archive/piwigo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

*** empty log message ***

Browse source 
git-svn-id: http://piwigo.org/svn/trunk@10 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
z0rglub 2003-05-17 10:49:14 +00:00
commit 8b044b0111
21 changed files with 1098 additions and 507 deletions
Download patch file Download diff file Expand all files Collapse all files

6
admin/admin.php
View file

@ -35,7 +35,7 @@ switch ( $_GET['page'] )
$titre = $lang['title_modify']; $page_valide = true; break;
case 'historique':
$titre = $lang['title_history']; $page_valide = true; break;
case 'miseajour':
case 'update':
$titre = $lang['title_update']; $page_valide = true; break;
case 'configuration':
$titre = $lang['title_configuration']; $page_valide = true; break;
@ -115,7 +115,7 @@ $vtp->addSession( $handle, 'summary' );
$vtp->setVar( $handle, 'summary.indent', '' );
$vtp->setVar( $handle, 'summary.link',
add_session_id( $link_start.'waiting' ) );
$query = 'select id from '.$prefixeTable.'waiting;';
$query = 'select id from '.PREFIX_TABLE.'waiting;';
$result = mysql_query( $query );
$nb_waiting = '';
if ( mysql_num_rows( $result ) > 0 )
@ -128,7 +128,7 @@ $vtp->closeSession( $handle, 'summary' );
$vtp->addSession( $handle, 'summary' );
$vtp->setVar( $handle, 'summary.indent', '' );
$vtp->setVar( $handle, 'summary.link',
add_session_id( $link_start.'miseajour' ) );
add_session_id( $link_start.'update' ) );
$vtp->setVar( $handle, 'summary.name', $lang['menu_update'] );
$vtp->closeSession( $handle, 'summary' );
// thumbnails

37
admin/cat.php
View file

@ -1,11 +1,10 @@
<?php
/***************************************************************************
* this file is a part of PhpWebGallery *
* cat.php *
* ------------------- *
* version : 1.3 *
* url : http://phpwebgallery.net *
* help : http://forum.phpwebgallery.net *
* author : Pierrick LE GALL *
* application : PhpWebGallery 1.3 *
* website : http://www.phpwebgallery.net *
* author : Pierrick LE GALL <pierrick@z0rglub.com> *
* *
***************************************************************************/
@ -32,7 +31,7 @@ if ( isset( $_GET['up'] ) && is_numeric( $_GET['up'] ) )
// 1. searching level (id_uppercat)
// and rank of the category to move
$query = 'select id_uppercat,rank';
$query.= ' from '.$prefixeTable.'categories';
$query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where id = '.$_GET['up'];
$query.= ';';
$row = mysql_fetch_array( mysql_query( $query ) );
@ -41,7 +40,7 @@ if ( isset( $_GET['up'] ) && is_numeric( $_GET['up'] ) )
// 2. searching the id and the rank of the category
// just above at the same level
$query = 'select id,rank';
$query.= ' from '.$prefixeTable.'categories';
$query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where rank < '.$rank;
if ( $level == '' )
{
@ -58,12 +57,12 @@ if ( isset( $_GET['up'] ) && is_numeric( $_GET['up'] ) )
$new_rank = $row['rank'];
$replaced_cat = $row['id'];
// 3. exchanging ranks between the two categories
$query = 'update '.$prefixeTable.'categories';
$query = 'update '.PREFIX_TABLE.'categories';
$query.= ' set rank = '.$new_rank;
$query.= ' where id = '.$_GET['up'];
$query.= ';';
mysql_query( $query );
$query = 'update '.$prefixeTable.'categories';
$query = 'update '.PREFIX_TABLE.'categories';
$query.= ' set rank = '.$rank;
$query.= ' where id = '.$replaced_cat;
$query.= ';';
@ -74,7 +73,7 @@ if ( isset( $_GET['down'] ) && is_numeric( $_GET['down'] ) )
// 1. searching level (id_uppercat)
// and rank of the category to move
$query = 'select id_uppercat,rank';
$query.= ' from '.$prefixeTable.'categories';
$query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where id = '.$_GET['down'];
$query.= ';';
$row = mysql_fetch_array( mysql_query( $query ) );
@ -83,7 +82,7 @@ if ( isset( $_GET['down'] ) && is_numeric( $_GET['down'] ) )
// 2. searching the id and the rank of the category
// just below at the same level
$query = 'select id,rank';
$query.= ' from '.$prefixeTable.'categories';
$query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where rank > '.$rank;
if ( $level == '' )
{
@ -100,12 +99,12 @@ if ( isset( $_GET['down'] ) && is_numeric( $_GET['down'] ) )
$new_rank = $row['rank'];
$replaced_cat = $row['id'];
// 3. exchanging ranks between the two categories
$query = 'update '.$prefixeTable.'categories';
$query = 'update '.PREFIX_TABLE.'categories';
$query.= ' set rank = '.$new_rank;
$query.= ' where id = '.$_GET['down'];
$query.= ';';
mysql_query( $query );
$query = 'update '.$prefixeTable.'categories';
$query = 'update '.PREFIX_TABLE.'categories';
$query.= ' set rank = '.$rank;
$query.= ' where id = '.$replaced_cat;
$query.= ';';
@ -114,12 +113,10 @@ if ( isset( $_GET['down'] ) && is_numeric( $_GET['down'] ) )
//------------------------------------------------------------------ reordering
function ordering( $id_uppercat )
{
global $prefixeTable;
$rank = 1;
$query = 'select id';
$query.= ' from '.$prefixeTable.'categories';
$query.= ' from '.PREFIX_TABLE.'categories';
if ( !is_numeric( $id_uppercat ) )
{
$query.= ' where id_uppercat is NULL';
@ -133,7 +130,7 @@ function ordering( $id_uppercat )
$result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) )
{
$query = 'update '.$prefixeTable.'categories';
$query = 'update '.PREFIX_TABLE.'categories';
$query.= ' set rank = '.$rank;
$query.= ' where id = '.$row['id'];
$query.= ';';
@ -148,11 +145,11 @@ ordering( 'NULL' );
function display_cat_manager( $id_uppercat, $indent,
$uppercat_visible, $level )
{
global $prefixeTable,$lang,$conf,$sub,$vtp;
global $lang,$conf,$sub,$vtp;
// searching the min_rank and the max_rank of the category
$query = 'select min(rank) as min, max(rank) as max';
$query.= ' from '.$prefixeTable.'categories';
$query.= ' from '.PREFIX_TABLE.'categories';
if ( !is_numeric( $id_uppercat ) )
{
$query.= ' where id_uppercat is NULL';
@ -180,7 +177,7 @@ function display_cat_manager( $id_uppercat, $indent,
}
$query = 'select id,name,dir,nb_images,status,rank,site_id';
$query.= ' from '.$prefixeTable.'categories';
$query.= ' from '.PREFIX_TABLE.'categories';
if ( !is_numeric( $id_uppercat ) )
{
$query.= ' where id_uppercat is NULL';

39
admin/configuration.php
View file

@ -3,6 +3,7 @@
* configuration.php *
* ------------------- *
* application : PhpWebGallery 1.3 *
* website : http://www.phpwebgallery.net *
* author : Pierrick LE GALL <pierrick@z0rglub.com> *
* *
***************************************************************************/
@ -34,16 +35,15 @@ $Caracs = array("
"ù" => "u", "ú" => "u", "û" => "u", "ü" => "u",
"ý" => "y", "ÿ" => "y");
//------------------------------ verification and registration of modifications
$conf_infos = array( 'prefixe_thumbnail', 'webmaster', 'mail_webmaster',
'acces', 'session_id_size', 'session_time',
'session_keyword', 'max_user_listbox', 'show_comments',
'nb_comment_page', 'upload_available',
'upload_maxfilesize', 'upload_maxwidth',
'upload_maxheight', 'upload_maxwidth_thumbnail',
'upload_maxheight_thumbnail' );
$default_user_infos = array( 'nb_image_line', 'nb_line_page', 'theme',
'language', 'maxwidth', 'maxheight', 'expand',
'show_nb_comments', 'short_period', 'long_period',
$conf_infos =
array( 'prefixe_thumbnail','webmaster','mail_webmaster','acces',
'session_id_size','session_time','session_keyword','max_user_listbox',
'show_comments','nb_comment_page','upload_available',
'upload_maxfilesize', 'upload_maxwidth','upload_maxheight',
'upload_maxwidth_thumbnail','upload_maxheight_thumbnail' );
$default_user_infos =
array( 'nb_image_line','nb_line_page','theme','language','maxwidth',
'maxheight','expand','show_nb_comments','short_period','long_period',
'template' );
$error = array();
$i = 0;
@ -52,13 +52,13 @@ if ( $_GET['valider'] == 1 )
//purge de la table des session si demandé
if ( $_POST['empty_session_table'] == 1 )
{
$query = 'delete from '.$prefixeTable.'sessions';
$query = 'delete from '.PREFIX_TABLE.'sessions';
$query.= ' where expiration < '.time().';';
mysql_query( $query );
}
// deletion of site as asked
$query = 'select id';
$query.= ' from '.$prefixeTable.'sites';
$query.= ' from '.PREFIX_TABLE.'sites';
$query.= " where galleries_url <> './galleries/';";
$result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) )
@ -182,8 +182,8 @@ if ( $_GET['valider'] == 1 )
// dans le cas où il n'y aucune erreurs
if ( sizeof( $error ) == 0 )
{
mysql_query( 'delete from '.$prefixeTable.'config;' );
$query = 'insert into '.$prefixeTable.'config';
mysql_query( 'delete from '.PREFIX_TABLE.'config;' );
$query = 'insert into '.PREFIX_TABLE.'config';
$query.= ' (';
for ( $i = 0; $i < sizeof( $conf_infos ); $i++ )
{
@ -219,7 +219,7 @@ if ( $_GET['valider'] == 1 )
$tab_theme = explode( ' - ', $_POST['theme'] );
$_POST['theme'] = $tab_theme[0].'/'.$tab_theme[1];
$query = 'update '.$prefixeTable.'users';
$query = 'update '.PREFIX_TABLE.'users';
$query.= ' set';
for ( $i = 0; $i < sizeof( $default_user_infos ); $i++ )
{
@ -271,7 +271,7 @@ else
}
$query.= $conf_infos[$i];
}
$query .= ' from '.$prefixeTable.'config;';
$query .= ' from '.PREFIX_TABLE.'config;';
$row = mysql_fetch_array( mysql_query( $query ) );
@ -292,7 +292,7 @@ else
}
$query.= $default_user_infos[$i];
}
$query .= ' from '.$prefixeTable.'users';
$query .= ' from '.PREFIX_TABLE.'users';
$query.= " where username = 'guest'";
$query.= ';';
@ -308,8 +308,7 @@ $sub = $vtp->Open( '../template/'.$user['template'].
'/admin/configuration.vtp' );
// language
$vtp->setGlobalVar( $sub, 'conf_confirmation', $lang['conf_confirmation'] );
$vtp->setGlobalVar( $sub, 'conf_remote_site_title',
$lang['conf_remote_site_title'] );
$vtp->setGlobalVar( $sub, 'remote_site', $lang['remote_site'] );
$vtp->setGlobalVar( $sub, 'delete', $lang['delete'] );
$vtp->setGlobalVar( $sub, 'conf_remote_site_delete_info',
$lang['conf_remote_site_delete_info'] );
@ -885,7 +884,7 @@ $vtp->closeSession( $sub, 'space_line' );
$vtp->closeSession( $sub, 'line' );
//------------------------------------------------ remote sites administration
$query = 'select id,galleries_url';
$query.= ' from '.$prefixeTable.'sites';
$query.= ' from '.PREFIX_TABLE.'sites';
$query.= " where galleries_url <> './galleries/';";
$result = mysql_query( $query );
if ( mysql_num_rows( $result ) > 0 )

132
admin/create_listing_file.php
View file

@ -1,16 +1,18 @@
<?php
$prefixe_thumbnail = "TN-";
$prefixe_thumbnail = 'TN-';
$conf['picture_ext'] = array ( 'jpg', 'gif', 'png', 'JPG', 'GIF', 'PNG' );
$tab_ext = array ( 'jpg', 'JPG','gif','GIF','png','PNG' );
$listing = '';
$listing = "";
$end = strrpos( $_SERVER['PHP_SELF'], '/' ) + 1;
$local_folder = substr( $_SERVER['PHP_SELF'], 0, $end );
$url = 'http://'.$_SERVER['HTTP_HOST'].$local_folder;
$local_folder = substr( $PHP_SELF, 0, strrpos( $PHP_SELF, "/" ) + 1 );
$url = "http://".$HTTP_HOST.$local_folder;
$listing.= "<url>$url</url>";
// get_dirs retourne un tableau contenant tous les sous-répertoires d'un répertoire
// get_dirs retourne un tableau contenant tous les sous-répertoires d'un
// répertoire
function get_dirs( $rep, $indent, $level )
{
$sub_rep = array();
@ -20,7 +22,10 @@
{
while ( $file = readdir ( $opendir ) )
{
if ( $file != "." && $file != ".." && is_dir ( $rep."/".$file ) && $file != "thumbnail" )
if ( $file != "."
and $file != ".."
and is_dir ( $rep."/".$file )
and $file != "thumbnail" )
{
$sub_rep[$i++] = $file;
}
@ -29,89 +34,119 @@
// write of the dirs
for ( $i = 0; $i < sizeof( $sub_rep ); $i++ )
{
$dirs.= "\n".$indent."<dir".$level.">";
$dirs.= "\n".$indent."\t<name>".$sub_rep[$i]."</name>";
$dirs.= get_pictures( $rep."/".$sub_rep[$i], $indent."\t" );
$dirs.= get_dirs( $rep."/".$sub_rep[$i], $indent."\t", $level + 1 );
$dirs.= "\n".$indent."</dir".$level.">";
$dirs.= "\n".$indent.'<dir'.$level.' name="'.$sub_rep[$i].'">';
$dirs.= get_pictures( $rep.'/'.$sub_rep[$i], $indent.' ' );
$dirs.= get_dirs( $rep.'/'.$sub_rep[$i], $indent.' ', $level + 1 );
$dirs.= "\n".$indent.'</dir'.$level.'>';
}
return $dirs;
}
// get_extension returns the part of the string after the last "."
function get_extension( $filename )
{
return substr( strrchr( $filename, '.' ), 1, strlen ( $filename ) );
}
// get_filename_wo_extension returns the part of the string before the last
// ".".
// get_filename_wo_extension( 'test.tar.gz' ) -> 'test.tar'
function get_filename_wo_extension( $filename )
{
return substr( $filename, 0, strrpos( $filename, '.' ) );
}
function is_image( $filename )
{
global $tab_ext;
if ( in_array ( substr ( strrchr($filename,"."), 1, strlen ( $filename ) ), $tab_ext ) )
global $conf;
if ( !is_dir( $filename )
and in_array( get_extension( $filename ), $conf['picture_ext'] ) )
{
return true;
}
else
{
return false;
}
}
function TN_exist ( $dir, $file )
function TN_exists( $dir, $file )
{
global $tab_ext, $prefixe_thumbnail;
global $conf, $prefixe_thumbnail;
$titre = substr ( $file, 0, -4 );
for ( $i = 0; $i < sizeof ( $tab_ext ); $i++ )
$titre = get_filename_wo_extension( $file );
for ( $i = 0; $i < sizeof ( $conf['picture_ext'] ); $i++ )
{
$test = $dir."/thumbnail/".$prefixe_thumbnail.$titre.".".$tab_ext[$i];
if ( is_file ( $test ) )
$base_tn_name = $dir.'/thumbnail/'.$prefixe_thumbnail.$titre.'.';
$ext = $conf['picture_ext'][$i];
if ( is_file( $base_tn_name.$ext ) )
{
return $tab_ext[$i];
return $ext;
}
}
echo 'The thumbnail is missing for '.$dir.'/'.$file;
echo '-> '.$dir.'/thumbnail/'.$prefixe_thumbnail.$titre.'.xxx';
echo ' ("xxx" can be : ';
for ( $i = 0; $i < sizeof ( $conf['picture_ext'] ); $i++ )
{
if ( $i > 0 )
{
echo ', ';
}
echo '"'.$conf['picture_ext'][$i].'"';
}
echo ')<br />';
return false;
}
function get_pictures( $rep, $indent )
{
$pictures = array();
$i = 0;
$tn_ext = "";
$root = "";
$tn_ext = '';
$root = '';
if ( $opendir = opendir ( $rep ) )
{
while ( $file = readdir ( $opendir ) )
{
if ( is_image( $file ) && $tn_ext = TN_exist( $rep, $file ) )
if ( is_image( $file ) and $tn_ext = TN_exists( $rep, $file ) )
{
$pictures[$i] = array();
$pictures[$i]['file'] = $file;
$pictures[$i]['tn_ext'] = $tn_ext;
$pictures[$i]['date'] = date( "Y-m-d", filemtime ( $rep."/".$file ) );
$pictures[$i]['filesize'] = floor ( filesize( $rep."/".$file ) / 1024 );
$picture = array();
$picture['file'] = $file;
$picture['tn_ext'] = $tn_ext;
$picture['date'] = date('Y-m-d',filemtime( $rep.'/'.$file ) );
$picture['filesize'] = floor( filesize( $rep."/".$file ) / 1024 );
$image_size = @getimagesize( $rep."/".$file );
$pictures[$i]['width'] = $image_size[0];
$pictures[$i]['height'] = $image_size[1];
$i++;
$picture['width'] = $image_size[0];
$picture['height'] = $image_size[1];
array_push( $pictures, $picture );
}
}
}
// write of the node <root> with all the pictures at the root of the directory
// write of the node <root> with all the pictures at the root of the
// directory
$root.= "\n".$indent."<root>";
if ( sizeof( $pictures ) > 0 )
{
for( $i = 0; $i < sizeof( $pictures ); $i++ )
{
$root.= "\n".$indent."\t<picture>";
$root.= "\n".$indent."\t\t<file>".$pictures[$i]['file']."</file>";
$root.= "\n".$indent."\t\t<tn_ext>".$pictures[$i]['tn_ext']."</tn_ext>";
$root.= "\n".$indent."\t\t<date>".$pictures[$i]['date']."</date>";
$root.= "\n".$indent."\t\t<filesize>".$pictures[$i]['filesize']."</filesize>";
$root.= "\n".$indent."\t\t<width>".$pictures[$i]['width']."</width>";
$root.= "\n".$indent."\t\t<height>".$pictures[$i]['height']."</height>";
$root.= "\n".$indent."\t</picture>";
$root.= "\n".$indent.' ';
$root.= '<picture';
$root.= ' file="'. $pictures[$i]['file']. '"';
$root.= ' tn_ext="'. $pictures[$i]['tn_ext']. '"';
$root.= ' date="'. $pictures[$i]['date']. '"';
$root.= ' filesize="'. $pictures[$i]['filesize']. '"';
$root.= ' width="'. $pictures[$i]['width']. '"';
$root.= ' height="'. $pictures[$i]['height']. '"';
$root.= ' />';
}
}
$root.= "\n".$indent."</root>";
$root.= "\n".$indent.'</root>';
return $root;
}
$listing.= get_dirs( ".", "", 0 );
$listing.= get_dirs( '.', '', 0 );
if ( $fp = @fopen("./listing.xml","w") )
{
@ -120,9 +155,8 @@
}
else
{
echo "impossible de créer ou d'écrire dans le fichier listing.xml";
echo "I can't write the file listing.xml";
}
//echo str_replace( "\t", "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;", nl2br( htmlspecialchars( $listing, ENT_QUOTES ) ) );
echo "listing.xml created";
?>

8
admin/edit_cat.php
View file

@ -18,7 +18,7 @@
if ( $HTTP_GET_VARS['valider'] == 1 )
{
$query = "update $prefixeTable"."categories ";
$query = "update PREFIX_TABLE"."categories ";
if ( $HTTP_POST_VARS['name'] == "" )
{
$query.= "set name = NULL, ";
@ -39,7 +39,7 @@
$query.= "where id = '".$HTTP_GET_VARS['cat']."';";
mysql_query( $query );
$result = mysql_query( "select id from $prefixeTable"."users where pseudo != '".$conf['webmaster']."';" );
$result = mysql_query( "select id from PREFIX_TABLE"."users where pseudo != '".$conf['webmaster']."';" );
while ( $row = mysql_fetch_array ( $result ) )
{
check_favorites( $row['id'] );
@ -52,7 +52,7 @@
<form action=\"".add_session_id_to_url( "./admin.php?page=edit_cat&amp;cat=".$HTTP_GET_VARS['cat']."&amp;valider=1" )."\" method=\"post\">
<table style=\"width:100%;\">";
$query = "select a.id,name,dir,status,comment,id_uppercat,site_id,galleries_url";
$query.= " from $prefixeTable"."categories as a, $prefixeTable"."sites as b";
$query.= " from PREFIX_TABLE"."categories as a, PREFIX_TABLE"."sites as b";
$query.= " where a.id = ".$HTTP_GET_VARS['cat'];
$query.= " and a.site_id = b.id;";
$row = mysql_fetch_array( mysql_query( $query ) );
@ -86,7 +86,7 @@
// on récupère toutes les status possibles dans la base
// par l'intermédiaire de la fonction get_enums trouvable
// dans le fichier config.php
$option = get_enums( $prefixeTable."categories", "status" );
$option = get_enums( PREFIX_TABLE."categories", "status" );
for ( $i = 0; $i < sizeof( $option ); $i++ )
{
if ( $option[$i] == $row['status'] )

6
admin/historique.php
View file

@ -18,7 +18,7 @@
if ( $HTTP_GET_VARS['empty'] == 1 )
{
mysql_query( "delete from $prefixeTable"."history;" );
mysql_query( "delete from PREFIX_TABLE"."history;" );
}
define (NB_JOUR_HISTO,"7");
$tMois = array("janvier", "février", "mars", "avril", "mai", "juin", "juillet", "août", "septembre", "octobre", "novembre", "décembre");
@ -28,7 +28,7 @@
// il faut trouver le unix date de la veille à 00h00 :
// time (); nous donne le nombre de secondes actuelle
$date_ref = time() - (7*24*60*60);
$result = mysql_query( "select date,login,IP,categorie,page,titre,commentaire from $prefixeTable"."history where date > '$date_ref' order by date desc;");
$result = mysql_query( "select date,login,IP,categorie,page,titre,commentaire from PREFIX_TABLE"."history where date > '$date_ref' order by date desc;");
echo"<div style=\"text-align:center;\"><a href=\"".add_session_id_to_url( "./admin.php?page=historique&amp;empty=1" )."\">empty / vider</a></div>";
echo"<div style=\"color:green;text-align:center;margin:10px\">";
// affichage de la date du jour
@ -71,7 +71,7 @@
</tr>";
// 2. affichage de tous les évènements pour le jour donné
// entre la veille à 23h59m59s et le jour même 23h59m59s
$result = mysql_query("select date,login,IP,categorie,page,titre,commentaire from $prefixeTable"."history where date > '$debut' and date < '$fin' order by date desc;");
$result = mysql_query("select date,login,IP,categorie,page,titre,commentaire from PREFIX_TABLE"."history where date > '$debut' and date < '$fin' order by date desc;");
$fin = $debut;
// on recule le début d'une journée complète
$debut = $debut - 24*60*60;

10
admin/infos_images.php
View file

@ -53,7 +53,7 @@
//------------------------------------------------------------mises à jour
// 1. options individuelles
$query = "select id,file ";
$query.= "from $prefixeTable"."images ";
$query.= "from PREFIX_TABLE"."images ";
$query.= "where cat_id = ".$page['cat']." ";
$result = mysql_query( $query );
$i = 1;
@ -65,7 +65,7 @@
$date_creation = "date_creation-".$row['id'];
if ( isset( $HTTP_POST_VARS[$name] ) )
{
$query = "update $prefixeTable"."images ";
$query = "update PREFIX_TABLE"."images ";
if ( $HTTP_POST_VARS[$name] == "" )
{
$query.= "set name = NULL ";
@ -106,7 +106,7 @@
// 2. options générales
if ( $HTTP_POST_VARS['use_common_author'] == 1 )
{
$query = "update $prefixeTable"."images ";
$query = "update PREFIX_TABLE"."images ";
if ( $HTTP_POST_VARS['author_cat'] == "" )
{
$query.= "set author = NULL ";
@ -125,7 +125,7 @@
if ( check_date_format( $HTTP_POST_VARS['date_creation_cat'] ) )
{
$date = date_convert( $HTTP_POST_VARS['date_creation_cat'] );
$query = "update $prefixeTable"."images ";
$query = "update PREFIX_TABLE"."images ";
if ( $HTTP_POST_VARS['date_creation_cat'] == "" )
{
$query.= "set date_creation = NULL ";
@ -200,7 +200,7 @@
<td class=\"row2\" style=\"text-align:center;\">".$lang['infoimage_creation_date']."</td>
</tr>";
$query = "select id,file,comment,author,tn_ext,name,date_creation";
$query.= " from $prefixeTable"."images";
$query.= " from PREFIX_TABLE"."images";
$query.= " where cat_id = ".$page['cat'];
$query.= $conf['order_by'];
$query.= " limit ".$page['start'].",".$page['nb_image_page'];

36
admin/install.php
View file

@ -179,7 +179,7 @@
// écriture du fichier de configuration
if ( $fp = @fopen("../include/mysql.inc.php","a+") )
{
fwrite( $fp, "<?php\n\t\$cfgBase='".$HTTP_POST_VARS['cfgBase']."';\n\t\$cfgUser='".$HTTP_POST_VARS['cfgUser']."';\n\t\$cfgPassword='".$HTTP_POST_VARS['cfgPassword']."';\n\t\$cfgHote='".$HTTP_POST_VARS['cfgHote']."';\n\t\$prefixeTable='".$HTTP_POST_VARS['prefixe']."';\n?>" );
fwrite( $fp, "<?php\n\t\$cfgBase='".$HTTP_POST_VARS['cfgBase']."';\n\t\$cfgUser='".$HTTP_POST_VARS['cfgUser']."';\n\t\$cfgPassword='".$HTTP_POST_VARS['cfgPassword']."';\n\t\$cfgHote='".$HTTP_POST_VARS['cfgHote']."';\n\t\PREFIX_TABLE='".$HTTP_POST_VARS['prefixe']."';\n?>" );
fclose( $fp );
}
$cfgHote = "";
@ -204,7 +204,7 @@
\$cfgUser = '".$HTTP_POST_VARS['cfgUser']."';<br />
\$cfgPassword = '".$HTTP_POST_VARS['cfgPassword']."';<br />
\$cfgHote = '".$HTTP_POST_VARS['cfgHote']."';<br />
\$prefixeTable = '".$HTTP_POST_VARS['prefixe']."';<br />
\PREFIX_TABLE = '".$HTTP_POST_VARS['prefixe']."';<br />
?&gt;</div>
-----------------------------------------------------<br />";
$message.= "<div style=\"text-align:center;\">".$lang['step1_err_copy_2']."<br />";
@ -308,7 +308,7 @@
if ( !isset( $HTTP_POST_VARS['submit'] ) )
{
$query = "CREATE TABLE ".$prefixeTable."categories (
$query = "CREATE TABLE ".PREFIX_TABLE."categories (
id tinyint(3) unsigned NOT NULL auto_increment,
date_dernier date NOT NULL default '0000-00-00',
nb_images smallint(5) unsigned NOT NULL default '0',
@ -322,7 +322,7 @@
PRIMARY KEY (id)
);";
mysql_query( $query );
$query = "CREATE TABLE ".$prefixeTable."comments (
$query = "CREATE TABLE ".PREFIX_TABLE."comments (
id int(11) unsigned NOT NULL auto_increment,
image_id smallint(5) unsigned NOT NULL default '0',
date int(11) unsigned NOT NULL default '0',
@ -331,7 +331,7 @@
PRIMARY KEY (id)
);";
mysql_query( $query );
$query = "CREATE TABLE ".$prefixeTable."config (
$query = "CREATE TABLE ".PREFIX_TABLE."config (
periode_courte smallint(5) unsigned NOT NULL default '7',
periode_longue smallint(5) unsigned NOT NULL default '14',
prefixe_thumbnail varchar(10) NOT NULL default 'TN-',
@ -353,13 +353,13 @@
upload_maxheight_thumbnail smallint(5) unsigned NOT NULL default '100'
);";
mysql_query( $query );
$query = "CREATE TABLE ".$prefixeTable."favorites (
$query = "CREATE TABLE ".PREFIX_TABLE."favorites (
user_id smallint(5) unsigned NOT NULL default '0',
image_id smallint(5) unsigned NOT NULL default '0',
KEY user_id (user_id,image_id)
);";
mysql_query( $query );
$query = "CREATE TABLE ".$prefixeTable."history (
$query = "CREATE TABLE ".PREFIX_TABLE."history (
date int(11) NOT NULL default '0',
login varchar(15) default NULL,
IP varchar(50) NOT NULL default '',
@ -369,7 +369,7 @@
commentaire varchar(200) default NULL
);";
mysql_query( $query );
$query = "CREATE TABLE ".$prefixeTable."images (
$query = "CREATE TABLE ".PREFIX_TABLE."images (
id smallint(5) unsigned NOT NULL auto_increment,
file varchar(255) NOT NULL default '',
cat_id tinyint(3) unsigned NOT NULL default '0',
@ -387,13 +387,13 @@
KEY cat_id (cat_id)
);";
mysql_query( $query );
$query = "CREATE TABLE ".$prefixeTable."restrictions (
$query = "CREATE TABLE ".PREFIX_TABLE."restrictions (
user_id smallint(5) unsigned NOT NULL default '0',
cat_id tinyint(3) unsigned NOT NULL default '0',
PRIMARY KEY (user_id,cat_id)
);";
mysql_query( $query );
$query = "CREATE TABLE ".$prefixeTable."sessions (
$query = "CREATE TABLE ".PREFIX_TABLE."sessions (
id varchar(255) binary NOT NULL default '',
user_id smallint(5) unsigned NOT NULL default '0',
expiration int(10) unsigned NOT NULL default '0',
@ -401,14 +401,14 @@
PRIMARY KEY (id)
);";
mysql_query( $query );
$query = "CREATE TABLE ".$prefixeTable."sites (
$query = "CREATE TABLE ".PREFIX_TABLE."sites (
id tinyint(4) NOT NULL auto_increment,
galleries_url varchar(255) NOT NULL default '',
PRIMARY KEY (id),
UNIQUE KEY galleries_url (galleries_url)
);";
mysql_query( $query );
$query = "CREATE TABLE ".$prefixeTable."users (
$query = "CREATE TABLE ".PREFIX_TABLE."users (
id smallint(5) unsigned NOT NULL auto_increment,
pseudo varchar(20) binary NOT NULL default '',
password varchar(255) NOT NULL default '',
@ -424,7 +424,7 @@
UNIQUE KEY pseudo (pseudo)
);";
mysql_query( $query );
$query = "CREATE TABLE ".$prefixeTable."waiting (
$query = "CREATE TABLE ".PREFIX_TABLE."waiting (
id int(10) unsigned NOT NULL auto_increment,
cat_id tinyint(3) unsigned NOT NULL default '0',
file varchar(255) NOT NULL default '',
@ -479,14 +479,14 @@
// on met à jour les paramètres de l'application dans le cas où il n'y aucune erreur
if ( $nb_erreur == 0 )
{
mysql_query( "delete from $prefixeTable"."config" );
$query = "insert into $prefixeTable"."config (webmaster,mail_webmaster) values ('$webmaster','".$HTTP_POST_VARS['mail_webmaster']."')";
mysql_query( "delete from PREFIX_TABLE"."config" );
$query = "insert into PREFIX_TABLE"."config (webmaster,mail_webmaster) values ('$webmaster','".$HTTP_POST_VARS['mail_webmaster']."')";
mysql_query($query);
$query = "insert into $prefixeTable"."sites values (1, './galleries/');";
$query = "insert into PREFIX_TABLE"."sites values (1, './galleries/');";
mysql_query($query);
$query = "insert into $prefixeTable"."users (pseudo,password,status,language) values ('$webmaster','".md5( $pwdWebmaster )."','admin','".$HTTP_GET_VARS['language']."')";
$query = "insert into PREFIX_TABLE"."users (pseudo,password,status,language) values ('$webmaster','".md5( $pwdWebmaster )."','admin','".$HTTP_GET_VARS['language']."')";
mysql_query($query);
mysql_query("insert into $prefixeTable"."users (pseudo,password,status,language) values ('visiteur','".md5( "" )."','visiteur','".$HTTP_GET_VARS['language']."')");
mysql_query("insert into PREFIX_TABLE"."users (pseudo,password,status,language) values ('visiteur','".md5( "" )."','visiteur','".$HTTP_GET_VARS['language']."')");
$configuration = true;
}
}

20
admin/perm.php
View file

@ -18,7 +18,7 @@
//---------------------------------------------------données de l'utilisateur
if ( isset( $HTTP_GET_VARS['user_id'] ) )
{
$query = "select id,pseudo,status from $prefixeTable"."users where id = '".$HTTP_GET_VARS['user_id']."';";
$query = "select id,pseudo,status from PREFIX_TABLE"."users where id = '".$HTTP_GET_VARS['user_id']."';";
$result = mysql_query( $query );
$row = mysql_fetch_array( $result );
$page['pseudo'] = $row['pseudo'];
@ -51,14 +51,14 @@
{
if ( isset( $HTTP_GET_VARS['user_id'] ) )
{
mysql_query ( "delete from $prefixeTable"."restrictions where user_id = ".$HTTP_GET_VARS['user_id'].";" );
$result = mysql_query ( "select id from $prefixeTable"."categories;" );
mysql_query ( "delete from PREFIX_TABLE"."restrictions where user_id = ".$HTTP_GET_VARS['user_id'].";" );
$result = mysql_query ( "select id from PREFIX_TABLE"."categories;" );
while ( $row = mysql_fetch_array ( $result ) )
{
$nom_select = "acces-".$row['id'];
if ( $HTTP_POST_VARS[$nom_select] == 1 )
{
mysql_query ( "insert into $prefixeTable"."restrictions (user_id,cat_id) values ('".$HTTP_GET_VARS['user_id']."','".$row['id']."');" );
mysql_query ( "insert into PREFIX_TABLE"."restrictions (user_id,cat_id) values ('".$HTTP_GET_VARS['user_id']."','".$row['id']."');" );
}
}
check_favorites( $HTTP_GET_VARS['user_id'] );
@ -66,14 +66,14 @@
}
else if ( isset( $HTTP_GET_VARS['cat_id'] ) )
{
mysql_query ( "delete from $prefixeTable"."restrictions where cat_id = '".$page['cat']."';" );
$result = mysql_query( "select id from $prefixeTable"."users where pseudo != '".$conf['webmaster']."';" );
mysql_query ( "delete from PREFIX_TABLE"."restrictions where cat_id = '".$page['cat']."';" );
$result = mysql_query( "select id from PREFIX_TABLE"."users where pseudo != '".$conf['webmaster']."';" );
while ( $row = mysql_fetch_array ( $result ) )
{
$nom_select = "acces-".$row['id'];
if ( $HTTP_POST_VARS[$nom_select] == 1 )
{
mysql_query ( "insert into $prefixeTable"."restrictions (user_id,cat_id) values ('".$row['id']."','".$page['cat']."');" );
mysql_query ( "insert into PREFIX_TABLE"."restrictions (user_id,cat_id) values ('".$row['id']."','".$page['cat']."');" );
}
check_favorites( $row['id'] );
}
@ -83,7 +83,7 @@
//--------------------------------------------------------------- formulaire
function display_cat_manager( $id_uppercat, $indent, $uppercat_authorized, $level, $restriction )
{
global $prefixeTable,$lang,$conf;
global PREFIX_TABLE,$lang,$conf;
$output = "";
@ -121,7 +121,7 @@
}
$query = "select id,name,dir,rank";
$query.= " from $prefixeTable"."categories";
$query.= " from PREFIX_TABLE"."categories";
if ( !is_numeric( $id_uppercat ) )
{
$query.= " where id_uppercat is NULL";
@ -214,7 +214,7 @@
<form action=\"".add_session_id_to_url( "./admin.php?page=perm&amp;cat_id=".$page['cat'] )."\" method=\"post\">
<table style=\"width:100%;\">";
$result = mysql_query( "select id,pseudo,status from $prefixeTable"."users where pseudo != '".$conf['webmaster']."';" );
$result = mysql_query( "select id,pseudo,status from PREFIX_TABLE"."users where pseudo != '".$conf['webmaster']."';" );
$i = 0;
while ( $row = mysql_fetch_array( $result ) )
{

575
admin/update.php Normal file
View file

@ -0,0 +1,575 @@
<?php
/***************************************************************************
* update.php *
* ------------------ *
* application : PhpWebGallery 1.3 *
* author : Pierrick LE GALL <pierrick@z0rglub.com> *
* *
***************************************************************************/
/***************************************************************************
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; *
* *
***************************************************************************/
include_once( './include/isadmin.inc.php' );
//------------------------------------------------------------------- functions
function insert_local_category( $cat_id )
{
global $conf, $page;
$site_id = 1;
// 0. retrieving informations on the category to display
$cat_directory = '../galleries';
if ( is_numeric( $cat_id ) )
{
$result = get_cat_info( $cat_id );
$cat_directory.= '/'.$result['local_dir'];
// 1. display the category name to update
$output = '<img src="./images/puce.gif" alt="&gt;" />';
$output.= '<span style="font-weight:bold;">'.$result['name'][0].'</span>';
$output.= ' [ '.$result['last_dir'].' ]';
$output.= '<div class="retrait">';
// 2. we search pictures of the category only if the update is for all
// or a cat_id is specified
if ( isset( $page['cat'] ) or $_GET['update'] == 'all' )
{
$output.= insert_local_image( $cat_directory, $cat_id );
update_cat_info( $cat_id );
}
}
// 3. we have to remove the categories of the database not present anymore
$query = 'SELECT id';
$query.= ' FROM '.PREFIX_TABLE.'categories';
$query.= ' WHERE site_id = '.$site_id;
if ( !is_numeric( $cat_id ) )
{
$query.= ' AND id_uppercat IS NULL';
}
else
{
$query.= ' AND id_uppercat = '.$cat_id;
}
$query.= ';';
$result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) )
{
// retrieving the directory
$rep = '../galleries';
$resultat = get_cat_info( $row['id'] );
$rep.= '/'.$resultat['local_dir'];
// is the directory present ?
if ( !is_dir( $rep ) )
{
delete_category( $row['id'] );
}
}
// 4. retrieving the sub-directories
$sub_rep = array();
$i = 0;
$dirs = '';
if ( $opendir = opendir ( $cat_directory ) )
{
while ( $file = readdir ( $opendir ) )
{
if ( $file != '.'
and $file != '..'
and is_dir ( $cat_directory.'/'.$file )
and $file != 'thumbnail' )
{
$sub_rep[$i++] = $file;
}
}
}
for ( $i = 0; $i < sizeof( $sub_rep ); $i++ )
{
// 5. Is the category already existing ? we create a subcat if not
// existing
$category_id = '';
$query = 'SELECT id';
$query.= ' FROM '.PREFIX_TABLE.'categories';
$query.= ' WHERE site_id = '.$site_id;
$query.= " AND dir = '".$sub_rep[$i]."'";
if ( !is_numeric( $cat_id ) )
{
$query.= ' AND id_uppercat IS NULL';
}
else
{
$query.= ' AND id_uppercat = '.$cat_id;
}
$query.= ';';
$result = mysql_query( $query );
if ( mysql_num_rows( $result ) == 0 )
{
// we have to create the category
$query = 'INSERT INTO '.PREFIX_TABLE.'categories';
$query.= ' (dir,site_id,id_uppercat) VALUES';
$query.= " ('".$sub_rep[$i]."','".$site_id."'";
if ( !is_numeric( $cat_id ) )
{
$query.= ',NULL';
}
else
{
$query.= ",'".$cat_id."'";
}
$query.= ');';
mysql_query( $query );
$category_id = mysql_insert_id();
}
else
{
// we get the already registered id
$row = mysql_fetch_array( $result );
$category_id = $row['id'];
}
// 6. recursive call
$output.= insert_local_category( $category_id );
}
if ( is_numeric( $cat_id ) )
{
$output.= '</div>';
}
return $output;
}
function insert_local_image( $rep, $category_id )
{
global $lang,$conf,$count_new;
$output = '';
// we have to delete all the images from the database that :
// - are not in the directory anymore
// - don't have the associated thumbnail available anymore
$query = 'SELECT id,file,tn_ext';
$query.= ' FROM '.PREFIX_TABLE.'images';
$query.= ' WHERE cat_id = '.$category_id;
$query.= ';';
$result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) )
{
$lien_image = $rep.'/'.$row['file'];
$lien_thumbnail = $rep.'/thumbnail/'.$conf['prefixe_thumbnail'];
$lien_thumbnail.= get_filename_wo_extension( $row['file'] );
$lien_thumbnail.= '.'.$row['tn_ext'];
if ( !is_file ( $lien_image ) or !is_file ( $lien_thumbnail ) )
{
if ( !is_file ( $lien_image ) )
{
$output.= $row['file'];
$output.= ' <span style="font-weight:bold;">';
$output.= $lang['update_disappeared'].'</span><br />';
}
if ( !is_file ( $lien_thumbnail ) )
{
$output.= $row['file'];
$output.= ' : <span style="font-weight:bold;">';
$output.= $lang['update_disappeared_tn'].'</span><br />';
}
// suppression de la base :
delete_image( $row['id'] );
}
}
// searching the new images in the directory
$pictures = array();
$tn_ext = '';
if ( $opendir = opendir ( $rep ) )
{
while ( $file = readdir ( $opendir ) )
{
if ( is_file( $rep.'/'.$file ) and is_image( $rep.'/'.$file ) )
{
// is the picture waiting for validation by an administrator ?
$query = 'SELECT id';
$query.= ' FROM '.PREFIX_TABLE.'waiting';
$query.= ' WHERE cat_id = '.$category_id;
$query.= " AND file = '".$file."'";
$query.= ';';
$result = mysql_query( $query );
if ( mysql_num_rows( $result ) == 0 )
{
if ( $tn_ext = TN_exists( $rep, $file ) )
{
// is the picture already in the database ?
$query = 'SELECT id';
$query.= ' FROM '.PREFIX_TABLE.'images';
$query.= ' WHERE cat_id = '.$category_id;
$query.= " AND file = '".$file."'";
$query.= ';';
$result = mysql_query( $query );
if ( mysql_num_rows( $result ) == 0 )
{
$picture = array();
$picture['file'] = $file;
$picture['tn_ext'] = $tn_ext;
$picture['date'] = date( 'Y-m-d', filemtime ( $rep.'/'.$file ) );
$picture['filesize'] = floor( filesize( $rep.'/'.$file ) / 1024);
$image_size = @getimagesize( $rep.'/'.$file );
$picture['width'] = $image_size[0];
$picture['height'] = $image_size[1];
array_push( $pictures, $picture );
}
}
else
{
$output.= '<span style="color:red;">';
$output.= $lang['update_missing_tn'].' : '.$file;
$output.= ' (<span style="font-weight:bold;">';
$output.= $conf['prefixe_thumbnail'];
$output.= get_filename_wo_extension( $file ).'.XXX</span>';
$output.= ', XXX = ';
$output.= implode( ', ', $conf['picture_ext'] );
$output.= ')</span><br />';
}
}
}
}
}
// inserting the pictures found in the directory
foreach ( $pictures as $picture ) {
$query = 'INSERT INTO '.PREFIX_TABLE.'images';
$query.= ' (file,cat_id,date_available,tn_ext,filesize,width,height)';
$query.= ' VALUES ';
$query.= "('".$picture['file']."','".$category_id."'";
$query.= ",'".$picture['date']."','".$picture['tn_ext']."'";
$query.= ",'".$picture['filesize']."','".$picture['width']."'";
$query.= ",'".$picture['height']."')";
$query.= ';';
mysql_query( $query );
$count_new++;
$output.= $picture['file'];
$output.= ' <span style="font-weight:bold;">';
$output.= $lang['update_research_added'].'</span>';
$output.= ' ('.$lang['update_research_tn_ext'].' '.$picture['tn_ext'].')';
$output.= '<br />';
}
return $output;
}
// The function "update_cat_info" updates the information about the last
// online image and the number of images in the category
function update_cat_info( $category_id )
{
$query = 'SELECT date_available';
$query.= ' FROM '.PREFIX_TABLE.'images';
$query.= ' WHERE cat_id = '.$category_id;
$query.= ' ORDER BY date_available DESC';
$query.= ' LIMIT 0,1';
$query.= ';';
$result = mysql_query( $query );
$row = mysql_fetch_array( $result );
$date_last = $row['date_available'];
$query = 'SELECT COUNT(*) as nb_images';
$query.= ' FROM '.PREFIX_TABLE.'images';
$query.= ' WHERE cat_id = '.$category_id;
$result = mysql_query( $query );
$row = mysql_fetch_array( $result );
$nb_images = $row['nb_images'];
$query = 'UPDATE '.PREFIX_TABLE.'categories';
$query.= " SET date_dernier = '".$date_last."'";
$query.= ', nb_images = '.$nb_images;
$query.= ' where id = '.$category_id;
$query.= ';';
mysql_query( $query );
}
// remote_images verifies if a file named "listing.xml" is present is the
// admin directory. If it is the case, creation of a remote picture storage
// site if it doesn't already exists. Then, the function calls
// insert_remote_category for this remote site on the root category.
function remote_images()
{
global $conf, $lang, $vtp, $sub;
// 1. is there a file listing.xml ?
if ( !( $xml_content = getXmlCode( 'listing.xml' ) ) )
{
return false;
}
$url = getContent( getChild( $xml_content, 'url' ) );
$vtp->setVar( $sub, 'remote_update.url', $url );
// 2. is the site already existing ?
$query = 'select id';
$query.= ' from '.PREFIX_TABLE.'sites';
$query.= " where galleries_url = '".$url."'";
$query.= ';';
$result = mysql_query( $query );
if ( mysql_num_rows($result ) == 0 )
{
// we have to register this site in the database
$query = 'insert into '.PREFIX_TABLE.'sites';
$query.= " (galleries_url) values ('".$url."')";
$query.= ';';
mysql_query( $query );
$site_id = mysql_insert_id();
}
else
{
// we get the already registered id
$row = mysql_fetch_array( $result );
$site_id = $row['id'];
}
// 3. available dirs in the file
$categories = insert_remote_category( $xml_content, $site_id, 'NULL', 0 );
$vtp->setVar( $sub, 'remote_update.categories', $categories );
}
// insert_remote_category searchs the "dir" node of the xml_dir given and
// insert the contained categories if the are not in the database yet. The
// function also deletes the categories that are in the database and not in
// the xml_file.
function insert_remote_category( $xml_dir, $site_id, $id_uppercat, $level )
{
global $conf;
$output = '';
$categories = array();
$list_dirs = getChildren( $xml_dir, 'dir'.$level );
for ( $i = 0; $i < sizeof( $list_dirs ); $i++ )
{
// is the category already existing ?
$category_id = '';
$name = getAttribute( $list_dirs[$i], 'name' );
$categories[$i] = $name;
$output.= '<img src="./images/puce.gif">';
$output.= '<span style="font-weight:bold;">'.$name.'</span>';
$output.= '<div class="retrait">';
$query = 'select id';
$query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where site_id = '.$site_id;
$query.= " and dir = '".$name."'";
if ( $id_uppercat == 'NULL' )
{
$query.= ' and id_uppercat is NULL';
}
else
{
$query.= ' and id_uppercat = '.$id_uppercat;
}
$query.= ';';
$result = mysql_query( $query );
if ( mysql_num_rows( $result ) == 0 )
{
// we have to create the category
$query = 'insert into '.PREFIX_TABLE.'categories';
$query.= " (dir,site_id,id_uppercat) values ('".$name."',".$site_id;
if ( !is_numeric( $id_uppercat ) )
{
$query.= ',NULL';
}
else
{
$query.= ','.$id_uppercat;
}
$query.= ');';
mysql_query( $query );
$category_id = mysql_insert_id();
}
else
{
// we get the already registered id
$row = mysql_fetch_array( $result );
$category_id = $row['id'];
}
$output.= insert_remote_image( $list_dirs[$i], $category_id );
update_cat_info( $category_id );
$output.= insert_remote_category( $list_dirs[$i], $site_id,
$category_id, $level+1 );
$output.= '</div>';
}
// we have to remove the categories of the database not present in the xml
// file (ie deleted from the picture storage server)
$query = 'select dir,id';
$query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where site_id = '.$site_id;
if ( !is_numeric( $id_uppercat ) )
{
$query.= ' and id_uppercat is NULL';
}
else
{
$query.= ' and id_uppercat = '.$id_uppercat;
}
$query.= ';';
$result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) )
{
// is the category in the xml file ?
if ( !in_array( $row['dir'], $categories ) )
{
delete_category( $row['id'] );
}
}
return $output;
}
// insert_remote_image searchs the "root" node of the xml_dir given and
// insert the contained pictures if the are not in the database yet.
function insert_remote_image( $xml_dir, $category_id )
{
global $count_new,$lang;
$output = '';
$root = getChild( $xml_dir, 'root' );
$pictures = array();
$xml_pictures = getChildren( $root, 'picture' );
for ( $j = 0; $j < sizeof( $xml_pictures ); $j++ )
{
//<picture file="albatros.jpg" tn_ext="png" date="2002-04-14"
// filesize="35" width="640" height="480" />
$file = getAttribute( $xml_pictures[$j], 'file' );
$tn_ext = getAttribute( $xml_pictures[$j], 'tn_ext' );
$date = getAttribute( $xml_pictures[$j], 'date' );
$filesize = getAttribute( $xml_pictures[$j], 'filesize' );
$width = getAttribute( $xml_pictures[$j], 'width' );
$height = getAttribute( $xml_pictures[$j], 'height' );
$pictures[$j] = $file;
// is the picture already existing in the database ?
$query = 'select id,tn_ext';
$query.= ' from '.PREFIX_TABLE.'images';
$query.= ' where cat_id = '.$category_id;
$query.= " and file = '".$file."'";
$query.= ';';
$result = mysql_query( $query );
$query = '';
if ( mysql_num_rows( $result ) == 0 )
{
$query = 'insert into '.PREFIX_TABLE.'images';
$query.= ' (file,cat_id,date_available,tn_ext,filesize,width,height)';
$query.= ' values (';
$query.= "'".$file."'";
$query.= ",'".$category_id."'";
$query.= ",'".$date."'";
$query.= ",'".$tn_ext."'";
$query.= ",'".$filesize."'";
$query.= ",'".$width."'";
$query.= ",'".$height."'";
$query.= ')';
$query.= ';';
$output.= $file;
$output.= ' <span style="font-weight:bold;">';
$output.= $lang['update_research_added'].'</span>';
$output.= ' ('.$lang['update_research_tn_ext'].' '.$tn_ext.')<br />';
$count_new++;
}
else
{
// is the tn_ext the same in the xml file and in the database ?
$row = mysql_fetch_array( $result );
if ( $row['tn_ext'] != $tn_ext )
{
$query = 'update '.PREFIX_TABLE.'images';
$query.= ' set';
$query.= " tn_ext = '".$tn_ext."'";
$query.= ' where cat_id = '.$category_id;
$query.= " and file = '".$file."'";
$query.= ';';
}
}
// execution of the query
if ( $query != '' )
{
mysql_query( $query );
}
}
// we have to remove the pictures of the database not present in the xml file
// (ie deleted from the picture storage server)
$query = 'select id,file';
$query.= ' from '.PREFIX_TABLE.'images';
$query.= ' where cat_id = '.$category_id;
$query.= ';';
$result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) )
{
// is the file in the xml file ?
if ( !in_array( $row['file'], $pictures ) )
{
delete_image( $row['id'] );
}
}
return $output;
}
//----------------------------------------------------- template initialization
$sub = $vtp->Open( '../template/'.$user['template'].'/admin/update.vtp' );
$tpl = array( 'update_default_title', 'update_only_cat', 'update_all',
'update_research_conclusion', 'update_deletion_conclusion',
'remote_site', 'update_part_research' );
templatize_array( $tpl, 'lang', $sub );
//-------------------------------------------- introduction : choices of update
// Display choice if "update" var is not specified
check_cat_id( $_GET['update'] );
if ( !isset( $_GET['update'] )
and !( isset( $page['cat'] )
or $_GET['update'] == 'cats'
or $_GET['update'] == 'all' ) )
{
$vtp->addSession( $sub, 'introduction' );
// only update the categories, not the pictures.
$url = add_session_id( './admin.php?page=update&amp;update=cats' );
$vtp->setVar( $sub, 'introduction.only_cat:url', $url );
// update the entire tree folder
$url = add_session_id( './admin.php?page=update&amp;update=all' );
$vtp->setVar( $sub, 'introduction.all:url', $url );
$vtp->closeSession( $sub, 'introduction' );
}
//------------------------------------------------- local update : ../galleries
else
{
$count_new = 0;
$count_deleted = 0;
$vtp->addSession( $sub, 'local_update' );
if ( isset( $page['cat'] ) )
{
$categories = insert_local_category( $page['cat'] );
}
else
{
$categories = insert_local_category( 'NULL' );
}
$vtp->setVar( $sub, 'local_update.categories', $categories );
$vtp->setVar( $sub, 'local_update.count_new', $count_new );
$vtp->setVar( $sub, 'local_update.count_deleted', $count_deleted );
$vtp->closeSession( $sub, 'local_update' );
}
//------------------------------------------------- remote update : listing.xml
if ( @is_file( './listing.xml' ) )
{
$count_new = 0;
$count_deleted = 0;
$vtp->addSession( $sub, 'remote_update' );
remote_images();
$vtp->setVar( $sub, 'remote_update.count_new', $count_new );
$vtp->setVar( $sub, 'remote_update.count_deleted', $count_deleted );
$vtp->closeSession( $sub, 'remote_update' );
}
//----------------------------------------------------------- sending html code
$vtp->Parse( $handle , 'sub', $sub );
?>

2
admin/user_add.php
View file

@ -63,7 +63,7 @@ if ( !isset( $_POST['status'] ) )
{
$_POST['status'] = 'guest';
}
$option = get_enums( $prefixeTable.'users', 'status' );
$option = get_enums( PREFIX_TABLE.'users', 'status' );
for ( $i = 0; $i < sizeof( $option ); $i++ )
{
$vtp->addSession( $sub, 'status_option' );

8
admin/user_list.php
View file

@ -41,7 +41,7 @@ $vtp->setGlobalVar( $sub, 'listuser_button_create_address',
if ( isset ( $_GET['delete'] ) and is_numeric( $_GET['delete'] ) )
{
$query = 'select username';
$query.= ' from '.$prefixeTable.'users';
$query.= ' from '.PREFIX_TABLE.'users';
$query.= ' where id = '.$_GET['delete'];
$query.= ';';
$row = mysql_fetch_array( mysql_query( $query ) );
@ -65,7 +65,7 @@ if ( isset ( $_GET['delete'] ) and is_numeric( $_GET['delete'] ) )
and $row['username'] != $conf['webmaster'] )
{
$query = 'select count(*) as nb_result';
$query.= ' from '.$prefixeTable.'users';
$query.= ' from '.PREFIX_TABLE.'users';
$query.= ' where id = '.$_GET['delete'];
$query.= ';';
$row2 = mysql_fetch_array( mysql_query( $query ) );
@ -103,7 +103,7 @@ else
$vtp->setVar( $sub, 'users.form_action', $action );
$query = 'select id,username,status,mail_address';
$query.= ' from '.$prefixeTable.'users';
$query.= ' from '.PREFIX_TABLE.'users';
$query.= ' order by status asc, username asc';
$query.= ';';
$result = mysql_query( $query );
@ -217,7 +217,7 @@ else
$i = 0;
$query = 'select';
$query.= ' id,mail_address';
$query.= ' from '.$prefixeTable.'users';
$query.= ' from '.PREFIX_TABLE.'users';
$query.= ';';
$result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) )

4
admin/user_modify.php
View file

@ -30,7 +30,7 @@ $display_form = true;
// id in $_GET['user_id']
$query = 'select';
$query.= ' username,status,mail_address';
$query.= ' from '.$prefixeTable.'users';
$query.= ' from '.PREFIX_TABLE.'users';
$query.= ' where id = '.$_GET['user_id'];
$query.= ';';
$row = mysql_fetch_array( mysql_query( $query ) );
@ -107,7 +107,7 @@ if ( $display_form )
{
$_POST['status'] = 'guest';
}
$option = get_enums( $prefixeTable.'users', 'status' );
$option = get_enums( PREFIX_TABLE.'users', 'status' );
for ( $i = 0; $i < sizeof( $option ); $i++ )
{
$vtp->addSession( $sub, 'status_option' );

6
admin/waiting.php
View file

@ -19,7 +19,7 @@
if ( isset( $HTTP_POST_VARS['submit'] ) )
{
$query = "select id,cat_id,file,tn_ext";
$query.= " from $prefixeTable"."waiting";
$query.= " from PREFIX_TABLE"."waiting";
$query.= ";";
$result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) )
@ -27,7 +27,7 @@
$key = "validate-".$row['id'];
if ( isset( $HTTP_POST_VARS[$key] ) )
{
$query = "delete from $prefixeTable"."waiting";
$query = "delete from PREFIX_TABLE"."waiting";
$query.= " where id = ".$row['id'];
$query.= ";";
mysql_query( $query );
@ -59,7 +59,7 @@
<th style=\"width:1px;\">&nbsp;</th>
</tr>";
$query = "select id,cat_id,file,username,mail_address,date,tn_ext";
$query.= " from $prefixeTable"."waiting";
$query.= " from PREFIX_TABLE"."waiting";
$query.= " order by cat_id";
$query.= ";";
$result = mysql_query( $query );

12
category.php
View file

@ -53,7 +53,7 @@ if ( $user['expand'] == 'true' or $_GET['expand'] == 'all' )
{
$page['tab_expand'] = array();
$query = 'select id';
$query.= ' from '.$prefixeTable.'categories';
$query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where id_uppercat is null;';
$result = mysql_query( $query );
$i = 0;
@ -125,7 +125,7 @@ if ( !$user['is_the_guest'] )
$vtp->setVar( $handle, 'favorites.url', $url );
// searching the number of favorite picture
$query = 'select count(*) as count';
$query.= ' from '.$prefixeTable.'favorites';
$query.= ' from '.PREFIX_TABLE.'favorites';
$query.= ' where user_id = '.$user['id'].';';
$result = mysql_query( $query );
$row = mysql_fetch_array( $result );
@ -240,7 +240,7 @@ if ( isset( $page['cat'] ) and $page['cat_nb_images'] != 0 )
$query = 'select id,file,date_available,comment,';
$query.= ' author,tn_ext,name,filesize,width,height,cat_id';
$query.= ' from '.$prefixeTable.'images';
$query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= $conf['order_by'];
$query.= ' limit '.$page['start'].','.$page['nb_image_page'];
@ -339,7 +339,7 @@ if ( isset( $page['cat'] ) and $page['cat_nb_images'] != 0 )
{
$vtp->addSession( $handle, 'nb_comments' );
$query = 'select count(*) as nb_comments';
$query.= ' from '.$prefixeTable.'comments';
$query.= ' from '.PREFIX_TABLE.'comments';
$query.= ' where image_id = '.$row['id'];
$query.= ';';
$row = mysql_fetch_array( mysql_query( $query ) );
@ -373,7 +373,7 @@ elseif ( isset( $page['cat'] )
$vtp->addSession( $handle, 'thumbnails' );
$query = 'select id,name,dir,date_dernier';
$query.= ' from '.$prefixeTable.'categories';
$query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where id_uppercat = '.$page['cat'];
$query.= ' order by rank;';
$cat_result = mysql_query( $query );
@ -397,7 +397,7 @@ elseif ( isset( $page['cat'] )
$name = replace_space( $name );
$query = 'select file,tn_ext';
$query.= ' from '.$prefixeTable.'images';
$query.= ' from '.PREFIX_TABLE.'images';
$query.= ' where cat_id = '.$cat_row['id'];
$query.= ' order by rand()';
$query.= ' limit 0,1';

6
identification.php
View file

@ -24,7 +24,7 @@ if ( isset( $_POST['login'] ) )
$i = 0;
// retrieving the encrypted password of the login submitted
$query = 'select password';
$query.= ' from '.$prefixeTable.'users';
$query.= ' from '.PREFIX_TABLE.'users';
$query.= " where username = '".$_POST['login']."';";
$row = mysql_fetch_array( mysql_query( $query ) );
if( $row['password'] == md5( $_POST['pass'] ) )
@ -77,7 +77,7 @@ if ( sizeof( $error ) != 0 )
}
//------------------------------------------------------------------ users list
// retrieving all the users login
$query = 'select username from '.$prefixeTable.'users;';
$query = 'select username from '.PREFIX_TABLE.'users;';
$result = mysql_query( $query );
if ( mysql_num_rows ( $result ) < $conf['max_user_listbox'] )
{
@ -114,7 +114,7 @@ if ( $conf['acces'] == "libre" )
$code = $vtp->Display( $handle, 0 );
echo $code;
//------------------------------------------------------------ log informations
$query = 'insert into '.$prefixeTable.'history';
$query = 'insert into '.PREFIX_TABLE.'history';
$query.= '(date,login,IP,page) values';
$query.= "('".time()."', '".$user['pseudo'];
$query.= "','$REMOTE_ADDR','identification');";

2
index.php
View file

@ -4,7 +4,7 @@ include_once( './include/functions.inc.php' );
database_connection();
// récupération des informations de configuration du site
$query = 'select acces ';
$query .= 'from '.$prefixeTable.'config;';
$query .= 'from '.PREFIX_TABLE.'config;';
$row = mysql_fetch_array( mysql_query( $query ) );
$url = 'category';
if ( $row['acces'] == 'restreint' )

40
picture.php
View file

@ -1,9 +1,9 @@
<?php
/***************************************************************************
* picture.php is a part of PhpWebGallery *
* picture.php *
* ------------------- *
* last update : Tuesday, July 16, 2002 *
* email : pierrick@z0rglub.com *
* application : PhpWebGallery 1.3 *
* author : Pierrick LE GALL <pierrick@z0rglub.com> *
* *
***************************************************************************/
@ -28,7 +28,7 @@ if ( isset( $page['cat'] ) && is_numeric( $page['cat'] ) )
check_restrictions( $page['cat'] );
}
//---------------------------------------- incrementation of the number of hits
$query = 'update '.$prefixeTable.'images';
$query = 'update '.PREFIX_TABLE.'images';
$query.= ' set hit=hit+1';
$query.= ' where id='.$_GET['image_id'];
$query.= ';';
@ -39,7 +39,7 @@ $cat_directory = $page['cat_dir']; // by default
//------------------------------------- main picture information initialization
$query = 'select id,date_available,comment,hit';
$query.= ',author,name,file,date_creation,filesize,width,height,cat_id';
$query.= ' from '.$prefixeTable.'images';
$query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= ' and id = '.$_GET['image_id'];
$query.= $conf['order_by'];
@ -60,7 +60,7 @@ $page['height'] = $row['height'];
$page['cat_id'] = $row['cat_id'];
// retrieving the number of the picture in its category (in order)
$query = 'select id';
$query.= ' from '.$prefixeTable.'images';
$query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= $conf['order_by'];
$query.= ';';
@ -79,7 +79,7 @@ if ( isset( $_GET['add_fav'] ) )
{
// verify if the picture is already in the favorite of the user
$query = 'select count(*) as nb_fav';
$query.= ' from '.$prefixeTable.'favorites';
$query.= ' from '.PREFIX_TABLE.'favorites';
$query.= ' where image_id = '.$page['id'];
$query.= ' and user_id = '.$user['id'];
$query.= ';';
@ -87,7 +87,7 @@ if ( isset( $_GET['add_fav'] ) )
$row = mysql_fetch_array( $result );
if ( $row['nb_fav'] == 0 )
{
$query = 'insert into '.$prefixeTable.'favorites';
$query = 'insert into '.PREFIX_TABLE.'favorites';
$query.= ' (image_id,user_id) values';
$query.= ' ('.$page['id'].','.$user['id'].')';
$query.= ';';
@ -96,7 +96,7 @@ if ( isset( $_GET['add_fav'] ) )
}
if ( $_GET['add_fav'] == 0 )
{
$query = 'delete from '.$prefixeTable.'favorites';
$query = 'delete from '.PREFIX_TABLE.'favorites';
$query.= ' where user_id = '.$user['id'];
$query.= ' and image_id = '.$page['id'];
$query.= ';';
@ -121,7 +121,7 @@ if ( isset( $_GET['add_fav'] ) )
$page['num'] = 0;
}
$query = 'select id';
$query.= ' from '.$prefixeTable.'images';
$query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= $conf['order_by'];
$query.= ' limit '.$page['num'].',1';
@ -173,7 +173,7 @@ if ( $page['num'] >= 1 )
{
$prev = $page['num'] - 1;
$query = 'select id,name,file,tn_ext,cat_id';
$query.= ' from '.$prefixeTable.'images';
$query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= $conf['order_by'];
$query.= ' limit '.$prev.',1';
@ -421,12 +421,12 @@ if ( $user['status'] == "admin" && is_numeric( $page['cat'] ) )
if ( $page['num'] < $page['cat_nb_images']-1 )
{
$next = $page['num'] + 1;
$query = "select id,name,file,tn_ext,cat_id";
$query.= " from $prefixeTable"."images";
$query = 'SELECT id,name,file,tn_ext,cat_id';
$query.= ' FROM '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= $conf['order_by'];
$query.= " limit $next,1";
$query.= ";";
$query.= ' LIMIT '.$next.',1';
$query.= ';';
$result = mysql_query( $query );
$row = mysql_fetch_array( $result );
@ -485,7 +485,7 @@ if ( $conf['show_comments'] )
{
$author = $_POST['author'];
}
$query = 'insert into '.$prefixeTable.'comments';
$query = 'insert into '.PREFIX_TABLE.'comments';
$query.= ' (author,date,image_id,content) values';
$query.= " ('".$author."',".time().",".$page['id'];
$query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."');";
@ -496,13 +496,13 @@ if ( $conf['show_comments'] )
&& is_numeric( $_GET['del'] )
&& $user['status'] == 'admin' )
{
$query = 'delete from '.$prefixeTable.'comments';
$query = 'delete from '.PREFIX_TABLE.'comments';
$query.= ' where id = '.$_GET['del'].';';
mysql_query( $query );
}
// number of comment for this picture
$query = 'select count(*) as nb_comments';
$query.= ' from '.$prefixeTable.'comments';
$query.= ' from '.PREFIX_TABLE.'comments';
$query.= ' where image_id = '.$page['id'].';';
$row = mysql_fetch_array( mysql_query( $query ) );
$page['nb_comments'] = $row['nb_comments'];
@ -532,7 +532,7 @@ if ( $conf['show_comments'] )
$vtp->setGlobalVar( $handle, 'nb_comments', $page['nb_comments'] );
$query = 'select id,author,date,image_id,content';
$query.= ' from '.$prefixeTable.'comments';
$query.= ' from '.PREFIX_TABLE.'comments';
$query.= ' where image_id = '.$page['id'];
$query.= ' order by date asc';
$query.= ' limit '.$page['start'].', '.$conf['nb_comment_page'].';';
@ -581,7 +581,7 @@ mysql_close();
$code = $vtp->Display( $handle, 0 );
echo $code;
//------------------------------------------------------------ log informations
$query = 'insert into '.$prefixeTable.'history';
$query = 'insert into '.PREFIX_TABLE.'history';
$query.= ' (date,login,IP,page,titre,categorie) values';
$query.= " (".time().", '".$user['pseudo']."','".$_SERVER['REMOTE_ADDR']."'";
$query.= ",'picture','".$page['file']."','".$intitule_cat."');";

4
profile.php
View file

@ -92,7 +92,7 @@ if ( isset( $_POST['submit'] ) )
$tab_theme = explode( ' - ', $_POST['theme'] );
$_POST['theme'] = $tab_theme[0].'/'.$tab_theme[1];
$query = 'update '.$prefixeTable.'users';
$query = 'update '.PREFIX_TABLE.'users';
$query.= ' set';
for ( $i = 0; $i < sizeof( $infos ); $i++ )
{
@ -121,7 +121,7 @@ if ( isset( $_POST['submit'] ) )
if ( $_POST['use_new_pwd'] == 1 )
{
$query = 'update '.$prefixeTable.'users';
$query = 'update '.PREFIX_TABLE.'users';
$query.= " set password = '".md5( $_POST['password'] )."'";
$query.= ' where id = '.$user['id'];
$query.= ';';

2
search.php
View file

@ -82,7 +82,7 @@ $vtp->setGlobalVar( $handle, 'back_url', add_session_id( './category.php' ) );
$code = $vtp->Display( $handle, 0 );
echo $code;
//------------------------------------------------------------ log informations
$query = 'insert into '.$prefixeTable.'history';
$query = 'insert into '.PREFIX_TABLE.'history';
$query.= '(date,login,IP,page) values';
$query.= "('".time()."', '".$user['pseudo']."','".$_SERVER['REMOTE_ADDR']."'";
$query.= ",'search');";

94
upload.php
View file

@ -1,9 +1,9 @@
<?php
/***************************************************************************
* upload.php is a part of PhpWebGallery *
* upload.php *
* ------------------- *
* last update : Sunday, October 27, 2002 *
* email : pierrick@z0rglub.com *
* application : PhpWebGallery 1.3 *
* author : Pierrick LE GALL <pierrick@z0rglub.com> *
* *
***************************************************************************/
@ -14,10 +14,9 @@
* the Free Software Foundation; *
* *
***************************************************************************/
function get_extension( $filename )
{
return substr ( strrchr( $filename, "." ), 1, strlen ( $filename ) );
}
//------------------------------------------------------------------- functions
// The validate_upload function checks if the image of the given path is valid.
// A picture is valid when :
// - width, height and filesize are not higher than the maximum
@ -37,7 +36,7 @@ function validate_upload( $temp_name, $my_max_file_size,
$i = 0;
//echo $_FILES['picture']['name']."<br />".$temp_name;
$extension = get_extension( $_FILES['picture']['name'] );
if ( $extension != 'gif' && $extension != 'jpg' && $extension != 'png' )
if ( $extension != 'gif' and $extension != 'jpg' and $extension != 'png' )
{
$result['error'][$i++] = $lang['upload_advise_filetype'];
return $result;
@ -49,7 +48,8 @@ function validate_upload( $temp_name, $my_max_file_size,
}
else if ( $_FILES['picture']['size'] > $my_max_file_size * 1024 )
{
$result['error'][$i++] = $lang['upload_advise_width'].$my_max_file_size." KB";
$result['error'][$i++] =
$lang['upload_advise_width'].$my_max_file_size.' KB';
}
else
{
@ -63,21 +63,23 @@ function validate_upload( $temp_name, $my_max_file_size,
{
$size = getimagesize( $temp_name );
if ( isset( $image_max_width )
&& $image_max_width != ""
&& $size[0] > $image_max_width )
and $image_max_width != ""
and $size[0] > $image_max_width )
{
$result['error'][$i++] = $lang['upload_advise_width'].$image_max_width." px";
$result['error'][$i++] =
$lang['upload_advise_width'].$image_max_width." px";
}
if ( isset( $image_max_height )
&& $image_max_height != ""
&& $size[1] > $image_max_height )
and $image_max_height != ""
and $size[1] > $image_max_height )
{
$result['error'][$i++] = $lang['upload_advise_height'].$image_max_height." px";
$result['error'][$i++] =
$lang['upload_advise_height'].$image_max_height." px";
}
// $size[2] == 1 means GIF
// $size[2] == 2 means JPG
// $size[2] == 3 means PNG
if ( $size[2] != 1 && $size[2] != 2 && $size[2] != 3 )
if ( $size[2] != 1 and $size[2] != 2 and $size[2] != 3 )
{
$result['error'][$i++] = $lang['upload_advise_filetype'];
}
@ -86,20 +88,11 @@ function validate_upload( $temp_name, $my_max_file_size,
switch ( $size[2] )
{
case 1 :
{
$result['type'] = 'gif';
break;
}
$result['type'] = 'gif'; break;
case 2 :
{
$result['type'] = 'jpg';
break;
}
$result['type'] = 'jpg'; break;
case 3 :
{
$result['type'] = 'png';
break;
}
$result['type'] = 'png'; break;
}
}
}
@ -116,7 +109,7 @@ include_once( './include/init.inc.php' );
//-------------------------------------------------- access authorization check
check_login_authorization();
check_cat_id( $_GET['cat'] );
if ( isset( $page['cat'] ) && is_numeric( $page['cat'] ) )
if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) )
{
check_restrictions( $page['cat'] );
$result = get_cat_info( $page['cat'] );
@ -129,33 +122,26 @@ else
$access_forbidden = true;
}
if ( $access_forbidden == true
|| $page['cat_site_id'] != 1
|| $conf['upload_available'] == 'false' )
or $page['cat_site_id'] != 1
or $conf['upload_available'] == 'false' )
{
echo"<div style=\"text-align:center;\">".$lang['upload_forbidden']."<br />";
echo "<a href=\"".add_session_id_to_url( "./diapo.php" )."\">".$lang['thumbnails']."</a></div>";
echo '<div style="text-align:center;">'.$lang['upload_forbidden'].'<br />';
echo '<a href="'.add_session_id_to_url( './diapo.php' ).'">';
echo $lang['thumbnails'].'</a></div>';
exit();
}
//----------------------------------------------------- template initialization
$vtp = new VTemplate;
$handle = $vtp->Open( './template/default/upload.vtp' );
// language
$vtp->setGlobalVar( $handle, 'upload_page_title',$lang['upload_title'] );
$vtp->setGlobalVar( $handle, 'upload_title', $lang['upload_title'] );
$vtp->setGlobalVar( $handle, 'upload_username', $lang['upload_username'] );
$vtp->setGlobalVar( $handle, 'reg_mail_address', $lang['reg_mail_address'] );
$vtp->setGlobalVar( $handle, 'submit', $lang['submit'] );
$vtp->setGlobalVar( $handle, 'upload_successful',$lang['upload_successful'] );
$vtp->setGlobalVar( $handle, 'search_return_main_page',
$lang['search_return_main_page'] );
$handle = $vtp->Open( './template/'.$user['template'].'/upload.vtp' );
initialize_template();
$tpl = array( 'upload_title', 'upload_username', 'mail_address', 'submit',
'upload_successful', 'search_return_main_page' );
templatize_array( $tpl, 'lang', $sub );
// user
$vtp->setGlobalVar( $handle, 'page_style', $user['style'] );
$vtp->setGlobalVar( $handle, 'user_login', $user['pseudo'] );
$vtp->setGlobalVar( $handle, 'style', $user['style'] );
$vtp->setGlobalVar( $handle, 'user_login', $user['username'] );
$vtp->setGlobalVar( $handle, 'user_mail_address',$user['mail_address'] );
// structure
$vtp->setGlobalVar( $handle, 'frame_start', get_frame_start() );
$vtp->setGlobalVar( $handle, 'frame_begin', get_frame_begin() );
$vtp->setGlobalVar( $handle, 'frame_end', get_frame_end() );
$error = array();
$i = 0;
@ -166,7 +152,7 @@ if ( isset( $_GET['waiting_id'] ) )
}
//-------------------------------------------------------------- picture upload
// vérification de la présence et de la validité des champs.
if ( isset( $_POST['submit'] ) && !isset( $_GET['waiting_id'] ) )
if ( isset( $_POST['submit'] ) and !isset( $_GET['waiting_id'] ) )
{
$path = $page['cat_dir'].$_FILES['picture']['name'];
if ( @is_file( $path ) )
@ -202,7 +188,7 @@ if ( isset( $_POST['submit'] ) && !isset( $_GET['waiting_id'] ) )
if ( sizeof( $error ) == 0 )
{
$query = 'insert into '.$prefixeTable.'waiting';
$query = 'insert into '.PREFIX_TABLE.'waiting';
$query.= ' (cat_id,file,username,mail_address,date) values';
$query.= " (".$page['cat'].",'".$_FILES['picture']['name']."'";
$query.= ",'".htmlspecialchars( $_POST['username'], ENT_QUOTES)."'";
@ -213,11 +199,11 @@ if ( isset( $_POST['submit'] ) && !isset( $_GET['waiting_id'] ) )
}
}
//------------------------------------------------------------ thumbnail upload
if ( isset( $_POST['submit'] ) && isset( $_GET['waiting_id'] ) )
if ( isset( $_POST['submit'] ) and isset( $_GET['waiting_id'] ) )
{
// upload of the thumbnail
$query = 'select file';
$query.= ' from '.$prefixeTable.'waiting';
$query.= ' from '.PREFIX_TABLE.'waiting';
$query.= ' where id = '.$_GET['waiting_id'];
$query.= ';';
$result= mysql_query( $query );
@ -236,7 +222,7 @@ if ( isset( $_POST['submit'] ) && isset( $_GET['waiting_id'] ) )
}
if ( sizeof( $error ) == 0 )
{
$query = 'update '.$prefixeTable.'waiting';
$query = 'update '.PREFIX_TABLE.'waiting';
$query.= " set tn_ext = '".$extension."'";
$query.= ' where id = '.$_GET['waiting_id'];
$query.= ';';