- bug fixed : in admin/cat_list, next_rank cant' be calculted and query to

count sub-categories per sub-categories became false if no sub-categories - virtual association come back in admin/infos_images (not only in admin/picture_modify) - check_favorites function in admin section becomes check_user_favorites in public section : favorites are checked when user tries to display his favorites. Function was optimized. - in function update_category, wrap of long queries due to many categories to update at the same time - typo fixed in description of paginate_pages_around configuration parameter - bug fixed in new navigation bar : no separation pipe was displayed between next and last when the page displayed was the last - sessions.expiration changed of type from int to datetime (a lot easier to read) - sessions.ip removed : IP address is no longer used to verify session - $lang['cat_options'] was missing in en_UK.iso-8859-1 - typo fixed in language/en_UK.iso-8859-1/admin.lang.php on editcat_lock_info language item git-svn-id: http://piwigo.org/svn/trunk@647 68402e56-0260-453c-a942-63ccdbb3a9ee
2004-12-18 22:05:30 +00:00 · 2004-12-18 22:05:30 +00:00 · f0e9cd804a
commit f0e9cd804a
parent 775e9ee74c
13 changed files with 109 additions and 124 deletions
--- a/include/config.inc.php
+++ b/include/config.inc.php
@ -190,7 +190,7 @@ $conf['newcat_default_status'] = 'public';
 // to the sub level
 $conf['level_separator'] = ' / ';

-// paginate_pages_around : on paginate navigation bar, on many pages display
-// before and after the current page ?
+// paginate_pages_around : on paginate navigation bar, how many pages
+// display before and after the current page ?
 $conf['paginate_pages_around'] = 2;
 ?>
--- a/include/functions_category.inc.php
+++ b/include/functions_category.inc.php
@ -561,6 +561,8 @@ SELECT COUNT(DISTINCT(id)) AS nb_total_images
      // favorites displaying
      else if ( $page['cat'] == 'fav' )
      {
+        check_user_favorites();
+        
        $page['title'] = $lang['favorites'];

        $page['where'] = ', '.FAVORITES_TABLE.' AS fav';
--- a/include/functions_html.inc.php
+++ b/include/functions_html.inc.php
@ -158,11 +158,12 @@ function create_navigation_bar($url, $nb_element, $start,
    {
      $navbar.= $lang['next_page'];
    }
+    
+    $navbar.= ' | ';
    // link to last page ?
    if ($cur_page != $maximum)
    {
      $temp_start = ($maximum - 1) * $nb_element_page;
-      $navbar.= ' | ';
      $navbar.= '<a href="';
      $navbar.= add_session_id($url.'&amp;start='.$temp_start);
      $navbar.= '" class="'.$link_class.'">'.$lang['last_page'];
--- a/include/functions_session.inc.php
+++ b/include/functions_session.inc.php
@ -86,16 +86,16 @@ SELECT id
    }
  }
  // 3. inserting session in database
-  $expiration = $session_length + time();
  $query = '
 INSERT INTO '.SESSIONS_TABLE.'
-  (id,user_id,expiration,ip)
+  (id,user_id,expiration)
  VALUES
-  (\''.$generated_id.'\','.$userid.','.$expiration.',
-   \''.$_SERVER['REMOTE_ADDR'].'\')
+  (\''.$generated_id.'\','.$userid.',
+   ADDDATE(NOW(), INTERVAL '.$session_length.' SECOND))
 ;';
  pwg_query($query);

+  $expiration = $session_length + time();
  setcookie('id', $generated_id, $expiration, cookie_path());
                
  return $generated_id;
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@ -237,4 +237,43 @@ function getuserdata($user)
  $result = pwg_query($sql);
  return ( $row = mysql_fetch_array($result) ) ? $row : false;
 }
+
+/*
+ * deletes favorites of the current user if he's not allowed to see them
+ *
+ * @return void
+ */
+function check_user_favorites()
+{
+  global $user;
+
+  if ($user['forbidden_categories'] == '')
+  {
+    return;
+  }
+  
+  $query = '
+SELECT f.image_id
+  FROM '.FAVORITES_TABLE.' AS f INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic
+    ON f.image_id = ic.image_id
+  WHERE f.user_id = '.$user['id'].'
+    AND ic.category_id IN ('.$user['forbidden_categories'].')
+;';
+  $result = pwg_query($query);
+  $elements = array();
+  while ($row = mysql_fetch_array($result))
+  {
+    array_push($elements, $row['image_id']);
+  }
+
+  if (count($elements) > 0)
+  {
+    $query = '
+DELETE FROM '.FAVORITES_TABLE.'
+  WHERE image_id IN ('.implode(',', $elements).')
+    AND user_id = '.$user['id'].'
+;';
+    pwg_query($query);
+  }
+}
 ?>
--- a/include/user.inc.php
+++ b/include/user.inc.php
@ -59,7 +59,7 @@ if (isset($session_id)
 {
  $page['session_id'] = $session_id;
  $query = '
-SELECT user_id,expiration,ip
+SELECT user_id,expiration,NOW() AS now
  FROM '.SESSIONS_TABLE.'
  WHERE id = \''.$page['session_id'].'\'
 ;';
@ -67,22 +67,15 @@ SELECT user_id,expiration,ip
  if (mysql_num_rows($result) > 0)
  {
    $row = mysql_fetch_array($result);
-    if (!$user['has_cookie'])
+    if (strnatcmp($row['expiration'], $row['now']) < 0)
    {
-      if ($row['expiration'] < time())
-      {
-        // deletion of the session from the database,
-        // because it is out-of-date
-        $delete_query = 'DELETE FROM '.SESSIONS_TABLE;
-        $delete_query.= " WHERE id = '".$page['session_id']."'";
-        $delete_query.= ';';
-        pwg_query($delete_query);
-      }
-      else if ($_SERVER['REMOTE_ADDR'] == $row['ip'])
-      {
-        $query_user .= ' WHERE id = '.$row['user_id'];
-        $query_done = true;
-      }
+      // deletion of the session from the database, because it is
+      // out-of-date
+      $delete_query = '
+DELETE FROM '.SESSIONS_TABLE.'
+  WHERE id = \''.$page['session_id'].'\'
+;';
+      pwg_query($delete_query);
    }
    else
    {