450 $now2 = explode( '.', $now[0] ); 451 $now2 = $now[1].'.'.$now2[1]; 452 $time = number_format( $now2 - $t2, 3, '.', ' ').' s'; 453 $debug.= '['.$time.', '; 454 $debug.= $count_queries.' queries] : '.$string; 455 $debug.= "\n"; 456 } 435 457 ?> -
trunk/include/functions_category.inc.php
r133 r345 18 18 ***************************************************************************/ 19 19 20 function get_subcats_id( $cat_id )21 {22 $restricted_cats = array();23 24 $query = 'SELECT id';25 $query.= ' FROM '.PREFIX_TABLE.'categories';26 $query.= ' WHERE id_uppercat = '.$cat_id;27 $query.= ';';28 $result = mysql_query( $query );29 while ( $row = mysql_fetch_array( $result ) )30 {31 array_push( $restricted_cats, $row['id'] );32 $sub_restricted_cats = get_subcats_id( $row['id'] );33 foreach ( $sub_restricted_cats as $sub_restricted_cat ) {34 array_push( $restricted_cats, $sub_restricted_cat );35 }36 }37 return $restricted_cats;38 }39 40 20 function check_restrictions( $category_id ) 41 21 { 42 22 global $user,$lang; 43 23 44 if ( i s_user_allowed( $category_id, $user['restrictions'] ) > 0)24 if ( in_array( $category_id, $user['restrictions'] ) ) 45 25 { 46 26 echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />'; … … 50 30 } 51 31 } 52 32 53 33 // the check_cat_id function check whether the $cat is a right parameter : 54 34 // - $cat is numeric and corresponds to a category in the database … … 62 42 if ( isset( $cat ) ) 63 43 { 64 if ( isset( $page['plain_structure'] ) ) 65 { 66 if ( isset( $page['plain_structure'][$cat] ) ) 67 { 68 $page['cat'] = $cat; 69 } 44 if ( isset( $page['plain_structure'][$cat] ) ) 45 { 46 $page['cat'] = $cat; 70 47 } 71 48 else if ( is_numeric( $cat ) ) 72 49 { 73 50 $query = 'SELECT id'; 74 $query.= ' FROM '.PREFIX_TABLE.'categories'; 75 $query.= ' WHERE id = '.$cat; 76 $query. ';'; 51 $query.= ' FROM '.CATEGORIES_TABLE.' WHERE id = '.$cat.';'; 77 52 $result = mysql_query( $query ); 78 53 if ( mysql_num_rows( $result ) != 0 ) … … 92 67 } 93 68 94 function get_plain_structure() 95 { 96 $infos = array( 'name','id','date_last','nb_images','dir','id_uppercat', 97 'rank','site_id'); 69 function get_user_plain_structure() 70 { 71 global $page,$user; 98 72 99 $query = 'SELECT '; 100 foreach ( $infos as $i => $info ) { 101 if ( $i > 0 ) $query.= ','; 102 $query.= $info; 103 } 104 $query.= ' FROM '.PREFIX_TABLE.'categories'; 73 $infos = array( 'name','id','uc.date_last','nb_images','dir','id_uppercat', 74 'rank','site_id','nb_sub_categories','uppercats'); 75 76 $query = 'SELECT '.implode( ',', $infos ); 77 $query.= ' FROM '.CATEGORIES_TABLE.' AS c'; 78 // $query.= ' ,'.PREFIX_TABLE.'user_category AS uc'; 79 $query.= ' INNER JOIN '.USER_CATEGORY_TABLE.' AS uc'; 80 $query.= ' ON c.id = uc.category_id'; 81 $query.= ' WHERE user_id = '.$user['id']; 82 if ( $page['expand'] != 'all' ) 83 { 84 $query.= ' AND (id_uppercat is NULL'; 85 if ( count( $page['tab_expand'] ) > 0 ) 86 { 87 $query.= ' OR id_uppercat IN ('.$page['expand'].')'; 88 } 89 $query.= ')'; 90 } 91 if ( $user['forbidden_categories'] != '' ) 92 { 93 $query.= ' AND id NOT IN '; 94 $query.= '('.$user['forbidden_categories'].')'; 95 } 96 // $query.= ' AND c.id = uc.category_id'; 105 97 $query.= ' ORDER BY id_uppercat ASC, rank ASC'; 106 98 $query.= ';'; … … 112 104 $category = array(); 113 105 foreach ( $infos as $info ) { 114 $category[$info] = $row[$info]; 115 if ( $info == 'date_last' ) 116 { 117 list($year,$month,$day) = explode( '-', $row[$info] ); 118 $category[$info] = mktime(0,0,0,$month,$day,$year); 119 } 106 if ( $info == 'uc.date_last' ) 107 { 108 list($year,$month,$day) = explode( '-', $row['date_last'] ); 109 $category['date_last'] = mktime(0,0,0,$month,$day,$year); 110 } 111 else if ( isset( $row[$info] ) ) $category[$info] = $row[$info]; 112 else $category[$info] = ''; 120 113 } 121 114 $plain_structure[$row['id']] = $category; … … 125 118 } 126 119 127 function create_ structure( $id_uppercat, $restrictions)120 function create_user_structure( $id_uppercat ) 128 121 { 129 122 global $page; 130 123 131 124 if ( !isset( $page['plain_structure'] ) ) 132 $page['plain_structure'] = get_ plain_structure();125 $page['plain_structure'] = get_user_plain_structure(); 133 126 134 127 $structure = array(); 135 $ids = get_ subcat_ids( $id_uppercat );128 $ids = get_user_subcat_ids( $id_uppercat ); 136 129 foreach ( $ids as $id ) { 137 if ( !in_array( $id, $restrictions ) ) 138 { 139 $category = $page['plain_structure'][$id]; 140 $category['subcats'] = create_structure( $id, $restrictions ); 141 array_push( $structure, $category ); 142 } 130 $category = $page['plain_structure'][$id]; 131 $category['subcats'] = create_user_structure( $id ); 132 array_push( $structure, $category ); 143 133 } 144 134 return $structure; 145 135 } 146 136 147 function get_ subcat_ids( $id_uppercat )137 function get_user_subcat_ids( $id_uppercat ) 148 138 { 149 139 global $page; … … 158 148 159 149 // update_structure updates or add informations about each node of the 160 // structure : the last date, should the category be expanded in the menu ?, 161 // the associated expand string "48,14,54" 150 // structure : 162 151 // 163 // 1. last date 164 // for each category of the structure, we have to find the most recent 165 // subcat so that the parent cat has the same last_date info. 166 // For example : we have : 167 // > pets (2003.02.15) 168 // > dogs (2003.06.14) 169 // > rex (2003.06.18) 170 // > toby (2003.06.13) 171 // > kitten (2003.07.05) 172 // We finally want to have : 173 // > pets (2003.07.05) <- changed to pets > kitten last date 174 // > dogs (2003.06.18) <- changed to pets > dogs > rex last date 175 // > rex (2003.06.18) 176 // > toby (2003.06.13) 177 // > kitten (2003.07.05) 178 // 179 // 2. should the category be expanded in the menu ? 152 // 1. should the category be expanded in the menu ? 180 153 // If the category has to be expanded (ie its id is in the 181 154 // $page['tab_expand'] or all the categories must be expanded by default), 182 155 // $category['expanded'] is set to true. 183 156 // 184 // 3. associated expand string157 // 2. associated expand string 185 158 // in the menu, there is a expand string (used in the URL) to tell which 186 159 // categories must be expanded in the menu if this category is chosen … … 192 165 193 166 foreach ( $categories as $category ) { 194 // update the last date of the category195 $last_date = search_last_date( $category );196 $category['date_last'] = $last_date;197 167 // update the "expanded" key 198 168 if ( $user['expand'] … … 206 176 $category['expanded'] = false; 207 177 } 208 // update the 178 // update the "expand_string" key 209 179 if ( $page['expand'] == 'all' ) 210 180 { … … 220 190 $tab_expand = array_diff( $page['tab_expand'],array($category['id']) ); 221 191 } 222 else if ( count( $category['subcats'] )> 0 )192 else if ( $category['nb_sub_categories'] > 0 ) 223 193 { 224 194 // we have this time to add the $category['id']... … … 234 204 235 205 return $updated_categories; 236 }237 238 // search_last_date searchs the last date for a given category. If we take239 // back the example given for update_last_dates, we should have :240 // search_last_date( pets ) --> 2003.07.05241 // search_last_date( pets > dogs ) --> 2003.06.18242 // and so on243 function search_last_date( $category )244 {245 $date_last = $category['date_last'];246 foreach ( $category['subcats'] as $subcat ) {247 $subcat_date_last = search_last_date( $subcat );248 if ( $subcat_date_last > $date_last )249 {250 $date_last = $subcat_date_last;251 }252 }253 return $date_last;254 206 } 255 207 … … 263 215 function count_images( $categories ) 264 216 { 217 return count_user_total_images(); 265 218 $total = 0; 266 219 foreach ( $categories as $category ) { … … 269 222 } 270 223 return $total; 224 } 225 226 function count_user_total_images() 227 { 228 global $user; 229 230 $query = 'SELECT SUM(nb_images) AS total'; 231 $query.= ' FROM '.CATEGORIES_TABLE; 232 if ( count( $user['restrictions'] ) > 0 ) 233 $query.= ' WHERE id NOT IN ('.$user['forbidden_categories'].')'; 234 $query.= ';'; 235 236 $row = mysql_fetch_array( mysql_query( $query ) ); 237 238 if ( !isset( $row['total'] ) ) $row['total'] = 0; 239 240 return $row['total']; 271 241 } 272 242 … … 286 256 global $page; 287 257 258 $infos = array( 'nb_images','id_uppercat','comment','site_id','galleries_url' 259 ,'dir','date_last','uploadable','status','visible' 260 ,'representative_picture_id','uppercats' ); 261 262 $query = 'SELECT '.implode( ',', $infos ); 263 $query.= ' FROM '.CATEGORIES_TABLE.' AS a'; 264 $query.= ', '.SITES_TABLE.' AS b'; 265 $query.= ' WHERE a.id = '.$id; 266 $query.= ' AND a.site_id = b.id'; 267 $query.= ';'; 268 $row = mysql_fetch_array( mysql_query( $query ) ); 269 288 270 $cat = array(); 289 290 $query = 'SELECT nb_images,id_uppercat,comment,site_id,galleries_url,dir'; 291 $query.= ',date_last,uploadable,status,visible,representative_picture_id'; 292 $query.= ' FROM '.PREFIX_TABLE.'categories AS a'; 293 $query.= ', '.PREFIX_TABLE.'sites AS b'; 294 $query.= ' WHERE a.id = '.$id; 295 $query.= ' AND a.site_id = b.id;'; 296 $row = mysql_fetch_array( mysql_query( $query ) ); 297 $cat['site_id'] = $row['site_id']; 298 $cat['id_uppercat'] = $row['id_uppercat']; 299 $cat['comment'] = nl2br( $row['comment'] ); 300 $cat['nb_images'] = $row['nb_images']; 301 $cat['dir'] = $row['dir']; 302 $cat['date_last'] = $row['date_last']; 303 $cat['uploadable'] = get_boolean( $row['uploadable'] ); 304 $cat['status'] = $row['status']; 305 $cat['visible'] = get_boolean( $row['visible'] ); 306 $cat['representative_picture_id'] = $row['representative_picture_id']; 271 // affectation of each field of the table "config" to an information of the 272 // array $cat. 273 foreach ( $infos as $info ) { 274 if ( isset( $row[$info] ) ) $cat[$info] = $row[$info]; 275 else $cat[$info] = ''; 276 // If the field is true or false, the variable is transformed into a 277 // boolean value. 278 if ( $cat[$info] == 'true' or $cat[$info] == 'false' ) 279 { 280 $cat[$info] = get_boolean( $cat[$info] ); 281 } 282 } 283 $cat['comment'] = nl2br( $cat['comment'] ); 307 284 308 285 $cat['name'] = array(); 309 286 310 if ( !isset( $page['plain_structure'] ) ) 311 $page['plain_structure'] = get_plain_structure(); 312 313 array_push( $cat['name'], $page['plain_structure'][$id]['name'] ); 314 while ( $page['plain_structure'][$id]['id_uppercat'] != '' ) 315 { 316 $id = $page['plain_structure'][$id]['id_uppercat']; 317 array_push( $cat['name'], $page['plain_structure'][$id]['name'] ); 318 } 287 $query = 'SELECT name FROM '.CATEGORIES_TABLE; 288 $query.= ' WHERE id IN ('.$cat['uppercats'].')'; 289 $query.= ' ORDER BY id ASC'; 290 $query.= ';'; 291 $result = mysql_query( $query ); 292 while( $row = mysql_fetch_array( $result ) ) 293 { 294 array_push( $cat['name'], $row['name'] ); 295 } 296 319 297 return $cat; 320 298 } … … 338 316 global $page; 339 317 340 if ( !isset( $page['plain_structure'] ) ) 341 $page['plain_structure'] = get_plain_structure(); 342 343 // creating the local path : "root_cat/sub_cat/sub_sub_cat/" 344 $dir = $page['plain_structure'][$category_id]['dir'].'/'; 345 while ( $page['plain_structure'][$category_id]['id_uppercat'] != '' ) 346 { 347 $category_id = $page['plain_structure'][$category_id]['id_uppercat']; 348 $dir = $page['plain_structure'][$category_id]['dir'].'/'.$dir; 349 } 350 return $dir; 318 $uppercats = ''; 319 $local_dir = ''; 320 321 if ( isset( $page['plain_structure'][$category_id]['uppercats'] ) ) 322 { 323 $uppercats = $page['plain_structure'][$category_id]['uppercats']; 324 } 325 else 326 { 327 $query = 'SELECT uppercats'; 328 $query.= ' FROM '.CATEGORIES_TABLE.' WHERE id = '.$category_id; 329 $query.= ';'; 330 $row = mysql_fetch_array( mysql_query( $query ) ); 331 $uppercats = $row['uppercats']; 332 } 333 334 $upper_array = explode( ',', $uppercats ); 335 336 $database_dirs = array(); 337 $query = 'SELECT id,dir'; 338 $query.= ' FROM '.CATEGORIES_TABLE.' WHERE id IN ('.$uppercats.')'; 339 $query.= ';'; 340 $result = mysql_query( $query ); 341 while( $row = mysql_fetch_array( $result ) ) 342 { 343 $database_dirs[$row['id']] = $row['dir']; 344 } 345 foreach ( $upper_array as $id ) { 346 $local_dir.= $database_dirs[$id].'/'; 347 } 348 349 return $local_dir; 351 350 } 352 351 … … 357 356 global $page; 358 357 359 if ( !isset( $page['plain_structure'] ) )360 $page['plain_structure'] = get_plain_structure();361 362 358 $query = 'SELECT galleries_url'; 363 $query.= ' FROM '.PREFIX_TABLE.'sites'; 364 $query.= ' WHERE id = '.$page['plain_structure'][$category_id]['site_id']; 359 $query.= ' FROM '.SITES_TABLE.' AS s,'.CATEGORIES_TABLE.' AS c'; 360 $query.= ' WHERE s.id = c.site_id'; 361 $query.= ' AND c.id = '.$category_id; 365 362 $query.= ';'; 366 363 $row = mysql_fetch_array( mysql_query( $query ) ); … … 375 372 // - $style : the style of the span tag for the lowest category, 376 373 // "font-style:italic;" for example 377 function get_cat_display_name( $array_cat_names, $separation, $style ) 378 { 379 $output = ""; 380 for ( $i = sizeof( $array_cat_names ) - 1; $i >= 0; $i-- ) 381 { 382 if ( $i != sizeof( $array_cat_names ) - 1 ) 383 { 384 $output.= $separation; 385 } 386 if ( $i != 0 ) 387 { 388 $output.= $array_cat_names[$i]; 389 } 374 function get_cat_display_name( $array_cat_names, $separation, 375 $style, $replace_space = true ) 376 { 377 $output = ''; 378 foreach ( $array_cat_names as $i => $name ) { 379 if ( $i > 0 ) $output.= $separation; 380 if ( $i < count( $array_cat_names ) - 1 or $style == '') 381 $output.= $name; 390 382 else 391 { 392 if ( $style != "" ) 393 { 394 $output.= '<span style="'.$style.'">'; 395 } 396 $output.= $array_cat_names[$i]; 397 if ( $style != "" ) 398 { 399 $output.= "</span>"; 400 } 401 } 402 } 403 return replace_space( $output ); 383 $output.= '<span style="'.$style.'">'.$name.'</span>'; 384 } 385 if ( $replace_space ) return replace_space( $output ); 386 else return $output; 404 387 } 405 388 … … 419 402 function initialize_category( $calling_page = 'category' ) 420 403 { 404 pwg_debug( 'start initialize_category' ); 421 405 global $page,$lang,$user,$conf; 422 406 … … 427 411 $page['nb_image_page'] = $user['nb_image_page']; 428 412 // $url is used to create the navigation bar 429 $url = './category.php?cat='.$page['cat'].'&expand='.$page['expand']; 413 $url = './category.php?cat='.$page['cat']; 414 if ( isset($page['expand']) ) $url.= '&expand='.$page['expand']; 430 415 // simple category 431 416 if ( is_numeric( $page['cat'] ) ) … … 438 423 $page['cat_site_id'] = $result['site_id']; 439 424 $page['cat_uploadable'] = $result['uploadable']; 440 $page['title'] = get_cat_display_name( $page['cat_name'], ' - ', '' ); 425 $page['uppercats'] = $result['uppercats']; 426 $page['title'] = get_cat_display_name( $page['cat_name'],' - ','',false); 441 427 $page['where'] = ' WHERE category_id = '.$page['cat']; 442 428 } … … 447 433 { 448 434 // we must not show pictures of a forbidden category 449 $restricted_cats = get_all_restrictions( $user['id'],$user['status'] ); 450 if ( count( $restricted_cats ) > 0 ) 435 if ( $user['forbidden_categories'] != '' ) 451 436 { 452 $where_append.= ' AND category_id NOT IN ('; 453 foreach ( $restricted_cats as $i => $restricted_cat ) { 454 if ( $i > 0 ) $where_append.= ','; 455 $where_append.= $restricted_cat; 456 } 457 $where_append.= ')'; 437 $forbidden = ' category_id NOT IN '; 438 $forbidden.= '('.$user['forbidden_categories'].')'; 458 439 } 459 440 } … … 500 481 } 501 482 $page['where'].= ' )'; 502 $page['where'].= $where_append;483 if ( isset( $forbidden ) ) $page['where'].= ' AND '.$forbidden; 503 484 504 485 $query = 'SELECT COUNT(DISTINCT(id)) AS nb_total_images'; 505 $query.= ' FROM '. PREFIX_TABLE.'images';506 $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_categoryAS ic';486 $query.= ' FROM '.IMAGES_TABLE; 487 $query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic'; 507 488 $query.= ' ON id = ic.image_id'; 508 489 $query.= $page['where']; … … 516 497 $page['title'] = $lang['favorites']; 517 498 518 $page['where'] = ', '. PREFIX_TABLE.'favoritesAS fav';499 $page['where'] = ', '.FAVORITES_TABLE.' AS fav'; 519 500 $page['where'].= ' WHERE user_id = '.$user['id']; 520 501 $page['where'].= ' AND fav.image_id = id'; 521 502 522 503 $query = 'SELECT COUNT(*) AS nb_total_images'; 523 $query.= ' FROM '. PREFIX_TABLE.'favorites';504 $query.= ' FROM '.FAVORITES_TABLE; 524 505 $query.= ' WHERE user_id = '.$user['id']; 525 506 $query.= ';'; … … 534 515 $page['where'] = " WHERE date_available > '"; 535 516 $page['where'].= date( 'Y-m-d', $date )."'"; 536 $page['where'].= $where_append;517 if ( isset( $forbidden ) ) $page['where'].= ' AND '.$forbidden; 537 518 538 519 $query = 'SELECT COUNT(DISTINCT(id)) AS nb_total_images'; 539 $query.= ' FROM '. PREFIX_TABLE.'images';540 $query.= ' LEFTJOIN '.PREFIX_TABLE.'image_category AS ic';520 $query.= ' FROM '.IMAGES_TABLE; 521 $query.= ' INNER JOIN '.PREFIX_TABLE.'image_category AS ic'; 541 522 $query.= ' ON id = ic.image_id'; 542 523 $query.= $page['where']; … … 547 528 { 548 529 $page['title'] = $conf['top_number'].' '.$lang['most_visited_cat']; 549 $page['where'] = ' WHERE category_id != -1'.$where_append; 530 531 if ( isset( $forbidden ) ) $page['where'] = ' WHERE '.$forbidden; 532 else $page['where'] = ''; 550 533 $conf['order_by'] = ' ORDER BY hit DESC, file ASC'; 551 534 $page['cat_nb_images'] = $conf['top_number']; 552 if ( $page['start'] + $user['nb_image_page'] >= $conf['top_number'] ) 535 if ( isset( $page['start'] ) 536 and ($page['start']+$user['nb_image_page']>=$conf['top_number'])) 553 537 { 554 538 $page['nb_image_page'] = $conf['top_number'] - $page['start']; … … 556 540 } 557 541 558 if ( $query != '')542 if ( isset($query)) 559 543 { 560 544 $result = mysql_query( $query ); … … 574 558 $page['title'] = $lang['diapo_default_page_title']; 575 559 } 560 pwg_debug( 'end initialize_category' ); 576 561 } 577 562 … … 600 585 601 586 $query = 'SELECT id,nb_images'; 602 $query.= ' FROM '. PREFIX_TABLE.'categories';587 $query.= ' FROM '.CATEGORIES_TABLE; 603 588 $query.= ' WHERE id_uppercat '; 604 589 if ( !is_numeric( $id_uppercat ) ) $query.= 'is NULL'; 605 590 else $query.= '= '.$id_uppercat; 606 591 // we must not show pictures of a forbidden category 607 foreach ( $user['restrictions'] as $restricted_cat ) { 608 $query.= ' AND id != '.$restricted_cat; 592 if ( $user['forbidden_categories'] != '' ) 593 { 594 $query.= ' AND id NOT IN ('.$user['forbidden_categories'].')'; 609 595 } 610 596 $query.= ' ORDER BY rank'; … … 633 619 634 620 $query = 'SELECT id,nb_images'; 635 $query.= ' FROM '. PREFIX_TABLE.'categories';621 $query.= ' FROM '.CATEGORIES_TABLE; 636 622 $query.= ' WHERE id_uppercat = '.$id_uppercat; 637 623 // we must not show pictures of a forbidden category 638 foreach ( $user['restrictions'] as $restricted_cat ) { 639 $query.= ' AND id != '.$restricted_cat; 624 if ( $user['forbidden_categories'] != '' ) 625 { 626 $query.= ' AND id NOT IN ('.$user['forbidden_categories'].')'; 640 627 } 641 628 $query.= ' ORDER BY RAND()'; -
trunk/include/functions_group.inc.php
r57 r345 86 86 $query.= ';'; 87 87 $row = mysql_fetch_array( mysql_query( $query ) ); 88 if ( $row['id_uppercat'] == '' ) 89 { 90 $is_root = true; 91 } 88 if ( !isset( $row['id_uppercat'] ) ) $row['id_uppercat'] = ''; 89 if ( $row['id_uppercat'] == '' ) $is_root = true; 92 90 $category_id = $row['id_uppercat']; 93 91 } -
trunk/include/functions_user.inc.php
r99 r345 38 38 } 39 39 40 function register_user( 41 $login, $password, $password_conf,$mail_address, $status = 'guest' )40 function register_user( $login, $password, $password_conf, 41 $mail_address, $status = 'guest' ) 42 42 { 43 43 global $lang; … … 50 50 // 3. include ' or " characters 51 51 // 4. be already used 52 if ( $login == '' ) 53 { 54 $error[$i++] = $lang['reg_err_login1']; 55 } 56 if ( ereg( "^.* $", $login) ) 57 { 58 $error[$i++] = $lang['reg_err_login2']; 59 } 60 if ( ereg( "^ .*$", $login ) ) 61 { 62 $error[$i++] = $lang['reg_err_login3']; 63 } 52 if ( $login == '' ) $error[$i++] = $lang['reg_err_login1']; 53 if ( ereg( "^.* $", $login) ) $error[$i++] = $lang['reg_err_login2']; 54 if ( ereg( "^ .*$", $login ) ) $error[$i++] = $lang['reg_err_login3']; 55 64 56 if ( ereg( "'", $login ) or ereg( "\"", $login ) ) 65 {66 57 $error[$i++] = $lang['reg_err_login4']; 67 }68 58 else 69 59 { 70 $query = 'select id'; 71 $query.= ' from '.PREFIX_TABLE.'users'; 72 $query.= " where username = '".$login."';"; 73 $result = mysql_query( $query ); 74 if ( mysql_num_rows( $result ) > 0 ) 75 { 76 $error[$i++] = $lang['reg_err_login5']; 77 } 60 $query = 'SELECT id'; 61 $query.= ' FROM '.PREFIX_TABLE.'users'; 62 $query.= " WHERE username = '".$login."'"; 63 $query.= ';'; 64 $result = mysql_query( $query ); 65 if ( mysql_num_rows($result) > 0 ) $error[$i++] = $lang['reg_err_login5']; 78 66 } 79 67 // given password must be the same as the confirmation 80 if ( $password != $password_conf ) 81 { 82 $error[$i++] = $lang['reg_err_pass']; 83 } 68 if ( $password != $password_conf ) $error[$i++] = $lang['reg_err_pass']; 84 69 85 70 $error_mail_address = validate_mail_address( $mail_address ); 86 if ( $error_mail_address != '' ) 87 { 88 $error[$i++] = $error_mail_address; 89 } 71 if ( $error_mail_address != '' ) $error[$i++] = $error_mail_address; 90 72 91 73 // if no error until here, registration of the user … … 95 77 $infos = array( 'nb_image_line', 'nb_line_page', 'language', 96 78 'maxwidth', 'maxheight', 'expand', 'show_nb_comments', 97 'short_period', 'long_period', 'template' ); 98 $query = 'select'; 79 'short_period', 'long_period', 'template', 80 'forbidden_categories' ); 81 $query = 'SELECT '; 99 82 for ( $i = 0; $i < sizeof( $infos ); $i++ ) 100 83 { 101 if ( $i > 0 ) 102 { 103 $query.= ','; 104 } 105 else 106 { 107 $query.= ' '; 108 } 84 if ( $i > 0 ) $query.= ','; 109 85 $query.= $infos[$i]; 110 86 } 111 $query.= ' from '.PREFIX_TABLE.'users'; 112 $query.= " where username = 'guest';"; 87 $query.= ' FROM '.PREFIX_TABLE.'users'; 88 $query.= " WHERE username = 'guest'"; 89 $query.= ';'; 113 90 $row = mysql_fetch_array( mysql_query( $query ) ); 114 91 // 2. adding new user 115 $query = ' insert into'.PREFIX_TABLE.'users';92 $query = 'INSERT INTO '.PREFIX_TABLE.'users'; 116 93 $query.= ' ('; 117 94 $query.= ' username,password,mail_address,status'; … … 123 100 $query.= " '".$login."'"; 124 101 $query.= ",'".md5( $password )."'"; 125 if ( $mail_address != '' ) 126 { 127 $query.= ",'".$mail_address."'"; 128 } 129 else 130 { 131 $query.= ',NULL'; 132 } 102 if ( $mail_address != '' ) $query.= ",'".$mail_address."'"; 103 else $query.= ',NULL'; 133 104 $query.= ",'".$status."'"; 134 for ( $i = 0; $i < sizeof( $infos ); $i++ ) 135 { 105 foreach ( $infos as $info ) { 136 106 $query.= ','; 137 if ( $row[$infos[$i]] == '' ) 138 { 139 $query.= 'NULL'; 140 } 141 else 142 { 143 $query.= "'".$row[$infos[$i]]."'"; 144 } 107 if ( !isset( $row[$info] ) ) $query.= 'NULL'; 108 else $query.= "'".$row[$info]."'"; 145 109 } 146 110 $query.= ');'; … … 166 130 mysql_query ( $query ); 167 131 } 132 // 5. associate new user to the same groups that the guest 133 $query = 'SELECT group_id'; 134 $query.= ' FROM '.PREFIX_TABLE.'user_group AS ug'; 135 $query.= ', '.PREFIX_TABLE.'users AS u'; 136 $query.= " WHERE u.username = 'guest'"; 137 $query.= ' AND ug.user_id = u.id'; 138 $query.= ';'; 139 $result = mysql_query( $query ); 140 while( $row = mysql_fetch_array( $result ) ) 141 { 142 $query = 'INSERT INTO '.PREFIX_TABLE.'user_group'; 143 $query.= ' (user_id,group_id) VALUES'; 144 $query.= ' ('.$user_id.','.$row['group_id'].')'; 145 $query.= ';'; 146 mysql_query ( $query ); 147 } 148 // 6. has the same categories informations than guest 149 $query = 'SELECT category_id,date_last,nb_sub_categories'; 150 $query.= ' FROM '.PREFIX_TABLE.'user_category AS uc'; 151 $query.= ', '.PREFIX_TABLE.'users AS u'; 152 $query.= " WHERE u.username = 'guest'"; 153 $query.= ' AND uc.user_id = u.id'; 154 $query.= ';'; 155 $result = mysql_query( $query ); 156 while( $row = mysql_fetch_array( $result ) ) 157 { 158 $query = 'INSERT INTO '.PREFIX_TABLE.'user_category'; 159 $query.= ' (user_id,category_id,date_last,nb_sub_categories) VALUES'; 160 $query.= ' ('.$user_id.','.$row['category_id']; 161 $query.= ",'".$row['date_last']."',".$row['nb_sub_categories'].')'; 162 $query.= ';'; 163 mysql_query ( $query ); 164 } 168 165 } 169 166 return $error; … … 210 207 global $user,$lang,$conf,$page; 211 208 212 if ( $user['is_the_guest'] 213 and ( $conf['access'] == 'restricted' or $page['cat'] == 'fav' ) ) 209 if ( $user['is_the_guest']) 210 { 211 if ( $conf['access'] == 'restricted' || (isset($page['cat']) && $page['cat'] == 'fav' ) ) 214 212 { 215 213 echo '<div style="text-align:center;">'.$lang['only_members'].'<br />'; … … 217 215 exit(); 218 216 } 219 } 220 221 // The function get_restrictions returns an array with the ids of the 222 // restricted categories for the user. 223 // If the $check_invisible parameter is set to true, invisible categories 224 // are added to the restricted one in the array. 225 function get_restrictions( $user_id, $user_status, 226 $check_invisible, $use_groups = true ) 227 { 228 // 1. retrieving ids of private categories 229 $query = 'SELECT id'; 230 $query.= ' FROM '.PREFIX_TABLE.'categories'; 231 $query.= " WHERE status = 'private'"; 232 $query.= ';'; 233 $result = mysql_query( $query ); 234 $privates = array(); 235 while ( $row = mysql_fetch_array( $result ) ) 236 { 237 array_push( $privates, $row['id'] ); 238 } 239 // 2. retrieving all authorized categories for the user 240 $authorized = array(); 241 // 2.1. retrieving authorized categories thanks to personnal user 242 // authorization 243 $query = 'SELECT cat_id'; 244 $query.= ' FROM '.PREFIX_TABLE.'user_access'; 245 $query.= ' WHERE user_id = '.$user_id; 246 $query.= ';'; 247 $result = mysql_query( $query ); 248 while ( $row = mysql_fetch_array( $result ) ) 249 { 250 array_push( $authorized, $row['cat_id'] ); 251 } 252 // 2.2. retrieving authorized categories thanks to group authorization to 253 // which the user is a member 254 if ( $use_groups ) 255 { 256 $query = 'SELECT ga.cat_id'; 257 $query.= ' FROM '.PREFIX_TABLE.'user_group as ug'; 258 $query.= ', '.PREFIX_TABLE.'group_access as ga'; 259 $query.= ' WHERE ug.group_id = ga.group_id'; 260 $query.= ' AND ug.user_id = '.$user_id; 261 $query.= ';'; 262 $result = mysql_query( $query ); 263 while ( $row = mysql_fetch_array( $result ) ) 264 { 265 array_push( $authorized, $row['cat_id'] ); 266 } 267 $authorized = array_unique( $authorized ); 268 } 269 270 $forbidden = array(); 271 foreach ( $privates as $private ) { 272 if ( !in_array( $private, $authorized ) ) 273 { 274 array_push( $forbidden, $private ); 275 } 276 } 277 278 if ( $check_invisible ) 279 { 280 // 3. adding to the restricted categories, the invisible ones 281 if ( $user_status != 'admin' ) 282 { 283 $query = 'SELECT id'; 284 $query.= ' FROM '.PREFIX_TABLE.'categories'; 285 $query.= " WHERE visible = 'false';"; 286 $result = mysql_query( $query ); 287 while ( $row = mysql_fetch_array( $result ) ) 288 { 289 array_push( $forbidden, $row['id'] ); 290 } 291 } 292 } 293 return array_unique( $forbidden ); 294 } 295 296 // The get_all_restrictions function returns an array with all the 297 // categories id which are restricted for the user. Including the 298 // sub-categories and invisible categories 299 function get_all_restrictions( $user_id, $user_status ) 300 { 301 $restricted_cats = get_restrictions( $user_id, $user_status, true ); 302 foreach ( $restricted_cats as $restricted_cat ) { 303 $sub_restricted_cats = get_subcats_id( $restricted_cat ); 304 foreach ( $sub_restricted_cats as $sub_restricted_cat ) { 305 array_push( $restricted_cats, $sub_restricted_cat ); 306 } 307 } 308 return $restricted_cats; 309 } 310 311 // The function is_user_allowed returns : 312 // - 0 : if the category is allowed with this $restrictions array 313 // - 1 : if this category is not allowed 314 // - 2 : if an uppercat category is not allowed 315 function is_user_allowed( $category_id, $restrictions ) 316 { 317 $lowest_category_id = $category_id; 318 319 $is_root = false; 320 while ( !$is_root and !in_array( $category_id, $restrictions ) ) 321 { 322 $query = 'SELECT id_uppercat'; 323 $query.= ' FROM '.PREFIX_TABLE.'categories'; 324 $query.= ' WHERE id = '.$category_id; 325 $query.= ';'; 326 $row = mysql_fetch_array( mysql_query( $query ) ); 327 if ( $row['id_uppercat'] == '' ) $is_root = true; 328 $category_id = $row['id_uppercat']; 329 } 330 331 if ( in_array( $lowest_category_id, $restrictions ) ) return 1; 332 if ( in_array( $category_id, $restrictions ) ) return 2; 333 // this user is allowed to go in this category 334 return 0; 217 } 335 218 } 336 219 ?> -
trunk/include/functions_xml.inc.php
r231 r345 17 17 * * 18 18 ***************************************************************************/ 19 20 //------------------------------------------------------------------ constantes21 define( "ATT_REG", '\w+' );22 define( "VAL_REG", '[^"]*' );23 19 //------------------------------------------------------------------- functions 24 20 // getContent returns the content of a tag -
trunk/include/user.inc.php
r90 r345 17 17 * * 18 18 ***************************************************************************/ 19 19 20 // retrieving user informations 20 21 // $infos array is used to know the fields to retrieve in the table "users" … … 25 26 'nb_line_page', 'status', 'language', 'maxwidth', 26 27 'maxheight', 'expand', 'show_nb_comments', 'short_period', 27 'long_period', 'template' );28 'long_period', 'template', 'forbidden_categories' ); 28 29 29 $query_user = 'SELECT '; 30 foreach ( $infos as $i => $info ) { 31 if ( $i > 0 ) $query_user.= ','; 32 $query_user.= $info; 33 } 34 $query_user.= ' FROM '.PREFIX_TABLE.'users'; 30 $query_user = 'SELECT '.implode( ',', $infos ); 31 $query_user.= ' FROM '.USERS_TABLE; 35 32 $query_done = false; 36 33 $user['is_the_guest'] = false; … … 60 57 $page['session_id'] = $session_id; 61 58 $query = 'SELECT user_id,expiration,ip'; 62 $query.= ' FROM '. PREFIX_TABLE.'sessions';59 $query.= ' FROM '.SESSIONS_TABLE; 63 60 $query.= " WHERE id = '".$page['session_id']."'"; 64 61 $query.= ';'; … … 73 70 // deletion of the session from the database, 74 71 // because it is out-of-date 75 $delete_query = 'DELETE FROM '. PREFIX_TABLE.'sessions';72 $delete_query = 'DELETE FROM '.SESSIONS_TABLE; 76 73 $delete_query.= " WHERE id = '".$page['session_id']."'"; 77 74 $delete_query.= ';'; … … 97 94 } 98 95 $query_user .= ';'; 99 100 96 $row = mysql_fetch_array( mysql_query( $query_user ) ); 101 97 … … 103 99 // of the array $user. 104 100 foreach ( $infos as $info ) { 105 $user[$info] = $row[$info]; 106 // If the field is true or false, the variable is transformed into a 107 // boolean value. 108 if ( $row[$info] == 'true' or $row[$info] == 'false' ) 101 if ( isset( $row[$info] ) ) 109 102 { 110 $user[$info] = get_boolean( $row[$info] ); 103 // If the field is true or false, the variable is transformed into a 104 // boolean value. 105 if ( $row[$info] == 'true' or $row[$info] == 'false' ) 106 $user[$info] = get_boolean( $row[$info] ); 107 else 108 $user[$info] = $row[$info]; 109 } 110 else 111 { 112 $user[$info] = ''; 111 113 } 112 114 } 115 116 // special for $user['restrictions'] array 117 $user['restrictions'] = explode( ',', $user['forbidden_categories'] ); 118 if ( $user['restrictions'][0] == '' ) $user['restrictions'] = array(); 113 119 ?> -
trunk/include/vtemplate.class.php
r153 r345 16 16 * 17 17 *****************************************************************/ 18 19 18 // to make it work on nexen.net 20 19 set_magic_quotes_runtime(0); -
trunk/index.php
r231 r345 18 18 ***************************************************************************/ 19 19 20 define( "PREFIX_INCLUDE", '' ); 21 include_once( './include/functions.inc.php' ); 22 database_connection(); 23 // retrieving configuration informations 24 $query = 'SELECT access'; 25 $query.= ' FROM '.PREFIX_TABLE.'config;'; 26 $row = mysql_fetch_array( mysql_query( $query ) ); 27 if ( $row['access'] == 'restricted' ) 20 //----------------------------------------------------------- include 21 $phpwg_root_path = './'; 22 include_once( $phpwg_root_path.'common.php' ); 23 if ( $conf['access'] == 'restricted' ) 28 24 { 29 25 if ( isset( $_COOKIE['id'] ) ) $url = 'category'; -
trunk/install.php
r230 r345 19 19 20 20 //-------------------------------------------------------------------- includes 21 define( "PREFIX_INCLUDE", '' );21 define( 'PREFIX_INCLUDE', '' ); 22 22 include( './include/vtemplate.class.php' ); 23 23 include( './include/functions.inc.php' ); 24 25 $config_file = './config.php'; 24 26 //----------------------------------------------------- template initialization 25 27 $vtp = new VTemplate; 26 28 $handle = $vtp->Open( './template/default/install.vtp' ); 27 $vtp->setGlobalVar( $handle, 'release', '1. 3' );29 $vtp->setGlobalVar( $handle, 'release', '1.4' ); 28 30 //-------------------------------------------------------------------- language 29 31 if ( isset( $_GET['language'] ) ) … … 46 48 } 47 49 //---------------------- Step 1 : connection informations, write of config file 48 if ( $_GET['step'] == 1 )50 if ( isset($_GET['step']) && $_GET['step'] == 1 ) 49 51 { 50 52 $errors = array(); … … 74 76 array_push( $errors, $lang['step1_err_server'] ); 75 77 } 76 78 77 79 if ( count( $errors ) == 0 ) 78 80 { … … 82 84 $file_content.= "\n\$cfgPassword = '". $_POST['cfgPassword']."';"; 83 85 $file_content.= "\n\$cfgHote = '". $_POST['cfgHote']."';"; 84 $file_content.= "\n\$prefixeTable = '".$_POST['prefixeTable']."';"; 86 $file_content.= "\n"; 87 $file_content.= "\n\$table_prefix = '".$_POST['prefixeTable']."';"; 88 $file_content.= "\n"; 89 $file_content.= "\ndefine('PHPWG_INSTALLED', true);"; 85 90 $file_content.= "\n?>"; 86 91 // writting the configuration file 87 if ( $fp = @fopen( './include/mysql.inc.php', 'a+' ) ) 88 { 92 if ( $fp = @fopen( $config_file, 'a+' ) ) 93 { 94 ftruncate($fp, 0); 89 95 fwrite( $fp, $file_content ); 90 96 fclose( $fp ); … … 94 100 $cfgPassword = ''; 95 101 $cfgBase = ''; 96 i nclude( './include/mysql.inc.php');102 if ( is_file( $config_file ) ) include( $config_file ); 97 103 $file_OK = false; 98 104 if ( @mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) ) … … 151 157 $vtp->setVar( $handle, 'step1.f_host', $_POST['cfgHote'] ); 152 158 // user 153 $vtp->setVar( $handle, 'step1.f_user', $_POST['cfgUser'] ); 159 if ( isset( $_POST['cfgUser'] ) ) 160 $vtp->setVar( $handle, 'step1.f_user', $_POST['cfgUser'] ); 154 161 // base 155 $vtp->setVar( $handle, 'step1.f_base', $_POST['cfgBase'] ); 162 if ( isset( $_POST['cfgBase'] ) ) 163 $vtp->setVar( $handle, 'step1.f_base', $_POST['cfgBase'] ); 156 164 // prefixeTable 157 165 if ( !isset( $_POST['prefixeTable'] ) ) … … 164 172 } 165 173 //------------------------------------- Step 2 : creation of tables in database 166 else if ( $_GET['step'] == 2 )174 else if ( isset($_GET['step']) && $_GET['step'] == 2 ) 167 175 { 168 176 $errors = array(); 169 177 $infos = array(); 170 178 171 include( './include/mysql.inc.php');179 include( $config_file ); 172 180 mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) 173 181 or die ( "Can't connect to database host" ); … … 189 197 { 190 198 $query = trim( $query ); 191 $query = str_replace( 'phpwebgallery_', $ prefixeTable, $query );199 $query = str_replace( 'phpwebgallery_', $table_prefix, $query ); 192 200 // we don't execute "DROP TABLE" queries 193 201 if ( !preg_match( '/^DROP TABLE/i', $query ) ) … … 222 230 if ( count( $errors ) == 0 ) 223 231 { 224 $query = 'DELETE FROM '.$ prefixeTable.'config';232 $query = 'DELETE FROM '.$table_prefix.'config'; 225 233 mysql_query( $query ); 226 234 227 $query = 'INSERT INTO '.$ prefixeTable.'config';235 $query = 'INSERT INTO '.$table_prefix.'config'; 228 236 $query.= ' (webmaster,mail_webmaster) VALUES '; 229 237 $query.= " ('".$webmaster."','".$_POST['mail_webmaster']."')"; … … 231 239 mysql_query( $query ); 232 240 233 $query = 'INSERT INTO '.$ prefixeTable.'sites';241 $query = 'INSERT INTO '.$table_prefix.'sites'; 234 242 $query.= " (id,galleries_url) VALUES (1, './galleries/')"; 235 243 $query.= ';'; … … 237 245 238 246 // webmaster admin user 239 $query = 'INSERT INTO '.$ prefixeTable.'users';240 $query.= ' (id,username,password,status,language ) VALUES ';247 $query = 'INSERT INTO '.$table_prefix.'users'; 248 $query.= ' (id,username,password,status,language,mail_address) VALUES '; 241 249 $query.= "(1,'".$webmaster."','".md5( $_POST['pwdWebmaster'] )."'"; 242 $query.= ",'admin','".$_GET['language']."')"; 250 $query.= ",'admin','".$_GET['language']."'"; 251 $query.= ",'".$_POST['mail_webmaster']."')"; 243 252 $query.= ';'; 244 253 mysql_query($query); 245 254 246 255 // guest user 247 $query = 'INSERT INTO '.$ prefixeTable.'users';256 $query = 'INSERT INTO '.$table_prefix.'users'; 248 257 $query.= '(id,username,password,status,language) VALUES '; 249 258 $query.= "(2,'guest','','guest','".$_GET['language']."')"; … … 268 277 { 269 278 $vtp->addSession( $handle, 'step2' ); 279 if ( isset( $_POST['webmaster'] )) 270 280 $vtp->setVar( $handle, 'step2.f_webmaster', $_POST['webmaster'] ); 281 if ( isset( $_POST['mail_webmaster'] )) 271 282 $vtp->setVar( $handle, 'step2.f_mail_webmaster', $_POST['mail_webmaster']); 272 283 $vtp->closeSession( $handle, 'step2' ); -
trunk/language/english.php
r229 r345 156 156 $lang['upload_successful'] = 'Picture uploaded with success, an administrator will validate it as soon as possible'; 157 157 // new or modified in release 1.3 158 $lang['charset'] = ' ISO_8859-1';158 $lang['charset'] = 'iso-8859-1'; 159 159 $lang['no'] = 'no'; 160 160 $lang['yes'] = 'yes'; … … 536 536 $lang['conf_upload_available_info'] = 'Authorizing the upload of pictures by users on the categories of the website (not on a remote server). This is general parameter, it is needed to authorize upload category by category, by default, no category is "uploadable".'; 537 537 $lang['install_help'] = 'Need help ? Ask your question on <a href="http://forum.phpwebgallery.net">PhpWebGallery message board</a>.'; 538 // new or modified in release 1.3.1 539 $lang['cat_unknown_id'] = 'This category is unknown in the database'; 540 } 541 538 542 // new or modified in release 1.4 539 543 $lang['install_end_message'] = 'The configuration of PhpWebGallery is finished, here is the next step<br /><br /> … … 545 549 </ul>'; 546 550 $lang['install_warning'] = 'The file "install.php" is still present. Please remove it from your server. It is not secure to keep it.'; 547 } 551 548 552 ?> -
trunk/language/francais.php
r229 r345 3 3 * francais.php * 4 4 * ------------------- * 5 * application : PhpWebGallery 1. 3<http://phpwebgallery.net> *5 * application : PhpWebGallery 1.4 <http://phpwebgallery.net> * 6 6 * author : Pierrick LE GALL <pierrick@z0rglub.com> * 7 7 * * … … 148 148 $lang['upload_successful'] = 'Image uploadée avec succès, un administrateur validera celle-ci dès que possible.'; 149 149 // new or modified in release 1.3 150 $lang['charset'] = ' ISO_8859-1';150 $lang['charset'] = 'iso-8859-1'; 151 151 $lang['no'] = 'non'; 152 152 $lang['yes'] = 'oui'; … … 216 216 $lang['mail_new_comment_subject'] = 'Nouveau commentaire sur le site'; 217 217 $lang['mail_new_comment_content'] = 'Un nouveau commentaire a été posté sur la galerie. Si vous avez activé la validation des commentaires, il faut d\'abord valider le commentaire dans la zone d\'administration pour le voir apparaître.'."\n\n".'Vous avez accès aux derniers commentaires dans la zone d\'administration.'; 218 if (isset($conf)) 218 219 $lang['about_message'] = '<div style="text-align:center;font-weigh:bold;">Informations sur le PhpWebGallery</div> 219 220 <ul> … … 532 533 $lang['help_access'][2] = '2. Sur les pages des permissions (d\'un groupe, d\'utilisateur) la catégorie apparaîtra et vous pourrez autoriser l\'accès ou non.'; 533 534 $lang['help_infos'][2] = 'Pour n\'importe quelle question, n\'hésitez pas à consulter le forum ou à y poser une question, sur le site'; 535 if (isset($conf)) 534 536 $lang['help_infos'][2] = 'Pour n\'importe quelle question, n\'hésitez pas à consulter le <a href="'.$conf['forum_url'].'" style="text-decoration:underline">forum</a> ou à y poser une question, sur le site'; 535 537 $lang['step1_err_copy'] = 'Copiez le texte en bleu entre les tirets et collez-le dans le fichier mysql.inc.php qui se trouve dans le répertoire "include" à la base de l\'endroit où vous avez installé PhpWebGallery (le fichier mysql.inc.php ne doit comporter QUE ce qui est en bleu entre les tirets, aucun retour à la ligne ou espace n\'est autorisé)'; 536 538 $lang['conf_upload_available_info'] = 'Autoriser l\'ajout d\'image par les utilisateurs dans les catégories du site (pas sur un site distant). Ceci est un paramètre général, il est nécessaire pour autoriser l\'upload catégorie par catégorie.'; 537 539 $lang['install_help'] = 'Besoin d\'aide ? Posez votre question sur le <a href="http://forum.phpwebgallery.net">forum de PhpWebGallery</a>.'; 538 // new or modified in release 1.4 540 // new or modified in release 1.3.1 541 $lang['cat_unknown_id'] = 'Cette catégorie n\'existe pas dans la base de données'; 542 } 543 544 545 // new or modified in release 1.4 539 546 $lang['install_end_message'] = 'La configuration de l\'application s\'est correctement déroulée, place à la prochaine étape<br /><br /> 540 547 Par mesure de sécurité, merci de supprimer le fichier "install.php"<br /> 541 548 Un fois ce fichier supprimé, veuillez suivre ces indications : 542 549 <ul> 543 <li>allez sur la page d\'identification : [ <a href=". ./identification.php">identification</a> ] et connectez-vous avec le pseudo donné pour le webmaster</li>550 <li>allez sur la page d\'identification : [ <a href="./identification.php">identification</a> ] et connectez-vous avec le pseudo donné pour le webmaster</li> 544 551 <li>celui-ci vous permet d\'accéder à la partie administration et aux instructions pour placer les images dans les répertoires.</li> 545 552 </ul>'; 546 553 $lang['install_warning'] = 'Le fichier "install.php" est encore présent sur votre serveur. Merci de le supprimer. Il pourrait être utilisé par un tiers à des fins malveillantes.'; 547 } 554 555 548 556 ?> -
trunk/picture.php
r183 r345 17 17 * * 18 18 ***************************************************************************/ 19 20 19 // this page shows the image full size 21 //----------------------------------------------------------- personnal include 22 include_once( './include/init.inc.php' ); 20 //----------------------------------------------------------- include 21 $phpwg_root_path = './'; 22 include_once( $phpwg_root_path.'common.php' ); 23 23 //-------------------------------------------------- access authorization check 24 24 check_cat_id( $_GET['cat'] ); 25 25 check_login_authorization(); 26 $page['plain_structure'] = get_plain_structure();27 26 if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) ) 28 27 { … … 30 29 } 31 30 //---------------------------------------- incrementation of the number of hits 32 $query = 'UPDATE '.PREFIX_TABLE.'images'; 33 $query.= ' SET hit=hit+1'; 31 $query = 'UPDATE '.IMAGES_TABLE.' SET hit=hit+1'; 34 32 $query.= ' WHERE id='.$_GET['image_id']; 35 33 $query.= ';'; … … 38 36 initialize_category( 'picture' ); 39 37 //------------------------------------- main picture information initialization 40 $ query = 'SELECT id,date_available,comment,hit,keywords';41 $query.= ',author,name,file,date_creation,filesize,width,height'; 42 $query.= ',storage_category_id';43 if ( is_numeric( $page['cat'] ) ) 44 { 45 46 } 47 $query.= ' FROM '.PREFIX_TABLE.'images';48 $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS icON id = ic.image_id';38 $infos = array( 'id','date_available','comment','hit','keywords','author' 39 ,'name','file','date_creation','filesize','width','height' 40 ,'storage_category_id' ); 41 42 $query = 'SELECT '.implode( ',', $infos ); 43 if ( is_numeric( $page['cat'] ) ) $query.= ',category_id'; 44 $query.= ' FROM '.IMAGES_TABLE; 45 $query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic'; 46 $query.= ' ON id = ic.image_id'; 49 47 $query.= $page['where']; 50 48 $query.= ' AND id = '.$_GET['image_id']; … … 62 60 } 63 61 $row = mysql_fetch_array( $result ); 64 $page['id'] = $row['id']; 65 $page['file'] = $row['file']; 66 $page['name'] = $row['name']; 67 $page['date_available'] = $row['date_available']; 68 $page['comment'] = $row['comment']; 69 $page['hit'] = $row['hit']; 70 $page['author'] = $row['author']; 71 $page['date_creation'] = $row['date_creation']; 72 $page['filesize'] = $row['filesize']; 73 $page['width'] = $row['width']; 74 $page['height'] = $row['height']; 75 $page['category_id'] = $row['category_id']; 76 $page['keywords'] = $row['keywords']; 77 $page['storage_category_id'] = $row['storage_category_id']; 62 63 foreach ( $infos as $info ) { 64 if ( isset( $row[$info] ) ) $page[$info] = $row[$info]; 65 else $page[$info] = ''; 66 } 67 if ( is_numeric( $page['cat'] ) ) $page['category_id'] = $row['category_id']; 78 68 // retrieving the number of the picture in its category (in order) 79 69 $query = 'SELECT DISTINCT(id)'; 80 $query.= ' FROM '.PREFIX_TABLE.'images'; 81 $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id = ic.image_id'; 70 $query.= ' FROM '.IMAGES_TABLE; 71 $query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic'; 72 $query.= ' ON id = ic.image_id'; 82 73 $query.= $page['where']; 83 74 $query.= $conf['order_by']; … … 98 89 // verify if the picture is already in the favorite of the user 99 90 $query = 'SELECT COUNT(*) AS nb_fav'; 100 $query.= ' FROM '.PREFIX_TABLE.'favorites'; 101 $query.= ' WHERE image_id = '.$page['id']; 91 $query.= ' FROM '.FAVORITES_TABLE.' WHERE image_id = '.$page['id']; 102 92 $query.= ' AND user_id = '.$user['id']; 103 93 $query.= ';'; … … 106 96 if ( $row['nb_fav'] == 0 ) 107 97 { 108 $query = 'INSERT INTO '.PREFIX_TABLE.'favorites'; 109 $query.= ' (image_id,user_id) VALUES'; 98 $query = 'INSERT INTO '.FAVORITES_TABLE.' (image_id,user_id) VALUES'; 110 99 $query.= ' ('.$page['id'].','.$user['id'].')'; 111 100 $query.= ';'; … … 115 104 if ( $_GET['add_fav'] == 0 ) 116 105 { 117 $query = 'DELETE FROM '.PREFIX_TABLE.'favorites'; 118 $query.= ' WHERE user_id = '.$user['id']; 106 $query = 'DELETE FROM '.FAVORITES_TABLE.' WHERE user_id = '.$user['id']; 119 107 $query.= ' AND image_id = '.$page['id']; 120 108 $query.= ';'; … … 140 128 } 141 129 $query = 'SELECT id'; 142 $query.= ' FROM '.PREFIX_TABLE.'images';143 $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_categoryAS ic';130 $query.= ' FROM '.IMAGES_TABLE; 131 $query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic'; 144 132 $query.= ' ON id = ic.image_id'; 145 133 $query.= $page['where']; … … 162 150 } 163 151 } 152 153 //---------------------------------------------- next picture thumbnail display 154 $next = 0; 155 if ( $page['num'] < $page['cat_nb_images']-1 ) 156 { 157 $next = $page['num'] + 1; 158 $query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id'; 159 $query.= ' FROM '.IMAGES_TABLE; 160 $query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic'; 161 $query.= ' ON id=ic.image_id'; 162 $query.= $page['where']; 163 $query.= $conf['order_by']; 164 $query.= ' LIMIT '.$next.',1'; 165 $query.= ';'; 166 $result = mysql_query( $query ); 167 $row = mysql_fetch_array( $result ); 168 169 if ( !isset($array_cat_directories[$row['storage_category_id']])) 170 { 171 $array_cat_directories[$row['storage_category_id']] = 172 get_complete_dir( $row['storage_category_id'] ); 173 } 174 $cat_directory = $array_cat_directories[$row['storage_category_id']]; 175 176 $file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") ); 177 $next_lien_thumbnail = $cat_directory.'thumbnail/'; 178 $next_lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext']; 179 180 if ( isset( $row['name'] ) and $row['name'] != '' ) 181 { 182 $next_alt_thumbnail = $row['name']; 183 } 184 else 185 { 186 $next_alt_thumbnail = $file; 187 } 188 $next_title = $lang['next_image']." : ".$next_alt_thumbnail; 189 190 $next_url_link = './picture.php?image_id='.$row['id']; 191 $next_url_link.= '&cat='.$page['cat']; 192 if ( isset( $_GET['expand'] ) ) 193 $next_url_link.= '&expand='.$_GET['expand']; 194 if ( $page['cat'] == 'search' ) 195 { 196 $next_url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode']; 197 } 198 } 164 199 //----------------------------------------------------- template initialization 165 $vtp = new VTemplate; 200 // 201 // Start output of page 202 // 203 //------------------------------------------------------------------ page title 204 $title = $page['name']; 205 if ( $title == '') 206 { 207 $title = str_replace("_"," ",get_filename_wo_extension($page['file'])); 208 } 209 $refresh = 0; 210 if ( isset( $_GET['slideshow'] ) && isset($next_url_link)) 211 { 212 $refresh= $_GET['slideshow']; 213 $url_link = $next_url_link; 214 } 215 include('include/page_header.php'); 216 166 217 $handle = $vtp->Open( './template/'.$user['template'].'/picture.vtp' ); 167 218 initialize_template(); … … 171 222 'period_seconds' ); 172 223 templatize_array( $tpl, 'lang', $handle ); 173 $vtp->setGlobalVar( $handle, 'user_template', $user['template'] );174 $vtp->setGlobalVar( $handle, 'text_color', $user['couleur_text'] );175 224 //-------------------------------------------------------- slideshow management 176 225 if ( isset( $_GET['slideshow'] ) ) … … 200 249 $url.= '?image_id='.$page['id']; 201 250 $url.= '&cat='.$page['cat']; 202 $url.= '&expand='.$_GET['expand']; 251 if (isset($_GET['expand'])) 252 $url.= '&expand='.$_GET['expand']; 203 253 if ( $page['cat'] == 'search' ) 204 254 { … … 212 262 $vtp->closeSession( $handle, 'start_slideshow' ); 213 263 } 214 //------------------------------------------------------------------ page title 215 if ( $page['name'] != '' ) 216 { 217 $vtp->setGlobalVar( $handle, 'page_title', $page['name'] ); 218 } 219 else 220 { 221 $page_title = str_replace("_"," ",get_filename_wo_extension($page['file'])); 222 $vtp->setGlobalVar( $handle, 'page_title', $page_title ); 223 } 264 224 265 //-------------------------------------------------- previous picture thumbnail 225 266 if ( $page['num'] >= 1 ) … … 227 268 $prev = $page['num'] - 1; 228 269 $query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id'; 229 $query.= ' FROM '.PREFIX_TABLE.'images'; 230 $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id=ic.image_id'; 270 $query.= ' FROM '.IMAGES_TABLE; 271 $query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic'; 272 $query.= ' ON id=ic.image_id'; 231 273 $query.= $page['where']; 232 274 $query.= $conf['order_by']; … … 236 278 $row = mysql_fetch_array( $result ); 237 279 238 if ( $array_cat_directories[$row['storage_category_id']] == '')280 if ( !isset($array_cat_directories[$row['storage_category_id']]) ) 239 281 { 240 282 $array_cat_directories[$row['storage_category_id']] = … … 244 286 245 287 $file = substr( $row['file'], 0, strrpos ( $row['file'], '.' ) ); 246 $lien_thumbnail = $cat_directory.' /thumbnail/';288 $lien_thumbnail = $cat_directory.'thumbnail/'; 247 289 $lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext']; 248 290 249 291 $prev_title = $lang['previous_image'].' : '; 250 $alt_thumbnaill = ''; 251 if ( $row['name'] != '' ) $alt_thumbnail = $row['name']; 252 else $alt_thumbnail = $file; 292 293 if ( isset( $row['name'] ) and $row['name'] != '' ) 294 $alt_thumbnail = $row['name']; 295 else 296 $alt_thumbnail = $file; 297 253 298 $prev_title.= $alt_thumbnail; 254 299 255 300 $url_link = './picture.php?image_id='.$row['id'].'&cat='.$page['cat']; 256 $url_link.= '&expand='.$_GET['expand'];301 if ( isset( $_GET['expand'] ) ) $url_link.= '&expand='.$_GET['expand']; 257 302 if ( $page['cat'] == 'search' ) 258 303 { … … 283 328 } 284 329 285 if ( $array_cat_directories[$page['storage_category_id']] == '')330 if ( !isset($array_cat_directories[$page['storage_category_id']]) ) 286 331 { 287 332 $array_cat_directories[$page['storage_category_id']] = … … 291 336 292 337 $n = $page['num'] + 1; 293 $intitule_titre = replace_space( $intitule_cat." - " ).$n.'/' .338 $intitule_titre = replace_space( $intitule_cat." - " ).$n.'/'; 294 339 $intitule_titre.= $page['cat_nb_images']."<br />"; 295 340 if ( $page['name'] != "" ) … … 330 375 331 376 $url_link = './category.php?cat='.$page['cat'].'&'; 332 $url_link.= 'num='.$page['num'].'&expand='.$_GET['expand']; 377 $url_link.= 'num='.$page['num']; 378 if (isset($_GET['expand'])) 379 $url_link.='&expand='.$_GET['expand']; 333 380 if ( $page['cat'] == 'search' ) 334 381 { … … 338 385 $vtp->setGlobalVar( $handle, 'picture_width', $final_width ); 339 386 $vtp->setGlobalVar( $handle, 'picture_height', $final_height ); 340 $vtp->setGlobalVar( $handle, 'picture_border_color', $user['couleur_text'] );341 387 $vtp->setGlobalVar( $handle, 'picture_src', $lien_image ); 342 388 $vtp->setGlobalVar( $handle, 'picture_alt', $page['file'] ); … … 427 473 $keywords = explode( ',', $page['keywords'] ); 428 474 $content = ''; 429 $url = './category.php?cat=search&expand='.$_GET['expand']; 475 $url = './category.php?cat=search'; 476 if ( isset( $_GET['expand'] ) ) $url.= '&expand='.$_GET['expand']; 430 477 $url.= '&mode=OR&search='; 431 478 foreach ( $keywords as $i => $keyword ) { … … 443 490 $vtp->closeSession( $handle, 'info_line' ); 444 491 //------------------------------------------------------- favorite manipulation 445 if ( $page['cat'] != 'fav' and !$user['is_the_guest'] ) 446 { 447 $url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id']; 448 $url.= '&expand='.$_GET['expand'].'&add_fav=1'; 449 if ( $page['cat'] == 'search' ) 450 { 451 $url.= '&search='.$_GET['search'].'&mode='.$_GET['mode']; 452 } 453 $vtp->addSession( $handle, 'favorite' ); 454 $vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) ); 455 $vtp->setVar( $handle, 'favorite.title', $lang['add_favorites_hint'] ); 456 $vtp->setVar( $handle, 'favorite.src', 457 './template/'.$user['template'].'/theme/favorite.gif' ); 458 $vtp->setVar( $handle, 'favorite.alt','[ '.$lang['add_favorites_alt'].' ]' ); 459 $vtp->closeSession( $handle, 'favorite' ); 460 } 461 if ( $page['cat'] == 'fav' ) 462 { 463 $url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id']; 464 $url.= '&expand='.$_GET['expand'].'&add_fav=0'; 465 $vtp->addSession( $handle, 'favorite' ); 466 $vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) ); 467 $vtp->setVar( $handle, 'favorite.title', $lang['del_favorites_hint'] ); 468 $vtp->setVar( $handle, 'favorite.src', 469 './template/'.$user['template'].'/theme/del_favorite.gif' ); 470 $vtp->setVar( $handle, 'favorite.alt','[ '.$lang['del_favorites_alt'].' ]' ); 471 $vtp->closeSession( $handle, 'favorite' ); 492 if ( !$user['is_the_guest'] ) 493 { 494 // verify if the picture is already in the favorite of the user 495 $query = 'SELECT COUNT(*) AS nb_fav'; 496 $query.= ' FROM '.FAVORITES_TABLE.' WHERE image_id = '.$page['id']; 497 $query.= ' AND user_id = '.$user['id'].';'; 498 $result = mysql_query( $query ); 499 $row = mysql_fetch_array( $result ); 500 if (!$row['nb_fav']) 501 { 502 $url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id']; 503 if (isset($_GET['expand'])) 504 $url.= '&expand='.$_GET['expand']; 505 $url.='&add_fav=1'; 506 if ( $page['cat'] == 'search' ) 507 { 508 $url.= '&search='.$_GET['search'].'&mode='.$_GET['mode']; 509 } 510 $vtp->addSession( $handle, 'favorite' ); 511 $vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) ); 512 $vtp->setVar( $handle, 'favorite.title', $lang['add_favorites_hint'] ); 513 $vtp->setVar( $handle, 'favorite.src', 514 './template/'.$user['template'].'/theme/favorite.gif' ); 515 $vtp->setVar($handle,'favorite.alt','[ '.$lang['add_favorites_alt'].' ]'); 516 $vtp->closeSession( $handle, 'favorite' ); 517 } 518 else 519 { 520 $url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id']; 521 $url.= '&expand='.$_GET['expand'].'&add_fav=0'; 522 $vtp->addSession( $handle, 'favorite' ); 523 $vtp->setVar( $handle, 'favorite.link', add_session_id( $url ) ); 524 $vtp->setVar( $handle, 'favorite.title', $lang['del_favorites_hint'] ); 525 $vtp->setVar( $handle, 'favorite.src', 526 './template/'.$user['template'].'/theme/del_favorite.gif' ); 527 $vtp->setVar($handle,'favorite.alt','[ '.$lang['del_favorites_alt'].' ]'); 528 $vtp->closeSession( $handle, 'favorite' ); 529 } 472 530 } 473 531 //------------------------------------ admin link for information modifications … … 480 538 $vtp->setVar( $handle, 'modification.name', $lang['link_info_image'] ); 481 539 } 482 //---------------------------------------------- next picture thumbnail display 483 if ( $page['num'] < $page['cat_nb_images']-1 ) 484 { 485 $next = $page['num'] + 1; 486 $query = 'SELECT DISTINCT(id),name,file,tn_ext,storage_category_id'; 487 $query.= ' FROM '.PREFIX_TABLE.'images'; 488 $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category AS ic ON id=ic.image_id'; 489 $query.= $page['where']; 490 $query.= $conf['order_by']; 491 $query.= ' LIMIT '.$next.',1'; 492 $query.= ';'; 493 $result = mysql_query( $query ); 494 $row = mysql_fetch_array( $result ); 495 496 if ( $array_cat_directories[$row['storage_category_id']] == '' ) 497 { 498 $array_cat_directories[$row['storage_category_id']] = 499 get_complete_dir( $row['storage_category_id'] ); 500 } 501 $cat_directory = $array_cat_directories[$row['storage_category_id']]; 502 503 $file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") ); 504 $lien_thumbnail = $cat_directory.'thumbnail/'; 505 $lien_thumbnail.= $conf['prefix_thumbnail'].$file.".".$row['tn_ext']; 506 507 if ( $row['name'] != "" ) 508 { 509 $alt_thumbnail = $row['name']; 510 } 511 else 512 { 513 $alt_thumbnail = $file; 514 } 515 $next_title = $lang['next_image']." : ".$alt_thumbnail; 516 517 $url_link = './picture.php?image_id='.$row['id'].'&cat='.$page['cat']; 518 $url_link.= '&expand='.$_GET['expand']; 519 if ( $page['cat'] == 'search' ) 520 { 521 $url_link.= "&search=".$_GET['search'].'&mode='.$_GET['mode']; 522 } 540 541 if ( $next ) 542 { 523 543 // sending vars for display 524 544 $vtp->addSession( $handle, 'next' ); 525 $vtp->setGlobalVar( $handle, 'next.url', add_session_id( $ url_link ) );545 $vtp->setGlobalVar( $handle, 'next.url', add_session_id( $next_url_link ) ); 526 546 $vtp->setGlobalVar( $handle, 'next.title', $next_title ); 527 $vtp->setGlobalVar( $handle, 'next.src', $ lien_thumbnail );528 $vtp->setGlobalVar( $handle, 'next.alt', $ alt_thumbnail );547 $vtp->setGlobalVar( $handle, 'next.src', $next_lien_thumbnail ); 548 $vtp->setGlobalVar( $handle, 'next.alt', $next_alt_thumbnail ); 529 549 $vtp->closeSession( $handle, 'next' ); 530 // slideshow 531 if ( isset( $_GET['slideshow'] ) ) 532 { 533 $vtp->addSession( $handle, 'refresh' ); 534 $vtp->setVar( $handle, 'refresh.time', $_GET['slideshow'] ); 535 $url = $url_link.'&slideshow='.$_GET['slideshow']; 536 $vtp->setVar( $handle, 'refresh.url', add_session_id( $url ) ); 537 $vtp->closeSession( $handle, 'refresh' ); 538 } 539 } 540 else 541 { 542 $vtp->addSession( $handle, 'previous_empty' ); 543 $vtp->closeSession( $handle, 'previous_empty' ); 550 } 551 else 552 { 553 $vtp->addSession( $handle, 'next_empty' ); 554 $vtp->closeSession( $handle, 'next_empty' ); 544 555 } 545 556 //---------------------------------------------------- users's comments display … … 577 588 // anti-flood system 578 589 $reference_date = time() - $conf['anti-flood_time']; 579 $query = 'SELECT id'; 580 $query.= ' FROM '.PREFIX_TABLE.'comments'; 590 $query = 'SELECT id FROM '.COMMENTS_TABLE; 581 591 $query.= ' WHERE date > '.$reference_date; 582 592 $query.= " AND author = '".$author."'"; … … 585 595 or $conf['anti-flood_time'] == 0 ) 586 596 { 587 $query = 'INSERT INTO '. PREFIX_TABLE.'comments';597 $query = 'INSERT INTO '.COMMENTS_TABLE; 588 598 $query.= ' (author,date,image_id,content,validated) VALUES'; 589 599 $query.= ' ('; … … 632 642 and $user['status'] == 'admin' ) 633 643 { 634 $query = 'DELETE FROM '.PREFIX_TABLE.'comments'; 635 $query.= ' WHERE id = '.$_GET['del'].';'; 644 $query = 'DELETE FROM '.COMMENTS_TABLE.' WHERE id = '.$_GET['del'].';'; 636 645 mysql_query( $query ); 637 646 } 638 647 // number of comment for this picture 639 648 $query = 'SELECT COUNT(*) AS nb_comments'; 640 $query.= ' FROM '.PREFIX_TABLE.'comments'; 641 $query.= ' WHERE image_id = '.$page['id']; 649 $query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$page['id']; 642 650 $query.= " AND validated = 'true'"; 643 651 $query.= ';'; … … 646 654 // navigation bar creation 647 655 $url = './picture.php?cat='.$page['cat'].'&image_id='.$page['id']; 648 $url.= '&expand='.$_GET['expand']; 656 if (isset($_GET['expand'])) 657 $url.= '&expand='.$_GET['expand']; 649 658 if ( $page['cat'] == 'search' ) 650 659 { … … 670 679 671 680 $query = 'SELECT id,author,date,image_id,content'; 672 $query.= ' FROM '.PREFIX_TABLE.'comments'; 673 $query.= ' WHERE image_id = '.$page['id']; 681 $query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$page['id']; 674 682 $query.= " AND validated = 'true'"; 675 683 $query.= ' ORDER BY date ASC'; … … 724 732 { 725 733 $vtp->addSession( $handle, 'author_known' ); 726 $vtp->setVar( $handle, 'author_known.value', $user['pseudo'] ); 734 if (isset($user['pseudo'])) 735 $vtp->setVar( $handle, 'author_known.value', $user['pseudo'] ); 727 736 $vtp->closeSession( $handle, 'author_known' ); 728 737 } … … 742 751 $code = $vtp->Display( $handle, 0 ); 743 752 echo $code; 753 754 include('include/page_tail.php'); 744 755 ?> -
trunk/profile.php
r60 r345 18 18 ***************************************************************************/ 19 19 // customize appearance of the site for a user 20 //----------------------------------------------------------- personnal include 21 include_once( './include/init.inc.php' ); 20 //----------------------------------------------------------- include 21 $phpwg_root_path = './'; 22 include_once( $phpwg_root_path.'common.php' ); 22 23 //-------------------------------------------------- access authorization check 23 24 check_login_authorization(); … … 28 29 exit(); 29 30 } 30 //-------------------------------------------------------------- initialization31 check_cat_id( $_GET['cat'] );32 31 //------------------------------------------------------ update & customization 33 32 $infos = array( 'nb_image_line', 'nb_line_page', 'language', … … 70 69 } 71 70 $mail_error = validate_mail_address( $_POST['mail_address'] ); 72 if ( $mail_error != '' ) 73 { 74 array_push( $errors, $mail_error ); 75 } 76 if ( $_POST['use_new_pwd'] == 1 ) 77 { 78 // password must be the same as its confirmation 79 if ( $_POST['password'] != $_POST['passwordConf'] ) 80 { 81 array_push( $errors, $lang['reg_err_pass'] ); 82 } 83 } 84 71 if ( $mail_error != '' ) array_push( $errors, $mail_error ); 72 // password must be the same as its confirmation 73 if ( isset( $_POST['use_new_pwd'] ) 74 and $_POST['password'] != $_POST['passwordConf'] ) 75 array_push( $errors, $lang['reg_err_pass'] ); 76 85 77 if ( count( $errors ) == 0 ) 86 78 { … … 98 90 mysql_query( $query ); 99 91 100 if ( $_POST['use_new_pwd'] == 1)92 if ( isset( $_POST['use_new_pwd'] ) ) 101 93 { 102 94 $query = 'UPDATE '.PREFIX_TABLE.'users'; … … 106 98 mysql_query( $query ); 107 99 } 108 if ( $_POST['create_cookie'] == 1)100 if ( isset( $_POST['create_cookie'] ) ) 109 101 { 110 102 setcookie( 'id',$page['session_id'],$_POST['cookie_expiration'], … … 118 110 } 119 111 // redirection 120 $url = 'category.php?cat='.$page['cat'].'&expand='.$_GET['expand']; 121 if ( $page['cat'] == 'search' ) 122 { 123 $url.= '&search='.$_GET['search'].'&mode='.$_GET['mode']; 124 } 125 if ( $_POST['create_cookie'] != 1 ) $url = add_session_id( $url, true ); 112 $url = 'category.php'; 113 if ( !isset($_POST['create_cookie']) ) $url = add_session_id( $url,true ); 126 114 header( 'Request-URI: '.$url ); 127 115 header( 'Content-Location: '.$url ); … … 131 119 } 132 120 //----------------------------------------------------- template initialization 133 $vtp = new VTemplate; 121 // 122 // Start output of page 123 // 124 $title = $lang['customize_page_title']; 125 include('include/page_header.php'); 126 134 127 $handle = $vtp->Open( './template/'.$user['template'].'/profile.vtp' ); 135 128 initialize_template(); 136 $tpl = array( 'customize_ page_title','customize_title','password','new',129 $tpl = array( 'customize_title','password','new', 137 130 'reg_confirm','submit','create_cookie' ); 138 131 templatize_array( $tpl, 'lang', $handle ); 139 132 //----------------------------------------------------------------- form action 140 $url = './profile.php?cat='.$page['cat'].'&expand='.$page['expand']; 141 if ( $page['cat'] == 'search' ) 142 { 143 $url.= '&search='.$_GET['search'].'&mode='.$_GET['mode']; 144 } 133 $url = './profile.php'; 145 134 $vtp->setGlobalVar( $handle, 'form_action', add_session_id( $url ) ); 146 135 //-------------------------------------------------------------- errors display … … 202 191 $vtp->addSession( $handle, 'select' ); 203 192 $vtp->setVar( $handle, 'select.name', 'template' ); 204 $option = get_dirs( './template /' );193 $option = get_dirs( './template' ); 205 194 for ( $i = 0; $i < sizeof( $option ); $i++ ) 206 195 { … … 379 368 $code = $vtp->Display( $handle, 0 ); 380 369 echo $code; 370 include('include/page_tail.php'); 381 371 ?> -
trunk/register.php
r105 r345 18 18 ***************************************************************************/ 19 19 20 //----------------------------------------------------------- personnal include 21 include_once( './include/init.inc.php' ); 20 //----------------------------------------------------------- include 21 $phpwg_root_path = './'; 22 include_once( $phpwg_root_path.'common.php' ); 22 23 //-------------------------------------------------- access authorization check 23 24 if ( $conf['access'] == "restricted" ) … … 43 44 } 44 45 //----------------------------------------------------- template initialization 45 $vtp = new VTemplate; 46 // 47 // Start output of page 48 // 49 $title= $lang['register_page_title']; 50 include('include/page_header.php'); 51 46 52 $handle = $vtp->Open( './template/'.$user['template'].'/register.vtp' ); 47 53 // language 48 $vtp->setGlobalVar( $handle, 'register_page_title',49 $lang['register_page_title'] );50 54 $vtp->setGlobalVar( $handle, 'register_title', $lang['register_title'] ); 51 55 $vtp->setGlobalVar( $handle, 'ident_guest_visit',$lang['ident_guest_visit'] ); … … 71 75 $vtp->addSession( $handle, 'text' ); 72 76 $vtp->setVar( $handle, 'text.name', 'login' ); 73 $vtp->setVar( $handle, 'text.value', $_POST['login'] ); 77 if (isset( $_POST['login'])) 78 $vtp->setVar( $handle, 'text.value', $_POST['login'] ); 74 79 $vtp->closeSession( $handle, 'text' ); 75 80 $vtp->closeSession( $handle, 'line' ); … … 95 100 $vtp->addSession( $handle, 'text' ); 96 101 $vtp->setVar( $handle, 'text.name', 'mail_address' ); 97 $vtp->setVar( $handle, 'text.value', $_POST['mail_address'] ); 102 if (isset( $_POST['mail_address'])) 103 $vtp->setVar( $handle, 'text.value', $_POST['mail_address'] ); 98 104 $vtp->closeSession( $handle, 'text' ); 99 105 $vtp->closeSession( $handle, 'line' ); … … 101 107 $code = $vtp->Display( $handle, 0 ); 102 108 echo $code; 109 include('include/page_tail.php'); 103 110 ?> -
trunk/search.php
r57 r345 18 18 ***************************************************************************/ 19 19 20 //----------------------------------------------------------- personnal include 21 include_once( './include/init.inc.php' ); 20 //----------------------------------------------------------- include 21 $phpwg_root_path = './'; 22 include_once( $phpwg_root_path.'common.php' ); 22 23 //-------------------------------------------------- access authorization check 23 24 check_login_authorization(); … … 54 55 } 55 56 //----------------------------------------------------- template initialization 56 $vtp = new VTemplate; 57 // 58 // Start output of page 59 // 60 $title= $lang['search_title']; 61 include('include/page_header.php'); 62 57 63 $handle = $vtp->Open( './template/'.$user['template'].'/search.vtp' ); 58 64 initialize_template(); 59 60 65 $tpl = array( 'search_title','search_return_main_page','submit', 61 66 'search_comments' ); … … 82 87 $vtp->setVar( $handle, 'text.size', '40' ); 83 88 $vtp->setVar( $handle, 'text.name', 'search' ); 89 if (isset($_POST['search'])) 84 90 $vtp->setVar( $handle, 'text.value', $_POST['search'] ); 85 91 $vtp->closeSession( $handle, 'text' ); … … 93 99 $vtp->setVar( $handle, 'radio.value', 'OR' ); 94 100 $vtp->setVar( $handle, 'radio.option', $lang['search_mode_or'] ); 95 if ( $_POST['mode'] == 'OR' or $_POST['mode'] == '' )101 if (!isset($_POST['mode']) || $_POST['mode'] == 'OR' ) 96 102 { 97 103 $vtp->setVar( $handle, 'radio.checked', ' checked="checked"' ); … … 103 109 $vtp->setVar( $handle, 'radio.value', 'AND' ); 104 110 $vtp->setVar( $handle, 'radio.option', $lang['search_mode_and'] ); 105 if ( $_POST['mode'] == 'AND' )111 if ( isset($_POST['mode']) && $_POST['mode'] == 'AND' ) 106 112 { 107 113 $vtp->setVar( $handle, 'radio.checked', ' checked="checked"' ); … … 117 123 echo $code; 118 124 //------------------------------------------------------------ log informations 119 pwg_log( 'search', $ page['title']);125 pwg_log( 'search', $title ); 120 126 mysql_close(); 127 include('include/page_tail.php'); 121 128 ?> -
trunk/template/default/about.vtp
r28 r345 1 <html>2 <head>3 {#style}4 <title>{#about_page_title}</title>5 <meta http-equiv="Content-Type" content="text/html; charset={#charset}" />6 </head>7 <body>8 {#header}9 1 <table style="width:100%;height:100%"> 10 2 <tr align="center" valign="middle"> … … 28 20 </tr> 29 21 </table> 30 {#footer}31 </body>32 </html> -
trunk/template/default/admin/cat_list.vtp
r227 r345 9 9 </div> 10 10 <!--/VTP_errors--> 11 <table style="width:100%;"> 12 <tr> 13 <td colspan="8" style="text-align:center;padding-top:10px;padding-bottom:10px;"> 11 <div style="text-align:center;padding-top:10px;padding-bottom:5px;"> 14 12 <form action="" method="post"> 15 13 {#cat_add} <input type="text" name="virtual_name" /> 16 14 {#cat_parent} 15 <!--VTP_associate_LOV--> 17 16 <select name="associate"> 18 17 <!--VTP_associate_cat--> … … 20 19 <!--/VTP_associate_cat--> 21 20 </select> 21 <!--/VTP_associate_LOV--> 22 <!--VTP_associate_text--> 23 <input type="text" name="associate" /> 24 <!--/VTP_associate_text--> 22 25 <input type="submit" value="{#submit}" name="submit" /> 23 26 </form> 24 </td>25 < /tr>27 </div> 28 <table style="width:100%;"> 26 29 <!--VTP_cat--> 27 30 <tr> 28 31 <{#td} style="width:50%;text-align:left;"> 29 32 <a name="{#id}"></a> 30 {#indent}<img src="./template/{#user_template}/admin/images/puce.gif" alt=">" /> 33 {#indent} 34 <!--VTP_bullet_collapsed--><a href="{#link}"><img src="../template/{#user_template}/admin/images/collapsed.gif" style="border:none;" alt=">" /></a><!--/VTP_bullet_collapsed--> 35 <!--VTP_bullet_expanded--><a href="{#link}"><img src="../template/{#user_template}/admin/images/expanded.gif" style="border:none;" alt=">" /></a><!--/VTP_bullet_expanded--> 36 <!--VTP_bullet_wo_link--><img src="../template/{#user_template}/admin/images/collapsed.gif" style="border:none;" alt=">" /><!--/VTP_bullet_wo_link--> 31 37 {#name} [ 32 38 <!--VTP_storage--> -
trunk/template/default/admin/cat_modify.vtp
r68 r345 65 65 <td>{#cat_parent}</td> 66 66 <td class="row2"> 67 <!--VTP_associate_LOV--> 67 68 <select name="associate"> 68 69 <!--VTP_associate_cat--> 69 <option value="{#value}" {#selected}>{#content}</option>70 <option value="{#value}">{#content}</option> 70 71 <!--/VTP_associate_cat--> 71 72 </select> 73 <!--/VTP_associate_LOV--> 74 <!--VTP_associate_text--> 75 <input type="text" name="associate" value="{#value}" /> 76 <!--/VTP_associate_text--> 72 77 </td> 73 78 </tr> -
trunk/template/default/admin/comments.vtp
r227 r345 25 25 <!--/VTP_start_form--> 26 26 <!--VTP_picture--> 27 <div style="border:2px solid #D3DCE3;margin: 2px;">27 <div style="border:2px solid #D3DCE3;margin:3px;"> 28 28 <table style="width:100%;"> 29 29 <tr> -
trunk/template/default/admin/configuration.vtp
r61 r345 48 48 <!--VTP_title_line--> 49 49 <tr> 50 <th colspan="3" align="center">{#title}</th>50 <th colspan="3">{#title}</th> 51 51 </tr> 52 52 <!--/VTP_title_line--> -
trunk/template/default/admin/infos_image.vtp
r227 r345 1 <!--VTP_errors--> 2 <div class="errors"> 3 <div class="errors_title">{#errors_title}</div> 4 <ul> 5 <!--VTP_li--> 6 <li>{#content}</li> 7 <!--/VTP_li--> 8 </ul> 9 </div> 10 <!--/VTP_errors--> 1 11 <form method="post" action="{#form_action}"> 2 12 <table width="100%"> … … 76 86 <img src="./template/{#user_template}/admin/images/arrow_select.gif" alt="<" /> 77 87 {#infoimage_associate} 88 <!--VTP_associate_LOV--> 78 89 <select name="associate"> 79 90 <!--VTP_associate_cat--> … … 81 92 <!--/VTP_associate_cat--> 82 93 </select> 83 </td> 84 </tr> 94 <!--/VTP_associate_LOV--> 95 <!--VTP_associate_text--> 96 <input type="text" name="associate" /> 97 <!--/VTP_associate_text--> 98 </td> 99 </tr> 85 100 <tr> 86 101 <td colspan="6" style="text-align:center;"> -
trunk/template/default/admin/picture_modify.vtp
r227 r345 77 77 <tr> 78 78 <td>{#infoimage_associate} 79 <!--VTP_associate_LOV--> 79 80 <select name="associate"> 80 81 <!--VTP_associate_cat--> 81 82 <option value="{#value}">{#content}</option> 82 83 <!--/VTP_associate_cat--> 84 </select> 85 <!--/VTP_associate_LOV--> 86 <!--VTP_associate_text--> 87 <input type="text" name="associate" /> 88 <!--/VTP_associate_text--> 83 89 </select> 84 90 </td> -
trunk/template/default/admin/stats.vtp
r227 r345 1 <style>2 .commentsAuthor,.commentsTitle,.commentsInfos,.commentsContent,.commentsNavigationBar {3 color:{#text_color};4 font-family:arial,sans-Serif;5 font-size:12px;6 }7 .commentsTitle,.commentsAuthor {8 text-align:center;9 font-weight:bold;10 }11 .commentsInfos {12 text-align:right;13 margin:3px 3px 3px 10px;14 font-size:11px;15 }16 .commentsContent {17 margin:10px;18 }19 .commentsTitle {20 margin-top:15px;21 }22 .commentsAuthor {23 margin:5px;24 }25 .commentsNavigationBar {26 margin:10px;27 }28 .tableComment {29 width:100%;30 border:2px solid #006699;31 margin:10px;32 }33 .cellAuthor {34 border-right:1px solid #006699;35 width:100px;36 }37 .cellInfo {38 border-bottom:1px solid #006699;39 }40 .imgLink {41 border:1px solid black;42 }43 </style>44 1 <div style="text-align:center;margin-top:5px;"> 45 2 <!--VTP_last_day_option--> -
trunk/template/default/category.vtp
r128 r345 1 <html>2 <head>3 <meta http-equiv="Content-Type" content="text/html; charset={#charset}" />4 {#style}5 <title>{#title}</title>6 </head>7 <body>8 {#header}9 1 <table style="width:100%;"> 10 2 <tr> 11 3 <td valign="top" style="width:1%;padding:10px;"> 12 4 {#frame_start}100%{#frame_begin} 13 <div class="titreMenu">{#categories}</div> 5 <div class="titreMenu"> 6 <a href="{#home_url}">{#categories}</a> 7 </div> 14 8 <div class="menu"> 15 9 <!--VTP_category-->{#indent}<!--VTP_bullet_w_link--><a href="{#bullet_link}"><img src="{#bullet_url}" style="border:none;" alt=">" /></a><!--/VTP_bullet_w_link--><!--VTP_bullet_wo_link--><img src="{#bullet_url}" style="border:none;" alt=">" /><!--/VTP_bullet_wo_link--> <a href="{#link_url}"><span title="{#hint_category}" style="{#name_style}">{#link_name}</span> <span class="menuInfoCat">[ <!--VTP_subcat--><span title="{#nb_subcats} {#sub-cat}">{#nb_subcats}</span> - <!--/VTP_subcat--><span title="{#total_cat} {#images_available}">{#total_cat}</span> ]</span></a>{#cat_icon}<br /> … … 17 11 <div class="totalImages">[ {#nb_total_pictures} {#total} ]</div> 18 12 <!--VTP_favorites--> 19 <br /> <img src="{#lien_collapsed}" al =">" /> <a href="{#url}"><span title="{#favorite_cat_hint}" style="font-weight:bold;">{#favorite_cat}</span></a> <span class="menuInfoCat">[ {#nb_favorites} ]</span>13 <br /> <img src="{#lien_collapsed}" alt=">" /> <a href="{#url}"><span title="{#favorite_cat_hint}" style="font-weight:bold;">{#favorite_cat}</span></a> <span class="menuInfoCat">[ {#nb_favorites} ]</span> 20 14 <!--/VTP_favorites--> 21 <br /> <img src="{#lien_collapsed}" al =">" /> <span style="font-weight:bold;">{#stats}</span></a>22 <br /> <img src="{#lien_collapsed}" al =">" /> <a href="{#most_visited_url}"><span title="{#most_visited_cat_hint}" style="font-weight:bold;">{#top_number} {#most_visited_cat}</span></a>23 <br /> <img src="{#lien_collapsed}" al =">" /> <a href="{#recent_url}"><span title="{#recent_cat_hint}" style="font-weight:bold;">{#recent_cat}</span></a> {#icon_short}15 <br /> <img src="{#lien_collapsed}" alt=">" /> <span style="font-weight:bold;">{#stats}</span> 16 <br /> <img src="{#lien_collapsed}" alt=">" /> <a href="{#most_visited_url}"><span title="{#most_visited_cat_hint}" style="font-weight:bold;">{#top_number} {#most_visited_cat}</span></a> 17 <br /> <img src="{#lien_collapsed}" alt=">" /> <a href="{#recent_url}"><span title="{#recent_cat_hint}" style="font-weight:bold;">{#recent_cat}</span></a> {#icon_short} 24 18 </div> 25 19 {#frame_end} … … 32 26 <!--/VTP_summary--> 33 27 <!--VTP_upload--> 34 <br /> <img src="{#lien_collapsed}" alt=">"/> <a href="{#url}" class="back">{#upload_picture}</a>28 <br /> <img src="{#lien_collapsed}" alt=">"/> <a href="{#url}">{#upload_picture}</a> 35 29 <!--/VTP_upload--> 36 30 </div> … … 55 49 alt="{#alt}" 56 50 title="{#title}" 57 class="imgLink"/>< br />58 {#name}59 < /a>51 class="imgLink"/></a> 52 <br /> 53 <a href="{#url}" class="back">{#name}</a> 60 54 {#icon} 61 55 <!--VTP_nb_comments--> … … 103 97 </tr> 104 98 </table> 105 <div class="copyright">{#generation_time} {#time}</div>106 <!-- Please, do not remove this copyright. If you really want to,107 contact me pierrick@z0rglub.com to find a solution on how108 to show the origin of the script...-->109 <div class="copyright">Powered by <a href="{#site_url}" class="back">PhpWebGallery</a> {#version}</div>110 {#footer}111 </body>112 </html> -
trunk/template/default/comments.vtp
r166 r345 1 <html>2 <head>3 {#style}4 <title>{#title_comments}</title>5 <meta http-equiv="Content-Type" content="text/html; {#charset}">6 <!-- Specific style to comments.php-->7 <style type="text/css">8 .commentsAuthor,.commentsTitle,.commentsInfos,.commentsContent,.commentsNavigationBar {9 color:{#text_color};10 font-family:arial,sans-Serif;11 font-size:12px;12 }13 .commentsTitle,.commentsAuthor {14 text-align:center;15 font-weight:bold;16 }17 .commentsInfos {18 margin:3px 3px 3px 10px;19 font-size:11px;20 text-align:right;21 }22 .commentsContent {23 margin:10px;24 }25 .commentsTitle {26 margin-top:15px;27 }28 .commentsAuthor {29 margin:5px;30 }31 .commentsNavigationBar {32 margin:10px;33 }34 .tableComment {35 width:100%;36 border:2px solid {#text_color};37 margin:10px;38 }39 .cellAuthor {40 border-right:1px solid {#text_color};41 width:100px;42 }43 .cellInfo {44 border-bottom:1px solid {#text_color};45 }46 </style>47 </head>48 <body>49 {#header}50 1 <table style="width:100%;"> 51 2 <tr align="center" valign="middle"> … … 73 24 <table style="width:100%;"> 74 25 <tr> 75 <td valign="top" width="1px">26 <td valign="top" style="width:15%;"> 76 27 <!-- the thumbnail of the picture, linked to the full size page --> 77 28 <a href="{#thumb_url}" title="{#thumb_title}"> … … 79 30 </a> 80 31 </td> 81 <td style="padding: 2px;">82 <div style="font-weight:bold;padding-left:10px; ">{#title}</div>32 <td style="padding:10px;width:85%;"> 33 <div style="font-weight:bold;padding-left:10px;text-align:left;">{#title}</div> 83 34 <!--VTP_comment--> 84 <table style="width:100%;">85 <tr>86 <td>87 35 <table class="tableComment"> 88 36 <tr> … … 102 50 </tr> 103 51 </table> 104 </td>105 </tr>106 </table>107 52 <!--/VTP_comment--> 108 53 </td> … … 115 60 </tr> 116 61 </table> 117 {#footer}118 </body>119 </html> -
trunk/template/default/htmlfunctions.inc.php
r57 r345 18 18 ***************************************************************************/ 19 19 20 include( PREFIX_INCLUDE.'./template/'.$user['template'].'/theme/conf.php' );20 //include( PREFIX_INCLUDE.'./template/'.$user['template'].'/theme/conf.php' ); 21 21 $user['lien_expanded']='./template/'.$user['template'].'/theme/expanded.gif'; 22 22 $user['lien_collapsed']='./template/'.$user['template'].'/theme/collapsed.gif'; 23 include_once( PREFIX_INCLUDE.'./template/'.$user['template'].'/style.inc.php');23 //include_once( PREFIX_INCLUDE.'./template/'.$user['template'].'/style.inc.php'); 24 24 25 25 function get_icon( $date_comparaison ) … … 161 161 global $vtp, $handle, $user, $lang; 162 162 163 $vtp->setGlobalVar( $handle, 'charset', $lang['charset'] );164 $vtp->setGlobalVar( $handle, 'style', $user['style'] );163 // $vtp->setGlobalVar( $handle, 'charset', $lang['charset'] ); 164 //$vtp->setGlobalVar( $handle, 'style', $user['style'] ); 165 165 $vtp->setGlobalVar( $handle, 'frame_start', get_frame_start() ); 166 166 $vtp->setGlobalVar( $handle, 'frame_begin', get_frame_begin() ); 167 167 $vtp->setGlobalVar( $handle, 'frame_end', get_frame_end() ); 168 169 './template/'.$user['template'].'/header.htm' );170 $vtp->setVarF( $handle, 'footer',171 './template/'.$user['template'].'/footer.htm' );168 //$vtp->setVarF( $handle, 'header', 169 // './template/'.$user['template'].'/header.htm' ); 170 //$vtp->setVarF( $handle, 'footer', 171 // './template/'.$user['template'].'/footer.htm' ); 172 172 } 173 173 … … 178 178 $vtp->addSession( $handle, 'category' ); 179 179 $vtp->setVar( $handle, 'category.indent', $indent ); 180 181 if ( $user['expand'] or count( $category['subcats'] ) == 0 ) 180 if ( $user['expand'] or $category['nb_sub_categories'] == 0 ) 182 181 { 183 182 $vtp->addSession( $handle, 'bullet_wo_link' ); … … 189 188 { 190 189 $vtp->addSession( $handle, 'bullet_w_link' ); 191 $url = './category.php?cat='.$page['cat']; 190 $url = './category.php'; 191 if (isset($page['cat'])) 192 { 193 $url .='?cat='.$page['cat']; 192 194 $url.= '&expand='.$category['expand_string']; 193 if ( $page['cat'] == 'search' ) 194 { 195 $url.= '&search='.$_GET['search'].'&mode='.$_GET['mode']; 196 } 195 } 196 else if ($category['expand_string']<>'') 197 { 198 $url.= '?expand='.$category['expand_string']; 199 } 197 200 $vtp->setVar( $handle, 'bullet_w_link.bullet_link', add_session_id($url) ); 198 201 if ( $category['expanded'] ) … … 221 224 $vtp->setVar( $handle, 'category.name_style', 'font-weight:bold;' ); 222 225 } 223 if ( count( $category['subcats'] )> 0 )226 if ( $category['nb_sub_categories'] > 0 ) 224 227 { 225 228 $vtp->addSession( $handle, 'subcat' ); 226 $vtp->setVar( $handle, 'subcat.nb_subcats', count($category['subcats']));229 $vtp->setVar( $handle,'subcat.nb_subcats',$category['nb_sub_categories'] ); 227 230 $vtp->closeSession( $handle, 'subcat' ); 228 231 } -
trunk/template/default/identification.vtp
r25 r345 1 <html>2 <head>3 {#style}4 <title>{#ident_page_title}</title>5 <meta http-equiv="Content-Type" content="text/html; charset={#charset}" />6 </head>7 <body>8 {#header}9 1 <table style="width:100%;height:100%"> 10 2 <tr align="center" valign="middle"> … … 74 66 </tr> 75 67 </table> 76 {#footer}77 </body>78 </html> -
trunk/template/default/picture.vtp
r50 r345 1 <html>2 <head>3 <!--VTP_refresh-->4 <meta http-equiv="refresh" content="{#time};url={#url}">5 <!--/VTP_refresh-->6 <meta http-equiv="Content-Type" content="text/html;charset={#charset}">7 {#style}8 <!-- Specific style to picture.php-->9 <style type="text/css">10 .commentsAuthor,.commentsTitle,.commentsInfos,.commentsContent,.commentsNavigationBar {11 color:{#text_color};12 font-family:arial,sans-Serif;13 font-size:12px;14 }15 .commentsTitle,.commentsAuthor {16 text-align:center;17 font-weight:bold;18 }19 .commentsInfos {20 margin:3px 3px 3px 10px;21 font-size:11px;22 }23 .commentsContent {24 margin:10px;25 }26 .commentsTitle {27 margin-top:15px;28 }29 .commentsAuthor {30 margin:5px;31 }32 .commentsNavigationBar {33 margin:10px;34 }35 .tableComment {36 width:90%;37 border:2px solid {#text_color};38 margin:10px;39 }40 .cellAuthor {41 border-right:1px solid {#text_color};42 width:100px;43 }44 .cellInfo {45 border-bottom:1px solid {#text_color};46 }47 </style>48 <title>{#page_title}</title>49 </head>50 <body>51 {#header}52 1 <!--VTP_information--> 53 2 <div class="information">{#content}</div> … … 86 35 {#frame_start}1%{#frame_begin} 87 36 <a href="{#picture_link}"> 88 <img style="margin:10px;width:{#picture_width}px;height:{#picture_height}px;border:1px solid {#picture_border_color}" src="{#picture_src}" alt="{#picture_alt}"/>37 <img class="imgLink" style="margin:10px;width:{#picture_width}px;height:{#picture_height}px;border:1px solid" src="{#picture_src}" alt="{#picture_alt}"/> 89 38 </a> 90 39 <div class="commentImage">{#picture_comment}</div> … … 186 135 <!--/VTP_comments--> 187 136 </table> 188 {#footer}189 </body>190 </html> -
trunk/template/default/profile.vtp
r45 r345 1 <html>2 <head>3 {#style}4 <title>{#customize_page_title}</title>5 <meta http-equiv="Content-Type" content="text/html; {#charset}">6 </head>7 <body>8 {#header}9 1 <table style="width:100%;height:100%"> 10 2 <tr align="center" valign="middle"> … … 98 90 </tr> 99 91 </table> 100 {#footer}101 </body>102 </html> -
trunk/template/default/register.vtp
r107 r345 1 <html>2 <head>3 {#style}4 <title>{#register_page_title}</title>5 <meta http-equiv="Content-Type" content="text/html; charset={#charset}">6 </head>7 <body>8 {#header}9 1 <table style="width:100%;height:100%"> 10 2 <tr align="center" valign="middle"> … … 70 62 </tr> 71 63 </table> 72 {#footer}73 </body>74 </html> -
trunk/template/default/search.vtp
r107 r345 1 <html>2 <head>3 {#style}4 <title>{#search_title}</title>5 <meta http-equiv="Content-Type" content="text/html; charset={#charset}">6 </head>7 <body>8 {#header}9 1 <table style="width:100%;height:100%"> 10 2 <tr align="center" valign="middle"> … … 80 72 </tr> 81 73 </table> 82 {#footer}83 </body>84 </html> -
trunk/template/default/upload.vtp
r122 r345 1 <html>2 <head>3 {#style}4 <title>{#upload_title}</title>5 <meta http-equiv="Content-Type" content="text/html; charset={#charset}">6 </head>7 <body>8 {#header}9 1 <table style="width:100%;height:100%"> 10 2 <tr align="center" valign="middle"> … … 111 103 </tr> 112 104 </table> 113 {#footer}114 </body>115 </html> -
trunk/upload.php
r150 r345 17 17 * * 18 18 ***************************************************************************/ 19 20 //----------------------------------------------------------- include 21 $phpwg_root_path = './'; 22 include_once( $phpwg_root_path.'common.php' ); 19 23 20 24 //------------------------------------------------------------------- functions … … 95 99 @unlink( $temp_name ); 96 100 } 101 else 102 { 103 @chmod( $temp_name, 0644); 104 } 97 105 return $result; 98 106 } 99 //----------------------------------------------------------- personnal include 100 include_once( './include/init.inc.php' ); 107 101 108 //-------------------------------------------------- access authorization check 102 109 check_login_authorization(); … … 110 117 $page['cat_name'] = $result['name']; 111 118 $page['cat_uploadable'] = $result['uploadable']; 112 } 113 else 114 { 115 $access_forbidden = true; 116 } 117 if ( $access_forbidden == true 118 or $page['cat_site_id'] != 1 119 if ( $page['cat_site_id'] != 1 119 120 or !$conf['upload_available'] 120 121 or !$page['cat_uploadable'] ) … … 125 126 exit(); 126 127 } 128 } 127 129 //----------------------------------------------------- template initialization 128 $vtp = new VTemplate; 130 // 131 // Start output of page 132 // 133 $title= $lang['upload_title']; 134 include('include/page_header.php'); 129 135 $handle = $vtp->Open( './template/'.$user['template'].'/upload.vtp' ); 130 136 initialize_template(); … … 165 171 array_push( $error, $lang['upload_err_username'] ); 166 172 } 167 173 174 $date_creation = ''; 168 175 if ( $_POST['date_creation'] != '' ) 169 176 { … … 190 197 $xml_infos.= ' name="'.htmlspecialchars( $_POST['name'], ENT_QUOTES).'"'; 191 198 $xml_infos.= ' />'; 199 200 if ( !preg_match( '/^[a-zA-Z0-9-_.]+$/', $_FILES['picture']['name'] ) ) 201 { 202 // reload language file with administration labels 203 $isadmin = true; 204 include( './language/'.$user['language'].'.php' ); 205 array_push( $error, $lang['update_wrong_dirname'] ); 206 } 192 207 193 208 if ( sizeof( $error ) == 0 ) … … 196 211 $conf['upload_maxwidth'], 197 212 $conf['upload_maxheight'] ); 198 $upload_type = $result['type'];199 213 for ( $j = 0; $j < sizeof( $result['error'] ); $j++ ) 200 214 { … … 238 252 $conf['upload_maxwidth_thumbnail'], 239 253 $conf['upload_maxheight_thumbnail'] ); 240 $upload_type = $result['type'];241 254 for ( $j = 0; $j < sizeof( $result['error'] ); $j++ ) 242 255 { … … 348 361 $vtp->setGlobalVar( $handle, 'user_mail_address',$user['mail_address'] ); 349 362 // name of the picture 363 if (isset($_POST['name'])) 350 364 $vtp->setVar( $handle, 'fields.name', $_POST['name'] ); 351 365 // author 366 if (isset($_POST['author'])) 352 367 $vtp->setVar( $handle, 'fields.author', $_POST['author'] ); 353 368 // date of creation 369 if (isset($_POST['date_creation'])) 354 370 $vtp->setVar( $handle, 'fields.date_creation', $_POST['date_creation'] ); 355 371 // comment 372 if (isset($_POST['comment'])) 356 373 $vtp->setVar( $handle, 'fields.comment', $_POST['comment'] ); 357 374 … … 374 391 $code = $vtp->Display( $handle, 0 ); 375 392 echo $code; 393 include('include/page_tail.php'); 376 394 ?>
Note: See TracChangeset
for help on using the changeset viewer.