- merge rev 2765,2769 from branch 2.0

* 2765 mysql potential injection paranoia + code compaction in common.inc.php
* 2769 added an image sort order by privacy level (admins only)
* 2769 fix an IE6 display issue with quick search on index page

git-svn-id: http://piwigo.org/svn/trunk@2770 68402e56-0260-453c-a942-63ccdbb3a9ee

include/common.inc.php

@@ -36,64 +36,21 @@ set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
 //
 if( !get_magic_quotes_gpc() )
 {
+  function sanitize_mysql_kv(&$v, $k)
+  {
+    $v = addslashes($v);
+  }
   if( is_array( $_GET ) )
   {
-    while( list($k, $v) = each($_GET) )
-    {
-      if( is_array($_GET[$k]) )
-      {
-        while( list($k2, $v2) = each($_GET[$k]) )
-        {
-          $_GET[$k][$k2] = addslashes($v2);
-        }
-        @reset($_GET[$k]);
-      }
-      else
-      {
-        $_GET[$k] = addslashes($v);
-      }
-    }
-    @reset($_GET);
+    array_walk_recursive( $_GET, 'sanitize_mysql_kv' );
   }
-
-  if( is_array($_POST) )
+  if( is_array( $_POST ) )
   {
-    while( list($k, $v) = each($_POST) )
-    {
-      if( is_array($_POST[$k]) )
-      {
-        while( list($k2, $v2) = each($_POST[$k]) )
-        {
-          $_POST[$k][$k2] = addslashes($v2);
-        }
-        @reset($_POST[$k]);
-      }
-      else
-      {
-        $_POST[$k] = addslashes($v);
-      }
-    }
-    @reset($_POST);
+    array_walk_recursive( $_POST, 'sanitize_mysql_kv' );
   }
-
-  if( is_array($_COOKIE) )
+  if( is_array( $_COOKIE ) )
   {
-    while( list($k, $v) = each($_COOKIE) )
-    {
-      if( is_array($_COOKIE[$k]) )
-      {
-        while( list($k2, $v2) = each($_COOKIE[$k]) )
-        {
-          $_COOKIE[$k][$k2] = addslashes($v2);
-        }
-        @reset($_COOKIE[$k]);
-      }
-      else
-      {
-        $_COOKIE[$k] = addslashes($v);
-      }
-    }
-    @reset($_COOKIE);
+    array_walk_recursive( $_COOKIE, 'sanitize_mysql_kv' );
   }
 }
 if ( !empty($_SERVER["PATH_INFO"]) )

include/functions_category.inc.php

@@ -273,7 +273,8 @@ function get_category_preferred_image_orders()
       l10n('Rank'),
       'rank ASC',
       ('categories' == @$page['section'] and !isset($page['flat']) and !isset($page['chronology_field']) )
-      )
+      ),
+    array( l10n('permissions'), 'level DESC', is_admin() )
     ));
 }
 
@@ -522,4 +523,4 @@ LIMIT 1';
   }
 }
 
-?>
+?>

include/ws_functions.inc.php

@@ -187,6 +187,7 @@ function ws_caddie_add($params, &$service)
   {
     return new PwgError(401, 'Access denied');
   }
+  $params['image_id'] = array_map( 'intval',$params['image_id'] );
   if ( empty($params['image_id']) )
   {
     return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
@@ -291,7 +292,7 @@ SELECT i.*, GROUP_CONCAT(category_id) cat_ids
     AND ', $where_clauses).'
 GROUP BY i.id
 '.$order_by.'
-LIMIT '.$params['per_page']*$params['page'].','.$params['per_page'];
+LIMIT '.(int)($params['per_page']*$params['page']).','.(int)$params['per_page'];
 
     $result = pwg_query($query);
     while ($row = mysql_fetch_assoc($result))
@@ -683,8 +684,8 @@ SELECT id, date, author, content
   FROM '.COMMENTS_TABLE.'
   WHERE '.$where_comments.'
   ORDER BY date
-  LIMIT '.$params['comments_per_page']*(int)$params['comments_page'].
-    ','.$params['comments_per_page'];
+  LIMIT '.(int)($params['comments_per_page']*$params['comments_page']).
+    ','.(int)$params['comments_per_page'];
 
     $result = pwg_query($query);
     while ($row = mysql_fetch_assoc($result))
@@ -857,6 +858,7 @@ function ws_images_setPrivacyLevel($params, &$service)
   {
     return new PwgError(401, 'Access denied');
   }
+  $params['image_id'] = array_map( 'intval',$params['image_id'] );
   if ( empty($params['image_id']) )
   {
     return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
@@ -1342,7 +1344,7 @@ SELECT DISTINCT i.* FROM '.IMAGES_TABLE.' i
   WHERE '. implode('
     AND ', $where_clauses).'
 '.$order_by.'
-LIMIT '.$params['per_page']*$params['page'].','.$params['per_page'];
+LIMIT '.(int)($params['per_page']*$params['page']).','.(int)$params['per_page'];
 
     $result = pwg_query($query);
     while ($row = mysql_fetch_assoc($result))

index.php

@@ -197,7 +197,7 @@ if ( $page['section']=='search' and $page['start']==0 and
     $hints = array();
     foreach ( $cats as $cat )
     {
-      $hints[] = get_cat_display_name( array($cat) );
+      $hints[] = get_cat_display_name( array($cat), '', false );
     }
     $template->assign( 'category_search_results', $hints);
   }

template/yoga/index.tpl

@@ -32,19 +32,19 @@
       {/if}
 
       {if isset($U_MODE_FLAT) }
-      <li><a href="{$U_MODE_FLAT}" title="{'mode_flat_hint'|@translate}" rel="nofollow"><img src="{$ROOT_URL}{$themeconf.icon_dir}/flat.png" class="button" alt="{'mode_flat_hint'|@translate}"></a></li>
+      <li><a href="{$U_MODE_FLAT}" title="{'mode_flat_hint'|@translate}" rel="nofollow"><img src="{$ROOT_URL}{$themeconf.icon_dir}/flat.png" class="button" alt="{'mode_flat_hint'|@translate}" /></a></li>
       {/if}
 
       {if isset($U_MODE_NORMAL) }
-      <li><a href="{$U_MODE_NORMAL}" title="{'mode_normal_hint'|@translate}"><img src="{$ROOT_URL}{$themeconf.icon_dir}/normal_mode.png" class="button" alt="{'mode_normal_hint'|@translate}"></a></li>
+      <li><a href="{$U_MODE_NORMAL}" title="{'mode_normal_hint'|@translate}"><img src="{$ROOT_URL}{$themeconf.icon_dir}/normal_mode.png" class="button" alt="{'mode_normal_hint'|@translate}" /></a></li>
       {/if}
 
       {if isset($U_MODE_POSTED) }
-      <li><a href="{$U_MODE_POSTED}" title="{'mode_posted_hint'|@translate}" rel="nofollow"><img src="{$ROOT_URL}{$themeconf.icon_dir}/calendar.png" class="button" alt="{'mode_posted_hint'|@translate}"></a></li>
+      <li><a href="{$U_MODE_POSTED}" title="{'mode_posted_hint'|@translate}" rel="nofollow"><img src="{$ROOT_URL}{$themeconf.icon_dir}/calendar.png" class="button" alt="{'mode_posted_hint'|@translate}" /></a></li>
       {/if}
       
       {if isset($U_MODE_CREATED) }
-      <li><a href="{$U_MODE_CREATED}" title="{'mode_created_hint'|@translate}" rel="nofollow"><img src="{$ROOT_URL}{$themeconf.icon_dir}/calendar_created.png" class="button" alt="{'mode_created_hint'|@translate}"></a></li>
+      <li><a href="{$U_MODE_CREATED}" title="{'mode_created_hint'|@translate}" rel="nofollow"><img src="{$ROOT_URL}{$themeconf.icon_dir}/calendar_created.png" class="button" alt="{'mode_created_hint'|@translate}" /></a></li>
       {/if}
       
       {if !empty($PLUGIN_INDEX_ACTIONS)}{$PLUGIN_INDEX_ACTIONS}{/if}
@@ -71,7 +71,7 @@
 {if !empty($PLUGIN_INDEX_CONTENT_BEGIN)}{$PLUGIN_INDEX_CONTENT_BEGIN}{/if}
 
 {if !empty($category_search_results) }
-<div style="font-size:16px;text-align:left;margin:10px">{'Category results for'|@translate} <strong>{$QUERY_SEARCH}</strong> :
+<div style="font-size:16px;margin:10px 16px">{'Category results for'|@translate} <strong>{$QUERY_SEARCH}</strong> :
   <em><strong>
   {foreach from=$category_search_results item=res name=res_loop}
   {if !$smarty.foreach.res_loop.first} &mdash; {/if}
@@ -82,7 +82,7 @@
 {/if}
 
 {if !empty($tag_search_results) }
-<div style="font-size:16px;text-align:left;margin:10px">{'Tag results for'|@translate} <strong>{$QUERY_SEARCH}</strong> :
+<div style="font-size:16px;margin:10px 16px">{'Tag results for'|@translate} <strong>{$QUERY_SEARCH}</strong> :
   <em><strong>
   {foreach from=$tag_search_results item=res name=res_loop}
   {if !$smarty.foreach.res_loop.first} &mdash; {/if}