Subversion admin: rename branch 1.6 to match new format

git-svn-id: http://piwigo.org/svn/branches/1.6@3251 68402e56-0260-453c-a942-63ccdbb3a9ee
Issue 0000634: Admin instructions (En-UK) / dead link on Wiki
2009-04-23 20:30:15 +00:00 · 2007-02-01 21:57:46 +00:00 · 2007-01-29 20:07:37 +00:00 · 2007-01-11 05:39:49 +00:00 · 2007-01-03 23:27:32 +00:00 · 2007-01-02 22:55:57 +00:00
200 changed files with 6494 additions and 3843 deletions
--- a/action.php
+++ b/action.php
@ -25,10 +25,28 @@
 // | USA.                                                                  |
 // +-----------------------------------------------------------------------+

+define('PHPWG_ROOT_PATH','./');
+include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
+
+// Check Access and exit when user status is not ok
+check_status(ACCESS_GUEST);
+
 function force_download ($filename)
 {
 //TODO : messages in "lang"
-  $filename = realpath($filename);
+  if (!url_is_remote($filename))
+  {
+    $filename = realpath($filename);
+    if (!file_exists($filename))
+    {
+      die("NO FILE HERE");
+    }
+    $file_size = @filesize($filename);
+  }
+  else
+  {
+    $file_size = 0;
+  }

  $file_extension = strtolower(substr(strrchr($filename,"."),1));

@ -45,10 +63,6 @@ function force_download ($filename)
      default: $ctype="application/octet-stream";
  }

-  if (!file_exists($filename)) {
-      die("NO FILE HERE");
-  }
-
  header("Pragma: public");
  header("Expires: 0");
  header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
@ -57,16 +71,27 @@ function force_download ($filename)
  header("Content-Disposition: attachment; filename=\""
         .basename($filename)."\";");
  header("Content-Transfer-Encoding: binary");
-  header("Content-Length: ".@filesize($filename));
-  set_time_limit(0);
+  if (isset($file_size) and ($file_size != 0))
+  {
+    header("Content-Length: ".@filesize($filename));
+  }
+  // Looking at the safe_mode configuration for execution time
+  if (ini_get('safe_mode') == 0)
+  {
+    @set_time_limit(0);
+  }
+
  @readfile("$filename") or die("File not found.");
 }

 //--------------------------------------------------------- download big picture
 if ( isset( $_GET['dwn'] ) )
 {
-//TODO : verify the path begins with './gallerie' and doesn't contains any '..'
-// in order to avoid hacking atempts
+//TODO : verify the path begins with something in galleries_url and that user has access rights to the picture
+// in order to avoid hacking atempts by forged url
+  if (preg_match('/\.\./',$_GET['dwn'])) {
+    die('Hacking attempt!');
+  }
  force_download($_GET['dwn']);
 }

--- a/admin/cat_list.php
+++ b/admin/cat_list.php
@ -126,7 +126,7 @@ SELECT id, name
  $result = pwg_query($query);
  while ($row = mysql_fetch_assoc($result))
  {
-    $categories[ $row['id'] ] = $row['name'];
+    $categories[ $row['id'] ] = strtolower($row['name']);
  }

  asort($categories, SORT_REGULAR);
@ -249,6 +249,8 @@ SELECT id_uppercat, COUNT(*) AS nb_subcats
  {
    $categories[$row['id_uppercat']]['nb_subcats'] = $row['nb_subcats'];
  }
+
+  $template->assign_block_vars('categories', array());
 }

 foreach ($categories as $category)
@ -267,7 +269,7 @@ foreach ($categories as $category)
  }

  $template->assign_block_vars(
-    'category',
+    'categories.category',
    array(
      'NAME'       => $category['name'],
      'ID'         => $category['id'],
@ -288,7 +290,7 @@ foreach ($categories as $category)
  if (empty($category['dir']))
  {
    $template->assign_block_vars(
-      'category.delete',
+      'categories.category.delete',
      array(
        'URL'=>$self_url.'&amp;delete='.$category['id']
        )
@ -298,7 +300,7 @@ foreach ($categories as $category)
  if ($category['nb_images'] > 0)
  {
    $template->assign_block_vars(
-      'category.elements',
+      'categories.category.elements',
      array(
        'URL'=>$base_url.'element_set&amp;cat='.$category['id']
        )
@ -308,7 +310,7 @@ foreach ($categories as $category)
  if ('private' == $category['status'])
  {
    $template->assign_block_vars(
-      'category.permissions',
+      'categories.category.permissions',
      array(
        'URL'=>$base_url.'cat_perm&amp;cat='.$category['id']
        )
--- a/admin/cat_modify.php
+++ b/admin/cat_modify.php
@ -249,7 +249,7 @@ $template->assign_vars(
      ),

    'U_CHILDREN' => $cat_list_url.'&amp;parent_id='.$category['id'],
-    'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_modify',
+    'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=cat_modify',

    'F_ACTION' => $form_action,
    )
--- a/admin/cat_move.php
+++ b/admin/cat_move.php
@ -74,6 +74,7 @@ $template->set_filenames(

 $template->assign_vars(
  array(
+    'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=cat_move',
    'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=cat_move',
    )
  );
--- a/admin/cat_options.php
+++ b/admin/cat_options.php
@ -157,7 +157,7 @@ $template->assign_vars(
    'L_SUBMIT'=>$lang['submit'],
    'L_RESET'=>$lang['reset'],

-    'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_options',
+    'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=cat_options',
    
    'F_ACTION'=>$base_url.$page['section']
   )
--- a/admin/cat_perm.php
+++ b/admin/cat_perm.php
@ -212,7 +212,7 @@ $template->assign_vars(
        $page['cat'],
        'admin.php?page=cat_modify&amp;cat_id='
        ),
-    'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_perm',
+    'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=cat_perm',
    'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=cat_perm&amp;cat='.$page['cat']
    )
  );
--- a/admin/comments.php
+++ b/admin/comments.php
@ -45,8 +45,8 @@ if (isset($_POST))
 {
  $to_validate = array();
  $to_reject = array();
-  
-  if (isset($_POST['submit']))
+
+  if (isset($_POST['submit']) and !is_adviser())
  {    
    foreach (explode(',', $_POST['list']) as $comment_id)
    {
@ -68,11 +68,11 @@ if (isset($_POST))
      }
    }
  }
-  else if (isset($_POST['validate-all']))
+  else if (isset($_POST['validate-all']) and !empty($_POST['list']) and !is_adviser())
  {
    $to_validate = explode(',', $_POST['list']);
  }
-  else if (isset($_POST['reject-all']))
+  else if (isset($_POST['reject-all']) and !empty($_POST['list']) and !is_adviser())
  {
    $to_reject = explode(',', $_POST['list']);
  }
--- a/admin/configuration.php
+++ b/admin/configuration.php
@ -53,7 +53,7 @@ while ($row = mysql_fetch_array($result))
  $conf[$row['param']] = $row['value'];
  // if the parameter is present in $_POST array (if a form is submited), we
  // override it with the submited value
-  if (isset($_POST[$row['param']]))
+  if (isset($_POST[$row['param']]) and !is_adviser())
  {
    $conf[$row['param']] = $_POST[$row['param']];
    if ( 'page_banner'==$row['param'] )
@ -63,7 +63,7 @@ while ($row = mysql_fetch_array($result))
  }
 }
 //------------------------------ verification and registration of modifications
-if (isset($_POST['submit']))
+if (isset($_POST['submit']) and !is_adviser())
 {
  $int_pattern = '/^\d+$/';
  switch ($page['section'])
@ -160,7 +160,7 @@ $template->assign_vars(
    'L_SUBMIT'=>$lang['submit'],
    'L_RESET'=>$lang['reset'],

-    'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=configuration',
+    'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=configuration',

    'F_ACTION'=>$action
    ));
--- a/admin/element_set_global.php
+++ b/admin/element_set_global.php
@ -205,7 +205,6 @@ $template->assign_vars(

    'L_SUBMIT'=>$lang['submit'],

-    'U_COLS'=>$base_url.get_query_string_diff(array('cols')),
    'U_DISPLAY'=>$base_url.get_query_string_diff(array('display')),

    'U_UNIT_MODE'
@ -278,10 +277,27 @@ SELECT DISTINCT(category_id) AS id, c.name, uppercats, global_rank
  display_select_cat_wrapper($query, array(), $blockname, true);
 }

+$all_tags = get_all_tags();
+
+if (count($all_tags) == 0)
+{
+  $add_tag_selection =
+    '<p>'.
+    l10n('No tag defined. Use Administration>Pictures>Tags').
+    '</p>';
+}
+else
+{
+  $add_tag_selection = get_html_tag_selection(
+    get_all_tags(),
+    'add_tags'
+    );
+}
+
 // add tags
 $template->assign_vars(
  array(
-    'ADD_TAG_SELECTION' => get_html_tag_selection(get_all_tags(), 'add_tags'),
+    'ADD_TAG_SELECTION' => $add_tag_selection,
    )
  );

@ -294,7 +310,6 @@ if (count($page['cat_elements_id']) > 0)
      INNER JOIN '.TAGS_TABLE.' ON tag_id = id
    WHERE image_id IN ('.implode(',', $page['cat_elements_id']).')
    GROUP BY tag_id
-    ORDER BY name ASC
  ;';
  $result = pwg_query($query);

@ -304,6 +319,8 @@ if (count($page['cat_elements_id']) > 0)
    array_push($tags, $row);
  }

+  usort($tags, 'name_compare');
+
  $template->assign_vars(
    array(
      'DEL_TAG_SELECTION' => get_html_tag_selection($tags, 'del_tags'),
@ -339,8 +356,6 @@ $template->assign_vars(array('DATE_CREATION_YEAR_VALUE'=>$year));
 // |                        global mode thumbnails                         |
 // +-----------------------------------------------------------------------+

-$page['cols'] = !empty($_GET['cols']) ? intval($_GET['cols']) : 5;
-
 // how many items to display on this page
 if (!empty($_GET['display']))
 {
@ -382,10 +397,6 @@ SELECT id,path,tn_ext
  if (mysql_num_rows($result) > 0)
  {
    $template->assign_block_vars('thumbnails', array());
-    // first line
-    $template->assign_block_vars('thumbnails.line', array());
-    // current row displayed
-    $row_number = 0;
  }

  while ($row = mysql_fetch_array($result))
@ -393,7 +404,7 @@ SELECT id,path,tn_ext
    $src = get_thumbnail_src($row['path'], @$row['tn_ext']);

    $template->assign_block_vars(
-      'thumbnails.line.thumbnail',
+      'thumbnails.thumbnail',
      array(
        'ID' => $row['id'],
        'SRC' => $src,
@ -401,13 +412,6 @@ SELECT id,path,tn_ext
        'TITLE' => 'TODO'
        )
      );
-
-    // create a new line ?
-    if (++$row_number == $page['cols'])
-    {
-    $template->assign_block_vars('thumbnails.line', array());
-    $row_number = 0;
-    }
  }
 }

--- a/admin/element_set_unit.php
+++ b/admin/element_set_unit.php
@ -225,6 +225,22 @@ SELECT tag_id
    {
      list($year,$month,$day) = array('','','');
    }
+
+    if (count($all_tags) > 0)
+    {
+      $tag_selection = get_html_tag_selection(
+        $all_tags,
+        'tags-'.$row['id'],
+        $selected_tags
+        );
+    }
+    else
+    {
+      $tag_selection =
+        '<p>'.
+        l10n('No tag defined. Use Administration>Pictures>Tags').
+        '</p>';
+    }
    
    $template->assign_block_vars(
      'element',
@ -243,11 +259,7 @@ SELECT tag_id
        'DESCRIPTION' => @$row['comment'],
        'DATE_CREATION_YEAR' => $year,
        
-        'TAG_SELECTION' => get_html_tag_selection(
-          $all_tags,
-          'tags-'.$row['id'],
-          $selected_tags
-          ),
+        'TAG_SELECTION' => $tag_selection,
        )
      );
    
--- a/admin/images/index.htm
+++ b/admin/images/index.htm
@ -1,8 +0,0 @@
-<html>
-    <head>
-        <title>PhpWebGallery</title>
-    </head>
-    <body>
-        No access authorized
-    </body>
-</html>
--- a/admin/images/index.php
+++ b/admin/images/index.php
@ -0,0 +1,35 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery                           |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | branch        : BSF (Best So Far)
+// | file          : $RCSfile$
+// | last update   : $Date$
+// | last modifier : $Author$
+// | revision      : $Revision$
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+// recursive call of index.php
+
+$url = '../index.php';
+header( 'Request-URI: '.$url );
+header( 'Content-Location: '.$url );
+header( 'Location: '.$url );
+exit();
+?>
--- a/admin/include/functions.php
+++ b/admin/include/functions.php
@ -607,7 +607,7 @@ INSERT INTO '.$table_name.'
        $query.= ',';
      }

-      if (!isset($insert[$dbfield]) or $insert[$dbfield] == '')
+      if (!isset($insert[$dbfield]) or $insert[$dbfield] === '')
      {
        $query.= 'NULL';
      }
@ -940,14 +940,24 @@ SELECT image_id
  LIMIT 0,1
 ;';
    list($representative) = mysql_fetch_array(pwg_query($query));
-    $data = array('id' => $category_id,
-                  'representative_picture_id' => $representative);
-    array_push($datas, $data);
+
+    array_push(
+      $datas,
+      array(
+        'id' => $category_id,
+        'representative_picture_id' => $representative,
+        )
+      );
  }

-  $fields = array('primary' => array('id'),
-                  'update' => array('representative_picture_id'));
-  mass_updates(CATEGORIES_TABLE, $fields, $datas);
+  mass_updates(
+    CATEGORIES_TABLE,
+    array(
+      'primary' => array('id'),
+      'update' => array('representative_picture_id')
+      ),
+    $datas
+    );
 }

 /**
@ -1569,7 +1579,7 @@ SELECT MAX(rank)
  $insert = array(
    'name' => $category_name,
    'rank' => ++$current_rank,
-    'commentable' => $conf['newcat_default_commentable'],
+    'commentable' => boolean_to_string($conf['newcat_default_commentable']),
    'uploadable' => 'false',
    );

@ -1594,7 +1604,7 @@ SELECT id, uppercats, global_rank, visible, status
    }
    else
    {
-      $insert{'visible'} = $conf['newcat_default_visible'];
+      $insert{'visible'} = boolean_to_string($conf['newcat_default_visible']);
    }

    // at creation, must a category be public or private ? Warning : if the
@ -1611,7 +1621,7 @@ SELECT id, uppercats, global_rank, visible, status
  }
  else
  {
-    $insert{'visible'} = $conf['newcat_default_visible'];
+    $insert{'visible'} = boolean_to_string($conf['newcat_default_visible']);
    $insert{'status'} = $conf['newcat_default_status'];
    $insert{'global_rank'} = $insert{'rank'};
  }
@ -1746,7 +1756,7 @@ function tag_id_from_tag_name($tag_name)
    $tag_name = mysql_escape_string($tag_name);
  }

-  // does the tag already exist?
+  // does the tag already exists?
  $query = '
 SELECT id
  FROM '.TAGS_TABLE.'
--- a/admin/include/functions_metadata.php
+++ b/admin/include/functions_metadata.php
@ -53,6 +53,16 @@ function get_sync_iptc_data($file)
    // official keywords separator is the comma
    $iptc['keywords'] = preg_replace('/[.;]/', ',', $iptc['keywords']);
    $iptc['keywords'] = preg_replace('/^,+|,+$/', '', $iptc['keywords']);
+
+    $iptc['keywords'] = implode(
+      ',',
+      array_unique(
+        explode(
+          ',',
+          $iptc['keywords']
+          )
+        )
+      );
  }

  return $iptc;
--- a/admin/include/functions_notification_by_mail.inc.php
+++ b/admin/include/functions_notification_by_mail.inc.php
@ -27,7 +27,22 @@
 // +-----------------------------------------------------------------------+

 /* nbm_global_var */
-$env_nbm = array();
+$env_nbm = array
+          (
+            'start_time' => get_moment(),
+            'sendmail_timeout' => (intval(ini_get('max_execution_time')) * $conf['nbm_max_treatment_timeout_percent']),
+            'is_sendmail_timeout' => false
+          );
+
+if
+  (
+    (!isset($env_nbm['sendmail_timeout'])) or
+    (!is_numeric($env_nbm['sendmail_timeout'])) or
+    ($env_nbm['sendmail_timeout'] <= 0)
+  )
+{
+  $env_nbm['sendmail_timeout'] = $conf['nbm_treatment_timeout_default'];
+}

 /*
 * Search an available check_key
@ -57,6 +72,20 @@ where
  }
 }

+/*
+ * Check sendmail timeout state
+ *
+ * @return true, if it's timeout
+ */
+function check_sendmail_timeout()
+{
+  global $env_nbm;
+
+  $env_nbm['is_sendmail_timeout'] = ((get_moment() - $env_nbm['start_time']) > $env_nbm['sendmail_timeout']);
+
+  return $env_nbm['is_sendmail_timeout'];
+}
+

 /*
 * Add quote to all elements of check_key_list
@ -318,12 +347,13 @@ function get_mail_content_subscribe_unsubcribe($nbm_user)
 * is_subscribe define if action=subscribe or unsubscribe
 * check_key list where action will be done
 *
- * @return updated data count
+ * @return check_key list treated
 */
 function do_subscribe_unsubcribe_notification_by_mail($is_admin_request, $is_subscribe = false, $check_key_list = array())
 {
  global $conf, $page, $env_nbm, $conf;

+  $check_key_treated = array();
  $updated_data_count = 0;
  $error_on_updated_data_count = 0;

@ -344,18 +374,24 @@ function do_subscribe_unsubcribe_notification_by_mail($is_admin_request, $is_sub
    $enabled_value = boolean_to_string($is_subscribe);
    $data_users = get_user_notifications('subscribe', $check_key_list, !$is_subscribe);

+    // Prepare message after change language
+    $msg_break_timeout = l10n('nbm_break_timeout_send_mail');
+
    // Begin nbm users environment
    begin_users_env_nbm(true);

    foreach ($data_users as $nbm_user)
    {
-      if (($env_nbm['error_on_mail_count'] + $env_nbm['sent_mail_count']) >= $conf['nbm_max_mails_send'])
+      if (check_sendmail_timeout())
      {
        // Stop fill list on 'send', if the quota is override
-        array_push($page['errors'], sprintf(l10n('nbm_nbm_break_send_mail'), $conf['nbm_max_mails_send']));
+        array_push($page['errors'], $msg_break_timeout);
        break;
      }

+      // Fill return list
+      array_push($check_key_treated, $nbm_user['check_key']);
+
      $do_update = true;
      if ($nbm_user['mail_address'] != '')
      {
@ -436,7 +472,7 @@ function do_subscribe_unsubcribe_notification_by_mail($is_admin_request, $is_sub
    array_push($page['errors'], sprintf(l10n('nbm_user_change_enabled_error_on_updated_data_count'), $error_on_updated_data_count));
  }

-  return $updated_data_count;
+  return $check_key_treated;
 }

 /*
@ -444,7 +480,7 @@ function do_subscribe_unsubcribe_notification_by_mail($is_admin_request, $is_sub
 *
 * check_key list where action will be done
 *
- * @return updated data count
+ * @return check_key list treated
 */
 function unsubcribe_notification_by_mail($is_admin_request, $check_key_list = array())
 {
@ -456,7 +492,7 @@ function unsubcribe_notification_by_mail($is_admin_request, $check_key_list = ar
 *
 * check_key list where action will be done
 *
- * @return updated data count
+ * @return check_key list treated
 */
 function subcribe_notification_by_mail($is_admin_request, $check_key_list = array())
 {
--- a/admin/include/index.htm
+++ b/admin/include/index.htm
@ -1,8 +0,0 @@
-<html>
-    <head>
-        <title>PhpWebGallery</title>
-    </head>
-    <body>
-        No access authorized
-    </body>
-</html>
--- a/admin/include/index.php
+++ b/admin/include/index.php
@ -0,0 +1,35 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery                           |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | branch        : BSF (Best So Far)
+// | file          : $RCSfile$
+// | last update   : $Date$
+// | last modifier : $Author$
+// | revision      : $Revision$
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+// recursive call of index.php
+
+$url = '../index.php';
+header( 'Request-URI: '.$url );
+header( 'Content-Location: '.$url );
+header( 'Location: '.$url );
+exit();
+?>
--- a/admin/index.htm
+++ b/admin/index.htm
@ -1,8 +0,0 @@
-<html>
-    <head>
-        <title>PhpWebGallery</title>
-    </head>
-    <body>
-        No access authorized
-    </body>
-</html>
--- a/admin/index.php
+++ b/admin/index.php
@ -0,0 +1,35 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery                           |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | branch        : BSF (Best So Far)
+// | file          : $RCSfile$
+// | last update   : $Date$
+// | last modifier : $Author$
+// | revision      : $Revision$
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+// recursive call of index.php
+
+$url = '../index.php';
+header( 'Request-URI: '.$url );
+header( 'Content-Location: '.$url );
+header( 'Location: '.$url );
+exit();
+?>
--- a/admin/intro.php
+++ b/admin/intro.php
@ -82,7 +82,9 @@ if (isset($_GET['action']) and 'check_upgrade' == $_GET['action'])
        l10n('Check for upgrade failed for unknown reasons.')
        );
    }
-    else if ('%PWGVERSION%' == $versions{'current'})
+    // concatenation needed to avoid automatic transformation by release
+    // script generator
+    else if ('%'.'PWGVERSION'.'%' == $versions{'current'})
    {
      array_push(
        $page['infos'],
--- a/admin/maintenance.php
+++ b/admin/maintenance.php
@ -110,7 +110,7 @@ $template->assign_vars(
    'U_MAINT_SESSIONS' => $start_url.'sessions',
    'U_MAINT_FEEDS' => $start_url.'feeds',
    'U_MAINT_DATABASE' => $start_url.'database',
-    'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=maintenance',
+    'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=maintenance',
    )
  );

--- a/admin/notification_by_mail.php
+++ b/admin/notification_by_mail.php
@ -46,10 +46,50 @@ include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
 // +-----------------------------------------------------------------------+
 check_status(ACCESS_ADMINISTRATOR);

+// +-----------------------------------------------------------------------+
+// | Initialization                                                        |
+// +-----------------------------------------------------------------------+
+$base_url = get_root_url().'admin.php';
+$must_repost = false;
+
 // +-----------------------------------------------------------------------+
 // | functions                                                             |
 // +-----------------------------------------------------------------------+

+/*
+ * Do timeout treatment in order to finish to send mails
+ *
+ * @param $post_keyname: key of check_key post array
+ * @param check_key_treated: array of check_key treated
+ * @return none
+ */
+function do_timeout_treatment($post_keyname, $check_key_treated = array())
+{
+  global $env_nbm, $base_url, $page, $must_repost;
+
+  if ($env_nbm['is_sendmail_timeout'])
+  {
+    if (isset($_POST[$post_keyname]))
+    {
+      $post_count = count($_POST[$post_keyname]);
+      $treated_count = count($check_key_treated);
+      if ($treated_count != 0)
+      {
+        $time_refresh = ceil((get_moment() - $env_nbm['start_time']) * $post_count / $treated_count);
+      }
+      else
+      {
+        $time_refresh = 0;
+      }
+      $_POST[$post_keyname] = array_diff($_POST[$post_keyname], $check_key_treated);
+
+      $must_repost = true;
+      array_push($page['errors'], sprintf(l10n('nbm_background_treatment_redirect'), $time_refresh));
+    }
+  }
+
+}
+
 /*
 * Get the authorized_status for each tab
 * return corresponding status
@ -78,7 +118,7 @@ function get_tab_status($mode)
 */
 function insert_new_data_user_mail_notification()
 {
-  global $conf, $page;
+  global $conf, $page, $env_nbm;

  // Set null mail_address empty
  $query = '
@ -131,24 +171,46 @@ order by
        )
      );

-      array_push($page['infos'], sprintf(l10n('nbm_user_x_added'), $nbm_user['username'], $nbm_user['mail_address']));
+      array_push
+      (
+        $page['infos'], 
+        sprintf(
+          l10n('nbm_user_x_added'), 
+          $nbm_user['username'], 
+          get_email_address_as_display_text($nbm_user['mail_address'])
+        )
+      );
    }

    // Insert new nbm_users
    mass_inserts(USER_MAIL_NOTIFICATION_TABLE, array('user_id', 'check_key', 'enabled'), $inserts);
    // Update field enabled with specific function
-    do_subscribe_unsubcribe_notification_by_mail
+    $check_key_treated = do_subscribe_unsubcribe_notification_by_mail
    (
      true,
      $conf['nbm_default_value_user_enabled'],
      $check_key_list
    );
+
+     // On timeout simulate like tabsheet send
+    if ($env_nbm['is_sendmail_timeout'])
+    {
+      $quoted_check_key_list = quote_check_key_list(array_diff($check_key_list, $check_key_treated));
+      if (count($quoted_check_key_list) != 0 )
+      {
+        $query = 'delete from '.USER_MAIL_NOTIFICATION_TABLE.' where check_key in ('.implode(",", $quoted_check_key_list).');';
+        $result = pwg_query($query);
+
+        redirect($base_url.get_query_string_diff(array()), l10n('nbm_redirect_msg'));
+      }
+    }
  }
 }

 /*
 * Send mail for notification to all users
- * Return list of "treated/selected" users
+ * Return list of "selected" users for 'list_to_send'
+ * Return list of "treated" check_key for 'send'
 */
 function do_action_send_mail_notification($action = 'list_to_send', $check_key_list = array(), $customize_mail_content = '')
 {
@ -161,7 +223,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l

    $is_action_send = ($action == 'send');

-    if (isset($customize_mail_content))
+    if (!isset($customize_mail_content))
    {
      $customize_mail_content = $conf['nbm_complementary_mail_content'];
    }
@ -169,28 +231,41 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
    // disabled and null mail_address are not selected in the list
    $data_users = get_user_notifications('send', $check_key_list);

+    // List all if it's define on options or on timeout
+    $is_list_all_without_test = ($env_nbm['is_sendmail_timeout'] or $conf['nbm_list_all_enabled_users_to_send']);
+
    // Check if exist news to list user or send mails
-    if (($conf['nbm_list_all_enabled_users_to_send'] == false) or ($is_action_send))
+    if ((!$is_list_all_without_test) or ($is_action_send))
    {
      if (count($data_users) > 0)
      {
        $datas = array();

+        // Prepare message after change language
+        if ($is_action_send)
+        {
+          $msg_break_timeout = l10n('nbm_break_timeout_send_mail');
+        }
+        else
+        {
+          $msg_break_timeout = l10n('nbm_break_timeout_list_user');
+        }
+
        // Begin nbm users environment
        begin_users_env_nbm($is_action_send);

        foreach ($data_users as $nbm_user)
        {
-          if ((!$is_action_send) and (count($return_list) >= $conf['nbm_max_list_users_to_send']))
+          if ((!$is_action_send) and check_sendmail_timeout())
          {
            // Stop fill list on 'list_to_send', if the quota is override
-            array_push($page['infos'], sprintf(l10n('nbm_break_list_user'), $conf['nbm_max_list_users_to_send']));
+            array_push($page['infos'], $msg_break_timeout);
            break;
          }
-          if (($is_action_send) and (count($return_list) >= $conf['nbm_max_mails_send']))
+          if (($is_action_send) and check_sendmail_timeout())
          {
            // Stop fill list on 'send', if the quota is override
-            array_push($page['errors'], sprintf(l10n('nbm_nbm_break_send_mail'), $conf['nbm_max_mails_send']));
+            array_push($page['errors'], $msg_break_timeout);
            break;
          }

@ -199,6 +274,8 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l

          if ($is_action_send)
          {
+            // Fill return list of "treated" check_key for 'send'
+            array_push($return_list, $nbm_user['check_key']);
            $message = '';

            if ($conf['nbm_send_detailed_content'])
@ -213,8 +290,6 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l

            if ($exist_data)
            {
-              array_push($return_list, $nbm_user);
-
              $subject = '['.$conf['gallery_title'].']: '.l10n('nbm_object_news');
              $message .= sprintf(l10n('nbm_content_hello'), $nbm_user['username']).",\n\n";

@ -262,6 +337,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
          {
            if (news_exists($nbm_user['last_send'], $dbnow))
            {
+              // Fill return list of "selected" users for 'list_to_send'
              array_push($return_list, $nbm_user);
            }
          }
@ -295,9 +371,13 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
    else
    {
      // Quick List, don't check news
+      // Fill return list of "selected" users for 'list_to_send'
      $return_list = $data_users;
    }
  }
+
+  // Return list of "selected" users for 'list_to_send'
+  // Return list of "treated" check_key for 'send'
  return $return_list;
 }

@ -339,7 +419,7 @@ switch ($page['mode'])
    $result = pwg_query('select param, value from '.CONFIG_TABLE.' where param like \'nbm\\_%\'');
    while ($nbm_user = mysql_fetch_array($result))
    {
-      if (isset($_POST['param_submit']))
+      if (isset($_POST['param_submit']) and !is_adviser())
      {
        if (isset($_POST[$nbm_user['param']]))
        {
@ -361,7 +441,7 @@ where

      // if the parameter is present in $_POST array (if a form is submited), we
      // override it with the submited value
-      if (isset($_POST[$nbm_user['param']]))
+      if (isset($_POST[$nbm_user['param']]) and !is_adviser())
      {
        $conf[$nbm_user['param']] = stripslashes($_POST[$nbm_user['param']]);
      }
@ -381,23 +461,29 @@ where
  }
  case 'subscribe' :
  {
-    if (isset($_POST['falsify']) and isset($_POST['cat_true']))
+    if (!is_adviser())
    {
-      unsubcribe_notification_by_mail(true, $_POST['cat_true']);
-    }
-    else
-    if (isset($_POST['trueify']) and isset($_POST['cat_false']))
-    {
-      subcribe_notification_by_mail(true, $_POST['cat_false']);
+      if (isset($_POST['falsify']) and isset($_POST['cat_true']))
+      {
+        $check_key_treated = unsubcribe_notification_by_mail(true, $_POST['cat_true']);
+        do_timeout_treatment('cat_true', $check_key_treated);
+      }
+      else
+      if (isset($_POST['trueify']) and isset($_POST['cat_false']))
+      {
+        $check_key_treated = subcribe_notification_by_mail(true, $_POST['cat_false']);
+        do_timeout_treatment('cat_false', $check_key_treated);
+      }
    }
    break;
  }

  case 'send' :
  {
-    if (isset($_POST['send_submit']) and isset($_POST['send_selection']) and isset($_POST['send_customize_mail_content']))
+    if (isset($_POST['send_submit']) and isset($_POST['send_selection']) and isset($_POST['send_customize_mail_content']) and !is_adviser())
    {
-      do_action_send_mail_notification('send', $_POST['send_selection'], $_POST['send_customize_mail_content']);
+      $check_key_treated = do_action_send_mail_notification('send', $_POST['send_selection'], stripslashes($_POST['send_customize_mail_content']));
+      do_timeout_treatment('send_selection', $check_key_treated);
    }
  }
 }
@ -414,14 +500,12 @@ $template->set_filenames
  )
 );

-$base_url = get_root_url().'admin.php';
-
 $template->assign_vars
 (
  array
  (
    'U_TABSHEET_TITLE' => l10n('nbm_'.$page['mode'].'_mode'),
-    'U_HELP' => add_url_params(get_root_url().'/popuphelp.php', array('page' => 'notification_by_mail')),
+    'U_HELP' => add_url_params(get_root_url().'popuphelp.php', array('page' => 'notification_by_mail')),
    'F_ACTION'=> $base_url.get_query_string_diff(array())
  )
 );
@ -440,6 +524,33 @@ if (is_autorize_status(ACCESS_WEBMASTER))
  );
 }

+if ($must_repost)
+{
+  // Get name of submit button
+  $repost_submit_name = '';
+  if (isset($_POST['falsify']))
+  {
+    $repost_submit_name = 'falsify';
+  }
+  elseif (isset($_POST['trueify']))
+  {
+    $repost_submit_name = 'trueify';
+  }
+  elseif (isset($_POST['send_submit']))
+  {
+    $repost_submit_name = 'send_submit';
+  }
+
+  $template->assign_block_vars
+  (
+    'repost', 
+      array
+      (
+        'REPOST_SUBMIT_NAME' => $repost_submit_name
+      )
+    );
+}
+
 switch ($page['mode'])
 {
  case 'param' :
@ -479,7 +590,7 @@ switch ($page['mode'])
                                                                : (isset($_POST['trueify']) and isset($_POST['cat_false']) and in_array($nbm_user['check_key'], $_POST['cat_false']))
                            ) ? 'selected="selected"' : '',
              'VALUE' => $nbm_user['check_key'],
-              'OPTION' => $nbm_user['username'].'['.$nbm_user['mail_address'].']'
+              'OPTION' => $nbm_user['username'].'['.get_email_address_as_display_text($nbm_user['mail_address']).']'
          ));
    }

@ -501,10 +612,16 @@ switch ($page['mode'])
      $template->assign_block_vars(
        $page['mode'].'.send_data',
        array(
-          'CUSTOMIZE_MAIL_CONTENT' => isset($_POST['send_customize_mail_content']) ? $_POST['send_customize_mail_content'] : $conf['nbm_complementary_mail_content']
+          'CUSTOMIZE_MAIL_CONTENT' => isset($_POST['send_customize_mail_content']) ? stripslashes($_POST['send_customize_mail_content']) : $conf['nbm_complementary_mail_content']
          ));

      foreach ($data_users as $num => $nbm_user)
+      {
+        if (
+            (!$must_repost) or // Not timeout, normal treatment
+            (($must_repost) and in_array($nbm_user['check_key'], $_POST['send_selection']))  // Must be repost, show only user to send
+            )
+        {
          $template->assign_block_vars(
            $page['mode'].'.send_data.user_send_mail',
            array(
@ -512,12 +629,14 @@ switch ($page['mode'])
              'ID' => $nbm_user['check_key'],
              'CHECKED' =>  ( // not check if not selected,  on init select<all
                              isset($_POST['send_selection']) and // not init
-                              !in_array($nbm_user['check_key'],  $_POST['send_selection']) // not selected
+                              !in_array($nbm_user['check_key'], $_POST['send_selection']) // not selected
                            )   ? '' : 'checked="checked"',
              'USERNAME'=> $nbm_user['username'],
-              'EMAIL' => $nbm_user['mail_address'],
+              'EMAIL' => get_email_address_as_display_text($nbm_user['mail_address']),
              'LAST_SEND'=> $nbm_user['last_send']
              ));
+        }
+      }
    }

    break;
--- a/admin/picture_modify.php
+++ b/admin/picture_modify.php
@ -70,7 +70,7 @@ if (isset($_POST['date_creation_action'])
  }
 }

-if (isset($_POST['submit']) and count($page['errors']) == 0)
+if (isset($_POST['submit']) and count($page['errors']) == 0 and !is_adviser())
 {
  $data = array();
  $data{'id'} = $_GET['image_id'];
@ -119,7 +119,9 @@ if (isset($_POST['submit']) and count($page['errors']) == 0)
 // associate the element to other categories than its storage category
 if (isset($_POST['associate'])
    and isset($_POST['cat_dissociated'])
-    and count($_POST['cat_dissociated']) > 0)
+    and count($_POST['cat_dissociated']) > 0
+    and !is_adviser()
+  )
 {
  associate_images_to_categories(
    array($_GET['image_id']),
@ -129,7 +131,9 @@ if (isset($_POST['associate'])
 // dissociate the element from categories (but not from its storage category)
 if (isset($_POST['dissociate'])
    and isset($_POST['cat_associated'])
-    and count($_POST['cat_associated']) > 0)
+    and count($_POST['cat_associated']) > 0
+    and !is_adviser()
+  )
 {
  $query = '
 DELETE FROM '.IMAGE_CATEGORY_TABLE.'
@ -143,7 +147,9 @@ DELETE FROM '.IMAGE_CATEGORY_TABLE.'
 // elect the element to represent the given categories
 if (isset($_POST['elect'])
    and isset($_POST['cat_dismissed'])
-    and count($_POST['cat_dismissed']) > 0)
+    and count($_POST['cat_dismissed']) > 0
+    and !is_adviser()
+  )
 {
  $datas = array();
  foreach ($_POST['cat_dismissed'] as $category_id)
@ -159,7 +165,9 @@ if (isset($_POST['elect'])
 // dismiss the element as representant of the given categories
 if (isset($_POST['dismiss'])
    and isset($_POST['cat_elected'])
-    and count($_POST['cat_elected']) > 0)
+    and count($_POST['cat_elected']) > 0
+    and !is_adviser()
+  )
 {
  set_random_representant($_POST['cat_elected']);
 }
@ -198,6 +206,24 @@ $template->set_filenames(
    )
  );

+$all_tags = get_all_tags();
+
+if (count($all_tags) > 0)
+{
+  $tag_selection = get_html_tag_selection(
+    get_all_tags(),
+    'tags',
+    $selected_tags
+    );
+}
+else
+{
+  $tag_selection =
+    '<p>'.
+    l10n('No tag defined. Use Administration>Pictures>Tags').
+    '</p>';
+}
+  
 $template->assign_vars(
  array(
    'U_SYNC' =>
@ -225,11 +251,7 @@ $template->assign_vars(

    'CREATION_DATE' => $date,

-    'TAG_SELECTION' => get_html_tag_selection(
-      get_all_tags(),
-      'tags',
-      $selected_tags
-      ),
+    'TAG_SELECTION' => $tag_selection,

    'DESCRIPTION' =>
      isset($_POST['description']) ?
@ -322,7 +344,7 @@ $authorizeds = array_diff(
 if (isset($_GET['cat_id'])
    and in_array($_GET['cat_id'], $authorizeds))
 {
-  $url_img = make_picture_URL(
+  $url_img = make_picture_url(
    array(
      'image_id' => $_GET['image_id'],
      'image_file' => $image_file,
@ -334,7 +356,7 @@ else
 {
  foreach ($authorizeds as $category)
  {
-    $url_img = make_picture_URL(
+    $url_img = make_picture_url(
      array(
        'image_id' => $_GET['image_id'],
        'image_file' => $image_file,
--- a/admin/rating.php
+++ b/admin/rating.php
@ -61,35 +61,20 @@ if (isset($_GET['order_by']) and is_numeric($_GET['order_by']))
  $order_by_index = $_GET['order_by'];
 }

-$display_filter= '';
-if (isset($_GET['display_filter']))
+$page['user_filter'] = '';
+if (isset($_GET['users']))
 {
-  if ( $_GET['display_filter']=='user' )
+  if ($_GET['users'] == 'user')
  {
-    $display_filter= ' AND r.user_id <> ' . $conf['guest_id'];
-    $template->assign_vars( array(
-        'DISPLAY_FILTER_USER_CHECKED'=>'checked="checked"'
-        )
-    );
+    $page['user_filter'] = ' AND r.user_id <> '.$conf['guest_id'];
  }
-  elseif ( $_GET['display_filter']=='guest' )
+  elseif ($_GET['users'] == 'guest')
  {
-    $display_filter= ' AND r.user_id =' . $conf['guest_id'];
-    $template->assign_vars( array(
-        'DISPLAY_FILTER_GUEST_CHECKED'=>'checked="checked"'
-        )
-     );
+    $page['user_filter'] = ' AND r.user_id = '.$conf['guest_id'];
  }
 }
-if ($display_filter=='')
-{
-    $template->assign_vars( array(
-        'DISPLAY_FILTER_ALL_CHECKED'=>'checked="checked"'
-        )
-     );
-}

-if (isset($_GET['del']))
+if (isset($_GET['del']) and !is_adviser())
 {
  $del_params = urldecode( $_GET['del'] );
  parse_str($del_params, $vars);
@ -121,7 +106,7 @@ while ($row = mysql_fetch_array($result))

 $query = 'SELECT COUNT(DISTINCT(i.id))
 FROM '.RATE_TABLE.' AS r, '.IMAGES_TABLE.' AS i
-WHERE r.element_id=i.id'. $display_filter .
+WHERE r.element_id=i.id'. $page['user_filter'] .
 ';';
 list($nb_images) = mysql_fetch_row(pwg_query($query));

@ -176,6 +161,36 @@ for ($i=0; $i<count($available_order_by); $i++)
    );
 }

+$user_options = array(
+  array(
+    'value' => 'all',
+    'content' => l10n('all'),
+    ),
+  array(
+    'value' => 'user',
+    'content' => l10n('Users'),
+    ),
+  array(
+    'value' => 'guest',
+    'content' => l10n('Guests'),
+    ),
+  );
+
+foreach ($user_options as $user_option)
+{
+  $template->assign_block_vars(
+    'user_option',
+    array(
+      'VALUE' => $user_option['value'],
+      'CONTENT' => $user_option['content'],
+      'SELECTED' =>
+        (isset($_GET['users']) and $_GET['users'] == $user_option['value'])
+        ? 'selected="selected"'
+        : '',
+      )
+    );
+}
+
 $query = '
 SELECT i.id,
       i.path,
@ -189,7 +204,7 @@ SELECT i.id,
       ROUND(STD(r.rate),2) AS std_rates
  FROM '.RATE_TABLE.' AS r
    LEFT JOIN '.IMAGES_TABLE.' AS i ON r.element_id = i.id
-  WHERE 1 = 1 ' . $display_filter . '
+  WHERE 1 = 1 ' . $page['user_filter'] . '
  GROUP BY r.element_id
  ORDER BY ' . $available_order_by[$order_by_index][1] .'
  LIMIT '.$start.','.$elements_per_page.'
@ -206,13 +221,15 @@ foreach ($images as $image)
 {
  $thumbnail_src = get_thumbnail_src($image['path'], $image['tn_ext']);

-  $image_url = make_picture_url(
+/*  $image_url = make_picture_url(
      array(
        'category' => $image['storage_category_id'],
        'image_id' => $image['id'],
        'image_file' => $image['file'],
      )
-    );
+    );*/
+  $image_url = PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
+            '&amp;image_id='.$image['id'];

  $query = 'SELECT *
 FROM '.RATE_TABLE.' AS r
--- a/admin/site_manager.php
+++ b/admin/site_manager.php
@ -162,7 +162,7 @@ if (isset($_GET['site']) and is_numeric($_GET['site']))
 {
  $page['site'] = $_GET['site'];
 }
-if (isset($_GET['action']) and isset($page['site']) )
+if (isset($_GET['action']) and isset($page['site']) and !is_adviser())
 {
  $query = '
 SELECT galleries_url
@ -204,7 +204,7 @@ SELECT galleries_url
 }

 $template->assign_vars( array(
-  'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=remote_site',
+  'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=remote_site',
  'F_ACTION' => PHPWG_ROOT_PATH.'admin.php'
                .get_query_string_diff( array('action','site') )
  ) );
--- a/admin/site_reader_local.php
+++ b/admin/site_reader_local.php
@ -44,7 +44,7 @@ function LocalSiteReader($url)
 function open()
 {
  global $errors;
-  
+
  if (!is_dir($this->site_url))
  {
    array_push(
@ -54,10 +54,10 @@ function open()
        'type' => 'PWG-ERROR-NO-FS'
        )
      );
-    
+
    return false;
  }
-  
+
  return true;
 }

@ -77,10 +77,6 @@ function get_full_directories($basedir)
 function get_elements($path)
 {
  global $conf;
-  if (!isset($conf['flip_picture_ext']))
-  {
-    $conf['flip_picture_ext'] = array_flip($conf['picture_ext']);
-  }
  if (!isset($conf['flip_file_ext']))
  {
    $conf['flip_file_ext'] = array_flip($conf['file_ext']);
@ -97,26 +93,13 @@ function get_elements($path)
        $extension = get_extension($node);
        $filename_wo_ext = get_filename_wo_extension($node);

-        // searching the thumbnail
-        $tn_ext = $this->get_tn_ext($path, $filename_wo_ext);
-
-        if (isset($conf['flip_picture_ext'][$extension]))
+        if ( isset($conf['flip_file_ext'][$extension]) )
        {
+          $tn_ext = $this->get_tn_ext($path, $filename_wo_ext);
          $fs[ $path.'/'.$node ] = array(
            'tn_ext' => $tn_ext,
-            'has_high' => $this->get_has_high($path, $node)
            );
        }
-        else if (isset($conf['flip_file_ext'][$extension]))
-        { // file not a picture
-          $representative_ext = $this->get_representative_ext($path, $filename_wo_ext);
-
-          $fs[ $path.'/'.$node ] = array(
-            'tn_ext' => $tn_ext,
-            'representative_ext' => $representative_ext
-            );
-        }
-
      }
      elseif (is_dir($path.'/'.$node)
               and $node != '.'
@ -140,15 +123,42 @@ function get_elements($path)
 }

 // returns the name of the attributes that are supported for
-// update/synchronization according to configuration
+// files update/synchronization
 function get_update_attributes()
+{
+  return array('tn_ext', 'has_high', 'representative_ext');
+}
+
+function get_element_update_attributes($file)
 {
  global $conf;
-  
-  $update_fields = array(
-    'has_high', 'representative_ext', 'filesize', 'width', 'height'
-    );
-  
+  $data = array();
+
+  $filename = basename($file);
+  $dirname = dirname($file);
+  $filename_wo_ext = get_filename_wo_extension($filename);
+  $extension = get_extension($filename);
+
+  $data['tn_ext'] = $this->get_tn_ext($dirname, $filename_wo_ext);
+  $data['has_high'] = $this->get_has_high($dirname, $filename);
+
+  if ( !isset($conf['flip_picture_ext'][$extension]) )
+  {
+    $data['representative_ext'] = $this->get_representative_ext(
+        $dirname, $filename_wo_ext
+      );
+  }
+  return $data;
+}
+
+// returns the name of the attributes that are supported for
+// metadata update/synchronization according to configuration
+function get_metadata_attributes()
+{
+  global $conf;
+
+  $update_fields = array('filesize', 'width', 'height');
+
  if ($conf['use_exif'])
  {
    $update_fields =
@ -166,12 +176,12 @@ function get_update_attributes()
        array_keys($conf['use_iptc_mapping'])
        );
  }
-  
+
  return $update_fields;
 }

 // returns a hash of attributes (metadata+filesize+width,...) for file
-function get_element_update_attributes($file)
+function get_element_metadata($file)
 {
  global $conf;
  if (!is_file($file))
@ -181,16 +191,8 @@ function get_element_update_attributes($file)

  $data = array();

-  $filename = basename($file);
-  
-  $data['has_high'] = $this->get_has_high(dirname($file), $filename);
-  
-  $data['representative_ext'] = $this->get_representative_ext(
-    dirname($file),
-    get_filename_wo_extension($filename)
-    );
-
  $data['filesize'] = floor(filesize($file)/1024);
+
  if ($image_size = @getimagesize($file))
  {
    $data['width'] = $image_size[0];
@ -221,7 +223,7 @@ function get_element_update_attributes($file)
      }
    }
  }
-  
+
  return $data;
 }

@ -245,10 +247,10 @@ function get_representative_ext($path, $filename_wo_ext)
 function get_tn_ext($path, $filename_wo_ext)
 {
  global $conf;
-  
+
  $base_test =
    $path.'/thumbnail/'.$conf['prefix_thumbnail'].$filename_wo_ext.'.';
-  
+
  foreach ($conf['picture_ext'] as $ext)
  {
    $test = $base_test.$ext;
@ -257,7 +259,7 @@ function get_tn_ext($path, $filename_wo_ext)
      return $ext;
    }
  }
-  
+
  return null;
 }

@ -267,7 +269,7 @@ function get_has_high($path, $filename)
  {
    return 'true';
  }
-  
+
  return null;
 }

--- a/admin/site_reader_remote.php
+++ b/admin/site_reader_remote.php
@ -35,16 +35,19 @@ var $listing_url;
 var $site_dirs;
 var $site_files;
 var $insert_attributes;
-var $update_attributes;
+var $metadata_attributes;

 function RemoteSiteReader($url, $listing_url)
 {
  $this->site_url = $url;
  $this->insert_attributes = array(
-    'tn_ext', 'representative_ext', 'has_high'
+    'tn_ext',
    );
  $this->update_attributes = array(
-    'representative_ext', 'has_high', 'filesize', 'width', 'height'
+    'tn_ext', 'representative_ext', 'has_high',
+    );
+  $this->metadata_attributes = array(
+    'filesize', 'width', 'height'
    );

  if (!isset($listing_url))
@ -85,8 +88,8 @@ function open()
      return false;
    }

-    $this->update_attributes = array_merge(
-      $this->update_attributes,
+    $this->metadata_attributes = array_merge(
+      $this->metadata_attributes,
      explode(',', getAttribute($info_xml_element, 'metadata'))
      );

@ -154,13 +157,12 @@ function get_elements($path)
 }

 // returns the name of the attributes that are supported for
-// update/synchronization according to listing.xml
+// files update/synchronization
 function get_update_attributes()
 {
  return $this->update_attributes;
 }

-// returns a hash of attributes (metadata+filesize+width,...) for file
 function get_element_update_attributes($file)
 {
  return $this->get_element_attributes(
@ -169,6 +171,22 @@ function get_element_update_attributes($file)
    );
 }

+// returns the name of the attributes that are supported for
+// metadata update/synchronization according to listing.xml
+function get_metadata_attributes()
+{
+  return $this->metadata_attributes;
+}
+
+// returns a hash of attributes (metadata+width,...) for file
+function get_element_metadata($file)
+{
+  return $this->get_element_attributes(
+    $file,
+    $this->metadata_attributes
+    );
+}
+
 //-------------------------------------------------- private functions --------
 /**
 * Returns a hash of image/file attributes
--- a/admin/site_update.php
+++ b/admin/site_update.php
@ -103,12 +103,17 @@ else
 $general_failure = true;
 if (isset($_POST['submit']))
 {
+  if (!isset($conf['flip_picture_ext']))
+  {
+    $conf['flip_picture_ext'] = array_flip($conf['picture_ext']);
+  }
  if ($site_reader->open())
  {
    $general_failure = false;
  }
+
  // shall we simulate only
-  if (isset($_POST['simulate']) and $_POST['simulate'] == 1)
+  if ((isset($_POST['simulate']) and $_POST['simulate'] == 1) or is_adviser())
  {
    $simulate = true;
  }
@ -129,6 +134,7 @@ if (isset($_POST['submit'])
  $counts['del_categories'] = 0;
  $counts['del_elements'] = 0;
  $counts['new_elements'] = 0;
+  $counts['upd_elements'] = 0;

  $start = get_moment();
  // which categories to update ?
@ -242,12 +248,13 @@ SELECT IF(MAX(id)+1 IS NULL, 1, MAX(id)+1) AS next_id
        'dir'         => $dir,
        'name'        => str_replace('_', ' ', $dir),
        'site_id'     => $site_id,
-        'commentable' => $conf['newcat_default_commentable'],
+        'commentable' =>
+          boolean_to_string($conf['newcat_default_commentable']),
        'uploadable'  => $site_is_remote
-          ? false
-          : $conf['newcat_default_uploadable'],
+          ? 'false'
+          : boolean_to_string($conf['newcat_default_uploadable']),
        'status'      => $conf{'newcat_default_status'},
-        'visible'     => $conf{'newcat_default_visible'},
+        'visible'     => boolean_to_string($conf{'newcat_default_visible'}),
        );

      if (isset($db_fulldirs[dirname($fulldir)]))
@ -441,7 +448,7 @@ SELECT IF(MAX(id)+1 IS NULL, 1, MAX(id)+1) AS next_element_id
    // 2 cases : the element is a picture or not. Indeed, for a picture
    // thumbnail is mandatory and for non picture element, thumbnail and
    // representative are optionnal
-    if (in_array(get_extension($filename), $conf['picture_ext']))
+    if ( isset( $conf['flip_picture_ext'][get_extension($filename)] ) )
    {
      // if we found a thumnbnail corresponding to our picture...
      if (isset($fs[$path]['tn_ext']))
@ -451,9 +458,6 @@ SELECT IF(MAX(id)+1 IS NULL, 1, MAX(id)+1) AS next_element_id
          'file'           => $filename,
          'date_available' => CURRENT_DATE,
          'tn_ext'         => $fs[$path]['tn_ext'],
-          'has_high'       => isset($fs[$path]['has_high'])
-            ? $fs[$path]['has_high']
-            : null,
          'path'           => $path,
          'storage_category_id' => $db_fulldirs[$dirname],
          );
@ -496,15 +500,9 @@ SELECT IF(MAX(id)+1 IS NULL, 1, MAX(id)+1) AS next_element_id
        'file'           => $filename,
        'date_available' => CURRENT_DATE,
        'path'           => $path,
-        'has_high'       => isset($fs[$path]['has_high'])
-          ? $fs[$path]['has_high']
-          : null,
        'tn_ext'         => isset($fs[$path]['tn_ext'])
          ? $fs[$path]['tn_ext']
          : null,
-        'representative_ext' => isset($fs[$path]['representative_ext'])
-          ? $fs[$path]['representative_ext']
-          : null,
        'storage_category_id' => $db_fulldirs[$dirname],
        );

@ -634,18 +632,9 @@ DELETE
 // |                          synchronize files                            |
 // +-----------------------------------------------------------------------+
 if (isset($_POST['submit'])
-    and ($_POST['sync'] == 'dirs' or $_POST['sync'] == 'files'))
+    and ($_POST['sync'] == 'dirs' or $_POST['sync'] == 'files')
+    and !$general_failure )
 {
-  $template->assign_block_vars(
-    'update_result',
-    array(
-      'NB_NEW_CATEGORIES'=>$counts['new_categories'],
-      'NB_DEL_CATEGORIES'=>$counts['del_categories'],
-      'NB_NEW_ELEMENTS'=>$counts['new_elements'],
-      'NB_DEL_ELEMENTS'=>$counts['del_elements'],
-      'NB_ERRORS'=>count($errors),
-      ));
-
  if (!$simulate)
  {
    $start = get_moment();
@ -660,6 +649,91 @@ if (isset($_POST['submit'])
    echo get_elapsed_time($start, get_moment());
    echo ' -->'."\n";
  }
+
+  if ($_POST['sync'] == 'files')
+  {
+    $start = get_moment();
+    $opts['category_id'] = '';
+    $opts['recursive'] = true;
+    if (isset($_POST['cat']))
+    {
+      $opts['category_id'] = $_POST['cat'];
+      if (!isset($_POST['subcats-included']) or $_POST['subcats-included'] != 1)
+      {
+        $opts['recursive'] = false;
+      }
+    }
+    $files = get_filelist($opts['category_id'], $site_id,
+                          $opts['recursive'],
+                          false);
+    echo '<!-- get_filelist : ';
+    echo get_elapsed_time($start, get_moment());
+    echo ' -->'."\n";
+    $start = get_moment();
+
+    $datas = array();
+    foreach ( $files as $id=>$file )
+    {
+      $data = $site_reader->get_element_update_attributes($file);
+      if ( !is_array($data) )
+      {
+        continue;
+      }
+      $extension = get_extension($file);
+      if ( isset($conf['flip_picture_ext'][$extension]) )
+      {
+        if ( !isset($data['tn_ext']) )
+        {
+          array_push(
+            $errors,
+            array(
+              'path' => $file,
+              'type' => 'PWG-UPDATE-2'
+              )
+            );
+          continue;
+        }
+      }
+
+      $data['id']=$id;
+      array_push($datas, $data);
+    } // end foreach file
+
+    $counts['upd_elements'] = count($datas);
+    if (!$simulate and count($datas)>0 )
+    {
+      mass_updates(
+        IMAGES_TABLE,
+        // fields
+        array(
+          'primary' => array('id'),
+          'update'  => $site_reader->get_update_attributes(),
+          ),
+        $datas
+        );
+    }
+    echo '<!-- update files : ';
+    echo get_elapsed_time($start,get_moment());
+    echo ' -->'."\n";
+  }// end if sync files
+}
+
+// +-----------------------------------------------------------------------+
+// |                          synchronize files                            |
+// +-----------------------------------------------------------------------+
+if (isset($_POST['submit'])
+    and ($_POST['sync'] == 'dirs' or $_POST['sync'] == 'files'))
+{
+  $template->assign_block_vars(
+    'update_result',
+    array(
+      'NB_NEW_CATEGORIES'=>$counts['new_categories'],
+      'NB_DEL_CATEGORIES'=>$counts['del_categories'],
+      'NB_NEW_ELEMENTS'=>$counts['new_elements'],
+      'NB_DEL_ELEMENTS'=>$counts['del_elements'],
+      'NB_UPD_ELEMENTS'=>$counts['upd_elements'],
+      'NB_ERRORS'=>count($errors),
+      ));
 }

 // +-----------------------------------------------------------------------+
@ -703,7 +777,7 @@ if (isset($_POST['submit']) and preg_match('/^metadata/', $_POST['sync'])
  $tags_of = array();
  foreach ( $files as $id=>$file )
  {
-    $data = $site_reader->get_element_update_attributes($file);
+    $data = $site_reader->get_element_metadata($file);
    if ( is_array($data) )
    {
      $data['date_metadata_update'] = CURRENT_DATE;
@ -718,7 +792,7 @@ if (isset($_POST['submit']) and preg_match('/^metadata/', $_POST['sync'])
          {
            $tags_of[$id] = array();
          }
-        
+
          foreach (explode(',', $data[$key]) as $tag_name)
          {
            array_push(
@ -747,7 +821,7 @@ if (isset($_POST['submit']) and preg_match('/^metadata/', $_POST['sync'])
          'update'  => array_unique(
            array_merge(
              array_diff(
-                $site_reader->get_update_attributes(),
+                $site_reader->get_metadata_attributes(),
                // keywords and tags fields are managed separately
                array('keywords', 'tags')
                ),
@ -785,7 +859,7 @@ if (isset($simulate) and $simulate)

 // used_metadata string is displayed to inform admin which metadata will be
 // used from files for synchronization
-$used_metadata = implode( ', ', $site_reader->get_update_attributes());
+$used_metadata = implode( ', ', $site_reader->get_metadata_attributes());
 if ($site_is_remote and !isset($_POST['submit']) )
 {
  $used_metadata.= ' + ...';
@ -802,7 +876,7 @@ $template->assign_vars(

 $template->assign_vars(
  array(
-    'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=synchronize'
+    'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=synchronize'
    )
  );
 // +-----------------------------------------------------------------------+
--- a/admin/stats.php
+++ b/admin/stats.php
@ -44,14 +44,14 @@ $where_clause = "1";

 if (isset($_GET['day']) && isset($_GET['month']) && isset($_GET['year']) )
 {
-  $url_img .= 'daily_stats.img.php?year='.$_GET['year'].'&month='.$_GET['month'].'&day='.$_GET['day'];
+  $url_img .= 'daily_stats.img.php?year='.$_GET['year'].'&amp;month='.$_GET['month'].'&amp;day='.$_GET['day'];
  $nls_value_title = $lang['w_day'];
  $group_clause = "DATE_FORMAT(date,'%Y-%m-%d') ASC";
  $where_clause = "(YEAR(date) = ".$_GET['year']." AND MONTH(date) = ".$_GET['month']." )";
 }
 elseif (isset($_GET['month']) && isset($_GET['year']) )
 {
-  $url_img .= 'monthly_stats.img.php?year='.$_GET['year'].'&month='.$_GET['month'];
+  $url_img .= 'monthly_stats.img.php?year='.$_GET['year'].'&amp;month='.$_GET['month'];
  $nls_value_title = $lang['w_day'];
  $group_clause = "DATE_FORMAT(date,'%Y-%m-%d') ASC";
  $where_clause = "(YEAR(date) = ".$_GET['year']." AND MONTH(date) = ".$_GET['month']." )";
--- a/admin/tags.php
+++ b/admin/tags.php
@ -37,7 +37,7 @@ check_status(ACCESS_ADMINISTRATOR);
 // |                                edit tags                              |
 // +-----------------------------------------------------------------------+

-if (isset($_POST['submit']))
+if (isset($_POST['submit']) and !is_adviser())
 {
  $query = '
 SELECT name
@ -78,7 +78,7 @@ SELECT id, name
        array_push(
          $page['errors'],
          sprintf(
-            l10n('Tag "%s" already exist'),
+            l10n('Tag "%s" already exists'),
            $tag_name
            )
          );
@ -110,7 +110,7 @@ SELECT id, name
 // |                               delete tags                             |
 // +-----------------------------------------------------------------------+

-if (isset($_POST['delete']) and isset($_POST['tags']))
+if (isset($_POST['delete']) and isset($_POST['tags']) and !is_adviser())
 {
  $query = '
 SELECT name
@ -147,22 +147,15 @@ DELETE
 // |                               add a tag                               |
 // +-----------------------------------------------------------------------+

-if (isset($_POST['add_tag']) and !empty($_POST['add_tag']))
+if (isset($_POST['add']) and !empty($_POST['add_tag']) and !is_adviser())
 {
-  if (function_exists('mysql_real_escape_string'))
-  {
-    $tag_name = mysql_real_escape_string($_POST['add_tag']);
-  }
-  else
-  {
-    $tag_name = mysql_escape_string($_POST['add_tag']);
-  }
+  $tag_name = $_POST['add_tag'];

-  // does the tag already exist?
+  // does the tag already exists?
  $query = '
 SELECT id
  FROM '.TAGS_TABLE.'
-  WHERE name = \''.$tag_name.'\'
+  WHERE name = \''.pwg_quotemeta($tag_name).'\'
 ;';
  $existing_tags = array_from_query($query, 'id');

@ -173,7 +166,7 @@ SELECT id
      array('name', 'url_name'),
      array(
        array(
-          'name' => $tag_name,
+          'name' => pwg_quotemeta($tag_name),
          'url_name' => str2url($tag_name),
          )
        )
@ -183,7 +176,7 @@ SELECT id
      $page['infos'],
      sprintf(
        l10n('Tag "%s" was added'),
-        $tag_name
+        pwg_stripslashes($tag_name)
        )
      );
  }
@ -192,8 +185,8 @@ SELECT id
    array_push(
      $page['errors'],
      sprintf(
-        l10n('Tag "%s" already exist'),
-        $tag_name
+        l10n('Tag "%s" already exists'),
+        pwg_stripslashes($tag_name)
        )
      );
  }
--- a/admin/thumbnail.php
+++ b/admin/thumbnail.php
@ -40,6 +40,11 @@ function RatioResizeImg($path, $newWidth, $newHeight, $tn_ext)
 {
  global $conf, $lang, $page;

+  if (!function_exists('gd_info'))
+  {
+    return;
+  }
+
  $filename = basename($path);
  $dirname = dirname($path);
  
@ -185,7 +190,7 @@ $template->assign_vars(array(
  'L_TN_AVERAGE'=>$lang['tn_stats_mean'],
  'L_ALL'=>$lang['tn_all'],

-  'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=thumbnail',
+  'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=thumbnail',
  
  'T_STYLE'=>$user['template']
  ));
--- a/admin/user_list.php
+++ b/admin/user_list.php
@ -250,13 +250,16 @@ if (isset($_POST['delete']) or isset($_POST['pref_submit']))
 // +-----------------------------------------------------------------------+
 // |                             delete users                              |
 // +-----------------------------------------------------------------------+
-
 if (isset($_POST['delete']) and count($collection) > 0)
 {
  if (in_array($conf['webmaster_id'], $collection))
  {
    array_push($page['errors'], l10n('Webmaster cannot be deleted'));
  }
+  elseif (in_array($user['id'], $collection))
+  {
+    array_push($page['errors'], l10n('You cannot delete your account'));
+  }
  else
  {
    if (isset($_POST['confirm_deletion']) and 1 == $_POST['confirm_deletion'])
@ -338,9 +341,14 @@ DELETE FROM '.USER_GROUP_TABLE.'
  $formfields =
    array('nb_image_line', 'nb_line_page', 'template', 'language',
          'recent_period', 'maxwidth', 'expand', 'show_nb_comments',
-          'maxheight', 'status', 'adviser', 'enabled_high');
+          'maxheight', 'status', 'enabled_high');
  
-  $true_false_fields = array('expand', 'show_nb_comments', 'adviser', 'enabled_high');
+  $true_false_fields = array('expand', 'show_nb_comments', 'enabled_high');
+  if ($conf['allow_adviser'])
+  {
+    array_push($formfields, 'adviser');
+    array_push($true_false_fields, 'adviser');
+  }
  
  foreach ($formfields as $formfield)
  {
@ -474,10 +482,10 @@ $template->assign_vars(
    'L_DELETE' => $lang['user_delete'],
    'L_DELETE_HINT' => $lang['user_delete_hint'],

-    'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=user_list',
+    'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=user_list',
    
    'F_ADD_ACTION' => $base_url,
-    'F_USERNAME' => @$_GET['username'],
+    'F_USERNAME' => @htmlentities($_GET['username']),
    'F_FILTER_ACTION' => PHPWG_ROOT_PATH.'admin.php'
    ));

@ -581,8 +589,8 @@ if (isset($_POST['pref_submit']))
 //  echo '<pre>'; print_r($_POST); echo '</pre>';
  $template->assign_vars(
    array(
-      'ADVISER_YES' => 'true' == $_POST['adviser'] ? 'checked="checked"' : '',
-      'ADVISER_NO' => 'false' == $_POST['adviser'] ? 'checked="checked"' : '',
+      'ADVISER_YES' => 'true' == (isset($_POST['adviser']) and $_POST['adviser']) ? 'checked="checked"' : '',
+      'ADVISER_NO' => 'false' == (isset($_POST['adviser']) and $_POST['adviser']) ? 'checked="checked"' : '',
      'NB_IMAGE_LINE' => $_POST['nb_image_line'],
      'NB_LINE_PAGE' => $_POST['nb_line_page'],
      'MAXWIDTH' => $_POST['maxwidth'],
@ -818,7 +826,7 @@ foreach ($page['filtered_users'] as $num => $local_user)
      'U_PERM' => $perm_url.$local_user['id'],
      'USERNAME' => $local_user['username'],
      'STATUS' => $lang['user_status_'.$local_user['status']].(($local_user['adviser'] == 'true') ? ' ['.$lang['adviser'].']' : ''),
-      'EMAIL' => isset($local_user['email']) ? $local_user['email'] : '',
+      'EMAIL' => get_email_address_as_display_text($local_user['email']),
      'GROUPS' => $groups_string,
      'PROPERTIES' => (isset($local_user['enabled_high']) and ($local_user['enabled_high'] == 'true')) ? $lang['is_high_enabled'] : $lang['is_high_disabled']
      )
--- a/admin/waiting.php
+++ b/admin/waiting.php
@ -65,11 +65,11 @@ if (isset($_POST))
      }
    }
  }
-  else if (isset($_POST['validate-all']))
+  elseif (isset($_POST['validate-all']) and !empty($_POST['list']))
  {
    $to_validate = explode(',', $_POST['list']);
  }
-  else if (isset($_POST['reject-all']))
+  elseif (isset($_POST['reject-all']) and !empty($_POST['list']))
  {
    $to_reject = explode(',', $_POST['list']);
  }
@ -195,7 +195,7 @@ while ( $row = mysql_fetch_array( $result ) )
        (strlen($row['file']) > 10) ?
          (substr($row['file'], 0, 10)).'...' : $row['file'],
      'PREVIEW_URL_IMG'=>$preview_url, 
-      'UPLOAD_EMAIL'=>$row['mail_address'],
+      'UPLOAD_EMAIL'=>get_email_address_as_display_text($row['mail_address']),
      'UPLOAD_USERNAME'=>$row['username']
      )
    );
--- a/category.php
+++ b/category.php
@ -39,6 +39,9 @@ if ( isset($_GET['cat']) )
  {
    $url_params['section'] = 'categories';
    $url_params['category'] = $_GET['cat'];
+    $result = get_cat_info($url_params['category']);
+    if ( !empty($result) )
+      $url_params['cat_name'] = $result['name'];
  }
  elseif ( in_array($_GET['cat'],
              array('best_rated','most_visited','recent_pics','recent_cats')
@ -47,6 +50,10 @@ if ( isset($_GET['cat']) )
  {
    $url_params['section'] = $_GET['cat'];
  }
+  else
+  {
+    page_not_found('');
+  }
 }

 redirect ( make_index_url($url_params) );
--- a/comments.php
+++ b/comments.php
@ -144,12 +144,17 @@ if (isset($_GET['keyword']) and !empty($_GET['keyword']))
    ')';
 }

+// Only validated on 1.6.x
+// on 1.7, admin can see all because he can be validated or rejected comments
+$page['status_clause'] = 'validated="true"';
+
 // +-----------------------------------------------------------------------+
 // |                         comments management                           |
 // +-----------------------------------------------------------------------+
 // comments deletion
-if (isset($_POST['delete']) and count($_POST['comment_id']) > 0)
+if (isset($_POST['delete']) and count($_POST['comment_id']) > 0 and is_admin())
 {
+  $_POST['comment_id'] = array_map('intval', $_POST['comment_id']);
  $query = '
 DELETE FROM '.COMMENTS_TABLE.'
  WHERE id IN ('.implode(',', $_POST['comment_id']).')
@ -157,8 +162,10 @@ DELETE FROM '.COMMENTS_TABLE.'
  pwg_query($query);
 }
 // comments validation
-if (isset($_POST['validate']) and count($_POST['comment_id']) > 0)
+if (isset($_POST['validate']) and count($_POST['comment_id']) > 0
+   and is_admin())
 {
+  $_POST['comment_id'] = array_map('intval', $_POST['comment_id']);
  $query = '
 UPDATE '.COMMENTS_TABLE.'
  SET validated = \'true\'
@ -181,8 +188,8 @@ $template->assign_vars(
    'L_COMMENT_TITLE' => $title,

    'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
-    'F_KEYWORD'=>@$_GET['keyword'],
-    'F_AUTHOR'=>@$_GET['author'],
+    'F_KEYWORD'=>@htmlentities($_GET['keyword']),
+    'F_AUTHOR'=>@htmlentities($_GET['author']),

    'U_HOME' => make_index_url(),
    )
@ -295,7 +302,8 @@ SELECT COUNT(DISTINCT(id))
  WHERE '.$since_options[$page['since']]['clause'].'
    AND '.$page['cat_clause'].'
    AND '.$page['author_clause'].'
-    AND '.$page['keyword_clause'];
+    AND '.$page['keyword_clause'].'
+    AND '.$page['status_clause'];
 if ($user['forbidden_categories'] != '')
 {
  $query.= '
@ -305,7 +313,7 @@ $query.= '
 ;';
 list($counter) = mysql_fetch_row(pwg_query($query));

-$url = PHPWG_ROOT_PATH.'comments.php?t=1'.get_query_string_diff(array('start'));
+$url = PHPWG_ROOT_PATH.'comments.php'.get_query_string_diff(array('start'));

 $navbar = create_navigation_bar($url,
                                $counter,
@ -337,7 +345,8 @@ SELECT com.id AS comment_id
  WHERE '.$since_options[$page['since']]['clause'].'
    AND '.$page['cat_clause'].'
    AND '.$page['author_clause'].'
-    AND '.$page['keyword_clause'];
+    AND '.$page['keyword_clause'].'
+    AND '.$page['status_clause'];
 if ($user['forbidden_categories'] != '')
 {
  $query.= '
@ -379,7 +388,7 @@ SELECT id, name, file, path, tn_ext
  // retrieving category informations
  $categories = array();
  $query = '
-SELECT id, uppercats
+SELECT id, name, uppercats
  FROM '.CATEGORIES_TABLE.'
  WHERE id IN ('.implode(',', $category_ids).')
 ;';
@ -414,6 +423,7 @@ SELECT id, uppercats
    $url = make_picture_url(
            array(
              'category' => $comment['category_id'],
+              'cat_name' => $categories[ $comment['category_id']] ['name'],
              'image_id' => $comment['image_id'],
              'image_file' => $elements[$comment['image_id']]['file'],
            )
--- a/doc/README_en.txt
+++ b/doc/README_en.txt
@ -23,14 +23,14 @@ Upgrade
 1. elements to save :

 - file "include/mysql.inc.php"
+ - file "include/config_local.inc.php" if you have one
 - directory "galleries"
 - your database (create a dump, using PhpMyAdmin for instance)

 2. delete all files and directories of your previous installation (but not
   the previous listed elements)

-3. extract files from the downloaded file (using tar or unzip command, or
-   softwares like 7-zip or winzip)
+3. extract files from the downloaded file

 4. upload all the new version files to your website but the previous listed
   elements. The only elements coming from the previous installed version
--- a/doc/README_fr.txt
+++ b/doc/README_fr.txt
@ -7,8 +7,7 @@ http://phpwebgallery.net
 Installation
 ============

-1. décompresser à l'aide de winzip par exemple (winrar, winace et beaucoup
-   d'autres le permettent également) le fichier téléchargé.
+1. décompresser l'archive téléchargée

 2. placer les fichiers décompressés sur votre serveur web dans le répertoire
   de votre choix ("galerie" par exemple)
@ -22,14 +21,14 @@ Mise
 1. éléments à sauvegarder :

 - fichier "include/mysql.inc.php"
+ - fichier "include/config_local.inc.php" s'il existe
 - répertoire "galleries"
 - votre base de données (en créant un dump, avec PhpMyAdmin par exemple)

 2. supprimer tous les fichiers et répertoires de la précédente installation
   (sauf les éléments listés ci-dessus)

-3. décompresser à l'aide de winzip par exemple (winrar, winace et beaucoup
-   d'autres le permettent également) le fichier téléchargé.
+3. décompresser l'archive contenant la dernière version

 4. placer tous les fichiers de la nouvelle version sur votre site web sauf
   pour les élements listés ci-dessus. Les seuls éléments venant de la
--- a/doc/index.php
+++ b/doc/index.php
@ -0,0 +1,35 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery                           |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | branch        : BSF (Best So Far)
+// | file          : $RCSfile$
+// | last update   : $Date: 2006-03-15 23:44:35 +0100 (mer., 15 mars 2006) $
+// | last modifier : $Author: plg $
+// | revision      : $Revision: 1082 $
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+// recursive call of index.php
+
+$url = '../index.php';
+header( 'Request-URI: '.$url );
+header( 'Content-Location: '.$url );
+header( 'Location: '.$url );
+exit();
+?>
--- a/feed.php
+++ b/feed.php
@ -119,7 +119,7 @@ $user['forbidden_categories'] = calculate_permissions($user['id'],
                                                      $user['status']);
 if ('' == $user['forbidden_categories'])
 {
-  $user['forbidden_categories'] = '-1';
+  $user['forbidden_categories'] = '0';
 }

 list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();'));
--- a/galleries/index.htm
+++ b/galleries/index.htm
@ -1,8 +0,0 @@
-<html>
-    <head>
-        <title>PhpWebGallery</title>
-    </head>
-    <body>
-        No access authorized
-    </body>
-</html>
--- a/galleries/index.php
+++ b/galleries/index.php
@ -0,0 +1,35 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery                           |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | branch        : BSF (Best So Far)
+// | file          : $RCSfile$
+// | last update   : $Date$
+// | last modifier : $Author$
+// | revision      : $Revision$
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+// recursive call of index.php
+
+$url = '../index.php';
+header( 'Request-URI: '.$url );
+header( 'Content-Location: '.$url );
+header( 'Location: '.$url );
+exit();
+?>
--- a/identification.php
+++ b/identification.php
@ -63,7 +63,7 @@ SELECT '.$conf['user_fields']['id'].' AS id,
    {
      $remember_me = true;
    }
-    log_user( $row['id'], $remember_me);
+    log_user($row['id'], $remember_me);
    redirect(empty($redirect_to) ? make_index_url() : $redirect_to);
  }
  else
@ -71,6 +71,7 @@ SELECT '.$conf['user_fields']['id'].' AS id,
    array_push( $errors, $lang['invalid_pwd'] );
  }
 }
+
 //----------------------------------------------------- template initialization
 //
 // Start output of page
@ -84,7 +85,7 @@ $template->set_filenames( array('identification'=>'identification.tpl') );
 $template->assign_vars(
  array(
    'L_TITLE' => $lang['identification'],
-    'L_USERNAME' => $lang['login'],
+    'L_USERNAME' => $lang['Username'],
    'L_PASSWORD' => $lang['password'],
    'L_LOGIN' => $lang['submit'],
    'L_GUEST' => $lang['ident_guest_visit'],
--- a/include/.cvsignore
+++ b/include/.cvsignore
@ -1 +0,0 @@
-mysql.inc.php
--- a/include/calendar_base.class.php
+++ b/include/calendar_base.class.php
@ -195,7 +195,8 @@ class CalendarBase
      $nav_bar.= '</span>';
    }

-    if ($conf['calendar_show_any'] and $show_any and count($items) > 1)
+    if ($conf['calendar_show_any'] and $show_any and count($items)>1 and
+          count($date_components)<count($this->calendar_levels)-1 )
    {
      $label = l10n('calendar_any');
      if (isset($selected_item) and 'any' === $selected_item)
@ -299,7 +300,7 @@ SELECT DISTINCT('.$this->calendar_levels[$level]['sql']
    $query = 'SELECT CONCAT_WS("-"';
    for ($i=0; $i<count($page['chronology_date']); $i++)
    {
-      if ( 'any' === $page['chronology_date'] )
+      if ( 'any' === $page['chronology_date'][$i] )
      {
        $query .= ','.'"any"';
      }
--- a/include/calendar_monthly.class.php
+++ b/include/calendar_monthly.class.php
@ -329,6 +329,7 @@ function build_month_calendar()
  $query.= '
  GROUP BY period';

+  $items=array();
  $result = pwg_query($query);
  while ($row = mysql_fetch_array($result))
  {
@ -426,7 +427,7 @@ SELECT file,tn_ext,path, width, height, DAYOFWEEK('.$this->date_field.')-1 as do
          $day++)
    {
      $dow = ($first_day_dow + $day-1)%7;
-      if ($dow==0)
+      if ($dow==0 and $day!=1)
      {
        $template->assign_block_vars('calendar.thumbnails.row', array());
      }
--- a/include/category_default.inc.php
+++ b/include/category_default.inc.php
@ -60,6 +60,7 @@ SELECT *
 }

 // template thumbnail initialization
+$template->set_filenames( array( 'thumbnails' => 'thumbnails.tpl',)); 
 if (count($pictures) > 0)
 {
  $template->assign_block_vars('thumbnails', array());
@ -165,6 +166,7 @@ SELECT COUNT(*) AS nb_comments
    $row_number = 0;
  }
 }
+$template->assign_var_from_handle('THUMBNAILS', 'thumbnails');

 pwg_debug('end include/category_default.inc.php');
 ?>
--- a/include/category_recent_cats.inc.php
+++ b/include/category_recent_cats.inc.php
@ -46,6 +46,7 @@ SELECT c.id AS category_id
       , c.comment
       , tn_ext
       , nb_images
+       , c.name AS cat_name
  FROM '.CATEGORIES_TABLE.' AS c
    INNER JOIN '.IMAGES_TABLE.' AS i ON i.id = c.representative_picture_id
  WHERE date_last > SUBDATE(
@ -67,13 +68,19 @@ if ($conf['subcatify'])
      'mainpage_categories' => 'mainpage_categories.tpl',
      )
    );
-  
+
  // template thumbnail initialization
  if (mysql_num_rows($result) > 0)
  {
    $template->assign_block_vars('categories', array());
  }

+  $comment = null;
+  if (isset($row['comment']))
+  {
+    $comment = strip_tags($row['comment'], '<a><br><p><b><i><small><strong><font>');
+  }
+
  // for each category, we have to search a recent picture to display and
  // the name to display
  while ( $row = mysql_fetch_array( $result ) )
@ -84,15 +91,16 @@ if ($conf['subcatify'])
        'SRC'       => get_thumbnail_src($row['path'], @$row['tn_ext']),
        'ALT'   => $row['file'],
        'TITLE' => $lang['hint_category'],
-        
+
        'URL'  => make_index_url(
          array(
            'category' => $row['category_id'],
+            'cat_name' => $row['cat_name'],
            )
          ),
        'NAME' => get_cat_display_name_cache($row['uppercats'], null, false),
-        'NB_IMAGES' => $row['nb_images'],
-        'DESCRIPTION' => @$row['comment'],
+        'CAPTION_NB_IMAGES' => (($row['nb_images'] == 0) ? '' : sprintf("%d ".l10n('pictures'), $row['nb_images'])),
+        'DESCRIPTION' => $comment,
        )
      );
  }
@ -102,6 +110,7 @@ if ($conf['subcatify'])
 else
 {
  // template thumbnail initialization
+  $template->set_filenames( array( 'thumbnails' => 'thumbnails.tpl',));
  if (mysql_num_rows($result) > 0)
  {
    $template->assign_block_vars('thumbnails', array());
@ -110,7 +119,7 @@ else
    // current row displayed
    $row_number = 0;
  }
-  
+
  $old_level_separator = $conf['level_separator'];
  $conf['level_separator'] = '<br />';
  // for each category, we have to search a recent picture to display and
@ -123,10 +132,11 @@ else
        'IMAGE'       => get_thumbnail_src($row['path'], @$row['tn_ext']),
        'IMAGE_ALT'   => $row['file'],
        'IMAGE_TITLE' => $lang['hint_category'],
-        
+
        'U_IMG_LINK'  => make_index_url(
          array(
            'category' => $row['category_id'],
+            'cat_name' => $row['cat_name'],
            )
          ),
        )
@ -147,5 +157,6 @@ else
    }
  }
  $conf['level_separator'] = $old_level_separator;
+  $template->assign_var_from_handle('THUMBNAILS', 'thumbnails');
 }
 ?>
--- a/include/category_subcats.inc.php
+++ b/include/category_subcats.inc.php
@ -94,7 +94,7 @@ SELECT representative_picture_id
  $comment = null;
  if (isset($row['comment']))
  {
-    $comment = strip_tags($row['comment']);
+    $comment = strip_tags($row['comment'], '<a><br><p><b><i><small><strong><font>');
  }

  if (isset($image_id))
@ -132,7 +132,7 @@ SELECT id, path, tn_ext
    $thumbnail_src_of[$row['id']] =
      get_thumbnail_src($row['path'], @$row['tn_ext']);
  }
-  
+
  if ($conf['subcatify'])
  {
    $template->set_filenames(
@ -142,7 +142,7 @@ SELECT id, path, tn_ext
      );

    $template->assign_block_vars('categories', array());
-    
+
    foreach ($categories as $category)
    {
      $template->assign_block_vars(
@ -152,7 +152,7 @@ SELECT id, path, tn_ext
          'ALT'   => $category['name'],
          'TITLE' => $lang['hint_category'],
          'ICON'  => get_icon(@$category['date_last']),
-          
+
          'URL' => make_index_url(
            array(
              'category' => $category['category'],
@ -160,22 +160,23 @@ SELECT id, path, tn_ext
              )
            ),
          'NAME' => $category['name'],
-          'NB_IMAGES' => $category['nb_images'],
+          'CAPTION_NB_IMAGES' => (($category['nb_images'] == 0) ? '' : sprintf("%d ".l10n('pictures'), $category['nb_images'])),
          'DESCRIPTION' => @$category['comment'],
          )
        );
    }
-  
+
    $template->assign_var_from_handle('CATEGORIES', 'mainpage_categories');
  }
  else
  {
+    $template->set_filenames( array( 'thumbnails' => 'thumbnails.tpl',));
    $template->assign_block_vars('thumbnails', array());
    // first line
    $template->assign_block_vars('thumbnails.line', array());
    // current row displayed
    $row_number = 0;
-    
+
    foreach ($categories as $category)
    {
      $template->assign_block_vars(
@ -185,10 +186,11 @@ SELECT id, path, tn_ext
          'IMAGE_ALT'   => $category['name'],
          'IMAGE_TITLE' => $lang['hint_category'],
          'IMAGE_TS'    => get_icon(@$category['date_last']),
-          
+
          'U_IMG_LINK'  => make_index_url(
            array(
              'category' => $category['category'],
+              'cat_name' => $category['name'],
              )
            ),
          'CLASS'       => 'thumbCat',
@ -201,7 +203,7 @@ SELECT id, path, tn_ext
          'NAME' => $category['name']
          )
        );
-      
+
      // create a new line ?
      if (++$row_number == $user['nb_image_line'])
      {
@ -209,6 +211,7 @@ SELECT id, path, tn_ext
        $row_number = 0;
      }
    }
+    $template->assign_var_from_handle('THUMBNAILS', 'thumbnails');
  }
 }
-?>
+?>
--- a/include/common.inc.php
+++ b/include/common.inc.php
@ -111,7 +111,7 @@ $conf = array();
 $page = array();
 $user = array();
 $lang = array();
-
+$header_msgs = array();

@include(PHPWG_ROOT_PATH .'include/mysql.inc.php');
 if (!defined('PHPWG_INSTALLED'))
@ -132,7 +132,64 @@ or die ( "Could not connect to database server" );
 mysql_select_db( $cfgBase )
 or die ( "Could not connect to database" );

-if ($conf['check_upgrade_feed'])
+//
+// Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
+// since basic gallery information is not available
+//
+load_conf_from_db();
+
+include(PHPWG_ROOT_PATH.'include/user.inc.php');
+
+
+// language files
+include_once(get_language_filepath('common.lang.php'));
+if (defined('IN_ADMIN') and IN_ADMIN)
+{
+  include_once(get_language_filepath('admin.lang.php'));
+}
+
+// only now we can set the localized username of the guest user (and not in
+// include/user.inc.php)
+if ($user['is_the_guest'])
+{
+  $user['username'] = $lang['guest'];
+}
+
+// template instance
+$template = new Template(PHPWG_ROOT_PATH.'template/'.$user['template'], $user['theme'] );
+
+if ($conf['gallery_locked'])
+{
+  $header_msgs[] = $lang['gallery_locked_message'];
+
+  if ( script_basename() != 'identification' and !is_admin() )
+  {
+    //next line required if PATH_INFO (no ? in url) but won't work for scripts outside PWG
+    $page['root_path'] = cookie_path();
+    echo $lang['gallery_locked_message']
+      .'<a href="'.get_root_url().'identification.php">.</a>';
+    exit();
+  }
+}
+
+if ($user['is_the_guest'] and !$conf['guest_access']
+    and !in_array( script_basename(),
+                      // Array of basename without file extention
+                      array('identification',
+                            'password',
+                            'register'
+                        )
+                  )
+    )
+{
+  //next line required if PATH_INFO (no ? in url) but won't work for scripts outside PWG
+  $page['root_path'] = cookie_path();
+  redirect (get_root_url().'identification.php');
+}
+
+if ($conf['check_upgrade_feed']
+    and defined('PHPWG_IN_UPGRADE')
+    and PHPWG_IN_UPGRADE)
 {
  // retrieve already applied upgrades
  $query = '
@ -147,105 +204,26 @@ SELECT id
  // which upgrades need to be applied?
  if (count(array_diff($existing, $applied)) > 0)
  {
-    ob_start();// buffer output so that cookies work
-
-    echo
-      '<p>'
-      .'Some database upgrades are missing, '
-      .'<a href="'.PHPWG_ROOT_PATH.'upgrade_feed.php">upgrade now</a>'
-      .'</p>'
-      ;
+    //next line required if PATH_INFO (no ? in url) but won't work for scripts outside PWG
+    $page['root_path'] = cookie_path();
+    $header_msgs[] = 'Some database upgrades are missing, '
+      .'<a href="'.get_root_url().'upgrade_feed.php">upgrade now</a>';
  }
 }

-//
-// Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
-// since basic gallery information is not available
-//
-$query = '
-SELECT param,value
- FROM '.CONFIG_TABLE.'
-;';
-if (!($result = pwg_query($query)))
-{
-  die("Could not query config information");
-}
-
-while ( $row =mysql_fetch_array( $result ) )
-{
-  if ( isset( $row['value'] ) )
-  {
-    $conf[$row['param']] = $row['value'];
-  }
-  else
-  {
-    $conf[$row['param']] = '';
-  }
-  // If the field is true or false, the variable is transformed into a
-  // boolean value.
-  if ( $conf[$row['param']] == 'true' or $conf[$row['param']] == 'false' )
-  {
-    $conf[$row['param']] = get_boolean( $conf[$row['param']] );
-  }
-}
-
-include(PHPWG_ROOT_PATH.'include/user.inc.php');
-
-// language files
-include_once(get_language_filepath('common.lang.php'));
-
-if (defined('IN_ADMIN') and IN_ADMIN)
-{
-  include_once(get_language_filepath('admin.lang.php'));
-}
-
-if ($conf['gallery_locked'])
-{
-  ob_start(); // make sure we can send cookies
-  echo
-    '<div style="text-align:center;">'
-    .$lang['gallery_locked_message'];
-  echo '<a href="'.PHPWG_ROOT_PATH.'identification.php">.</a>';
-  echo '</div>';
-
-  if ( basename($_SERVER["PHP_SELF"]) != 'identification.php'
-      and !is_admin() )
-  {
-    exit();
-  }
-}
-
-// only now we can set the localized username of the guest user (and not in
-// include/user.inc.php)
-if ($user['is_the_guest'])
-{
-  $user['username'] = $lang['guest'];
-}
-
-// include template/theme configuration
-list($user['template'], $user['theme']) = explode('/', $user['template']);
-// TODO : replace initial $user['template'] by $user['layout']
-
-include(
-  PHPWG_ROOT_PATH
-  .'template/'.$user['template']
-  .'/theme/'.$user['theme']
-  .'/themeconf.inc.php'
-  );

 if (is_adviser())
 {
-  ob_start();// buffer output so that cookies work
-  echo '
-  <div class="titrePage">
-    <h2>
-      <div style="text-align:center;">'.$lang['adviser_mode_enabled'].'
-      </div>
-    </h2>
-  </div>
-  ';
+  $header_msgs[] = $lang['adviser_mode_enabled'];
 }

-// template instance
-$template = new Template(PHPWG_ROOT_PATH.'template/'.$user['template']);
-?>
+if (count($header_msgs) > 0)
+{
+  $template->assign_block_vars('header_msgs',array());
+  foreach ($header_msgs as $header_msg)
+  {
+    $template->assign_block_vars('header_msgs.header_msg',
+                                 array('HEADER_MSG'=>$header_msg));
+  }
+}
+?>
--- a/include/config_default.inc.php
+++ b/include/config_default.inc.php
@ -110,16 +110,16 @@ $conf['calendar_month_cell_height']=80;

 // newcat_default_commentable : at creation, must a category be commentable
 // or not ?
-$conf['newcat_default_commentable'] = 'true';
+$conf['newcat_default_commentable'] = true;

 // newcat_default_uploadable : at creation, must a category be uploadable or
 // not ?
-$conf['newcat_default_uploadable'] = 'false';
+$conf['newcat_default_uploadable'] = false;

 // newcat_default_visible : at creation, must a category be visible or not ?
 // Warning : if the parent category is invisible, the category is
 // automatically create invisible. (invisible = locked)
-$conf['newcat_default_visible'] = 'true';
+$conf['newcat_default_visible'] = true;

 // newcat_default_status : at creation, must a category be public or private
 // ? Warning : if the parent category is private, the category is
@ -127,7 +127,7 @@ $conf['newcat_default_visible'] = 'true';
 $conf['newcat_default_status'] = 'public';

 // newuser_default_enabled_high : at creation, must a user with enabled_high or not
-$conf['newuser_default_enabled_high'] = 'true';
+$conf['newuser_default_enabled_high'] = true;

 // level_separator : character string used for separating a category level
 // to the sub level. Suggestions : ' / ', ' &raquo; ', ' &rarr; ', ' - ',
@ -205,6 +205,12 @@ $conf['mail_options'] = false;
 // or test.
 $conf['send_bcc_mail_webmaster'] = false;

+// enabled_format_email:
+//  on true email will be formatted with name and address 
+//  on false email will be only address
+// There are webhosting wich not allow email formatted (Lycos, ...)
+$conf['enabled_format_email'] = true;
+
 // check_upgrade_feed: check if there are database upgrade required. Set to
 // true, a message will strongly encourage you to upgrade your database if
 // needed.
@ -312,9 +318,12 @@ $conf['session_save_handler'] = 'db';
 // creates a cookie on client side.
 $conf['authorize_remembering'] = true;

+// remember_me_name: specifies the name of the cookie used to stay logged
+$conf['remember_me_name'] = 'pwg_remember';
+
 // remember_me_length : time of validity for "remember me" cookies, in
 // seconds.
-$conf['remember_me_length'] = 31536000;
+$conf['remember_me_length'] = 5184000;

 // session_length : time of validity for normal session, in seconds.
 $conf['session_length'] = 3600;
@ -333,6 +342,9 @@ $conf['show_gt'] = true;
 // accessed
 $conf['debug_l10n'] = false;

+// die_on_sql_error: if an SQL query fails, should everything stop?
+$conf['die_on_sql_error'] = true;
+
 // +-----------------------------------------------------------------------+
 // |                            authentication                             |
 // +-----------------------------------------------------------------------+
@ -385,6 +397,11 @@ $conf['webmaster_id'] = 1;
 // allow to use adviser mode
 $conf['allow_adviser'] = false;

+// does the guest have access ?
+// (not a security feature, set your categories "private" too)
+// If false it'll be redirected from index.php to identification.php
+$conf['guest_access'] = true;
+
 // +-----------------------------------------------------------------------+
 // |                                upload                                 |
 // +-----------------------------------------------------------------------+
@ -470,14 +487,30 @@ $conf['tags_levels'] = 5;
 // Default Value for nbm user
 $conf['nbm_default_value_user_enabled'] = false;

-// Max user to show on list users to send notification
-// Parameter not used if $conf['nbm_list_all_enabled_users_to_send'] is true
-$conf['nbm_max_list_users_to_send'] = 100;
-
-// Search List user to send with quick (List all without check news)
+// Search list user to send quickly (List all without to check news)
 // More quickly but less fun to use
 $conf['nbm_list_all_enabled_users_to_send'] = false;

-// Max mails sended on one pass
-$conf['nbm_max_mails_send'] = 35;
+// Max time used on one pass in order to send mails.
+// Timeout delay ratio.
+$conf['nbm_max_treatment_timeout_percent'] = 0.8;
+
+// If timeout cannot be compite with nbm_max_treatment_timeout_percent,
+// nbm_treatment_timeout_default is used by default
+$conf['nbm_treatment_timeout_default'] = 20;
+
+// +-----------------------------------------------------------------------+
+// | Set default admin layout                                              |
+// +-----------------------------------------------------------------------+
+
+// Must be user setable in future
+// Default value of admin layout
+// Step 1, default_admin_layout is not defined
+//        null value, user_layout is used for admin layout
+//        defined value, this value are used for admin layout
+// Next on step 2, default_admin_layout will be used 
+//                 if there are not checked like admin layout
+// stored on user informations
+//$conf['default_admin_layout']='yoga/dark';
+
 ?>
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@ -460,6 +460,40 @@ function format_date($date, $type = 'us', $show_time = false)
  return $formated_date;
 }

+function pwg_stripslashes($value)
+{
+  if (get_magic_quotes_gpc())
+  {
+    $value = stripslashes($value);
+  }
+  return $value;
+}
+
+function pwg_addslashes($value)
+{
+  if (!get_magic_quotes_gpc())
+  {
+    $value = addslashes($value);
+  }
+  return $value;
+}
+
+function pwg_quotemeta($value)
+{
+  if (get_magic_quotes_gpc()) {
+    $value = stripslashes($value);
+  }
+  if (function_exists('mysql_real_escape_string'))
+  {
+    $value = mysql_real_escape_string($value);
+  }
+  else
+  {
+    $value = mysql_escape_string($value);
+  }
+  return $value;
+}
+
 function pwg_query($query)
 {
  global $conf,$page,$debug,$t2;
@ -518,18 +552,42 @@ function pwg_debug( $string )
 * (presence of an exit() instruction.
 *
 * @param string $url
+ * @param string $title_msg
+ * @param integer $refreh_time
 * @return void
 */
-function redirect( $url )
+function redirect( $url , $msg = '', $refresh_time = 0)
 {
  global $user, $template, $lang_info, $conf, $lang, $t2, $page, $debug;

-  // $refresh, $url_link and $title are required for creating an automated
-  // refresh page in header.tpl
-  $refresh = 0;
+  if (!isset($lang_info))
+  {
+    $user = build_user( $conf['guest_id'], true);
+    include_once(get_language_filepath('common.lang.php'));
+    list($tmpl, $thm) = explode('/', $conf['default_template']);
+    $template = new Template(PHPWG_ROOT_PATH.'template/'.$tmpl, $thm);
+  }
+  else
+  {
+    $template = new Template(PHPWG_ROOT_PATH.'template/'.$user['template'], $user['theme']);
+  }
+
+  if (empty($msg))
+  {
+    $redirect_msg = l10n('redirect_msg');
+  }
+  else
+  {
+    $redirect_msg = $msg;
+  }
+  $redirect_msg = nl2br($redirect_msg);
+
+  $refresh = $refresh_time;
  $url_link = $url;
  $title = 'redirection';

+  $template->set_filenames( array( 'redirect' => 'redirect.tpl' ) );
+
  include( PHPWG_ROOT_PATH.'include/page_header.php' );

  $template->set_filenames( array( 'redirect' => 'redirect.tpl' ) );
@ -539,7 +597,6 @@ function redirect( $url )

  exit();
 }
-
 /**
 * returns $_SERVER['QUERY_STRING'] whitout keys given in parameters
 *
@ -569,7 +626,8 @@ function get_query_string_diff($rejects = array())

 function url_is_remote($url)
 {
-  if (preg_match('/^https?:\/\/[~\/\.\w-]+$/', $url))
+  if ( strncmp($url, 'http://', 7)==0
+    or strncmp($url, 'https://', 8)==0 )
  {
    return true;
  }
@ -640,12 +698,22 @@ function get_thumbnail_src($path, $tn_ext = '', $with_rewrite = true)
 // error occured for the last mysql query.
 function my_error($header)
 {
+  global $conf;
+
  $error = '<pre>';
  $error.= $header;
  $error.= '[mysql error '.mysql_errno().'] ';
  $error.= mysql_error();
  $error.= '</pre>';
-  die ($error);
+
+  if ($conf['die_on_sql_error'])
+  {
+    die($error);
+  }
+  else
+  {
+    echo $error;
+  }
 }

 /**
@ -778,7 +846,7 @@ function get_name_from_file($filename)
 * @param string key
 * @return string
 */
-function raw_l10n($key)
+function l10n($key)
 {
  global $lang, $conf;

@ -789,15 +857,23 @@ function raw_l10n($key)

  return isset($lang[$key]) ? $lang[$key] : $key;
 }
+
 /**
- * Like l10n but converts html entities
+ * Translate string in string ascii7bits
+ * It's possible to do that with iconv_substr
+ * but this fonction is not avaible on all the providers.
 *
- * @param string key
+ * @param string str
 * @return string
 */
-function l10n($key)
+function str_translate_to_ascii7bits($str)
 {
-  return htmlentities(raw_l10n($key),ENT_QUOTES);
+  global $lang_table_translate_ascii7bits;
+
+  $src_table = array_keys($lang_table_translate_ascii7bits);
+  $dst_table = array_values($lang_table_translate_ascii7bits);
+
+  return str_replace($src_table , $dst_table, $str);
 }

 /**
@ -809,9 +885,9 @@ function l10n($key)
 */
 function get_themeconf($key)
 {
-  global $themeconf;
+  global $template;

-  return $themeconf[$key];
+  return $template->get_themeconf($key);
 }

 /**
@ -859,4 +935,66 @@ function get_available_upgrade_ids()

  return $available_upgrade_ids;
 }
+
+/**
+ * Add configuration parameters from database to global $conf array
+ *
+ * @return void
+ */
+function load_conf_from_db()
+{
+  global $conf;
+
+  $query = '
+SELECT param,value
+ FROM '.CONFIG_TABLE.'
+;';
+  $result = pwg_query($query);
+
+  if (mysql_num_rows($result) == 0)
+  {
+    die('No configuration data');
+  }
+
+  while ($row = mysql_fetch_array($result))
+  {
+    $conf[ $row['param'] ] = isset($row['value']) ? $row['value'] : '';
+
+    // If the field is true or false, the variable is transformed into a
+    // boolean value.
+    if ($conf[$row['param']] == 'true' or $conf[$row['param']] == 'false')
+    {
+      $conf[ $row['param'] ] = get_boolean($conf[ $row['param'] ]);
+    }
+  }
+}
+
+/**
+ * Return basename of the current script
+ * Lower case convertion is applied on return value
+ * Return value is without file extention ".php"
+ *
+ * @param void
+ *
+ * @return script basename
+ */
+function script_basename()
+{
+  if (!empty($_SERVER['SCRIPT_NAME']))
+  {
+    $file_name = $_SERVER['SCRIPT_NAME'];
+  }
+  else if (!empty($_SERVER['SCRIPT_FILENAME']))
+  {
+    $file_name = $_SERVER['SCRIPT_FILENAME'];
+  }
+  else
+  {
+    $file_name = '';
+  }
+
+  // $_SERVER return lower string following var and systems
+  return basename(strtolower($file_name), '.php');
+}
+
 ?>
--- a/include/functions_calendar.inc.php
+++ b/include/functions_calendar.inc.php
@ -177,7 +177,7 @@ WHERE id IN (' . implode(',',$page['items']) .')';
  //echo ('<pre>'. var_export($calendar, true) . '</pre>');

  $must_show_list = true; // true until calendar generates its own display
-  if (basename($_SERVER['SCRIPT_FILENAME']) != 'picture.php')
+  if (script_basename() != 'picture') // basename without file extention
  {
    $template->assign_block_vars('calendar', array());

@ -259,9 +259,18 @@ WHERE id IN (' . implode(',',$page['items']) .')';
    }
    else
    {
+      if ( count($page['chronology_date'])==0
+           or in_array('any', $page['chronology_date']) )
+      {// selected period is very big so we show newest first
+        $order = ' DESC, ';
+      }
+      else
+      {// selected period is small (month,week) so we show oldest first
+        $order = ' ASC, ';
+      }
      $order_by = str_replace(
        'ORDER BY ',
-        'ORDER BY '.$calendar->date_field.' DESC,', $conf['order_by']
+        'ORDER BY '.$calendar->date_field.$order, $conf['order_by']
        );
      $query .= '
  '.$order_by;
--- a/include/functions_category.inc.php
+++ b/include/functions_category.inc.php
@ -118,6 +118,8 @@ SELECT '.implode(',', $infos).'
  WHERE id = '.$id.'
 ;';
  $row = mysql_fetch_array(pwg_query($query));
+  if (empty($row))
+    return null;

  $cat = array();
  foreach ($infos as $info)
--- a/include/functions_html.inc.php
+++ b/include/functions_html.inc.php
@ -64,7 +64,7 @@ function get_icon($date)
    $icon_url = get_themeconf('icon_dir').'/recent.png';
    $title .= $user['recent_period'];
    $title .=  '&nbsp;'.$lang['days'];
-    $size = getimagesize( $icon_url );
+    $size = getimagesize( PHPWG_ROOT_PATH.$icon_url );
    $icon_url = get_root_url().$icon_url;
    $output = '<img title="'.$title.'" src="'.$icon_url.'" class="icon" style="border:0;';
    $output.= 'height:'.$size[1].'px;width:'.$size[0].'px" alt="(!)" />';
@ -82,7 +82,8 @@ function create_navigation_bar(
  global $lang, $conf;

  $pages_around = $conf['paginate_pages_around'];
-  $start_str = $clean_url ? '/start-' : '&amp;start=';
+  $start_str = $clean_url ? '/start-' :
+  	     ( ( strstr($url, '?')===false ? '?':'&amp;') . 'start=' );

  $navbar = '';

@ -529,6 +530,10 @@ function get_html_tag_selection(
 {
  global $conf;

+  if (count ($tags) == 0 )
+  {
+    return '';
+  }
  $output = '<ul class="tagSelection">';
  foreach ($tags as $tag)
  {
@ -546,7 +551,7 @@ function get_html_tag_selection(

    $output.=
      ' />'
-      .' '.$tag['name']
+      .' '. $tag['name']
      .'</label>'
      .'</li>'
      ."\n"
@ -559,7 +564,7 @@ function get_html_tag_selection(

 function name_compare($a, $b)
 {
-  return strcmp($a['name'], $b['name']);
+  return strcmp(strtolower($a['name']), strtolower($b['name']));
 }

 /**
@ -587,4 +592,22 @@ function access_denied()
    redirect($login_url);
  }
 }
+
+/**
+ * exits the current script with 404 code when a page cannot be found
+ * @param string msg a message to display
+ * @param string alternate_url redirect to this url
+ */
+function page_not_found($msg, $alternate_url=null)
+{
+  header('HTTP/1.1 404 Not found');
+  header('Status: 404 Not found');
+  if ($alternate_url==null)
+    $alternate_url = make_index_url();
+  redirect( $alternate_url,
+    '<div style="text-align:left; margin-left:5em;margin-bottom:5em;">
+<h1 style="text-align:left; font-size:36px;">Page not found</h1><br/>'
+.$msg.'</div>',
+    5 );
+}
 ?>
--- a/include/functions_mail.inc.php
+++ b/include/functions_mail.inc.php
@ -78,13 +78,24 @@ function get_mail_configuration()
 */
 function format_email($name, $email)
 {
-  if (strpos($email, '<') === false)
+  global $conf;
+
+  if ($conf['enabled_format_email'])
  {
-    return $name.' <'.$email.'>';
+    $cvt7b_name = str_translate_to_ascii7bits($name);
+
+    if (strpos($email, '<') === false)
+    {
+      return $cvt7b_name.' <'.$email.'>';
+    }
+    else
+    {
+      return $cvt7b_name.$email;
+    }
  }
  else
  {
-    return $name.$email;
+    return $email;
  }
 }

@ -93,7 +104,9 @@ function format_email($name, $email)
 */
 function pwg_mail($to, $from = '', $subject = 'PhpWebGallery', $infos = '')
 {
-  global $conf, $conf_mail;
+  global $conf, $conf_mail, $lang_info;
+
+  $cvt7b_subject = str_translate_to_ascii7bits($subject);

  if (!isset($conf_mail))
  {
@ -113,7 +126,9 @@ function pwg_mail($to, $from = '', $subject = 'PhpWebGallery', $infos = '')

  $headers = 'From: '.$from."\n";
  $headers.= 'Reply-To: '.$from."\n";
-  
+  $headers.= 'Content-Type: text/plain;format=flowed;charset="'.$lang_info['charset'].'";';
+  $headers.= 'reply-type=original'."\n";
+
  if ($conf_mail['send_bcc_mail_webmaster'])
  {
    $headers.= 'Bcc: '.$conf_mail['formated_email_webmaster']."\n";
@ -124,14 +139,14 @@ function pwg_mail($to, $from = '', $subject = 'PhpWebGallery', $infos = '')

  if ($conf_mail['mail_options'])
  {
-    $options = '-f '.$from;
+    $options = '-f '.$conf_mail['email_webmaster'];
    
-    return mail($to, $subject, $content, $headers, $options);
+    return mail($to, $cvt7b_subject, $content, $headers, $options);
  }
  else
  {
-    return mail($to, $subject, $content, $headers);
+    return mail($to, $cvt7b_subject, $content, $headers);
  }
 }

-?>
+?>
--- a/include/functions_notification.inc.php
+++ b/include/functions_notification.inc.php
@ -33,7 +33,7 @@
 * Execute custom notification query
 *
 * @param string action ('count' or 'info')
- * @param string type of query ('new_comments', 'unvalidated_comments', 'new_elements', 'updated_categories', ' new_users', 'waiting_elements')
+ * @param string type of query ('new_comments', 'unvalidated_comments', 'new_elements', 'updated_categories', 'new_users', 'waiting_elements')
 * @param string start (mysql datetime format)
 * @param string end (mysql datetime format)
 *
@ -80,7 +80,7 @@ function custom_notification_query($action, $type, $start, $end)
    AND category_id NOT IN ('.$user['forbidden_categories'].')
 ;';
      break;
-    case ' new_users':
+    case 'new_users':
      $query = '
  FROM '.USER_INFOS_TABLE.'
  WHERE registration_date > \''.$start.'\'
@ -116,7 +116,7 @@ function custom_notification_query($action, $type, $start, $end)
        case 'updated_categories':
          $field_id = 'category_id';
          break;
-        case ' new_users':
+        case 'new_users':
          $field_id = 'user_id';
          break;
        case 'waiting_elements':
@ -144,7 +144,7 @@ function custom_notification_query($action, $type, $start, $end)
        case 'updated_categories':
          $fields = array('category_id');
          break;
-        case ' new_users':
+        case 'new_users':
          $fields = array('user_id');
          break;
        case 'waiting_elements':
--- a/include/functions_session.inc.php
+++ b/include/functions_session.inc.php
@ -65,11 +65,14 @@ if (isset($conf['session_save_handler'])
    'pwg_session_destroy',
    'pwg_session_gc'
  );
-  ini_set('session.use_cookies', $conf['session_use_cookies']);
-  ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
-  ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid']));
-  ini_set('session.name', $conf['session_name']);
-  ini_set('session.cookie_path', cookie_path() );
+  if ( function_exists('ini_set') )
+  {
+    ini_set('session.use_cookies', $conf['session_use_cookies']);
+    ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
+    ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid']));
+  }
+  session_name($conf['session_name']);
+  session_set_cookie_params(0, cookie_path());
 }

 // cookie_path returns the path to use for the PhpWebGallery cookie.
@ -78,10 +81,15 @@ if (isset($conf['session_save_handler'])
 // cookie_path will return : "/meeting/gallery"
 function cookie_path()
 {
-  if ( isset($_SERVER['REDIRECT_URL']) )
+  if ( isset($_SERVER['REDIRECT_SCRIPT_NAME']) and 
+       !empty($_SERVER['REDIRECT_SCRIPT_NAME']) )
+  {
+    $scr = $_SERVER['REDIRECT_SCRIPT_NAME'];
+  }
+  else if ( isset($_SERVER['REDIRECT_URL']) )
  { // mod_rewrite is activated for upper level directories. we must set the
    // cookie to the path shown in the browser otherwise it will be discarded.
-    if ( isset($_SERVER['PATH_INFO']) )
+    if ( isset($_SERVER['PATH_INFO']) and !empty($_SERVER['PATH_INFO']) )
    {
      $idx = strpos( $_SERVER['REDIRECT_URL'], $_SERVER['PATH_INFO'] );
      if ($idx !== false)
@ -102,7 +110,9 @@ function cookie_path()
  {
    $scr = $_SERVER['SCRIPT_NAME'];
  }
-  return substr($scr,0,strrpos( $scr,'/'));
+  $scr = substr($scr,0,strrpos( $scr,'/'));
+  // add a trailing '/' if needed
+  return ($scr{strlen($scr)-1} == '/') ? $scr : $scr . '/';
 }

 /**
@ -165,15 +175,16 @@ UPDATE '.SESSIONS_TABLE.'
  WHERE id = \''.$session_id.'\'
 ;';
  pwg_query($query);
-  if ( mysql_affected_rows()==0 )
+  if ( mysql_affected_rows()>0 )
  {
-    $query = '
+    return true;
+  }
+  $query = '
 INSERT INTO '.SESSIONS_TABLE.'
  (id,data,expiration)
  VALUES(\''.$session_id.'\',\''.$data.'\',now())
 ;';
-    pwg_query($query);
-  }
+  mysql_query($query);
  return true;
 }

--- a/include/functions_tag.inc.php
+++ b/include/functions_tag.inc.php
@ -54,7 +54,10 @@ SELECT DISTINCT image_id
  WHERE category_id NOT IN ('.implode(',', $forbidden_categories).')
 ;';
    $image_ids = array_from_query($images_query, 'image_id');
-
+    if ( empty($image_ids) )
+    {
+      return array();
+    }
    $tags_query.= '
  WHERE image_id IN ('.
      wordwrap(
@ -63,13 +66,13 @@ SELECT DISTINCT image_id
        "\n"
        ).')';
  }
-  
+
  $tags_query.= '
  GROUP BY tag_id
 ;';

  $result = pwg_query($tags_query);
-  
+
  $tags = array();

  while ($row = mysql_fetch_array($result))
@ -88,12 +91,13 @@ SELECT DISTINCT image_id
 function get_all_tags()
 {
  $query = '
-SELECT id AS tag_id, name, url_name
+SELECT id AS tag_id,
+       name,
+       url_name
  FROM '.TAGS_TABLE.'
-  ORDER BY name
 ;';
  $result = pwg_query($query);
-  
+
  $tags = array();

  while ($row = mysql_fetch_array($result))
@ -101,6 +105,8 @@ SELECT id AS tag_id, name, url_name
    array_push($tags, $row);
  }

+  usort($tags, 'name_compare');
+
  return $tags;
 }

@ -123,7 +129,7 @@ function add_level_to_tags($tags)
  {
    return $tags;
  }
-  
+
  $total_count = 0;

  foreach ($tags as $tag)
@ -146,7 +152,7 @@ function add_level_to_tags($tags)
  foreach (array_keys($tags) as $k)
  {
    $tags[$k]['level'] = 1;
-    
+
    // based on threshold, determine current tag level
    for ($i = $conf['tags_levels'] - 1; $i >= 1; $i--)
    {
@ -177,7 +183,7 @@ function get_image_ids_for_tags($tag_ids, $mode = 'AND')
    {
      // strategy is to list images associated to each tag
      $tag_images = array();
-      
+
      foreach ($tag_ids as $tag_id)
      {
        $query = '
--- a/include/functions_url.inc.php
+++ b/include/functions_url.inc.php
@ -27,6 +27,7 @@

 /**
 * returns a prefix for each url link on displayed page
+ * and return an empty string for current path
 * @return string
 */
 function get_root_url()
@ -34,9 +35,20 @@ function get_root_url()
  global $page;
  if ( isset($page['root_path']) )
  {
-    return $page['root_path'];
+    $root_url = $page['root_path'];
+  }
+  else
+  {
+    $root_url = PHPWG_ROOT_PATH;
+  }
+  if ( dirname($root_url)!='.' )
+  {
+    return $root_url;
+  }
+  else
+  {
+    return substr($root_url, 2);
  }
-  return PHPWG_ROOT_PATH;
 }

 /**
@ -80,7 +92,7 @@ function add_url_params($url, $params)
 * @param array
 * @return string
 */
-function make_index_URL($params = array())
+function make_index_url($params = array())
 {
  global $conf;
  $url = get_root_url().'index';
@ -92,7 +104,7 @@ function make_index_URL($params = array())
  {
    $url .= '?';
  }
-  $url.= make_section_in_URL($params);
+  $url.= make_section_in_url($params);
  $url = add_well_known_params_in_url($url, $params);
  return $url;
 }
@ -101,7 +113,7 @@ function make_index_URL($params = array())
 * build an index URL with current page parameters, but with redefinitions
 * and removes.
 *
- * duplicate_index_URL(array('category' => 12), array('start')) will create
+ * duplicate_index_url(array('category' => 12), array('start')) will create
 * an index URL on the current section (categories), but on a redefined
 * category and without the start URL parameter.
 *
@ -109,9 +121,9 @@ function make_index_URL($params = array())
 * @param array removed keys
 * @return string
 */
-function duplicate_index_URL($redefined = array(), $removed = array())
+function duplicate_index_url($redefined = array(), $removed = array())
 {
-  return make_index_URL(
+  return make_index_url(
    params_for_duplication($redefined, $removed)
    );
 }
@ -154,15 +166,15 @@ function params_for_duplication($redefined, $removed)

 /**
 * create a picture URL with current page parameters, but with redefinitions
- * and removes. See duplicate_index_URL.
+ * and removes. See duplicate_index_url.
 *
 * @param array redefined keys
 * @param array removed keys
 * @return string
 */
-function duplicate_picture_URL($redefined = array(), $removed = array())
+function duplicate_picture_url($redefined = array(), $removed = array())
 {
-  return make_picture_URL(
+  return make_picture_url(
    params_for_duplication($redefined, $removed)
    );
 }
@ -173,12 +185,12 @@ function duplicate_picture_URL($redefined = array(), $removed = array())
 * @param array
 * @return string
 */
-function make_picture_URL($params)
+function make_picture_url($params)
 {
  global $conf;
  if (!isset($params['image_id']))
  {
-    die('make_picture_URL: image_id is a required parameter');
+    die('make_picture_url: image_id is a required parameter');
  }

  $url = get_root_url().'picture';
@ -201,20 +213,19 @@ function make_picture_URL($params)
      }
      break;
    case 'file':
-      if ( isset($params['image_file'])
-           and !is_numeric($params['image_file']) )
+      if ( isset($params['image_file']) )
      {
-        $url .= get_filename_wo_extension($params['image_file']);
+        $fname_wo_ext = get_filename_wo_extension($params['image_file']);
+        if (! preg_match('/^\d+(-|$)/', $fname_wo_ext) )
+        {
+          $url .= $fname_wo_ext;
+          break;
+        }
      }
-      else
-      {
-        $url .= $params['image_id'];
-      }
-      break;
    default:
      $url .= $params['image_id'];
  }
-  $url .= make_section_in_URL($params);
+  $url .= make_section_in_url($params);
  $url = add_well_known_params_in_url($url, $params);
  return $url;
 }
@ -254,7 +265,7 @@ function add_well_known_params_in_url($url, $params)
 * @param array
 * @return string
 */
-function make_section_in_URL($params)
+function make_section_in_url($params)
 {
  global $conf;
  $section_string = '';
@ -311,7 +322,7 @@ function make_section_in_URL($params)
    {
      if (!isset($params['tags']) or count($params['tags']) == 0)
      {
-        die('make_section_in_URL: require at least one tag');
+        die('make_section_in_url: require at least one tag');
      }

      $section_string.= '/tags';
@ -344,7 +355,7 @@ function make_section_in_URL($params)
    {
      if (!isset($params['search']))
      {
-        die('make_section_in_URL: require a search identifier');
+        die('make_section_in_url: require a search identifier');
      }

      $section_string.= '/search/'.$params['search'];
@ -355,7 +366,7 @@ function make_section_in_URL($params)
    {
      if (!isset($params['list']))
      {
-        die('make_section_in_URL: require a list of items');
+        die('make_section_in_url: require a list of items');
      }

      $section_string.= '/list/'.implode(',', $params['list']);
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@ -104,6 +104,54 @@ function setup_style($style)
  return new Template(PHPWG_ROOT_PATH.'template/'.$style);
 }

+
+function build_user( $user_id, $use_cache )
+{
+  global $conf;
+  $user['id'] = $user_id;
+  $user = array_merge( $user, getuserdata($user_id, $use_cache) );
+  if ( $user['id'] == $conf['guest_id'])
+  {
+    $user['is_the_guest']=true;
+    $user['template'] = $conf['default_template'];
+    $user['nb_image_line'] = $conf['nb_image_line'];
+    $user['nb_line_page'] = $conf['nb_line_page'];
+    $user['language'] = $conf['default_language'];
+    $user['maxwidth'] = $conf['default_maxwidth'];
+    $user['maxheight'] = $conf['default_maxheight'];
+    $user['recent_period'] = $conf['recent_period'];
+    $user['expand'] = $conf['auto_expand'];
+    $user['show_nb_comments'] = $conf['show_nb_comments'];
+    $user['enabled_high'] = $conf['newuser_default_enabled_high'];
+  }
+  else
+  {
+    $user['is_the_guest']=false;
+  }
+  // calculation of the number of picture to display per page
+  $user['nb_image_page'] = $user['nb_image_line'] * $user['nb_line_page'];
+
+  // include template/theme configuration
+  if (defined('IN_ADMIN') and IN_ADMIN)
+  {
+    list($user['template'], $user['theme']) =
+      explode
+      (
+        '/',
+        isset($conf['default_admin_layout']) ? $conf['default_admin_layout']
+                                             : $user['template']
+      );
+    // TODO : replace $conf['admin_layout'] by $user['admin_layout']
+  }
+  else
+  {
+    list($user['template'], $user['theme']) = explode('/', $user['template']);
+  }
+
+  return $user;
+}
+
+
 /**
 * find informations related to the user identifier
 *
@ -345,10 +393,10 @@ SELECT id
  }

  if ( empty($forbidden_array) )
-  {// at least, the list contains -1 values. This category does not exists so
-   // where clauses such as "WHERE category_id NOT IN(-1)" will always be
+  {// at least, the list contains 0 value. This category does not exists so
+   // where clauses such as "WHERE category_id NOT IN(0)" will always be
   // true.
-    array_push($forbidden_array, '-1');
+    array_push($forbidden_array, 0);
  }

  return implode(',', $forbidden_array);
@ -446,10 +494,23 @@ function create_user_infos($user_id)

  list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();'));

+  if ($user_id == $conf['webmaster_id'])
+  {
+    $status = 'webmaster';
+  }
+  else if ($user_id == $conf['guest_id'])
+  {
+    $status = 'guest';
+  }
+  else
+  {
+    $status = 'normal';
+  }
+
  $insert =
    array(
      'user_id' => $user_id,
-      'status' => $user_id == $conf['webmaster_id'] ? 'admin' : 'normal',
+      'status' => $status,
      'template' => $conf['default_template'],
      'nb_image_line' => $conf['nb_image_line'],
      'nb_line_page' => $conf['nb_line_page'],
@ -460,7 +521,8 @@ function create_user_infos($user_id)
      'maxwidth' => $conf['default_maxwidth'],
      'maxheight' => $conf['default_maxheight'],
      'registration_date' => $dbnow,
-      'enabled_high' => $conf['newuser_default_enabled_high']
+      'enabled_high' =>
+        boolean_to_string($conf['newuser_default_enabled_high']),
      );

  include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
@ -536,15 +598,82 @@ function get_language_filepath($filename)
 */
 function log_user($user_id, $remember_me)
 {
-  global $conf;
-  $session_length = $conf['session_length'];
+  global $conf, $user;
+
  if ($remember_me)
  {
-    $session_length = $conf['remember_me_length'];
+    // search for an existing auto_login_key
+    $query = '
+SELECT auto_login_key
+  FROM '.USER_INFOS_TABLE.'
+  WHERE user_id = '.$user_id.'
+;';
+
+    $auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
+    if (empty($auto_login_key))
+    {
+      $auto_login_key = base64_encode(md5(uniqid(rand(), true)));
+      $query = '
+UPDATE '.USER_INFOS_TABLE.'
+  SET auto_login_key = \''.$auto_login_key.'\'
+  WHERE user_id = '.$user_id.'
+;';
+      pwg_query($query);
+    }
+    $cookie = array('id' => $user_id, 'key' => $auto_login_key);
+    setcookie($conf['remember_me_name'],
+	      serialize($cookie),
+	      time()+$conf['remember_me_length'],
+	      cookie_path()
+	      );
  }
-  session_set_cookie_params($session_length);
-  session_start();
-  $_SESSION['id'] = $user_id;
+  else
+  { // make sure we clean any remember me ...
+    setcookie($conf['remember_me_name'], '', 0, cookie_path());
+  }
+  if ( session_id()!="" )
+  { // this can happpen when the session is expired and auto_login
+    session_regenerate_id();
+  }
+  else
+  {
+    session_start();
+  }
+  $_SESSION['pwg_uid'] = $user_id;
+
+  $user['id'] = $_SESSION['pwg_uid'];
+}
+
+/*
+ * Performs auto-connexion when cookie remember_me exists
+ * @return true/false
+*/
+function auto_login() {
+  global $conf;
+
+  if ( isset( $_COOKIE[$conf['remember_me_name']] ) )
+  {
+    // must remove slash added in include/common.inc.php
+    $cookie = unserialize(stripslashes($_COOKIE[$conf['remember_me_name']]));
+
+    $query = '
+SELECT auto_login_key
+  FROM '.USER_INFOS_TABLE.'
+  WHERE user_id = '.$cookie['id'].'
+;';
+
+    $auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
+    if ($auto_login_key == $cookie['key'])
+    {
+      log_user($cookie['id'], true);
+      return true;
+    }
+    else
+    {
+      setcookie($conf['remember_me_name'], '', 0, cookie_path());
+    }
+  }
+  return false;
 }

 /*
@ -633,4 +762,30 @@ function is_adviser()

  return ($user['adviser'] == 'true');
 }
-?>
+
+/*
+ * Return mail address as display text
+ * @return string
+*/
+function get_email_address_as_display_text($email_address)
+{
+  global $conf;
+
+  if (!isset($email_address) or (trim($email_address) == ''))
+  {
+    return '';
+  }
+  else
+  {
+    if (is_adviser())
+    {
+      return 'adviser.mode@'.$_SERVER['SERVER_NAME'];
+    }
+    else
+    {
+      return $email_address;
+    }
+  }
+}
+
+?>
--- a/include/index.php
+++ b/include/index.php
@ -25,9 +25,11 @@
 // | USA.                                                                  |
 // +-----------------------------------------------------------------------+

+// recursive call of index.php
+
 $url = '../index.php';
-header( 'Request-URI: '.$url );  
-header( 'Content-Location: '.$url );  
+header( 'Request-URI: '.$url );
+header( 'Content-Location: '.$url );
 header( 'Location: '.$url );
 exit();
 ?>
--- a/include/menubar.inc.php
+++ b/include/menubar.inc.php
@ -0,0 +1,316 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery                           |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | branch        : BSF (Best So Far)
+// | file          : $Id$
+// | last update   : $Date$
+// | last modifier : $Author$
+// | revision      : $Revision$
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+/**
+ * This file is included by the main page to show the menu bar
+ *
+ */
+$template->set_filenames(
+  array(
+    'menubar' => 'menubar.tpl',
+    )
+  );
+
+$template->assign_vars(
+  array(
+    'NB_PICTURE' => $user['nb_total_images'],
+    'USERNAME' => $user['username'],
+    'MENU_CATEGORIES_CONTENT' => get_categories_menu(),
+    'F_IDENTIFY' => get_root_url().'identification.php',
+    'U_HOME' => make_index_url(),
+    'U_REGISTER' => get_root_url().'register.php',
+    'U_LOST_PASSWORD' => get_root_url().'password.php',
+    'U_LOGOUT' => get_root_url().'?act=logout',
+    'U_ADMIN'=> get_root_url().'admin.php',
+    'U_PROFILE'=> get_root_url().'profile.php',
+    )
+  );
+
+//-------------------------------------------------------------- external links
+if (count($conf['links']) > 0)
+{
+  $template->assign_block_vars('links', array());
+
+  foreach ($conf['links'] as $url => $label)
+  {
+    $template->assign_block_vars(
+      'links.link',
+      array(
+        'URL' => $url,
+        'LABEL' => $label
+        )
+      );
+  }
+}
+//------------------------------------------------------------------------ tags
+if ('tags' == $page['section'])
+{
+  $template->assign_block_vars('tags', array());
+
+  // display tags associated to currently tagged items, less current tags
+  $tags = array();
+
+  if ( !empty($page['items']) )
+  {
+    $query = '
+SELECT tag_id, name, url_name, count(*) counter
+  FROM '.IMAGE_TAG_TABLE.'
+    INNER JOIN '.TAGS_TABLE.' ON tag_id = id
+  WHERE image_id IN ('.implode(',', $items).')
+    AND tag_id NOT IN ('.implode(',', $page['tag_ids']).')
+  GROUP BY tag_id
+  ORDER BY name ASC
+;';
+    $result = pwg_query($query);
+    while($row = mysql_fetch_array($result))
+    {
+      array_push($tags, $row);
+    }
+  }
+
+  $tags = add_level_to_tags($tags);
+
+  foreach ($tags as $tag)
+  {
+    $template->assign_block_vars(
+      'tags.tag',
+      array(
+        'URL_ADD' => make_index_url(
+          array(
+            'tags' => array_merge(
+              $page['tags'],
+              array(
+                array(
+                  'id' => $tag['tag_id'],
+                  'url_name' => $tag['url_name'],
+                  ),
+                )
+              )
+            )
+          ),
+
+        'URL' => make_index_url(
+          array(
+            'tags' => array(
+              array(
+                'id' => $tag['tag_id'],
+                'url_name' => $tag['url_name'],
+                ),
+              )
+            )
+          ),
+
+        'NAME' => $tag['name'],
+
+        'TITLE' => l10n('See pictures linked to this tag only'),
+
+        'TITLE_ADD' => sprintf(
+          l10n('%d pictures are also linked to current tags'),
+          $tag['counter']
+          ),
+
+        'CLASS' => 'tagLevel'.$tag['level']
+        )
+      );
+  }
+}
+//---------------------------------------------------------- special categories
+// favorites categories
+if ( !$user['is_the_guest'] )
+{
+  $template->assign_block_vars('username', array());
+
+  $template->assign_block_vars(
+    'special_cat',
+    array(
+      'URL' => make_index_url(array('section' => 'favorites')),
+      'TITLE' => $lang['favorite_cat_hint'],
+      'NAME' => $lang['favorite_cat']
+      ));
+}
+// most visited
+$template->assign_block_vars(
+  'special_cat',
+  array(
+    'URL' => make_index_url(array('section' => 'most_visited')),
+    'TITLE' => $lang['most_visited_cat_hint'],
+    'NAME' => $lang['most_visited_cat']
+    ));
+// best rated
+if ($conf['rate'])
+{
+  $template->assign_block_vars(
+    'special_cat',
+    array(
+      'URL' => make_index_url(array('section' => 'best_rated')),
+      'TITLE' => $lang['best_rated_cat_hint'],
+      'NAME' => $lang['best_rated_cat']
+      )
+    );
+}
+// random
+$template->assign_block_vars(
+  'special_cat',
+  array(
+    'URL' => get_root_url().'random.php',
+    'TITLE' => $lang['random_cat_hint'],
+    'NAME' => $lang['random_cat']
+    ));
+// recent pics
+$template->assign_block_vars(
+  'special_cat',
+  array(
+    'URL' => make_index_url(array('section' => 'recent_pics')),
+    'TITLE' => $lang['recent_pics_cat_hint'],
+    'NAME' => $lang['recent_pics_cat']
+    ));
+// recent cats
+$template->assign_block_vars(
+  'special_cat',
+  array(
+    'URL' => make_index_url(array('section' => 'recent_cats')),
+    'TITLE' => $lang['recent_cats_cat_hint'],
+    'NAME' => $lang['recent_cats_cat']
+    ));
+
+// calendar
+$template->assign_block_vars(
+  'special_cat',
+  array(
+    'URL' =>
+      make_index_url(
+        array(
+          'chronology_field' => ($conf['calendar_datefield']=='date_available'
+                                  ? 'posted' : 'created'),
+           'chronology_style'=> 'monthly',
+           'chronology_view' => 'calendar'
+        )
+      ),
+    'TITLE' => $lang['calendar_hint'],
+    'NAME' => $lang['calendar']
+    )
+  );
+//--------------------------------------------------------------------- summary
+
+if ($user['is_the_guest'])
+{
+  $template->assign_block_vars('register', array());
+  $template->assign_block_vars('login', array());
+
+  $template->assign_block_vars('quickconnect', array());
+  if ($conf['authorize_remembering'])
+  {
+    $template->assign_block_vars('quickconnect.remember_me', array());
+  }
+}
+else
+{
+  $template->assign_block_vars('hello', array());
+
+  if (is_autorize_status(ACCESS_CLASSIC))
+  {
+    $template->assign_block_vars('profile', array());
+  }
+
+  // the logout link has no meaning with Apache authentication : it is not
+  // possible to logout with this kind of authentication.
+  if (!$conf['apache_authentication'])
+  {
+    $template->assign_block_vars('logout', array());
+  }
+
+  if (is_admin())
+  {
+    $template->assign_block_vars('admin', array());
+  }
+}
+
+// tags link
+$template->assign_block_vars(
+  'summary',
+  array(
+    'TITLE' => l10n('See available tags'),
+    'NAME' => l10n('Tags'),
+    'U_SUMMARY'=> get_root_url().'tags.php',
+    )
+  );
+
+// search link
+$template->assign_block_vars(
+  'summary',
+  array(
+    'TITLE'=>$lang['hint_search'],
+    'NAME'=>$lang['search'],
+    'U_SUMMARY'=> get_root_url().'search.php',
+    'REL'=> 'rel="search"'
+    )
+  );
+
+// comments link
+$template->assign_block_vars(
+  'summary',
+  array(
+    'TITLE'=>$lang['hint_comments'],
+    'NAME'=>$lang['comments'],
+    'U_SUMMARY'=> get_root_url().'comments.php',
+    )
+  );
+
+// about link
+$template->assign_block_vars(
+  'summary',
+  array(
+    'TITLE'     => $lang['about_page_title'],
+    'NAME'      => $lang['About'],
+    'U_SUMMARY' => get_root_url().'about.php',
+    )
+  );
+
+// notification
+$template->assign_block_vars(
+  'summary',
+  array(
+    'TITLE'=>l10n('notification'),
+    'NAME'=>l10n('Notification'),
+    'U_SUMMARY'=> get_root_url().'notification.php',
+    'REL'=> 'rel="nofollow"'
+    )
+  );
+
+if (isset($page['category']) and $page['cat_uploadable'] )
+{ // upload a picture in the category
+  $url = get_root_url().'upload.php?cat='.$page['category'];
+  $template->assign_block_vars(
+    'upload',
+    array(
+      'U_UPLOAD'=> $url
+      )
+    );
+}
+
+$template->assign_var_from_handle('MENUBAR', 'menubar');
+?>
--- a/include/page_header.php
+++ b/include/page_header.php
@ -30,9 +30,6 @@
 //
 $template->set_filenames(array('header'=>'header.tpl'));

-$css = PHPWG_ROOT_PATH.'template/'.$user['template'];
-$css.= '/'.$user['template'].'.css';
-
 $template->assign_vars(
  array(
    'GALLERY_TITLE' =>
@ -52,20 +49,21 @@ $template->assign_vars(
    'LANG'=>$lang_info['code'],
    'DIR'=>$lang_info['direction'],

-    'T_STYLE' => $css,
-    'TAG_INPUT_ENABLED' => ((is_adviser()) ? 'disabled' : '')
+    'TAG_INPUT_ENABLED' => ((is_adviser()) ? 'disabled onclick="return false;"' : '')
    ));

 // refresh
-if ( isset( $refresh ) and intval($refresh) >= 0 and isset( $url_link ) )
+if ( isset( $refresh ) and intval($refresh) >= 0 and isset( $url_link ) and isset( $redirect_msg ) )
 {
  $template->assign_vars(
    array(
+      'U_REDIRECT_MSG' => $redirect_msg,
      'REFRESH_TIME' => $refresh,
      'U_REFRESH' => $url_link
      ));
  $template->assign_block_vars('refresh', array());
 }

+header('Content-Type: text/html; charset='.$lang_info['charset']);
 $template->parse('header');
 ?>
--- a/include/picture_comment.inc.php
+++ b/include/picture_comment.inc.php
@ -30,8 +30,26 @@
 *
 */

+// the picture is commentable if it belongs at least to one category which
+// is commentable
+$page['show_comments'] = false;
+foreach ($related_categories as $category)
+{
+  if ($category['commentable'] == 'true')
+  {
+    $page['show_comments'] = true;
+  }
+}
+
 if ( isset( $_POST['content'] ) and !empty($_POST['content']) )
 {
+  if (!$page['show_comments'])
+  {
+    header('HTTP/1.1 403 Forbidden');
+    header('Status: 403 Forbidden');
+    die('Hacking attempt!');
+  }
+
  $register_comment = true;
  $author = !empty($_POST['author'])?$_POST['author']:$lang['guest'];
  // if a guest try to use the name of an already existing user, he must be
@ -108,17 +126,6 @@ if ( isset( $_POST['content'] ) and !empty($_POST['content']) )
  }
 }

-// the picture is commentable if it belongs at least to one category which
-// is commentable
-$page['show_comments'] = false;
-foreach ($related_categories as $category)
-{
-  if ($category['commentable'] == 'true')
-  {
-    $page['show_comments'] = true;
-  }
-}
-
 if ($page['show_comments'])
 {
  // number of comment for this picture
@ -135,7 +142,7 @@ if ($page['show_comments'])
  }

  $page['navigation_bar'] = create_navigation_bar(
-    duplicate_picture_URL(array(), array('start')),
+    duplicate_picture_url(array(), array('start')),
    $row['nb_comments'],
    $page['start'],
    $conf['nb_comment_page'],
--- a/include/picture_rate.inc.php
+++ b/include/picture_rate.inc.php
@ -54,6 +54,7 @@ SELECT COUNT(rate) AS count
      );
  }

+  $user_rate = null;
  if ($conf['rate_anonymous'] or is_autorize_status(ACCESS_CLASSIC) )
  {
    if ($row['count']>0)
@ -78,51 +79,40 @@ SELECT COUNT(rate) AS count
      if (mysql_num_rows($result) > 0)
      {
        $row = mysql_fetch_array($result);
-        $sentence = $lang['already_rated'];
-        $sentence.= ' ('.$row['rate'].'). ';
-        $sentence.= $lang['update_rate'];
-      }
-      else
-      {
-        $sentence = $lang['never_rated'].'. '.$lang['Rate'];
+        $user_rate = $row['rate'];
      }
    }
-    else
-    {
-      $sentence = $lang['never_rated'].'. '.$lang['Rate'];
-    }
+
    $template->assign_block_vars(
      'rate',
      array(
-        'CONTENT' => $value,
-        'SENTENCE' => $sentence
+        'SENTENCE' =>isset($user_rate) ? l10n('update_rate') : l10n('new_rate'),
+        'F_ACTION' => add_url_params(
+                        $url_self,
+                        array('action'=>'rate')
+                      )
        )
      );

    $template->assign_block_vars('info_rate', array('CONTENT' => $value));

-    $template->assign_vars(
-      array(
-        'INFO_RATE' => $value
-        )
-      );
-
    foreach ($conf['rate_items'] as $num => $mark)
    {
      $template->assign_block_vars(
        'rate.rate_option',
        array(
          'OPTION'    => $mark,
-          'URL'       => add_url_params(
-                          $url_self,
-                          array(
-                            'action'=>'rate',
-                            'rate'=>$mark
-                          )
-                        ),
          'SEPARATOR' => ($num > 0 ? '|' : ''),
          )
        );
+      if (isset($user_rate) and $user_rate==$mark)
+      {
+        $template->assign_block_vars('rate.rate_option.my_rate', array() );
+      }
+      else
+      {
+        $template->assign_block_vars('rate.rate_option.not_my_rate', array() );
+      }
    }
  }
 }
--- a/include/pngfix.js
+++ b/include/pngfix.js
@ -1,6 +1,9 @@

 // Correctly handle PNG transparency in Win IE 5.5 or higher.
 // http://homepage.ntlworld.com/bobosola. Updated 02-March-2004
+// 15-Jully-2006 : chrisaga use \" instead of ' in imgTitle
+//		 : to fix ' display in tooltips
+//		 : keep the alt attribute

 function correctPNG() 
   {
@ -14,7 +17,9 @@ function correctPNG()
 	     {
 		 var imgID = (img.id) ? "id='" + img.id + "' " : ""
 		 var imgClass = (img.className) ? "class='" + img.className + "' " : ""
-		 var imgTitle = (img.title) ? "title='" + img.title + "' " : "title='" + img.alt + "' "
+		 //var imgTitle = (img.title) ? "title=\"" + img.title + "\" " : "alt=\"" + img.alt + "\" "
+		 var imgTitle = (img.title) ? "title=\"" + img.title + "\" " : "";
+		 imgTitle = imgTitle + (img.alt) ? "title=\"" + img.alt + "\" " : "";
 		 var imgStyle = "display:inline-block;" + img.style.cssText 
 		 if (img.align == "left") imgStyle = "float:left;" + imgStyle
 		 if (img.align == "right") imgStyle = "float:right;" + imgStyle
--- a/include/scripts.js
+++ b/include/scripts.js
@ -40,9 +40,32 @@ for( i=0; i<len; i++)
 }
 }

+function verifieAndOpen()
+{
+  var ok=1;
+  if (!img.complete)
+  {
+    // sometime the image loading is not complete
+    // especially with KHTML and Opera 
+    setTimeout("verifieAndOpen()",200)
+  }
+  else
+  {
+  /* give more space for scrollbars (10 for FF, 40 for IE) */
+    width=img.width +40;
+    height=img.height +40;
+    window.open(owURL,owName,owFeatures  + ',width=' + width + ',height=' + height);
+  }
+}
+
 function phpWGOpenWindow(theURL,winName,features)
 {
-  window.open(theURL,winName,features);
+  img = new Image()
+  img.src = theURL;
+  owURL=theURL;
+  owName=winName;
+  owFeatures=features;
+  verifieAndOpen();
 }

 function popuphelp(url)
--- a/include/section_init.inc.php
+++ b/include/section_init.inc.php
@ -53,7 +53,10 @@

 $page['section'] = 'categories';

-if ( isset($_SERVER["PATH_INFO"]) )
+// some ISPs set PATH_INFO to empty string or to SCRIPT_FILENAME while in the
+// default apache implementation it is not set
+if ( $conf['question_mark_in_urls']==false and
+     isset($_SERVER["PATH_INFO"]) and !empty($_SERVER["PATH_INFO"]) )
 {
  $rewritten = $_SERVER["PATH_INFO"];
  $rewritten = str_replace('//', '/', $rewritten);
@ -83,7 +86,7 @@ $tokens = explode(
 //   );

 $next_token = 0;
-if (basename($_SERVER['SCRIPT_FILENAME']) == 'picture.php')
+if (script_basename() == 'picture') // basename without file extention
 { // the first token must be the identifier for the picture
  if ( isset($_GET['image_id'])
       and isset($_GET['cat']) and is_numeric($_GET['cat']) )
@ -197,7 +200,7 @@ SELECT name, url_name, id
  }
  if ( empty($page['tags']) )
  {
-    die('Fatal: no existing tag');
+    page_not_found('Requested tag does not exist', get_root_url().'tags.php' );
  }
 }
 else if (0 === strpos($tokens[$next_token], 'fav'))
@ -316,6 +319,10 @@ if ('categories' == $page['section'])
  if (isset($page['category']))
  {
    $result = get_cat_info($page['category']);
+    if (empty($result))
+    {
+      page_not_found('Requested category does not exist' );
+    }

    $page = array_merge(
      $page,
@ -506,7 +513,8 @@ SELECT DISTINCT(id)
    $page = array_merge(
      $page,
      array(
-        'title' => $lang['recent_pics_cat'],
+        'title' => '<a href="'.duplicate_index_url().'">'
+                  .$lang['recent_pics_cat'].'</a>',
        'items' => array_from_query($query, 'id'),
        'thumbnails_include' => 'include/category_default.inc.php',
        )
@ -545,7 +553,8 @@ SELECT DISTINCT(id)
    $page = array_merge(
      $page,
      array(
-        'title' => $conf['top_number'].' '.$lang['most_visited_cat'],
+        'title' => '<a href="'.duplicate_index_url().'">'
+                  .$conf['top_number'].' '.$lang['most_visited_cat'].'</a>',
        'items' => array_from_query($query, 'id'),
        'thumbnails_include' => 'include/category_default.inc.php',
        )
@ -571,7 +580,8 @@ SELECT DISTINCT(id)
    $page = array_merge(
      $page,
      array(
-        'title' => $conf['top_number'].' '.$lang['best_rated_cat'],
+        'title' => '<a href="'.duplicate_index_url().'">'
+                  .$conf['top_number'].' '.$lang['best_rated_cat'].'</a>',
        'items' => array_from_query($query, 'id'),
        'thumbnails_include' => 'include/category_default.inc.php',
        )
@ -594,7 +604,8 @@ SELECT DISTINCT(id)
    $page = array_merge(
      $page,
      array(
-        'title' => $lang['random_cat'],
+        'title' => '<a href="'.duplicate_index_url().'">'
+                    .$lang['random_cat'].'</a>',
        'items' => array_from_query($query, 'id'),
        'thumbnails_include' => 'include/category_default.inc.php',
        )
@ -614,7 +625,7 @@ if (isset($page['chronology_field']))

 $page['cat_nb_images'] = isset($page['items']) ? count($page['items']) : 0;

-if (basename($_SERVER['SCRIPT_FILENAME']) == 'picture.php'
+if (script_basename() == 'picture'
    and !isset($page['image_id']) )
 {
  if ( !empty($page['items']) )
--- a/include/template.php
+++ b/include/template.php
@ -59,13 +59,22 @@ class Template {
  // output
  var $output = '';

+  var $themeconf = array();
+
  /**
   * Constructor. Simply sets the root dir.
   *
   */
-  function Template($root = ".")
+  function Template($root = ".", $theme= "")
    {
-      $this->set_rootdir($root);
+      if ( $this->set_rootdir($root) )
+      {
+        if ( !empty( $theme ) )
+        {
+          include($root.'/theme/'.$theme.'/themeconf.inc.php');
+          $this->themeconf = $themeconf;
+        }
+      }
    }

  /**
@ -311,14 +320,14 @@ class Template {
      {
        die("Template->loadfile(): File $filename for handle $handle is empty");
      }
-      
+
      $this->uncompiled_code[$handle] = $str;
-      
+
      return true;
    }
-  
-  
-  
+
+
+
  /**
   * Compiles the given string of code, and returns the result in a string.
   *
@ -328,11 +337,11 @@ class Template {
   */
  function compile($code, $do_not_echo = false, $retvar = '')
    {
-      $code = preg_replace('/\{pwg_root\}/e', "get_root_url()", $code);
      // PWG specific : communication between template and $lang
      $code = preg_replace('/\{lang:([^}]+)\}/e', "l10n('$1')", $code);
      // PWG specific : expand themeconf.inc.php variables
-      $code = preg_replace('/\{themeconf:([^}]+)\}/e', "get_themeconf('$1')", $code);
+      $code = preg_replace('/\{themeconf:([^}]+)\}/e', '$this->get_themeconf(\'$1\')', $code);
+      $code = preg_replace('/\{pwg_root\}/e', "get_root_url()", $code);

      // replace \ with \\ and then ' with \'.
      $code = str_replace('\\', '\\\\', $code);
@ -525,6 +534,10 @@ class Template {
      return $varref;
    }

+    function get_themeconf($key)
+    {
+      return isset($this->themeconf[$key]) ? $this->themeconf[$key] : '';
+    }
 }

 ?>
--- a/include/user.inc.php
+++ b/include/user.inc.php
@ -2,7 +2,7 @@
 // +-----------------------------------------------------------------------+
 // | PhpWebGallery - a PHP based picture gallery                           |
 // | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
 // +-----------------------------------------------------------------------+
 // | branch        : BSF (Best So Far)
 // | file          : $RCSfile$
@ -25,28 +25,45 @@
 // | USA.                                                                  |
 // +-----------------------------------------------------------------------+

-// retrieving connected user informations
-if (isset($_COOKIE[session_name()])) 
+// by default we start with guest
+$user['id'] = $conf['guest_id'];
+
+if (isset($_COOKIE[session_name()]))
 {
- session_start();
- if (isset($_SESSION['id'])) 
- {
-   $user['id'] = $_SESSION['id'];    
-   $user['is_the_guest'] = false;
- }
- else 
- {
-   // session timeout
-   $user['id'] = $conf['guest_id'];
-   $user['is_the_guest'] = true;
- }
-} 
-else 
-{
- $user['id'] = $conf['guest_id'];
- $user['is_the_guest'] = true;
+  session_start();
+  if (isset($_GET['act']) and $_GET['act'] == 'logout')
+  { // logout
+    $_SESSION = array();
+    session_unset();
+    session_destroy();
+    setcookie(session_name(),'',0,
+        ini_get('session.cookie_path'),
+        ini_get('session.cookie_domain')
+      );
+    setcookie($conf['remember_me_name'], '', 0, cookie_path());
+    redirect(make_index_url());
+  }
+  elseif (empty($_SESSION['pwg_uid']))
+  { // timeout
+    setcookie(session_name(),'',0,
+        ini_get('session.cookie_path'),
+        ini_get('session.cookie_domain')
+      );
+  }
+  else
+  {
+    $user['id'] = $_SESSION['pwg_uid'];
+  }
 }

+
+// Now check the auto-login
+if ( $user['id']==$conf['guest_id'] )
+{
+  auto_login();
+}
+
+
 // using Apache authentication override the above user search
 if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER']))
 {
@ -55,32 +72,9 @@ if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER']))
    register_user($_SERVER['REMOTE_USER'], '', '');
    $user['id'] = get_userid($_SERVER['REMOTE_USER']);
  }
-  
-  $user['is_the_guest'] = false;
 }
-$user = array_merge(
-  $user,
-  getuserdata(
-    $user['id'],
-    ( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ?
-    )
-  );
+$user = build_user( $user['id'],
+          ( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ?
+         );

-// properties of user guest are found in the configuration
-if ($user['is_the_guest'])
-{
-  $user['template'] = $conf['default_template'];
-  $user['nb_image_line'] = $conf['nb_image_line'];
-  $user['nb_line_page'] = $conf['nb_line_page'];
-  $user['language'] = $conf['default_language'];
-  $user['maxwidth'] = $conf['default_maxwidth'];
-  $user['maxheight'] = $conf['default_maxheight'];
-  $user['recent_period'] = $conf['recent_period'];
-  $user['expand'] = $conf['auto_expand'];
-  $user['show_nb_comments'] = $conf['show_nb_comments'];
-  $user['enabled_high'] = $conf['newuser_default_enabled_high'];
-}
-
-// calculation of the number of picture to display per page
-$user['nb_image_page'] = $user['nb_image_line'] * $user['nb_line_page'];
-?>
+?>
--- a/index.php
+++ b/index.php
@ -35,19 +35,6 @@ include(PHPWG_ROOT_PATH.'include/section_init.inc.php');
 // +-----------------------------------------------------------------------+
 check_status(ACCESS_GUEST);

-//---------------------------------------------------------------------- logout
-if ( isset( $_GET['act'] )
-     and $_GET['act'] == 'logout'
-     and isset( $_COOKIE[session_name()] ) )
-{
-  // cookie deletion if exists
-  $_SESSION = array();
-  session_unset();
-  session_destroy();
-  setcookie(session_name(),'',0, ini_get('session.cookie_path') );
-  redirect( make_index_url() );
-}
-
 //---------------------------------------------- change of image display order
 if (isset($_GET['image_order']))
 {
@ -58,7 +45,7 @@ if (isset($_GET['image_order']))
    );

  redirect(
-    duplicate_index_URL(
+    duplicate_index_url(
      array(),        // nothing to redefine
      array('start')  // changing display order goes back to section first page
      )
@ -81,7 +68,7 @@ if (isset($page['cat_nb_images'])
    and $page['cat_nb_images'] > $user['nb_image_page'])
 {
  $page['navigation_bar'] = create_navigation_bar(
-    duplicate_index_URL(array(), array('start')),
+    duplicate_index_url(array(), array('start')),
    $page['cat_nb_images'],
    $page['start'],
    $user['nb_image_page'],
@ -129,7 +116,7 @@ if (!isset($page['chronology_field']))
  $template->assign_block_vars(
    'mode_created',
    array(
-      'URL' => duplicate_index_URL( $chronology_params, array('start') )
+      'URL' => duplicate_index_url( $chronology_params, array('start') )
      )
    );

@ -137,7 +124,7 @@ if (!isset($page['chronology_field']))
  $template->assign_block_vars(
    'mode_posted',
    array(
-      'URL' => duplicate_index_URL( $chronology_params, array('start') )
+      'URL' => duplicate_index_url( $chronology_params, array('start') )
      )
    );
 }
@ -146,7 +133,7 @@ else
  $template->assign_block_vars(
    'mode_normal',
    array(
-      'URL' => duplicate_index_URL( array(), array('chronology_field','start') )
+      'URL' => duplicate_index_url( array(), array('chronology_field','start') )
      )
    );

@ -158,7 +145,7 @@ else
  {
    $chronology_field = 'created';
  }
-  $url = duplicate_index_URL(
+  $url = duplicate_index_url(
            array('chronology_field'=>$chronology_field ),
            array('chronology_date', 'start')
          );
@ -167,24 +154,14 @@ else
    array('URL' => $url )
    );
 }
+// include menubar
+include(PHPWG_ROOT_PATH.'include/menubar.inc.php');

 $template->assign_vars(
  array(
-    'NB_PICTURE' => $user['nb_total_images'],
    'TITLE' => $template_title,
-    'USERNAME' => $user['username'],
-    'TOP_NUMBER' => $conf['top_number'],
-    'MENU_CATEGORIES_CONTENT' => get_categories_menu(),
-
-    'F_IDENTIFY' => get_root_url().'identification.php',
-    'T_RECENT' => $icon_recent,
-
-    'U_HOME' => make_index_URL(),
-    'U_REGISTER' => get_root_url().'register.php',
-    'U_LOST_PASSWORD' => get_root_url().'password.php',
-    'U_LOGOUT' => add_url_params(make_index_URL(), array('act'=>'logout') ),
-    'U_ADMIN'=> get_root_url().'admin.php',
-    'U_PROFILE'=> get_root_url().'profile.php',
+    'TOP_NUMBER' => $conf['top_number'],	// still used ?
+    'T_RECENT' => $icon_recent,			// still used ?
    )
  );

@ -197,256 +174,6 @@ if ('search' == $page['section'])
      )
    );
 }
-//-------------------------------------------------------------- external links
-if (count($conf['links']) > 0)
-{
-  $template->assign_block_vars('links', array());
-
-  foreach ($conf['links'] as $url => $label)
-  {
-    $template->assign_block_vars(
-      'links.link',
-      array(
-        'URL' => $url,
-        'LABEL' => $label
-        )
-      );
-  }
-}
-//------------------------------------------------------------------------ tags
-if ('tags' == $page['section'])
-{
-  $template->assign_block_vars('tags', array());
-
-  // display tags associated to currently tagged items, less current tags
-  $tags = array();
-
-  if ( !empty($page['items']) )
-  {
-    $query = '
-SELECT tag_id, name, url_name, count(*) counter
-  FROM '.IMAGE_TAG_TABLE.'
-    INNER JOIN '.TAGS_TABLE.' ON tag_id = id
-  WHERE image_id IN ('.implode(',', $items).')
-    AND tag_id NOT IN ('.implode(',', $page['tag_ids']).')
-  GROUP BY tag_id
-  ORDER BY name ASC
-;';
-    $result = pwg_query($query);
-    while($row = mysql_fetch_array($result))
-    {
-      array_push($tags, $row);
-    }
-  }
-
-  $tags = add_level_to_tags($tags);
-
-  foreach ($tags as $tag)
-  {
-    $template->assign_block_vars(
-      'tags.tag',
-      array(
-        'URL_ADD' => make_index_URL(
-          array(
-            'tags' => array_merge(
-              $page['tags'],
-              array(
-                array(
-                  'id' => $tag['tag_id'],
-                  'url_name' => $tag['url_name'],
-                  ),
-                )
-              )
-            )
-          ),
-
-        'URL' => make_index_URL(
-          array(
-            'tags' => array(
-              array(
-                'id' => $tag['tag_id'],
-                'url_name' => $tag['url_name'],
-                ),
-              )
-            )
-          ),
-
-        'NAME' => $tag['name'],
-
-        'TITLE' => l10n('See pictures linked to this tag only'),
-
-        'TITLE_ADD' => sprintf(
-          l10n('%d pictures are also linked to current tags'),
-          $tag['counter']
-          ),
-
-        'CLASS' => 'tagLevel'.$tag['level']
-        )
-      );
-  }
-}
-//---------------------------------------------------------- special categories
-// favorites categories
-if ( !$user['is_the_guest'] )
-{
-  $template->assign_block_vars('username', array());
-
-  $template->assign_block_vars(
-    'special_cat',
-    array(
-      'URL' => make_index_URL(array('section' => 'favorites')),
-      'TITLE' => $lang['favorite_cat_hint'],
-      'NAME' => $lang['favorite_cat']
-      ));
-}
-// most visited
-$template->assign_block_vars(
-  'special_cat',
-  array(
-    'URL' => make_index_URL(array('section' => 'most_visited')),
-    'TITLE' => $lang['most_visited_cat_hint'],
-    'NAME' => $lang['most_visited_cat']
-    ));
-// best rated
-if ($conf['rate'])
-{
-  $template->assign_block_vars(
-    'special_cat',
-    array(
-      'URL' => make_index_URL(array('section' => 'best_rated')),
-      'TITLE' => $lang['best_rated_cat_hint'],
-      'NAME' => $lang['best_rated_cat']
-      )
-    );
-}
-// random
-$template->assign_block_vars(
-  'special_cat',
-  array(
-    'URL' => get_root_url().'random.php',
-    'TITLE' => $lang['random_cat_hint'],
-    'NAME' => $lang['random_cat']
-    ));
-// recent pics
-$template->assign_block_vars(
-  'special_cat',
-  array(
-    'URL' => make_index_URL(array('section' => 'recent_pics')),
-    'TITLE' => $lang['recent_pics_cat_hint'],
-    'NAME' => $lang['recent_pics_cat']
-    ));
-// recent cats
-$template->assign_block_vars(
-  'special_cat',
-  array(
-    'URL' => make_index_URL(array('section' => 'recent_cats')),
-    'TITLE' => $lang['recent_cats_cat_hint'],
-    'NAME' => $lang['recent_cats_cat']
-    ));
-
-// calendar
-$template->assign_block_vars(
-  'special_cat',
-  array(
-    'URL' =>
-      make_index_URL(
-        array(
-          'chronology_field' => ($conf['calendar_datefield']=='date_available'
-                                  ? 'posted' : 'created'),
-           'chronology_style'=> 'monthly',
-           'chronology_view' => 'calendar'
-        )
-      ),
-    'TITLE' => $lang['calendar_hint'],
-    'NAME' => $lang['calendar']
-    )
-  );
-//--------------------------------------------------------------------- summary
-
-if ($user['is_the_guest'])
-{
-  $template->assign_block_vars('register', array());
-  $template->assign_block_vars('login', array());
-
-  $template->assign_block_vars('quickconnect', array());
-  if ($conf['authorize_remembering'])
-  {
-    $template->assign_block_vars('quickconnect.remember_me', array());
-  }
-}
-else
-{
-  $template->assign_block_vars('hello', array());
-
-  if (is_autorize_status(ACCESS_CLASSIC))
-  {
-    $template->assign_block_vars('profile', array());
-  }
-
-  // the logout link has no meaning with Apache authentication : it is not
-  // possible to logout with this kind of authentication.
-  if (!$conf['apache_authentication'])
-  {
-    $template->assign_block_vars('logout', array());
-  }
-
-  if (is_admin())
-  {
-    $template->assign_block_vars('admin', array());
-  }
-}
-
-// tags link
-$template->assign_block_vars(
-  'summary',
-  array(
-    'TITLE' => l10n('See available tags'),
-    'NAME' => l10n('Tags'),
-    'U_SUMMARY'=> get_root_url().'tags.php',
-    )
-  );
-
-// search link
-$template->assign_block_vars(
-  'summary',
-  array(
-    'TITLE'=>$lang['hint_search'],
-    'NAME'=>$lang['search'],
-    'U_SUMMARY'=> get_root_url().'search.php',
-    'REL'=> 'rel="search"'
-    )
-  );
-
-// comments link
-$template->assign_block_vars(
-  'summary',
-  array(
-    'TITLE'=>$lang['hint_comments'],
-    'NAME'=>$lang['comments'],
-    'U_SUMMARY'=> get_root_url().'comments.php',
-    )
-  );
-
-// about link
-$template->assign_block_vars(
-  'summary',
-  array(
-    'TITLE'     => $lang['about_page_title'],
-    'NAME'      => $lang['About'],
-    'U_SUMMARY' => get_root_url().'about.php',
-    )
-  );
-
-// notification
-$template->assign_block_vars(
-  'summary',
-  array(
-    'TITLE'=>l10n('notification'),
-    'NAME'=>l10n('Notification'),
-    'U_SUMMARY'=> get_root_url().'notification.php',
-    'REL'=> 'rel="nofollow"'
-    )
-  );

 if (isset($page['category']) and is_admin())
 {
@ -516,7 +243,7 @@ if (isset($page['cat_nb_images']) and $page['cat_nb_images'] > 0
        'preferred_image_order.order',
        array(
          'DISPLAY' => $orders[$i][0],
-          'URL' => add_url_params( duplicate_index_URL(), array('image_order'=>$i) ),
+          'URL' => add_url_params( duplicate_index_url(), array('image_order'=>$i) ),
          'SELECTED_OPTION' => ($order_idx==$i ? 'SELECTED' : ''),
          )
        );
@ -526,18 +253,6 @@ if (isset($page['cat_nb_images']) and $page['cat_nb_images'] > 0

 if (isset($page['category']))
 {
-  // upload a picture in the category
-  if ($page['cat_uploadable'])
-  {
-    $url = get_root_url().'upload.php?cat='.$page['category'];
-    $template->assign_block_vars(
-      'upload',
-      array(
-        'U_UPLOAD'=> $url
-        )
-      );
-  }
-
  // category comment
  if (isset($page['comment']) and $page['comment'] != '')
  {
--- a/install.php
+++ b/install.php
@ -32,38 +32,6 @@ define('PHPWG_ROOT_PATH','./');
 function guess_lang()
 {
  return 'en_UK.iso-8859-1';
-
-//   $languages = array();
-//   $i = 0;
-//   if ($opendir = opendir(PHPWG_ROOT_PATH.'language/'))
-//   {
-//     while ( $file = readdir ( $opendir ) )
-//     {
-//       if ( is_dir ( PHPWG_ROOT_PATH.'language/'.$file )&& !substr_count($file,'.'))
-//       {
-//         $languages[$i++] =$file;
-//       }
-//     }
-//   }
-
-//   if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE']))
-//   {
-//     $accept_lang_ary = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
-//     for ($i = 0; $i < sizeof($accept_lang_ary); $i++)
-//     {
-//       for ($j=0; $j<sizeof($languages); $j++)
-//       {
-//         if (preg_match('#' . substr($languages[$j],0,2) . '#i', substr(trim($accept_lang_ary[$i]),0,2)))
-//         {
-//           if (file_exists(PHPWG_ROOT_PATH . 'language/' . $languages[$j].'/install.lang.php'))
-// 		  {
-//                     return $languages[$j];
-// 		  }
-//         }
-//       }
-//     }
-//   }
-//   return 'en_EN';
 }

 /**
@ -155,13 +123,23 @@ if( !get_magic_quotes_gpc() )
 }

 //----------------------------------------------------- variable initialization
+
+define('DEFAULT_PREFIX_TABLE', 'phpwebgallery_');
+
 // Obtain various vars
 $dbhost = (!empty($_POST['dbhost'])) ? $_POST['dbhost'] : 'localhost';
 $dbuser = (!empty($_POST['dbuser'])) ? $_POST['dbuser'] : '';
 $dbpasswd = (!empty($_POST['dbpasswd'])) ? $_POST['dbpasswd'] : '';
 $dbname = (!empty($_POST['dbname'])) ? $_POST['dbname'] : '';

-$table_prefix = (!empty($_POST['prefix'])) ? $_POST['prefix'] : 'phpwebgallery_';
+if (isset($_POST['install']))
+{
+  $table_prefix = $_POST['prefix'];
+}
+else
+{
+  $table_prefix = DEFAULT_PREFIX_TABLE;
+}

 $admin_name = (!empty($_POST['admin_name'])) ? $_POST['admin_name'] : '';
 $admin_pass1 = (!empty($_POST['admin_pass1'])) ? $_POST['admin_pass1'] : '';
@ -188,6 +166,7 @@ include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
@include(PHPWG_ROOT_PATH. 'include/config_local.inc.php');
 include(PHPWG_ROOT_PATH . 'include/constants.php');
 include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
+include(PHPWG_ROOT_PATH . 'admin/include/functions.php');
 include(PHPWG_ROOT_PATH . 'include/template.php');

 if ( isset( $_POST['language'] ))
@ -251,16 +230,16 @@ if ( isset( $_POST['install'] ))
  if ( count( $errors ) == 0 )
  {
    $step = 2;
-    $file_content = "<?php";
-    $file_content.= "\n\$cfgBase = '".     $dbname."';";
-    $file_content.= "\n\$cfgUser = '".     $dbuser."';";
-    $file_content.= "\n\$cfgPassword = '". $dbpasswd."';";
-    $file_content.= "\n\$cfgHote = '".     $dbhost."';";
-    $file_content.= "\n";
-    $file_content.= "\n\$prefixeTable = '".$table_prefix."';";
-    $file_content.= "\n";
-    $file_content.= "\ndefine('PHPWG_INSTALLED', true);";
-    $file_content.= "\n?".">";
+    $file_content = '<?php
+$cfgBase = \''.$dbname.'\';
+$cfgUser = \''.$dbuser.'\';
+$cfgPassword = \''.$dbpasswd.'\';
+$cfgHote = \''.$dbhost.'\';
+
+$prefixeTable = \''.$table_prefix.'\';
+
+define(\'PHPWG_INSTALLED\', true);
+?'.'>';
    
    @umask(0111);
    // writing the configuration file
@ -268,91 +247,91 @@ if ( isset( $_POST['install'] ))
    {
      $html_content = htmlentities( $file_content, ENT_QUOTES );
      $html_content = nl2br( $html_content );
-      $template->assign_block_vars('error_copy',
-                                   array('FILE_CONTENT'=>$html_content));
+      $template->assign_block_vars(
+        'error_copy',
+        array(
+          'FILE_CONTENT' => $html_content,
+          )
+        );
    }
    @fputs($fp, $file_content, strlen($file_content));
    @fclose($fp);
    
    // tables creation, based on phpwebgallery_structure.sql
-    execute_sqlfile( PHPWG_ROOT_PATH.'install/phpwebgallery_structure.sql'
-                     , 'phpwebgallery_'
-                     , $table_prefix );
+    execute_sqlfile(
+      PHPWG_ROOT_PATH.'install/phpwebgallery_structure.sql',
+      DEFAULT_PREFIX_TABLE,
+      $table_prefix
+      );
    // We fill the tables with basic informations
-    execute_sqlfile( PHPWG_ROOT_PATH.'install/config.sql'
-                     , 'phpwebgallery_'
-                     , $table_prefix );
+    execute_sqlfile(
+      PHPWG_ROOT_PATH.'install/config.sql',
+      DEFAULT_PREFIX_TABLE,
+      $table_prefix
+      );

-    $query = 'UPDATE '.CONFIG_TABLE;
-    $query.= " SET value = '".$admin_mail."'";
-    $query.= " WHERE param = 'mail_webmaster'";
-    $query.= ';';
-    mysql_query( $query );
-	
-    $query = 'UPDATE '.CONFIG_TABLE;
-    $query.= " SET value = '".$language."'";
-    $query.= " WHERE param = 'default_language'";
-    $query.= ';';
-    mysql_query( $query );
-    
-    $query = 'INSERT INTO '.SITES_TABLE;
-    $query.= " (id,galleries_url) VALUES (1, '".PHPWG_ROOT_PATH."galleries/');";
-    mysql_query( $query );
+    $query = '
+UPDATE '.CONFIG_TABLE.'
+  SET value = \''.$language.'\'
+  WHERE param = \'default_language\'
+;';
+    mysql_query($query);
+
+    // fill $conf global array
+    load_conf_from_db();
+
+    $insert = array(
+      'id' => 1,
+      'galleries_url' => PHPWG_ROOT_PATH.'galleries/',
+      );
+    mass_inserts(SITES_TABLE, array_keys($insert), array($insert));
    
    // webmaster admin user
-    $query = '
-INSERT INTO '.USERS_TABLE.'
-  (id,username,password,mail_address)
-  VALUES
-  (1,\''.$admin_name.'\',\''.md5($admin_pass1).'\',\''.$admin_mail.'\')
-;';
-    mysql_query($query);
+    $inserts = array(
+      array(
+        'id'           => 1,
+        'username'     => $admin_name,
+        'password'     => md5($admin_pass1),
+        'mail_address' => $admin_mail,
+        ),
+      array(
+        'id'           => 2,
+        'username'     => 'guest',
+        ),
+      );
+    mass_inserts(USERS_TABLE, array_keys($inserts[0]), $inserts);

-    $query = '
-INSERT INTO '.USER_INFOS_TABLE.'
-  (user_id,status,language,enabled_high)
-  VALUES
-  (1, \'webmaster\', \''.$language.'\',\''.$conf['newuser_default_enabled_high'].'\')
-;';
-    mysql_query($query);
+    create_user_infos(1);
+    create_user_infos(2);

    $query = '
 UPDATE '.USER_INFOS_TABLE.'
-  SET feed_id = \''.find_available_feed_id().'\'
-  WHERE user_id = 1
-;';
-    mysql_query($query);
-
-    // guest user
-    $query = '
-INSERT INTO '.USERS_TABLE.'
-  (id,username,password,mail_address)
-  VALUES
-  (2,\'guest\',\'\',\'\')
-;';
-    mysql_query($query);
-
-    $query = '
-INSERT INTO '.USER_INFOS_TABLE.'
-  (user_id,status,language,enabled_high)
-  VALUES
-  (2, \'guest\', \''.$language.'\',\'false\')
+  SET language = \''.$language.'\'
 ;';
    mysql_query($query);

    // Available upgrades must be ignored after a fresh installation. To
    // make PWG avoid upgrading, we must tell it upgrades have already been
    // made.
+    list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();'));
+    define('CURRENT_DATE', $dbnow);
+    $datas = array();
    foreach (get_available_upgrade_ids() as $upgrade_id)
    {
-      $query = '
-INSERT INTO '.UPGRADE_TABLE.'
-  (id, applied, description)
-  VALUES
-  ('.$upgrade_id.', NOW(), \'upgrade included in installation\')
-';
-      mysql_query($query);
+      array_push(
+        $datas,
+        array(
+          'id'          => $upgrade_id,
+          'applied'     => CURRENT_DATE,
+          'description' => 'upgrade included in installation',
+          )
+        );
    }
+    mass_inserts(
+      UPGRADE_TABLE,
+      array_keys($datas[0]),
+      $datas
+      );
  }
 }

@ -392,7 +371,11 @@ $template->assign_vars(
    'F_DB_HOST'=>$dbhost,
    'F_DB_USER'=>$dbuser,
    'F_DB_NAME'=>$dbname,
-    'F_DB_PREFIX'=>$table_prefix,
+    'F_DB_PREFIX' => (
+      $table_prefix != DEFAULT_PREFIX_TABLE
+      ? $table_prefix
+      : DEFAULT_PREFIX_TABLE
+      ),
    'F_ADMIN'=>$admin_name,
    'F_ADMIN_EMAIL'=>$admin_mail,
    'F_LANG_SELECT'=>language_select($language),
--- a/install/config.sql
+++ b/install/config.sql
@ -18,7 +18,7 @@ INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('gallery_title','
 INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('gallery_url','http://demo.phpwebgallery.net','URL given in RSS feed');
 INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('rate','true','Rating pictures feature is enabled');
 INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('rate_anonymous','true','Rating pictures feature is also enabled for visitors');
-INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('page_banner','<div id=\"theHeader\"><h1>PhpWebGallery demonstration site</h1><p>My photos web site</p></div>','html displayed on the top each page of your gallery');
+INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('page_banner','<h1>PhpWebGallery demonstration site</h1><p>My photos web site</p>','html displayed on the top each page of your gallery');

 -- Notification by mail
 INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('nbm_send_mail_as','','Send mail as param value for notification by mail');
--- a/install/db/10-database.php
+++ b/install/db/10-database.php
@ -1,56 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description = 'New table #categories_link';
-
-// +-----------------------------------------------------------------------+
-// |                            Upgrade content                            |
-// +-----------------------------------------------------------------------+
-
-$query = "
-CREATE TABLE phpwebgallery_categories_link (
-  source smallint(5) unsigned NOT NULL default '0',
-  destination smallint(5) unsigned NOT NULL default '0',
-  PRIMARY KEY  (source,destination)
-) TYPE=MyISAM;";
-pwg_query($query);
-
-// +-----------------------------------------------------------------------+
-// |                           End notification                            |
-// +-----------------------------------------------------------------------+
-
-echo
-"\n"
-.'Table '.PREFIX_TABLE.'categories_link created'
-."\n"
-;
-?>
--- a/install/db/11-database.php
+++ b/install/db/11-database.php
@ -1,69 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description =
-  'Table #categories_link created once again with correct prefix';
-
-// +-----------------------------------------------------------------------+
-// |                            Upgrade content                            |
-// +-----------------------------------------------------------------------+
-
-if (PREFIX_TABLE == 'phpwebgallery_')
-{
-  echo
-    "\n"
-    .'Table '.PREFIX_TABLE.'categories_link was already correctly created'
-    ."\n"
-    ;
-}
-else
-{
-  $query = '
-DROP TABLE phpwebgallery_categories_link;
-;';
-  pwg_query($query);
-
-  $query = "
-CREATE TABLE ".PREFIX_TABLE."categories_link (
-  source smallint(5) unsigned NOT NULL default '0',
-  destination smallint(5) unsigned NOT NULL default '0',
-  PRIMARY KEY  (source,destination)
-) TYPE=MyISAM;";
-  pwg_query($query);
-
-  echo
-    "\n"
-    .'Table '.PREFIX_TABLE.'categories_link created'
-    ."\n"
-    ;
-}
-?>
--- a/install/db/12-database.php
+++ b/install/db/12-database.php
@ -1,103 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description = 'Field "Status" Table #user_infos changed';
-
-include_once(PHPWG_ROOT_PATH.'include/constants.php');
-include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
-@include(PHPWG_ROOT_PATH. 'include/config_local.inc.php');
-
-// +-----------------------------------------------------------------------+
-// |                            Upgrade content                            |
-// +-----------------------------------------------------------------------+
-
-echo "Alter table ".USER_INFOS_TABLE;
-$query = "
-alter table ".USER_INFOS_TABLE."
-  modify column `status` enum('webmaster', 'admin', 'normal', 'generic', 'guest') NOT NULL default 'guest'
-;";
-pwg_query($query);
-
-echo "Define webmaster";
-$query = '
-update
-  '.USER_INFOS_TABLE.'
-set status = \'webmaster\'
-where
-  user_id = '.$conf['webmaster_id'].' and status = \'admin\'
-;';
-$result = pwg_query($query);
-
-echo "Define normal";
-$query = '
-select
-  user_id
-from
-  '.USER_INFOS_TABLE.'
-where
-  user_id != '.$conf['guest_id'].' and status = \'guest\'
-;';
-$result = pwg_query($query);
-
-$datas = array();
-
-while ($row = mysql_fetch_array($result))
-{
-  array_push(
-    $datas,
-    array(
-      'user_id'    => $row['user_id'],
-      'status' => 'normal'
-      )
-    );
-}
-
-mass_updates(
-  USER_INFOS_TABLE,
-  array(
-    'primary' => array('user_id'),
-    'update'  => array('status')
-    ),
-  $datas
-  );
-
-// +-----------------------------------------------------------------------+
-// |                           End notification                            |
-// +-----------------------------------------------------------------------+
-
-echo
-"\n"
-.'Column '.USER_INFOS_TABLE.'.status changed'
-."\n"
-;
-
-?>
--- a/install/db/13-database.php
+++ b/install/db/13-database.php
@ -1,73 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description = '#config (gallery_description out page_banner in)';
-
-$query = "
-ALTER TABLE ".PREFIX_TABLE."config MODIFY COLUMN `value` TEXT;";
-pwg_query($query);
-
-
-$query = '
-SELECT value
-  FROM '.PREFIX_TABLE.'config
-  WHERE param=\'gallery_title\'
-;';
-list($t) = array_from_query($query, 'value');
-
-$query = '
-SELECT value
-  FROM '.PREFIX_TABLE.'config
-  WHERE param=\'gallery_description\'
-;';
-list($d) = array_from_query($query, 'value');
-
-$page_banner='<div id="theHeader"><h1>'.$t.'</h1><p>'.$d.'</p></div>';
-$page_banner=addslashes($page_banner);
-$query = '
-INSERT INTO '.PREFIX_TABLE.'config (param,value,comment) VALUES (' .
-"'page_banner','$page_banner','html displayed on the top each page of your gallery');";
-pwg_query($query);
-
-$query = '
-DELETE FROM '.PREFIX_TABLE.'config
-  WHERE param=\'gallery_description\'
-;';
-pwg_query($query);
-
-
-echo
-"\n"
-.'Table '.PREFIX_TABLE.'config updated'
-."\n"
-;
-?>
--- a/install/db/16-database.php
+++ b/install/db/16-database.php
@ -1,54 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description = 'Update database from adviser functionnality';
-
-include_once(PHPWG_ROOT_PATH.'include/constants.php');
-
-// +-----------------------------------------------------------------------+
-// |                            Upgrade content                            |
-// +-----------------------------------------------------------------------+
-
-echo "Alter table ".USER_INFOS_TABLE. ' add field adviser';
-$query = "
-alter table ".USER_INFOS_TABLE."
-  add column `adviser` enum('true','false') NOT NULL default 'false' after `status`
-;";
-pwg_query($query);
-
-echo
-"\n"
-.'"'.$upgrade_description.'"'.' ended'
-."\n"
-;
-
-?>
--- a/install/db/17-database.php
+++ b/install/db/17-database.php
@ -1,64 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description = 'Add notification by mail param';
-
-include_once(PHPWG_ROOT_PATH.'include/constants.php');
-
-// +-----------------------------------------------------------------------+
-// |                            Upgrade content                            |
-// +-----------------------------------------------------------------------+
-
-echo "Add param on ".CONFIG_TABLE;
-$query = "
-INSERT INTO ".CONFIG_TABLE." (param,value,comment) VALUES ('nbm_send_mail_as','','Send mail as param value for notification by mail');
-";
-pwg_query($query);
-
-
-$query = "
-INSERT INTO ".CONFIG_TABLE." (param,value,comment) VALUES ('nbm_send_detailed_content','true','Send detailed content for notification by mail');
-";
-pwg_query($query);
-
-$query = "
-INSERT INTO ".CONFIG_TABLE." (param,value,comment) VALUES ('nbm_complementary_mail_content','','Complementary mail content for notification by mail');
-";
-pwg_query($query);
-
-echo
-"\n"
-.'"'.$upgrade_description.'"'.' ended'
-."\n"
-;
-
-?>
--- a/install/db/18-database.php
+++ b/install/db/18-database.php
@ -1,92 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description = 'Reduce length of #_user_mail_notification.check_key';
-
-include_once(PHPWG_ROOT_PATH.'include/constants.php');
-
-include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
-include_once(PHPWG_ROOT_PATH.'admin/include/functions_notification_by_mail.inc.php');
-
-// +-----------------------------------------------------------------------+
-// |                            Upgrade content                            |
-// +-----------------------------------------------------------------------+
-echo "Compute new check_key";
-$query = '
-select
-  user_id
-from
-  '.USER_MAIL_NOTIFICATION_TABLE.'
-;';
-$result = pwg_query($query);
-
-$datas = array();
-
-while ($row = mysql_fetch_array($result))
-{
-  array_push(
-    $datas,
-    array(
-      'user_id'    => $row['user_id'],
-      'check_key' => find_available_check_key()
-      )
-    );
-}
-
-mass_updates(
-  USER_MAIL_NOTIFICATION_TABLE,
-  array(
-    'primary' => array('user_id'),
-    'update'  => array('check_key')
-    ),
-  $datas
-  );
-
-echo "Alter table ".USER_MAIL_NOTIFICATION_TABLE;
-$query = "
-alter table ".USER_MAIL_NOTIFICATION_TABLE."
-  modify column `check_key` varchar(16) binary NOT NULL default ''
-;";
-pwg_query($query);
-
-
-// +-----------------------------------------------------------------------+
-// |                           End notification                            |
-// +-----------------------------------------------------------------------+
-
-echo
-"\n"
-.'Column '.USER_MAIL_NOTIFICATION_TABLE.'.check_key changed'
-."\n"
-;
-
-?>
--- a/install/db/19-database.php
+++ b/install/db/19-database.php
@ -1,153 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description = '#images.keywords moved to new table #tags';
-
-// +-----------------------------------------------------------------------+
-// |                              New tables                               |
-// +-----------------------------------------------------------------------+
-
-$query = '
-CREATE TABLE '.PREFIX_TABLE.'tags (
-  id smallint(5) UNSIGNED NOT NULL auto_increment,
-  name varchar(255) BINARY NOT NULL,
-  url_name varchar(255) BINARY NOT NULL,
-  PRIMARY KEY (id)
-) TYPE=MyISAM
-;';
-pwg_query($query);
-
-$query = '
-CREATE TABLE '.PREFIX_TABLE.'image_tag (
-  image_id mediumint(8) UNSIGNED NOT NULL,
-  tag_id smallint(5) UNSIGNED NOT NULL,
-  PRIMARY KEY (image_id,tag_id)
-) TYPE=MyISAM
-;';
-pwg_query($query);
-
-// +-----------------------------------------------------------------------+
-// |                        Move keywords to tags                          |
-// +-----------------------------------------------------------------------+
-
-// each tag label is associated to a numeric identifier
-$tag_id = array();
-// to each tag id (key) a list of image ids (value) is associated
-$tag_images = array();
-
-$current_id = 1;
-
-$query = '
-SELECT id, keywords
-  FROM '.PREFIX_TABLE.'images
-  WHERE keywords IS NOT NULL
-;';
-$result = pwg_query($query);
-while ($row = mysql_fetch_array($result))
-{
-  foreach(preg_split('/[,]+/', $row['keywords']) as $keyword)
-  {
-    if (!isset($tag_id[$keyword]))
-    {
-      $tag_id[$keyword] = $current_id++;
-    }
-
-    if (!isset($tag_images[ $tag_id[$keyword] ]))
-    {
-      $tag_images[ $tag_id[$keyword] ] = array();
-    }
-
-    array_push($tag_images[ $tag_id[$keyword] ], $row['id']);
-  }
-}
-
-$datas = array();
-foreach ($tag_id as $tag_name => $tag_id)
-{
-  array_push(
-    $datas,
-    array(
-      'id'       => $tag_id,
-      'name'     => $tag_name,
-      'url_name' => str2url($tag_name),
-      )
-    );
-}
-if (!empty($datas))
-mass_inserts(
-  PREFIX_TABLE.'tags',
-  array_keys($datas[0]),
-  $datas
-  );
-
-$datas = array();
-foreach ($tag_images as $tag_id => $images)
-{
-  foreach (array_unique($images) as $image_id)
-  {
-    array_push(
-      $datas,
-      array(
-        'tag_id'   => $tag_id,
-        'image_id' => $image_id,
-        )
-      );
-  }
-}
-
-if (!empty($datas))
-mass_inserts(
-  PREFIX_TABLE.'image_tag',
-  array_keys($datas[0]),
-  $datas
-  );
-
-// +-----------------------------------------------------------------------+
-// |                         Delete images.keywords                        |
-// +-----------------------------------------------------------------------+
-
-$query = '
-ALTER TABLE '.PREFIX_TABLE.'images DROP COLUMN keywords
-;';
-pwg_query($query);
-
-// +-----------------------------------------------------------------------+
-// |                           End notification                            |
-// +-----------------------------------------------------------------------+
-
-echo
-"\n"
-.'Table '.PREFIX_TABLE.'tags created and filled'."\n"
-.'Table '.PREFIX_TABLE.'image_tag created and filled'."\n"
-.'Column '.PREFIX_TABLE.'images.keywords dropped'."\n"
-;
-?>
--- a/install/db/2-database.php
+++ b/install/db/2-database.php
@ -1,78 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description = 'Update template preference for every user';
-
-// +-----------------------------------------------------------------------+
-// |                            Upgrade content                            |
-// +-----------------------------------------------------------------------+
-
-// configuration update
-$query = '
-UPDATE '.PREFIX_TABLE.'config
-  SET value = \'yoga/clear\'
-  WHERE param = \'default_template\'
-;';
-pwg_query($query);
-
-// set yoga/clear as default value for user_infos.template column
-$query = '
-ALTER TABLE '.PREFIX_TABLE.'user_infos
-  CHANGE COLUMN template template varchar(255) NOT NULL default \'yoga/clear\'
-;';
-pwg_query($query);
-
-// users having yoga-dark for template now have yoga/dark
-$query = '
-UPDATE '.PREFIX_TABLE.'user_infos
-  SET template = \'yoga/dark\'
-  WHERE template = \'yoga-dark\'
-;';
-pwg_query($query);
-
-// all other users have yoga/clear
-$query = '
-UPDATE '.PREFIX_TABLE.'user_infos
-  SET template = \'yoga/clear\'
-  WHERE template != \'yoga/dark\'
-;';
-pwg_query($query);
-
-echo
-"\n"
-.'Default template modified to yoga/clear'
-."\n"
-.'Template preference modified for every users : yoga/dark'
-.' (for yoga-dark users) and yoga/clear as default'
-."\n"
-;
-?>
--- a/install/db/21-database.php
+++ b/install/db/21-database.php
@ -1,52 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description = 'drop table #categories_link';
-
-// +-----------------------------------------------------------------------+
-// |                              New column                               |
-// +-----------------------------------------------------------------------+
-
-$query = '
-DROP TABLE '.PREFIX_TABLE.'categories_link
-;';
-pwg_query($query);
-
-// +-----------------------------------------------------------------------+
-// |                           End notification                            |
-// +-----------------------------------------------------------------------+
-
-echo
-"\n"
-.'Table '.PREFIX_TABLE.'categories_link dropped'."\n"
-;
-?>
--- a/install/db/22.1-database.php
+++ b/install/db/22.1-database.php
@ -30,17 +30,21 @@ if (!defined('PHPWG_ROOT_PATH'))
  die('Hacking attempt!');
 }

-$upgrade_description = 'Just a beginning test';
+$upgrade_description = 'index images_i1 on storage_category_id comes back';
+
+$query = '
+ALTER TABLE '.PREFIX_TABLE.'images
+  ADD INDEX images_i1(storage_category_id)
+;';
+pwg_query($query);

 // +-----------------------------------------------------------------------+
-// |                            Upgrade content                            |
+// |                           End notification                            |
 // +-----------------------------------------------------------------------+

-list($now) = mysql_fetch_row(pwg_query('SELECT NOW()'));
 echo
-$now
-."\n"
-.'This upgrade script is for test purpose only'
+"\n"
+.$upgrade_description
 ."\n"
 ;
 ?>
--- a/install/db/22.2-database.php
+++ b/install/db/22.2-database.php
@ -30,21 +30,21 @@ if (!defined('PHPWG_ROOT_PATH'))
  die('Hacking attempt!');
 }

-$upgrade_description = 'Update images table with has_high column';
+$upgrade_description = 'increase categories.rank size, up to 65535';

-// +-----------------------------------------------------------------------+
-// |                            Upgrade content                            |
-// +-----------------------------------------------------------------------+
-
-// column user_id becomes data of type text
-$query = "
-ALTER TABLE ".PREFIX_TABLE."images ADD COLUMN has_high ENUM('true') DEFAULT NULL AFTER average_rate;
-";
+$query = '
+ALTER TABLE '.PREFIX_TABLE.'categories
+  CHANGE COLUMN rank rank SMALLINT(5) UNSIGNED DEFAULT NULL
+;';
 pwg_query($query);

+// +-----------------------------------------------------------------------+
+// |                           End notification                            |
+// +-----------------------------------------------------------------------+
+
 echo
 "\n"
-.'Column has_high '.PREFIX_TABLE.'images added'
+.$upgrade_description
 ."\n"
 ;
 ?>
--- a/install/db/22.3-database.php
+++ b/install/db/22.3-database.php
@ -30,29 +30,22 @@ if (!defined('PHPWG_ROOT_PATH'))
  die('Hacking attempt!');
 }

-$upgrade_description = 'add index on #tags.url_name and #image_tag.tag_id ';
-
-
+$upgrade_description = 'reinitialize page_banner';

 $query = '
-ALTER TABLE '.PREFIX_TABLE.'tags ADD INDEX `tags_i1`(`url_name`);
+UPDATE '.PREFIX_TABLE.'config
+  SET value = \'<h1>PhpWebGallery demonstration site</h1><p>My photos web site</p>\'
+  WHERE param = \'page_banner\'
 ;';
 pwg_query($query);

-
-$query = '
-ALTER TABLE '.PREFIX_TABLE.'image_tag ADD INDEX `image_tag_i1`(`tag_id`);
-;';
-pwg_query($query);
-
-
 // +-----------------------------------------------------------------------+
 // |                           End notification                            |
 // +-----------------------------------------------------------------------+

 echo
 "\n"
-.'Tables '.PREFIX_TABLE.'tags and '.PREFIX_TABLE.'image_tag updated'."\n"
+.$upgrade_description
+."\n"
 ;
-echo $upgrade_description;
 ?>
--- a/install/db/22.5-database.php
+++ b/install/db/22.5-database.php
@ -0,0 +1,46 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery                           |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | branch        : BSF (Best So Far)
+// | file          : $RCSfile$
+// | last update   : $Date: 2006-07-23 14:17:00 +0200 (dim, 23 jui 2006) $
+// | last modifier : $Author: nikrou $
+// | revision      : $Revision: 1492 $
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+if (!defined('PHPWG_ROOT_PATH'))
+{
+  die('Hacking attempt!');
+}
+
+$upgrade_description = 'Delete old file index.htm';
+
+@unlink(PHPWG_ROOT_PATH.'/admin/images/index.htm');
+@unlink(PHPWG_ROOT_PATH.'/admin/include/index.htm');
+@unlink(PHPWG_ROOT_PATH.'/admin/index.htm');
+@unlink(PHPWG_ROOT_PATH.'/language/index.htm');
+@unlink(PHPWG_ROOT_PATH.'/galleries/index.htm');
+
+echo
+"\n"
+. $upgrade_description
+."\n"
+;
+?>
--- a/install/db/22.6-database.php
+++ b/install/db/22.6-database.php
@ -2,13 +2,13 @@
 // +-----------------------------------------------------------------------+
 // | PhpWebGallery - a PHP based picture gallery                           |
 // | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
 // +-----------------------------------------------------------------------+
 // | branch        : BSF (Best So Far)
 // | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
+// | last update   : $Date: 2006-07-23 14:17:00 +0200 (dim, 23 jui 2006) $
+// | last modifier : $Author: nikrou $
+// | revision      : $Revision: 1492 $
 // +-----------------------------------------------------------------------+
 // | This program is free software; you can redistribute it and/or modify  |
 // | it under the terms of the GNU General Public License as published by  |
@ -30,21 +30,17 @@ if (!defined('PHPWG_ROOT_PATH'))
  die('Hacking attempt!');
 }

-$upgrade_description = '#user_cache, add column nb_total_pictures (feature 262)';
+$upgrade_description = 'change username length in users table';

-$query = "
-ALTER TABLE ".PREFIX_TABLE."user_cache ADD COLUMN `nb_total_images` MEDIUMINT(8) UNSIGNED;";
+$query = '
+ALTER TABLE '.PREFIX_TABLE.'users
+  CHANGE username username VARCHAR(100) NOT NULL 
+;';
 pwg_query($query);

-$query = "
-UPDATE ".PREFIX_TABLE."user_cache SET need_update='true'";
-pwg_query($query);
-
-
 echo
 "\n"
-.'"'.$upgrade_description.'"'.' ended'
+. $upgrade_description
 ."\n"
 ;
-
 ?>
--- a/install/db/22.7-database.php
+++ b/install/db/22.7-database.php
@ -0,0 +1,47 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery                           |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | branch        : BSF (Best So Far)
+// | file          : $RCSfile$
+// | last update   : $Date: 2006-07-23 14:17:00 +0200 (dim, 23 jui 2006) $
+// | last modifier : $Author: nikrou $
+// | revision      : $Revision: 1492 $
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+if (!defined('PHPWG_ROOT_PATH'))
+{
+  die('Hacking attempt!');
+}
+
+$upgrade_description = 'add an auto login key in users table';
+
+// add column auto_login_key
+$query = '
+ALTER TABLE '.PREFIX_TABLE.'users
+  ADD auto_login_key varchar(64) NOT NULL
+;';
+pwg_query($query);
+
+echo
+"\n"
+. $upgrade_description
+."\n"
+;
+?>
--- a/install/db/22.8-database.php
+++ b/install/db/22.8-database.php
@ -0,0 +1,46 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery                           |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | branch        : BSF (Best So Far)
+// | file          : $RCSfile$
+// | last update   : $Date: 2006-07-23 14:17:00 +0200 (dim, 23 jui 2006) $
+// | last modifier : $Author: nikrou $
+// | revision      : $Revision: 1492 $
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+if (!defined('PHPWG_ROOT_PATH'))
+{
+  die('Hacking attempt!');
+}
+
+$upgrade_description = 'change the upgrade 22.6 - username is binary';
+
+$query = '
+ALTER TABLE '.PREFIX_TABLE.'users
+  CHANGE username username VARCHAR(100) binary NOT NULL
+;';
+pwg_query($query);
+
+echo
+"\n"
+. $upgrade_description
+."\n"
+;
+?>
--- a/install/db/22.9-database.php
+++ b/install/db/22.9-database.php
@ -2,13 +2,13 @@
 // +-----------------------------------------------------------------------+
 // | PhpWebGallery - a PHP based picture gallery                           |
 // | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
 // +-----------------------------------------------------------------------+
 // | branch        : BSF (Best So Far)
 // | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
+// | last update   : $Date: 2006-07-23 14:17:00 +0200 (dim, 23 jui 2006) $
+// | last modifier : $Author: nikrou $
+// | revision      : $Revision: 1492 $
 // +-----------------------------------------------------------------------+
 // | This program is free software; you can redistribute it and/or modify  |
 // | it under the terms of the GNU General Public License as published by  |
@ -30,34 +30,55 @@ if (!defined('PHPWG_ROOT_PATH'))
  die('Hacking attempt!');
 }

-$upgrade_description = 'Update database to new pwg_high structure';
+$upgrade_description = '#users.auto_login_key to #user_infos.auto_login_key';
+
+$query = '
+ALTER TABLE '.PREFIX_TABLE.'user_infos
+  ADD auto_login_key varchar(64) NOT NULL
+;';
+pwg_query($query);

-include_once(PHPWG_ROOT_PATH.'include/constants.php');
 include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
@include(PHPWG_ROOT_PATH. 'include/config_local.inc.php');

-// +-----------------------------------------------------------------------+
-// |                            Upgrade content                            |
-// +-----------------------------------------------------------------------+
+$query = '
+SELECT '.$conf['user_fields']['id'].' AS uid, auto_login_key
+  FROM '.PREFIX_TABLE.'users
+  WHERE auto_login_key != \'\'
+;';
+$result = pwg_query($query);

-echo "Alter table ".USER_INFOS_TABLE. ' add field enabled_high';
-$query = "
-alter table ".USER_INFOS_TABLE."
-  add column `enabled_high` enum('true','false') NOT NULL default 'true'
-;";
-pwg_query($query);
+$datas = array();

-echo "Update ".USER_INFOS_TABLE.".enabled_high with default value";
-$query = "
-update ".USER_INFOS_TABLE." set enabled_high = '".$conf['newuser_default_enabled_high']."' 
-where enabled_high <> '".$conf['newuser_default_enabled_high']."'
-;";
+while ($row = mysql_fetch_array($result))
+{
+  array_push(
+    $datas,
+    array(
+      'user_id' => $row['uid'],
+      'auto_login_key' => $row['auto_login_key'],
+      )
+    );
+}
+
+mass_updates(
+  PREFIX_TABLE.'user_infos',
+  array(
+    'primary' => array('user_id'),
+    'update'  => array('auto_login_key')
+    ),
+  $datas
+  );
+
+$query = '
+ALTER TABLE '.PREFIX_TABLE.'users
+  DROP COLUMN auto_login_key
+;';
 pwg_query($query);

 echo
 "\n"
-.'"'.$upgrade_description.'"'.' ended'
+. $upgrade_description
 ."\n"
 ;
-
 ?>
--- a/install/db/3-database.php
+++ b/install/db/3-database.php
@ -1,57 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description = 'Update session table for new session system';
-
-// +-----------------------------------------------------------------------+
-// |                            Upgrade content                            |
-// +-----------------------------------------------------------------------+
-
-// delete content of old session table
-$query = '
-DELETE FROM '.PREFIX_TABLE.'sessions
-;';
-pwg_query($query);
-
-// column user_id becomes data of type text
-$query = '
-ALTER TABLE '.PREFIX_TABLE.'sessions
-  CHANGE COLUMN user_id data text NOT NULL
-;';
-pwg_query($query);
-
-echo
-"\n"
-.'Column modified in sessions table'
-."\n"
-;
-?>
--- a/install/db/6-database.php
+++ b/install/db/6-database.php
@ -1,58 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
-// | Copyright (C) 2006 Ruben ARNAUD - team@phpwebgallery.net              |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description = 'Table #user_mail_notification is required for NBM';
-
-// +-----------------------------------------------------------------------+
-// |                            Upgrade content                            |
-// +-----------------------------------------------------------------------+
-
-// Creating table user_mail_notification
-$query = '
-CREATE TABLE '.PREFIX_TABLE.'user_mail_notification
-(
-  user_id smallint(5) NOT NULL default \'0\',
-  check_key varchar(128) binary NOT NULL,
-  enabled enum(\'true\',\'false\') NOT NULL default \'false\',
-  last_send datetime default NULL,
-  PRIMARY KEY  (`user_id`),
-  UNIQUE KEY `uidx_check_key` (`check_key`)
-) TYPE=MyISAM;';
-pwg_query($query);
-
-echo
-"\n"
-.'Table '.PREFIX_TABLE.'user_mail_notification created'
-."\n"
-;
-?>
--- a/install/db/7-database.php
+++ b/install/db/7-database.php
@ -1,70 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
-// | Copyright (C) 2006 Ruben ARNAUD - team@phpwebgallery.net              |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description = 'Anonymous rating';
-
-// +-----------------------------------------------------------------------+
-// |                            Upgrade content                            |
-// +-----------------------------------------------------------------------+
-
-$query = '
-ALTER TABLE '.PREFIX_TABLE.'rate DROP PRIMARY KEY;'
-;
-pwg_query($query);
-
-$query ='
-ALTER TABLE '.PREFIX_TABLE.'rate ADD COLUMN anonymous_id VARCHAR(45) NOT NULL DEFAULT \'\' AFTER element_id;'
-;
-pwg_query($query);
-
-$query ='
-ALTER TABLE '.PREFIX_TABLE.'rate ADD COLUMN date DATE NOT NULL AFTER rate;'
-;
-pwg_query($query);
-
-$query ='
-UPDATE '.PREFIX_TABLE.'rate SET date=NOW() WHERE date<"1990-01-01";'
-;
-pwg_query($query);
-
-$query = '
-ALTER TABLE '.PREFIX_TABLE.'rate ADD PRIMARY KEY (element_id, user_id, anonymous_id);'
-;
-pwg_query($query);
-
-echo
-"\n"
-.'Table '.PREFIX_TABLE.'rate upgraded'
-."\n"
-;
-?>
--- a/install/db/8-database.php
+++ b/install/db/8-database.php
@ -1,88 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
-// | Copyright (C) 2006 Ruben ARNAUD - team@phpwebgallery.net              |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description = 'Move rate, rate_anonymous and gallery_url from config file to database';
-
-$params = array(
-  'gallery_url' => array('http://demo.phpwebgallery.net','URL given in RSS feed'),
-  'rate' => array('true','Rating pictures feature is enabled') ,
-  'rate_anonymous' => array('true','Rating pictures feature is also enabled for visitors')
-  );
-
-
-
-// +-Get real values from config file--------------------------------------+
-
-$conf_save = $conf;
-unset($conf);
-@include(PHPWG_ROOT_PATH. 'include/config_local.inc.php');
-if ( isset($conf['gallery_url']) )
-{
-  $params['gallery_url'][0] = $conf['gallery_url'];
-}
-if ( isset($conf['rate']) and is_bool($conf['rate']) )
-{
-  $params['rate'][0] = $conf['rate'] ? 'true' : 'false';
-}
-if ( isset($conf['rate_anonymous']) and is_bool($conf['rate_anonymous']) )
-{
-  $params['rate_anonymous'][0] = $conf['rate_anonymous'] ? 'true' : 'false';
-}
-$conf = $conf_save;
-
-
-
-// +-Do I already have them in DB ?----------------------------------------+
-$query = 'SELECT param FROM '.PREFIX_TABLE.'config';
-$result = pwg_query($query);
-while ($row = mysql_fetch_array($result))
-{
-  unset( $params[ $row['param'] ] );
-}
-
-// +-Perform the insert query----------------------------------------------+
-foreach ($params as $param_key => $param_values)
-{
-  $query = '
-INSERT INTO '.PREFIX_TABLE.'config (param,value,comment) VALUES (' .
-"'$param_key','$param_values[0]','$param_values[1]');";
-  pwg_query($query);
-}
-
-
-echo
-"\n"
-.'Table '.PREFIX_TABLE.'config upgraded'
-."\n"
-;
-?>
--- a/install/db/9-database.php
+++ b/install/db/9-database.php
@ -1,90 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | PhpWebGallery - a PHP based picture gallery                           |
-// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
-// +-----------------------------------------------------------------------+
-// | branch        : BSF (Best So Far)
-// | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
-// | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-$upgrade_description =
-  'Column #image_category.is_storage replaces #images.storage_category_id';
-
-// +-----------------------------------------------------------------------+
-// |                            Upgrade content                            |
-// +-----------------------------------------------------------------------+
-
-$query = "
-ALTER TABLE ".PREFIX_TABLE."image_category
-  ADD COLUMN is_storage ENUM('true','false') DEFAULT 'false'
-;";
-pwg_query($query);
-
-$query = '
-SELECT id, storage_category_id
-  FROM '.PREFIX_TABLE.'images
-;';
-$result = pwg_query($query);
-
-$datas = array();
-
-while ($row = mysql_fetch_array($result))
-{
-  array_push(
-    $datas,
-    array(
-      'image_id'    => $row['id'],
-      'category_id' => $row['storage_category_id'],
-      'is_storage'  => 'true',
-      )
-    );
-}
-
-mass_updates(
-  PREFIX_TABLE.'image_category',
-  array(
-    'primary' => array('image_id', 'category_id'),
-    'update'  => array('is_storage')
-    ),
-  $datas
-  );
-
-$query = '
-ALTER TABLE '.PREFIX_TABLE.'images
-  DROP COLUMN storage_category_id
-;';
-pwg_query($query);
-
-// +-----------------------------------------------------------------------+
-// |                           End notification                            |
-// +-----------------------------------------------------------------------+
-
-echo
-"\n"
-.'Column '.PREFIX_TABLE.'image_category.is_storage created and filled'
-."\n"
-;
-?>
--- a/install/db/index.php
+++ b/install/db/index.php
@ -0,0 +1,35 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery                           |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | branch        : BSF (Best So Far)
+// | file          : $RCSfile$
+// | last update   : $Date: 2006-03-15 23:44:35 +0100 (mer., 15 mars 2006) $
+// | last modifier : $Author: plg $
+// | revision      : $Revision: 1082 $
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+// recursive call of index.php
+
+$url = '../index.php';
+header( 'Request-URI: '.$url );
+header( 'Content-Location: '.$url );
+header( 'Location: '.$url );
+exit();
+?>
--- a/install/index.php
+++ b/install/index.php
@ -0,0 +1,35 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery                           |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | branch        : BSF (Best So Far)
+// | file          : $RCSfile$
+// | last update   : $Date: 2006-03-15 23:44:35 +0100 (mer., 15 mars 2006) $
+// | last modifier : $Author: plg $
+// | revision      : $Revision: 1082 $
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+// recursive call of index.php
+
+$url = '../index.php';
+header( 'Request-URI: '.$url );
+header( 'Content-Location: '.$url );
+header( 'Location: '.$url );
+exit();
+?>
--- a/install/phpwebgallery_structure.sql
+++ b/install/phpwebgallery_structure.sql
@ -1,6 +1,6 @@
 -- MySQL dump 9.11
 --
-- Host: localhost    Database: pwg-bsf
+-- Host: localhost    Database: pwg-1_6
 -- ------------------------------------------------------
 -- Server version	4.0.24_Debian-10-log

@ -28,7 +28,7 @@ CREATE TABLE `phpwebgallery_categories` (
  `id_uppercat` smallint(5) unsigned default NULL,
  `comment` text,
  `dir` varchar(255) default NULL,
-  `rank` tinyint(3) unsigned default NULL,
+  `rank` smallint(5) unsigned default NULL,
  `status` enum('public','private') NOT NULL default 'public',
  `site_id` tinyint(4) unsigned default '1',
  `visible` enum('true','false') NOT NULL default 'true',
@ -172,7 +172,8 @@ CREATE TABLE `phpwebgallery_images` (
  KEY `images_i2` (`date_available`),
  KEY `images_i3` (`average_rate`),
  KEY `images_i4` (`hit`),
-  KEY `images_i5` (`date_creation`)
+  KEY `images_i5` (`date_creation`),
+  KEY `images_i1` (`storage_category_id`)
 ) TYPE=MyISAM;

 --
@ -317,6 +318,7 @@ CREATE TABLE `phpwebgallery_user_infos` (
  `template` varchar(255) NOT NULL default 'yoga/clear',
  `registration_date` datetime NOT NULL default '0000-00-00 00:00:00',
  `enabled_high` enum('true','false') NOT NULL default 'true',
+  `auto_login_key` varchar(64) NOT NULL default '',
  UNIQUE KEY `user_infos_ui1` (`user_id`)
 ) TYPE=MyISAM;

@ -341,7 +343,7 @@ CREATE TABLE `phpwebgallery_user_mail_notification` (
 DROP TABLE IF EXISTS `phpwebgallery_users`;
 CREATE TABLE `phpwebgallery_users` (
  `id` smallint(5) NOT NULL auto_increment,
-  `username` varchar(20) binary NOT NULL default '',
+  `username` varchar(100) binary NOT NULL default '',
  `password` varchar(32) default NULL,
  `mail_address` varchar(255) default NULL,
  PRIMARY KEY  (`id`),
--- a/install/db/20-database.php
+++ b/install/db/20-database.php
@ -6,9 +6,9 @@
 // +-----------------------------------------------------------------------+
 // | branch        : BSF (Best So Far)
 // | file          : $RCSfile$
-// | last update   : $Date: 2005-09-21 00:04:57 +0200 (mer, 21 sep 2005) $
+// | last update   : $Date: 2005-01-08 00:10:51 +0100 (sam, 08 jan 2005) $
 // | last modifier : $Author: plg $
-// | revision      : $Revision: 870 $
+// | revision      : $Revision: 675 $
 // +-----------------------------------------------------------------------+
 // | This program is free software; you can redistribute it and/or modify  |
 // | it under the terms of the GNU General Public License as published by  |
@ -25,67 +25,106 @@
 // | USA.                                                                  |
 // +-----------------------------------------------------------------------+

+
+/**
+ * Upgrade from 1.3.0 to 1.3.1
+ */
+
 if (!defined('PHPWG_ROOT_PATH'))
 {
-  die('Hacking attempt!');
+  die ('This page cannot be loaded directly, load upgrade.php');
+}
+else
+{
+  if (!defined('PHPWG_IN_UPGRADE') or !PHPWG_IN_UPGRADE)
+  {
+    die ('Hacking attempt!');
+  }
 }

-$upgrade_description =
-  '#image_category.is_storage replaced by #image.storage_category_id';
+$queries = array(
+  "
+ALTER TABLE phpwebgallery_categories
+  ADD COLUMN uppercats varchar(255) NOT NULL default ''
+;",

-// +-----------------------------------------------------------------------+
-// |                              New column                               |
-// +-----------------------------------------------------------------------+
+  "
+CREATE TABLE phpwebgallery_user_category (
+  user_id smallint(5) unsigned NOT NULL default '0'
+)
+;",
+
+  "
+ALTER TABLE phpwebgallery_categories
+  ADD INDEX id (id)
+;",
+
+  "
+ALTER TABLE phpwebgallery_categories
+  ADD INDEX id_uppercat (id_uppercat)
+;",
+
+  "
+ALTER TABLE phpwebgallery_image_category
+  ADD INDEX category_id (category_id)
+;",
+
+  "
+ALTER TABLE phpwebgallery_image_category
+  ADD INDEX image_id (image_id)
+;",
+  );
+
+foreach ($queries as $query)
+{
+  $query = str_replace('phpwebgallery_', PREFIX_TABLE, $query);
+  pwg_query($query);
+}
+// filling the new column categories.uppercats
+$id_uppercats = array();

 $query = '
-ALTER TABLE '.PREFIX_TABLE.'images
-  ADD storage_category_id smallint(5) unsigned default NULL
-;';
-pwg_query($query);
-
-$query = '
-SELECT category_id, image_id
-  FROM '.PREFIX_TABLE.'image_category
-  WHERE is_storage = \'true\'
+SELECT id, id_uppercat
+  FROM '.CATEGORIES_TABLE.'
 ;';
 $result = pwg_query($query);
-
-$datas = array();
 while ($row = mysql_fetch_array($result))
 {
-  array_push(
-    $datas,
-    array(
-      'id' => $row['image_id'],
-      'storage_category_id' => $row['category_id'],
-      )
-    );
+  if (!isset($row['id_uppercat']) or $row['id_uppercat'] == '')
+  {
+    $row['id_uppercat'] = 'NULL';
+  }
+  $id_uppercats[$row['id']] = $row['id_uppercat'];
 }
+
+$datas = array();
+
+foreach (array_keys($id_uppercats) as $id)
+{
+  $data = array();
+  $data['id'] = $id;
+  $uppercats = array();
+  
+  array_push($uppercats, $id);
+  while (isset($id_uppercats[$id]) and $id_uppercats[$id] != 'NULL')
+  {
+    array_push($uppercats, $id_uppercats[$id]);
+    $id = $id_uppercats[$id];
+  }
+  $data['uppercats'] = implode(',', array_reverse($uppercats));
+
+  array_push($datas, $data);
+}
+
 mass_updates(
-  PREFIX_TABLE.'images',
+  CATEGORIES_TABLE,
  array(
    'primary' => array('id'),
-    'update' => array('storage_category_id'),
+    'update' => array('uppercats')
    ),
  $datas
  );

-// +-----------------------------------------------------------------------+
-// |                         Delete obsolete column                        |
-// +-----------------------------------------------------------------------+
-
-$query = '
-ALTER TABLE '.PREFIX_TABLE.'image_category DROP COLUMN is_storage
-;';
-pwg_query($query);
-
-// +-----------------------------------------------------------------------+
-// |                           End notification                            |
-// +-----------------------------------------------------------------------+
-
-echo
-"\n"
-.'Column '.PREFIX_TABLE.'image_category'
-.' replaced by '.PREFIX_TABLE.'images.storage_category_id'."\n"
-;
-?>
+// now we upgrade from 1.3.1 to 1.6.0
+include_once(PHPWG_ROOT_PATH.'install/upgrade_1.3.1.php');
+?>
--- a/Show more
+++ b/Show more