[branches2.1] [upgrade.lang.php] modified HU language

git-svn-id: http://piwigo.org/svn/branches/2.1@11849 68402e56-0260-453c-a942-63ccdbb3a9ee

.gitignore

@@ -1,19 +0,0 @@
-# Piwigo specific directories
-/_data
-/plugins/*
-!/plugins/index.php
-/upload
-/galleries/*
-!/galleries/index.php
-/local/*
-!/local/**/index.php
-
-# IntelliJ
-.idea
-*.iml
-*.ipr
-*.iws
-
-# Eclipse
-.settings
-.project

LICENSE.txt

@@ -1,339 +0,0 @@
-                    GNU GENERAL PUBLIC LICENSE
-                       Version 2, June 1991
-
- Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-                            Preamble
-
-  The licenses for most software are designed to take away your
-freedom to share and change it.  By contrast, the GNU General Public
-License is intended to guarantee your freedom to share and change free
-software--to make sure the software is free for all its users.  This
-General Public License applies to most of the Free Software
-Foundation's software and to any other program whose authors commit to
-using it.  (Some other Free Software Foundation software is covered by
-the GNU Lesser General Public License instead.)  You can apply it to
-your programs, too.
-
-  When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-this service if you wish), that you receive source code or can get it
-if you want it, that you can change the software or use pieces of it
-in new free programs; and that you know you can do these things.
-
-  To protect your rights, we need to make restrictions that forbid
-anyone to deny you these rights or to ask you to surrender the rights.
-These restrictions translate to certain responsibilities for you if you
-distribute copies of the software, or if you modify it.
-
-  For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must give the recipients all the rights that
-you have.  You must make sure that they, too, receive or can get the
-source code.  And you must show them these terms so they know their
-rights.
-
-  We protect your rights with two steps: (1) copyright the software, and
-(2) offer you this license which gives you legal permission to copy,
-distribute and/or modify the software.
-
-  Also, for each author's protection and ours, we want to make certain
-that everyone understands that there is no warranty for this free
-software.  If the software is modified by someone else and passed on, we
-want its recipients to know that what they have is not the original, so
-that any problems introduced by others will not reflect on the original
-authors' reputations.
-
-  Finally, any free program is threatened constantly by software
-patents.  We wish to avoid the danger that redistributors of a free
-program will individually obtain patent licenses, in effect making the
-program proprietary.  To prevent this, we have made it clear that any
-patent must be licensed for everyone's free use or not licensed at all.
-
-  The precise terms and conditions for copying, distribution and
-modification follow.
-
-                    GNU GENERAL PUBLIC LICENSE
-   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
-  0. This License applies to any program or other work which contains
-a notice placed by the copyright holder saying it may be distributed
-under the terms of this General Public License.  The "Program", below,
-refers to any such program or work, and a "work based on the Program"
-means either the Program or any derivative work under copyright law:
-that is to say, a work containing the Program or a portion of it,
-either verbatim or with modifications and/or translated into another
-language.  (Hereinafter, translation is included without limitation in
-the term "modification".)  Each licensee is addressed as "you".
-
-Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope.  The act of
-running the Program is not restricted, and the output from the Program
-is covered only if its contents constitute a work based on the
-Program (independent of having been made by running the Program).
-Whether that is true depends on what the Program does.
-
-  1. You may copy and distribute verbatim copies of the Program's
-source code as you receive it, in any medium, provided that you
-conspicuously and appropriately publish on each copy an appropriate
-copyright notice and disclaimer of warranty; keep intact all the
-notices that refer to this License and to the absence of any warranty;
-and give any other recipients of the Program a copy of this License
-along with the Program.
-
-You may charge a fee for the physical act of transferring a copy, and
-you may at your option offer warranty protection in exchange for a fee.
-
-  2. You may modify your copy or copies of the Program or any portion
-of it, thus forming a work based on the Program, and copy and
-distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
-
-    a) You must cause the modified files to carry prominent notices
-    stating that you changed the files and the date of any change.
-
-    b) You must cause any work that you distribute or publish, that in
-    whole or in part contains or is derived from the Program or any
-    part thereof, to be licensed as a whole at no charge to all third
-    parties under the terms of this License.
-
-    c) If the modified program normally reads commands interactively
-    when run, you must cause it, when started running for such
-    interactive use in the most ordinary way, to print or display an
-    announcement including an appropriate copyright notice and a
-    notice that there is no warranty (or else, saying that you provide
-    a warranty) and that users may redistribute the program under
-    these conditions, and telling the user how to view a copy of this
-    License.  (Exception: if the Program itself is interactive but
-    does not normally print such an announcement, your work based on
-    the Program is not required to print an announcement.)
-
-These requirements apply to the modified work as a whole.  If
-identifiable sections of that work are not derived from the Program,
-and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works.  But when you
-distribute the same sections as part of a whole which is a work based
-on the Program, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote it.
-
-Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
-collective works based on the Program.
-
-In addition, mere aggregation of another work not based on the Program
-with the Program (or with a work based on the Program) on a volume of
-a storage or distribution medium does not bring the other work under
-the scope of this License.
-
-  3. You may copy and distribute the Program (or a work based on it,
-under Section 2) in object code or executable form under the terms of
-Sections 1 and 2 above provided that you also do one of the following:
-
-    a) Accompany it with the complete corresponding machine-readable
-    source code, which must be distributed under the terms of Sections
-    1 and 2 above on a medium customarily used for software interchange; or,
-
-    b) Accompany it with a written offer, valid for at least three
-    years, to give any third party, for a charge no more than your
-    cost of physically performing source distribution, a complete
-    machine-readable copy of the corresponding source code, to be
-    distributed under the terms of Sections 1 and 2 above on a medium
-    customarily used for software interchange; or,
-
-    c) Accompany it with the information you received as to the offer
-    to distribute corresponding source code.  (This alternative is
-    allowed only for noncommercial distribution and only if you
-    received the program in object code or executable form with such
-    an offer, in accord with Subsection b above.)
-
-The source code for a work means the preferred form of the work for
-making modifications to it.  For an executable work, complete source
-code means all the source code for all modules it contains, plus any
-associated interface definition files, plus the scripts used to
-control compilation and installation of the executable.  However, as a
-special exception, the source code distributed need not include
-anything that is normally distributed (in either source or binary
-form) with the major components (compiler, kernel, and so on) of the
-operating system on which the executable runs, unless that component
-itself accompanies the executable.
-
-If distribution of executable or object code is made by offering
-access to copy from a designated place, then offering equivalent
-access to copy the source code from the same place counts as
-distribution of the source code, even though third parties are not
-compelled to copy the source along with the object code.
-
-  4. You may not copy, modify, sublicense, or distribute the Program
-except as expressly provided under this License.  Any attempt
-otherwise to copy, modify, sublicense or distribute the Program is
-void, and will automatically terminate your rights under this License.
-However, parties who have received copies, or rights, from you under
-this License will not have their licenses terminated so long as such
-parties remain in full compliance.
-
-  5. You are not required to accept this License, since you have not
-signed it.  However, nothing else grants you permission to modify or
-distribute the Program or its derivative works.  These actions are
-prohibited by law if you do not accept this License.  Therefore, by
-modifying or distributing the Program (or any work based on the
-Program), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
-the Program or works based on it.
-
-  6. Each time you redistribute the Program (or any work based on the
-Program), the recipient automatically receives a license from the
-original licensor to copy, distribute or modify the Program subject to
-these terms and conditions.  You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties to
-this License.
-
-  7. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot
-distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
-may not distribute the Program at all.  For example, if a patent
-license would not permit royalty-free redistribution of the Program by
-all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Program.
-
-If any portion of this section is held invalid or unenforceable under
-any particular circumstance, the balance of the section is intended to
-apply and the section as a whole is intended to apply in other
-circumstances.
-
-It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system, which is
-implemented by public license practices.  Many people have made
-generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
-impose that choice.
-
-This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
-
-  8. If the distribution and/or use of the Program is restricted in
-certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Program under this License
-may add an explicit geographical distribution limitation excluding
-those countries, so that distribution is permitted only in or among
-countries not thus excluded.  In such case, this License incorporates
-the limitation as if written in the body of this License.
-
-  9. The Free Software Foundation may publish revised and/or new versions
-of the General Public License from time to time.  Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-Each version is given a distinguishing version number.  If the Program
-specifies a version number of this License which applies to it and "any
-later version", you have the option of following the terms and conditions
-either of that version or of any later version published by the Free
-Software Foundation.  If the Program does not specify a version number of
-this License, you may choose any version ever published by the Free Software
-Foundation.
-
-  10. If you wish to incorporate parts of the Program into other free
-programs whose distribution conditions are different, write to the author
-to ask for permission.  For software which is copyrighted by the Free
-Software Foundation, write to the Free Software Foundation; we sometimes
-make exceptions for this.  Our decision will be guided by the two goals
-of preserving the free status of all derivatives of our free software and
-of promoting the sharing and reuse of software generally.
-
-                            NO WARRANTY
-
-  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
-FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
-OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
-OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
-TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
-PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
-REPAIR OR CORRECTION.
-
-  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
-OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
-TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
-YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
-PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGES.
-
-                     END OF TERMS AND CONDITIONS
-
-            How to Apply These Terms to Your New Programs
-
-  If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
-  To do so, attach the following notices to the program.  It is safest
-to attach them to the start of each source file to most effectively
-convey the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-    <one line to give the program's name and a brief idea of what it does.>
-    Copyright (C) <year>  <name of author>
-
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation; either version 2 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License along
-    with this program; if not, write to the Free Software Foundation, Inc.,
-    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-Also add information on how to contact you by electronic and paper mail.
-
-If the program is interactive, make it output a short notice like this
-when it starts in an interactive mode:
-
-    Gnomovision version 69, Copyright (C) year name of author
-    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
-    This is free software, and you are welcome to redistribute it
-    under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License.  Of course, the commands you use may
-be called something other than `show w' and `show c'; they could even be
-mouse-clicks or menu items--whatever suits your program.
-
-You should also get your employer (if you work as a programmer) or your
-school, if any, to sign a "copyright disclaimer" for the program, if
-necessary.  Here is a sample; alter the names:
-
-  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
-  `Gnomovision' (which makes passes at compilers) written by James Hacker.
-
-  <signature of Ty Coon>, 1 April 1989
-  Ty Coon, President of Vice
-
-This General Public License does not permit incorporating your program into
-proprietary programs.  If your program is a subroutine library, you may
-consider it more useful to permit linking proprietary applications with the
-library.  If this is what you want to do, use the GNU Lesser General
-Public License instead of this License.

README.md

@@ -1,52 +0,0 @@
-[![Piwigo](http://piwigo.org/screenshots/logos/piwigo@280.png)](http://piwigo.org)
----------
-
-Piwigo is photo gallery software for the web, built by an active community of users and developers.
-
-Extensions make Piwigo easily customizable. Icing on the cake, Piwigo is free and open source.
-
-![screenshot](http://piwigo.org/screenshots/github-screenshot.jpg)
-
- * [piwigo.org](http://piwigo.org)
- * [Demo](http://piwigo.org/demo)
- * [Downloads](http://piwigo.org/basics/downloads)
- * [User guide](http://piwigo.org/doc)
- * [Plugins and themes](http://piwigo.org/ext)
- * [Forum](http://piwigo.org/forum)
- * [News](http://piwigo.org/news)
- 
-## Requirements
-
- * A webserver (Apache or nginx recommended)
- * PHP 5.2 or greater
- * MySQL 5 or greater or MariaDB equivalent
- * ImageMagick (recommended) or PHP GD
-
-## Quick start install
-
-### NetInstall
-
- * Download the [NetInstall script](http://piwigo.org/download/dlcounter.php?code=netinstall)
- * Transfer the script to your web space with any FTP client
- * Open the script in you web browser (for example http://example.com/piwigo-netinstall.php) and follow the steps
-
-[More information](http://piwigo.org/basics/installation_netinstall)
-
-### Manual
-
- * Download the [latest stable version](http://piwigo.org/download/dlcounter.php?code=latest) and unzip it
- * Transfer everything to your web space with any FTP client
- * Open your website (for example http://example.com/piwigo) and follow the steps
-
-[More information](http://piwigo.org/basics/installation_manual)
-
-If you do not have your own server, consider the [piwigo.com](http://piwigo.com/) hosting solution.
-
-## Contributing
-
-Piwigo is widely driven by its community; if you want to improve the code, fork this repo and submit your changes to the `master` branch.
-
-## License
-
-Piwigo is released under the GPL v2 license.
-

about.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -36,8 +36,9 @@ check_status(ACCESS_GUEST);
 //
 $title= l10n('About Piwigo');
 $page['body_id'] = 'theAboutPage';
+include(PHPWG_ROOT_PATH.'include/page_header.php');
 
-trigger_notify('loc_begin_about');
+trigger_action('loc_begin_about');
 
 $template->set_filename('about', 'about.tpl');
 
@@ -49,15 +50,6 @@ if ( $theme_about !== false )
   $template->assign('THEME_ABOUT', $theme_about);
 }
 
-// include menubar
-$themeconf = $template->get_template_vars('themeconf');
-if (!isset($themeconf['hide_menu_on']) OR !in_array('theAboutPage', $themeconf['hide_menu_on']))
-{
-  include( PHPWG_ROOT_PATH.'include/menubar.inc.php');
-}
-
-include(PHPWG_ROOT_PATH.'include/page_header.php');
-flush_page_messages();
 $template->pparse('about');
 include(PHPWG_ROOT_PATH.'include/page_tail.php');
 ?>

action.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -22,7 +22,6 @@
 // +-----------------------------------------------------------------------+
 
 define('PHPWG_ROOT_PATH','./');
-session_cache_limiter('public');
 include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
 
 // Check Access and exit when user status is not ok
@@ -57,34 +56,11 @@ function do_error( $code, $str )
   exit();
 }
 
-if ($conf['enable_formats'] and isset($_GET['format']))
-{
-  check_input_parameter('format', $_GET, false, PATTERN_ID);
-
-  $query = '
-SELECT
-    *
-  FROM '.IMAGE_FORMAT_TABLE.'
-  WHERE format_id = '.$_GET['format'].'
-;';
-  $formats = query2array($query);
-
-  if (count($formats) == 0)
-  {
-    do_error(400, 'Invalid request - format');
-  }
-
-  $format = $formats[0];
-
-  $_GET['id'] = $format['image_id'];
-  $_GET['part'] = 'f'; // "f" for "format"
-}
-
 
 if (!isset($_GET['id'])
     or !is_numeric($_GET['id'])
     or !isset($_GET['part'])
-    or !in_array($_GET['part'], array('e','r','f') ) )
+    or !in_array($_GET['part'], array('t','e','i','h') ) )
 {
   do_error(400, 'Invalid request - id/part');
 }
@@ -94,22 +70,13 @@ SELECT * FROM '. IMAGES_TABLE.'
   WHERE id='.$_GET['id'].'
 ;';
 
-$element_info = pwg_db_fetch_assoc(pwg_query($query));
+$result = pwg_query($query);
+$element_info = pwg_db_fetch_assoc($result);
 if ( empty($element_info) )
 {
   do_error(404, 'Requested id not found');
 }
 
-// special download action for admins
-$is_admin_download = false;
-if (is_admin() and isset($_GET['pwg_token']) and get_pwg_token() == $_GET['pwg_token'])
-{
-  $is_admin_download = true;
-  $user['enabled_high'] = true;
-}
-
-$src_image = new SrcImage($element_info);
-
 // $filter['visible_categories'] and $filter['visible_images']
 // are not used because it's not necessary (filter <> restriction)
 $query='
@@ -126,7 +93,7 @@ SELECT id
   ).'
   LIMIT 1
 ;';
-if (!$is_admin_download and pwg_db_num_rows(pwg_query($query))<1 )
+if ( pwg_db_num_rows(pwg_query($query))<1 )
 {
   do_error(401, 'Access denied');
 }
@@ -135,23 +102,21 @@ include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
 $file='';
 switch ($_GET['part'])
 {
+  case 't':
+    $file = get_thumbnail_path($element_info);
+    break;
   case 'e':
-    if ( $src_image->is_original() and !$user['enabled_high'] )
-    {// we have a photo and the user has no access to HD
-      $deriv = new DerivativeImage(IMG_XXLARGE, $src_image);
-      if ( !$deriv->same_as_source() )
-      {
-        do_error(401, 'Access denied e');
-      }
-    }
     $file = get_element_path($element_info);
     break;
-  case 'r':
-    $file = original_to_representative( get_element_path($element_info), $element_info['representative_ext'] );
+  case 'i':
+    $file = get_image_path($element_info);
     break;
-  case 'f' :
-    $file = original_to_format(get_element_path($element_info), $format['ext']);
-    $element_info['file'] = get_filename_wo_extension($element_info['file']).'.'.$format['ext'];
+  case 'h':
+    if ( $user['enabled_high']!='true' )
+    {
+      do_error(401, 'Access denied h');
+    }
+    $file = get_high_path($element_info);
     break;
 }
 
@@ -160,17 +125,13 @@ if ( empty($file) )
   do_error(404, 'Requested file not found');
 }
 
-if ($_GET['part'] == 'e') {
+if ($_GET['part'] == 'h') {
   pwg_log($_GET['id'], 'high');
 }
 else if ($_GET['part'] == 'e')
 {
   pwg_log($_GET['id'], 'other');
 }
-else if ($_GET['part'] == 'f')
-{
-  pwg_log($_GET['id'], 'high', $format['format_id']);
-}
 
 $http_headers = array();
 
@@ -196,7 +157,7 @@ if (!url_is_remote($file))
   // HTTP/1.1 only
   $http_headers[] = 'Cache-Control: private, must-revalidate, max-age='.$max_age;*/
 
-  if ('f' != $_GET['part'] and isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) )
+  if ( isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) )
   {
     set_status_header(304);
     foreach ($http_headers as $header)
@@ -214,7 +175,7 @@ if (!isset($ctype))
 
 $http_headers[] = 'Content-Type: '.$ctype;
 
-if (isset($_GET['download']))
+if (!isset($_GET['view']))
 {
   $http_headers[] = 'Content-Disposition: attachment; filename="'.$element_info['file'].'";';
   $http_headers[] = 'Content-Transfer-Encoding: binary';

admin.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -21,35 +21,32 @@
 // | USA.                                                                  |
 // +-----------------------------------------------------------------------+
 
-// +-----------------------------------------------------------------------+
-// | Basic constants and includes                                          |
-// +-----------------------------------------------------------------------+
-
+//----------------------------------------------------------- include
 define('PHPWG_ROOT_PATH','./');
 define('IN_ADMIN', true);
+include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
 
-include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
 include_once(PHPWG_ROOT_PATH.'admin/include/functions_plugins.inc.php');
-include_once(PHPWG_ROOT_PATH.'admin/include/add_core_tabs.inc.php');
 
-trigger_notify('loc_begin_admin');
+trigger_action('loc_begin_admin');
 
 // +-----------------------------------------------------------------------+
 // | Check Access and exit when user status is not ok                      |
 // +-----------------------------------------------------------------------+
-
 check_status(ACCESS_ADMINISTRATOR);
 
-// +-----------------------------------------------------------------------+
-// | Direct actions                                                        |
-// +-----------------------------------------------------------------------+
-
-// save plugins_new display order (AJAX action)
-if (isset($_GET['plugins_new_order']))
+// tags
+if (isset($_GET['fckb_tags']))
 {
-  pwg_set_session_var('plugins_new_order', $_GET['plugins_new_order']);
-  exit;
+  $query = '
+SELECT
+    id AS tag_id,
+    name AS tag_name
+  FROM '.TAGS_TABLE.'
+;';
+  echo json_encode(get_fckb_taglist($query));
+  exit();
 }
 
 // theme changer
@@ -66,85 +63,19 @@ if (isset($_GET['change_theme']))
 
   conf_update_param('admin_theme', $new_admin_theme);
 
-  $url_params = array();
-  foreach (array('page', 'tab', 'section') as $url_param)
-  {
-    if (isset($_GET[$url_param]))
-    {
-      $url_params[] = $url_param.'='.$_GET[$url_param];
-    }
-  }
-  
-  $redirect_url = 'admin.php';
-  if (count($url_params) > 0)
-  {
-    $redirect_url.= '?'.implode('&amp;', $url_params);
-  }
-
-  redirect($redirect_url);
+  redirect('admin.php');
 }
 
 // +-----------------------------------------------------------------------+
-// | Synchronize user informations                                         |
+// |                    synchronize user informations                      |
 // +-----------------------------------------------------------------------+
 
-// sync_user() is only useful when external authentication is activated
-if ($conf['external_authentification'])
-{
-  sync_users();
-}
+sync_users();
 
 // +-----------------------------------------------------------------------+
-// | Variables init                                                        |
+// |                            variables init                             |
 // +-----------------------------------------------------------------------+
 
-$change_theme_url = PHPWG_ROOT_PATH.'admin.php?';
-$test_get = $_GET;
-unset($test_get['page']);
-unset($test_get['section']);
-unset($test_get['tag']);
-if (count($test_get) == 0 and !empty($_SERVER['QUERY_STRING']))
-{
-  $change_theme_url.= str_replace('&', '&amp;', $_SERVER['QUERY_STRING']).'&amp;';
-}
-$change_theme_url.= 'change_theme=1';
-
-// ?page=plugin-community-pendings is an clean alias of
-// ?page=plugin&section=community/admin.php&tab=pendings
-if (isset($_GET['page']) and preg_match('/^plugin-([^-]*)(?:-(.*))?$/', $_GET['page'], $matches))
-{
-  $_GET['page'] = 'plugin';
-  $_GET['section'] = $matches[1].'/admin.php';
-  if (isset($matches[2]))
-  {
-    $_GET['tab'] = $matches[2];
-  }
-}
-
-// ?page=album-134-properties is an clean alias of
-// ?page=album&cat_id=134&tab=properties
-if (isset($_GET['page']) and preg_match('/^album-(\d+)(?:-(.*))?$/', $_GET['page'], $matches))
-{
-  $_GET['page'] = 'album';
-  $_GET['cat_id'] = $matches[1];
-  if (isset($matches[2]))
-  {
-    $_GET['tab'] = $matches[2];
-  }
-}
-
-// ?page=photo-1234-properties is an clean alias of
-// ?page=photo&image_id=1234&tab=properties
-if (isset($_GET['page']) and preg_match('/^photo-(\d+)(?:-(.*))?$/', $_GET['page'], $matches))
-{
-  $_GET['page'] = 'photo';
-  $_GET['image_id'] = $matches[1];
-  if (isset($matches[2]))
-  {
-    $_GET['tab'] = $matches[2];
-  }
-}
-
 if (isset($_GET['page'])
     and preg_match('/^[a-z_]*$/', $_GET['page'])
     and is_file(PHPWG_ROOT_PATH.'admin/'.$_GET['page'].'.php'))
@@ -156,13 +87,18 @@ else
   $page['page'] = 'intro';
 }
 
+$page['errors'] = array();
+$page['infos']  = array();
+
+if (isset($_SESSION['page_infos']))
+{
+  $page['infos'] = array_merge($page['infos'], $_SESSION['page_infos']);
+  unset($_SESSION['page_infos']);
+}
+
 $link_start = PHPWG_ROOT_PATH.'admin.php?page=';
 $conf_link = $link_start.'configuration&amp;section=';
-
-// +-----------------------------------------------------------------------+
-// | Template init                                                         |
-// +-----------------------------------------------------------------------+
-
+//----------------------------------------------------- template initialization
 $title = l10n('Piwigo Administration'); // for include/page_header.php
 $page['page_banner'] = '<h1>'.l10n('Piwigo Administration').'</h1>';
 $page['body_id'] = 'theAdminPage';
@@ -183,81 +119,33 @@ $template->assign(
     'U_CONFIG_DISPLAY'=> $conf_link.'default',
     'U_CONFIG_EXTENTS'=> $link_start.'extend_for_templates',
     'U_CONFIG_MENUBAR'=> $link_start.'menubar',
-    'U_CONFIG_LANGUAGES' => $link_start.'languages',
-    'U_CONFIG_THEMES'=> $link_start.'themes',
+    'U_CONFIG_LANGUAGES' => $link_start.'languages_installed',
+    'U_CONFIG_THEMES'=> $link_start.'themes_installed',
     'U_CATEGORIES'=> $link_start.'cat_list',
+    'U_MOVE'=> $link_start.'cat_move',
     'U_CAT_OPTIONS'=> $link_start.'cat_options',
     'U_CAT_UPDATE'=> $link_start.'site_update&amp;site=1',
+    'U_WAITING'=> $link_start.'upload',
     'U_RATING'=> $link_start.'rating',
-    'U_RECENT_SET'=> $link_start.'batch_manager&amp;filter=prefilter-last_import',
-    'U_BATCH'=> $link_start.'batch_manager',
+    'U_CADDIE'=> $link_start.'element_set&amp;cat=caddie',
+    'U_RECENT_SET'=> $link_start.'element_set&amp;cat=recent',
     'U_TAGS'=> $link_start.'tags',
+    'U_THUMBNAILS'=> $link_start.'thumbnail',
     'U_USERS'=> $link_start.'user_list',
     'U_GROUPS'=> $link_start.'group_list',
-    'U_RETURN'=> get_gallery_home_url(),
+    'U_PERMALINKS'=> $link_start.'permalinks',
+    'U_RETURN'=> make_index_url(),
     'U_ADMIN'=> PHPWG_ROOT_PATH.'admin.php',
     'U_LOGOUT'=> PHPWG_ROOT_PATH.'index.php?act=logout',
-    'U_PLUGINS'=> $link_start.'plugins',
+    'U_PLUGINS'=> $link_start.'plugins_list',
     'U_ADD_PHOTOS' => $link_start.'photos_add',
-    'U_CHANGE_THEME' => $change_theme_url,
-    'U_UPDATES' => $link_start.'updates',
+    'U_CHANGE_THEME' => PHPWG_ROOT_PATH.'admin.php?change_theme=1',
+    'U_PENDING_COMMENTS' => $link_start.'comments',
     )
   );
-  
-if ($conf['activate_comments'])
-{
-  $template->assign('U_COMMENTS', $link_start.'comments');
-  
-  // pending comments
-  $query = '
-SELECT COUNT(*)
-  FROM '.COMMENTS_TABLE.'
-  WHERE validated=\'false\'
-;';
-  list($nb_comments) = pwg_db_fetch_row(pwg_query($query));
 
-  if ($nb_comments > 0)
-  {
-    $template->assign('NB_PENDING_COMMENTS', $nb_comments);
-  }
-}
-
-// any photo in the caddie?
-$query = '
-SELECT COUNT(*)
-  FROM '.CADDIE_TABLE.'
-  WHERE user_id = '.$user['id'].'
-;';
-list($nb_photos_in_caddie) = pwg_db_fetch_row(pwg_query($query));
-
-if ($nb_photos_in_caddie > 0)
-{
-  $template->assign(
-    array(
-      'NB_PHOTOS_IN_CADDIE' => $nb_photos_in_caddie,
-      'U_CADDIE' => $link_start.'batch_manager&amp;filter=prefilter-caddie',
-      )
-    );
-}
-
-// any orphan photo?
-$nb_orphans = count(get_orphans());
-
-if ($nb_orphans > 0)
-{
-  $template->assign(
-    array(
-      'NB_ORPHANS' => $nb_orphans,
-      'U_ORPHANS' => $link_start.'batch_manager&amp;filter=prefilter-no_album',
-      )
-    );
-}
-
-// +-----------------------------------------------------------------------+
-// | Plugin menu                                                           |
-// +-----------------------------------------------------------------------+
-
-$plugin_menu_links = trigger_change('get_admin_plugin_menu_links', array() );
+//---------------------------------------------------------------- plugin menus
+$plugin_menu_links = trigger_event('get_admin_plugin_menu_links', array() );
 
 function UC_name_compare($a, $b)
 {
@@ -266,26 +154,55 @@ function UC_name_compare($a, $b)
 usort($plugin_menu_links, 'UC_name_compare');
 $template->assign('plugin_menu_items', $plugin_menu_links);
 
+include(PHPWG_ROOT_PATH.'admin/'.$page['page'].'.php');
+
+//------------------------------------------------------------- content display
+
 // +-----------------------------------------------------------------------+
-// | Refresh permissions                                                   |
+// |                            errors & infos                             |
 // +-----------------------------------------------------------------------+
 
+$template->assign('ACTIVE_MENU', get_active_menu($page['page']));
+
+if (count($page['errors']) != 0)
+{
+  $template->assign('errors', $page['errors']);
+}
+
+if (count($page['infos']) != 0)
+{
+  $template->assign('infos', $page['infos']);
+}
+
+// Add the Piwigo Official menu
+  $template->assign( 'pwgmenu', pwg_URL() );
+
+include(PHPWG_ROOT_PATH.'include/page_header.php');
+
+trigger_action('loc_end_admin');
+
+$template->pparse('admin');
+
+// +-----------------------------------------------------------------------+
+// |                     order permission refreshment                      |
+// +-----------------------------------------------------------------------+
 // Only for pages witch change permissions
 if (
     in_array($page['page'],
       array(
         'site_manager', // delete site
         'site_update',  // ?only POST
-      )
-    )
-    or ( !empty($_POST) and in_array($page['page'],
-        array(
-          'album',        // public/private; lock/unlock, permissions
-          'cat_move',
-          'cat_options',  // public/private; lock/unlock
-          'user_list',    // group assoc; user level
-          'user_perm',
-        )
+        'cat_list',     // delete cat
+        'cat_modify',   // delete cat; public/private; lock/unlock
+        'cat_move',     // ?only POST
+        'cat_options',  // ?only POST; public/private; lock/unlock
+        'cat_perm',     // ?only POST
+        'element_set',  // ?only POST; associate/dissociate
+        'picture_modify', // ?only POST; associate/dissociate
+        'user_list',    // ?only POST; group assoc
+        'user_perm',
+        'group_perm',
+        'group_list',   // delete group
       )
     )
   )
@@ -293,29 +210,5 @@ if (
   invalidate_user_cache();
 }
 
-// +-----------------------------------------------------------------------+
-// | Include specific page                                                 |
-// +-----------------------------------------------------------------------+
-
-trigger_notify('loc_begin_admin_page');
-include(PHPWG_ROOT_PATH.'admin/'.$page['page'].'.php');
-
-$template->assign('ACTIVE_MENU', get_active_menu($page['page']));
-
-// +-----------------------------------------------------------------------+
-// | Sending html code                                                     |
-// +-----------------------------------------------------------------------+
-
-// Add the Piwigo Official menu
-$template->assign( 'pwgmenu', pwg_URL() );
-
-include(PHPWG_ROOT_PATH.'include/page_header.php');
-
-trigger_notify('loc_end_admin');
-
-flush_page_messages();
-
-$template->pparse('admin');
-
 include(PHPWG_ROOT_PATH.'include/page_tail.php');
 ?>

admin/album.php

@@ -1,90 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if( !defined("PHPWG_ROOT_PATH") )
-{
-  die ("Hacking attempt!");
-}
-
-// +-----------------------------------------------------------------------+
-// | Basic checks                                                          |
-// +-----------------------------------------------------------------------+
-
-check_status(ACCESS_ADMINISTRATOR);
-
-check_input_parameter('cat_id', $_GET, false, PATTERN_ID);
-
-$admin_album_base_url = get_root_url().'admin.php?page=album-'.$_GET['cat_id'];
-
-$query = '
-SELECT *
-  FROM '.CATEGORIES_TABLE.'
-  WHERE id = '.$_GET['cat_id'].'
-;';
-$category = pwg_db_fetch_assoc(pwg_query($query));
-
-if (!isset($category['id']))
-{
-  die("unknown album");
-}
-
-// +-----------------------------------------------------------------------+
-// | Tabs                                                                  |
-// +-----------------------------------------------------------------------+
-
-include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
-
-$page['tab'] = 'properties';
-
-if (isset($_GET['tab']))
-{
-  $page['tab'] = $_GET['tab'];
-}
-
-$tabsheet = new tabsheet();
-$tabsheet->set_id('album');
-$tabsheet->select($page['tab']);
-$tabsheet->assign();
-
-// +-----------------------------------------------------------------------+
-// | Load the tab                                                          |
-// +-----------------------------------------------------------------------+
-
-if ('properties' == $page['tab'])
-{
-  include(PHPWG_ROOT_PATH.'admin/cat_modify.php');
-}
-elseif ('sort_order' == $page['tab'])
-{
-  include(PHPWG_ROOT_PATH.'admin/element_set_ranks.php');
-}
-elseif ('permissions' == $page['tab'])
-{
-  $_GET['cat'] = $_GET['cat_id'];
-  include(PHPWG_ROOT_PATH.'admin/cat_perm.php');
-}
-else
-{
-  include(PHPWG_ROOT_PATH.'admin/album_'.$page['tab'].'.php');
-}
-?>

admin/album_notification.php

@@ -1,338 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die ("Hacking attempt!");
-}
-
-include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
-include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
-
-// +-----------------------------------------------------------------------+
-// | Check Access and exit when user status is not ok                      |
-// +-----------------------------------------------------------------------+
-
-check_status(ACCESS_ADMINISTRATOR);
-
-// +-----------------------------------------------------------------------+
-// |                       variable initialization                         |
-// +-----------------------------------------------------------------------+
-
-$page['cat'] = $category['id'];
-
-// +-----------------------------------------------------------------------+
-// |                           form submission                             |
-// +-----------------------------------------------------------------------+
-
-// info by email to an access granted group of category informations
-if (isset($_POST['submitEmail']))
-{
-  set_make_full_url();
-
-  /* TODO: if $category['representative_picture_id']
-    is empty find child representative_picture_id */
-  if (!empty($category['representative_picture_id']))
-  {
-    $img = array();
-    
-    $query = '
-SELECT id, file, path, representative_ext
-  FROM '.IMAGES_TABLE.'
-  WHERE id = '.$category['representative_picture_id'].'
-;';
-
-    $result = pwg_query($query);
-    if (pwg_db_num_rows($result) > 0)
-    {
-      $element = pwg_db_fetch_assoc($result);
-
-      $img = array(
-        'link' => make_picture_url(
-          array(
-            'image_id' => $element['id'],
-            'image_file' => $element['file'],
-            'category' => $category
-            )
-          ),
-        'src' => DerivativeImage::url(IMG_THUMB, $element),
-        );
-    }
-  }
-
-  $args = array(
-    'subject' => l10n('[%s] Visit album %s', $conf['gallery_title'], trigger_change('render_category_name', $category['name'], 'admin_cat_list')),
-    // TODO : change this language variable to 'Visit album %s'
-    // TODO : 'language_selected' => ....
-    );
-    
-  $tpl = array(
-    'filename' => 'cat_group_info',
-    'assign' => array(
-      'IMG' => $img,
-      'CAT_NAME' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'),
-      'LINK' => make_index_url(
-        array(
-          'category' => array(
-            'id' => $category['id'],
-            'name' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'),
-            'permalink' => $category['permalink']
-            )
-          )
-        ),
-      'CPL_CONTENT' => empty($_POST['mail_content']) ? '' : stripslashes($_POST['mail_content']),
-      )
-    );
-
-  if ('users' == $_POST['who'] and isset($_POST['users']) and count($_POST['users']) > 0)
-  {
-    check_input_parameter('users', $_POST, true, PATTERN_ID);
-
-    // TODO code very similar to function pwg_mail_group. We'd better create
-    // a function pwg_mail_users that could be called from here and from
-    // pwg_mail_group
-
-    // TODO to make checks even better, we should check that theses users
-    // have access to this album. No real privacy issue here, even if we
-    // send the email to a user without permission.
-
-    $query = '
-SELECT
-    ui.user_id,
-    ui.status,
-    ui.language,
-    u.'.$conf['user_fields']['email'].' AS email,
-    u.'.$conf['user_fields']['username'].' AS username
-  FROM '.USER_INFOS_TABLE.' AS ui
-    JOIN '.USERS_TABLE.' AS u ON u.'.$conf['user_fields']['id'].' = ui.user_id
-  WHERE ui.user_id IN ('.implode(',', $_POST['users']).')
-;';
-    $users = query2array($query);
-    $usernames = array();
-    
-    foreach ($users as $u)
-    {
-      $usernames[] = $u['username'];
-      
-      $authkey = create_user_auth_key($u['user_id'], $u['status']);
-      
-      $user_tpl = $tpl;
-
-      if ($authkey !== false)
-      {
-        $user_tpl['assign']['LINK'] = add_url_params($tpl['assign']['LINK'], array('auth' => $authkey['auth_key']));
-
-        if (isset($user_tpl['assign']['IMG']['link']))
-        {
-          $user_tpl['assign']['IMG']['link'] = add_url_params(
-            $user_tpl['assign']['IMG']['link'],
-            array('auth' => $authkey['auth_key'])
-            );
-        }
-      }
-
-      $user_args = $args;
-      if (isset($authkey))
-      {
-        $user_args['auth_key'] = $authkey['auth_key'];
-      }
-
-      switch_lang_to($u['language']);
-      pwg_mail($u['email'], $user_args, $user_tpl);
-      switch_lang_back();
-    }
-
-    $message = l10n_dec('%d mail was sent.', '%d mails were sent.', count($users));
-    $message.= ' ('.implode(', ', $usernames).')';
-    
-    $page['infos'][] = $message;
-  }
-  elseif ('group' == $_POST['who'] and !empty($_POST['group']))
-  {
-    check_input_parameter('group', $_POST, false, PATTERN_ID);
-    
-    pwg_mail_group($_POST['group'], $args, $tpl);
-
-    $query = '
-SELECT
-    name
-  FROM '.GROUPS_TABLE.'
-  WHERE id = '.$_POST['group'].'
-;';
-    list($group_name) = pwg_db_fetch_row(pwg_query($query));
-
-    $page['infos'][] = l10n('An information email was sent to group "%s"', $group_name);
-  }
-
-  unset_make_full_url();
-}
-
-// +-----------------------------------------------------------------------+
-// |                       template initialization                         |
-// +-----------------------------------------------------------------------+
-
-$template->set_filename('album_notification', 'album_notification.tpl');
-
-$template->assign(
-  array(
-    'CATEGORIES_NAV' =>
-      get_cat_display_name_from_id(
-        $page['cat'],
-        'admin.php?page=album-'
-        ),
-    'F_ACTION' => $admin_album_base_url.'-notification',
-    'PWG_TOKEN' => get_pwg_token(),
-    )
-  );
-
-if ($conf['auth_key_duration'] > 0)
-{
-  $template->assign(
-    'auth_key_duration',
-    time_since(
-      strtotime('now -'.$conf['auth_key_duration'].' second'),
-      'second',
-      null,
-      false
-      )
-    );
-}
-
-// +-----------------------------------------------------------------------+
-// |                          form construction                            |
-// +-----------------------------------------------------------------------+
-
-$query = '
-SELECT
-    id AS group_id
-  FROM '.GROUPS_TABLE.'
-;';
-$all_group_ids = array_from_query($query, 'group_id');
-
-if (count($all_group_ids) == 0)
-{
-  $template->assign('no_group_in_gallery', true);
-}
-else
-{
-  if ('private' == $category['status'])
-  {
-    $query = '
-SELECT
-    group_id
-  FROM '.GROUP_ACCESS_TABLE.'
-  WHERE cat_id = '.$category['id'].'
-;';
-    $group_ids = array_from_query($query, 'group_id');
-
-    if (count($group_ids) == 0)
-    {
-      $template->assign('permission_url', $admin_album_base_url.'-permissions');
-    }
-  }
-  else
-  {
-    $group_ids = $all_group_ids;
-  }
-
-  if (count($group_ids) > 0)
-  {
-    $query = '
-SELECT
-    id,
-    name
-  FROM '.GROUPS_TABLE.'
-  WHERE id IN ('.implode(',', $group_ids).')
-  ORDER BY name ASC
-;';
-    $template->assign(
-      'group_mail_options',
-      simple_hash_from_query($query, 'id', 'name')
-      );
-  }
-}
-
-// all users with status != guest and permitted to this this album (for a
-// perfect search, we should also check that album is not only filled with
-// private photos)
-$query = '
-SELECT
-    user_id
-  FROM '.USER_INFOS_TABLE.'
-  WHERE status != \'guest\'
-;';
-$all_user_ids = query2array($query, null, 'user_id');
-
-if ('private' == $category['status'])
-{
-  $user_ids_access_indirect = array();
-  
-  if (isset($group_ids) and count($group_ids) > 0)
-  {
-    $query = '
-SELECT
-    user_id
-  FROM '.USER_GROUP_TABLE.'
-  WHERE group_id IN ('.implode(',', $group_ids).') 
-';
-    $user_ids_access_indirect = query2array($query, null, 'user_id');
-  }
-
-  $query = '
-SELECT
-    user_id
-  FROM '.USER_ACCESS_TABLE.'
-  WHERE cat_id = '.$category['id'].'
-;';
-  $user_ids_access_direct = query2array($query, null, 'user_id');
-
-  $user_ids_access = array_unique(array_merge($user_ids_access_direct, $user_ids_access_indirect));
-
-  $user_ids = array_intersect($user_ids_access, $all_user_ids);
-}
-else
-{
-  $user_ids = $all_user_ids;
-}
-
-if (count($user_ids) > 0)
-{
-  $query = '
-SELECT
-    '.$conf['user_fields']['id'].' AS id,
-    '.$conf['user_fields']['username'].' AS username
-  FROM '.USERS_TABLE.'
-  WHERE id IN ('.implode(',', $user_ids).')
-;';
-
-  $users = query2array($query, 'id', 'username');
-
-  $template->assign('user_options', $users);
-}
-
-// +-----------------------------------------------------------------------+
-// |                           sending html code                           |
-// +-----------------------------------------------------------------------+
-
-$template->assign_var_from_handle('ADMIN_CONTENT', 'album_notification');
-?>

admin/batch_manager.php

@@ -1,742 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-/**
- * Management of elements set. Elements can belong to a category or to the
- * user caddie.
- *
- */
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
-include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
-
-// +-----------------------------------------------------------------------+
-// | Check Access and exit when user status is not ok                      |
-// +-----------------------------------------------------------------------+
-
-check_status(ACCESS_ADMINISTRATOR);
-
-check_input_parameter('selection', $_POST, true, PATTERN_ID);
-
-// +-----------------------------------------------------------------------+
-// | specific actions                                                      |
-// +-----------------------------------------------------------------------+
-
-if (isset($_GET['action']))
-{
-  if ('empty_caddie' == $_GET['action'])
-  {
-    $query = '
-DELETE FROM '.CADDIE_TABLE.'
-  WHERE user_id = '.$user['id'].'
-;';
-    pwg_query($query);
-
-    $_SESSION['page_infos'] = array(
-      l10n('Information data registered in database')
-      );
-    
-    redirect(get_root_url().'admin.php?page='.$_GET['page']);
-  }
-
-  if ('delete_orphans' == $_GET['action'])
-  {
-    $deleted_count = delete_elements(get_orphans(), true);
-    
-    if ($deleted_count > 0)
-    {
-      $_SESSION['page_infos'][] = l10n_dec(
-        '%d photo was deleted', '%d photos were deleted',
-        $deleted_count
-        );
-
-      redirect(get_root_url().'admin.php?page='.$_GET['page']);
-    }
-  }
-}
-
-// +-----------------------------------------------------------------------+
-// |                      initialize current set                           |
-// +-----------------------------------------------------------------------+
-
-// filters from form
-if (isset($_POST['submitFilter']))
-{
-  // echo '<pre>'; print_r($_POST); echo '</pre>';
-  unset($_REQUEST['start']); // new photo set must reset the page
-  $_SESSION['bulk_manager_filter'] = array();
-
-  if (isset($_POST['filter_prefilter_use']))
-  {
-    $_SESSION['bulk_manager_filter']['prefilter'] = $_POST['filter_prefilter'];
-
-    if ('duplicates' == $_POST['filter_prefilter'])
-    {
-      if (isset($_POST['filter_duplicates_date']))
-      {
-        $_SESSION['bulk_manager_filter']['duplicates_date'] = true;
-      }
-      
-      if (isset($_POST['filter_duplicates_dimensions']))
-      {
-        $_SESSION['bulk_manager_filter']['duplicates_dimensions'] = true;
-      }
-    }
-  }
-
-  if (isset($_POST['filter_category_use']))
-  {
-    $_SESSION['bulk_manager_filter']['category'] = $_POST['filter_category'];
-
-    if (isset($_POST['filter_category_recursive']))
-    {
-      $_SESSION['bulk_manager_filter']['category_recursive'] = true;
-    }
-  }
-
-  if (isset($_POST['filter_tags_use']))
-  {
-    $_SESSION['bulk_manager_filter']['tags'] = get_tag_ids($_POST['filter_tags'], false);
-
-    if (isset($_POST['tag_mode']) and in_array($_POST['tag_mode'], array('AND', 'OR')))
-    {
-      $_SESSION['bulk_manager_filter']['tag_mode'] = $_POST['tag_mode'];
-    }
-  }
-
-  if (isset($_POST['filter_level_use']))
-  {
-    check_input_parameter('filter_level', $_POST, false, '/^\d+$/');
-    
-    if (in_array($_POST['filter_level'], $conf['available_permission_levels']))
-    {
-      $_SESSION['bulk_manager_filter']['level'] = $_POST['filter_level'];
-
-      if (isset($_POST['filter_level_include_lower']))
-      {
-        $_SESSION['bulk_manager_filter']['level_include_lower'] = true;
-      }
-    }
-  }
-
-  if (isset($_POST['filter_dimension_use']))
-  {
-    foreach (array('min_width','max_width','min_height','max_height') as $type)
-    {
-      if (filter_var($_POST['filter_dimension_'.$type], FILTER_VALIDATE_INT) !== false)
-      {
-        $_SESSION['bulk_manager_filter']['dimension'][$type] = $_POST['filter_dimension_'. $type ];
-      }
-    }
-    foreach (array('min_ratio','max_ratio') as $type)
-    {
-      if (filter_var($_POST['filter_dimension_'.$type], FILTER_VALIDATE_FLOAT) !== false)
-      {
-        $_SESSION['bulk_manager_filter']['dimension'][$type] = $_POST['filter_dimension_'. $type ];
-      }
-    }
-  }
-
-  if (isset($_POST['filter_filesize_use']))
-  {
-    foreach (array('min','max') as $type)
-    {
-      if (filter_var($_POST['filter_filesize_'.$type], FILTER_VALIDATE_FLOAT) !== false)
-      {
-        $_SESSION['bulk_manager_filter']['filesize'][$type] = $_POST['filter_filesize_'. $type ];
-      }
-    }
-  }
-
-  if (isset($_POST['filter_search_use']))
-  {
-    $_SESSION['bulk_manager_filter']['search']['q'] = $_POST['q'];
-  }
-
-  $_SESSION['bulk_manager_filter'] = trigger_change('batch_manager_register_filters', $_SESSION['bulk_manager_filter']);
-}
-// filters from url
-elseif (isset($_GET['filter']))
-{
-  if (!is_array($_GET['filter']))
-  {
-    $_GET['filter'] = explode(',', $_GET['filter']);
-  }
-
-  $_SESSION['bulk_manager_filter'] = array();
-
-  foreach ($_GET['filter'] as $filter)
-  {
-    list($type, $value) = explode('-', $filter, 2);
-
-    switch ($type)
-    {
-    case 'prefilter':
-      $_SESSION['bulk_manager_filter']['prefilter'] = $value;
-      break;
-
-    case 'album': case 'category': case 'cat':
-      if (is_numeric($value))
-      {
-        $_SESSION['bulk_manager_filter']['category'] = $value;
-      }
-      break;
-
-    case 'tag':
-      if (is_numeric($value))
-      {
-        $_SESSION['bulk_manager_filter']['tags'] = array($value);
-        $_SESSION['bulk_manager_filter']['tag_mode'] = 'AND';
-      }
-      break;
-
-    case 'level':
-      if (is_numeric($value) && in_array($value, $conf['available_permission_levels']))
-      {
-        $_SESSION['bulk_manager_filter']['level'] = $value;
-      }
-      break;
-
-    case 'search':
-      $_SESSION['bulk_manager_filter']['search']['q'] = $value;
-      break;
-
-    case 'dimension':
-      $dim_map = array('w'=>'width','h'=>'height','r'=>'ratio');
-      foreach (explode('-', $value) as $part)
-      {
-        $values = explode('..', substr($part, 1));
-        if (isset($dim_map[$part[0]]))
-        {
-          $type = $dim_map[$part[0]];
-          list(
-            $_SESSION['bulk_manager_filter']['dimension']['min_'.$type],
-            $_SESSION['bulk_manager_filter']['dimension']['max_'.$type]
-          ) = $values;
-        }
-      }
-      break;
-
-    case 'filesize':
-      list(
-        $_SESSION['bulk_manager_filter']['filesize']['min'],
-        $_SESSION['bulk_manager_filter']['filesize']['max']
-      ) = explode('..', $value);
-      break;
-
-    default:
-      $_SESSION['bulk_manager_filter'] = trigger_change('batch_manager_url_filter', $_SESSION['bulk_manager_filter'], $filter);
-      break;
-    }
-  }
-}
-
-if (empty($_SESSION['bulk_manager_filter']))
-{
-  $_SESSION['bulk_manager_filter'] = array(
-    'prefilter' => 'caddie'
-    );
-}
-
-// echo '<pre>'; print_r($_SESSION['bulk_manager_filter']); echo '</pre>';
-
-// depending on the current filter (in session), we find the appropriate photos
-$filter_sets = array();
-if (isset($_SESSION['bulk_manager_filter']['prefilter']))
-{
-  switch ($_SESSION['bulk_manager_filter']['prefilter'])
-  {
-  case 'caddie':
-    $query = '
-SELECT element_id
-  FROM '.CADDIE_TABLE.'
-  WHERE user_id = '.$user['id'].'
-;';
-    $filter_sets[] = query2array($query, null, 'element_id');
-
-    break;
-
-  case 'favorites':
-    $query = '
-SELECT image_id
-  FROM '.FAVORITES_TABLE.'
-  WHERE user_id = '.$user['id'].'
-;';
-    $filter_sets[] = query2array($query, null, 'image_id');
-
-    break;
-
-  case 'last_import':
-    $query = '
-SELECT MAX(date_available) AS date
-  FROM '.IMAGES_TABLE.'
-;';
-    $row = pwg_db_fetch_assoc(pwg_query($query));
-    if (!empty($row['date']))
-    {
-      $query = '
-SELECT id
-  FROM '.IMAGES_TABLE.'
-  WHERE date_available BETWEEN '.pwg_db_get_recent_period_expression(1, $row['date']).' AND \''.$row['date'].'\'
-;';
-      $filter_sets[] = query2array($query, null, 'id');
-    }
-
-    break;
-
-  case 'no_virtual_album':
-    // we are searching elements not linked to any virtual category
-    $query = '
- SELECT id
-   FROM '.IMAGES_TABLE.'
- ;';
-    $all_elements = query2array($query, null, 'id');
-
-    $query = '
- SELECT id
-   FROM '.CATEGORIES_TABLE.'
-   WHERE dir IS NULL
- ;';
-    $virtual_categories = query2array($query, null, 'id');
-    if (!empty($virtual_categories))
-    {
-      $query = '
- SELECT DISTINCT(image_id)
-   FROM '.IMAGE_CATEGORY_TABLE.'
-   WHERE category_id IN ('.implode(',', $virtual_categories).')
- ;';
-      $linked_to_virtual = query2array($query, null, 'image_id');
-    }
-
-    $filter_sets[] = array_diff($all_elements, $linked_to_virtual);
-
-    break;
-
-  case 'no_album':
-    $filter_sets[] = get_orphans();
-    break;
-
-  case 'no_tag':
-    $query = '
-SELECT
-    id
-  FROM '.IMAGES_TABLE.'
-    LEFT JOIN '.IMAGE_TAG_TABLE.' ON id = image_id
-  WHERE tag_id is null
-;';
-    $filter_sets[] = query2array($query, null, 'id');
-
-    break;
-
-
-  case 'duplicates':
-    $duplicates_on_fields = array('file');
-
-    if (isset($_SESSION['bulk_manager_filter']['duplicates_date']))
-    {
-      $duplicates_on_fields[] = 'date_creation';
-    }
-    
-    if (isset($_SESSION['bulk_manager_filter']['duplicates_dimensions']))
-    {
-      $duplicates_on_fields[] = 'width';
-      $duplicates_on_fields[] = 'height';
-    }
-    
-    $query = '
-SELECT
-    GROUP_CONCAT(id) AS ids
-  FROM '.IMAGES_TABLE.'
-  GROUP BY '.implode(',', $duplicates_on_fields).'
-  HAVING COUNT(*) > 1
-;';
-    $array_of_ids_string = query2array($query, null, 'ids');
-
-    $ids = array();
-    
-    foreach ($array_of_ids_string as $ids_string)
-    {
-      $ids = array_merge($ids, explode(',', $ids_string));
-    }
-    
-    $filter_sets[] = $ids;
-
-    break;
-
-  case 'all_photos':
-    if ( count($_SESSION['bulk_manager_filter']) == 1 )
-    {// make the query only if this is the only filter
-      $query = '
-SELECT id
-  FROM '.IMAGES_TABLE.'
-  '.$conf['order_by'];
-
-      $filter_sets[] = query2array($query, null, 'id');
-    }
-    break;
-
-  default:
-    $filter_sets = trigger_change('perform_batch_manager_prefilters', $filter_sets, $_SESSION['bulk_manager_filter']['prefilter']);
-    break;
-  }
-}
-
-if (isset($_SESSION['bulk_manager_filter']['category']))
-{
-  $categories = array();
-
-  if (isset($_SESSION['bulk_manager_filter']['category_recursive']))
-  {
-    $categories = get_subcat_ids(array($_SESSION['bulk_manager_filter']['category']));
-  }
-  else
-  {
-    $categories = array($_SESSION['bulk_manager_filter']['category']);
-  }
-
-  $query = '
- SELECT DISTINCT(image_id)
-   FROM '.IMAGE_CATEGORY_TABLE.'
-   WHERE category_id IN ('.implode(',', $categories).')
- ;';
-  $filter_sets[] = query2array($query, null, 'image_id');
-}
-
-if (isset($_SESSION['bulk_manager_filter']['level']))
-{
-  $operator = '=';
-  if (isset($_SESSION['bulk_manager_filter']['level_include_lower']))
-  {
-    $operator = '<=';
-  }
-
-  $query = '
-SELECT id
-  FROM '.IMAGES_TABLE.'
-  WHERE level '.$operator.' '.$_SESSION['bulk_manager_filter']['level'].'
-  '.$conf['order_by'];
-
-  $filter_sets[] = query2array($query, null, 'id');
-}
-
-if (!empty($_SESSION['bulk_manager_filter']['tags']))
-{
-  $filter_sets[] = get_image_ids_for_tags(
-    $_SESSION['bulk_manager_filter']['tags'],
-    $_SESSION['bulk_manager_filter']['tag_mode'],
-    null,
-    null,
-    false // we don't apply permissions in administration screens
-    );
-}
-
-if (isset($_SESSION['bulk_manager_filter']['dimension']))
-{
-  $where_clauses = array();
-  if (isset($_SESSION['bulk_manager_filter']['dimension']['min_width']))
-  {
-    $where_clause[] = 'width >= '.$_SESSION['bulk_manager_filter']['dimension']['min_width'];
-  }
-  if (isset($_SESSION['bulk_manager_filter']['dimension']['max_width']))
-  {
-    $where_clause[] = 'width <= '.$_SESSION['bulk_manager_filter']['dimension']['max_width'];
-  }
-  if (isset($_SESSION['bulk_manager_filter']['dimension']['min_height']))
-  {
-    $where_clause[] = 'height >= '.$_SESSION['bulk_manager_filter']['dimension']['min_height'];
-  }
-  if (isset($_SESSION['bulk_manager_filter']['dimension']['max_height']))
-  {
-    $where_clause[] = 'height <= '.$_SESSION['bulk_manager_filter']['dimension']['max_height'];
-  }
-  if (isset($_SESSION['bulk_manager_filter']['dimension']['min_ratio']))
-  {
-    $where_clause[] = 'width/height >= '.$_SESSION['bulk_manager_filter']['dimension']['min_ratio'];
-  }
-  if (isset($_SESSION['bulk_manager_filter']['dimension']['max_ratio']))
-  {
-    // max_ratio is a floor value, so must be a bit increased
-    $where_clause[] = 'width/height < '.($_SESSION['bulk_manager_filter']['dimension']['max_ratio']+0.01);
-  }
-
-  $query = '
-SELECT id
-  FROM '.IMAGES_TABLE.'
-  WHERE '.implode(' AND ',$where_clause).'
-  '.$conf['order_by'];
-
-  $filter_sets[] = query2array($query, null, 'id');
-}
-
-if (isset($_SESSION['bulk_manager_filter']['filesize']))
-{
-  $where_clauses = array();
-  
-  if (isset($_SESSION['bulk_manager_filter']['filesize']['min']))
-  {
-    $where_clause[] = 'filesize >= '.$_SESSION['bulk_manager_filter']['filesize']['min']*1024;
-  }
-  
-  if (isset($_SESSION['bulk_manager_filter']['filesize']['max']))
-  {
-    $where_clause[] = 'filesize <= '.$_SESSION['bulk_manager_filter']['filesize']['max']*1024;
-  }
-
-  $query = '
-SELECT id
-  FROM '.IMAGES_TABLE.'
-  WHERE '.implode(' AND ',$where_clause).'
-  '.$conf['order_by'];
-
-  $filter_sets[] = query2array($query, null, 'id');
-}
-
-if (isset($_SESSION['bulk_manager_filter']['search']) && 
-    strlen($_SESSION['bulk_manager_filter']['search']['q']))
-{
-  include_once( PHPWG_ROOT_PATH .'include/functions_search.inc.php' );
-  $res = get_quick_search_results_no_cache($_SESSION['bulk_manager_filter']['search']['q'], array('permissions'=>false));
-  if (!empty($res['items']) && !empty($res['qs']['unmatched_terms']))
-  {
-    $template->assign('no_search_results', array_map('htmlspecialchars', $res['qs']['unmatched_terms']) );
-  }
-  $filter_sets[] = $res['items'];
-}
-
-$filter_sets = trigger_change('batch_manager_perform_filters', $filter_sets, $_SESSION['bulk_manager_filter']);
-
-$current_set = array_shift($filter_sets);
-foreach ($filter_sets as $set)
-{
-  $current_set = array_intersect($current_set, $set);
-}
-$page['cat_elements_id'] = $current_set;
-
-
-// +-----------------------------------------------------------------------+
-// |                       first element to display                        |
-// +-----------------------------------------------------------------------+
-
-// $page['start'] contains the number of the first element in its
-// category. For exampe, $page['start'] = 12 means we must show elements #12
-// and $page['nb_images'] next elements
-
-if (!isset($_REQUEST['start'])
-    or !is_numeric($_REQUEST['start'])
-    or $_REQUEST['start'] < 0
-    or (isset($_REQUEST['display']) and 'all' == $_REQUEST['display']))
-{
-  $page['start'] = 0;
-}
-else
-{
-  $page['start'] = $_REQUEST['start'];
-}
-
-
-// +-----------------------------------------------------------------------+
-// |                                 Tabs                                  |
-// +-----------------------------------------------------------------------+
-$manager_link = get_root_url().'admin.php?page=batch_manager&amp;mode=';
-
-if (isset($_GET['mode']))
-{
-  $page['tab'] = $_GET['mode'];
-}
-else
-{
-  $page['tab'] = 'global';
-}
-
-$tabsheet = new tabsheet();
-$tabsheet->set_id('batch_manager');
-$tabsheet->select($page['tab']);
-$tabsheet->assign();
-
-
-// +-----------------------------------------------------------------------+
-// |                              dimensions                               |
-// +-----------------------------------------------------------------------+
-
-$widths = array();
-$heights = array();
-$ratios = array();
-$dimensions = array();
-
-// get all width, height and ratios
-$query = '
-SELECT
-  DISTINCT width, height
-  FROM '.IMAGES_TABLE.'
-  WHERE width IS NOT NULL
-    AND height IS NOT NULL
-;';
-$result = pwg_query($query);
-
-if (pwg_db_num_rows($result))
-{
-  while ($row = pwg_db_fetch_assoc($result))
-  {
-    if ($row['width']>0 && $row['height']>0)
-    {
-      $widths[] = $row['width'];
-      $heights[] = $row['height'];
-      $ratios[] = floor($row['width'] / $row['height'] * 100) / 100;
-    }
-  }
-}
-if (empty($widths))
-{ // arbitrary values, only used when no photos on the gallery
-  $widths = array(600, 1920, 3500);
-  $heights = array(480, 1080, 2300);
-  $ratios = array(1.25, 1.52, 1.78);
-}
-
-foreach (array('widths','heights','ratios') as $type)
-{
-  ${$type} = array_unique(${$type});
-  sort(${$type});
-  $dimensions[$type] = implode(',', ${$type});
-}
-
-$dimensions['bounds'] = array(
-  'min_width' => $widths[0],
-  'max_width' => end($widths),
-  'min_height' => $heights[0],
-  'max_height' => end($heights),
-  'min_ratio' => $ratios[0],
-  'max_ratio' => end($ratios),
-  );
-
-// find ratio categories
-$ratio_categories = array(
-  'portrait' => array(),
-  'square' => array(),
-  'landscape' => array(),
-  'panorama' => array(),
-  );
-
-foreach ($ratios as $ratio)
-{
-  if ($ratio < 0.95)
-  {
-    $ratio_categories['portrait'][] = $ratio;
-  }
-  else if ($ratio >= 0.95 and $ratio <= 1.05)
-  {
-    $ratio_categories['square'][] = $ratio;
-  }
-  else if ($ratio > 1.05 and $ratio < 2)
-  {
-    $ratio_categories['landscape'][] = $ratio;
-  }
-  else if ($ratio >= 2)
-  {
-    $ratio_categories['panorama'][] = $ratio;
-  }
-}
-
-foreach (array_keys($ratio_categories) as $type)
-{
-  if (count($ratio_categories[$type]) > 0)
-  {
-    $dimensions['ratio_'.$type] = array(
-      'min' => $ratio_categories[$type][0],
-      'max' => end($ratio_categories[$type]),
-      );
-  }
-}
-
-// selected=bound if nothing selected
-foreach (array_keys($dimensions['bounds']) as $type)
-{
-  $dimensions['selected'][$type] = isset($_SESSION['bulk_manager_filter']['dimension'][$type])
-    ? $_SESSION['bulk_manager_filter']['dimension'][$type]
-    : $dimensions['bounds'][$type]
-  ;
-}
-
-$template->assign('dimensions', $dimensions);
-
-// +-----------------------------------------------------------------------+
-// | filesize                                                              |
-// +-----------------------------------------------------------------------+
-
-$filesizes = array();
-$filesize = array();
-
-$query = '
-SELECT
-  filesize
-  FROM '.IMAGES_TABLE.'
-  WHERE filesize IS NOT NULL
-  GROUP BY filesize
-;';
-$result = pwg_query($query);
-
-while ($row = pwg_db_fetch_assoc($result))
-{
-  $filesizes[] = sprintf('%.1f', $row['filesize']/1024);
-}
-
-if (empty($filesizes))
-{ // arbitrary values, only used when no photos on the gallery
-  $filesizes = array(0, 1, 2, 5, 8, 15);
-}
-
-$filesizes = array_unique($filesizes);
-sort($filesizes);
-
-// add 0.1MB to the last value, to make sure the heavier photo will be in
-// the result
-$filesizes[count($filesizes)-1]+= 0.1;
-
-$filesize['list'] = implode(',', $filesizes);
-
-$filesize['bounds'] = array(
-  'min' => $filesizes[0],
-  'max' => end($filesizes),
-  );
-
-// selected=bound if nothing selected
-foreach (array_keys($filesize['bounds']) as $type)
-{
-  $filesize['selected'][$type] = isset($_SESSION['bulk_manager_filter']['filesize'][$type])
-    ? $_SESSION['bulk_manager_filter']['filesize'][$type]
-    : $filesize['bounds'][$type]
-  ;
-}
-
-$template->assign('filesize', $filesize);
-
-// +-----------------------------------------------------------------------+
-// |                         open specific mode                            |
-// +-----------------------------------------------------------------------+
-
-include(PHPWG_ROOT_PATH.'admin/batch_manager_'.$page['tab'].'.php');
-?>

admin/batch_manager_global.php

@@ -1,717 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-/**
- * Management of elements set. Elements can belong to a category or to the
- * user caddie.
- *
- */
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
-
-// +-----------------------------------------------------------------------+
-// | Check Access and exit when user status is not ok                      |
-// +-----------------------------------------------------------------------+
-
-check_status(ACCESS_ADMINISTRATOR);
-
-trigger_notify('loc_begin_element_set_global');
-
-check_input_parameter('del_tags', $_POST, true, PATTERN_ID);
-check_input_parameter('associate', $_POST, false, PATTERN_ID);
-check_input_parameter('dissociate', $_POST, false, PATTERN_ID);
-
-// +-----------------------------------------------------------------------+
-// |                            current selection                          |
-// +-----------------------------------------------------------------------+
-
-$collection = array();
-if (isset($_POST['setSelected']))
-{
-  $collection = $page['cat_elements_id'];
-}
-else if (isset($_POST['selection']))
-{
-  $collection = $_POST['selection'];
-}
-
-// +-----------------------------------------------------------------------+
-// |                       global mode form submission                     |
-// +-----------------------------------------------------------------------+
-
-// $page['prefilter'] is a shortcut to test if the current filter contains a
-// given prefilter. The idea is to make conditions simpler to write in the
-// code.
-$page['prefilter'] = 'none';
-if (isset($_SESSION['bulk_manager_filter']['prefilter']))
-{
-  $page['prefilter'] = $_SESSION['bulk_manager_filter']['prefilter'];
-}
-
-$redirect_url = get_root_url().'admin.php?page='.$_GET['page'];
-
-if (isset($_POST['submit']))
-{
-  // if the user tries to apply an action, it means that there is at least 1
-  // photo in the selection
-  if (count($collection) == 0)
-  {
-    $page['errors'][] = l10n('Select at least one photo');
-  }
-
-  $action = $_POST['selectAction'];
-  $redirect = false;
-
-  if ('remove_from_caddie' == $action)
-  {
-    $query = '
-DELETE
-  FROM '.CADDIE_TABLE.'
-  WHERE element_id IN ('.implode(',', $collection).')
-    AND user_id = '.$user['id'].'
-;';
-    pwg_query($query);
-
-    // remove from caddie action available only in caddie so reload content
-    $redirect = true;
-  }
-
-  else if ('add_tags' == $action)
-  {
-    if (empty($_POST['add_tags']))
-    {
-      $page['errors'][] = l10n('Select at least one tag');
-    }
-    else
-    {
-      $tag_ids = get_tag_ids($_POST['add_tags']);
-      add_tags($tag_ids, $collection);
-
-      if ('no_tag' == $page['prefilter'])
-      {
-        $redirect = true;
-      }
-    }
-  }
-
-  else if ('del_tags' == $action)
-  {
-    if (isset($_POST['del_tags']) and count($_POST['del_tags']) > 0)
-    {
-      $taglist_before = get_image_tag_ids($collection);
-
-      $query = '
-DELETE
-  FROM '.IMAGE_TAG_TABLE.'
-  WHERE image_id IN ('.implode(',', $collection).')
-    AND tag_id IN ('.implode(',', $_POST['del_tags']).')
-;';
-      pwg_query($query);
-
-      $taglist_after = get_image_tag_ids($collection);
-      $images_to_update = compare_image_tag_lists($taglist_before, $taglist_after);
-      update_images_lastmodified($images_to_update);
-
-      if (isset($_SESSION['bulk_manager_filter']['tags']) &&
-        count(array_intersect($_SESSION['bulk_manager_filter']['tags'], $_POST['del_tags'])))
-      {
-        $redirect = true;
-      }
-    }
-    else
-    {
-      $page['errors'][] = l10n('Select at least one tag');
-    }
-  }
-
-  if ('associate' == $action)
-  {
-    associate_images_to_categories(
-      $collection,
-      array($_POST['associate'])
-      );
-
-    $_SESSION['page_infos'] = array(
-      l10n('Information data registered in database')
-      );
-
-    // let's refresh the page because we the current set might be modified
-    if ('no_album' == $page['prefilter'])
-    {
-      $redirect = true;
-    }
-
-    else if ('no_virtual_album' == $page['prefilter'])
-    {
-      $category_info = get_cat_info($_POST['associate']);
-      if (empty($category_info['dir']))
-      {
-        $redirect = true;
-      }
-    }
-  }
-
-  else if ('move' == $action)
-  {
-    move_images_to_categories($collection, array($_POST['associate']));
-
-    $_SESSION['page_infos'] = array(
-      l10n('Information data registered in database')
-      );
-
-    // let's refresh the page because we the current set might be modified
-    if ('no_album' == $page['prefilter'])
-    {
-      $redirect = true;
-    }
-
-    else if ('no_virtual_album' == $page['prefilter'])
-    {
-      $category_info = get_cat_info($_POST['associate']);
-      if (empty($category_info['dir']))
-      {
-        $redirect = true;
-      }
-    }
-
-    else if (isset($_SESSION['bulk_manager_filter']['category'])
-        and $_POST['move'] != $_SESSION['bulk_manager_filter']['category'])
-    {
-      $redirect = true;
-    }
-  }
-
-  else if ('dissociate' == $action)
-  {
-    // physical links must not be broken, so we must first retrieve image_id
-    // which create virtual links with the category to "dissociate from".
-    $query = '
-SELECT id
-  FROM '.IMAGE_CATEGORY_TABLE.'
-    INNER JOIN '.IMAGES_TABLE.' ON image_id = id
-  WHERE category_id = '.$_POST['dissociate'].'
-    AND id IN ('.implode(',', $collection).')
-    AND (
-      category_id != storage_category_id
-      OR storage_category_id IS NULL
-    )
-;';
-    $dissociables = array_from_query($query, 'id');
-
-    if (!empty($dissociables))
-    {
-      $query = '
-DELETE
-  FROM '.IMAGE_CATEGORY_TABLE.'
-  WHERE category_id = '.$_POST['dissociate'].'
-    AND image_id IN ('.implode(',', $dissociables).')
-';
-      pwg_query($query);
-
-      $_SESSION['page_infos'] = array(
-        l10n('Information data registered in database')
-        );
-
-      // let's refresh the page because the current set might be modified
-      $redirect = true;
-    }
-  }
-
-  // author
-  else if ('author' == $action)
-  {
-    if (isset($_POST['remove_author']))
-    {
-      $_POST['author'] = null;
-    }
-
-    $datas = array();
-    foreach ($collection as $image_id)
-    {
-      $datas[] = array(
-        'id' => $image_id,
-        'author' => $_POST['author']
-        );
-    }
-
-    mass_updates(
-      IMAGES_TABLE,
-      array('primary' => array('id'), 'update' => array('author')),
-      $datas
-      );
-  }
-
-  // title
-  else if ('title' == $action)
-  {
-    if (isset($_POST['remove_title']))
-    {
-      $_POST['title'] = null;
-    }
-
-    $datas = array();
-    foreach ($collection as $image_id)
-    {
-      $datas[] = array(
-        'id' => $image_id,
-        'name' => $_POST['title']
-        );
-    }
-
-    mass_updates(
-      IMAGES_TABLE,
-      array('primary' => array('id'), 'update' => array('name')),
-      $datas
-      );
-  }
-
-  // date_creation
-  else if ('date_creation' == $action)
-  {
-    if (isset($_POST['remove_date_creation']) || empty($_POST['date_creation']))
-    {
-      $date_creation = null;
-    }
-    else
-    {
-      $date_creation = $_POST['date_creation'];
-    }
-
-    $datas = array();
-    foreach ($collection as $image_id)
-    {
-      $datas[] = array(
-        'id' => $image_id,
-        'date_creation' => $date_creation
-        );
-    }
-
-    mass_updates(
-      IMAGES_TABLE,
-      array('primary' => array('id'), 'update' => array('date_creation')),
-      $datas
-      );
-  }
-
-  // privacy_level
-  else if ('level' == $action)
-  {
-    $datas = array();
-    foreach ($collection as $image_id)
-    {
-      $datas[] = array(
-        'id' => $image_id,
-        'level' => $_POST['level']
-        );
-    }
-
-    mass_updates(
-      IMAGES_TABLE,
-      array('primary' => array('id'), 'update' => array('level')),
-      $datas
-      );
-
-    if (isset($_SESSION['bulk_manager_filter']['level']))
-    {
-      if ($_POST['level'] < $_SESSION['bulk_manager_filter']['level'])
-      {
-        $redirect = true;
-      }
-    }
-  }
-
-  // add_to_caddie
-  else if ('add_to_caddie' == $action)
-  {
-    fill_caddie($collection);
-  }
-
-  // delete
-  else if ('delete' == $action)
-  {
-    if (isset($_POST['confirm_deletion']) and 1 == $_POST['confirm_deletion'])
-    {
-      $deleted_count = delete_elements($collection, true);
-      if ($deleted_count > 0)
-      {
-        $_SESSION['page_infos'][] = l10n_dec(
-          '%d photo was deleted', '%d photos were deleted',
-          $deleted_count
-          );
-
-        $redirect_url = get_root_url().'admin.php?page='.$_GET['page'];
-        $redirect = true;
-      }
-      else
-      {
-        $page['errors'][] = l10n('No photo can be deleted');
-      }
-    }
-    else
-    {
-      $page['errors'][] = l10n('You need to confirm deletion');
-    }
-  }
-
-  // synchronize metadata
-  else if ('metadata' == $action)
-  {
-    sync_metadata($collection);
-    $page['infos'][] = l10n('Metadata synchronized from file');
-  }
-
-  else if ('delete_derivatives' == $action && !empty($_POST['del_derivatives_type']))
-  {
-    $query='SELECT path,representative_ext FROM '.IMAGES_TABLE.'
-  WHERE id IN ('.implode(',', $collection).')';
-    $result = pwg_query($query);
-    while ($info = pwg_db_fetch_assoc($result))
-    {
-      foreach( $_POST['del_derivatives_type'] as $type)
-      {
-        delete_element_derivatives($info, $type);
-      }
-    }
-  }
-
-  else if ('generate_derivatives' == $action)
-  {
-    if ($_POST['regenerateSuccess'] != '0')
-    {
-      $page['infos'][] = l10n('%s photos have been regenerated', $_POST['regenerateSuccess']);
-    }
-    if ($_POST['regenerateError'] != '0')
-    {
-      $page['warnings'][] = l10n('%s photos can not be regenerated', $_POST['regenerateError']);
-    }
-  }
-
-  if (!in_array($action, array('remove_from_caddie','add_to_caddie','delete_derivatives','generate_derivatives')))
-  {
-    invalidate_user_cache();
-  }
-
-  trigger_notify('element_set_global_action', $action, $collection);
-
-  if ($redirect)
-  {
-    redirect($redirect_url);
-  }
-}
-
-// +-----------------------------------------------------------------------+
-// |                             template init                             |
-// +-----------------------------------------------------------------------+
-$template->set_filenames(array('batch_manager_global' => 'batch_manager_global.tpl'));
-
-$base_url = get_root_url().'admin.php';
-
-$prefilters = array(
-  array('ID' => 'caddie', 'NAME' => l10n('Caddie')),
-  array('ID' => 'favorites', 'NAME' => l10n('Your favorites')),
-  array('ID' => 'last_import', 'NAME' => l10n('Last import')),
-  array('ID' => 'no_album', 'NAME' => l10n('With no album').' ('.l10n('Orphans').')'),
-  array('ID' => 'no_tag', 'NAME' => l10n('With no tag')),
-  array('ID' => 'duplicates', 'NAME' => l10n('Duplicates')),
-  array('ID' => 'all_photos', 'NAME' => l10n('All'))
-);
-
-if ($conf['enable_synchronization'])
-{
-  $prefilters[] = array('ID' => 'no_virtual_album', 'NAME' => l10n('With no virtual album'));
-}
-
-$prefilters = trigger_change('get_batch_manager_prefilters', $prefilters);
-usort($prefilters, 'UC_name_compare');
-
-$template->assign(
-  array(
-    'prefilters' => $prefilters,
-    'filter' => $_SESSION['bulk_manager_filter'],
-    'selection' => $collection,
-    'all_elements' => $page['cat_elements_id'],
-    'START' => $page['start'],
-    'U_DISPLAY'=>$base_url.get_query_string_diff(array('display')),
-    'F_ACTION'=>$base_url.get_query_string_diff(array('cat','start','tag','filter')),
-   )
- );
-
-// +-----------------------------------------------------------------------+
-// |                            caddie options                             |
-// +-----------------------------------------------------------------------+
-$template->assign('IN_CADDIE', 'caddie' == $page['prefilter']);
-
-
-// +-----------------------------------------------------------------------+
-// |                           global mode form                            |
-// +-----------------------------------------------------------------------+
-
-// privacy level
-foreach ($conf['available_permission_levels'] as $level)
-{
-  $level_options[$level] = l10n(sprintf('Level %d', $level));
-
-  if (0 == $level)
-  {
-    $level_options[$level] = l10n('Everybody');
-  }
-}
-$template->assign(
-  array(
-    'filter_level_options'=> $level_options,
-    'filter_level_options_selected' => isset($_SESSION['bulk_manager_filter']['level'])
-    ? $_SESSION['bulk_manager_filter']['level']
-    : 0,
-    )
-  );
-
-// tags
-$filter_tags = array();
-
-if (!empty($_SESSION['bulk_manager_filter']['tags']))
-{
-  $query = '
-SELECT
-    id,
-    name
-  FROM '.TAGS_TABLE.'
-  WHERE id IN ('.implode(',', $_SESSION['bulk_manager_filter']['tags']).')
-;';
-
-  $filter_tags = get_taglist($query);
-}
-
-$template->assign('filter_tags', $filter_tags);
-
-// in the filter box, which category to select by default
-$selected_category = array();
-
-if (isset($_SESSION['bulk_manager_filter']['category']))
-{
-  $selected_category = array($_SESSION['bulk_manager_filter']['category']);
-}
-else
-{
-  // we need to know the category in which the last photo was added
-  $query = '
-SELECT category_id
-  FROM '.IMAGE_CATEGORY_TABLE.'
-  ORDER BY image_id DESC
-  LIMIT 1
-;';
-  $result = pwg_query($query);
-  if (pwg_db_num_rows($result) > 0)
-  {
-    $row = pwg_db_fetch_assoc($result);
-    $selected_category[] = $row['category_id'];
-  }
-}
-
-$template->assign('filter_category_selected', $selected_category);
-
-// Dissociate from a category : categories listed for dissociation can only
-// represent virtual links. We can't create orphans. Links to physical
-// categories can't be broken.
-if (count($page['cat_elements_id']) > 0)
-{
-  $query = '
-SELECT
-    DISTINCT(category_id) AS id
-  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
-    JOIN '.IMAGES_TABLE.' AS i ON i.id = ic.image_id
-  WHERE ic.image_id IN ('.implode(',', $page['cat_elements_id']).')
-    AND (
-      ic.category_id != i.storage_category_id
-      OR i.storage_category_id IS NULL
-    )
-;';
-
-  $template->assign('associated_categories', query2array($query, 'id', 'id'));
-}
-
-if (count($page['cat_elements_id']) > 0)
-{
-  // remove tags
-  $template->assign('associated_tags', get_common_tags($page['cat_elements_id'], -1));
-}
-
-// creation date
-$template->assign('DATE_CREATION',
-  empty($_POST['date_creation']) ? date('Y-m-d').' 00:00:00' : $_POST['date_creation']
-  );
-
-// image level options
-$template->assign(
-    array(
-      'level_options'=> get_privacy_level_options(),
-      'level_options_selected' => 0,
-    )
-  );
-
-// metadata
-include_once( PHPWG_ROOT_PATH.'admin/site_reader_local.php');
-$site_reader = new LocalSiteReader('./');
-$used_metadata = implode( ', ', $site_reader->get_metadata_attributes());
-
-$template->assign(
-    array(
-      'used_metadata' => $used_metadata,
-    )
-  );
-
-//derivatives
-$del_deriv_map = array();
-foreach(ImageStdParams::get_defined_type_map() as $params)
-{
-  $del_deriv_map[$params->type] = l10n($params->type);
-}
-$gen_deriv_map = $del_deriv_map;
-$del_deriv_map[IMG_CUSTOM] = l10n(IMG_CUSTOM);
-$template->assign(
-    array(
-      'del_derivatives_types' => $del_deriv_map,
-      'generate_derivatives_types' => $gen_deriv_map,
-    )
-  );
-
-// +-----------------------------------------------------------------------+
-// |                        global mode thumbnails                         |
-// +-----------------------------------------------------------------------+
-
-// how many items to display on this page
-if (!empty($_GET['display']))
-{
-  if ('all' == $_GET['display'])
-  {
-    $page['nb_images'] = count($page['cat_elements_id']);
-  }
-  else
-  {
-    $page['nb_images'] = intval($_GET['display']);
-  }
-}
-else
-{
-  $page['nb_images'] = 20;
-}
-
-$nb_thumbs_page = 0;
-
-if (count($page['cat_elements_id']) > 0)
-{
-  $nav_bar = create_navigation_bar(
-    $base_url.get_query_string_diff(array('start')),
-    count($page['cat_elements_id']),
-    $page['start'],
-    $page['nb_images']
-    );
-  $template->assign('navbar', $nav_bar);
-
-  $is_category = false;
-  if (isset($_SESSION['bulk_manager_filter']['category'])
-      and !isset($_SESSION['bulk_manager_filter']['category_recursive']))
-  {
-    $is_category = true;
-  }
-
-  if (isset($_SESSION['bulk_manager_filter']['prefilter'])
-      and 'duplicates' == $_SESSION['bulk_manager_filter']['prefilter'])
-  {
-    $conf['order_by'] = ' ORDER BY file, id';
-  }
-
-  $query = '
-SELECT id,path,representative_ext,file,filesize,level,name,width,height,rotation
-  FROM '.IMAGES_TABLE;
-
-  if ($is_category)
-  {
-    $category_info = get_cat_info($_SESSION['bulk_manager_filter']['category']);
-
-    $conf['order_by'] = $conf['order_by_inside_category'];
-    if (!empty($category_info['image_order']))
-    {
-      $conf['order_by'] = ' ORDER BY '.$category_info['image_order'];
-    }
-
-    $query.= '
-    JOIN '.IMAGE_CATEGORY_TABLE.' ON id = image_id';
-  }
-
-  $query.= '
-  WHERE id IN ('.implode(',', $page['cat_elements_id']).')';
-
-  if ($is_category)
-  {
-    $query.= '
-    AND category_id = '.$_SESSION['bulk_manager_filter']['category'];
-  }
-
-  $query.= '
-  '.$conf['order_by'].'
-  LIMIT '.$page['nb_images'].' OFFSET '.$page['start'].'
-;';
-  $result = pwg_query($query);
-
-  $thumb_params = ImageStdParams::get_by_type(IMG_THUMB);
-  // template thumbnail initialization
-  while ($row = pwg_db_fetch_assoc($result))
-  {
-    $nb_thumbs_page++;
-    $src_image = new SrcImage($row);
-
-    $ttitle = render_element_name($row);
-    if ($ttitle != get_name_from_file($row['file']))
-    {
-      $ttitle.= ' ('.$row['file'].')';
-    }
-
-    $template->append(
-      'thumbnails', array_merge($row,
-      array(
-        'thumb' => new DerivativeImage($thumb_params, $src_image),
-        'TITLE' => $ttitle,
-        'FILE_SRC' => DerivativeImage::url(IMG_LARGE, $src_image),
-        'U_EDIT' => get_root_url().'admin.php?page=photo-'.$row['id'],
-        )
-      ));
-  }
-  $template->assign('thumb_params', $thumb_params);
-}
-
-$template->assign(array(
-  'nb_thumbs_page' => $nb_thumbs_page,
-  'nb_thumbs_set' => count($page['cat_elements_id']),
-  'CACHE_KEYS' => get_admin_client_cache_keys(array('tags', 'categories')),
-  ));
-
-trigger_notify('loc_end_element_set_global');
-
-//----------------------------------------------------------- sending html code
-$template->assign_var_from_handle('ADMIN_CONTENT', 'batch_manager_global');
-?>

admin/batch_manager_unit.php

@@ -1,257 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-/**
- * Management of elements set. Elements can belong to a category or to the
- * user caddie.
- *
- */
-
-if (!defined('PHPWG_ROOT_PATH'))
-{
-  die('Hacking attempt!');
-}
-
-include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
-
-// +-----------------------------------------------------------------------+
-// | Check Access and exit when user status is not ok                      |
-// +-----------------------------------------------------------------------+
-check_status(ACCESS_ADMINISTRATOR);
-
-trigger_notify('loc_begin_element_set_unit');
-
-// +-----------------------------------------------------------------------+
-// |                        unit mode form submission                      |
-// +-----------------------------------------------------------------------+
-
-if (isset($_POST['submit']))
-{
-  $collection = explode(',', $_POST['element_ids']);
-
-  $datas = array();
-
-  $query = '
-SELECT id, date_creation
-  FROM '.IMAGES_TABLE.'
-  WHERE id IN ('.implode(',', $collection).')
-;';
-  $result = pwg_query($query);
-
-  while ($row = pwg_db_fetch_assoc($result))
-  {
-    $data = array();
-
-    $data['id'] = $row['id'];
-    $data['name'] = $_POST['name-'.$row['id']];
-    $data['author'] = $_POST['author-'.$row['id']];
-    $data['level'] = $_POST['level-'.$row['id']];
-
-    if ($conf['allow_html_descriptions'])
-    {
-      $data['comment'] = @$_POST['description-'.$row['id']];
-    }
-    else
-    {
-      $data['comment'] = strip_tags(@$_POST['description-'.$row['id']]);
-    }
-
-    if (!empty($_POST['date_creation-'.$row['id']]))
-    {
-      $data['date_creation'] = $_POST['date_creation-'.$row['id']];
-    }
-    else
-    {
-      $data['date_creation'] = null;
-    }
-
-    $datas[] = $data;
-
-    // tags management
-    $tag_ids = array();
-    if (!empty($_POST[ 'tags-'.$row['id'] ]))
-    {
-      $tag_ids = get_tag_ids($_POST[ 'tags-'.$row['id'] ]);
-    }
-    set_tags($tag_ids, $row['id']);
-  }
-
-  mass_updates(
-    IMAGES_TABLE,
-    array(
-      'primary' => array('id'),
-      'update' => array('name','author','level','comment','date_creation')
-      ),
-    $datas
-    );
-
-  $page['infos'][] = l10n('Photo informations updated');
-  invalidate_user_cache();
-}
-
-// +-----------------------------------------------------------------------+
-// |                             template init                             |
-// +-----------------------------------------------------------------------+
-
-$template->set_filenames(
-  array('batch_manager_unit' => 'batch_manager_unit.tpl'));
-
-$base_url = PHPWG_ROOT_PATH.'admin.php';
-
-$template->assign(
-  array(
-    'U_ELEMENTS_PAGE' => $base_url.get_query_string_diff(array('display','start')),
-    'F_ACTION' => $base_url.get_query_string_diff(array()),
-    'level_options' => get_privacy_level_options(),
-    )
-  );
-
-// +-----------------------------------------------------------------------+
-// |                        global mode thumbnails                         |
-// +-----------------------------------------------------------------------+
-
-// how many items to display on this page
-if (!empty($_GET['display']))
-{
-  $page['nb_images'] = intval($_GET['display']);
-}
-else
-{
-  $page['nb_images'] = 5;
-}
-
-
-
-if (count($page['cat_elements_id']) > 0)
-{
-  $nav_bar = create_navigation_bar(
-    $base_url.get_query_string_diff(array('start')),
-    count($page['cat_elements_id']),
-    $page['start'],
-    $page['nb_images']
-    );
-  $template->assign(array('navbar' => $nav_bar));
-
-  $element_ids = array();
-
-  $is_category = false;
-  if (isset($_SESSION['bulk_manager_filter']['category'])
-      and !isset($_SESSION['bulk_manager_filter']['category_recursive']))
-  {
-    $is_category = true;
-  }
-
-  if (isset($_SESSION['bulk_manager_filter']['prefilter'])
-      and 'duplicates' == $_SESSION['bulk_manager_filter']['prefilter'])
-  {
-    $conf['order_by'] = ' ORDER BY file, id';
-  }
-
-
-  $query = '
-SELECT *
-  FROM '.IMAGES_TABLE;
-
-  if ($is_category)
-  {
-    $category_info = get_cat_info($_SESSION['bulk_manager_filter']['category']);
-
-    $conf['order_by'] = $conf['order_by_inside_category'];
-    if (!empty($category_info['image_order']))
-    {
-      $conf['order_by'] = ' ORDER BY '.$category_info['image_order'];
-    }
-
-    $query.= '
-    JOIN '.IMAGE_CATEGORY_TABLE.' ON id = image_id';
-  }
-
-  $query.= '
-  WHERE id IN ('.implode(',', $page['cat_elements_id']).')';
-
-  if ($is_category)
-  {
-    $query.= '
-    AND category_id = '.$_SESSION['bulk_manager_filter']['category'];
-  }
-
-  $query.= '
-  '.$conf['order_by'].'
-  LIMIT '.$page['nb_images'].' OFFSET '.$page['start'].'
-;';
-  $result = pwg_query($query);
-
-  while ($row = pwg_db_fetch_assoc($result))
-  {
-    $element_ids[] = $row['id'];
-
-    $src_image = new SrcImage($row);
-
-    $query = '
-SELECT
-    id,
-    name
-  FROM '.IMAGE_TAG_TABLE.' AS it
-    JOIN '.TAGS_TABLE.' AS t ON t.id = it.tag_id
-  WHERE image_id = '.$row['id'].'
-;';
-    $tag_selection = get_taglist($query);
-
-    $legend = render_element_name($row);
-    if ($legend != get_name_from_file($row['file']))
-    {
-      $legend.= ' ('.$row['file'].')';
-    }
-
-    $template->append(
-      'elements', array_merge($row,
-      array(
-        'ID' => $row['id'],
-        'TN_SRC' => DerivativeImage::url(IMG_THUMB, $src_image),
-        'FILE_SRC' => DerivativeImage::url(IMG_LARGE, $src_image),
-        'LEGEND' => $legend,
-        'U_EDIT' => get_root_url().'admin.php?page=photo-'.$row['id'],
-        'NAME' => htmlspecialchars(@$row['name']),
-        'AUTHOR' => htmlspecialchars(@$row['author']),
-        'LEVEL' => !empty($row['level'])?$row['level']:'0',
-        'DESCRIPTION' => htmlspecialchars(@$row['comment']),
-        'DATE_CREATION' => $row['date_creation'],
-        'TAGS' => $tag_selection,
-        )
-      ));
-  }
-
-  $template->assign(array(
-    'ELEMENT_IDS' => implode(',', $element_ids),
-    'CACHE_KEYS' => get_admin_client_cache_keys(array('tags')),
-    ));
-}
-
-trigger_notify('loc_end_element_set_unit');
-
-// +-----------------------------------------------------------------------+
-// |                           sending html code                           |
-// +-----------------------------------------------------------------------+
-
-$template->assign_var_from_handle('ADMIN_CONTENT', 'batch_manager_unit');
-?>

admin/cat_list.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -33,22 +33,13 @@ include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
 // +-----------------------------------------------------------------------+
 check_status(ACCESS_ADMINISTRATOR);
 
-trigger_notify('loc_begin_cat_list');
+trigger_action('loc_begin_cat_list');
 
 if (!empty($_POST) or isset($_GET['delete']))
 {
   check_pwg_token();
 }
 
-$sort_orders = array(
-  'name ASC' => l10n('Album name, A &rarr; Z'),
-  'name DESC' => l10n('Album name, Z &rarr; A'),
-  'date_creation DESC' => l10n('Date created, new &rarr; old'),
-  'date_creation ASC' => l10n('Date created, old &rarr; new'),
-  'date_available DESC' => l10n('Date posted, new &rarr; old'),
-  'date_available ASC' => l10n('Date posted, old &rarr; new'),
-  );
-
 // +-----------------------------------------------------------------------+
 // |                               functions                               |
 // +-----------------------------------------------------------------------+
@@ -64,30 +55,11 @@ $sort_orders = array(
  */
 function save_categories_order($categories)
 {
-  $current_rank_for_id_uppercat = array();
   $current_rank = 0;
-  
   $datas = array();
-  foreach ($categories as $category)
+  foreach ($categories as $id)
   {
-    if (is_array($category))
-    {
-      $id = $category['id'];
-      $id_uppercat = $category['id_uppercat'];
-
-      if (!isset($current_rank_for_id_uppercat[$id_uppercat]))
-      {
-        $current_rank_for_id_uppercat[$id_uppercat] = 0;
-      }
-      $current_rank = ++$current_rank_for_id_uppercat[$id_uppercat];
-    }
-    else
-    {
-      $id = $category;
-      $current_rank++;
-    }
-    
-    $datas[] = array('id' => $id, 'rank' => $current_rank);
+    array_push($datas, array('id' => $id, 'rank' => ++$current_rank));
   }
   $fields = array('primary' => array('id'), 'update' => array('rank'));
   mass_updates(CATEGORIES_TABLE, $fields, $datas);
@@ -95,77 +67,6 @@ function save_categories_order($categories)
   update_global_rank();
 }
 
-function get_categories_ref_date($ids, $field='date_available', $minmax='max')
-{
-  // we need to work on the whole tree under each category, even if we don't
-  // want to sort sub categories
-  $category_ids = get_subcat_ids($ids);
-  
-  // search for the reference date of each album
-  $query = '
-SELECT
-    category_id,
-    '.$minmax.'('.$field.') as ref_date
-  FROM '.IMAGE_CATEGORY_TABLE.'
-    JOIN '.IMAGES_TABLE.' ON image_id = id
-  WHERE category_id IN ('.implode(',', $category_ids).')
-  GROUP BY category_id
-;';
-  $ref_dates = query2array($query, 'category_id', 'ref_date');
-
-  // the iterate on all albums (having a ref_date or not) to find the
-  // reference_date, with a search on sub-albums
-  $query = '
-SELECT
-    id,
-    uppercats
-  FROM '.CATEGORIES_TABLE.'
-  WHERE id IN ('.implode(',', $category_ids).')
-;';
-  $uppercats_of = query2array($query, 'id', 'uppercats');
-
-  foreach (array_keys($uppercats_of) as $cat_id)
-  {
-    // find the subcats
-    $subcat_ids = array();
-    
-    foreach ($uppercats_of as $id => $uppercats)
-    {
-      if (preg_match('/(^|,)'.$cat_id.'(,|$)/', $uppercats))
-      {
-        $subcat_ids[] = $id;
-      }
-    }
-
-    $to_compare = array();
-    foreach ($subcat_ids as $id)
-    {
-      if (isset($ref_dates[$id]))
-      {
-        $to_compare[] = $ref_dates[$id];
-      }
-    }
-
-    if (count($to_compare) > 0)
-    {
-      $ref_dates[$cat_id] = 'max' == $minmax ? max($to_compare) : min($to_compare);
-    }
-    else
-    {
-      $ref_dates[$cat_id] = null;
-    }
-  }
-
-  // only return the list of $ids, not the sub-categories
-  $return = array();
-  foreach ($ids as $id)
-  {
-    $return[$id] = $ref_dates[$id];
-  }
-  
-  return $return;
-}
-
 // +-----------------------------------------------------------------------+
 // |                            initialization                             |
 // +-----------------------------------------------------------------------+
@@ -179,127 +80,96 @@ $navigation = '<a href="'.$base_url.'">';
 $navigation.= l10n('Home');
 $navigation.= '</a>';
 
-// +-----------------------------------------------------------------------+
-// | tabs                                                                  |
-// +-----------------------------------------------------------------------+
-
-$page['tab'] = 'list';
-include(PHPWG_ROOT_PATH.'admin/include/albums_tab.inc.php');
-
 // +-----------------------------------------------------------------------+
 // |                    virtual categories management                      |
 // +-----------------------------------------------------------------------+
-// request to delete a virtual category
-if (isset($_GET['delete']) and is_numeric($_GET['delete']))
+// request to delete a virtual category / not for an adviser
+if (isset($_GET['delete']) and is_numeric($_GET['delete']) and !is_adviser())
 {
   delete_categories(array($_GET['delete']));
-  $_SESSION['page_infos'] = array(l10n('Virtual album deleted'));
+  $_SESSION['page_infos'] = array(l10n('Virtual category deleted'));
   update_global_rank();
-  invalidate_user_cache();
 
   $redirect_url = get_root_url().'admin.php?page=cat_list';
   if (isset($_GET['parent_id']))
   {
     $redirect_url.= '&parent_id='.$_GET['parent_id'];
-  }
+  }  
   redirect($redirect_url);
 }
 // request to add a virtual category
-elseif (isset($_POST['submitAdd']))
+else if (isset($_POST['submitAdd']))
 {
   $output_create = create_virtual_category(
     $_POST['virtual_name'],
     @$_GET['parent_id']
     );
 
-  invalidate_user_cache();
   if (isset($output_create['error']))
   {
-    $page['errors'][] = $output_create['error'];
+    array_push($page['errors'], $output_create['error']);
   }
   else
   {
-    $page['infos'][] = $output_create['info'];
+    array_push($page['infos'], $output_create['info']);
   }
 }
 // save manual category ordering
-elseif (isset($_POST['submitManualOrder']))
+else if (isset($_POST['submitOrder']))
 {
   asort($_POST['catOrd'], SORT_NUMERIC);
   save_categories_order(array_keys($_POST['catOrd']));
 
-  $page['infos'][] = l10n('Album manual order was saved');
+  array_push(
+    $page['infos'],
+    l10n('Categories manual order was saved')
+    );
 }
-elseif (isset($_POST['submitAutoOrder']))
+// sort categories alpha-numerically
+else if (isset($_POST['submitOrderAlphaNum']))
 {
-  if (!isset($sort_orders[ $_POST['order_by'] ]))
-  {
-    die('Invalid sort order');
-  }
-
   $query = '
-SELECT id
+SELECT id, name
   FROM '.CATEGORIES_TABLE.'
   WHERE id_uppercat '.
     (!isset($_GET['parent_id']) ? 'IS NULL' : '= '.$_GET['parent_id']).'
 ;';
-  $category_ids = array_from_query($query, 'id');
-
-  if (isset($_POST['recursive']))
+  $result = pwg_query($query);
+  while ($row = pwg_db_fetch_assoc($result))
   {
-    $category_ids = get_subcat_ids($category_ids);
-  }
-  
-  $categories = array();
-  $sort = array();
-
-  list($order_by_field, $order_by_asc) = explode(' ', $_POST['order_by']);
-  
-  $order_by_date = false;
-  if (strpos($order_by_field, 'date_') === 0)
-  {
-    $order_by_date = true;
-    
-    $ref_dates = get_categories_ref_date(
-      $category_ids,
-      $order_by_field,
-      'ASC' == $order_by_asc ? 'min' : 'max'
-      );
+    $categories[ $row['id'] ] = strtolower($row['name']);
   }
 
+  asort($categories, SORT_REGULAR);
+  save_categories_order(array_keys($categories));
+
+  array_push(
+    $page['infos'],
+    l10n('Categories ordered alphanumerically')
+    );
+}
+// sort categories alpha-numerically reverse
+else if (isset($_POST['submitOrderAlphaNumReverse']))
+{
   $query = '
-SELECT id, name, id_uppercat
+SELECT id, name
   FROM '.CATEGORIES_TABLE.'
-  WHERE id IN ('.implode(',', $category_ids).')
+  WHERE id_uppercat '.
+    (!isset($_GET['parent_id']) ? 'IS NULL' : '= '.$_GET['parent_id']).'
 ;';
   $result = pwg_query($query);
   while ($row = pwg_db_fetch_assoc($result))
   {
-    if ($order_by_date)
-    {
-      $sort[] = $ref_dates[ $row['id'] ];
-    }
-    else
-    {
-      $sort[] = remove_accents($row['name']);
-    }
-    
-    $categories[] = array(
-      'id' => $row['id'],
-      'id_uppercat' => $row['id_uppercat'],
-      );
+    $categories[ $row['id'] ] = strtolower($row['name']);
   }
 
-  array_multisort(
-    $sort,
-    SORT_REGULAR,
-    'ASC' == $order_by_asc ? SORT_ASC : SORT_DESC,
-    $categories
-    );
-  
-  save_categories_order($categories);
+  arsort($categories, SORT_REGULAR);
+  save_categories_order(array_keys($categories));
 
-  $page['infos'][] = l10n('Albums automatically sorted');
+  array_push(
+    $page['infos'],
+    l10n('Categories ordered alphanumerically reverse')
+    );
 }
 
 // +-----------------------------------------------------------------------+
@@ -312,7 +182,8 @@ if (isset($_GET['parent_id']))
 
   $navigation.= get_cat_display_name_from_id(
     $_GET['parent_id'],
-    $base_url.'&amp;parent_id='
+    $base_url.'&amp;parent_id=',
+    false
     );
 }
 // +-----------------------------------------------------------------------+
@@ -325,14 +196,11 @@ if (isset($_GET['parent_id']))
 {
   $form_action.= '&amp;parent_id='.$_GET['parent_id'];
 }
-$sort_orders_checked = array_keys($sort_orders);
 
 $template->assign(array(
   'CATEGORIES_NAV'=>$navigation,
   'F_ACTION'=>$form_action,
   'PWG_TOKEN' => get_pwg_token(),
-  'sort_orders' => $sort_orders,
-  'sort_order_checked' => array_shift($sort_orders_checked),
  ));
 
 // +-----------------------------------------------------------------------+
@@ -361,66 +229,17 @@ $categories = hash_from_query($query, 'id');
 
 // get the categories containing images directly 
 $categories_with_images = array();
-if (count($categories))
+if ( count($categories) )
 {
   $query = '
-SELECT
-    category_id,
-    COUNT(*) AS nb_photos
+SELECT DISTINCT category_id 
   FROM '.IMAGE_CATEGORY_TABLE.'
-  GROUP BY category_id
-;';
-  // WHERE category_id IN ('.implode(',', array_keys($categories)).')
-
-  $nb_photos_in = query2array($query, 'category_id', 'nb_photos');
-
-  $query = '
-SELECT
-    id,
-    uppercats
-  FROM '.CATEGORIES_TABLE.'
-;';
-  $all_categories = query2array($query, 'id', 'uppercats');
-  $subcats_of = array();
-
-  foreach (array_keys($categories) as $cat_id)
-  {
-    foreach ($all_categories as $id => $uppercats)
-    {
-      if (preg_match('/(^|,)'.$cat_id.',/', $uppercats))
-      {
-        @$subcats_of[$cat_id][] = $id;
-      }
-    }
-  }
-
-  $nb_sub_photos = array();
-  foreach ($subcats_of as $cat_id => $subcat_ids)
-  {
-    $nb_photos = 0;
-    foreach ($subcat_ids as $id)
-    {
-      if (isset($nb_photos_in[$id]))
-      {
-        $nb_photos+= $nb_photos_in[$id];
-      }
-    }
-
-    $nb_sub_photos[$cat_id] = $nb_photos;
-  }
+  WHERE category_id IN ('.implode(',', array_keys($categories)).')';
+  $categories_with_images = array_flip( array_from_query($query, 'category_id') );
 }
 
 $template->assign('categories', array());
 $base_url = get_root_url().'admin.php?page=';
-
-if (isset($_GET['parent_id']))
-{
-  $template->assign(
-    'PARENT_EDIT',
-    $base_url.'album-'.$_GET['parent_id']
-    );
-}
-
 foreach ($categories as $category)
 {
   $cat_list_url = $base_url.'cat_list';
@@ -434,14 +253,11 @@ foreach ($categories as $category)
   $tpl_cat =
     array(
       'NAME'       => 
-        trigger_change(
+        trigger_event(
           'render_category_name',
           $category['name'],
           'admin_cat_list'
           ),
-      'NB_PHOTOS' => isset($nb_photos_in[$category['id']]) ? $nb_photos_in[$category['id']] : 0,
-      'NB_SUB_PHOTOS' => isset($nb_sub_photos[$category['id']]) ? $nb_sub_photos[$category['id']] : 0,
-      'NB_SUB_ALBUMS' => isset($subcats_of[$category['id']]) ? count($subcats_of[$category['id']]) : 0,
       'ID'         => $category['id'],
       'RANK'       => $category['rank']*10,
 
@@ -452,7 +268,7 @@ foreach ($categories as $category)
         ),
 
       'U_CHILDREN' => $cat_list_url.'&amp;parent_id='.$category['id'],
-      'U_EDIT'     => $base_url.'album-'.$category['id'],
+      'U_EDIT'     => $base_url.'cat_modify&amp;cat_id='.$category['id'],
 
       'IS_VIRTUAL' => empty($category['dir'])
     );
@@ -462,18 +278,22 @@ foreach ($categories as $category)
     $tpl_cat['U_DELETE'] = $self_url.'&amp;delete='.$category['id'];
     $tpl_cat['U_DELETE'].= '&amp;pwg_token='.get_pwg_token();
   }
-  else
+
+  if ( array_key_exists($category['id'], $categories_with_images) )
   {
-    if ($conf['enable_synchronization'])
-    {
-      $tpl_cat['U_SYNC'] = $base_url.'site_update&amp;site=1&amp;cat_id='.$category['id'];
-    }
+    $tpl_cat['U_MANAGE_ELEMENTS']=
+      $base_url.'element_set&amp;cat='.$category['id'];
   }
 
+  if ('private' == $category['status'])
+  {
+    $tpl_cat['U_MANAGE_PERMISSIONS']=
+      $base_url.'cat_perm&amp;cat='.$category['id'];
+  }
   $template->append('categories', $tpl_cat);
 }
 
-trigger_notify('loc_end_cat_list');
+trigger_action('loc_end_cat_list');
 
 // +-----------------------------------------------------------------------+
 // |                          sending html code                            |

admin/cat_modify.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -28,82 +28,12 @@ if (!defined('PHPWG_ROOT_PATH'))
 
 include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
 
-
-// get_complete_dir returns the concatenation of get_site_url and
-// get_local_dir
-// Example : "pets > rex > 1_year_old" is on the the same site as the
-// Piwigo files and this category has 22 for identifier
-// get_complete_dir(22) returns "./galleries/pets/rex/1_year_old/"
-function get_complete_dir( $category_id )
-{
-  return get_site_url($category_id).get_local_dir($category_id);
-}
-
-// get_local_dir returns an array with complete path without the site url
-// Example : "pets > rex > 1_year_old" is on the the same site as the
-// Piwigo files and this category has 22 for identifier
-// get_local_dir(22) returns "pets/rex/1_year_old/"
-function get_local_dir( $category_id )
-{
-  global $page;
-
-  $uppercats = '';
-  $local_dir = '';
-
-  if ( isset( $page['plain_structure'][$category_id]['uppercats'] ) )
-  {
-    $uppercats = $page['plain_structure'][$category_id]['uppercats'];
-  }
-  else
-  {
-    $query = 'SELECT uppercats';
-    $query.= ' FROM '.CATEGORIES_TABLE.' WHERE id = '.$category_id;
-    $query.= ';';
-    $row = pwg_db_fetch_assoc( pwg_query( $query ) );
-    $uppercats = $row['uppercats'];
-  }
-
-  $upper_array = explode( ',', $uppercats );
-
-  $database_dirs = array();
-  $query = 'SELECT id,dir';
-  $query.= ' FROM '.CATEGORIES_TABLE.' WHERE id IN ('.$uppercats.')';
-  $query.= ';';
-  $result = pwg_query( $query );
-  while( $row = pwg_db_fetch_assoc( $result ) )
-  {
-    $database_dirs[$row['id']] = $row['dir'];
-  }
-  foreach ($upper_array as $id)
-  {
-    $local_dir.= $database_dirs[$id].'/';
-  }
-
-  return $local_dir;
-}
-
-// retrieving the site url : "http://domain.com/gallery/" or
-// simply "./galleries/"
-function get_site_url($category_id)
-{
-  global $page;
-
-  $query = '
-SELECT galleries_url
-  FROM '.SITES_TABLE.' AS s,'.CATEGORIES_TABLE.' AS c
-  WHERE s.id = c.site_id
-    AND c.id = '.$category_id.'
-;';
-  $row = pwg_db_fetch_assoc(pwg_query($query));
-  return $row['galleries_url'];
-}
-
 // +-----------------------------------------------------------------------+
 // | Check Access and exit when user status is not ok                      |
 // +-----------------------------------------------------------------------+
 check_status(ACCESS_ADMINISTRATOR);
 
-trigger_notify('loc_begin_cat_modify');
+trigger_action('loc_begin_cat_modify');
 
 //---------------------------------------------------------------- verification
 if ( !isset( $_GET['cat_id'] ) || !is_numeric( $_GET['cat_id'] ) )
@@ -114,70 +44,157 @@ if ( !isset( $_GET['cat_id'] ) || !is_numeric( $_GET['cat_id'] ) )
 //--------------------------------------------------------- form criteria check
 if (isset($_POST['submit']))
 {
-  $data = array(
-    'id' => $_GET['cat_id'],
-    'name' => @$_POST['name'],
-    'comment' =>
-      $conf['allow_html_descriptions'] ?
-        @$_POST['comment'] : strip_tags(@$_POST['comment']),
-    );
-     
-  if ($conf['activate_comments'])
+  $image_order = null;
+  if ( !isset($_POST['image_order_default']) )
   {
-    $data['commentable'] = isset($_POST['commentable'])?$_POST['commentable']:'false';
+    for ($i=1; $i<=3; $i++)
+    {
+      if ( !empty($_POST['order_field_'.$i]) )
+      {
+        if (! empty($image_order) )
+        {
+          $image_order .= ',';
+        }
+        $image_order .= $_POST['order_field_'.$i];
+        if ($_POST['order_direction_'.$i]=='DESC')
+        {
+          $image_order .= ' DESC';
+        }
+      }
+    }
   }
-  
-  single_update(
+
+  $data =
+    array(
+      'id' => $_GET['cat_id'],
+      'name' => @$_POST['name'],
+      'commentable' => isset($_POST['commentable'])?$_POST['commentable']:'false',
+      'uploadable' =>
+        isset($_POST['uploadable']) ? $_POST['uploadable'] : 'false',
+      'comment' =>
+        $conf['allow_html_descriptions'] ?
+          @$_POST['comment'] : strip_tags(@$_POST['comment']),
+      'image_order' => $image_order,
+      );
+
+  mass_updates(
     CATEGORIES_TABLE,
-    $data,
-    array('id' => $data['id'])
+    array(
+      'primary' => array('id'),
+      'update' => array_diff(array_keys($data), array('id'))
+      ),
+    array($data)
     );
-  if (isset($_POST['apply_commentable_on_sub']))
-  {
-    $subcats = get_subcat_ids(array('id' => $data['id']));
-    $query = '
-UPDATE '.CATEGORIES_TABLE.'
-  SET commentable = \''.$data['commentable'].'\'
-  WHERE id IN ('.implode(',', $subcats).')
-;';
-    pwg_query($query);
-  }
 
   // retrieve cat infos before continuing (following updates are expensive)
   $cat_info = get_cat_info($_GET['cat_id']);
 
-  if ($_POST['visible']=='true_sub')
+  if (isset($_POST['image_order_subcats']))
   {
-    set_cat_visible(array($_GET['cat_id']), true, true);
+    $query = '
+UPDATE '.CATEGORIES_TABLE.' SET image_order='.(isset($image_order) ? 'NULL':'\''.$image_order.'\'').'
+  WHERE uppercats LIKE \''.$cat_info['uppercats'].',%\'';
+    pwg_query($query);
   }
-  elseif ($cat_info['visible'] != get_boolean( $_POST['visible'] ) )
+
+  if ($cat_info['visible'] != get_boolean( $_POST['visible'] ) )
   {
     set_cat_visible(array($_GET['cat_id']), $_POST['visible']);
   }
-
-  // in case the use moves his album to the gallery root, we force
-  // $_POST['parent'] from 0 to null to be compared with
-  // $cat_info['id_uppercat']
-  if (empty($_POST['parent']))
+  if ($cat_info['status'] != $_POST['status'] )
   {
-    $_POST['parent'] = null;
+    set_cat_status(array($_GET['cat_id']), $_POST['status']);
   }
 
-  // only move virtual albums
-  if (empty($cat_info['dir']) and $cat_info['id_uppercat'] != $_POST['parent'])
+  if (isset($_POST['parent']) and $cat_info['id_uppercat'] != $_POST['parent'])
   {
     move_categories( array($_GET['cat_id']), $_POST['parent'] );
   }
 
-  $_SESSION['page_infos'][] = l10n('Album updated successfully');
-  $redirect = true;
+  array_push($page['infos'], l10n('Category informations updated successfully.'));
 }
-
-if (isset($redirect))
+elseif (isset($_POST['set_random_representant']))
 {
-  redirect($admin_album_base_url.'-properties');
+  set_random_representant(array($_GET['cat_id']));
+}
+elseif (isset($_POST['delete_representant']))
+{
+  $query = '
+UPDATE '.CATEGORIES_TABLE.'
+  SET representative_picture_id = NULL
+  WHERE id = '.$_GET['cat_id'].'
+;';
+  pwg_query($query);
+}
+elseif (isset($_POST['submitAdd']))
+{
+  $output_create = create_virtual_category(
+    $_POST['virtual_name'],
+    (0 == $_POST['parent'] ? null : $_POST['parent'])
+    );
+
+  if (isset($output_create['error']))
+  {
+    array_push($page['errors'], $output_create['error']);
+  }
+  else
+  {
+    // Virtual category creation succeeded
+    //
+    // Add the information in the information list
+    array_push($page['infos'], $output_create['info']);
+
+    // Link the new category to the current category
+    associate_categories_to_categories(
+      array($_GET['cat_id']),
+      array($output_create['id'])
+      );
+
+    // information
+    array_push(
+      $page['infos'],
+      sprintf(
+        l10n('Category elements associated to the following categories: %s'),
+        '<ul><li>'
+        .get_cat_display_name_from_id($output_create['id'])
+        .'</li></ul>'
+        )
+      );
+  }
+}
+elseif (isset($_POST['submitDestinations'])
+         and isset($_POST['destinations'])
+         and count($_POST['destinations']) > 0)
+{
+  associate_categories_to_categories(
+    array($_GET['cat_id']),
+    $_POST['destinations']
+    );
+
+  $category_names = array();
+  foreach ($_POST['destinations'] as $category_id)
+  {
+    array_push(
+      $category_names,
+      get_cat_display_name_from_id($category_id)
+      );
+  }
+
+  array_push(
+    $page['infos'],
+    sprintf(
+      l10n('Category elements associated to the following categories: %s'),
+      '<ul><li>'.implode('</li><li>', $category_names).'</li></ul>'
+      )
+    );
 }
 
+$query = '
+SELECT *
+  FROM '.CATEGORIES_TABLE.'
+  WHERE id = '.$_GET['cat_id'].'
+;';
+$category = pwg_db_fetch_assoc( pwg_query( $query ) );
 // nullable fields
 foreach (array('comment','dir','site_id', 'id_uppercat') as $nullable)
 {
@@ -199,13 +216,13 @@ $category['has_images'] = pwg_db_num_rows($result)>0 ? true : false;
 // Navigation path
 $navigation = get_cat_display_name_cache(
   $category['uppercats'],
-  get_root_url().'admin.php?page=album-'
+  get_root_url().'admin.php?page=cat_modify&amp;cat_id='
   );
 
-$form_action = $admin_album_base_url.'-properties';
+$form_action = get_root_url().'admin.php?page=cat_modify&amp;cat_id='.$_GET['cat_id'];
 
 //----------------------------------------------------- template initialization
-$template->set_filename( 'album_properties', 'cat_modify.tpl');
+$template->set_filename( 'categories', 'cat_modify.tpl');
 
 $base_url = get_root_url().'admin.php?page=';
 $cat_list_url = $base_url.'cat_list';
@@ -222,7 +239,16 @@ $template->assign(
     'CAT_ID'             => $category['id'],
     'CAT_NAME'           => @htmlspecialchars($category['name']),
     'CAT_COMMENT'        => @htmlspecialchars($category['comment']),
+
+    'status_values'     => array('public','private'),
+
+    'CAT_STATUS'        => $category['status'],
     'CAT_VISIBLE'       => boolean_to_string($category['visible']),
+    'CAT_COMMENTABLE'   => boolean_to_string($category['commentable']),
+    'CAT_UPLOADABLE'    => boolean_to_string($category['uploadable']),
+
+    'IMG_ORDER_DEFAULT'  => empty($category['image_order']) ?
+                              'checked="checked"' : '',
 
     'U_JUMPTO' => make_index_url(
       array(
@@ -230,68 +256,35 @@ $template->assign(
         )
       ),
 
-    'U_ADD_PHOTOS_ALBUM' => $base_url.'photos_add&amp;album='.$category['id'],
+    'MAIL_CONTENT' => empty($_POST['mail_content'])
+        ? '' : stripslashes($_POST['mail_content']),
     'U_CHILDREN' => $cat_list_url.'&amp;parent_id='.$category['id'],
     'U_HELP' => get_root_url().'admin/popuphelp.php?page=cat_modify',
 
     'F_ACTION' => $form_action,
     )
   );
- 
-if ($conf['activate_comments'])
+
+
+if ('private' == $category['status'])
 {
-  $template->assign('CAT_COMMENTABLE', boolean_to_string($category['commentable']));
+  $template->assign( 'U_MANAGE_PERMISSIONS',
+      $base_url.'cat_perm&amp;cat='.$category['id']
+    );
 }
 
-// manage album elements link
+// manage category elements link
 if ($category['has_images'])
 {
   $template->assign(
     'U_MANAGE_ELEMENTS',
-    $base_url.'batch_manager&amp;filter=album-'.$category['id']
+    $base_url.'element_set&amp;cat='.$category['id']
+    );
+  $template->assign(
+    'U_MANAGE_RANKS',
+    $base_url.'element_set_ranks&amp;cat_id='.$category['id']
     );
-
-  $query = '
-SELECT
-    COUNT(image_id),
-    MIN(DATE(date_available)),
-    MAX(DATE(date_available))
-  FROM '.IMAGES_TABLE.'
-    JOIN '.IMAGE_CATEGORY_TABLE.' ON image_id = id
-  WHERE category_id = '.$category['id'].'
-;';
-  list($image_count, $min_date, $max_date) = pwg_db_fetch_row(pwg_query($query));
-
-  if ($min_date == $max_date)
-  {
-    $intro = l10n(
-      'This album contains %d photos, added on %s.',
-      $image_count,
-      format_date($min_date)
-      );
-  }
-  else
-  {
-    $intro = l10n(
-      'This album contains %d photos, added between %s and %s.',
-      $image_count,
-      format_date($min_date),
-      format_date($max_date)
-      );
-  }
 }
-else
-{
-  $intro = l10n('This album contains no photo.');
-}
-
-$intro.= '<br>'.l10n('Numeric identifier : %d', $category['id']);
-
-$template->assign(array(
-  'INTRO' => $intro,
-  'U_MANAGE_RANKS' => $base_url.'element_set_ranks&amp;cat_id='.$category['id'],
-  'CACHE_KEYS' => get_admin_client_cache_keys(array('categories')),
-  ));
 
 if ($category['is_virtual'])
 {
@@ -306,22 +299,69 @@ else
   $category['cat_full_dir'] = get_complete_dir($_GET['cat_id']);
   $template->assign(
     array(
-      'CAT_FULL_DIR' => preg_replace('/\/$/', '', $category['cat_full_dir'])
+      'CAT_FULL_DIR'       => preg_replace('/\/$/',
+                                    '',
+                                    $category['cat_full_dir'] )
       )
     );
-
-  if ($conf['enable_synchronization'])
+  if (!url_is_remote($category['cat_full_dir']) )
   {
-    $template->assign(
-      'U_SYNC',
-      $base_url.'site_update&amp;site=1&amp;cat_id='.$category['id']
-      );
+    $template->assign('SHOW_UPLOADABLE', true);
   }
-
 }
 
+// image order management
+
+$sort_fields = array(
+  '' => '',
+  'date_creation' => l10n('Creation date'),
+  'date_available' => l10n('Post date'),
+  'average_rate' => l10n('Average rate'),
+  'hit' => l10n('Most visited'),
+  'file' => l10n('File name'),
+  'id' => 'Id',
+  'rank' => l10n('Rank'),
+  );
+
+$sort_directions = array(
+  'ASC' => l10n('ascending'),
+  'DESC' => l10n('descending'),
+  );
+
+$template->assign( 'image_order_field_options', $sort_fields);
+$template->assign( 'image_order_direction_options', $sort_directions);
+
+$matches = array();
+if ( !empty( $category['image_order'] ) )
+{
+  preg_match_all('/([a-z_]+) *(?:(asc|desc)(?:ending)?)? *(?:, *|$)/i',
+    $category['image_order'], $matches);
+}
+
+for ($i=0; $i<3; $i++) // 3 fields
+{
+  $tpl_image_order_select = array(
+      'ID' => $i+1,
+      'FIELD' => array(''),
+      'DIRECTION' => array('ASC'),
+    );
+
+  if ( isset($matches[1][$i]) )
+  {
+    $tpl_image_order_select['FIELD'] = array($matches[1][$i]);
+  }
+
+  if (isset($matches[2][$i]) and strcasecmp($matches[2][$i],'DESC')==0)
+  {
+    $tpl_image_order_select['DIRECTION'] = array('DESC');
+  }
+  $template->append( 'image_orders', $tpl_image_order_select);
+}
+
+
 // representant management
-if ($category['has_images'] or !empty($category['representative_picture_id']))
+if ($category['has_images']
+    or !empty($category['representative_picture_id']))
 {
   $tpl_representant = array();
 
@@ -329,7 +369,21 @@ if ($category['has_images'] or !empty($category['representative_picture_id']))
   // representant ?
   if (!empty($category['representative_picture_id']))
   {
-    $tpl_representant['picture'] = get_category_representant_properties($category['representative_picture_id']);
+    $query = '
+SELECT id,tn_ext,path
+  FROM '.IMAGES_TABLE.'
+  WHERE id = '.$category['representative_picture_id'].'
+;';
+    $row = pwg_db_fetch_assoc(pwg_query($query));
+    $src = get_thumbnail_url($row);
+    $url = get_root_url().'admin.php?page=picture_modify';
+    $url.= '&amp;image_id='.$category['representative_picture_id'];
+
+    $tpl_representant['picture'] =
+      array(
+        'SRC' => $src,
+        'URL' => $url
+      );
   }
 
   // can the admin choose to set a new random representant ?
@@ -350,11 +404,161 @@ if ($category['has_images'] or !empty($category['representative_picture_id']))
 
 if ($category['is_virtual'])
 {
-  $template->assign('parent_category', empty($category['id_uppercat']) ? array() : array($category['id_uppercat']));
+  // the category can be moved in any category but in itself, in any
+  // sub-category
+  $unmovables = get_subcat_ids(array($category['id']));
+
+  $query = '
+SELECT id,name,uppercats,global_rank
+  FROM '.CATEGORIES_TABLE.'
+  WHERE id NOT IN ('.implode(',', $unmovables).')
+;';
+
+  display_select_cat_wrapper(
+    $query,
+    empty($category['id_uppercat']) ? array() : array($category['id_uppercat']),
+    'move_cat_options'
+    );
 }
 
-trigger_notify('loc_end_cat_modify');
+
+// create virtual in parent and link
+$query = '
+SELECT id,name,uppercats,global_rank
+  FROM '.CATEGORIES_TABLE.'
+;';
+display_select_cat_wrapper(
+  $query,
+  array(),
+  'create_new_parent_options'
+  );
+
+
+// destination categories
+$query = '
+SELECT id,name,uppercats,global_rank
+  FROM '.CATEGORIES_TABLE.'
+  WHERE id != '.$category['id'].'
+;';
+display_select_cat_wrapper(
+  $query,
+  array(),
+  'category_destination_options'
+  );
+
+// info by email to an access granted group of category informations
+if (isset($_POST['submitEmail']) and !empty($_POST['group']))
+{
+  set_make_full_url();
+
+  /* TODO: if $category['representative_picture_id']
+    is empty find child representative_picture_id */
+  if (!empty($category['representative_picture_id']))
+  {
+    $query = '
+SELECT id, file, path, tn_ext
+  FROM '.IMAGES_TABLE.'
+  WHERE id = '.$category['representative_picture_id'].'
+;';
+
+    $result = pwg_query($query);
+    if (pwg_db_num_rows($result) > 0)
+    {
+      $element = pwg_db_fetch_assoc($result);
+
+      $img_url  = '<a href="'.
+                      make_picture_url(array(
+                          'image_id' => $element['id'],
+                          'image_file' => $element['file'],
+                          'category' => $category
+                        ))
+                      .'" class="thumblnk"><img src="'.get_thumbnail_url($element).'"></a>';
+    }
+  }
+
+  if (!isset($img_url))
+  {
+    $img_url = '';
+  }
+
+  // TODO Mettre un array pour traduction subjet
+  pwg_mail_group(
+    $_POST['group'],
+    get_str_email_format(true), /* TODO add a checkbox in order to choose format*/
+    get_l10n_args('[%s] Come to visit the category %s',
+      array($conf['gallery_title'], $category['name'])),
+    'cat_group_info',
+    array
+    (
+      'IMG_URL' => $img_url,
+      'CAT_NAME' => $category['name'],
+      'LINK' => make_index_url(
+          array(
+            'category' => array(
+              'id' => $category['id'],
+              'name' => $category['name'],
+              'permalink' => $category['permalink']
+              ))),
+      'CPL_CONTENT' => empty($_POST['mail_content'])
+                          ? '' : stripslashes($_POST['mail_content'])
+    ),
+    '' /* TODO Add listbox in order to choose Language selected */);
+
+  unset_make_full_url();
+
+  $query = '
+SELECT
+    name
+  FROM '.GROUPS_TABLE.'
+  WHERE id = '.$_POST['group'].'
+;';
+  list($group_name) = pwg_db_fetch_row(pwg_query($query));
+
+  array_push(
+    $page['infos'],
+    sprintf(
+      l10n('An information email was sent to group "%s"'),
+      $group_name
+      )
+    );
+}
+
+if ('private' == $category['status'])
+{
+  $query = '
+SELECT
+    group_id
+  FROM '.GROUP_ACCESS_TABLE.'
+  WHERE cat_id = '.$category['id'].'
+;';
+}
+else
+{
+  $query = '
+SELECT
+    id AS group_id
+  FROM '.GROUPS_TABLE.'
+;';
+}
+$group_ids = array_from_query($query, 'group_id');
+
+if (count($group_ids) > 0)
+{
+  $query = '
+SELECT
+    id,
+    name
+  FROM '.GROUPS_TABLE.'
+  WHERE id IN ('.implode(',', $group_ids).')
+  ORDER BY name ASC
+;';
+  $template->assign('group_mail_options',
+      simple_hash_from_query($query, 'id', 'name')
+    );
+}
+
+trigger_action('loc_end_cat_modify');
 
 //----------------------------------------------------------- sending html code
-$template->assign_var_from_handle('ADMIN_CONTENT', 'album_properties');
-?>
+$template->assign_var_from_handle('ADMIN_CONTENT', 'categories');
+?>

admin/cat_move.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -51,7 +51,10 @@ if (isset($_POST['submit']))
   }
   else
   {
-    $page['errors'][] = l10n('Select at least one album');
+    array_push(
+      $page['errors'],
+      l10n('Select at least one category')
+      );
   }
 }
 
@@ -67,13 +70,6 @@ $template->assign(
     )
   );
   
-// +-----------------------------------------------------------------------+
-// | tabs                                                                  |
-// +-----------------------------------------------------------------------+
-
-$page['tab'] = 'move';
-include(PHPWG_ROOT_PATH.'admin/include/albums_tab.inc.php');
-
 // +-----------------------------------------------------------------------+
 // |                          Categories display                           |
 // +-----------------------------------------------------------------------+

admin/cat_options.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -47,6 +47,16 @@ if (isset($_POST['falsify'])
 {
   switch ($_GET['section'])
   {
+    case 'upload' :
+    {
+      $query = '
+UPDATE '.CATEGORIES_TABLE.'
+  SET uploadable = \'false\'
+  WHERE id IN ('.implode(',', $_POST['cat_true']).')
+;';
+      pwg_query($query);
+      break;
+    }
     case 'comments' :
     {
       $query = '
@@ -85,6 +95,16 @@ else if (isset($_POST['trueify'])
 {
   switch ($_GET['section'])
   {
+    case 'upload' :
+    {
+      $query = '
+UPDATE '.CATEGORIES_TABLE.'
+  SET uploadable = \'true\'
+  WHERE id IN ('.implode(',', $_POST['cat_false']).')
+;';
+      pwg_query($query);
+      break;
+    }
     case 'comments' :
     {
       $query = '
@@ -138,8 +158,22 @@ $template->assign(
 
 // TabSheet
 $tabsheet = new tabsheet();
-$tabsheet->set_id('cat_options');
+// TabSheet initialization
+$opt_link = $link_start.'cat_options&amp;section=';
+$tabsheet->add('status', l10n('Public / Private'), $opt_link.'status');
+$tabsheet->add('visible', l10n('Lock'), $opt_link.'visible');
+if ($conf['enable_synchronization'])
+{
+  $tabsheet->add('upload', l10n('Upload'), $opt_link.'upload');
+}
+$tabsheet->add('comments', l10n('Comments'), $opt_link.'comments');
+if ($conf['allow_random_representative'])
+{
+  $tabsheet->add('representative', l10n('Representative'), $opt_link.'representative');
+}
+// TabSheet selection
 $tabsheet->select($page['section']);
+// Assign tabsheet to template
 $tabsheet->assign();
 
 // +-----------------------------------------------------------------------+
@@ -148,8 +182,8 @@ $tabsheet->assign();
 
 // for each section, categories in the multiselect field can be :
 //
-// - true : commentable for comment section
-// - false : un-commentable for comment section
+// - true : uploadable for upload section
+// - false : un-uploadable for upload section
 // - NA : (not applicable) for virtual categories
 //
 // for true and false status, we associates an array of category ids,
@@ -159,6 +193,31 @@ $cats_true = array();
 $cats_false = array();
 switch ($page['section'])
 {
+  case 'upload' :
+  {
+    $query_true = '
+SELECT id,name,uppercats,global_rank
+  FROM '.CATEGORIES_TABLE.'
+  WHERE uploadable = \'true\'
+    AND dir IS NOT NULL
+    AND site_id = 1
+;';
+    $query_false = '
+SELECT id,name,uppercats,global_rank
+  FROM '.CATEGORIES_TABLE.'
+  WHERE uploadable = \'false\'
+    AND dir IS NOT NULL
+    AND site_id = 1
+;';
+    $template->assign(
+      array(
+        'L_SECTION' => l10n('Select uploadable categories'),
+        'L_CAT_OPTIONS_TRUE' => l10n('Authorized'),
+        'L_CAT_OPTIONS_FALSE' => l10n('Forbidden'),
+        )
+      );
+    break;
+  }
   case 'comments' :
   {
     $query_true = '
@@ -173,7 +232,7 @@ SELECT id,name,uppercats,global_rank
 ;';
     $template->assign(
       array(
-        'L_SECTION' => l10n('Authorize users to add comments on selected albums'),
+        'L_SECTION' => l10n('Authorize users to add comments on selected categories'),
         'L_CAT_OPTIONS_TRUE' => l10n('Authorized'),
         'L_CAT_OPTIONS_FALSE' => l10n('Forbidden'),
         )
@@ -194,7 +253,7 @@ SELECT id,name,uppercats,global_rank
 ;';
     $template->assign(
       array(
-        'L_SECTION' => l10n('Lock albums'),
+        'L_SECTION' => l10n('Lock categories'),
         'L_CAT_OPTIONS_TRUE' => l10n('Unlocked'),
         'L_CAT_OPTIONS_FALSE' => l10n('Locked'),
         )
@@ -215,9 +274,9 @@ SELECT id,name,uppercats,global_rank
 ;';
     $template->assign(
       array(
-        'L_SECTION' => l10n('Manage authorizations for selected albums'),
-        'L_CAT_OPTIONS_TRUE' => l10n('Public'),
-        'L_CAT_OPTIONS_FALSE' => l10n('Private'),
+        'L_SECTION' => l10n('Manage authorizations for selected categories'),
+        'L_CAT_OPTIONS_TRUE' => l10n('Public category'),
+        'L_CAT_OPTIONS_FALSE' => l10n('Private category'),
         )
       );
     break;

admin/cat_perm.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -37,139 +37,156 @@ check_status(ACCESS_ADMINISTRATOR);
 // |                       variable initialization                         |
 // +-----------------------------------------------------------------------+
 
-$page['cat'] = $category['id'];
+// if the category is not correct (not numeric, not private)
+if (isset($_GET['cat']) and is_numeric($_GET['cat']))
+{
+  $query = '
+SELECT status
+  FROM '.CATEGORIES_TABLE.'
+  WHERE id = '.$_GET['cat'].'
+;';
+  list($status) = pwg_db_fetch_row(pwg_query($query));
+  
+  if ('private' == $status)
+  {
+    $page['cat'] = $_GET['cat'];
+  }
+}
+
+if (!isset($page['cat']))
+{
+  $query = '
+SELECT id
+  FROM '.CATEGORIES_TABLE.'
+  WHERE status = \'private\'
+  LIMIT 1
+;';
+
+  list($page['cat']) = pwg_db_fetch_row(pwg_query($query));
+}
 
 // +-----------------------------------------------------------------------+
 // |                           form submission                             |
 // +-----------------------------------------------------------------------+
 
-if (!empty($_POST))
+
+if (isset($_POST['deny_groups_submit'])
+         and isset($_POST['deny_groups'])
+         and count($_POST['deny_groups']) > 0)
 {
-  check_pwg_token();
-
-  if ($category['status'] != $_POST['status'])
-  {
-    set_cat_status(array($page['cat']), $_POST['status']);
-    $category['status'] = $_POST['status'];
-  }
-
-  if ('private' == $_POST['status'])
-  {
-    //
-    // manage groups
-    //
-    $query = '
-SELECT group_id
-  FROM '.GROUP_ACCESS_TABLE.'
-  WHERE cat_id = '.$page['cat'].'
-;';
-    $groups_granted = array_from_query($query, 'group_id');
-
-    if (!isset($_POST['groups']))
-    {
-      $_POST['groups'] = array();
-    }
-    
-    //
-    // remove permissions to groups
-    //
-    $deny_groups = array_diff($groups_granted, $_POST['groups']);
-    if (count($deny_groups) > 0)
-    {
-      // if you forbid access to an album, all sub-albums become
-      // automatically forbidden
-      $query = '
+  // if you forbid access to a category, all sub-categories become
+  // automatically forbidden
+  $query = '
 DELETE
   FROM '.GROUP_ACCESS_TABLE.'
-  WHERE group_id IN ('.implode(',', $deny_groups).')
+  WHERE group_id IN ('.implode(',', $_POST['deny_groups']).')
     AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
 ;';
-      pwg_query($query);
-    }
-
-    //
-    // add permissions to groups
-    //
-    $grant_groups = $_POST['groups'];
-    if (count($grant_groups) > 0)
-    {
-      $cat_ids = get_uppercat_ids(array($page['cat']));
-      if (isset($_POST['apply_on_sub']))
-      {
-        $cat_ids = array_merge($cat_ids, get_subcat_ids(array($page['cat'])));
-      }
-      
-      $query = '
+  pwg_query($query);
+}
+else if (isset($_POST['grant_groups_submit'])
+         and isset($_POST['grant_groups'])
+         and count($_POST['grant_groups']) > 0)
+{
+  $query = '
 SELECT id
   FROM '.CATEGORIES_TABLE.'
-  WHERE id IN ('.implode(',', $cat_ids).')
-    AND status = \'private\'
+  WHERE id IN ('.implode(',', get_uppercat_ids(array($page['cat']))).')
+  AND status = \'private\'
 ;';
-      $private_cats = array_from_query($query, 'id');
-      
-      $inserts = array();
-      foreach ($private_cats as $cat_id)
-      {
-        foreach ($grant_groups as $group_id)
-        {
-          $inserts[] = array(
-            'group_id' => $group_id,
-            'cat_id' => $cat_id
-            );
-        }
-      }
-      
-      mass_inserts(
-        GROUP_ACCESS_TABLE,
-        array('group_id','cat_id'),
-        $inserts,
-        array('ignore'=>true)
-        );
-    }
+  $private_uppercats = array_from_query($query, 'id');
 
-    //
-    // users
-    //
-    $query = '
-SELECT user_id
-  FROM '.USER_ACCESS_TABLE.'
-  WHERE cat_id = '.$page['cat'].'
+  // We must not reinsert already existing lines in group_access table
+  $granteds = array();
+  foreach ($private_uppercats as $cat_id)
+  {
+    $granteds[$cat_id] = array();
+  }
+  
+  $query = '
+SELECT group_id, cat_id
+  FROM '.GROUP_ACCESS_TABLE.'
+  WHERE cat_id IN ('.implode(',', $private_uppercats).')
+    AND group_id IN ('.implode(',', $_POST['grant_groups']).')
 ;';
-    $users_granted = array_from_query($query, 'user_id');
+  $result = pwg_query($query);
+  while ($row = pwg_db_fetch_assoc($result))
+  {
+    array_push($granteds[$row['cat_id']], $row['group_id']);
+  }
 
-    if (!isset($_POST['users']))
+  $inserts = array();
+  
+  foreach ($private_uppercats as $cat_id)
+  {
+    $group_ids = array_diff($_POST['grant_groups'], $granteds[$cat_id]);
+    foreach ($group_ids as $group_id)
     {
-      $_POST['users'] = array();
-    }
-    
-    //
-    // remove permissions to users
-    //
-    $deny_users = array_diff($users_granted, $_POST['users']);
-    if (count($deny_users) > 0)
-    {
-      // if you forbid access to an album, all sub-album become automatically
-      // forbidden
-      $query = '
-DELETE
-  FROM '.USER_ACCESS_TABLE.'
-  WHERE user_id IN ('.implode(',', $deny_users).')
-    AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
-;';
-      pwg_query($query);
-    }
-
-    //
-    // add permissions to users
-    //
-    $grant_users = $_POST['users'];
-    if (count($grant_users) > 0)
-    {
-      add_permission_on_category($page['cat'], $grant_users);
+      array_push($inserts, array('group_id' => $group_id,
+                                 'cat_id' => $cat_id));
     }
   }
 
-  $page['infos'][] = l10n('Album updated successfully');
+  mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
+}
+else if (isset($_POST['deny_users_submit'])
+         and isset($_POST['deny_users'])
+         and count($_POST['deny_users']) > 0)
+{
+  // if you forbid access to a category, all sub-categories become
+  // automatically forbidden
+  $query = '
+DELETE
+  FROM '.USER_ACCESS_TABLE.'
+  WHERE user_id IN ('.implode(',', $_POST['deny_users']).')
+    AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
+;';
+  pwg_query($query);
+}
+else if (isset($_POST['grant_users_submit'])
+         and isset($_POST['grant_users'])
+         and count($_POST['grant_users']) > 0)
+{
+  $query = '
+SELECT id
+  FROM '.CATEGORIES_TABLE.'
+  WHERE id IN ('.implode(',', get_uppercat_ids(array($page['cat']))).')
+  AND status = \'private\'
+;';
+  $private_uppercats = array_from_query($query, 'id');
+
+  // We must not reinsert already existing lines in user_access table
+  $granteds = array();
+  foreach ($private_uppercats as $cat_id)
+  {
+    $granteds[$cat_id] = array();
+  }
+  
+  $query = '
+SELECT user_id, cat_id
+  FROM '.USER_ACCESS_TABLE.'
+  WHERE cat_id IN ('.implode(',', $private_uppercats).')
+    AND user_id IN ('.implode(',', $_POST['grant_users']).')
+;';
+  $result = pwg_query($query);
+  while ($row = pwg_db_fetch_assoc($result))
+  {
+    array_push($granteds[$row['cat_id']], $row['user_id']);
+  }
+
+  $inserts = array();
+  
+  foreach ($private_uppercats as $cat_id)
+  {
+    $user_ids = array_diff($_POST['grant_users'], $granteds[$cat_id]);
+    foreach ($user_ids as $user_id)
+    {
+      array_push($inserts, array('user_id' => $user_id,
+                                 'cat_id' => $cat_id));
+    }
+  }
+
+  mass_inserts(USER_ACCESS_TABLE, array('user_id','cat_id'), $inserts);
 }
 
 // +-----------------------------------------------------------------------+
@@ -183,11 +200,10 @@ $template->assign(
     'CATEGORIES_NAV' =>
       get_cat_display_name_from_id(
         $page['cat'],
-        'admin.php?page=album-'
+        'admin.php?page=cat_modify&amp;cat_id='
         ),
     'U_HELP' => get_root_url().'admin/popuphelp.php?page=cat_perm',
-    'F_ACTION' => $admin_album_base_url.'-permissions',
-    'private' => ('private' == $category['status']),
+    'F_ACTION' => get_root_url().'admin.php?page=cat_perm&amp;cat='.$page['cat']
     )
   );
 
@@ -206,7 +222,7 @@ SELECT id, name
   ORDER BY name ASC
 ;';
 $groups = simple_hash_from_query($query, 'id', 'name');
-$template->assign('groups', $groups);
+$template->assign('all_groups', $groups);
 
 // groups granted to access the category
 $query = '
@@ -215,7 +231,14 @@ SELECT group_id
   WHERE cat_id = '.$page['cat'].'
 ;';
 $group_granted_ids = array_from_query($query, 'group_id');
-$template->assign('groups_selected', $group_granted_ids);
+$group_granted_ids = order_by_name($group_granted_ids, $groups);
+$template->assign('group_granted_ids', $group_granted_ids);
+
+
+// groups denied
+$template->assign('group_denied_ids',
+    order_by_name(array_diff(array_keys($groups), $group_granted_ids), $groups)
+  );
 
 // users...
 $users = array();
@@ -226,7 +249,7 @@ SELECT '.$conf['user_fields']['id'].' AS id,
   FROM '.USERS_TABLE.'
 ;';
 $users = simple_hash_from_query($query, 'id', 'username');
-$template->assign('users', $users);
+$template->assign('all_users', $users);
 
 
 $query = '
@@ -235,7 +258,9 @@ SELECT user_id
   WHERE cat_id = '.$page['cat'].'
 ;';
 $user_granted_direct_ids = array_from_query($query, 'user_id');
-$template->assign('users_selected', $user_granted_direct_ids);
+$user_granted_direct_ids = order_by_name($user_granted_direct_ids, $users);
+$template->assign('user_granted_direct_ids', $user_granted_direct_ids);
+
 
 
 $user_granted_indirect_ids = array();
@@ -251,58 +276,55 @@ SELECT user_id, group_id
   $result = pwg_query($query);
   while ($row = pwg_db_fetch_assoc($result))
   {
-    if (!isset($granted_groups[ $row['group_id'] ]))
+    if (!isset($granted_groups[$row['group_id']]))
     {
-      $granted_groups[ $row['group_id'] ] = array();
+      $granted_groups[$row['group_id']] = array();
     }
-    $granted_groups[ $row['group_id'] ][] = $row['user_id'];
+    array_push($granted_groups[$row['group_id']], $row['user_id']);
   }
 
   $user_granted_by_group_ids = array();
-  
+
   foreach ($granted_groups as $group_users)
   {
-    $user_granted_by_group_ids = array_merge($user_granted_by_group_ids, $group_users);
+    $user_granted_by_group_ids = array_merge($user_granted_by_group_ids,
+                                             $group_users);
   }
-  
   $user_granted_by_group_ids = array_unique($user_granted_by_group_ids);
   
-  $user_granted_indirect_ids = array_diff(
-    $user_granted_by_group_ids,
-    $user_granted_direct_ids
-    );
-
-  $template->assign('nb_users_granted_indirect', count($user_granted_indirect_ids));
-
-  foreach ($granted_groups as $group_id => $group_users)
+  
+  $user_granted_indirect_ids = array_diff($user_granted_by_group_ids,
+                                          $user_granted_direct_ids);
+  $user_granted_indirect_ids = 
+    order_by_name($user_granted_indirect_ids, $users);  
+  foreach ($user_granted_indirect_ids as $user_id)
   {
-    $group_usernames = array();
-    foreach ($group_users as $user_id)
+    foreach ($granted_groups as $group_id => $group_users)
     {
-      if (in_array($user_id, $user_granted_indirect_ids))
+      if (in_array($user_id, $group_users))
       {
-        $group_usernames[] = $users[$user_id];
+        $template->append(
+          'user_granted_indirects',
+          array(
+            'USER'=>$users[$user_id],
+            'GROUP'=>$groups[$group_id]
+            )
+          );
+        break;
       }
     }
-
-    $template->append(
-      'user_granted_indirect_groups',
-      array(
-        'group_name' => $groups[$group_id],
-        'group_users' => implode(', ', $group_usernames),
-        )
-      );
   }
 }
 
+$user_denied_ids = array_diff(array_keys($users),
+                              $user_granted_indirect_ids,
+                              $user_granted_direct_ids);
+$user_denied_ids = order_by_name($user_denied_ids, $users);
+$template->assign('user_denied_ids', $user_denied_ids);
+
+
 // +-----------------------------------------------------------------------+
 // |                           sending html code                           |
 // +-----------------------------------------------------------------------+
-$template->assign(array(
-  'PWG_TOKEN' => get_pwg_token(),
-  'INHERIT' => $conf['inheritance_by_default'],
-  'CACHE_KEYS' => get_admin_client_cache_keys(array('groups', 'users')),
-  ));
-
 $template->assign_var_from_handle('ADMIN_CONTENT', 'cat_perm');
 ?>

admin/comments.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -28,53 +28,62 @@ if (!defined('PHPWG_ROOT_PATH'))
 
 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
 
-if (isset($_GET['start']) and is_numeric($_GET['start']))
-{
-  $page['start'] = $_GET['start'];
-}
-else
-{
-  $page['start'] = 0;
-}
-
 // +-----------------------------------------------------------------------+
 // | Check Access and exit when user status is not ok                      |
 // +-----------------------------------------------------------------------+
-
 check_status(ACCESS_ADMINISTRATOR);
 
 // +-----------------------------------------------------------------------+
 // |                                actions                                |
 // +-----------------------------------------------------------------------+
 
-if (!empty($_POST))
+if (!empty($_POST) and !is_adviser())
 {
   if (empty($_POST['comments']))
   {
-    $page['errors'][] = l10n('Select at least one comment');
+    array_push(
+      $page['errors'],
+      l10n('Select at least one comment')
+      );
   }
   else
   {
-    include_once( PHPWG_ROOT_PATH .'include/functions_comment.inc.php' );
     check_input_parameter('comments', $_POST, true, PATTERN_ID);
-
+    
     if (isset($_POST['validate']))
     {
-      validate_user_comment($_POST['comments']);
+      $query = '
+UPDATE '.COMMENTS_TABLE.'
+  SET validated = \'true\'
+    , validation_date = NOW()
+  WHERE id IN ('.implode(',', $_POST['comments']).')
+;';
+    pwg_query($query);
 
-      $page['infos'][] = l10n_dec(
+    array_push(
+      $page['infos'],
+      l10n_dec(
         '%d user comment validated', '%d user comments validated',
         count($_POST['comments'])
-        );
+        )
+      );
     }
 
     if (isset($_POST['reject']))
     {
-      delete_user_comment($_POST['comments']);
+      $query = '
+DELETE
+  FROM '.COMMENTS_TABLE.'
+  WHERE id IN ('.implode(',', $_POST['comments']).')
+;';
+      pwg_query($query);
 
-      $page['infos'][] = l10n_dec(
-        '%d user comment rejected', '%d user comments rejected',
-        count($_POST['comments'])
+      array_push(
+        $page['infos'],
+        l10n_dec(
+          '%d user comment rejected', '%d user comments rejected',
+          count($_POST['comments'])
+          )
         );
     }
   }
@@ -92,104 +101,34 @@ $template->assign(
     )
   );
 
-// +-----------------------------------------------------------------------+
-// | Tabs                                                                  |
-// +-----------------------------------------------------------------------+
-
-include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
-
-$my_base_url = get_root_url().'admin.php?page=';
-
-$tabsheet = new tabsheet();
-$tabsheet->set_id('comments');
-$tabsheet->select('');
-$tabsheet->assign();
-
 // +-----------------------------------------------------------------------+
 // |                           comments display                            |
 // +-----------------------------------------------------------------------+
 
-$nb_total = 0;
-$nb_pending = 0;
+$list = array();
 
 $query = '
-SELECT
-    COUNT(*) AS counter,
-    validated
-  FROM '.COMMENTS_TABLE.'
-  GROUP BY validated
-;';
-$result = pwg_query($query);
-while ($row = pwg_db_fetch_assoc($result))
-{
-  $nb_total+= $row['counter'];
-
-  if ('false' == $row['validated'])
-  {
-    $nb_pending = $row['counter'];
-  }
-}
-
-if (!isset($_GET['filter']) and $nb_pending > 0)
-{
-  $page['filter'] = 'pending';
-}
-else
-{
-  $page['filter'] = 'all';
-}
-
-if (isset($_GET['filter']) and 'pending' == $_GET['filter'])
-{
-  $page['filter'] = $_GET['filter'];
-}
-
-$template->assign(
-  array(
-    'nb_total' => $nb_total,
-    'nb_pending' => $nb_pending,
-    'filter' => $page['filter'],
-    )
-  );
-
-$where_clauses = array('1=1');
-
-if ('pending' == $page['filter'])
-{
-  $where_clauses[] = 'validated=\'false\'';
-}
-
-$query = '
-SELECT
-    c.id,
-    c.image_id,
-    c.date,
-    c.author,
-    '.$conf['user_fields']['username'].' AS username,
-    c.content,
-    i.path,
-    i.representative_ext,
-    validated,
-    c.anonymous_id
+SELECT c.id, c.image_id, c.date, c.author, '.
+$conf['user_fields']['username'].' AS username, c.content, i.path, i.tn_ext
   FROM '.COMMENTS_TABLE.' AS c
     INNER JOIN '.IMAGES_TABLE.' AS i
       ON i.id = c.image_id
     LEFT JOIN '.USERS_TABLE.' AS u
       ON u.'.$conf['user_fields']['id'].' = c.author_id
-  WHERE '.implode(' AND ', $where_clauses).'
+  WHERE validated = \'false\'
   ORDER BY c.date DESC
-  LIMIT '.$page['start'].', '.$conf['comments_page_nb_comments'].'
 ;';
 $result = pwg_query($query);
 while ($row = pwg_db_fetch_assoc($result))
 {
-  $thumb = DerivativeImage::thumb_url(
+  $thumb = get_thumbnail_url(
       array(
         'id'=>$row['image_id'],
         'path'=>$row['path'],
+        'tn_ext'=>@$row['tn_ext']
         )
      );
-  if (empty($row['author_id']))
+  if (empty($row['author_id'])) 
   {
     $author_name = $row['author'];
   }
@@ -200,32 +139,21 @@ while ($row = pwg_db_fetch_assoc($result))
   $template->append(
     'comments',
     array(
-      'U_PICTURE' => get_root_url().'admin.php?page=photo-'.$row['image_id'],
+      'U_PICTURE' =>
+          PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
+          '&amp;image_id='.$row['image_id'],
       'ID' => $row['id'],
       'TN_SRC' => $thumb,
-      'AUTHOR' => trigger_change('render_comment_author', $author_name),
-      'DATE' => format_date($row['date'], array('day_name','day','month','year','time')),
-      'CONTENT' => trigger_change('render_comment_content',$row['content']),
-      'IS_PENDING' => ('false' == $row['validated']),
-      'IP' => $row['anonymous_id'],
+      'AUTHOR' => trigger_event('render_comment_author', $author_name),
+      'DATE' => format_date($row['date'], true),
+      'CONTENT' => trigger_event('render_comment_content',$row['content'])
       )
     );
 
-  $list[] = $row['id'];
+  array_push($list, $row['id']);
 }
 
-// +-----------------------------------------------------------------------+
-// |                            navigation bar                             |
-// +-----------------------------------------------------------------------+
-
-$navbar = create_navigation_bar(
-  get_root_url().'admin.php'.get_query_string_diff(array('start')),
-  ('pending' == $page['filter'] ? $nb_pending : $nb_total),
-  $page['start'],
-  $conf['comments_page_nb_comments']
-  );
-
-$template->assign('navbar', $navbar);
+$template->assign('LIST', implode(',', $list) );
 
 // +-----------------------------------------------------------------------+
 // |                           sending html code                           |

admin/configuration.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -27,7 +27,6 @@ if( !defined("PHPWG_ROOT_PATH") )
 }
 
 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
-include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
 include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
 
 // +-----------------------------------------------------------------------+
@@ -36,9 +35,6 @@ include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
 check_status(ACCESS_ADMINISTRATOR);
 
 //-------------------------------------------------------- sections definitions
-
-check_input_parameter('section', $_GET, false, '/^[a-z]+$/i');
-
 if (!isset($_GET['section']))
 {
   $page['section'] = 'main';
@@ -49,23 +45,27 @@ else
 }
 
 $main_checkboxes = array(
+    'gallery_locked',
     'allow_user_registration',
     'obligatory_user_mail_address',
     'rate',
     'rate_anonymous',
     'email_admin_on_new_user',
     'allow_user_customization',
-    'log',
-    'history_admin',
-    'history_guest',
    );
 
-$sizes_checkboxes = array(
-    'original_resize',
-  );
+$history_checkboxes = array(
+    'log',
+    'history_admin',
+    'history_guest'
+   );
+
+$upload_checkboxes = array(
+    'upload_link_everytime',
+    'email_admin_on_picture_uploaded',
+   );
 
 $comments_checkboxes = array(
-    'activate_comments',
     'comments_forall',
     'comments_validation',
     'email_admin_on_comment',
@@ -73,10 +73,7 @@ $comments_checkboxes = array(
     'user_can_delete_comment',
     'user_can_edit_comment',
     'email_admin_on_comment_edition',
-    'email_admin_on_comment_deletion',
-    'comments_author_mandatory',
-    'comments_email_mandatory',
-    'comments_enable_website',
+    'email_admin_on_comment_deletion'
   );
 
 $display_checkboxes = array(
@@ -86,14 +83,12 @@ $display_checkboxes = array(
     'index_posted_date_icon',
     'index_created_date_icon',
     'index_slideshow_icon',
-    'index_new_icon',
     'picture_metadata_icon',
     'picture_slideshow_icon',
     'picture_favorite_icon',
     'picture_download_icon',
     'picture_navigation_icons',
     'picture_navigation_thumb',
-    'picture_menu',
   );
 
 $display_info_checkboxes = array(
@@ -106,42 +101,12 @@ $display_info_checkboxes = array(
     'tags',
     'categories',
     'visits',
-    'rating_score',
+    'average_rate',
     'privacy_level',
   );
 
-// image order management
-$sort_fields = array(
-  ''                    => '',
-  'file ASC'            => l10n('File name, A &rarr; Z'),
-  'file DESC'           => l10n('File name, Z &rarr; A'),
-  'name ASC'            => l10n('Photo title, A &rarr; Z'),
-  'name DESC'           => l10n('Photo title, Z &rarr; A'),
-  'date_creation DESC'  => l10n('Date created, new &rarr; old'),
-  'date_creation ASC'   => l10n('Date created, old &rarr; new'),
-  'date_available DESC' => l10n('Date posted, new &rarr; old'),
-  'date_available ASC'  => l10n('Date posted, old &rarr; new'),
-  'rating_score DESC'   => l10n('Rating score, high &rarr; low'),
-  'rating_score ASC'    => l10n('Rating score, low &rarr; high'),
-  'hit DESC'            => l10n('Visits, high &rarr; low'),
-  'hit ASC'             => l10n('Visits, low &rarr; high'),
-  'id ASC'              => l10n('Numeric identifier, 1 &rarr; 9'),
-  'id DESC'             => l10n('Numeric identifier, 9 &rarr; 1'),
-  'rank ASC'            => l10n('Manual sort order'),
-  );
-
-$comments_order = array(
-  'ASC' => l10n('Show oldest comments first'),
-  'DESC' => l10n('Show latest comments first'),
-  );
-
-$mail_themes = array(
-  'clear' => 'Clear',
-  'dark' => 'Dark',
-  );
-
 //------------------------------ verification and registration of modifications
-if (isset($_POST['submit']))
+if (isset($_POST['submit']) and !is_adviser())
 {
   $int_pattern = '/^\d+$/';
 
@@ -149,67 +114,28 @@ if (isset($_POST['submit']))
   {
     case 'main' :
     {
-      if ( !isset($conf['order_by_custom']) and !isset($conf['order_by_inside_category_custom']) )
+      if (empty($_POST['gallery_locked']) and $conf['gallery_locked'])
       {
-        if ( !empty($_POST['order_by']) )
-        {
-          $used = array();
-          foreach ($_POST['order_by'] as $i => $val)
-          {
-            if (empty($val) or isset($used[$val]))
-            {
-              unset($_POST['order_by'][$i]);
-            }
-            else
-            {
-              $used[$val] = true;
-            }
-          }
-          if ( !count($_POST['order_by']) )
-          {
-            $page['errors'][] = l10n('No order field selected');
-          }
-          else
-          {
-            // limit to the number of available parameters
-            $order_by = $order_by_inside_category = array_slice($_POST['order_by'], 0, ceil(count($sort_fields)/2));
-
-            // there is no rank outside categories
-            if ( ($i = array_search('rank ASC', $order_by)) !== false)
-            {
-              unset($order_by[$i]);
-            }
-
-            // must define a default order_by if user want to order by rank only
-            if ( count($order_by) == 0 )
-            {
-              $order_by = array('id ASC');
-            }
-
-            $_POST['order_by'] = 'ORDER BY '.implode(', ', $order_by);
-            $_POST['order_by_inside_category'] = 'ORDER BY '.implode(', ', $order_by_inside_category);
-          }
-        }
-        else
-        {
-          $page['errors'][] = l10n('No order field selected');
-        }
+        $tpl_var = & $template->get_template_vars('header_msgs');
+        $msg_key = array_search(l10n('The gallery is locked for maintenance. Please, come back later.'), $tpl_var);
+        unset($tpl_var[$msg_key]);
+      }
+      elseif (!empty($_POST['gallery_locked']) and !$conf['gallery_locked'])
+      {
+        $template->append('header_msgs', l10n('The gallery is locked for maintenance. Please, come back later.'));
       }
-
       foreach( $main_checkboxes as $checkbox)
       {
         $_POST[$checkbox] = empty($_POST[$checkbox])?'false':'true';
       }
       break;
     }
-    case 'watermark' :
+    case 'history' :
     {
-      include(PHPWG_ROOT_PATH.'admin/include/configuration_watermark_process.inc.php');
-      break;
-    }
-    case 'sizes' :
-    {
-      include(PHPWG_ROOT_PATH.'admin/include/configuration_sizes_process.inc.php');
+      foreach( $history_checkboxes as $checkbox)
+      {
+        $_POST[$checkbox] = empty($_POST[$checkbox])?'false':'true';
+      }
       break;
     }
     case 'comments' :
@@ -220,7 +146,7 @@ if (isset($_POST['submit']))
            or $_POST['nb_comment_page'] < 5
            or $_POST['nb_comment_page'] > 50)
       {
-        $page['errors'][] = l10n('The number of comments a page must be between 5 and 50 included.');
+        array_push($page['errors'], l10n('The number of comments a page must be between 5 and 50 included.'));
       }
       foreach( $comments_checkboxes as $checkbox)
       {
@@ -228,6 +154,14 @@ if (isset($_POST['submit']))
       }
       break;
     }
+    case 'upload' :
+    {
+      foreach( $upload_checkboxes as $checkbox)
+      {
+        $_POST[$checkbox] = empty($_POST[$checkbox])?'false':'true';
+      }
+      break;
+    }
     case 'default' :
     {
       // Never go here
@@ -235,11 +169,6 @@ if (isset($_POST['submit']))
     }
     case 'display' :
     {
-      if (!preg_match($int_pattern, $_POST['nb_categories_page'])
-            or $_POST['nb_categories_page'] < 4)
-      {
-        $page['errors'][] = l10n('The number of albums a page must be above 4.');
-      }
       foreach( $display_checkboxes as $checkbox)
       {
         $_POST[$checkbox] = empty($_POST[$checkbox])?'false':'true';
@@ -255,7 +184,7 @@ if (isset($_POST['submit']))
   }
 
   // updating configuration if no error found
-  if (!in_array($page['section'], array('sizes', 'watermark')) and count($page['errors']) == 0)
+  if (count($page['errors']) == 0)
   {
     //echo '<pre>'; print_r($_POST); echo '</pre>';
     $result = pwg_query('SELECT param FROM '.CONFIG_TABLE);
@@ -281,30 +210,31 @@ WHERE param = \''.$row['param'].'\'
         pwg_query($query);
       }
     }
-    $page['infos'][] = l10n('Information data registered in database');
+    array_push($page['infos'], l10n('Information data registered in database'));
   }
 
   //------------------------------------------------------ $conf reinitialization
   load_conf_from_db();
 }
 
-// restore default derivatives settings
-if ('sizes' == $page['section'] and isset($_GET['action']) and 'restore_settings' == $_GET['action'])
-{
-  ImageStdParams::set_and_save( ImageStdParams::get_default_sizes() );
-  pwg_query('DELETE FROM '.CONFIG_TABLE.' WHERE param = \'disabled_derivatives\'');
-  clear_derivative_cache();
-
-  $page['infos'][] = l10n('Your configuration settings are saved');
-}
-
 //----------------------------------------------------- template initialization
-$template->set_filename('config', 'configuration_' . $page['section'] . '.tpl');
+$template->set_filename('config', 'configuration.tpl');
 
 // TabSheet
 $tabsheet = new tabsheet();
-$tabsheet->set_id('configuration');
+// TabSheet initialization
+$tabsheet->add('main', l10n('Main'), $conf_link.'main');
+$tabsheet->add('display', l10n('Display'), $conf_link.'display');
+$tabsheet->add('history', l10n('History'), $conf_link.'history');
+$tabsheet->add('comments', l10n('Comments'), $conf_link.'comments');
+if ($conf['enable_synchronization'])
+{
+  $tabsheet->add('upload', l10n('Upload'), $conf_link.'upload');
+}
+$tabsheet->add('default', l10n('Guest Settings'), $conf_link.'default');
+// TabSheet selection
 $tabsheet->select($page['section']);
+// Assign tabsheet to template
 $tabsheet->assign();
 
 $action = get_root_url().'admin.php?page=configuration';
@@ -320,52 +250,13 @@ switch ($page['section'])
 {
   case 'main' :
   {
-
-    function order_by_is_local()
-    {
-      @include(PHPWG_ROOT_PATH. 'local/config/config.inc.php');
-      if (isset($conf['local_dir_site']))
-      {
-        @include(PHPWG_ROOT_PATH.PWG_LOCAL_DIR. 'config/config.inc.php');
-      }
-
-      return isset($conf['order_by']) or isset($conf['order_by_inside_category']);
-    }
-
-    if (order_by_is_local())
-    {
-      $page['warnings'][] = l10n('You have specified <i>$conf[\'order_by\']</i> in your local configuration file, this parameter in deprecated, please remove it or rename it into <i>$conf[\'order_by_custom\']</i> !');
-    }
-
-    if ( isset($conf['order_by_custom']) or isset($conf['order_by_inside_category_custom']) )
-    {
-      $order_by = array('');
-      $template->assign('ORDER_BY_IS_CUSTOM', true);
-    }
-    else
-    {
-      $out = array();
-      $order_by = trim($conf['order_by_inside_category']);
-      $order_by = str_replace('ORDER BY ', null, $order_by);
-      $order_by = explode(', ', $order_by);
-    }
-
     $template->assign(
       'main',
       array(
         'CONF_GALLERY_TITLE' => htmlspecialchars($conf['gallery_title']),
         'CONF_PAGE_BANNER' => htmlspecialchars($conf['page_banner']),
-        'week_starts_on_options' => array(
-          'sunday' => $lang['day'][0],
-          'monday' => $lang['day'][1],
-          ),
-        'week_starts_on_options_selected' => $conf['week_starts_on'],
-        'mail_theme' => $conf['mail_theme'],
-        'mail_theme_options' => $mail_themes,
-        'order_by' => $order_by,
-        'order_by_options' => $sort_fields,
-        )
-      );
+        'CONF_GALLERY_URL' => $conf['gallery_url'],
+        ));
 
     foreach ($main_checkboxes as $checkbox)
     {
@@ -379,16 +270,28 @@ switch ($page['section'])
     }
     break;
   }
+  case 'history' :
+  {
+    //Necessary for merge_block_vars
+    foreach ($history_checkboxes as $checkbox)
+    {
+      $template->append(
+          'history',
+          array(
+            $checkbox => $conf[$checkbox]
+            ),
+          true
+        );
+    }
+    break;
+  }
   case 'comments' :
   {
     $template->assign(
       'comments',
       array(
         'NB_COMMENTS_PAGE'=>$conf['nb_comment_page'],
-        'comments_order'=>$conf['comments_order'],
-        'comments_order_options'=> $comments_order
-        )
-      );
+        ));
 
     foreach ($comments_checkboxes as $checkbox)
     {
@@ -402,25 +305,49 @@ switch ($page['section'])
     }
     break;
   }
+  case 'upload' :
+  {
+    $template->assign(
+      'upload',
+      array(
+        'upload_user_access_options'=> get_user_access_level_html_options(ACCESS_GUEST),
+        'upload_user_access_options_selected' => array($conf['upload_user_access'])
+        )
+      );
+    //Necessary for merge_block_vars
+    foreach ($upload_checkboxes as $checkbox)
+    {
+      $template->append(
+          'upload',
+          array(
+            $checkbox => $conf[$checkbox]
+            ),
+          true
+        );
+    }
+    break;
+  }
   case 'default' :
   {
     $edit_user = build_user($conf['guest_id'], false);
     include_once(PHPWG_ROOT_PATH.'profile.php');
 
     $errors = array();
-    if (save_profile_from_post($edit_user, $errors))
+    if ( !is_adviser() )
     {
-      // Reload user
-      $edit_user = build_user($conf['guest_id'], false);
-      $page['infos'][] = l10n('Information data registered in database');
+      if (save_profile_from_post($edit_user, $errors))
+      {
+        // Reload user
+        $edit_user = build_user($conf['guest_id'], false);
+        array_push($page['infos'], l10n('Information data registered in database'));
+      }
     }
     $page['errors'] = array_merge($page['errors'], $errors);
 
     load_profile_in_template(
       $action,
       '',
-      $edit_user,
-      'GUEST_'
+      $edit_user
       );
     $template->assign('default', array());
     break;
@@ -440,167 +367,12 @@ switch ($page['section'])
     $template->append(
         'display',
         array(
-          'picture_informations' => unserialize($conf['picture_informations']),
-          'NB_CATEGORIES_PAGE' => $conf['nb_categories_page'],
+          'picture_informations' => unserialize($conf['picture_informations'])
           ),
         true
       );
     break;
   }
-  case 'sizes' :
-  {
-    // we only load the derivatives if it was not already loaded: it occurs
-    // when submitting the form and an error remains
-    if (!isset($page['sizes_loaded_in_tpl']))
-    {
-      $is_gd = (pwg_image::get_library()=='gd')? true : false;
-      $template->assign('is_gd', $is_gd);
-      $template->assign(
-        'sizes',
-        array(
-          'original_resize_maxwidth' => $conf['original_resize_maxwidth'],
-          'original_resize_maxheight' => $conf['original_resize_maxheight'],
-          'original_resize_quality' => $conf['original_resize_quality'],
-          )
-        );
-
-      foreach ($sizes_checkboxes as $checkbox)
-      {
-        $template->append(
-          'sizes',
-          array(
-            $checkbox => $conf[$checkbox]
-            ),
-          true
-          );
-      }
-
-      // derivatives = multiple size
-      $enabled = ImageStdParams::get_defined_type_map();
-      $disabled = @unserialize(@$conf['disabled_derivatives']);
-      if ($disabled === false)
-      {
-        $disabled = array();
-      }
-
-      $tpl_vars = array();
-      foreach(ImageStdParams::get_all_types() as $type)
-      {
-        $tpl_var = array();
-
-        $tpl_var['must_square'] = ($type==IMG_SQUARE ? true : false);
-        $tpl_var['must_enable'] = ($type==IMG_SQUARE || $type==IMG_THUMB || $type==$conf['derivative_default_size'])? true : false;
-
-        if ($params = @$enabled[$type])
-        {
-          $tpl_var['enabled'] = true;
-        }
-        else
-        {
-          $tpl_var['enabled']=false;
-          $params=@$disabled[$type];
-        }
-
-        if ($params)
-        {
-          list($tpl_var['w'],$tpl_var['h']) = $params->sizing->ideal_size;
-          if ( ($tpl_var['crop'] = round(100*$params->sizing->max_crop)) > 0)
-          {
-            list($tpl_var['minw'],$tpl_var['minh']) = $params->sizing->min_size;
-          }
-          else
-          {
-            $tpl_var['minw'] = $tpl_var['minh'] = "";
-          }
-          $tpl_var['sharpen'] = $params->sharpen;
-        }
-        $tpl_vars[$type]=$tpl_var;
-      }
-      $template->assign('derivatives', $tpl_vars);
-      $template->assign('resize_quality', ImageStdParams::$quality);
-
-      $tpl_vars = array();
-      $now = time();
-      foreach(ImageStdParams::$custom as $custom=>$time)
-      {
-        $tpl_vars[$custom] = ($now-$time<=24*3600) ? l10n('today') : time_since($time, 'day');
-      }
-      $template->assign('custom_derivatives', $tpl_vars);
-    }
-
-    break;
-  }
-  case 'watermark' :
-  {
-    $watermark_files = array();
-    foreach (glob(PHPWG_ROOT_PATH.'themes/default/watermarks/*.png') as $file)
-    {
-      $watermark_files[] = substr($file, strlen(PHPWG_ROOT_PATH));
-    }
-    if ( ($glob=glob(PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'watermarks/*.png')) !== false)
-    {
-      foreach ($glob as $file)
-      {
-        $watermark_files[] = substr($file, strlen(PHPWG_ROOT_PATH));
-      }
-    }
-    $watermark_filemap = array( '' => '---' );
-    foreach( $watermark_files as $file)
-    {
-      $display = basename($file);
-      $watermark_filemap[$file] = $display;
-    }
-    $template->assign('watermark_files', $watermark_filemap);
-
-    if ($template->get_template_vars('watermark') === null)
-    {
-      $wm = ImageStdParams::get_watermark();
-
-      $position = 'custom';
-      if ($wm->xpos == 0 and $wm->ypos == 0)
-      {
-        $position = 'topleft';
-      }
-      if ($wm->xpos == 100 and $wm->ypos == 0)
-      {
-        $position = 'topright';
-      }
-      if ($wm->xpos == 50 and $wm->ypos == 50)
-      {
-        $position = 'middle';
-      }
-      if ($wm->xpos == 0 and $wm->ypos == 100)
-      {
-        $position = 'bottomleft';
-      }
-      if ($wm->xpos == 100 and $wm->ypos == 100)
-      {
-        $position = 'bottomright';
-      }
-
-      if ($wm->xrepeat != 0 || $wm->yrepeat != 0)
-      {
-        $position = 'custom';
-      }
-
-      $template->assign(
-        'watermark',
-        array(
-          'file' => $wm->file,
-          'minw' => $wm->min_size[0],
-          'minh' => $wm->min_size[1],
-          'xpos' => $wm->xpos,
-          'ypos' => $wm->ypos,
-          'xrepeat' => $wm->xrepeat,
-          'yrepeat' => $wm->yrepeat,
-          'opacity' => $wm->opacity,
-          'position' => $position,
-          )
-        );
-    }
-
-    break;
-  }
 }
 
 //----------------------------------------------------------- sending html code

admin/element_set.php

@@ -0,0 +1,247 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | Piwigo - a PHP based picture gallery                                  |
+// +-----------------------------------------------------------------------+
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
+// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+/**
+ * Management of elements set. Elements can belong to a category or to the
+ * user caddie.
+ *
+ */
+
+if (!defined('PHPWG_ROOT_PATH'))
+{
+  die('Hacking attempt!');
+}
+
+include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
+
+// +-----------------------------------------------------------------------+
+// | Check Access and exit when user status is not ok                      |
+// +-----------------------------------------------------------------------+
+check_status(ACCESS_ADMINISTRATOR);
+
+check_input_parameter('selection', $_POST, true, PATTERN_ID);
+
+// +-----------------------------------------------------------------------+
+// |                          caddie management                            |
+// +-----------------------------------------------------------------------+
+
+if (isset($_POST['submit_caddie']))
+{
+  if (isset($_POST['caddie_action']))
+  {
+    switch ($_POST['caddie_action'])
+    {
+      case 'empty_all' :
+      {
+          $query = '
+DELETE FROM '.CADDIE_TABLE.'
+  WHERE user_id = '.$user['id'].'
+;';
+          pwg_query($query);
+          break;
+      }
+      case 'empty_selected' :
+      {
+        if (isset($_POST['selection']) and count($_POST['selection']) > 0)
+        {
+          $query = '
+DELETE
+  FROM '.CADDIE_TABLE.'
+  WHERE element_id IN ('.implode(',', $_POST['selection']).')
+    AND user_id = '.$user['id'].'
+;';
+          pwg_query($query);
+        }
+        else
+        {
+          // TODO : add error
+        }
+        break;
+      }
+      case 'add_selected' :
+      {
+        if (isset($_POST['selection']) and count($_POST['selection']) > 0)
+        {
+          fill_caddie($_POST['selection']);
+        }
+        else
+        {
+          // TODO : add error
+        }
+        break;
+      }
+    }
+  }
+  else
+  {
+    // TODO : add error
+  }
+}
+
+// +-----------------------------------------------------------------------+
+// |                    initialize info about category                     |
+// +-----------------------------------------------------------------------+
+
+// To element_set_(global|unit).php, we must provide the elements id of the
+// managed category in $page['cat_elements_id'] array.
+$page['cat_elements_id'] = array();
+if (is_numeric($_GET['cat']))
+{
+  $page['title'] =
+    get_cat_display_name_from_id(
+      $_GET['cat'],
+      PHPWG_ROOT_PATH.'admin.php?page=cat_modify&amp;cat_id=',
+      false
+      );
+
+  $query = '
+SELECT image_id
+  FROM '.IMAGE_CATEGORY_TABLE.'
+  WHERE category_id = '.$_GET['cat'].'
+;';
+  $page['cat_elements_id'] = array_from_query($query, 'image_id');
+}
+else if ('caddie' == $_GET['cat'])
+{
+  $page['title'] = l10n('caddie');
+
+  $query = '
+SELECT element_id
+  FROM '.CADDIE_TABLE.'
+  WHERE user_id = '.$user['id'].'
+;';
+  $page['cat_elements_id'] = array_from_query($query, 'element_id');
+}
+else if ('not_linked' == $_GET['cat'])
+{
+  $page['title'] = l10n('Not linked elements');
+  $template->assign(array('U_ACTIVE_MENU' => 5 ));
+
+  // we are searching elements not linked to any virtual category
+  $query = '
+SELECT id
+  FROM '.IMAGES_TABLE.'
+;';
+  $all_elements = array_from_query($query, 'id');
+
+  $linked_to_virtual = array();
+
+  $query = '
+SELECT id
+  FROM '.CATEGORIES_TABLE.'
+  WHERE dir IS NULL
+;';
+  $virtual_categories = array_from_query($query, 'id');
+  if (!empty($virtual_categories))
+  {
+    $query = '
+SELECT DISTINCT(image_id)
+  FROM '.IMAGE_CATEGORY_TABLE.'
+  WHERE category_id IN ('.implode(',', $virtual_categories).')
+;';
+    $linked_to_virtual = array_from_query($query, 'image_id');
+  }
+
+  $page['cat_elements_id'] = array_diff($all_elements, $linked_to_virtual);
+}
+else if ('duplicates' == $_GET['cat'])
+{
+  $page['title'] = l10n('Files with same name in more than one physical category');
+  $template->assign(array('U_ACTIVE_MENU' => 5 ));
+
+  // we are searching related elements twice or more to physical categories
+  // 1 - Retrieve Files
+  $query = '
+SELECT DISTINCT(file)
+  FROM '.IMAGES_TABLE.'
+ GROUP BY file
+HAVING COUNT(DISTINCT storage_category_id) > 1
+;';
+
+  $duplicate_files = array_from_query($query, 'file');
+  $duplicate_files[]='Nofiles';
+  // 2 - Retrives related picture ids
+  $query = '
+SELECT id, file
+  FROM '.IMAGES_TABLE.'
+WHERE file IN (\''.implode("','", $duplicate_files).'\')
+ORDER BY file, id
+;';
+
+  $page['cat_elements_id'] = array_from_query($query, 'id');
+}
+elseif ('recent'== $_GET['cat'])
+{
+  $page['title'] = l10n('Recent pictures');
+  $query = 'SELECT MAX(date_available) AS date
+  FROM '.IMAGES_TABLE;
+  $row = pwg_db_fetch_assoc(pwg_query($query));
+  if (!empty($row['date']))
+  {
+    $query = 'SELECT id
+  FROM '.IMAGES_TABLE.'
+  WHERE date_available BETWEEN '.pwg_db_get_recent_period_expression(1, $row['date']).' AND \''.$row['date'].'\'';
+    $page['cat_elements_id'] = array_from_query($query, 'id');
+  }
+}
+
+// +-----------------------------------------------------------------------+
+// |                       first element to display                        |
+// +-----------------------------------------------------------------------+
+
+// $page['start'] contains the number of the first element in its
+// category. For exampe, $page['start'] = 12 means we must show elements #12
+// and $page['nb_images'] next elements
+
+if (!isset($_GET['start'])
+    or !is_numeric($_GET['start'])
+    or $_GET['start'] < 0
+    or (isset($_GET['display']) and 'all' == $_GET['display']))
+{
+  $page['start'] = 0;
+}
+else
+{
+  $page['start'] = $_GET['start'];
+}
+
+// +-----------------------------------------------------------------------+
+// |                         open specific mode                            |
+// +-----------------------------------------------------------------------+
+
+$_GET['mode'] = !empty($_GET['mode']) ? $_GET['mode'] : 'global';
+
+switch ($_GET['mode'])
+{
+  case 'global' :
+  {
+    include(PHPWG_ROOT_PATH.'admin/element_set_global.php');
+    break;
+  }
+  case 'unit' :
+  {
+    include(PHPWG_ROOT_PATH.'admin/element_set_unit.php');
+    break;
+  }
+}
+?>

admin/element_set_global.php

@@ -0,0 +1,505 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | Piwigo - a PHP based picture gallery                                  |
+// +-----------------------------------------------------------------------+
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
+// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+/**
+ * Management of elements set. Elements can belong to a category or to the
+ * user caddie.
+ *
+ */
+
+if (!defined('PHPWG_ROOT_PATH'))
+{
+  die('Hacking attempt!');
+}
+
+include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
+
+// +-----------------------------------------------------------------------+
+// | Check Access and exit when user status is not ok                      |
+// +-----------------------------------------------------------------------+
+check_status(ACCESS_ADMINISTRATOR);
+
+trigger_action('loc_begin_element_set_global');
+
+// +-----------------------------------------------------------------------+
+// |                         deletion form submission                      |
+// +-----------------------------------------------------------------------+
+
+// the $_POST['selection'] was already checked in element_set.php
+check_input_parameter('del_tags', $_POST, true, PATTERN_ID);
+check_input_parameter('associate', $_POST, false, PATTERN_ID);
+check_input_parameter('dissociate', $_POST, false, PATTERN_ID);
+
+if (isset($_POST['delete']))
+{
+  if (isset($_POST['confirm_deletion']) and 1 == $_POST['confirm_deletion'])
+  {
+    $collection = array();
+
+    switch ($_POST['target_deletion'])
+    {
+      case 'all' :
+      {
+        $collection = $page['cat_elements_id'];
+        break;
+      }
+      case 'selection' :
+      {
+        if (!isset($_POST['selection']) or count($_POST['selection']) == 0)
+        {
+          array_push($page['errors'], l10n('Select at least one picture'));
+        }
+        else
+        {
+          $collection = $_POST['selection'];
+        }
+        break;
+      }
+    }
+
+    // filter selection on photos that have no storage_category_id (ie that
+    // were added via pLoader)
+    if (count($collection) > 0)
+    {
+      $query = '
+SELECT
+    id
+  FROM '.IMAGES_TABLE.'
+  WHERE id IN ('.implode(',', $collection).')
+    AND storage_category_id IS NULL
+;';
+      $deletables = array_from_query($query, 'id');
+
+      if (count($deletables) > 0)
+      {
+        $physical_deletion = true;
+        delete_elements($deletables, $physical_deletion);
+
+        array_push(
+          $page['infos'],
+          sprintf(
+            l10n_dec(
+              '%d photo was deleted',
+              '%d photos were deleted',
+              count($deletables)
+              ),
+            count($deletables)
+            )
+          );
+      }
+      else
+      {
+        array_push($page['errors'], l10n('No photo can be deleted'));
+      }
+    }
+  }
+  else
+  {
+    array_push($page['errors'], l10n('You need to confirm deletion'));
+  }
+}
+
+// +-----------------------------------------------------------------------+
+// |                       global mode form submission                     |
+// +-----------------------------------------------------------------------+
+
+if (isset($_POST['submit']))
+{
+  $collection = array();
+
+//   echo '<pre>';
+//   print_r($_POST);
+//   echo '</pre>';
+//   exit();
+
+  switch ($_POST['target'])
+  {
+    case 'all' :
+    {
+      $collection = $page['cat_elements_id'];
+      break;
+    }
+    case 'selection' :
+    {
+      if (!isset($_POST['selection']) or count($_POST['selection']) == 0)
+      {
+        array_push($page['errors'], l10n('Select at least one picture'));
+      }
+      else
+      {
+        $collection = $_POST['selection'];
+      }
+      break;
+    }
+  }
+
+  if (isset($_POST['add_tags']) and count($collection) > 0)
+  {
+    $tag_ids = get_fckb_tag_ids($_POST['add_tags']);
+    add_tags($tag_ids, $collection);
+  }
+
+  if (isset($_POST['del_tags']) and count($collection) > 0)
+  {
+    $query = '
+DELETE
+  FROM '.IMAGE_TAG_TABLE.'
+  WHERE image_id IN ('.implode(',', $collection).')
+    AND tag_id IN ('.implode(',', $_POST['del_tags']).')
+;';
+    pwg_query($query);
+  }
+
+  if ($_POST['associate'] != 0 and count($collection) > 0)
+  {
+    associate_images_to_categories(
+      $collection,
+      array($_POST['associate'])
+      );
+  }
+
+  if ($_POST['dissociate'] != 0 and count($collection) > 0)
+  {
+    // physical links must not be broken, so we must first retrieve image_id
+    // which create virtual links with the category to "dissociate from".
+    $query = '
+SELECT id
+  FROM '.IMAGE_CATEGORY_TABLE.'
+    INNER JOIN '.IMAGES_TABLE.' ON image_id = id
+  WHERE category_id = '.$_POST['dissociate'].'
+    AND id IN ('.implode(',', $collection).')
+    AND (
+      category_id != storage_category_id
+      OR storage_category_id IS NULL
+    )
+;';
+    $dissociables = array_from_query($query, 'id');
+
+    if (!empty($dissociables))
+    {
+      $query = '
+DELETE
+  FROM '.IMAGE_CATEGORY_TABLE.'
+  WHERE category_id = '.$_POST['dissociate'].'
+    AND image_id IN ('.implode(',', $dissociables).')
+';
+      pwg_query($query);
+
+      // we remove the dissociated images if we are currently displaying the
+      // category to dissociate from.
+      if (is_numeric($_GET['cat']) and $_POST['dissociate'] == $_GET['cat'])
+      {
+        $page['cat_elements_id'] = array_diff(
+          $page['cat_elements_id'],
+          $dissociables
+          );
+      }
+    }
+
+    update_category($_POST['dissociate']);
+  }
+
+  $datas = array();
+  $dbfields = array('primary' => array('id'), 'update' => array());
+
+  $formfields = array('author', 'name', 'date_creation', 'level');
+  foreach ($formfields as $formfield)
+  {
+    if ($_POST[$formfield.'_action'] != 'leave')
+    {
+      array_push($dbfields['update'], $formfield);
+    }
+  }
+
+  // updating elements is useful only if needed...
+  if (count($dbfields['update']) > 0 and count($collection) > 0)
+  {
+    $query = '
+SELECT id
+  FROM '.IMAGES_TABLE.'
+  WHERE id IN ('.implode(',', $collection).')
+;';
+    $result = pwg_query($query);
+
+    while ($row = pwg_db_fetch_assoc($result))
+    {
+      $data = array();
+      $data['id'] = $row['id'];
+
+      if ('set' == $_POST['author_action'])
+      {
+        $data['author'] = $_POST['author'];
+        if ('' == $data['author'])
+        {
+          unset($data['author']);
+        }
+      }
+
+      if ('set' == $_POST['name_action'])
+      {
+        $data['name'] = $_POST['name'];
+        if ('' == $data['name'])
+        {
+          unset($data['name']);
+        }
+      }
+
+      if ('set' == $_POST['date_creation_action'])
+      {
+        $data['date_creation'] =
+          $_POST['date_creation_year']
+          .'-'.$_POST['date_creation_month']
+          .'-'.$_POST['date_creation_day']
+          ;
+      }
+
+      if ('set' == $_POST['level_action'])
+      {
+        $data['level'] = $_POST['level'];
+      }
+
+      array_push($datas, $data);
+    }
+    // echo '<pre>'; print_r($datas); echo '</pre>';
+    mass_updates(IMAGES_TABLE, $dbfields, $datas);
+  }
+}
+
+// +-----------------------------------------------------------------------+
+// |                             template init                             |
+// +-----------------------------------------------------------------------+
+$template->set_filenames(
+  array('element_set_global' => 'element_set_global.tpl'));
+
+$base_url = get_root_url().'admin.php';
+
+// $form_action = $base_url.'?page=element_set_global';
+
+$template->assign(
+  array(
+    'CATEGORIES_NAV'=>$page['title'],
+
+    'U_DISPLAY'=>$base_url.get_query_string_diff(array('display')),
+
+    'U_UNIT_MODE'
+    =>
+    $base_url
+    .get_query_string_diff(array('mode','display'))
+    .'&amp;mode=unit',
+
+    'F_ACTION'=>$base_url.get_query_string_diff(array()),
+   )
+ );
+
+// +-----------------------------------------------------------------------+
+// |                            caddie options                             |
+// +-----------------------------------------------------------------------+
+
+$template->assign('IN_CADDIE', 'caddie' == $_GET['cat'] ? true : false );
+
+// +-----------------------------------------------------------------------+
+// |                            deletion form                              |
+// +-----------------------------------------------------------------------+
+
+// we can only remove photos that have no storage_category_id, in other
+// word, it currently (Butterfly) means that the photo was added with
+// pLoader
+if (count($page['cat_elements_id']) > 0)
+{
+  $query = '
+SELECT
+    COUNT(*)
+  FROM '.IMAGES_TABLE.'
+  WHERE id IN ('.implode(',', $page['cat_elements_id']).')
+    AND storage_category_id IS NULL
+;';
+  list($counter) = pwg_db_fetch_row(pwg_query($query));
+
+  if ($counter > 0)
+  {
+    $template->assign('show_delete_form', true);
+  }
+}
+
+// +-----------------------------------------------------------------------+
+// |                           global mode form                            |
+// +-----------------------------------------------------------------------+
+
+// Virtualy associate a picture to a category
+$query = '
+SELECT id,name,uppercats,global_rank
+  FROM '.CATEGORIES_TABLE.'
+;';
+display_select_cat_wrapper($query, array(), 'associate_options', true);
+
+// Dissociate from a category : categories listed for dissociation can
+// only represent virtual links. Links to physical categories can't be
+// broken
+if (count($page['cat_elements_id']) > 0)
+{
+  $query = '
+SELECT
+    DISTINCT(category_id) AS id,
+    c.name,
+    c.uppercats,
+    c.global_rank
+  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
+    JOIN '.CATEGORIES_TABLE.' AS c ON c.id = ic.category_id
+    JOIN '.IMAGES_TABLE.' AS i ON i.id = ic.image_id
+  WHERE ic.image_id IN ('.implode(',', $page['cat_elements_id']).')
+    AND (
+      ic.category_id != i.storage_category_id
+      OR i.storage_category_id IS NULL
+    )
+;';
+  display_select_cat_wrapper($query, array(), 'dissociate_options', true);
+}
+
+if (count($page['cat_elements_id']) > 0)
+{
+  // remove tags
+  $tags = get_common_tags($page['cat_elements_id'], -1);
+
+  $template->assign(
+    array(
+      'DEL_TAG_SELECTION' => get_html_tag_selection($tags, 'del_tags'),
+      )
+    );
+}
+
+// creation date
+$day =
+empty($_POST['date_creation_day']) ? date('j') : $_POST['date_creation_day'];
+
+$month =
+empty($_POST['date_creation_month']) ? date('n') : $_POST['date_creation_month'];
+
+$year =
+empty($_POST['date_creation_year']) ? date('Y') : $_POST['date_creation_year'];
+
+$month_list = $lang['month'];
+$month_list[0]='------------';
+ksort($month_list);
+$template->assign( array(
+      'month_list'         => $month_list,
+      'DATE_CREATION_DAY'  => (int)$day,
+      'DATE_CREATION_MONTH'=> (int)$month,
+      'DATE_CREATION_YEAR' => (int)$year,
+    )
+  );
+
+// image level options
+$template->assign(
+    array(
+      'level_options'=> get_privacy_level_options(),
+      'level_options_selected' => 0,
+    )
+  );
+
+// +-----------------------------------------------------------------------+
+// |                        global mode thumbnails                         |
+// +-----------------------------------------------------------------------+
+
+// how many items to display on this page
+if (!empty($_GET['display']))
+{
+  if ('all' == $_GET['display'])
+  {
+    $page['nb_images'] = count($page['cat_elements_id']);
+  }
+  else
+  {
+    $page['nb_images'] = intval($_GET['display']);
+  }
+}
+else
+{
+  $page['nb_images'] = 20;
+}
+
+if (count($page['cat_elements_id']) > 0)
+{
+  $nav_bar = create_navigation_bar(
+    $base_url.get_query_string_diff(array('start')),
+    count($page['cat_elements_id']),
+    $page['start'],
+    $page['nb_images']
+    );
+  $template->assign('navbar', $nav_bar);
+
+  $query = '
+SELECT id,path,tn_ext,file,filesize,level
+  FROM '.IMAGES_TABLE;
+
+  if (is_numeric($_GET['cat']))
+  {
+    $category_info = get_cat_info($_GET['cat']);
+    
+    $conf['order_by'] = $conf['order_by_inside_category'];
+    if (!empty($category_info['image_order']))
+    {
+      $conf['order_by'] = ' ORDER BY '.$category_info['image_order'];
+    }
+
+    $query.= '
+    JOIN '.IMAGE_CATEGORY_TABLE.' ON id = image_id';
+  }
+
+  $query.= '
+  WHERE id IN ('.implode(',', $page['cat_elements_id']).')';
+
+  if (is_numeric($_GET['cat']))
+  {
+    $query.= '
+    AND category_id = '.$_GET['cat'];
+  }
+
+  $query.= '
+  '.$conf['order_by'].'
+  LIMIT '.$page['nb_images'].' OFFSET '.$page['start'].'
+;';
+  $result = pwg_query($query);
+
+  // template thumbnail initialization
+  while ($row = pwg_db_fetch_assoc($result))
+  {
+    $src = get_thumbnail_url($row);
+
+    $template->append(
+      'thumbnails',
+      array(
+        'ID' => $row['id'],
+        'TN_SRC' => $src,
+        'FILE' => $row['file'],
+        'TITLE' => get_thumbnail_title($row),
+        'LEVEL' => $row['level']
+        )
+      );
+  }
+}
+
+trigger_action('loc_end_element_set_global');
+
+//----------------------------------------------------------- sending html code
+$template->assign_var_from_handle('ADMIN_CONTENT', 'element_set_global');
+?>

admin/element_set_ranks.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -45,6 +45,41 @@ if (!isset($_GET['cat_id']) or !is_numeric($_GET['cat_id']))
 
 $page['category_id'] = $_GET['cat_id'];
 
+// +-----------------------------------------------------------------------+
+// |                               functions                               |
+// +-----------------------------------------------------------------------+
+
+/**
+ * save the rank depending on given images order
+ *
+ * The list of ordered images id is supposed to be in the same parent
+ * category
+ *
+ * @param array categories
+ * @return void
+ */
+function save_images_order($category_id, $images)
+{
+  $current_rank = 0;
+  $datas = array();
+  foreach ($images as $id)
+  {
+    array_push(
+      $datas,
+      array(
+        'category_id' => $category_id,
+        'image_id' => $id,
+        'rank' => ++$current_rank,
+        )
+      );
+  }
+  $fields = array(
+    'primary' => array('image_id', 'category_id'),
+    'update' => array('rank')
+    );
+  mass_updates(IMAGE_CATEGORY_TABLE, $fields, $datas);
+}
+
 // +-----------------------------------------------------------------------+
 // |                       global mode form submission                     |
 // +-----------------------------------------------------------------------+
@@ -54,58 +89,51 @@ $image_order_choice = 'default';
 
 if (isset($_POST['submit']))
 {
-  if (isset($_POST['rank_of_image']))
-  {
-    asort($_POST['rank_of_image'], SORT_NUMERIC);
+  asort($_POST['rank_of_image'], SORT_NUMERIC);
+  
+  save_images_order(
+    $page['category_id'],
+    array_keys($_POST['rank_of_image'])
+    );
 
-    save_images_order(
-      $page['category_id'],
-      array_keys($_POST['rank_of_image'])
-      );
+  array_push(
+    $page['infos'],
+    l10n('Images manual order was saved')
+    );
 
-    $page['infos'][] = l10n('Images manual order was saved');
-  }
-
-  if (!empty($_POST['image_order_choice'])
+  $image_order = null;
+  if (!empty($_POST['image_order_choice']) 
       && in_array($_POST['image_order_choice'], $image_order_choices))
   {
     $image_order_choice = $_POST['image_order_choice'];
   }
-
-  $image_order = null;
+      
   if ($image_order_choice=='user_define')
   {
-    for ($i=0; $i<3; $i++)
+    for ($i=1; $i<=3; $i++)
     {
-      if (!empty($_POST['image_order'][$i]))
+      if ( !empty($_POST['order_field_'.$i]) )
       {
-        if (!empty($image_order)) $image_order.= ',';
-        $image_order.= $_POST['image_order'][$i];
+        if (! empty($image_order) )
+        {
+          $image_order .= ',';
+        }
+        $image_order .= $_POST['order_field_'.$i];
+        if ($_POST['order_direction_'.$i]=='DESC')
+        {
+          $image_order .= ' DESC';
+        }
       }
     }
   }
   elseif ($image_order_choice=='rank')
   {
-    $image_order = 'rank ASC';
+    $image_order = 'rank';
   }
   $query = '
-UPDATE '.CATEGORIES_TABLE.' 
-  SET image_order = '.(isset($image_order) ? '\''.$image_order.'\'' : 'NULL').'
+UPDATE '.CATEGORIES_TABLE.' SET image_order=\''.$image_order.'\'
   WHERE id='.$page['category_id'];
   pwg_query($query);
-
-  if (isset($_POST['image_order_subcats']))
-  {
-    $cat_info = get_cat_info($page['category_id']);
-
-    $query = '
-UPDATE '.CATEGORIES_TABLE.'
-  SET image_order = '.(isset($image_order) ? '\''.$image_order.'\'' : 'NULL').'
-  WHERE uppercats LIKE \''.$cat_info['uppercats'].',%\'';
-    pwg_query($query);
-  }
-
-  $page['infos'][] = l10n('Your configuration settings are saved');
 }
 
 // +-----------------------------------------------------------------------+
@@ -124,11 +152,11 @@ SELECT *
 ;';
 $category = pwg_db_fetch_assoc(pwg_query($query));
 
-if ($category['image_order']=='rank ASC')
+if ($category['image_order']=='rank')
 {
   $image_order_choice = 'rank';
 }
-elseif ($category['image_order']!='')
+elseif ($category['image_order']!='') 
 {
   $image_order_choice = 'user_define';
 }
@@ -136,7 +164,7 @@ elseif ($category['image_order']!='')
 // Navigation path
 $navigation = get_cat_display_name_cache(
   $category['uppercats'],
-  get_root_url().'admin.php?page=album-'
+  get_root_url().'admin.php?page=cat_modify&amp;cat_id='
   );
 
 $template->assign(
@@ -153,11 +181,8 @@ $template->assign(
 $query = '
 SELECT
     id,
-    file,
     path,
-    representative_ext,
-    width, height, rotation,
-    name,
+    tn_ext,
     rank
   FROM '.IMAGES_TABLE.'
     JOIN '.IMAGE_CATEGORY_TABLE.' ON image_id = id
@@ -165,71 +190,79 @@ SELECT
   ORDER BY rank
 ;';
 $result = pwg_query($query);
-if (pwg_db_num_rows($result) > 0)
-{
-	// template thumbnail initialization
-	$current_rank = 1;
-  $derivativeParams = ImageStdParams::get_by_type(IMG_SQUARE);
-	while ($row = pwg_db_fetch_assoc($result))
-	{
-    $derivative = new DerivativeImage($derivativeParams, new SrcImage($row));
 
-		if ( !empty( $row['name'] ) )
-		{
-			$thumbnail_name = $row['name'];
-		}
-		else
-		{
-			$file_wo_ext = get_filename_wo_extension($row['file']);
-			$thumbnail_name = str_replace('_', ' ', $file_wo_ext);
-		}
-		$current_rank++;
-		$template->append(
-			'thumbnails',
-			array(
-				'ID' => $row['id'],
-				'NAME' => $thumbnail_name,
-				'TN_SRC' => $derivative->get_url(),
-				'RANK' => $current_rank * 10,
-				'SIZE' => $derivative->get_size(),
-				)
-			);
-	}
+// template thumbnail initialization
+$current_rank = 1;
+
+while ($row = pwg_db_fetch_assoc($result))
+{
+  $src = get_thumbnail_url($row);
+
+  list($thumbnail_width, $thumbnail_height) = getimagesize($src);
+  $thumbnail_x_center = $thumbnail_width/2;
+  $thumbnail_y_center = $thumbnail_height/2;
+  
+  $template->append(
+    'thumbnails',
+    array(
+      'ID' => $row['id'],
+      'TN_SRC' => $src,
+      'RANK' => $current_rank * 10,
+      'CLIP_TOP' => round($thumbnail_y_center - 96/2),
+      'CLIP_RIGHT' => round($thumbnail_x_center + 96/2),
+      'CLIP_BOTTOM' => round($thumbnail_y_center + 96/2),
+      'CLIP_LEFT' => round($thumbnail_x_center - 96/2)
+      )
+    );
+
+  $current_rank++;
 }
+
 // image order management
 $sort_fields = array(
-  ''                    => '',
-  'file ASC'            => l10n('File name, A &rarr; Z'),
-  'file DESC'           => l10n('File name, Z &rarr; A'),
-  'name ASC'            => l10n('Photo title, A &rarr; Z'),
-  'name DESC'           => l10n('Photo title, Z &rarr; A'),
-  'date_creation DESC'  => l10n('Date created, new &rarr; old'),
-  'date_creation ASC'   => l10n('Date created, old &rarr; new'),
-  'date_available DESC' => l10n('Date posted, new &rarr; old'),
-  'date_available ASC'  => l10n('Date posted, old &rarr; new'),
-  'rating_score DESC'   => l10n('Rating score, high &rarr; low'),
-  'rating_score ASC'    => l10n('Rating score, low &rarr; high'),
-  'hit DESC'            => l10n('Visits, high &rarr; low'),
-  'hit ASC'             => l10n('Visits, low &rarr; high'),
-  'id ASC'              => l10n('Numeric identifier, 1 &rarr; 9'),
-  'id DESC'             => l10n('Numeric identifier, 9 &rarr; 1'),
-  'rank ASC'            => l10n('Manual sort order'),
+  '' => '',
+  'date_creation' => l10n('Creation date'),
+  'date_available' => l10n('Post date'),
+  'average_rate' => l10n('Average rate'),
+  'hit' => l10n('Most visited'),
+  'file' => l10n('File name'),
+  'id' => 'Id',
+  'rank' => l10n('Rank'),
   );
 
-$template->assign('image_order_options', $sort_fields);
+$sort_directions = array(
+  'ASC' => l10n('ascending'),
+  'DESC' => l10n('descending'),
+  );
 
-$image_order = explode(',', $category['image_order']);
+$template->assign('image_order_field_options', $sort_fields);
+$template->assign('image_order_direction_options', $sort_directions);
+
+$matches = array();
+if ( !empty( $category['image_order'] ) )
+{
+  preg_match_all('/([a-z_]+) *(?:(asc|desc)(?:ending)?)? *(?:, *|$)/i',
+    $category['image_order'], $matches);
+}
 
 for ($i=0; $i<3; $i++) // 3 fields
 {
-  if ( isset($image_order[$i]) )
+  $tpl_image_order_select = array(
+      'ID' => $i+1,
+      'FIELD' => array(''),
+      'DIRECTION' => array('ASC'),
+    );
+
+  if ( isset($matches[1][$i]) )
   {
-    $template->append('image_order', $image_order[$i]);
+    $tpl_image_order_select['FIELD'] = array($matches[1][$i]);
   }
-  else
+
+  if (isset($matches[2][$i]) and strcasecmp($matches[2][$i],'DESC')==0)
   {
-    $template->append('image_order', '');
+    $tpl_image_order_select['DIRECTION'] = array('DESC');
   }
+  $template->append( 'image_orders', $tpl_image_order_select);
 }
 
 $template->assign('image_order_choice', $image_order_choice);

admin/element_set_unit.php

@@ -0,0 +1,286 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | Piwigo - a PHP based picture gallery                                  |
+// +-----------------------------------------------------------------------+
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
+// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+/**
+ * Management of elements set. Elements can belong to a category or to the
+ * user caddie.
+ *
+ */
+
+if (!defined('PHPWG_ROOT_PATH'))
+{
+  die('Hacking attempt!');
+}
+
+include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
+
+// +-----------------------------------------------------------------------+
+// | Check Access and exit when user status is not ok                      |
+// +-----------------------------------------------------------------------+
+check_status(ACCESS_ADMINISTRATOR);
+
+trigger_action('loc_begin_element_set_unit');
+
+// +-----------------------------------------------------------------------+
+// |                        unit mode form submission                      |
+// +-----------------------------------------------------------------------+
+
+if (isset($_POST['submit']))
+{
+  $collection = explode(',', $_POST['element_ids']);
+
+  $datas = array();
+
+  $query = '
+SELECT id, date_creation
+  FROM '.IMAGES_TABLE.'
+  WHERE id IN ('.implode(',', $collection).')
+;';
+  $result = pwg_query($query);
+
+  while ($row = pwg_db_fetch_assoc($result))
+  {
+    $data = array();
+
+    $data['id'] = $row['id'];
+    $data['name'] = $_POST['name-'.$row['id']];
+    $data['author'] = $_POST['author-'.$row['id']];
+    $data['level'] = $_POST['level-'.$row['id']];
+
+    foreach (array('name', 'level') as $field)
+    {
+      if (!empty($_POST[$field.'-'.$row['id']]))
+      {
+        $data[$field] = strip_tags($_POST[$field.'-'.$row['id']]);
+      }
+    }
+
+    if ($conf['allow_html_descriptions'])
+    {
+      $data['comment'] = @$_POST['description-'.$row['id']];
+    }
+    else
+    {
+      $data['comment'] = strip_tags(@$_POST['description-'.$row['id']]);
+    }
+
+    if (isset($_POST['date_creation_action-'.$row['id']]))
+    {
+      if ('set' == $_POST['date_creation_action-'.$row['id']])
+      {
+        $data['date_creation'] =
+          $_POST['date_creation_year-'.$row['id']]
+            .'-'.$_POST['date_creation_month-'.$row['id']]
+            .'-'.$_POST['date_creation_day-'.$row['id']];
+      }
+      else if ('unset' == $_POST['date_creation_action-'.$row['id']])
+      {
+        $data['date_creation'] = '';
+      }
+    }
+    else
+    {
+      $data['date_creation'] = $row['date_creation'];
+    }
+
+    array_push($datas, $data);
+
+    // tags management
+    if (isset($_POST[ 'tags-'.$row['id'] ]))
+    {
+      $tag_ids = get_fckb_tag_ids($_POST[ 'tags-'.$row['id'] ]);
+      set_tags($tag_ids, $row['id']);
+    }
+  }
+
+  mass_updates(
+    IMAGES_TABLE,
+    array(
+      'primary' => array('id'),
+      'update' => array('name','author','level','comment','date_creation')
+      ),
+    $datas
+    );
+
+  array_push($page['infos'], l10n('Picture informations updated'));
+}
+
+// +-----------------------------------------------------------------------+
+// |                             template init                             |
+// +-----------------------------------------------------------------------+
+
+$template->set_filenames(
+  array('element_set_unit' => 'element_set_unit.tpl'));
+
+$base_url = PHPWG_ROOT_PATH.'admin.php';
+
+$month_list = $lang['month'];
+$month_list[0]='------------';
+ksort($month_list);
+
+$template->assign(
+  array(
+    'CATEGORIES_NAV'=>$page['title'],
+    'U_ELEMENTS_PAGE'
+    =>$base_url.get_query_string_diff(array('display','start')),
+    'U_GLOBAL_MODE'
+    =>
+    $base_url
+    .get_query_string_diff(array('mode','display'))
+    .'&amp;mode=global',
+    'F_ACTION'=>$base_url.get_query_string_diff(array()),    
+    'month_list' => $month_list,
+    'level_options' => get_privacy_level_options(),
+    )
+  );
+
+// +-----------------------------------------------------------------------+
+// |                        global mode thumbnails                         |
+// +-----------------------------------------------------------------------+
+
+// how many items to display on this page
+if (!empty($_GET['display']))
+{
+  if ('all' == $_GET['display'])
+  {
+    $page['nb_images'] = count($page['cat_elements_id']);
+  }
+  else
+  {
+    $page['nb_images'] = intval($_GET['display']);
+  }
+}
+else
+{
+  $page['nb_images'] = 5;
+}
+
+
+
+if (count($page['cat_elements_id']) > 0)
+{
+  $nav_bar = create_navigation_bar(
+    $base_url.get_query_string_diff(array('start')),
+    count($page['cat_elements_id']),
+    $page['start'],
+    $page['nb_images']
+    );
+  $template->assign(array('navbar' => $nav_bar));
+
+  // tags
+  $all_tags = get_all_tags();
+
+  $element_ids = array();
+
+  $query = '
+SELECT id,path,tn_ext,name,date_creation,comment,author,level,file
+  FROM '.IMAGES_TABLE;
+
+  if (is_numeric($_GET['cat']))
+  {
+    $category_info = get_cat_info($_GET['cat']);
+    
+    $conf['order_by'] = $conf['order_by_inside_category'];
+    if (!empty($category_info['image_order']))
+    {
+      $conf['order_by'] = ' ORDER BY '.$category_info['image_order'];
+    }
+
+    $query.= '
+    JOIN '.IMAGE_CATEGORY_TABLE.' ON id = image_id';
+  }
+
+  $query.= '
+  WHERE id IN ('.implode(',', $page['cat_elements_id']).')';
+
+  if (is_numeric($_GET['cat']))
+  {
+    $query.= '
+    AND category_id = '.$_GET['cat'];
+  }
+
+  $query.= '
+  '.$conf['order_by'].'
+  LIMIT '.$page['nb_images'].' OFFSET '.$page['start'].'
+;';
+  $result = pwg_query($query);
+
+  while ($row = pwg_db_fetch_assoc($result))
+  {
+    array_push($element_ids, $row['id']);
+
+    $src = get_thumbnail_url($row);
+
+    // creation date
+    if (!empty($row['date_creation']))
+    {
+      list($year,$month,$day) = explode('-', $row['date_creation']);
+    }
+    else
+    {
+      list($year,$month,$day) = array('',0,0);
+    }
+
+    $query = '
+SELECT
+    tag_id,
+    name AS tag_name
+  FROM '.IMAGE_TAG_TABLE.' AS it
+    JOIN '.TAGS_TABLE.' AS t ON t.id = it.tag_id
+  WHERE image_id = '.$row['id'].'
+;';
+    $tag_selection = get_fckb_taglist($query);
+
+    $template->append(
+      'elements',
+      array(
+        'ID' => $row['id'],
+        'TN_SRC' => $src,
+        'LEGEND' => !empty($row['name']) ?
+            $row['name'] : get_name_from_file($row['file']),
+        'U_EDIT' =>
+            PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
+            '&amp;image_id='.$row['id'],
+        'NAME' => !empty($row['name'])?$row['name']:'',
+        'AUTHOR' => !empty($row['author'])?htmlspecialchars($row['author']):'',
+        'LEVEL' => !empty($row['level'])?$row['level']:'0',
+        'DESCRIPTION' => !empty($row['comment'])?$row['comment']:'',
+        'DATE_CREATION_YEAR' => $year,
+        'DATE_CREATION_MONTH' => (int)$month,
+        'DATE_CREATION_DAY' => (int)$day,
+        'TAGS' => $tag_selection,
+        )
+      );
+  }
+
+  $template->assign('ELEMENT_IDS', implode(',', $element_ids));
+}
+
+trigger_action('loc_end_element_set_unit');
+
+// +-----------------------------------------------------------------------+
+// |                           sending html code                           |
+// +-----------------------------------------------------------------------+
+
+$template->assign_var_from_handle('ADMIN_CONTENT', 'element_set_unit');
+?>

admin/extend_for_templates.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -77,8 +77,6 @@ $relevant_parameters = array_merge($relevant_parameters, $permalinks);
 $eligible_templates = array(
     '----------'                 => 'N/A',
     'about.tpl'                  => 'about',
-    'comments.tpl'               => 'comments',
-    'comment_list.tpl'           => 'comment_list',
     'footer.tpl'                 => 'tail',
     'header.tpl'                 => 'header',
     'identification.tpl'         => 'identification',
@@ -91,11 +89,9 @@ $eligible_templates = array(
     'menubar_menu.tpl'           => 'mbMenu',
     'menubar_specials.tpl'       => 'mbSpecials',
     'menubar_tags.tpl'           => 'mbTags',
-	'month_calendar.tpl'         => 'month_calendar',
     'navigation_bar.tpl'         => 'navbar',
     'nbm.tpl'                    => 'nbm',
     'notification.tpl'           => 'notification',
-	'password.tpl'               => 'password',   
     'picture.tpl'                => 'picture',
     'picture_content.tpl'        => 'default_content',
     'picture_nav_buttons.tpl'    => 'picture_nav_buttons',
@@ -109,7 +105,7 @@ $eligible_templates = array(
     'slideshow.tpl'              => 'slideshow',
     'tags.tpl'                   => 'tags',
     'thumbnails.tpl'             => 'index_thumbnails',
-);
+    'upload.tpl'                 => 'upload',);
 
 $flip_templates = array_flip($eligible_templates);
 
@@ -121,7 +117,7 @@ $available_templates = array_merge(
 // |                            selected templates                         |
 // +-----------------------------------------------------------------------+
 
-if (isset($_POST['submit']))
+if (isset($_POST['submit']) and !is_adviser())
 {
   $replacements = array();
   $i = 0;
@@ -149,7 +145,8 @@ UPDATE '.CONFIG_TABLE.'
 WHERE param = \'extents_for_templates\';';
   if (pwg_query($query))
   {
-    $page['infos'][] = l10n('Templates configuration has been recorded.');
+    array_push($page['infos'], 
+      l10n('Templates configuration has been recorded.'));
   }
 }
 

admin/group_list.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -28,19 +28,6 @@ if( !defined("PHPWG_ROOT_PATH") )
 
 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
 
-// +-----------------------------------------------------------------------+
-// | tabs                                                                  |
-// +-----------------------------------------------------------------------+
-
-include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
-
-$my_base_url = get_root_url().'admin.php?page=';
-
-$tabsheet = new tabsheet();
-$tabsheet->set_id('groups');
-$tabsheet->select('group_list');
-$tabsheet->assign();
-
 // +-----------------------------------------------------------------------+
 // | Check Access and exit when user status is not ok                      |
 // +-----------------------------------------------------------------------+
@@ -50,15 +37,59 @@ if (!empty($_POST) or isset($_GET['delete']) or isset($_GET['toggle_is_default']
 {
   check_pwg_token();
 }
+
+// +-----------------------------------------------------------------------+
+// |                             delete a group                            |
+// +-----------------------------------------------------------------------+
+
+if (isset($_GET['delete']) and is_numeric($_GET['delete']) and !is_adviser())
+{
+  // destruction of the access linked to the group
+  $query = '
+DELETE
+  FROM '.GROUP_ACCESS_TABLE.'
+  WHERE group_id = '.$_GET['delete'].'
+;';
+  pwg_query($query);
+  
+  // destruction of the users links for this group
+  $query = '
+DELETE
+  FROM '.USER_GROUP_TABLE.'
+  WHERE group_id = '.$_GET['delete'].'
+;';
+  pwg_query($query);
+
+  $query = '
+SELECT name
+  FROM '.GROUPS_TABLE.'
+  WHERE id = '.$_GET['delete'].'
+;';
+  list($groupname) = pwg_db_fetch_row(pwg_query($query));
+  
+  // destruction of the group
+  $query = '
+DELETE
+  FROM '.GROUPS_TABLE.'
+  WHERE id = '.$_GET['delete'].'
+;';
+  pwg_query($query);
+
+  array_push(
+    $page['infos'],
+    sprintf(l10n('group "%s" deleted'), $groupname)
+    );
+}
+
 // +-----------------------------------------------------------------------+
 // |                              add a group                              |
 // +-----------------------------------------------------------------------+
 
-if (isset($_POST['submit_add']))
+if (isset($_POST['submit_add']) and !is_adviser())
 {
   if (empty($_POST['groupname']))
   {
-    $page['errors'][] = l10n('The name of a group must not contain " or \' or be empty.');
+    array_push($page['errors'], l10n('The name of a group must not contain " or \' or be empty.'));
   }
   if (count($page['errors']) == 0)
   {
@@ -71,7 +102,7 @@ SELECT COUNT(*)
     list($count) = pwg_db_fetch_row(pwg_query($query));
     if ($count != 0)
     {
-      $page['errors'][] = l10n('This name is already used by another group.');
+      array_push($page['errors'], l10n('This name is already used by another group.'));
     }
   }
   if (count($page['errors']) == 0)
@@ -85,282 +116,40 @@ INSERT INTO '.GROUPS_TABLE.'
 ;';
     pwg_query($query);
 
-    $page['infos'][] = l10n('group "%s" added', $_POST['groupname']);
+    array_push(
+      $page['infos'],
+      sprintf(l10n('group "%s" added'), $_POST['groupname'])
+      );
   }
 }
 
 // +-----------------------------------------------------------------------+
-// |                             action send                               |
+// | toggle is default group property                                      |
 // +-----------------------------------------------------------------------+
-if (isset($_POST['submit']) and isset($_POST['selectAction']) and isset($_POST['group_selection']))
+
+if (isset($_GET['toggle_is_default']) and is_numeric($_GET['toggle_is_default']) and !is_adviser())
 {
-  // if the user tries to apply an action, it means that there is at least 1
-  // photo in the selection
-  $groups = $_POST['group_selection'];
-  if (count($groups) == 0)
-  {
-    $page['errors'][] = l10n('Select at least one group');
-  }
-
-  $action = $_POST['selectAction'];
-
-  // +
-  // |rename a group
-  // +
-
-  if ($action=="rename")
-  {
-    // is the group not already existing ?
-    $query = '
-SELECT name
+  $query = '
+SELECT name, is_default
   FROM '.GROUPS_TABLE.'
+  WHERE id = '.$_GET['toggle_is_default'].'
 ;';
-    $group_names = array_from_query($query, 'name');
-    foreach($groups as $group)
-    {
-      if (  in_array($_POST['rename_'.$group.''], $group_names))
-      {
-        $page['errors'][] = $_POST['rename_'.$group.''].' | '.l10n('This name is already used by another group.');
-      }
-      elseif ( !empty($_POST['rename_'.$group.'']))
-      {
-        $query = '
-        UPDATE '.GROUPS_TABLE.'
-        SET name = \''.pwg_db_real_escape_string($_POST['rename_'.$group.'']).'\'
-        WHERE id = '.$group.'
-      ;';
-        pwg_query($query);
-      }
-    }
-  }
-
-  // +
-  // |delete a group
-  // +
-
-  if ($action=="delete" and isset($_POST['confirm_deletion']) and $_POST['confirm_deletion'])
-  {
-    foreach($groups as $group)
-    {
-        // destruction of the access linked to the group
-      $query = '
-    DELETE
-      FROM '.GROUP_ACCESS_TABLE.'
-      WHERE group_id = '.$group.'
-    ;';
-      pwg_query($query);
-      
-      // destruction of the users links for this group
-      $query = '
-    DELETE
-      FROM '.USER_GROUP_TABLE.'
-      WHERE group_id = '.$group.'
-    ;';
-      pwg_query($query);
-    
-      $query = '
-    SELECT name
-      FROM '.GROUPS_TABLE.'
-      WHERE id = '.$group.'
-    ;';
-      list($groupname) = pwg_db_fetch_row(pwg_query($query));
-      
-      // destruction of the group
-      $query = '
-    DELETE
-      FROM '.GROUPS_TABLE.'
-      WHERE id = '.$group.'
-    ;';
-      pwg_query($query);
-    
-      $page['infos'][] = l10n('group "%s" deleted', $groupname);
-    }
-  }
-
-  // +
-  // |merge groups into a new one
-  // +
-
-  if ($action=="merge" and count($groups) > 1)
-  {
-    // is the group not already existing ?
-    $query = '
-SELECT COUNT(*)
-  FROM '.GROUPS_TABLE.'
-  WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
+  list($groupname, $is_default) = pwg_db_fetch_row(pwg_query($query));
+  
+  // update of the group
+  $query = '
+UPDATE '.GROUPS_TABLE.'
+  SET is_default = \''.boolean_to_string(!get_boolean($is_default)).'\'
+  WHERE id = '.$_GET['toggle_is_default'].'
 ;';
-    list($count) = pwg_db_fetch_row(pwg_query($query));
-    if ($count != 0)
-    {
-      $page['errors'][] = l10n('This name is already used by another group.');
-    }
-    else
-    {
-      // creating the group
-      $query = '
-  INSERT INTO '.GROUPS_TABLE.'
-    (name)
-    VALUES
-    (\''.pwg_db_real_escape_string($_POST['merge']).'\')
-  ;';
-      pwg_query($query);
-      $query = '
-      SELECT id
-        FROM '.GROUPS_TABLE.'
-        WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
-      ;';
-      list($groupid) = pwg_db_fetch_row(pwg_query($query));
-    }
-    $grp_access = array();
-    $usr_grp = array();
-    foreach($groups as $group)
-    {
-      $query = '
-    SELECT *
-      FROM '.GROUP_ACCESS_TABLE.'
-      WHERE group_id = '.$group.'
-    ;';
-      $res=pwg_query($query);
-      while ($row = pwg_db_fetch_assoc($res))
-      {
-        $new_grp_access= array(
-          'cat_id' => $row['cat_id'],
-          'group_id' => $groupid
-        );
-        if (!in_array($new_grp_access,$grp_access))
-        {
-          $grp_access[]=$new_grp_access;
-        }
-      }
+  pwg_query($query);
 
-      $query = '
-    SELECT *
-      FROM '.USER_GROUP_TABLE.'
-      WHERE group_id = '.$group.'
-    ;';
-      $res=pwg_query($query);
-      while ($row = pwg_db_fetch_assoc($res))
-      {
-        $new_usr_grp= array(
-          'user_id' => $row['user_id'],
-          'group_id' => $groupid
-        );
-        if (!in_array($new_usr_grp,$usr_grp))
-        {
-          $usr_grp[]=$new_usr_grp;
-        }
-      }
-    }
-    mass_inserts(USER_GROUP_TABLE, array('user_id','group_id'), $usr_grp);
-    mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $grp_access);
-    
-    $page['infos'][] = l10n('group "%s" added', $_POST['merge']);
-  }
-  
-  // +
-  // |duplicate a group
-  // +
-
-  if ($action=="duplicate" )
-  {
-    foreach($groups as $group)
-    {
-      if ( empty($_POST['duplicate_'.$group.'']) )
-      {
-        break;
-      }
-      // is the group not already existing ?
-      $query = '
-  SELECT COUNT(*)
-    FROM '.GROUPS_TABLE.'
-    WHERE name = \''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\'
-  ;';
-      list($count) = pwg_db_fetch_row(pwg_query($query));
-      if ($count != 0)
-      {
-        $page['errors'][] = l10n('This name is already used by another group.');
-        break;
-      }
-      // creating the group
-      $query = '
-  INSERT INTO '.GROUPS_TABLE.'
-    (name)
-    VALUES
-    (\''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\')
-  ;';
-      pwg_query($query);
-      $query = '
-      SELECT id
-        FROM '.GROUPS_TABLE.'
-        WHERE name = \''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\'
-      ;';
-      
-      list($groupid) = pwg_db_fetch_row(pwg_query($query));
-      $query = '
-    SELECT *
-      FROM '.GROUP_ACCESS_TABLE.'
-      WHERE group_id = '.$group.'
-    ;';
-      $grp_access = array();
-      $res=pwg_query($query);
-      while ($row = pwg_db_fetch_assoc($res))
-      {
-          $grp_access[] = array(
-            'cat_id' => $row['cat_id'],
-            'group_id' => $groupid
-          );
-      }
-      mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $grp_access);
-
-      $query = '
-    SELECT *
-      FROM '.USER_GROUP_TABLE.'
-      WHERE group_id = '.$group.'
-    ;';
-      $usr_grp = array();
-      $res=pwg_query($query);
-      while ($row = pwg_db_fetch_assoc($res))
-      {
-          $usr_grp[] = array(
-            'user_id' => $row['user_id'],
-            'group_id' => $groupid
-          );
-      }
-      mass_inserts(USER_GROUP_TABLE, array('user_id','group_id'), $usr_grp);
-  
-      $page['infos'][] = l10n('group "%s" added', $_POST['duplicate_'.$group.'']);
-    }
-  }
-
-
-  // +
-  // | toggle_default
-  // +
-  
-  if ($action=="toggle_default")
-  {
-    foreach($groups as $group)
-    {
-      $query = '
-    SELECT name, is_default
-      FROM '.GROUPS_TABLE.'
-      WHERE id = '.$group.'
-    ;';
-      list($groupname, $is_default) = pwg_db_fetch_row(pwg_query($query));
-      
-      // update of the group
-      $query = '
-    UPDATE '.GROUPS_TABLE.'
-      SET is_default = \''.boolean_to_string(!get_boolean($is_default)).'\'
-      WHERE id = '.$group.'
-    ;';
-      pwg_query($query);
-    
-      $page['infos'][] = l10n('group "%s" updated', $groupname);
-    }
-  }
-  invalidate_user_cache();
+  array_push(
+    $page['infos'],
+    sprintf(l10n('group "%s" updated'), $groupname)
+    );
 }
+
 // +-----------------------------------------------------------------------+
 // |                             template init                             |
 // +-----------------------------------------------------------------------+
@@ -389,32 +178,25 @@ $result = pwg_query($query);
 $admin_url = get_root_url().'admin.php?page=';
 $perm_url    = $admin_url.'group_perm&amp;group_id=';
 $del_url     = $admin_url.'group_list&amp;delete=';
+$members_url = $admin_url.'user_list&amp;group=';
 $toggle_is_default_url     = $admin_url.'group_list&amp;toggle_is_default=';
 
 while ($row = pwg_db_fetch_assoc($result))
 {
   $query = '
-SELECT u.'. $conf['user_fields']['username'].' AS username
-  FROM '.USERS_TABLE.' AS u
-  INNER JOIN '.USER_GROUP_TABLE.' AS ug
-    ON u.'.$conf['user_fields']['id'].' = ug.user_id
-  WHERE ug.group_id = '.$row['id'].'
+SELECT COUNT(*)
+  FROM '.USER_GROUP_TABLE.'
+  WHERE group_id = '.$row['id'].'
 ;';
-  $members=array();
-  $res=pwg_query($query);
-  while ($us= pwg_db_fetch_assoc($res))
-  {
-    $members[]=$us['username'];
-  }
+  list($counter) = pwg_db_fetch_row(pwg_query($query));
+  
   $template->append(
     'groups',
     array(
       'NAME' => $row['name'],
-      'ID' => $row['id'],
       'IS_DEFAULT' => (get_boolean($row['is_default']) ? ' ['.l10n('default').']' : ''),
-      'NB_MEMBERS' => count($members),
-      'L_MEMBERS' => implode(' <span class="userSeparator">&middot;</span> ', $members),
-      'MEMBERS' => l10n_dec('%d member', '%d members', count($members)),
+      'MEMBERS' => l10n_dec('%d member', '%d members', $counter),
+      'U_MEMBERS' => $members_url.$row['id'],
       'U_DELETE' => $del_url.$row['id'].'&amp;pwg_token='.get_pwg_token(),
       'U_PERM' => $perm_url.$row['id'],
       'U_ISDEFAULT' => $toggle_is_default_url.$row['id'].'&amp;pwg_token='.get_pwg_token(),
@@ -428,4 +210,4 @@ SELECT u.'. $conf['user_fields']['username'].' AS username
 
 $template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
 
-?>
+?>

admin/group_perm.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -81,7 +81,7 @@ SELECT id
   $result = pwg_query($query);
   while ($row = pwg_db_fetch_assoc($result))
   {
-    $private_uppercats[] = $row['id'];
+    array_push($private_uppercats, $row['id']);
   }
 
   // retrying to authorize a category which is already authorized may cause
@@ -98,21 +98,23 @@ SELECT cat_id
 
   while ($row = pwg_db_fetch_assoc($result))
   {
-    $authorized_ids[] = $row['cat_id'];
+    array_push($authorized_ids, $row['cat_id']);
   }
 
   $inserts = array();
   $to_autorize_ids = array_diff($private_uppercats, $authorized_ids);
   foreach ($to_autorize_ids as $to_autorize_id)
   {
-    $inserts[] = array(
-      'group_id' => $page['group'],
-      'cat_id' => $to_autorize_id
+    array_push(
+      $inserts,
+      array(
+        'group_id' => $page['group'],
+        'cat_id' => $to_autorize_id
+        )
       );
   }
 
   mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
-  invalidate_user_cache();
 }
 
 // +-----------------------------------------------------------------------+
@@ -129,9 +131,10 @@ $template->set_filenames(
 $template->assign(
   array(
     'TITLE' =>
-      l10n(
-        'Manage permissions for group "%s"',
-        get_groupname($page['group'])
+      sprintf(
+        l10n('Manage permissions for group "%s"'),
+        get_groupname($page['group']
+          )
         ),
     'L_CAT_OPTIONS_TRUE'=>l10n('Authorized'),
     'L_CAT_OPTIONS_FALSE'=>l10n('Forbidden'),
@@ -156,7 +159,7 @@ $result = pwg_query($query_true);
 $authorized_ids = array();
 while ($row = pwg_db_fetch_assoc($result))
 {
-  $authorized_ids[] = $row['id'];
+  array_push($authorized_ids, $row['id']);
 }
 
 $query_false = '

admin/help.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -29,35 +29,72 @@ include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
 // +-----------------------------------------------------------------------+
 check_status(ACCESS_ADMINISTRATOR);
 
-$help_link = get_root_url().'admin.php?page=help&section=';
+$link = get_root_url().'admin.php?page=help&section=';
 $selected = null;
+$help_section_title = null;
+
+$tabs = array();
+$tabs[] = array(
+  'code' => 'add_photos',
+  'label' => l10n('Add Photos'),
+  );
+$tabs[] = array(
+  'code' => 'permissions',
+  'label' => l10n('Permissions'),
+  );
+$tabs[] = array(
+  'code' => 'groups',
+  'label' => l10n('Groups'),
+  );
+if ($conf['enable_synchronization'])
+{
+  $tabs[] = array(
+    'code' => 'user_upload',
+    'label' => l10n('User Upload'),
+    );
+}
+$tabs[] = array(
+  'code' => 'virtual_links',
+  'label' => l10n('Virtual Links'),
+  );
+$tabs[] = array(
+  'code' => 'misc',
+  'label' => l10n('Miscellaneous'),
+  );
 
 if (!isset($_GET['section']))
 {
-  $selected = 'add_photos';
+  $section = $tabs[0]['code'];
 }
 else
 {
-  $selected = $_GET['section'];
+  $section = $_GET['section'];
 }
 
 $tabsheet = new tabsheet();
-$tabsheet->set_id('help');
-$tabsheet->select($selected);
+foreach ($tabs as $tab)
+{
+  if ($tab['code'] == $section)
+  {
+    $selected_tab = $tab['code'];
+    $help_section_title = $tab['label'];
+  }
+  
+  $tabsheet->add($tab['code'], $tab['label'], $link.$tab['code']);
+}
+$tabsheet->select($selected_tab);
 $tabsheet->assign();
 
-trigger_notify('loc_end_help');
-
 $template->set_filenames(array('help' => 'help.tpl'));
 
 $template->assign(
   array(
     'HELP_CONTENT' => load_language(
-      'help/help_'.$tabsheet->selected.'.html',
+      'help/help_'.$selected_tab.'.html',
       '',
       array('return'=>true)
       ),
-    'HELP_SECTION_TITLE' => $tabsheet->sheets[ $tabsheet->selected ]['caption'],
+    'HELP_SECTION_TITLE' => $help_section_title,
     )
   );
 

admin/history.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -50,7 +50,7 @@ else
   $page['start'] = 0;
 }
 
-$types = array_merge(array('none'), get_enums(HISTORY_TABLE, 'image_type'));
+$types = array('none', 'picture', 'high', 'other');
 
 $display_thumbnails = array('no_display_thumbnail' => l10n('No display'),
                             'display_thumbnail_classic' => l10n('Classic display'),
@@ -73,16 +73,24 @@ $search = array();
 if (isset($_POST['submit']))
 {
   // dates
-  if (!empty($_POST['start']))
+  if (!empty($_POST['start_year']))
   {
-    check_input_parameter('start', $_POST, false, '/^\d{4}-\d{2}-\d{2}$/');
-    $search['fields']['date-after'] = $_POST['start'];
+    $search['fields']['date-after'] = sprintf(
+      '%d-%02d-%02d',
+      $_POST['start_year'],
+      $_POST['start_month'],
+      $_POST['start_day']
+      );
   }
 
-  if (!empty($_POST['end']))
+  if (!empty($_POST['end_year']))
   {
-    check_input_parameter('end', $_POST, false, '/^\d{4}-\d{2}-\d{2}$/');
-    $search['fields']['date-before'] = $_POST['end'];
+    $search['fields']['date-before'] = sprintf(
+      '%d-%02d-%02d',
+      $_POST['end_year'],
+      $_POST['end_month'],
+      $_POST['end_day']
+      );
   }
 
   if (empty($_POST['types']))
@@ -91,11 +99,10 @@ if (isset($_POST['submit']))
   }
   else
   {
-    check_input_parameter('types', $_POST, true, '/^('.implode('|', $types).')$/');
     $search['fields']['types'] = $_POST['types'];
   }
 
-  $search['fields']['user'] = intval($_POST['user']);
+  $search['fields']['user'] = $_POST['user'];
 
   if (!empty($_POST['image_id']))
   {
@@ -111,17 +118,6 @@ if (isset($_POST['submit']))
       );
   }
 
-  if (!empty($_POST['ip']))
-  {
-    $search['fields']['ip'] = str_replace(
-      '*',
-      '%',
-      pwg_db_real_escape_string($_POST['ip'])
-      );
-  }
-
-  check_input_parameter('display_thumbnail', $_POST, false, '/^('.implode('|', array_keys($display_thumbnails)).')$/');
-  
   $search['fields']['display_thumbnail'] = $_POST['display_thumbnail'];
   // Display choise are also save to one cookie
   if (!empty($_POST['display_thumbnail'])
@@ -133,7 +129,7 @@ if (isset($_POST['submit']))
   {
     $cookie_val = null;
   }
-
+  
   pwg_set_cookie_var('display_thumbnail', $cookie_val, strtotime('+1 month') );
 
   // TODO manage inconsistency of having $_POST['image_id'] and
@@ -147,9 +143,8 @@ if (isset($_POST['submit']))
 INSERT INTO '.SEARCH_TABLE.'
   (rules)
   VALUES
-  (\''.pwg_db_real_escape_string(serialize($search)).'\')
+  (\''.serialize($search).'\')
 ;';
-
     pwg_query($query);
 
     $search_id = pwg_db_insert_id(SEARCH_TABLE);
@@ -160,7 +155,7 @@ INSERT INTO '.SEARCH_TABLE.'
   }
   else
   {
-    $page['errors'][] = l10n('Empty query. No criteria has been entered.');
+    array_push($page['errors'], l10n('Empty query. No criteria has been entered.'));
   }
 }
 
@@ -221,8 +216,7 @@ INSERT INTO '.SEARCH_TABLE.'
       );
   }
 
-  /*TODO - no need to get a huge number of rows from db (should take only what needed for display + SQL_CALC_FOUND_ROWS*/
-  $data = trigger_change('get_history', array(), $page['search'], $types);
+  $data = trigger_event('get_history', array(), $page['search'], $types);
   usort($data, 'history_compare');
 
   $page['nb_lines'] = count($data);
@@ -232,7 +226,7 @@ INSERT INTO '.SEARCH_TABLE.'
   $username_of = array();
   $category_ids = array();
   $image_ids = array();
-  $has_tags = false;
+  $tag_ids = array();
 
   foreach ($data as $row)
   {
@@ -250,10 +244,16 @@ INSERT INTO '.SEARCH_TABLE.'
 
     if (isset($row['tag_ids']))
     {
-      $has_tags = true;
+      foreach (explode(',', $row['tag_ids']) as $tag_id)
+      {
+        array_push($tag_ids, $tag_id);
+      }
     }
 
-    $history_lines[] = $row;
+    array_push(
+      $history_lines,
+      $row
+      );
   }
 
   // prepare reference data (users, tags, categories...)
@@ -281,7 +281,7 @@ SELECT id, uppercats
   FROM '.CATEGORIES_TABLE.'
   WHERE id IN ('.implode(',', array_keys($category_ids)).')
 ;';
-    $uppercats_of = query2array($query, 'id', 'uppercats');
+    $uppercats_of = simple_hash_from_query($query, 'id', 'uppercats');
 
     $name_of_category = array();
 
@@ -300,29 +300,61 @@ SELECT
     id,
     IF(name IS NULL, file, name) AS label,
     filesize,
+    high_filesize,
     file,
     path,
-    representative_ext
+    tn_ext
   FROM '.IMAGES_TABLE.'
   WHERE id IN ('.implode(',', array_keys($image_ids)).')
 ;';
-    $image_infos = query2array($query, 'id');
+    // $label_of_image = simple_hash_from_query($query, 'id', 'label');
+    $label_of_image = array();
+    $filesize_of_image = array();
+    $high_filesize_of_image = array();
+    $file_of_image = array();
+    $path_of_image = array();
+    $tn_ext_of_image = array();
+
+    $result = pwg_query($query);
+    while ($row = pwg_db_fetch_assoc($result))
+    {
+      $label_of_image[ $row['id'] ] = $row['label'];
+
+      if (isset($row['filesize']))
+      {
+        $filesize_of_image[ $row['id'] ] = $row['filesize'];
+      }
+
+      if (isset($row['high_filesize']))
+      {
+        $high_filesize_of_image[ $row['id'] ] = $row['high_filesize'];
+      }
+
+      $file_of_image[ $row['id'] ] = $row['file'];
+      $path_of_image[ $row['id'] ] = $row['path'];
+      $tn_ext_of_image[ $row['id'] ] = $row['tn_ext'];
+    }
+
+    // echo '<pre>'; print_r($high_filesize_of_image); echo '</pre>';
   }
 
-  if ($has_tags > 0)
+  if (count($tag_ids) > 0)
   {
+    $tag_ids = array_unique($tag_ids);
+
     $query = '
 SELECT
     id,
-    name, url_name
-  FROM '.TAGS_TABLE;
-
-    global $name_of_tag; // used for preg_replace
+    name
+  FROM '.TAGS_TABLE.'
+  WHERE id IN ('.implode(', ', $tag_ids).')
+;';
     $name_of_tag = array();
+
     $result = pwg_query($query);
-    while ($row=pwg_db_fetch_assoc($result))
+    while ($row = pwg_db_fetch_assoc($result))
     {
-      $name_of_tag[ $row['id'] ] = '<a href="'.make_index_url( array('tags'=>array($row))).'">'.trigger_change("render_tag_name", $row['name'], $row).'</a>';
+      $name_of_tag[ $row['id'] ] = $row['name'];
     }
   }
 
@@ -335,9 +367,30 @@ SELECT
 
   foreach ($history_lines as $line)
   {
-    if (isset($line['image_type']) and $line['image_type'] == 'high')
+    // FIXME when we watch the representative of a non image element, it is
+    // the not the representative filesize that is counted (as it is
+    // unknown) but the non image element filesize. Proposed solution: add
+    // #images.representative_filesize and add 'representative' in the
+    // choices of #history.image_type.
+
+    if (isset($line['image_type']))
     {
-      $summary['total_filesize'] += @intval($image_infos[$line['image_id']]['filesize']);
+      if ($line['image_type'] == 'high')
+      {
+        if (isset($high_filesize_of_image[$line['image_id']]))
+        {
+          $summary['total_filesize']+=
+            $high_filesize_of_image[$line['image_id']];
+        }
+      }
+      else
+      {
+        if (isset($filesize_of_image[$line['image_id']]))
+        {
+          $summary['total_filesize']+=
+            $filesize_of_image[$line['image_id']];
+        }
+      }
     }
 
     if ($line['user_id'] == $conf['guest_id'])
@@ -375,9 +428,9 @@ SELECT
     $tags_string = '';
     if (isset($line['tag_ids']))
     {
-      $tags_string = preg_replace_callback(
-        '/(\d+)/',
-        create_function('$m', 'global $name_of_tag; return isset($name_of_tag[$m[1]]) ? $name_of_tag[$m[1]] : $m[1];'),
+      $tags_string = preg_replace(
+        '/(\d+)/e',
+        '$name_of_tag["$1"]',
         str_replace(
           ',',
           ', ',
@@ -395,13 +448,13 @@ SELECT
           )
         );
 
-      if (isset($image_infos[$line['image_id']]))
+      if (isset($file_of_image[$line['image_id']]))
       {
         $element = array(
           'id' => $line['image_id'],
-          'file' => $image_infos[$line['image_id']]['file'],
-          'path' => $image_infos[$line['image_id']]['path'],
-          'representative_ext' => $image_infos[$line['image_id']]['representative_ext'],
+          'file' => $file_of_image[$line['image_id']],
+          'path' => $path_of_image[$line['image_id']],
+          'tn_ext' => $tn_ext_of_image[$line['image_id']],
           );
         $thumbnail_display = $page['search']['fields']['display_thumbnail'];
       }
@@ -412,9 +465,9 @@ SELECT
 
       $image_title = '('.$line['image_id'].')';
 
-      if (isset($image_infos[$line['image_id']]['label']))
+      if (isset($label_of_image[$line['image_id']]))
       {
-        $image_title.= ' '.trigger_change('render_element_description', $image_infos[$line['image_id']]['label']);
+        $image_title.= ' '.$label_of_image[$line['image_id']];
       }
       else
       {
@@ -434,7 +487,7 @@ SELECT
         {
           $image_string =
             '<a class="thumbnail" href="'.$picture_url.'">'
-            .'<span><img src="'.DerivativeImage::thumb_url($element)
+            .'<span><img src="'.get_thumbnail_url($element)
             .'" alt="'.$image_title.'" title="'.$image_title.'">'
             .'</span></a>';
           break;
@@ -443,7 +496,7 @@ SELECT
         {
           $image_string =
             '<a class="over" href="'.$picture_url.'">'
-            .'<span><img src="'.DerivativeImage::thumb_url($element)
+            .'<span><img src="'.get_thumbnail_url($element)
             .'" alt="'.$image_title.'" title="'.$image_title.'">'
             .'</span>'.$image_title.'</a>';
           break;
@@ -502,14 +555,17 @@ SELECT
         '%d line filtered', '%d lines filtered',
         $page['nb_lines']
         ),
-      'FILESIZE' => $summary['total_filesize'] != 0 ? ceil($summary['total_filesize']/1024).' MB' : '',
+      'FILESIZE' => $summary['total_filesize'].' KB',
       'USERS' => l10n_dec(
         '%d user', '%d users',
         $summary['nb_members'] + $summary['nb_guests']
         ),
       'MEMBERS' => sprintf(
         l10n_dec('%d member', '%d members', $summary['nb_members']).': %s',
-        implode(', ', $member_strings)
+        implode(
+          ', ',
+          $member_strings
+          )
         ),
       'GUESTS' => l10n_dec(
         '%d guest', '%d guests',
@@ -517,8 +573,6 @@ SELECT
         ),
       )
     );
-
-  unset($name_of_tag);
 }
 
 // +-----------------------------------------------------------------------+
@@ -547,12 +601,20 @@ if (isset($page['search']))
 {
   if (isset($page['search']['fields']['date-after']))
   {
-    $form['start'] = $page['search']['fields']['date-after'];
+    $tokens = explode('-', $page['search']['fields']['date-after']);
+
+    $form['start_year']  = (int)$tokens[0];
+    $form['start_month'] = (int)$tokens[1];
+    $form['start_day']   = (int)$tokens[2];
   }
 
   if (isset($page['search']['fields']['date-before']))
   {
-    $form['end'] = $page['search']['fields']['date-before'];
+    $tokens = explode('-', $page['search']['fields']['date-before']);
+
+    $form['end_year']  = (int)$tokens[0];
+    $form['end_month'] = (int)$tokens[1];
+    $form['end_day']   = (int)$tokens[2];
   }
 
   $form['types'] = $page['search']['fields']['types'];
@@ -568,7 +630,6 @@ if (isset($page['search']))
 
   $form['image_id'] = @$page['search']['fields']['image_id'];
   $form['filename'] = @$page['search']['fields']['filename'];
-  $form['ip'] = @$page['search']['fields']['ip'];
 
   $form['display_thumbnail'] = @$page['search']['fields']['display_thumbnail'];
 }
@@ -576,7 +637,9 @@ else
 {
   // by default, at page load, we want the selected date to be the current
   // date
-  $form['start'] = $form['end'] = date('Y-m-d');
+  $form['start_year']  = $form['end_year']  = date('Y');
+  $form['start_month'] = $form['end_month'] = date('n');
+  $form['start_day']   = $form['end_day']   = date('j');
   $form['types'] = $types;
   // Hoverbox by default
   $form['display_thumbnail'] =
@@ -584,13 +647,24 @@ else
 }
 
 
+$month_list = $lang['month'];
+$month_list[0]='------------';
+ksort($month_list);
+
 $template->assign(
   array(
     'IMAGE_ID' => @$form['image_id'],
     'FILENAME' => @$form['filename'],
-    'IP' => @$form['ip'],
-    'START' => @$form['start'],
-    'END' => @$form['end'],
+
+    'month_list' => $month_list,
+
+    'START_DAY_SELECTED' => @$form['start_day'],
+    'START_MONTH_SELECTED' => @$form['start_month'],
+    'START_YEAR' => @$form['start_year'],
+
+    'END_DAY_SELECTED' => @$form['end_day'],
+    'END_MONTH_SELECTED' => @$form['end_month'],
+    'END_YEAR'   => @$form['end_year'],
     )
   );
 
@@ -611,7 +685,7 @@ SELECT
 ;';
 $template->assign(
   array(
-    'user_options' => query2array($query, 'id','username'),
+    'user_options' => simple_hash_from_query($query, 'id','username'),
     'user_options_selected' => array(@$form['user'])
   )
 );
@@ -624,4 +698,4 @@ $template->assign('display_thumbnail_selected', $form['display_thumbnail']);
 // +-----------------------------------------------------------------------+
 
 $template->assign_var_from_handle('ADMIN_CONTENT', 'history');
-?>
+?>

admin/include/add_core_tabs.inc.php

@@ -1,158 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-add_event_handler('tabsheet_before_select', 'add_core_tabs', 0);
-
-function add_core_tabs($sheets, $tab_id)
-{
-  switch($tab_id)
-  {
-    case 'album':
-      global $admin_album_base_url;
-      $sheets['properties'] = array('caption' => '<span class="icon-pencil"></span>'.l10n('Properties'), 'url' => $admin_album_base_url.'-properties');
-      $sheets['sort_order'] = array('caption' => '<span class="icon-shuffle"></span>'.l10n('Manage photo ranks'), 'url' => $admin_album_base_url.'-sort_order');
-      $sheets['permissions'] = array('caption' => '<span class="icon-lock"></span>'.l10n('Permissions'), 'url' => $admin_album_base_url.'-permissions');
-      $sheets['notification'] = array('caption' => '<span class="icon-mail-alt"></span>'.l10n('Notification'), 'url' => $admin_album_base_url.'-notification');
-      break;
-
-    case 'albums':
-      global $my_base_url;
-      $sheets['list'] = array('caption' => '<span class="icon-menu"></span>'.l10n('List'), 'url' => $my_base_url.'cat_list');
-      $sheets['move'] = array('caption' => '<span class="icon-move"></span>'.l10n('Move'), 'url' => $my_base_url.'cat_move');
-      $sheets['permalinks'] = array('caption' => '<span class="icon-link"></span>'.l10n('Permalinks'), 'url' => $my_base_url.'permalinks');
-      break;
-
-    case 'batch_manager':
-      global $manager_link;
-      $sheets['global'] = array('caption' => l10n('global mode'), 'url' => $manager_link.'global');
-      $sheets['unit'] = array('caption' => l10n('unit mode'), 'url' => $manager_link.'unit');
-      break;
-
-    case 'cat_options':
-      global $link_start, $conf;
-      $sheets['status'] = array('caption' => '<span class="icon-lock"></span>'.l10n('Public / Private'), 'url' => $link_start.'cat_options&amp;section=status');
-      $sheets['visible'] = array('caption' => '<span class="icon-block"></span>'.l10n('Lock'), 'url' => $link_start.'cat_options&amp;section=visible');
-      if ($conf['activate_comments'])
-        $sheets['comments'] = array('caption' => '<span class="icon-chat"></span>'.l10n('Comments'), 'url' => $link_start.'cat_options&amp;section=comments');
-      if ($conf['allow_random_representative'])
-        $sheets['representative'] = array('caption' => l10n('Representative'), 'url' => $link_start.'cat_options&amp;section=representative');
-      break;
-
-    case 'comments':
-      global $my_base_url;
-      $sheets[''] = array('caption' => l10n('User comments'), 'url' => $my_base_url.'comments');
-      break;
-
-    case 'users':
-      global $my_base_url;
-      $sheets[''] = array('caption' => '<span class="icon-users"> </span>'.l10n('User list'), 'url' => $my_base_url.'user_list');
-      break;
-
-    case 'groups':
-      global $my_base_url;
-      $sheets[''] = array('caption' => '<span class="icon-group"> </span>'.l10n('Groups'), 'url' => $my_base_url.'group_list');
-      break;
-
-    case 'configuration':
-      global $conf_link;
-      $sheets['main'] = array('caption' => l10n('General'), 'url' => $conf_link.'main');
-      $sheets['sizes'] = array('caption' => l10n('Photo sizes'), 'url' => $conf_link.'sizes');
-      $sheets['watermark'] = array('caption' => l10n('Watermark'), 'url' => $conf_link.'watermark');
-      $sheets['display'] = array('caption' => l10n('Display'), 'url' => $conf_link.'display');
-      $sheets['comments'] = array('caption' => l10n('Comments'), 'url' => $conf_link.'comments');
-      $sheets['default'] = array('caption' => l10n('Guest Settings'), 'url' => $conf_link.'default');
-      break;
-
-    case 'help':
-      global $help_link;
-      $sheets['add_photos'] = array('caption' => l10n('Add Photos'), 'url' => $help_link.'add_photos');
-      $sheets['permissions'] = array('caption' => l10n('Permissions'), 'url' => $help_link.'permissions');
-      $sheets['groups'] = array('caption' => l10n('Groups'), 'url' => $help_link.'groups');
-      $sheets['virtual_links'] = array('caption' => l10n('Virtual Links'), 'url' => $help_link.'virtual_links');
-      $sheets['misc'] = array('caption' => l10n('Miscellaneous'), 'url' => $help_link.'misc');
-      break;
-
-    case 'history':
-      global $link_start;
-      $sheets['stats'] = array('caption' => '<span class="icon-signal"></span>'.l10n('Statistics'), 'url' => $link_start.'stats');
-      $sheets['history'] = array('caption' => '<span class="icon-search"></span>'.l10n('Search'), 'url' => $link_start.'history');
-      break;
-
-    case 'languages':
-      global $my_base_url;
-      $sheets['installed'] = array('caption' => '<span class="icon-language"></span>'.l10n('Installed Languages'), 'url' => $my_base_url.'&amp;tab=installed');
-      $sheets['update'] = array('caption' => '<span class="icon-arrows-cw"></span>'.l10n('Check for updates'), 'url' => $my_base_url.'&amp;tab=update');
-      $sheets['new'] = array('caption' => '<span class="icon-plus-circled"></span>'.l10n('Add New Language'), 'url' => $my_base_url.'&amp;tab=new');
-      break;
-
-    case 'nbm':
-      global $base_url;
-      $sheets['param'] = array('caption' => l10n('Parameter'), 'url' => $base_url.'?page=notification_by_mail&amp;mode=param');
-      $sheets['subscribe'] = array('caption' => l10n('Subscribe'), 'url' => $base_url.'?page=notification_by_mail&amp;mode=subscribe');
-      $sheets['send'] = array('caption' => l10n('Send'), 'url' => $base_url.'?page=notification_by_mail&amp;mode=send');
-      break;
-
-    case 'photo':
-      global $admin_photo_base_url;
-      $sheets['properties'] = array('caption' => l10n('Properties'), 'url' => $admin_photo_base_url.'-properties');
-      $sheets['coi'] = array('caption' => '<span class="icon-crop"></span>'.l10n('Center of interest'), 'url' => $admin_photo_base_url.'-coi');
-      break;
-
-    case 'photos_add':
-      global $conf;
-      $sheets['direct'] = array('caption' => '<span class="icon-upload"></span>'.l10n('Web Form'), 'url' => PHOTOS_ADD_BASE_URL.'&amp;section=direct');
-      $sheets['applications'] = array('caption' => '<span class="icon-network"></span>'.l10n('Applications'), 'url' => PHOTOS_ADD_BASE_URL.'&amp;section=applications');
-      if ($conf['enable_synchronization'])
-        $sheets['ftp'] = array('caption' => '<span class="icon-exchange"></span>'.l10n('FTP + Synchronization'), 'url' => PHOTOS_ADD_BASE_URL.'&amp;section=ftp');
-      break;
-
-    case 'plugins':
-      global $my_base_url;
-      $sheets['installed'] = array('caption' => '<span class="icon-equalizer"></span>'.l10n('Plugin list'), 'url' => $my_base_url.'&amp;tab=installed');
-      $sheets['update'] = array('caption' => '<span class="icon-arrows-cw"></span>'.l10n('Check for updates'), 'url' => $my_base_url.'&amp;tab=update');
-      $sheets['new'] = array('caption' => '<span class="icon-plus-circled"></span>'.l10n('Other plugins'), 'url' => $my_base_url.'&amp;tab=new');
-      break;
-
-    case 'rating':
-      $sheets['rating'] = array('caption' => l10n('Photos'), 'url' => get_root_url().'admin.php?page=rating');
-      $sheets['rating_user'] = array('caption' => l10n('Users'), 'url' => get_root_url().'admin.php?page=rating_user');
-      break;
-
-    case 'themes':
-      global $my_base_url;
-      $sheets['installed'] = array('caption' => '<span class="icon-brush"></span>'.l10n('Installed Themes'), 'url' => $my_base_url.'&amp;tab=installed');
-      $sheets['update'] = array('caption' => '<span class="icon-arrows-cw"></span>'.l10n('Check for updates'), 'url' => $my_base_url.'&amp;tab=update');
-      $sheets['new'] = array('caption' => '<span class="icon-plus-circled"></span>'.l10n('Add New Theme'), 'url' => $my_base_url.'&amp;tab=new');
-      break;
-
-    case 'updates':
-      global $my_base_url;
-      $sheets['pwg'] = array('caption' => l10n('Piwigo Update'), 'url' => $my_base_url);
-      $sheets['ext'] = array('caption' => l10n('Extensions Update'), 'url' => $my_base_url.'&amp;tab=ext');
-      break;
-  }
-
-  return $sheets;
-}
-
-?>

admin/include/albums_tab.inc.php

@@ -1,33 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
-
-$my_base_url = get_root_url().'admin.php?page=';
-
-$tabsheet = new tabsheet();
-$tabsheet->set_id('albums');
-$tabsheet->select($page['tab']);
-$tabsheet->assign();
-
-?>

admin/include/c13y_internal.class.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -23,7 +23,7 @@
 
 class c13y_internal
 {
-  function __construct()
+  function c13y_internal()
   {
     add_event_handler('list_check_integrity', array(&$this, 'c13y_version'));
     add_event_handler('list_check_integrity', array(&$this, 'c13y_exif'));
@@ -42,17 +42,13 @@ class c13y_internal
 
     $check_list = array();
 
-    $check_list[] = array(
-        'type' => 'PHP',
-        'current' => phpversion(),
-        'required' => REQUIRED_PHP_VERSION,
-        );
+    $check_list[] = array('type' => 'PHP', 'current' => phpversion(), 'required' => REQUIRED_PHP_VERSION);
 
-    $check_list[] = array(
-        'type' => 'MySQL',
-        'current' => pwg_get_db_version(), 
-        'required' => REQUIRED_MYSQL_VERSION,
-        );
+    $db_version = pwg_get_db_version();
+    $check_list[] = array('type' => $conf['dblayer'],
+			  'current' => $db_version, 
+			  'required' => constant('REQUIRED_'.str_replace('-', '_', strtoupper($conf['dblayer'])).'_VERSION')
+			  );
 
     foreach ($check_list as $elem)
     {

admin/include/check_integrity.class.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -27,7 +27,7 @@ class check_integrity
   var $retrieve_list;
   var $build_ignore_list;
 
-  function __construct()
+  function check_integrity()
   {
     $this->ignore_list = array();
     $this->retrieve_list = array();
@@ -66,92 +66,91 @@ class check_integrity
     $this->retrieve_list = array();
     $this->build_ignore_list = array();
 
-    trigger_notify('list_check_integrity', $this);
+    trigger_action('list_check_integrity', $this);
 
     // Information
     if (count($this->retrieve_list) > 0)
     {
-      $header_notes[] = l10n_dec(
-        '%d anomaly has been detected.', '%d anomalies have been detected.',
-        count($this->retrieve_list)
-        );
+      $header_notes[] =
+        l10n_dec('%d anomaly has been detected.', '%d anomalies have been detected.',
+          count($this->retrieve_list));
     }
 
     // Treatments
-    if (isset($_POST['c13y_submit_correction']) and isset($_POST['c13y_selection']))
+    if (!is_adviser())
     {
-      $corrected_count = 0;
-      $not_corrected_count = 0;
-
-      foreach ($this->retrieve_list as $i => $c13y)
+      if (isset($_POST['c13y_submit_correction']) and isset($_POST['c13y_selection']))
       {
-        if (!empty($c13y['correction_fct']) and
-            $c13y['is_callable'] and
-            in_array($c13y['id'], $_POST['c13y_selection']))
-        {
-          if (is_array($c13y['correction_fct_args']))
-          {
-            $args = $c13y['correction_fct_args'];
-          }
-          else
-          if (!is_null($c13y['correction_fct_args']))
-          {
-            $args = array($c13y['correction_fct_args']);
-          }
-          else
-          {
-            $args = array();
-          }
-          $this->retrieve_list[$i]['corrected'] = call_user_func_array($c13y['correction_fct'], $args);
-
-          if ($this->retrieve_list[$i]['corrected'])
-          {
-            $corrected_count += 1;
-          }
-          else
-          {
-            $not_corrected_count += 1;
-          }
-        }
-      }
-
-      if ($corrected_count > 0)
-      {
-        $page['infos'][] = l10n_dec(
-          '%d anomaly has been corrected.', '%d anomalies have been detected corrected.',
-          $corrected_count
-          );
-      }
-      if ($not_corrected_count > 0)
-      {
-        $page['errors'][] = l10n_dec(
-          '%d anomaly has not been corrected.', '%d anomalies have not been corrected.',
-          $not_corrected_count
-          );
-      }
-    }
-    else
-    {
-      if (isset($_POST['c13y_submit_ignore']) and isset($_POST['c13y_selection']))
-      {
-        $ignored_count = 0;
+        $corrected_count = 0;
+        $not_corrected_count = 0;
 
         foreach ($this->retrieve_list as $i => $c13y)
         {
-          if (in_array($c13y['id'], $_POST['c13y_selection']))
+          if (!empty($c13y['correction_fct']) and
+              $c13y['is_callable'] and
+              in_array($c13y['id'], $_POST['c13y_selection']))
           {
-            $this->build_ignore_list[] = $c13y['id'];
-            $this->retrieve_list[$i]['ignored'] = true;
-            $ignored_count += 1;
+            if (is_array($c13y['correction_fct_args']))
+            {
+              $args = $c13y['correction_fct_args'];
+            }
+            else
+            if (!is_null($c13y['correction_fct_args']))
+            {
+              $args = array($c13y['correction_fct_args']);
+            }
+            else
+            {
+              $args = array();
+            }
+            $this->retrieve_list[$i]['corrected'] = call_user_func_array($c13y['correction_fct'], $args);
+
+            if ($this->retrieve_list[$i]['corrected'])
+            {
+              $corrected_count += 1;
+            }
+            else
+            {
+              $not_corrected_count += 1;
+            }
           }
         }
 
-        if ($ignored_count > 0)
+        if ($corrected_count > 0)
         {
-          $page['infos'][] = l10n_dec(
-            '%d anomaly has been ignored.', '%d anomalies have been ignored.',
-            $ignored_count
-            );
+          $page['infos'][] =
+            l10n_dec('%d anomaly has been corrected.', '%d anomalies have been detected corrected.',
+              $corrected_count);
+        }
+        if ($not_corrected_count > 0)
+        {
+          $page['errors'][] =
+            l10n_dec('%d anomaly has not been corrected.', '%d anomalies have not been corrected.',
+              $not_corrected_count);
+        }
+      }
+      else
+      {
+        if (isset($_POST['c13y_submit_ignore']) and isset($_POST['c13y_selection']))
+        {
+          $ignored_count = 0;
+
+          foreach ($this->retrieve_list as $i => $c13y)
+          {
+            if (in_array($c13y['id'], $_POST['c13y_selection']))
+            {
+              $this->build_ignore_list[] = $c13y['id'];
+              $this->retrieve_list[$i]['ignored'] = true;
+              $ignored_count += 1;
+            }
+          }
+
+          if ($ignored_count > 0)
+          {
+            $page['infos'][] =
+              l10n_dec('%d anomaly has been ignored.', '%d anomalies have been ignored.',
+                $ignored_count);
+          }
         }
       }
     }

admin/include/configuration_sizes_process.inc.php

@@ -1,280 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if( !defined("PHPWG_ROOT_PATH") )
-{
-  die ("Hacking attempt!");
-}
-
-$errors = array();
-
-// original resize
-$original_fields = array(
-  'original_resize',
-  'original_resize_maxwidth',
-  'original_resize_maxheight',
-  'original_resize_quality',
-  );
-
-$updates = array();
-
-foreach ($original_fields as $field)
-{
-  $value = !empty($_POST[$field]) ? $_POST[$field] : null;
-  $updates[$field] = $value;
-}
-
-save_upload_form_config($updates, $page['errors'], $errors);
-
-if ($_POST['resize_quality'] < 50 or $_POST['resize_quality'] > 98)
-{
-  $errors['resize_quality'] = '[50..98]';
-}
-
-$pderivatives = $_POST['d'];
-
-// step 1 - sanitize HTML input
-foreach ($pderivatives as $type => &$pderivative)
-{
-  if ($pderivative['must_square'] = ($type==IMG_SQUARE ? true : false))
-  {
-    $pderivative['h'] = $pderivative['w'];
-    $pderivative['minh'] = $pderivative['minw'] = $pderivative['w'];
-    $pderivative['crop'] = 100;
-  }
-  $pderivative['must_enable'] = ($type==IMG_SQUARE || $type==IMG_THUMB || $type==$conf['derivative_default_size'])? true : false;
-  $pderivative['enabled'] = isset($pderivative['enabled']) || $pderivative['must_enable'] ? true : false;
-
-  if (isset($pderivative['crop']))
-  {
-    $pderivative['crop'] = 100;
-    $pderivative['minw'] = $pderivative['w'];
-    $pderivative['minh'] = $pderivative['h'];
-  }
-  else
-  {
-    $pderivative['crop'] = 0;
-    $pderivative['minw'] = null;
-    $pderivative['minh'] = null;
-  }
-}
-unset($pderivative);
-
-// step 2 - check validity
-$prev_w = $prev_h = 0;
-foreach(ImageStdParams::get_all_types() as $type)
-{
-  $pderivative = $pderivatives[$type];
-  if (!$pderivative['enabled'])
-  {
-    continue;
-  }
-
-  if ($type == IMG_THUMB)
-  {
-    $w = intval($pderivative['w']);
-    if ($w <= 0)
-    {
-      $errors[$type]['w'] = '>0';
-    }
-
-    $h = intval($pderivative['h']);
-    if ($h <= 0)
-    {
-      $errors[$type]['h'] = '>0';
-    }
-
-    if (max($w,$h) <= $prev_w)
-    {
-      $errors[$type]['w'] = $errors[$type]['h'] = '>'.$prev_w;
-    }
-  }
-  else
-  {
-    $v = intval($pderivative['w']);
-    if ($v <= 0 or $v <= $prev_w)
-    {
-      $errors[$type]['w'] = '>'.$prev_w;
-    }
-
-    $v = intval($pderivative['h']);
-    if ($v <= 0 or $v <= $prev_h)
-    {
-      $errors[$type]['h'] = '>'.$prev_h;
-    }
-  }
-
-  if (count($errors) == 0)
-  {
-    $prev_w = intval($pderivative['w']);
-    $prev_h = intval($pderivative['h']);
-  }
-
-  $v = intval($pderivative['sharpen']);
-  if ($v<0 || $v>100)
-  {
-    $errors[$type]['sharpen'] = '[0..100]';
-  }
-}
-
-// step 3 - save data
-if (count($errors) == 0)
-{
-  $quality_changed = ImageStdParams::$quality != intval($_POST['resize_quality']);
-  ImageStdParams::$quality = intval($_POST['resize_quality']);
-
-  $enabled = ImageStdParams::get_defined_type_map();
-  $disabled = @unserialize( @$conf['disabled_derivatives'] );
-  if ($disabled === false)
-  {
-    $disabled = array();
-  }
-  $changed_types = array();
-
-  foreach (ImageStdParams::get_all_types() as $type)
-  {
-    $pderivative = $pderivatives[$type];
-
-    if ($pderivative['enabled'])
-    {
-      $new_params = new DerivativeParams(
-        new SizingParams(
-          array(intval($pderivative['w']), intval($pderivative['h'])),
-          round($pderivative['crop'] / 100, 2),
-          array(intval($pderivative['minw']), intval($pderivative['minh']))
-          )
-        );
-      $new_params->sharpen = intval($pderivative['sharpen']);
-
-      ImageStdParams::apply_global($new_params);
-
-      if (isset($enabled[$type]))
-      {
-        $old_params = $enabled[$type];
-        $same = true;
-        if (!size_equals($old_params->sizing->ideal_size, $new_params->sizing->ideal_size)
-            or $old_params->sizing->max_crop != $new_params->sizing->max_crop)
-        {
-          $same = false;
-        }
-
-        if ($same
-            and $new_params->sizing->max_crop != 0
-            and !size_equals($old_params->sizing->min_size, $new_params->sizing->min_size))
-        {
-          $same = false;
-        }
-
-        if ($quality_changed
-            || $new_params->sharpen != $old_params->sharpen)
-        {
-          $same = false;
-        }
-
-        if (!$same)
-        {
-          $new_params->last_mod_time = time();
-          $changed_types[] = $type;
-        }
-        else
-        {
-          $new_params->last_mod_time = $old_params->last_mod_time;
-        }
-        $enabled[$type] = $new_params;
-      }
-      else
-      {// now enabled, before was disabled
-        $enabled[$type] = $new_params;
-        unset($disabled[$type]);
-      }
-    }
-    else
-    {// disabled
-      if (isset($enabled[$type]))
-      {// now disabled, before was enabled
-        $changed_types[] = $type;
-        $disabled[$type] = $enabled[$type];
-        unset($enabled[$type]);
-      }
-    }
-  }
-
-  $enabled_by = array(); // keys ordered by all types
-  foreach(ImageStdParams::get_all_types() as $type)
-  {
-    if (isset($enabled[$type]))
-    {
-      $enabled_by[$type] = $enabled[$type];
-    }
-  }
-
-  foreach( array_keys(ImageStdParams::$custom) as $custom)
-  {
-    if (isset($_POST['delete_custom_derivative_'.$custom]))
-    {
-      $changed_types[] = $custom;
-      unset(ImageStdParams::$custom[$custom]);
-    }
-  }
-
-  ImageStdParams::set_and_save($enabled_by);
-  if (count($disabled) == 0)
-  {
-    $query='DELETE FROM '.CONFIG_TABLE.' WHERE param = \'disabled_derivatives\'';
-    pwg_query($query);
-  }
-  else
-  {
-    conf_update_param('disabled_derivatives', addslashes(serialize($disabled)) );
-  }
-  $conf['disabled_derivatives'] = serialize($disabled);
-
-  if (count($changed_types))
-  {
-    clear_derivative_cache($changed_types);
-  }
-
-  $page['infos'][] = l10n('Your configuration settings are saved');
-}
-else
-{
-  foreach ($original_fields as $field)
-  {
-    if (isset($_POST[$field]))
-    {
-      $template->append(
-        'sizes',
-        array(
-          $field => $_POST[$field]
-          ),
-        true
-        );
-    }
-  }
-
-  $template->assign('derivatives', $pderivatives);
-  $template->assign('ferrors', $errors);
-  $template->assign('resize_quality', $_POST['resize_quality']);
-  $page['sizes_loaded_in_tpl'] = true;
-}
-?>

admin/include/configuration_watermark_process.inc.php

@@ -1,215 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if( !defined("PHPWG_ROOT_PATH") )
-{
-  die ("Hacking attempt!");
-}
-
-function get_watermark_filename($list, $candidate, $step = 0)
-{
-  global $change_name;
-  $change_name = $candidate;
-  if ($step != 0)
-  {
-    $change_name .= '-'.$step;
-  }
-  if (in_array($change_name, $list))
-  {
-    return get_watermark_filename($list, $candidate, $step+1);
-  }
-  return $change_name.'.png';
-}
-
-$errors = array();
-$pwatermark = $_POST['w'];
-
-// step 0 - manage upload if any
-if (isset($_FILES['watermarkImage']) and !empty($_FILES['watermarkImage']['tmp_name']))
-{
-  list($width, $height, $type) = getimagesize($_FILES['watermarkImage']['tmp_name']);
-  if (IMAGETYPE_PNG != $type)
-  {
-    $errors['watermarkImage'] = sprintf(
-      l10n('Allowed file types: %s.'),
-      'PNG'
-      );
-  }
-  else
-  {
-    $upload_dir = PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'watermarks';
-    if (mkgetdir($upload_dir, MKGETDIR_DEFAULT&~MKGETDIR_DIE_ON_ERROR))
-    {
-      // file name may include exotic chars like single quote, we need a safe name 
-      $new_name = str2url(get_filename_wo_extension($_FILES['watermarkImage']['name']));
-
-      // we need existing watermarks to avoid overwritting one 
-      $watermark_files = array();
-      if ( ($glob=glob(PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'watermarks/*.png')) !== false)
-      {
-        foreach ($glob as $file)
-        {
-          $watermark_files[] = get_filename_wo_extension(
-            substr($file, strlen(PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'watermarks/'))
-          );
-        }
-      }
-
-      $file_path = $upload_dir.'/'.get_watermark_filename($watermark_files, $new_name);
-
-      if (move_uploaded_file($_FILES['watermarkImage']['tmp_name'], $file_path))
-      {
-        $pwatermark['file'] = substr($file_path, strlen(PHPWG_ROOT_PATH));
-      }
-      else
-      {
-        $page['errors'][] = $errors['watermarkImage'] = "$file_path " .l10n('no write access');
-      }
-    }
-    else
-    {
-      $page['errors'][] = $errors['watermarkImage'] = sprintf( l10n('Add write access to the "%s" directory'), $upload_dir);
-    }
-  }
-}
-
-// step 1 - sanitize HTML input
-switch ($pwatermark['position'])
-{
-  case 'topleft':
-  {
-    $pwatermark['xpos'] = 0;
-    $pwatermark['ypos'] = 0;
-    break;
-  }
-  case 'topright':
-  {
-    $pwatermark['xpos'] = 100;
-    $pwatermark['ypos'] = 0;
-    break;
-  }
-  case 'middle':
-  {
-    $pwatermark['xpos'] = 50;
-    $pwatermark['ypos'] = 50;
-    break;
-  }
-  case 'bottomleft':
-  {
-    $pwatermark['xpos'] = 0;
-    $pwatermark['ypos'] = 100;
-    break;
-  }
-  case 'bottomright':
-  {
-    $pwatermark['xpos'] = 100;
-    $pwatermark['ypos'] = 100;
-    break;
-  }
-}
-
-// step 2 - check validity
-$v = intval($pwatermark['xpos']);
-if ($v < 0 or $v > 100)
-{
-  $errors['watermark']['xpos'] = '[0..100]';
-}
-
-$v = intval($pwatermark['ypos']);
-if ($v < 0 or $v > 100)
-{
-  $errors['watermark']['ypos'] = '[0..100]';
-}
-
-$v = intval($pwatermark['opacity']);
-if ($v <= 0 or $v > 100)
-{
-  $errors['watermark']['opacity'] = '(0..100]';
-}
-
-// step 3 - save data
-if (count($errors) == 0)
-{
-  $watermark = new WatermarkParams();
-  $watermark->file = $pwatermark['file'];
-  $watermark->xpos = intval($pwatermark['xpos']);
-  $watermark->ypos = intval($pwatermark['ypos']);
-  $watermark->xrepeat = intval($pwatermark['xrepeat']);
-  $watermark->yrepeat = intval($pwatermark['yrepeat']);
-  $watermark->opacity = intval($pwatermark['opacity']);
-  $watermark->min_size = array(intval($pwatermark['minw']),intval($pwatermark['minh']));
-
-  $old_watermark = ImageStdParams::get_watermark();
-  $watermark_changed =
-    $watermark->file != $old_watermark->file
-    || $watermark->xpos != $old_watermark->xpos
-    || $watermark->ypos != $old_watermark->ypos
-    || $watermark->xrepeat != $old_watermark->xrepeat
-    || $watermark->yrepeat != $old_watermark->yrepeat
-    || $watermark->opacity != $old_watermark->opacity;
-
-  // save the new watermark configuration
-  ImageStdParams::set_watermark($watermark);
-
-  // do we have to regenerate the derivatives (and which types)?
-  $changed_types = array();
-
-  foreach (ImageStdParams::get_defined_type_map() as $type => $params)
-  {
-    $old_use_watermark = $params->use_watermark;
-    ImageStdParams::apply_global($params);
-
-    $changed = $params->use_watermark != $old_use_watermark;
-    if (!$changed and $params->use_watermark)
-    {
-      $changed = $watermark_changed;
-    }
-    if (!$changed and $params->use_watermark)
-    {
-      // if thresholds change and before/after the threshold is lower than the corresponding derivative side -> some derivatives might switch the watermark
-      $changed |= $watermark->min_size[0]!=$old_watermark->min_size[0] and ($watermark->min_size[0]<$params->max_width() or $old_watermark->min_size[0]<$params->max_width());
-      $changed |= $watermark->min_size[1]!=$old_watermark->min_size[1] and ($watermark->min_size[1]<$params->max_height() or $old_watermark->min_size[1]<$params->max_height());
-    }
-
-    if ($changed)
-    {
-      $params->last_mod_time = time();
-      $changed_types[] = $type;
-    }
-  }
-
-  ImageStdParams::save();
-
-  if (count($changed_types))
-  {
-    clear_derivative_cache($changed_types);
-  }
-
-  $page['infos'][] = l10n('Your configuration settings are saved');
-}
-else
-{
-  $template->assign('watermark', $pwatermark);
-  $template->assign('ferrors', $errors);
-}
-?>

admin/include/functions_history.inc.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -21,44 +21,28 @@
 // | USA.                                                                  |
 // +-----------------------------------------------------------------------+
 
-/**
- * @package functions\admin\history
- */
-
-
 include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
 
-/**
- * Init tabsheet for history pages
- * @ignore
- */
 function history_tabsheet()
 {
   global $page, $link_start;
 
   // TabSheet
   $tabsheet = new tabsheet();
-  $tabsheet->set_id('history');
+  // TabSheet initialization
+  $tabsheet->add('stats', l10n('Statistics'), $link_start.'stats');
+  $tabsheet->add('history', l10n('Search'), $link_start.'history');
+  // TabSheet selection
   $tabsheet->select($page['page']);
+  // Assign tabsheet to template
   $tabsheet->assign();
 }
 
-/**
- * Callback used to sort history entries
- */
 function history_compare($a, $b)
 {
   return strcmp($a['date'].$a['time'], $b['date'].$b['time']);
 }
 
-/**
- * Perform history search.
- *
- * @param array $data  - used in trigger_change
- * @param array $search
- * @param string[] $types
- * @param array
- */
 function get_history($data, $search, $types)
 {
   if (isset($search['fields']['filename']))
@@ -71,25 +55,31 @@ SELECT
 ;';
     $search['image_ids'] = array_from_query($query, 'id');
   }
-
+  
   // echo '<pre>'; print_r($search); echo '</pre>';
-
+  
   $clauses = array();
 
   if (isset($search['fields']['date-after']))
   {
-    $clauses[] = "date >= '".$search['fields']['date-after']."'";
+    array_push(
+      $clauses,
+      "date >= '".$search['fields']['date-after']."'"
+      );
   }
 
   if (isset($search['fields']['date-before']))
   {
-    $clauses[] = "date <= '".$search['fields']['date-before']."'";
+    array_push(
+      $clauses,
+      "date <= '".$search['fields']['date-before']."'"
+      );
   }
 
   if (isset($search['fields']['types']))
   {
     $local_clauses = array();
-
+    
     foreach ($types as $type) {
       if (in_array($type, $search['fields']['types'])) {
         $clause = 'image_type ';
@@ -101,46 +91,53 @@ SELECT
         {
           $clause.= "= '".$type."'";
         }
-
-        $local_clauses[] = $clause;
+        
+        array_push($local_clauses, $clause);
       }
     }
-
+    
     if (count($local_clauses) > 0)
     {
-      $clauses[] = implode(' OR ', $local_clauses);
+      array_push(
+        $clauses,
+        implode(' OR ', $local_clauses)
+        );
     }
   }
 
   if (isset($search['fields']['user'])
       and $search['fields']['user'] != -1)
   {
-    $clauses[] = 'user_id = '.$search['fields']['user'];
+    array_push(
+      $clauses,
+      'user_id = '.$search['fields']['user']
+      );
   }
 
   if (isset($search['fields']['image_id']))
   {
-    $clauses[] = 'image_id = '.$search['fields']['image_id'];
+    array_push(
+      $clauses,
+      'image_id = '.$search['fields']['image_id']
+      );
   }
-
+  
   if (isset($search['fields']['filename']))
   {
     if (count($search['image_ids']) == 0)
     {
       // a clause that is always false
-      $clauses[] = '1 = 2 ';
+      array_push($clauses, '1 = 2 ');
     }
     else
     {
-      $clauses[] = 'image_id IN ('.implode(', ', $search['image_ids']).')';
+      array_push(
+        $clauses,
+        'image_id IN ('.implode(', ', $search['image_ids']).')'
+        );
     }
   }
-
-  if (isset($search['fields']['ip']))
-  {
-    $clauses[] = 'IP LIKE "'.$search['fields']['ip'].'"';
-  }
-
+  
   $clauses = prepend_append_array_items($clauses, '(', ')');
 
   $where_separator =
@@ -148,7 +145,7 @@ SELECT
       "\n    AND ",
       $clauses
       );
-
+  
   $query = '
 SELECT
     date,
@@ -170,13 +167,13 @@ SELECT
 
   while ($row = pwg_db_fetch_assoc($result))
   {
-    $data[] = $row;
+    array_push($data, $row);
   }
 
   return $data;
 }
 
-add_event_handler('get_history', 'get_history');
-trigger_notify('functions_history_included');
+add_event_handler('get_history', 'get_history', EVENT_HANDLER_PRIORITY_NEUTRAL, 3);
+trigger_action('functions_history_included');
 
-?>
+?>

admin/include/functions_install.inc.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -22,19 +22,16 @@
 // +-----------------------------------------------------------------------+
 
 /**
- * @package functions\admin\install
- */
-
-
-/**
- * Loads a SQL file and executes all queries.
+ * loads an sql file and executes all queries
+ *
  * Before executing a query, $replaced is... replaced by $replacing. This is
  * useful when the SQL file contains generic words. Drop table queries are
  * not executed.
  *
- * @param string $filepath
- * @param string $replaced
- * @param string $replacing
+ * @param string filepath
+ * @param string replaced
+ * @param string replacing
+ * @return void
  */
 function execute_sqlfile($filepath, $replaced, $replacing, $dblayer)
 {
@@ -71,8 +68,65 @@ function execute_sqlfile($filepath, $replaced, $replacing, $dblayer)
   }
 }
 
+/**
+ * Search for database engines available
+ *
+ * We search for functions_DATABASE_ENGINE.inc.php 
+ * and we check if the connect function for that database exists 
+ *
+ * @return array
+ */
+function available_engines()
+{
+  $engines = array();
+
+  $pattern = PHPWG_ROOT_PATH. 'include/dblayer/functions_%s.inc.php';
+  include_once PHPWG_ROOT_PATH. 'include/dblayer/dblayers.inc.php';
+
+  foreach ($dblayers as $engine_name => $engine)
+  {
+    if (file_exists(sprintf($pattern, $engine_name))) 
+    {
+      $engines[$engine_name]['label'] = $engine['engine'];
+      $engines[$engine_name]['available'] = false;
+
+      if (isset($engine['function_available'])
+	  && function_exists($engine['function_available']))
+      {
+	$engines[$engine_name]['available'] = true;
+      }
+      elseif (isset($engine['class_available']) 
+	      && class_exists($engine['class_available']))
+      {
+	$engines[$engine_name]['available'] = true;
+      } 
+    }
+  }
+
+  if ($engines['sqlite']['available'] and !$engines['pdo-sqlite']['available'])
+  {
+    unset($engines['pdo-sqlite']);
+  }
+  elseif ($engines['pdo-sqlite']['available'] and !$engines['sqlite']['available'])
+  {
+    unset($engines['sqlite']);
+  }
+  elseif (DEFAULT_DB_SQLITE=='native')
+  {
+    unset($engines['pdo-sqlite']);
+  }
+  else
+  {
+    unset($engines['sqlite']);
+  }
+
+  return $engines;
+}
+
 /**
  * Automatically activate all core themes in the "themes" directory.
+ *
+ * @return void
  */
 function activate_core_themes()
 {
@@ -80,49 +134,28 @@ function activate_core_themes()
   $themes = new themes();
   foreach ($themes->fs_themes as $theme_id => $fs_theme)
   {
-    if (in_array($theme_id, array('elegant', 'smartpocket')))
+    if (in_array($theme_id, array('Sylvia', 'clear', 'dark')))
     {
       $themes->perform_action('activate', $theme_id);
     }
   }
 }
 
-/**
- * Automatically activate some core plugins
- */
-function activate_core_plugins()
-{
-  include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
-  
-  $plugins = new plugins();
-
-  foreach($plugins->fs_plugins as $plugin_id => $fs_plugin)
-  {
-    if (in_array($plugin_id, array('TakeATour')))
-    {
-      $plugins->perform_action('activate', $plugin_id);
-    }
-  }
-}
-
-/**
- * Connect to database during installation. Uses $_POST.
- *
- * @param array &$infos - populated with infos
- * @param array &$errors - populated with errors
- */
 function install_db_connect(&$infos, &$errors)
 {
+  global $pwg_db_link;
+  
   try
   {
-    pwg_db_connect($_POST['dbhost'], $_POST['dbuser'],
-                   $_POST['dbpasswd'], $_POST['dbname']);
-    pwg_db_check_version();
+    $pwg_db_link = pwg_db_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpasswd'], $_POST['dbname']);
+    if ($pwg_db_link)
+    {
+      pwg_db_check_version();
+    }
   }
   catch (Exception $e)
   {
-    $errors[] = l10n($e->getMessage());
+    array_push( $errors, l10n($e->getMessage()));
   }
 }
-
 ?>

admin/include/functions_metadata.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -21,21 +21,9 @@
 // | USA.                                                                  |
 // +-----------------------------------------------------------------------+
 
-/**
- * @package functions\admin\metadata
- */
-
-
 include_once(PHPWG_ROOT_PATH.'/include/functions_metadata.inc.php');
 
 
-/**
- * Returns IPTC metadata to sync from a file, depending on IPTC mapping.
- * @toto : clean code (factorize foreach)
- *
- * @param string $file
- * @return array
- */
 function get_sync_iptc_data($file)
 {
   global $conf;
@@ -60,7 +48,7 @@ function get_sync_iptc_data($file)
           $month = 1;
           $day = 1;
         }
-
+        
         $iptc[$pwg_key] = $year.'-'.$month.'-'.$day;
       }
     }
@@ -68,7 +56,19 @@ function get_sync_iptc_data($file)
 
   if (isset($iptc['keywords']))
   {
-    $iptc['keywords'] = metadata_normalize_keywords_string($iptc['keywords']);
+    // official keywords separator is the comma
+    $iptc['keywords'] = preg_replace('/[.;]/', ',', $iptc['keywords']);
+    $iptc['keywords'] = preg_replace('/^,+|,+$/', '', $iptc['keywords']);
+
+    $iptc['keywords'] = implode(
+      ',',
+      array_unique(
+        explode(
+          ',',
+          $iptc['keywords']
+          )
+        )
+      );
   }
 
   foreach ($iptc as $pwg_key => $value)
@@ -79,12 +79,6 @@ function get_sync_iptc_data($file)
   return $iptc;
 }
 
-/**
- * Returns EXIF metadata to sync from a file, depending on EXIF mapping.
- *
- * @param string $file
- * @return array
- */
 function get_sync_exif_data($file)
 {
   global $conf;
@@ -95,139 +89,18 @@ function get_sync_exif_data($file)
   {
     if (in_array($pwg_key, array('date_creation', 'date_available')))
     {
-      if (preg_match('/^(\d{4}).(\d{2}).(\d{2}) (\d{2}).(\d{2}).(\d{2})/', $value, $matches))
-      {
-        $exif[$pwg_key] = $matches[1].'-'.$matches[2].'-'.$matches[3].' '.$matches[4].':'.$matches[5].':'.$matches[6];
-      }
-      elseif (preg_match('/^(\d{4}).(\d{2}).(\d{2})/', $value, $matches))
+      if (preg_match('/^(\d{4}).(\d{2}).(\d{2})/', $value, $matches))
       {
         $exif[$pwg_key] = $matches[1].'-'.$matches[2].'-'.$matches[3];
       }
-      else
-      {
-        unset($exif[$pwg_key]);
-        continue;
-      }
     }
-
-    if (in_array($pwg_key, array('keywords', 'tags')))
-    {
-      $exif[$pwg_key] = metadata_normalize_keywords_string($exif[$pwg_key]);
-    }
-    
     $exif[$pwg_key] = addslashes($exif[$pwg_key]);
   }
 
   return $exif;
 }
 
-/**
- * Get all potential file metadata fields, including IPTC and EXIF.
- *
- * @return string[]
- */
-function get_sync_metadata_attributes()
-{
-  global $conf;
-
-  $update_fields = array('filesize', 'width', 'height');
-
-  if ($conf['use_exif'])
-  {
-    $update_fields =
-      array_merge(
-        $update_fields,
-        array_keys($conf['use_exif_mapping']),
-        array('latitude', 'longitude')
-        );
-  }
-
-  if ($conf['use_iptc'])
-  {
-    $update_fields =
-      array_merge(
-        $update_fields,
-        array_keys($conf['use_iptc_mapping'])
-        );
-  }
-
-  return array_unique($update_fields);
-}
-
-/**
- * Get all metadata of a file.
- *
- * @param array $infos - (path[, representative_ext])
- * @return array - includes data provided in $infos
- */
-function get_sync_metadata($infos)
-{
-  global $conf;
-  $file = PHPWG_ROOT_PATH.$infos['path'];
-  $fs = @filesize($file);
-
-  if ($fs===false)
-  {
-    return false;
-  }
-
-  $infos['filesize'] = floor($fs/1024);
-
-  $is_tiff = false;
-
-  if (isset($infos['representative_ext']))
-  {
-    if ($image_size = @getimagesize($file))
-    {
-      $type = $image_size[2];
-
-      if (IMAGETYPE_TIFF_MM == $type or IMAGETYPE_TIFF_II == $type)
-      {
-        // in case of TIFF files, we want to use the original file and not
-        // the representative for EXIF/IPTC, but we need the representative
-        // for width/height (to compute the multiple size dimensions)
-        $is_tiff = true;
-      }
-
-    }
-
-    $file = original_to_representative($file, $infos['representative_ext']);
-  }
-
-  if ($image_size = @getimagesize($file))
-  {
-    $infos['width'] = $image_size[0];
-    $infos['height'] = $image_size[1];
-  }
-
-  if ($is_tiff)
-  {
-    // back to original file
-    $file = PHPWG_ROOT_PATH.$infos['path'];
-  }
-
-  if ($conf['use_exif'])
-  {
-    $exif = get_sync_exif_data($file);
-    $infos = array_merge($infos, $exif);
-  }
-
-  if ($conf['use_iptc'])
-  {
-    $iptc = get_sync_iptc_data($file);
-    $infos = array_merge($infos, $iptc);
-  }
-
-  return $infos;
-}
-
-/**
- * Sync all metadata of a list of images.
- * Metadata are fetched from original files and saved in database.
- *
- * @param int[] $ids
- */
-function sync_metadata($ids)
+function update_metadata($files)
 {
   global $conf;
 
@@ -238,61 +111,128 @@ function sync_metadata($ids)
 
   $datas = array();
   $tags_of = array();
+  $has_high_images = array();
+
+  $image_ids = array();
+  foreach ($files as $id => $file)
+  {
+    array_push($image_ids, $id);
+  }
 
   $query = '
-SELECT id, path, representative_ext
+SELECT id
   FROM '.IMAGES_TABLE.'
-  WHERE id IN (
-'.wordwrap(implode(', ', $ids), 160, "\n").'
+  WHERE has_high = \'true\'
+    AND id IN (
+'.wordwrap(implode(', ', $image_ids), 80, "\n").'
 )
 ;';
 
-  $result = pwg_query($query);
-  while ($data = pwg_db_fetch_assoc($result))
+  $has_high_images = array_from_query($query, 'id');
+
+  foreach ($files as $id => $file)
   {
-    $data = get_sync_metadata($data);
-    if ($data === false)
+    $data = array();
+    $data['id'] = $id;
+    $data['filesize'] = floor(filesize($file)/1024);
+
+    if ($image_size = @getimagesize($file))
     {
-      continue;
+      $data['width'] = $image_size[0];
+      $data['height'] = $image_size[1];
     }
 
-    $id = $data['id'];
-    foreach (array('keywords', 'tags') as $key)
+    if (in_array($id, $has_high_images))
     {
-      if (isset($data[$key]))
-      {
-        if (!isset($tags_of[$id]))
-        {
-          $tags_of[$id] = array();
-        }
+      $high_file = dirname($file).'/pwg_high/'.basename($file);
 
-        foreach (explode(',', $data[$key]) as $tag_name)
+      $data['high_filesize'] = floor(filesize($high_file)/1024);
+    }
+
+    if ($conf['use_exif'])
+    {
+      $exif = get_sync_exif_data($file);
+      if (count($exif) == 0 and isset($data['high_filesize']))
+      {
+        $exif = get_sync_exif_data($high_file);
+      }
+      $data = array_merge($data, $exif);
+    }
+
+    if ($conf['use_iptc'])
+    {
+      $iptc = get_sync_iptc_data($file);
+      if (count($iptc) == 0 and isset($data['high_filesize']))
+      {
+        $iptc = get_sync_iptc_data($high_file);
+      }
+      $data = array_merge($data, $iptc);
+      
+      if (count($iptc) > 0)
+      {
+        foreach (array_keys($iptc) as $key)
         {
-          $tags_of[$id][] = tag_id_from_tag_name($tag_name);
+          if ($key == 'keywords' or $key == 'tags')
+          {
+            if (!isset($tags_of[$id]))
+            {
+              $tags_of[$id] = array();
+            }
+
+            foreach (explode(',', $iptc[$key]) as $tag_name)
+            {
+              array_push(
+                $tags_of[$id],
+                tag_id_from_tag_name($tag_name)
+                );
+            }
+          }
         }
       }
     }
 
     $data['date_metadata_update'] = CURRENT_DATE;
 
-    $datas[] = $data;
+    array_push($datas, $data);
   }
 
   if (count($datas) > 0)
   {
-    $update_fields = get_sync_metadata_attributes();
-    $update_fields[] = 'date_metadata_update';
+    $update_fields =
+      array(
+        'filesize',
+        'width',
+        'height',
+        'high_filesize',
+        'date_metadata_update'
+        );
 
-    $update_fields = array_diff(
-      $update_fields,
-      array('tags', 'keywords')
-            );
+    if ($conf['use_exif'])
+    {
+      $update_fields =
+        array_merge(
+          $update_fields,
+          array_keys($conf['use_exif_mapping'])
+          );
+    }
+
+    if ($conf['use_iptc'])
+    {
+      $update_fields =
+        array_merge(
+          $update_fields,
+          array_diff(
+            array_keys($conf['use_iptc_mapping']),
+            array('tags', 'keywords')
+            )
+          );
+    }
 
     mass_updates(
       IMAGES_TABLE,
       array(
         'primary' => array('id'),
-        'update'  => $update_fields
+        'update'  => array_unique($update_fields)
         ),
       $datas,
       MASS_UPDATES_SKIP_EMPTY
@@ -303,13 +243,13 @@ SELECT id, path, representative_ext
 }
 
 /**
- * Returns an array associating element id (images.id) with its complete
+ * returns an array associating element id (images.id) with its complete
  * path in the filesystem
  *
- * @param int $category_id
- * @param int $site_id
- * @param boolean $recursive
- * @param boolean $only_new
+ * @param int id_uppercat
+ * @param int site_id
+ * @param boolean recursive ?
+ * @param boolean only newly added files ?
  * @return array
  */
 function get_filelist($category_id = '', $site_id=1, $recursive = false,
@@ -343,7 +283,7 @@ SELECT id
   $result = pwg_query($query);
   while ($row = pwg_db_fetch_assoc($result))
   {
-    $cat_ids[] = $row['id'];
+    array_push($cat_ids, $row['id']);
   }
 
   if (count($cat_ids) == 0)
@@ -351,8 +291,10 @@ SELECT id
     return array();
   }
 
+  $files = array();
+
   $query = '
-SELECT id, path, representative_ext
+SELECT id, path
   FROM '.IMAGES_TABLE.'
   WHERE storage_category_id IN ('.implode(',', $cat_ids).')';
   if ($only_new)
@@ -363,34 +305,12 @@ SELECT id, path, representative_ext
   }
   $query.= '
 ;';
-  return hash_from_query($query, 'id');
-}
+  $result = pwg_query($query);
+  while ($row = pwg_db_fetch_assoc($result))
+  {
+    $files[$row['id']] = $row['path'];
+  }
 
-/**
- * Returns the list of keywords (future tags) correctly separated with
- * commas. Other separators are converted into commas.
- *
- * @param string $keywords_string
- * @return string
- */
-function metadata_normalize_keywords_string($keywords_string)
-{
-  global $conf;
-  
-  $keywords_string = preg_replace($conf['metadata_keyword_separator_regex'], ',', $keywords_string);
-  $keywords_string = preg_replace('/,+/', ',', $keywords_string);
-  $keywords_string = preg_replace('/^,+|,+$/', '', $keywords_string);
-      
-  $keywords_string = implode(
-    ',',
-    array_unique(
-      explode(
-        ',',
-        $keywords_string
-        )
-      )
-    );
-
-  return $keywords_string;
+  return $files;
 }
 ?>

admin/include/functions_notification_by_mail.inc.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -125,12 +125,12 @@ select
   U.'.$conf['user_fields']['username'].' as username,
   U.'.$conf['user_fields']['email'].' as mail_address,
   N.enabled,
-  N.last_send,
-  UI.status
-from '.USER_MAIL_NOTIFICATION_TABLE.' as N
-  JOIN '.USERS_TABLE.' as U on N.user_id =  U.'.$conf['user_fields']['id'].'
-  JOIN '.USER_INFOS_TABLE.' as UI on UI.user_id = N.user_id
-where 1=1';
+  N.last_send
+from
+  '.USER_MAIL_NOTIFICATION_TABLE.' as N,
+  '.USERS_TABLE.' as U
+where
+  N.user_id =  U.'.$conf['user_fields']['id'];
 
     if ($action == 'send')
     {
@@ -159,7 +159,7 @@ order by';
     else
     {
       $query .= '
-  username';
+  username;';
     }
 
     $query .= ';';
@@ -169,7 +169,7 @@ order by';
     {
       while ($nbm_user = pwg_db_fetch_assoc($result))
       {
-        $data_users[] = $nbm_user;
+        array_push($data_users, $nbm_user);
       }
     }
   }
@@ -256,7 +256,8 @@ function set_user_on_env_nbm(&$nbm_user, $is_action_send)
 
   if ($is_action_send)
   {
-    $env_nbm['mail_template'] = get_mail_template($env_nbm['email_format']);
+    $nbm_user['theme'] = $user['theme'];
+    $env_nbm['mail_template'] = get_mail_template($env_nbm['email_format'], $nbm_user['theme']);
     $env_nbm['mail_template']->set_filename('notification_by_mail', 'notification_by_mail.tpl');
   }
 }
@@ -284,7 +285,7 @@ function inc_mail_sent_success($nbm_user)
   global $page, $env_nbm;
 
   $env_nbm['sent_mail_count'] += 1;
-  $page['infos'][] = sprintf($env_nbm['msg_info'], stripslashes($nbm_user['username']), $nbm_user['mail_address']);
+  array_push($page['infos'], sprintf($env_nbm['msg_info'], stripslashes($nbm_user['username']), $nbm_user['mail_address']));
 }
 
 /*
@@ -297,7 +298,7 @@ function inc_mail_sent_failed($nbm_user)
   global $page, $env_nbm;
 
   $env_nbm['error_on_mail_count'] += 1;
-  $page['errors'][] = sprintf($env_nbm['msg_error'], stripslashes($nbm_user['username']), $nbm_user['mail_address']);
+  array_push($page['errors'], sprintf($env_nbm['msg_error'], stripslashes($nbm_user['username']), $nbm_user['mail_address']));
 }
 
 /*
@@ -311,32 +312,16 @@ function display_counter_info()
 
   if ($env_nbm['error_on_mail_count'] != 0)
   {
-    $page['errors'][] = l10n_dec(
-      '%d mail was not sent.', '%d mails were not sent.',
-      $env_nbm['error_on_mail_count']
-      );
-      
+    array_push($page['errors'], l10n_dec('%d mail was not sent.', '%d mails were not sent.', $env_nbm['error_on_mail_count']));
     if ($env_nbm['sent_mail_count'] != 0)
-    {
-      $page['infos'][] = l10n_dec(
-        '%d mail was sent.', '%d mails were sent.',
-        $env_nbm['sent_mail_count']
-        );
-    }
+      array_push($page['infos'], l10n_dec('%d mail was sent.', '%d mails were sent.', $env_nbm['sent_mail_count']));
   }
   else
   {
     if ($env_nbm['sent_mail_count'] == 0)
-    {
-      $page['infos'][] = l10n('No mail to send.');
-    }
+      array_push($page['infos'], l10n('No mail to send.'));
     else
-    {
-      $page['infos'][] = l10n_dec(
-        '%d mail was sent.', '%d mails were sent.',
-        $env_nbm['sent_mail_count']
-        );
-    }
+      array_push($page['infos'], l10n_dec('%d mail was sent.', '%d mails were sent.', $env_nbm['sent_mail_count']));
   }
 }
 
@@ -354,8 +339,8 @@ function assign_vars_nbm_mail_content($nbm_user)
 
       'SEND_AS_NAME' => $env_nbm['send_as_name'],
 
-      'UNSUBSCRIBE_LINK' => add_url_params(get_gallery_home_url().'/nbm.php', array('unsubscribe' => $nbm_user['check_key'])),
-      'SUBSCRIBE_LINK' => add_url_params(get_gallery_home_url().'/nbm.php', array('subscribe' => $nbm_user['check_key'])),
+      'UNSUBSCRIBE_LINK' => add_url_params(get_root_url().'nbm.php', array('unsubscribe' => $nbm_user['check_key'])),
+      'SUBSCRIBE_LINK' => add_url_params(get_root_url().'nbm.php', array('subscribe' => $nbm_user['check_key'])),
       'CONTACT_EMAIL' => $env_nbm['send_as_mail_address']
     )
   );
@@ -409,12 +394,12 @@ function do_subscribe_unsubscribe_notification_by_mail($is_admin_request, $is_su
       if (check_sendmail_timeout())
       {
         // Stop fill list on 'send', if the quota is override
-        $page['errors'][] = $msg_break_timeout;
+        array_push($page['errors'], $msg_break_timeout);
         break;
       }
 
       // Fill return list
-      $check_key_treated[] = $nbm_user['check_key'];
+      array_push($check_key_treated, $nbm_user['check_key']);
 
       $do_update = true;
       if ($nbm_user['mail_address'] != '')
@@ -422,7 +407,7 @@ function do_subscribe_unsubscribe_notification_by_mail($is_admin_request, $is_su
         // set env nbm user
         set_user_on_env_nbm($nbm_user, true);
 
-        $subject = '['.$conf['gallery_title'].'] '.($is_subscribe ? l10n('Subscribe to notification by mail'): l10n('Unsubscribe from notification by mail'));
+        $subject = '['.$conf['gallery_title'].']: '.($is_subscribe ? l10n('Subscribe to notification by mail'): l10n('Unsubscribe from notification by mail'));
 
         // Assign current var for nbm mail
         assign_vars_nbm_mail_content($nbm_user);
@@ -438,22 +423,20 @@ function do_subscribe_unsubscribe_notification_by_mail($is_admin_request, $is_su
             'GOTO_GALLERY_URL' => get_gallery_home_url(),
           )
         );
-        
-        $ret = pwg_mail(
-          array(
-            'name' => stripslashes($nbm_user['username']),
-            'email' => $nbm_user['mail_address'],
-            ),
-          array(
-            'from' => $env_nbm['send_as_mail_formated'],
-            'subject' => $subject,
-            'email_format' => $env_nbm['email_format'],
-            'content' => $env_nbm['mail_template']->parse('notification_by_mail', true),
-            'content_format' => $env_nbm['email_format'],
-            )
-          );
 
-        if ($ret)
+        if (pwg_mail
+            (
+              format_email(stripslashes($nbm_user['username']), $nbm_user['mail_address']),
+              array
+              (
+                'from' => $env_nbm['send_as_mail_formated'],
+                'subject' => $subject,
+                'email_format' => $env_nbm['email_format'],
+                'content' => $env_nbm['mail_template']->parse('notification_by_mail', true),
+                'content_format' => $env_nbm['email_format'],
+                'theme' => $nbm_user['theme']
+              )
+            ))
         {
           inc_mail_sent_success($nbm_user);
         }
@@ -470,17 +453,22 @@ function do_subscribe_unsubscribe_notification_by_mail($is_admin_request, $is_su
 
       if ($do_update)
       {
-        $updates[] = array(
-          'check_key' => $nbm_user['check_key'],
-          'enabled' => $enabled_value
-          );
+        array_push
+        (
+          $updates,
+          array
+          (
+            'check_key' => $nbm_user['check_key'],
+            'enabled' => $enabled_value
+          )
+        );
         $updated_data_count += 1;
-        $page['infos'][] = sprintf($msg_info, stripslashes($nbm_user['username']), $nbm_user['mail_address']);
+        array_push($page['infos'], sprintf($msg_info, stripslashes($nbm_user['username']), $nbm_user['mail_address']));
       }
       else
       {
         $error_on_updated_data_count += 1;
-        $page['errors'][] = sprintf($msg_error, stripslashes($nbm_user['username']), $nbm_user['mail_address']);
+        array_push($page['errors'], sprintf($msg_error, stripslashes($nbm_user['username']), $nbm_user['mail_address']));
       }
 
     }
@@ -501,17 +489,13 @@ function do_subscribe_unsubscribe_notification_by_mail($is_admin_request, $is_su
 
   }
 
-  $page['infos'][] = l10n_dec(
-    '%d user was updated.', '%d users were updated.',
-    $updated_data_count
-    );
-  
+  array_push($page['infos'], l10n_dec('%d user was updated.', '%d users were updated.', $updated_data_count));
   if ($error_on_updated_data_count != 0)
   {
-    $page['errors'][] = l10n_dec(
-      '%d user was not updated.', '%d users were not updated.',
-      $error_on_updated_data_count
-      );
+    array_push($page['errors'],
+      l10n_dec('%d user was not updated.',
+               '%d users were not updated.',
+               $error_on_updated_data_count));
   }
 
   unset_make_full_url();

admin/include/functions_permalinks.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -87,7 +87,7 @@ SELECT permalink
     {
       $page['errors'][] = 
         sprintf( 
-          l10n('Permalink %s has been previously used by album %s. Delete from the permalink history first'),
+          l10n('Permalink %s has been previously used by category %s. Delete from the permalink history first'),
           $permalink, $old_cat_id
         );
       return false;
@@ -156,7 +156,7 @@ function set_cat_permalink( $cat_id, $permalink, $save )
     {
       $page['errors'][] = 
         sprintf( 
-          l10n('Permalink %s is already used by album %s'),
+          l10n('Permalink %s is already used by category %s'),
           $permalink, $existing_cat_id 
         );
       return false;
@@ -169,7 +169,7 @@ function set_cat_permalink( $cat_id, $permalink, $save )
   {
     $page['errors'][] = 
       sprintf( 
-        l10n('Permalink %s has been previously used by album %s. Delete from the permalink history first'),
+        l10n('Permalink %s has been previously used by category %s. Delete from the permalink history first'),
         $permalink, $old_cat_id
       );
     return false;

admin/include/functions_plugins.inc.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -39,7 +39,7 @@ function get_admin_plugin_menu_link($file)
   }
   else if (isset($page['errors']))
   {
-    $page['errors'][] = 'PLUGIN ERROR: "'.$file.'" is not a valid file';
+    array_push($page['errors'], 'PLUGIN ERROR: "'.$file.'" is not a valid file');
   }
   return $url;
 }

admin/include/functions_upgrade.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -54,6 +54,7 @@ function prepare_conf_upgrade()
   define('USERS_TABLE', $prefixeTable.'users');
   define('USER_INFOS_TABLE', $prefixeTable.'user_infos');
   define('USER_FEED_TABLE', $prefixeTable.'user_feed');
+  define('WAITING_TABLE', $prefixeTable.'waiting');
   define('RATE_TABLE', $prefixeTable.'rate');
   define('USER_CACHE_TABLE', $prefixeTable.'user_cache');
   define('USER_CACHE_CATEGORIES_TABLE', $prefixeTable.'user_cache_categories');
@@ -75,8 +76,9 @@ function deactivate_non_standard_plugins()
   global $page;
 
   $standard_plugins = array(
-    'AdminTools',
-    'TakeATour',
+    'admin_multi_view',
+    'c13y_upgrade',
+    'event_tracer',
     'language_switch',
     'LocalFilesEditor'
     );
@@ -92,7 +94,7 @@ AND id NOT IN (\'' . implode('\',\'', $standard_plugins) . '\')
   $plugins = array();
   while ($row = pwg_db_fetch_assoc($result))
   {
-    $plugins[] = $row['id'];
+    array_push($plugins, $row['id']);
   }
 
   if (!empty($plugins))
@@ -104,79 +106,11 @@ WHERE id IN (\'' . implode('\',\'', $plugins) . '\')
 ;';
     pwg_query($query);
 
-    $page['infos'][] = l10n('As a precaution, following plugins have been deactivated. You must check for plugins upgrade before reactiving them:')
-                        .'<p><i>'.implode(', ', $plugins).'</i></p>';
+    array_push($page['infos'],
+      l10n('As a precaution, following plugins have been deactivated. You must check for plugins upgrade before reactiving them:').'<p><i>'.implode(', ', $plugins).'</i></p>');
   }
 }
 
-// Deactivate all non-standard themes
-function deactivate_non_standard_themes()
-{
-  global $page, $conf;
-
-  $standard_themes = array(
-    'clear',
-    'Sylvia',
-    'dark',
-    'elegant',
-    'smartpocket',
-    );
-
-  $query = '
-SELECT
-    id,
-    name
-  FROM '.PREFIX_TABLE.'themes
-  WHERE id NOT IN (\''.implode("','", $standard_themes).'\')
-;';
-  $result = pwg_query($query);
-  $theme_ids = array();
-  $theme_names = array();
-  while ($row = pwg_db_fetch_assoc($result))
-  {
-    $theme_ids[] = $row['id'];
-    $theme_names[] = $row['name'];
-  }
-
-  if (!empty($theme_ids))
-  {
-    $query = '
-DELETE
-  FROM '.PREFIX_TABLE.'themes
-  WHERE id IN (\''.implode("','", $theme_ids).'\')
-;';
-    pwg_query($query);
-
-    $page['infos'][] = l10n('As a precaution, following themes have been deactivated. You must check for themes upgrade before reactiving them:')
-                        .'<p><i>'.implode(', ', $theme_names).'</i></p>';
-
-    // what is the default theme?
-    $query = '
-SELECT theme
-  FROM '.PREFIX_TABLE.'user_infos
-  WHERE user_id = '.$conf['default_user_id'].'
-;';
-    list($default_theme) = pwg_db_fetch_row(pwg_query($query));
-
-    // if the default theme has just been deactivated, let's set another core theme as default
-    if (in_array($default_theme, $theme_ids))
-    {
-      $query = '
-UPDATE '.PREFIX_TABLE.'user_infos
-  SET theme = \'elegant\'
-  WHERE user_id = '.$conf['default_user_id'].'
-;';
-      pwg_query($query);
-    }
-  }
-}
-
-// Deactivate all templates
-function deactivate_templates()
-{
-  conf_update_param('extents_for_templates', array());
-}
-
 // Check access rights
 function check_upgrade_access_rights()
 {
@@ -243,13 +177,18 @@ WHERE '.$conf['user_fields']['username'].'=\''.$username.'\'
   }
   $row = pwg_db_fetch_assoc(pwg_query($query));
 
-  if (!$conf['password_verify']($password, $row['password']))
+  if (!isset($conf['pass_convert']))
   {
-    $page['errors'][] = l10n('Invalid password!');
+    $conf['pass_convert'] = create_function('$s', 'return md5($s);');
+  }
+
+  if ($row['password'] != $conf['pass_convert']($password))
+  {
+    array_push($page['errors'], l10n('Invalid password!'));
   }
   elseif ($row['status'] != 'admin' and $row['status'] != 'webmaster')
   {
-    $page['errors'][] = l10n('You do not have access rights to run upgrade');
+    array_push($page['errors'], l10n('You do not have access rights to run upgrade'));
   }
   else
   {
@@ -275,7 +214,7 @@ function get_available_upgrade_ids()
       if (is_file($upgrades_path.'/'.$node)
           and preg_match('/^(.*?)-database\.php$/', $node, $match))
       {
-        $available_upgrade_ids[] = $match[1];
+        array_push($available_upgrade_ids, $match[1]);
       }
     }
   }
@@ -310,13 +249,15 @@ function upgrade_db_connect()
 
   try
   {
-    pwg_db_connect($conf['db_host'], $conf['db_user'],
-                   $conf['db_password'], $conf['db_base']);
-    pwg_db_check_version();
+    $pwg_db_link = pwg_db_connect($conf['db_host'], $conf['db_user'], $conf['db_password'], $conf['db_base']);
+    if ($pwg_db_link)
+    {
+      pwg_db_check_version();
+    }
   }
   catch (Exception $e)
   {
     my_error(l10n($e->getMessage()), true); 
   }
 }
-?>
+?>

admin/include/functions_upload.inc.php

@@ -1,373 +1,136 @@
 <?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
+// TODO
+// * check md5sum (already exists?)
 
+include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
+include_once(PHPWG_ROOT_PATH.'include/ws_functions.inc.php');
 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
-include_once(PHPWG_ROOT_PATH.'admin/include/image.class.php');
+
+// Here is the plan
+//
+// 1) move uploaded file to upload/2010/01/22/20100122003814-449ada00.jpg
+//
+// 2) if taller than max_height or wider than max_width, move to pwg_high
+//    + web sized creation
+//
+// 3) thumbnail creation from web sized
+//
+// 4) register in database
 
 // add default event handler for image and thumbnail resize
-add_event_handler('upload_image_resize', 'pwg_image_resize');
-add_event_handler('upload_thumbnail_resize', 'pwg_image_resize');
+add_event_handler('upload_image_resize', 'pwg_image_resize', EVENT_HANDLER_PRIORITY_NEUTRAL, 6);
+add_event_handler('upload_thumbnail_resize', 'pwg_image_resize', EVENT_HANDLER_PRIORITY_NEUTRAL, 6);
 
-function get_upload_form_config()
+function add_uploaded_file($source_filepath, $original_filename=null, $categories=null, $level=null)
 {
-  // default configuration for upload
-  $upload_form_config = array(
-    'original_resize' => array(
-      'default' => false,
-      'can_be_null' => false,
-      ),
+  global $conf;
 
-    'original_resize_maxwidth' => array(
-      'default' => 2000,
-      'min' => 500,
-      'max' => 20000,
-      'pattern' => '/^\d+$/',
-      'can_be_null' => false,
-      'error_message' => l10n('The original maximum width must be a number between %d and %d'),
-      ),
-
-    'original_resize_maxheight' => array(
-      'default' => 2000,
-      'min' => 300,
-      'max' => 20000,
-      'pattern' => '/^\d+$/',
-      'can_be_null' => false,
-      'error_message' => l10n('The original maximum height must be a number between %d and %d'),
-      ),
-
-    'original_resize_quality' => array(
-      'default' => 95,
-      'min' => 50,
-      'max' => 98,
-      'pattern' => '/^\d+$/',
-      'can_be_null' => false,
-      'error_message' => l10n('The original image quality must be a number between %d and %d'),
-      ),
+  // current date
+  list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
+  list($year, $month, $day) = preg_split('/[^\d]/', $dbnow, 4);
+  
+  // upload directory hierarchy
+  $upload_dir = sprintf(
+    PHPWG_ROOT_PATH.$conf['upload_dir'].'/%s/%s/%s',
+    $year,
+    $month,
+    $day
     );
 
-  return $upload_form_config;
-}
+  // compute file path
+  $md5sum = md5_file($source_filepath);
+  $date_string = preg_replace('/[^\d]/', '', $dbnow);
+  $random_string = substr($md5sum, 0, 8);
+  $filename_wo_ext = $date_string.'-'.$random_string;
+  $file_path = $upload_dir.'/'.$filename_wo_ext.'.';
 
-function save_upload_form_config($data, &$errors=array(), &$form_errors=array())
-{
-  if (!is_array($data) or empty($data))
+  list($width, $height, $type) = getimagesize($source_filepath);
+  if (IMAGETYPE_PNG == $type)
   {
-    return false;
-  }
-
-  $upload_form_config = get_upload_form_config();
-  $updates = array();
-
-  foreach ($data as $field => $value)
-  {
-    if (!isset($upload_form_config[$field]))
-    {
-      continue;
-    }
-    if (is_bool($upload_form_config[$field]['default']))
-    {
-      if (isset($value))
-      {
-        $value = true;
-      }
-      else
-      {
-        $value = false;
-      }
-
-      $updates[] = array(
-        'param' => $field,
-        'value' => boolean_to_string($value)
-        );
-    }
-    elseif ($upload_form_config[$field]['can_be_null'] and empty($value))
-    {
-      $updates[] = array(
-        'param' => $field,
-        'value' => 'false'
-        );
-    }
-    else
-    {
-      $min = $upload_form_config[$field]['min'];
-      $max = $upload_form_config[$field]['max'];
-      $pattern = $upload_form_config[$field]['pattern'];
-
-      if (preg_match($pattern, $value) and $value >= $min and $value <= $max)
-      {
-         $updates[] = array(
-          'param' => $field,
-          'value' => $value
-          );
-      }
-      else
-      {
-        $errors[] = sprintf(
-          $upload_form_config[$field]['error_message'],
-          $min, $max
-          );
-
-        $form_errors[$field] = '['.$min.' .. '.$max.']';
-      }
-    }
-  }
-
-  if (count($errors) == 0)
-  {
-    mass_updates(
-      CONFIG_TABLE,
-      array(
-        'primary' => array('param'),
-        'update' => array('value')
-        ),
-      $updates
-      );
-    return true;
-  }
-
-  return false;
-}
-
-function add_uploaded_file($source_filepath, $original_filename=null, $categories=null, $level=null, $image_id=null, $original_md5sum=null)
-{
-  // 1) move uploaded file to upload/2010/01/22/20100122003814-449ada00.jpg
-  //
-  // 2) keep/resize original
-  //
-  // 3) register in database
-
-  // TODO
-  // * check md5sum (already exists?)
-
-  global $conf, $user;
-
-  if (isset($original_md5sum))
-  {
-    $md5sum = $original_md5sum;
+    $file_path.= 'png';
   }
   else
   {
-    $md5sum = md5_file($source_filepath);
-  }
-
-  $file_path = null;
-  $is_tiff = false;
-
-  if (isset($image_id))
-  {
-    // this photo already exists, we update it
-    $query = '
-SELECT
-    path
-  FROM '.IMAGES_TABLE.'
-  WHERE id = '.$image_id.'
-;';
-    $result = pwg_query($query);
-    while ($row = pwg_db_fetch_assoc($result))
-    {
-      $file_path = $row['path'];
-    }
-
-    if (!isset($file_path))
-    {
-      die('['.__FUNCTION__.'] this photo does not exist in the database');
-    }
-
-    // delete all physical files related to the photo (thumbnail, web site, HD)
-    delete_element_files(array($image_id));
-  }
-  else
-  {
-    // this photo is new
-
-    // current date
-    list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
-    list($year, $month, $day) = preg_split('/[^\d]/', $dbnow, 4);
-
-    // upload directory hierarchy
-    $upload_dir = sprintf(
-      PHPWG_ROOT_PATH.$conf['upload_dir'].'/%s/%s/%s',
-      $year,
-      $month,
-      $day
-      );
-
-    // compute file path
-    $date_string = preg_replace('/[^\d]/', '', $dbnow);
-    $random_string = substr($md5sum, 0, 8);
-    $filename_wo_ext = $date_string.'-'.$random_string;
-    $file_path = $upload_dir.'/'.$filename_wo_ext.'.';
-
-    list($width, $height, $type) = getimagesize($source_filepath);
-    
-    if (IMAGETYPE_PNG == $type)
-    {
-      $file_path.= 'png';
-    }
-    elseif (IMAGETYPE_GIF == $type)
-    {
-      $file_path.= 'gif';
-    }
-    elseif (IMAGETYPE_TIFF_MM == $type or IMAGETYPE_TIFF_II == $type)
-    {
-      $is_tiff = true;
-      $file_path.= 'tif';
-    }
-    elseif (IMAGETYPE_JPEG == $type)
-    {
-      $file_path.= 'jpg';
-    }
-    elseif (isset($conf['upload_form_all_types']) and $conf['upload_form_all_types'])
-    {
-      $original_extension = strtolower(get_extension($original_filename));
-
-      if (in_array($original_extension, $conf['file_ext']))
-      {
-        $file_path.= $original_extension;
-      }
-      else
-      {
-        die('unexpected file type');
-      }
-    }
-    else
-    {
-      die('forbidden file type');
-    }
-
-    prepare_directory($upload_dir);
+    $file_path.= 'jpg';
   }
 
+  prepare_directory($upload_dir);
   if (is_uploaded_file($source_filepath))
   {
     move_uploaded_file($source_filepath, $file_path);
   }
   else
   {
-    rename($source_filepath, $file_path);
+    copy($source_filepath, $file_path);
   }
-  @chmod($file_path, 0644);
 
-  // handle the uploaded file type by potentially making a
-  // pwg_representative file.
-  $representative_ext = trigger_change('upload_file', null, $file_path);
-
-  global $logger;
-  $logger->info("Handling " . (string)$file_path . " got " . (string)$representative_ext);
-  
-  // If it is set to either true (the file didn't need a
-  // representative generated) or false (the generation of the
-  // representative failed), set it to null because we have no
-  // representative file.
-  if (is_bool($representative_ext)) {
-    $representative_ext = null;
-  }
-  
-  if (pwg_image::get_library() != 'gd')
+  if ($conf['upload_form_websize_resize']
+      and need_resize($file_path, $conf['upload_form_websize_maxwidth'], $conf['upload_form_websize_maxheight']))
   {
-    if ($conf['original_resize'])
-    {
-      $need_resize = need_resize($file_path, $conf['original_resize_maxwidth'], $conf['original_resize_maxheight']);
-
-      if ($need_resize)
-      {
-        $img = new pwg_image($file_path);
-
-        $img->pwg_resize(
-          $file_path,
-          $conf['original_resize_maxwidth'],
-          $conf['original_resize_maxheight'],
-          $conf['original_resize_quality'],
-          $conf['upload_form_automatic_rotation'],
-          false
-          );
-
-        $img->destroy();
-      }
-    }
+    $high_path = file_path_for_type($file_path, 'high');
+    $high_dir = dirname($high_path);
+    prepare_directory($high_dir);
+    
+    rename($file_path, $high_path);
+    $high_infos = pwg_image_infos($high_path);
+    
+    trigger_event('upload_image_resize',
+      false,
+      $high_path,
+      $file_path,
+      $conf['upload_form_websize_maxwidth'],
+      $conf['upload_form_websize_maxheight'],
+      $conf['upload_form_websize_quality']
+      );
   }
 
-  // we need to save the rotation angle in the database to compute
-  // width/height of "multisizes"
-  $rotation_angle = pwg_image::get_rotation_angle($file_path);
-  $rotation = pwg_image::get_rotation_code_from_angle($rotation_angle);
-
   $file_infos = pwg_image_infos($file_path);
+  
+  $thumb_path = file_path_for_type($file_path, 'thumb');
+  $thumb_dir = dirname($thumb_path);
+  prepare_directory($thumb_dir);
+  
+  trigger_event('upload_thumbnail_resize',
+    false,
+    $file_path,
+    $thumb_path,
+    $conf['upload_form_thumb_maxwidth'],
+    $conf['upload_form_thumb_maxheight'],
+    $conf['upload_form_thumb_quality']
+    );
+  
+  $thumb_infos = pwg_image_infos($thumb_path);
 
-  if (isset($image_id))
+  // database registration
+  $insert = array(
+    'file' => pwg_db_real_escape_string(isset($original_filename) ? $original_filename : basename($file_path)),
+    'date_available' => $dbnow,
+    'tn_ext' => 'jpg',
+    'path' => preg_replace('#^'.preg_quote(PHPWG_ROOT_PATH).'#', '', $file_path),
+    'filesize' => $file_infos['filesize'],
+    'width' => $file_infos['width'],
+    'height' => $file_infos['height'],
+    'md5sum' => $md5sum,
+    );
+
+  if (isset($high_infos))
   {
-    $update = array(
-      'file' => pwg_db_real_escape_string(isset($original_filename) ? $original_filename : basename($file_path)),
-      'filesize' => $file_infos['filesize'],
-      'width' => $file_infos['width'],
-      'height' => $file_infos['height'],
-      'md5sum' => $md5sum,
-      'added_by' => $user['id'],
-      'rotation' => $rotation,
-      );
-
-    if (isset($level))
-    {
-      $update['level'] = $level;
-    }
-
-    single_update(
-      IMAGES_TABLE,
-      $update,
-      array('id' => $image_id)
-      );
+    $insert['has_high'] = 'true';
+    $insert['high_filesize'] = $high_infos['filesize'];
   }
-  else
+
+  if (isset($level))
   {
-    // database registration
-    $file = pwg_db_real_escape_string(isset($original_filename) ? $original_filename : basename($file_path));
-    $insert = array(
-      'file' => $file,
-      'name' => get_name_from_file($file),
-      'date_available' => $dbnow,
-      'path' => preg_replace('#^'.preg_quote(PHPWG_ROOT_PATH).'#', '', $file_path),
-      'filesize' => $file_infos['filesize'],
-      'width' => $file_infos['width'],
-      'height' => $file_infos['height'],
-      'md5sum' => $md5sum,
-      'added_by' => $user['id'],
-      'rotation' => $rotation,
-      );
-
-    if (isset($level))
-    {
-      $insert['level'] = $level;
-    }
-
-    if (isset($representative_ext))
-    {
-      $insert['representative_ext'] = $representative_ext;
-    }
-
-    single_insert(IMAGES_TABLE, $insert);
-
-    $image_id = pwg_db_insert_id(IMAGES_TABLE);
+    $insert['level'] = $level;
   }
+  
+  mass_inserts(
+    IMAGES_TABLE,
+    array_keys($insert),
+    array($insert)
+    );
+  
+  $image_id = pwg_db_insert_id(IMAGES_TABLE);
 
   if (isset($categories) and count($categories) > 0)
   {
@@ -376,199 +139,19 @@ SELECT
       $categories
       );
   }
-
+  
   // update metadata from the uploaded file (exif/iptc)
   if ($conf['use_exif'] and !function_exists('read_exif_data'))
   {
     $conf['use_exif'] = false;
   }
-  sync_metadata(array($image_id));
-
+  update_metadata(array($image_id=>$file_path));
+  
   invalidate_user_cache();
 
-  // cache thumbnail
-  $query = '
-SELECT
-    id,
-    path
-  FROM '.IMAGES_TABLE.'
-  WHERE id = '.$image_id.'
-;';
-  $image_infos = pwg_db_fetch_assoc(pwg_query($query));
-
-  set_make_full_url();
-  // in case we are on uploadify.php, we have to replace the false path
-  $thumb_url = preg_replace('#admin/include/i#', 'i', DerivativeImage::thumb_url($image_infos));
-  unset_make_full_url();
-
-  fetchRemote($thumb_url, $dest);
-
-
   return $image_id;
 }
 
-add_event_handler('upload_file', 'upload_file_pdf');
-function upload_file_pdf($representative_ext, $file_path)
-{
-  global $logger, $conf;
-
-  $logger->info(__FUNCTION__.', $file_path = '.$file_path.', $representative_ext = '.$representative_ext);
-
-  if (isset($representative_ext))
-  {
-    return $representative_ext;
-  }
-
-  if (pwg_image::get_library() != 'ext_imagick')
-  {
-    return $representative_ext;
-  }
-
-  if (!in_array(strtolower(get_extension($file_path)), array('pdf')))
-  {
-    return $representative_ext;
-  }
-
-  $ext = conf_get_param('pdf_representative_ext', 'jpg');
-  $jpg_quality = conf_get_param('pdf_jpg_quality', 90);
-
-  // move the uploaded file to pwg_representative sub-directory
-  $representative_file_path = original_to_representative($file_path, $ext);
-  prepare_directory(dirname($representative_file_path));
-
-  $exec = $conf['ext_imagick_dir'].'convert';
-  if ('jpg' == $ext)
-  {
-    $exec.= ' -quality '.$jpg_quality;
-  }
-  $exec.= ' "'.realpath($file_path).'"[0]';
-  $exec.= ' "'.$representative_file_path.'"';
-  $exec.= ' 2>&1';
-  @exec($exec, $returnarray);
-
-  // Return the extension (if successful) or false (if failed)
-  if (file_exists($representative_file_path))
-  {
-    $representative_ext = $ext;
-  }
-
-  return $representative_ext;
-}
-
-add_event_handler('upload_file', 'upload_file_tiff');
-function upload_file_tiff($representative_ext, $file_path)
-{
-  global $logger, $conf;
-
-  $logger->info(__FUNCTION__.', $file_path = '.$file_path.', $representative_ext = '.$representative_ext);
-
-  if (isset($representative_ext))
-  {
-    return $representative_ext;
-  }
-
-  if (pwg_image::get_library() != 'ext_imagick')
-  {
-    return $representative_ext;
-  }
-
-  if (!in_array(strtolower(get_extension($file_path)), array('tif', 'tiff')))
-  {
-    return $representative_ext;
-  }
-
-  // move the uploaded file to pwg_representative sub-directory
-  $representative_file_path = dirname($file_path).'/pwg_representative/';
-  $representative_file_path.= get_filename_wo_extension(basename($file_path)).'.';
-
-  $representative_ext = $conf['tiff_representative_ext'];
-  $representative_file_path.= $representative_ext;
-
-  prepare_directory(dirname($representative_file_path));
-
-  $exec = $conf['ext_imagick_dir'].'convert';
-
-  if ('jpg' == $conf['tiff_representative_ext'])
-  {
-    $exec .= ' -quality 98';
-  }
-
-  $exec .= ' "'.realpath($file_path).'"';
-
-  $dest = pathinfo($representative_file_path);
-  $exec .= ' "'.realpath($dest['dirname']).'/'.$dest['basename'].'"';
-
-  $exec .= ' 2>&1';
-  @exec($exec, $returnarray);
-
-  // sometimes ImageMagick creates file-0.jpg (full size) + file-1.jpg
-  // (thumbnail). I don't know how to avoid it.
-  $representative_file_abspath = realpath($dest['dirname']).'/'.$dest['basename'];
-  if (!file_exists($representative_file_abspath))
-  {
-    $first_file_abspath = preg_replace(
-      '/\.'.$representative_ext.'$/',
-      '-0.'.$representative_ext,
-      $representative_file_abspath
-      );
-
-    if (file_exists($first_file_abspath))
-    {
-      rename($first_file_abspath, $representative_file_abspath);
-    }
-  }
-
-  return get_extension($representative_file_abspath);
-}
-
-add_event_handler('upload_file', 'upload_file_video');
-function upload_file_video($representative_ext, $file_path)
-{
-  global $logger, $conf;
-
-  $logger->info(__FUNCTION__.', $file_path = '.$file_path.', $representative_ext = '.$representative_ext);
-
-  if (isset($representative_ext))
-  {
-    return $representative_ext;
-  }
-
-  $ffmpeg_video_exts = array( // extensions tested with FFmpeg
-    'wmv','mov','mkv','mp4','mpg','flv','asf','xvid','divx','mpeg',
-    'avi','rm', 'm4v', 'ogg', 'ogv', 'webm', 'webmv',
-    );
-
-  if (!in_array(strtolower(get_extension($file_path)), $ffmpeg_video_exts))
-  {
-    return $representative_ext;
-  }
-
-  $representative_file_path = dirname($file_path).'/pwg_representative/';
-  $representative_file_path.= get_filename_wo_extension(basename($file_path)).'.';
-
-  $representative_ext = 'jpg';
-  $representative_file_path.= $representative_ext;
-
-  prepare_directory(dirname($representative_file_path));
-
-  $second = 1;
-
-  $ffmpeg = $conf['ffmpeg_dir'].'ffmpeg';
-  $ffmpeg.= ' -i "'.$file_path.'"';
-  $ffmpeg.= ' -an -ss '.$second;
-  $ffmpeg.= ' -t 1 -r 1 -y -vcodec mjpeg -f mjpeg';
-  $ffmpeg.= ' "'.$representative_file_path.'"';
-
-  @exec($ffmpeg);
-
-  if (!file_exists($representative_file_path))
-  {
-    return null;
-  }
-
-  return $representative_ext;
-}
-
 function prepare_directory($directory)
 {
   if (!is_dir($directory)) {
@@ -600,11 +183,8 @@ function prepare_directory($directory)
 
 function need_resize($image_filepath, $max_width, $max_height)
 {
-  // TODO : the resize check should take the orientation into account. If a
-  // rotation must be applied to the resized photo, then we should test
-  // invert width and height.
   list($width, $height) = getimagesize($image_filepath);
-
+  
   if ($width > $max_width or $height > $max_height)
   {
     return true;
@@ -613,11 +193,101 @@ function need_resize($image_filepath, $max_width, $max_height)
   return false;
 }
 
+function pwg_image_resize($result, $source_filepath, $destination_filepath, $max_width, $max_height, $quality)
+{
+  if ($result !== false)
+  {
+    //someone hooked us - so we skip
+    return $result;
+  }
+
+  if (!function_exists('gd_info'))
+  {
+    return false;
+  }
+
+  // extension of the picture filename
+  $extension = strtolower(get_extension($source_filepath));
+
+  $source_image = null;
+  if (in_array($extension, array('jpg', 'jpeg')))
+  {
+    $source_image = imagecreatefromjpeg($source_filepath);
+  }
+  else if ($extension == 'png')
+  {
+    $source_image = imagecreatefrompng($source_filepath);
+  }
+  else
+  {
+    die('unsupported file extension');
+  }
+  
+  // width/height
+  $source_width  = imagesx($source_image); 
+  $source_height = imagesy($source_image);
+  
+  $ratio_width  = $source_width / $max_width;
+  $ratio_height = $source_height / $max_height;
+  
+  // maximal size exceeded ?
+  if ($ratio_width > 1 or $ratio_height > 1)
+  {
+    if ($ratio_width < $ratio_height)
+    { 
+      $destination_width = ceil($source_width / $ratio_height);
+      $destination_height = $max_height; 
+    }
+    else
+    { 
+      $destination_width = $max_width; 
+      $destination_height = ceil($source_height / $ratio_width);
+    }
+  }
+  else
+  {
+    // the image doesn't need any resize! We just copy it to the destination
+    copy($source_filepath, $destination_filepath);
+    return true;
+  }
+  
+  $destination_image = imagecreatetruecolor($destination_width, $destination_height);
+  
+  imagecopyresampled(
+    $destination_image,
+    $source_image,
+    0,
+    0,
+    0,
+    0,
+    $destination_width,
+    $destination_height,
+    $source_width,
+    $source_height
+    );
+  
+  $extension = strtolower(get_extension($destination_filepath));
+  if ($extension == 'png')
+  {
+    imagepng($destination_image, $destination_filepath);
+  }
+  else
+  {
+    imagejpeg($destination_image, $destination_filepath, $quality);
+  }
+  // freeing memory ressources
+  imagedestroy($source_image);
+  imagedestroy($destination_image);
+
+  // everything should be OK if we are here!
+  return true;
+}
+
 function pwg_image_infos($path)
 {
   list($width, $height) = getimagesize($path);
   $filesize = floor(filesize($path)/1024);
-
+  
   return array(
     'width'  => $width,
     'height' => $height,
@@ -627,18 +297,7 @@ function pwg_image_infos($path)
 
 function is_valid_image_extension($extension)
 {
-  global $conf;
-  
-  if (isset($conf['upload_form_all_types']) and $conf['upload_form_all_types'])
-  {
-    $extensions = $conf['file_ext'];
-  }
-  else
-  {
-    $extensions = $conf['picture_ext'];
-  }
-
-  return array_unique(array_map('strtolower', $extensions));
+  return in_array(strtolower($extension), array('jpg', 'jpeg', 'png'));
 }
 
 function file_upload_error_message($error_code)
@@ -672,17 +331,17 @@ function get_ini_size($ini_key, $in_bytes=true)
 
   if ($in_bytes)
   {
-    $size = convert_shorthand_notation_to_bytes($size);
+    $size = convert_shortand_notation_to_bytes($size);
   }
-
+  
   return $size;
 }
 
-function convert_shorthand_notation_to_bytes($value)
+function convert_shortand_notation_to_bytes($value)
 {
   $suffix = substr($value, -1);
   $multiply_by = null;
-
+  
   if ('K' == $suffix)
   {
     $multiply_by = 1024;
@@ -695,7 +354,7 @@ function convert_shorthand_notation_to_bytes($value)
   {
     $multiply_by = 1024*1024*1024;
   }
-
+  
   if (isset($multiply_by))
   {
     $value = substr($value, 0, -1);
@@ -707,41 +366,15 @@ function convert_shorthand_notation_to_bytes($value)
 
 function add_upload_error($upload_id, $error_message)
 {
-  $_SESSION['uploads_error'][$upload_id][] = $error_message;
-}
-
-function ready_for_upload_message()
-{
-  global $conf;
-
-  $relative_dir = preg_replace('#^'.PHPWG_ROOT_PATH.'#', '', $conf['upload_dir']);
-
-  if (!is_dir($conf['upload_dir']))
+  if (!isset($_SESSION['uploads_error']))
   {
-    if (!is_writable(dirname($conf['upload_dir'])))
-    {
-      return sprintf(
-        l10n('Create the "%s" directory at the root of your Piwigo installation'),
-        $relative_dir
-        );
-    }
+    $_SESSION['uploads_error'] = array();
   }
-  else
+  if (!isset($_SESSION['uploads_error'][$upload_id]))
   {
-    if (!is_writable($conf['upload_dir']))
-    {
-      @chmod($conf['upload_dir'], 0777);
-
-      if (!is_writable($conf['upload_dir']))
-      {
-        return sprintf(
-          l10n('Give write access (chmod 777) to "%s" directory at the root of your Piwigo installation'),
-          $relative_dir
-          );
-      }
-    }
+    $_SESSION['uploads_error'][$upload_id] = array();
   }
 
-  return null;
+  array_push($_SESSION['uploads_error'][$upload_id], $error_message);
 }
 ?>

admin/include/image.class.php

@@ -1,829 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-// +-----------------------------------------------------------------------+
-// |                           Image Interface                             |
-// +-----------------------------------------------------------------------+
-
-// Define all needed methods for image class
-interface imageInterface
-{
-  function get_width();
-
-  function get_height();
-
-  function set_compression_quality($quality);
-
-  function crop($width, $height, $x, $y);
-
-  function strip();
-
-  function rotate($rotation);
-
-  function resize($width, $height);
-
-  function sharpen($amount);
-
-  function compose($overlay, $x, $y, $opacity);
-
-  function write($destination_filepath);
-}
-
-// +-----------------------------------------------------------------------+
-// |                          Main Image Class                             |
-// +-----------------------------------------------------------------------+
-
-class pwg_image
-{
-  var $image;
-  var $library = '';
-  var $source_filepath = '';
-  static $ext_imagick_version = '';
-
-  function __construct($source_filepath, $library=null)
-  {
-    $this->source_filepath = $source_filepath;
-
-    trigger_notify('load_image_library', array(&$this) );
-
-    if (is_object($this->image))
-    {
-      return; // A plugin may have load its own library
-    }
-
-    $extension = strtolower(get_extension($source_filepath));
-
-    if (!in_array($extension, array('jpg', 'jpeg', 'png', 'gif')))
-    {
-      die('[Image] unsupported file extension');
-    }
-
-    if (!($this->library = self::get_library($library, $extension)))
-    {
-      die('No image library available on your server.');
-    }
-
-    $class = 'image_'.$this->library;
-    $this->image = new $class($source_filepath);
-  }
-
-  // Unknow methods will be redirected to image object
-  function __call($method, $arguments)
-  {
-    return call_user_func_array(array($this->image, $method), $arguments);
-  }
-
-  // Piwigo resize function
-  function pwg_resize($destination_filepath, $max_width, $max_height, $quality, $automatic_rotation=true, $strip_metadata=false, $crop=false, $follow_orientation=true)
-  {
-    $starttime = get_moment();
-
-    // width/height
-    $source_width  = $this->image->get_width();
-    $source_height = $this->image->get_height();
-
-    $rotation = null;
-    if ($automatic_rotation)
-    {
-      $rotation = self::get_rotation_angle($this->source_filepath);
-    }
-    $resize_dimensions = self::get_resize_dimensions($source_width, $source_height, $max_width, $max_height, $rotation, $crop, $follow_orientation);
-
-    // testing on height is useless in theory: if width is unchanged, there
-    // should be no resize, because width/height ratio is not modified.
-    if ($resize_dimensions['width'] == $source_width and $resize_dimensions['height'] == $source_height)
-    {
-      // the image doesn't need any resize! We just copy it to the destination
-      copy($this->source_filepath, $destination_filepath);
-      return $this->get_resize_result($destination_filepath, $resize_dimensions['width'], $resize_dimensions['height'], $starttime);
-    }
-
-    $this->image->set_compression_quality($quality);
-
-    if ($strip_metadata)
-    {
-      // we save a few kilobytes. For example a thumbnail with metadata weights 25KB, without metadata 7KB.
-      $this->image->strip();
-    }
-
-    if (isset($resize_dimensions['crop']))
-    {
-      $this->image->crop($resize_dimensions['crop']['width'], $resize_dimensions['crop']['height'], $resize_dimensions['crop']['x'], $resize_dimensions['crop']['y']);
-    }
-
-    $this->image->resize($resize_dimensions['width'], $resize_dimensions['height']);
-
-    if (!empty($rotation))
-    {
-      $this->image->rotate($rotation);
-    }
-
-    $this->image->write($destination_filepath);
-
-    // everything should be OK if we are here!
-    return $this->get_resize_result($destination_filepath, $resize_dimensions['width'], $resize_dimensions['height'], $starttime);
-  }
-
-  static function get_resize_dimensions($width, $height, $max_width, $max_height, $rotation=null, $crop=false, $follow_orientation=true)
-  {
-    $rotate_for_dimensions = false;
-    if (isset($rotation) and in_array(abs($rotation), array(90, 270)))
-    {
-      $rotate_for_dimensions = true;
-    }
-
-    if ($rotate_for_dimensions)
-    {
-      list($width, $height) = array($height, $width);
-    }
-
-    if ($crop)
-    {
-      $x = 0;
-      $y = 0;
-
-      if ($width < $height and $follow_orientation)
-      {
-        list($max_width, $max_height) = array($max_height, $max_width);
-      }
-
-      $img_ratio = $width / $height;
-      $dest_ratio = $max_width / $max_height;
-
-      if($dest_ratio > $img_ratio)
-      {
-        $destHeight = round($width * $max_height / $max_width);
-        $y = round(($height - $destHeight) / 2 );
-        $height = $destHeight;
-      }
-      elseif ($dest_ratio < $img_ratio)
-      {
-        $destWidth = round($height * $max_width / $max_height);
-        $x = round(($width - $destWidth) / 2 );
-        $width = $destWidth;
-      }
-    }
-
-    $ratio_width  = $width / $max_width;
-    $ratio_height = $height / $max_height;
-    $destination_width = $width;
-    $destination_height = $height;
-
-    // maximal size exceeded ?
-    if ($ratio_width > 1 or $ratio_height > 1)
-    {
-      if ($ratio_width < $ratio_height)
-      {
-        $destination_width = round($width / $ratio_height);
-        $destination_height = $max_height;
-      }
-      else
-      {
-        $destination_width = $max_width;
-        $destination_height = round($height / $ratio_width);
-      }
-    }
-
-    if ($rotate_for_dimensions)
-    {
-      list($destination_width, $destination_height) = array($destination_height, $destination_width);
-    }
-
-    $result = array(
-      'width' => $destination_width,
-      'height'=> $destination_height,
-      );
-
-    if ($crop and ($x or $y))
-    {
-      $result['crop'] = array(
-        'width' => $width,
-        'height' => $height,
-        'x' => $x,
-        'y' => $y,
-        );
-    }
-    return $result;
-  }
-
-  static function get_rotation_angle($source_filepath)
-  {
-    list($width, $height, $type) = getimagesize($source_filepath);
-    if (IMAGETYPE_JPEG != $type)
-    {
-      return null;
-    }
-
-    if (!function_exists('exif_read_data'))
-    {
-      return null;
-    }
-
-    $rotation = 0;
-
-    $exif = @exif_read_data($source_filepath);
-
-    if (isset($exif['Orientation']) and preg_match('/^\s*(\d)/', $exif['Orientation'], $matches))
-    {
-      $orientation = $matches[1];
-      if (in_array($orientation, array(3, 4)))
-      {
-        $rotation = 180;
-      }
-      elseif (in_array($orientation, array(5, 6)))
-      {
-        $rotation = 270;
-      }
-      elseif (in_array($orientation, array(7, 8)))
-      {
-        $rotation = 90;
-      }
-    }
-
-    return $rotation;
-  }
-
-  static function get_rotation_code_from_angle($rotation_angle)
-  {
-    switch($rotation_angle)
-    {
-      case 0:   return 0;
-      case 90:  return 1;
-      case 180: return 2;
-      case 270: return 3;
-    }
-  }
-
-  static function get_rotation_angle_from_code($rotation_code)
-  {
-    switch($rotation_code%4)
-    {
-      case 0: return 0;
-      case 1: return 90;
-      case 2: return 180;
-      case 3: return 270;
-    }
-  }
-
-  /** Returns a normalized convolution kernel for sharpening*/
-  static function get_sharpen_matrix($amount)
-  {
-    // Amount should be in the range of 48-10
-    $amount = round(abs(-48 + ($amount * 0.38)), 2);
-
-    $matrix = array(
-      array(-1,   -1,    -1),
-      array(-1, $amount, -1),
-      array(-1,   -1,    -1),
-      );
-
-    $norm = array_sum(array_map('array_sum', $matrix));
-
-    for ($i=0; $i<3; $i++)
-    {
-      $line = & $matrix[$i];
-      for ($j=0; $j<3; $j++)
-      {
-        $line[$j] /= $norm;
-      }
-    }
-
-    return $matrix;
-  }
-
-  private function get_resize_result($destination_filepath, $width, $height, $time=null)
-  {
-    return array(
-      'source'      => $this->source_filepath,
-      'destination' => $destination_filepath,
-      'width'       => $width,
-      'height'      => $height,
-      'size'        => floor(filesize($destination_filepath) / 1024).' KB',
-      'time'        => $time ? number_format((get_moment() - $time) * 1000, 2, '.', ' ').' ms' : null,
-      'library'     => $this->library,
-    );
-  }
-
-  static function is_imagick()
-  {
-    return (extension_loaded('imagick') and class_exists('Imagick'));
-  }
-
-  static function is_ext_imagick()
-  {
-    global $conf;
-
-    if (!function_exists('exec'))
-    {
-      return false;
-    }
-    @exec($conf['ext_imagick_dir'].'convert -version', $returnarray);
-    if (is_array($returnarray) and !empty($returnarray[0]) and preg_match('/ImageMagick/i', $returnarray[0]))
-    {
-      if (preg_match('/Version: ImageMagick (\d+\.\d+\.\d+-?\d*)/', $returnarray[0], $match))
-      {
-        self::$ext_imagick_version = $match[1];
-      }
-      return true;
-    }
-    return false;
-  }
-
-  static function is_gd()
-  {
-    return function_exists('gd_info');
-  }
-
-  static function get_library($library=null, $extension=null)
-  {
-    global $conf;
-
-    if (is_null($library))
-    {
-      $library = $conf['graphics_library'];
-    }
-
-    // Choose image library
-    switch (strtolower($library))
-    {
-      case 'auto':
-      case 'imagick':
-        if ($extension != 'gif' and self::is_imagick())
-        {
-          return 'imagick';
-        }
-      case 'ext_imagick':
-        if ($extension != 'gif' and self::is_ext_imagick())
-        {
-          return 'ext_imagick';
-        }
-      case 'gd':
-        if (self::is_gd())
-        {
-          return 'gd';
-        }
-      default:
-        if ($library != 'auto')
-        {
-          // Requested library not available. Try another library
-          return self::get_library('auto', $extension);
-        }
-    }
-    return false;
-  }
-
-  function destroy()
-  {
-    if (method_exists($this->image, 'destroy'))
-    {
-      return $this->image->destroy();
-    }
-    return true;
-  }
-}
-
-// +-----------------------------------------------------------------------+
-// |                   Class for Imagick extension                         |
-// +-----------------------------------------------------------------------+
-
-class image_imagick implements imageInterface
-{
-  var $image;
-
-  function __construct($source_filepath)
-  {
-    // A bug cause that Imagick class can not be extended
-    $this->image = new Imagick($source_filepath);
-  }
-
-  function get_width()
-  {
-    return $this->image->getImageWidth();
-  }
-
-  function get_height()
-  {
-    return $this->image->getImageHeight();
-  }
-
-  function set_compression_quality($quality)
-  {
-    return $this->image->setImageCompressionQuality($quality);
-  }
-
-  function crop($width, $height, $x, $y)
-  {
-    return $this->image->cropImage($width, $height, $x, $y);
-  }
-
-  function strip()
-  {
-    return $this->image->stripImage();
-  }
-
-  function rotate($rotation)
-  {
-    $this->image->rotateImage(new ImagickPixel(), -$rotation);
-    $this->image->setImageOrientation(Imagick::ORIENTATION_TOPLEFT);
-    return true;
-  }
-
-  function resize($width, $height)
-  {
-    $this->image->setInterlaceScheme(Imagick::INTERLACE_LINE);
-
-    // TODO need to explain this condition
-    if ($this->get_width()%2 == 0
-        && $this->get_height()%2 == 0
-        && $this->get_width() > 3*$width)
-    {
-      $this->image->scaleImage($this->get_width()/2, $this->get_height()/2);
-    }
-
-    return $this->image->resizeImage($width, $height, Imagick::FILTER_LANCZOS, 0.9);
-  }
-
-  function sharpen($amount)
-  {
-    $m = pwg_image::get_sharpen_matrix($amount);
-    return  $this->image->convolveImage($m);
-  }
-
-  function compose($overlay, $x, $y, $opacity)
-  {
-    $ioverlay = $overlay->image->image;
-    /*if ($ioverlay->getImageAlphaChannel() !== Imagick::ALPHACHANNEL_OPAQUE)
-    {
-      // Force the image to have an alpha channel
-      $ioverlay->setImageAlphaChannel(Imagick::ALPHACHANNEL_OPAQUE);
-    }*/
-
-    global $dirty_trick_xrepeat;
-    if ( !isset($dirty_trick_xrepeat) && $opacity < 100)
-    {// NOTE: Using setImageOpacity will destroy current alpha channels!
-      $ioverlay->evaluateImage(Imagick::EVALUATE_MULTIPLY, $opacity / 100, Imagick::CHANNEL_ALPHA);
-      $dirty_trick_xrepeat = true;
-    }
-
-    return $this->image->compositeImage($ioverlay, Imagick::COMPOSITE_DISSOLVE, $x, $y);
-  }
-
-  function write($destination_filepath)
-  {
-    // use 4:2:2 chroma subsampling (reduce file size by 20-30% with "almost" no human perception)
-    $this->image->setSamplingFactors( array(2,1) );
-    return $this->image->writeImage($destination_filepath);
-  }
-}
-
-// +-----------------------------------------------------------------------+
-// |            Class for ImageMagick external installation                |
-// +-----------------------------------------------------------------------+
-
-class image_ext_imagick implements imageInterface
-{
-  var $imagickdir = '';
-  var $source_filepath = '';
-  var $width = '';
-  var $height = '';
-  var $commands = array();
-
-  function __construct($source_filepath)
-  {
-    global $conf;
-    $this->source_filepath = $source_filepath;
-    $this->imagickdir = $conf['ext_imagick_dir'];
-
-    if (strpos(@$_SERVER['SCRIPT_FILENAME'], '/kunden/') === 0)  // 1and1
-    {
-      @putenv('MAGICK_THREAD_LIMIT=1');
-    }
-
-    $command = $this->imagickdir.'identify -format "%wx%h" "'.realpath($source_filepath).'"';
-    @exec($command, $returnarray);
-    if(!is_array($returnarray) or empty($returnarray[0]) or !preg_match('/^(\d+)x(\d+)$/', $returnarray[0], $match))
-    {
-      die("[External ImageMagick] Corrupt image\n" . var_export($returnarray, true));
-    }
-
-    $this->width = $match[1];
-    $this->height = $match[2];
-  }
-
-  function add_command($command, $params=null)
-  {
-    $this->commands[$command] = $params;
-  }
-
-  function get_width()
-  {
-    return $this->width;
-  }
-
-  function get_height()
-  {
-    return $this->height;
-  }
-
-  function crop($width, $height, $x, $y)
-  {
-    $this->width = $width;
-    $this->height = $height;
-
-    $this->add_command('crop', $width.'x'.$height.'+'.$x.'+'.$y);
-    return true;
-  }
-
-  function strip()
-  {
-    $this->add_command('strip');
-    return true;
-  }
-
-  function rotate($rotation)
-  {
-    if (empty($rotation))
-    {
-      return true;
-    }
-
-    if ($rotation==90 || $rotation==270)
-    {
-      $tmp = $this->width;
-      $this->width = $this->height;
-      $this->height = $tmp;
-    }
-    $this->add_command('rotate', -$rotation);
-    $this->add_command('orient', 'top-left');
-    return true;
-  }
-
-  function set_compression_quality($quality)
-  {
-    $this->add_command('quality', $quality);
-    return true;
-  }
-
-  function resize($width, $height)
-  {
-    $this->width = $width;
-    $this->height = $height;
-
-    $this->add_command('filter', 'Lanczos');
-    $this->add_command('resize', $width.'x'.$height.'!');
-    return true;
-  }
-
-  function sharpen($amount)
-  {
-    $m = pwg_image::get_sharpen_matrix($amount);
-
-    $param ='convolve "'.count($m).':';
-    foreach ($m as $line)
-    {
-      $param .= ' ';
-      $param .= implode(',', $line);
-    }
-    $param .= '"';
-    $this->add_command('morphology', $param);
-    return true;
-  }
-
-  function compose($overlay, $x, $y, $opacity)
-  {
-    $param = 'compose dissolve -define compose:args='.$opacity;
-    $param .= ' '.escapeshellarg(realpath($overlay->image->source_filepath));
-    $param .= ' -gravity NorthWest -geometry +'.$x.'+'.$y;
-    $param .= ' -composite';
-    $this->add_command($param);
-    return true;
-  }
-
-  function write($destination_filepath)
-  {
-    global $logger;
-
-    $this->add_command('interlace', 'line'); // progressive rendering
-    // use 4:2:2 chroma subsampling (reduce file size by 20-30% with "almost" no human perception)
-    //
-    // option deactivated for Piwigo 2.4.1, it doesn't work fo old versions
-    // of ImageMagick, see bug:2672. To reactivate once we have a better way
-    // to detect IM version and when we know which version supports this
-    // option
-    //
-    if (version_compare(pwg_image::$ext_imagick_version, '6.6') > 0)
-    {
-      $this->add_command('sampling-factor', '4:2:2' );
-    }
-
-    $exec = $this->imagickdir.'convert';
-    $exec .= ' "'.realpath($this->source_filepath).'"';
-
-    foreach ($this->commands as $command => $params)
-    {
-      $exec .= ' -'.$command;
-      if (!empty($params))
-      {
-        $exec .= ' '.$params;
-      }
-    }
-
-    $dest = pathinfo($destination_filepath);
-    $exec .= ' "'.realpath($dest['dirname']).'/'.$dest['basename'].'" 2>&1';
-    $logger->debug($exec, 'i.php');
-    @exec($exec, $returnarray);
-
-    if (is_array($returnarray) && (count($returnarray)>0) )
-    {
-      $logger->error('', 'i.php', $returnarray);
-      foreach ($returnarray as $line)
-        trigger_error($line, E_USER_WARNING);
-    }
-    return is_array($returnarray);
-  }
-}
-
-// +-----------------------------------------------------------------------+
-// |                       Class for GD library                            |
-// +-----------------------------------------------------------------------+
-
-class image_gd implements imageInterface
-{
-  var $image;
-  var $quality = 95;
-
-  function __construct($source_filepath)
-  {
-    $gd_info = gd_info();
-    $extension = strtolower(get_extension($source_filepath));
-
-    if (in_array($extension, array('jpg', 'jpeg')))
-    {
-      $this->image = imagecreatefromjpeg($source_filepath);
-    }
-    else if ($extension == 'png')
-    {
-      $this->image = imagecreatefrompng($source_filepath);
-    }
-    elseif ($extension == 'gif' and $gd_info['GIF Read Support'] and $gd_info['GIF Create Support'])
-    {
-      $this->image = imagecreatefromgif($source_filepath);
-    }
-    else
-    {
-      die('[Image GD] unsupported file extension');
-    }
-  }
-
-  function get_width()
-  {
-    return imagesx($this->image);
-  }
-
-  function get_height()
-  {
-    return imagesy($this->image);
-  }
-
-  function crop($width, $height, $x, $y)
-  {
-    $dest = imagecreatetruecolor($width, $height);
-
-    imagealphablending($dest, false);
-    imagesavealpha($dest, true);
-    if (function_exists('imageantialias'))
-    {
-      imageantialias($dest, true);
-    }
-
-    $result = imagecopymerge($dest, $this->image, 0, 0, $x, $y, $width, $height, 100);
-
-    if ($result !== false)
-    {
-      imagedestroy($this->image);
-      $this->image = $dest;
-    }
-    else
-    {
-      imagedestroy($dest);
-    }
-    return $result;
-  }
-
-  function strip()
-  {
-    return true;
-  }
-
-  function rotate($rotation)
-  {
-    $dest = imagerotate($this->image, $rotation, 0);
-    imagedestroy($this->image);
-    $this->image = $dest;
-    return true;
-  }
-
-  function set_compression_quality($quality)
-  {
-    $this->quality = $quality;
-    return true;
-  }
-
-  function resize($width, $height)
-  {
-    $dest = imagecreatetruecolor($width, $height);
-
-    imagealphablending($dest, false);
-    imagesavealpha($dest, true);
-    if (function_exists('imageantialias'))
-    {
-      imageantialias($dest, true);
-    }
-
-    $result = imagecopyresampled($dest, $this->image, 0, 0, 0, 0, $width, $height, $this->get_width(), $this->get_height());
-
-    if ($result !== false)
-    {
-      imagedestroy($this->image);
-      $this->image = $dest;
-    }
-    else
-    {
-      imagedestroy($dest);
-    }
-    return $result;
-  }
-
-  function sharpen($amount)
-  {
-    $m = pwg_image::get_sharpen_matrix($amount);
-    return imageconvolution($this->image, $m, 1, 0);
-  }
-
-  function compose($overlay, $x, $y, $opacity)
-  {
-    $ioverlay = $overlay->image->image;
-    /* A replacement for php's imagecopymerge() function that supports the alpha channel
-    See php bug #23815:  http://bugs.php.net/bug.php?id=23815 */
-
-    $ow = imagesx($ioverlay);
-    $oh = imagesy($ioverlay);
-
-		// Create a new blank image the site of our source image
-		$cut = imagecreatetruecolor($ow, $oh);
-
-		// Copy the blank image into the destination image where the source goes
-		imagecopy($cut, $this->image, 0, 0, $x, $y, $ow, $oh);
-
-		// Place the source image in the destination image
-		imagecopy($cut, $ioverlay, 0, 0, 0, 0, $ow, $oh);
-		imagecopymerge($this->image, $cut, $x, $y, 0, 0, $ow, $oh, $opacity);
-    imagedestroy($cut);
-    return true;
-  }
-
-  function write($destination_filepath)
-  {
-    $extension = strtolower(get_extension($destination_filepath));
-
-    if ($extension == 'png')
-    {
-      imagepng($this->image, $destination_filepath);
-    }
-    elseif ($extension == 'gif')
-    {
-      imagegif($this->image, $destination_filepath);
-    }
-    else
-    {
-      imagejpeg($this->image, $destination_filepath, $this->quality);
-    }
-  }
-
-  function destroy()
-  {
-    imagedestroy($this->image);
-  }
-}
-
-?>

admin/include/index.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+

admin/include/languages.class.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -30,9 +30,26 @@ class languages
   /**
    * Initialize $fs_languages and $db_languages
   */
-  function __construct($target_charset = null)
+  function languages($target_charset = null)
   {
-    $this->get_fs_languages($target_charset);
+    $this->fs_languages = $this->get_fs_languages($target_charset);
+  }
+
+  /**
+   * Set tabsheet for languages pages.
+   * @param string selected page.
+   */
+  function set_tabsheet($selected)
+  {
+    include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
+
+    $link = get_root_url().'admin.php?page=';
+
+    $tabsheet = new tabsheet();
+    $tabsheet->add('languages_installed', l10n('Installed Languages'), $link.'languages_installed');
+    $tabsheet->add('languages_new', l10n('Add New Language'), $link.'languages_new');
+    $tabsheet->select($selected);
+    $tabsheet->assign();
   }
 
   /**
@@ -57,16 +74,14 @@ class languages
       case 'activate':
         if (isset($crt_db_language))
         {
-          $errors[] = 'CANNOT ACTIVATE - LANGUAGE IS ALREADY ACTIVATED';
+          array_push($errors, 'CANNOT ACTIVATE - LANGUAGE IS ALREADY ACTIVATED');
           break;
         }
 
         $query = '
 INSERT INTO '.LANGUAGES_TABLE.'
-  (id, version, name)
-  VALUES(\''.$language_id.'\',
-         \''.$this->fs_languages[$language_id]['version'].'\',
-         \''.$this->fs_languages[$language_id]['name'].'\')
+  (id, name)
+  VALUES(\''.$language_id.'\', \''.$this->fs_languages[$language_id].'\')
 ;';
         pwg_query($query);
         break;
@@ -74,13 +89,13 @@ INSERT INTO '.LANGUAGES_TABLE.'
       case 'deactivate':
         if (!isset($crt_db_language))
         {
-          $errors[] = 'CANNOT DEACTIVATE - LANGUAGE IS ALREADY DEACTIVATED';
+          array_push($errors, 'CANNOT DEACTIVATE - LANGUAGE IS ALREADY DEACTIVATED');
           break;
         }
 
         if ($language_id == get_default_language())
         {
-          $errors[] = 'CANNOT DEACTIVATE - LANGUAGE IS DEFAULT LANGUAGE';
+          array_push($errors, 'CANNOT DEACTIVATE - LANGUAGE IS DEFAULT LANGUAGE');
           break;
         }
 
@@ -95,12 +110,12 @@ DELETE
       case 'delete':
         if (!empty($crt_db_language))
         {
-          $errors[] = 'CANNOT DELETE - LANGUAGE IS ACTIVATED';
+          array_push($errors, 'CANNOT DELETE - LANGUAGE IS ACTIVATED');
           break;
         }
         if (!isset($this->fs_languages[$language_id]))
         {
-          $errors[] = 'CANNOT DELETE - LANGUAGE DOES NOT EXIST';
+          array_push($errors, 'CANNOT DELETE - LANGUAGE DOES NOT EXIST');
           break;
         }
 
@@ -112,7 +127,10 @@ UPDATE '.USER_INFOS_TABLE.'
 ;';
         pwg_query($query);
 
-        deltree(PHPWG_ROOT_PATH.'language/'.$language_id, PHPWG_ROOT_PATH.'language/trash');
+        if (!$this->deltree(PHPWG_ROOT_PATH.'language/'.$language_id))
+        {
+          $this->send_to_trash(PHPWG_ROOT_PATH.'language/'.$language_id);
+        }
         break;
 
       case 'set_default':
@@ -139,60 +157,21 @@ UPDATE '.USER_INFOS_TABLE.'
     $target_charset = strtolower($target_charset);
 
     $dir = opendir(PHPWG_ROOT_PATH.'language');
+
     while ($file = readdir($dir))
     {
-      if ($file!='.' and $file!='..')
+      $path = PHPWG_ROOT_PATH.'language/'.$file;
+      if (!is_link($path) and is_dir($path) and file_exists($path.'/iso.txt'))
       {
-        $path = PHPWG_ROOT_PATH.'language/'.$file;
-        if (is_dir($path) and !is_link($path)
-            and preg_match('/^[a-zA-Z0-9-_]+$/', $file )
-            and file_exists($path.'/common.lang.php')
-            )
-        {
-          $language = array(
-              'name'=>$file,
-              'code'=>$file,
-              'version'=>'0',
-              'uri'=>'',
-              'author'=>'',
-            );
-          $plg_data = implode( '', file($path.'/common.lang.php') );
+        list($language_name) = @file($path.'/iso.txt');
 
-          if (preg_match("|Language Name:\\s*(.+)|", $plg_data, $val))
-          {
-            $language['name'] = trim( $val[1] );
-            $language['name'] = convert_charset($language['name'], 'utf-8', $target_charset);
-          }
-          if (preg_match("|Version:\\s*([\\w.-]+)|", $plg_data, $val))
-          {
-            $language['version'] = trim($val[1]);
-          }
-          if (preg_match("|Language URI:\\s*(https?:\\/\\/.+)|", $plg_data, $val))
-          {
-            $language['uri'] = trim($val[1]);
-          }
-          if (preg_match("|Author:\\s*(.+)|", $plg_data, $val))
-          {
-            $language['author'] = trim($val[1]);
-          }
-          if (preg_match("|Author URI:\\s*(https?:\\/\\/.+)|", $plg_data, $val))
-          {
-            $language['author uri'] = trim($val[1]);
-          }
-          if (!empty($language['uri']) and strpos($language['uri'] , 'extension_view.php?eid='))
-          {
-            list( , $extension) = explode('extension_view.php?eid=', $language['uri']);
-            if (is_numeric($extension)) $language['extension'] = $extension;
-          }
-
-          // IMPORTANT SECURITY !
-          $language = array_map('htmlspecialchars', $language);
-          $this->fs_languages[$file] = $language;
-        }
+        $languages[$file] = convert_charset($language_name, 'utf-8', $target_charset);
       }
     }
     closedir($dir);
-    @uasort($this->fs_languages, 'name_compare');
+    @asort($languages);
+
+    return $languages;
   }
 
   function get_db_languages()
@@ -213,12 +192,12 @@ UPDATE '.USER_INFOS_TABLE.'
   /**
    * Retrieve PEM server datas to $server_languages
    */
-  function get_server_languages($new=false)
+  function get_server_languages()
   {
-    global $user, $conf;
+    global $user;
 
     $get_data = array(
-      'category_id' => $conf['pem_languages_category'],
+      'category_id' => 8,
       'format' => 'php',
     );
 
@@ -228,11 +207,11 @@ UPDATE '.USER_INFOS_TABLE.'
     $url = PEM_URL . '/api/get_version_list.php';
     if (fetchRemote($url, $result, $get_data) and $pem_versions = @unserialize($result))
     {
-      if (!preg_match('/^\d+\.\d+\.\d+$/', $version))
+      if (!preg_match('/^\d+\.\d+\.\d+/', $version))
       {
         $version = $pem_versions[0]['name'];
       }
-      $branch = get_branch_from_version($version);
+      $branch = substr($version, 0, strrpos($version, '.'));
       foreach ($pem_versions as $pem_version)
       {
         if (strpos($pem_version['name'], $branch) === 0)
@@ -246,36 +225,14 @@ UPDATE '.USER_INFOS_TABLE.'
       return false;
     }
 
-    // Languages to check
-    $languages_to_check = array();
-    foreach($this->fs_languages as $fs_language)
-    {
-      if (isset($fs_language['extension']))
-      {
-        $languages_to_check[] = $fs_language['extension'];
-      }
-    }
-
     // Retrieve PEM languages infos
     $url = PEM_URL . '/api/get_revision_list.php';
     $get_data = array_merge($get_data, array(
       'last_revision_only' => 'true',
       'version' => implode(',', $versions_to_check),
       'lang' => $user['language'],
-      'get_nb_downloads' => 'true',
       )
     );
-    if (!empty($languages_to_check))
-    {
-      if ($new)
-      {
-        $get_data['extension_exclude'] = implode(',', $languages_to_check);
-      }
-      else
-      {
-        $get_data['extension_include'] = implode(',', $languages_to_check);
-      }
-    }
 
     if (fetchRemote($url, $result, $get_data))
     {
@@ -286,12 +243,12 @@ UPDATE '.USER_INFOS_TABLE.'
       }
       foreach ($pem_languages as $language)
       {
-        if (preg_match('/^.*? \[[A-Z]{2}\]$/', $language['extension_name']))
+        if (preg_match('/^.*? \[[A-Z]{2}\]$/', $language['extension_name'])
+          and !in_array($language['extension_name'], $this->fs_languages))
         {
-          $this->server_languages[$language['extension_id']] = $language;
+          $this->server_languages[] = $language;
         }
       }
-      @uasort($this->server_languages, array($this, 'extension_name_compare'));
       return true;
     }
     return false;
@@ -317,14 +274,14 @@ UPDATE '.USER_INFOS_TABLE.'
       if ($handle = @fopen($archive, 'wb') and fetchRemote($url, $handle, $get_data))
       {
         fclose($handle);
-        include_once(PHPWG_ROOT_PATH.'admin/include/pclzip.lib.php');
+        include(PHPWG_ROOT_PATH.'admin/include/pclzip.lib.php');
         $zip = new PclZip($archive);
         if ($list = $zip->listContent())
         {
           foreach ($list as $file)
           {
-            // we search common.lang.php in archive
-            if (basename($file['filename']) == 'common.lang.php'
+            // we search iso.txt in archive
+            if (basename($file['filename']) == 'iso.txt'
               and (!isset($main_filepath)
               or strlen($file['filename']) < strlen($main_filepath)))
             {
@@ -333,7 +290,7 @@ UPDATE '.USER_INFOS_TABLE.'
           }
           if (isset($main_filepath))
           {
-            $root = basename(dirname($main_filepath)); // common.lang.php path in archive
+            $root = basename(dirname($main_filepath)); // iso.txt path in archive
             if (preg_match('/^[a-z]{2}_[A-Z]{2}$/', $root))
             {
               if ($action == 'install')
@@ -359,17 +316,14 @@ UPDATE '.USER_INFOS_TABLE.'
                 }
                 if ($status == 'ok')
                 {
-                  $this->get_fs_languages();
-                  if ($action == 'install')
-                  {
-                    $this->perform_action('activate', $dest);
-                  }
+                  $this->fs_languages = $this->get_fs_languages();
+                  $this->perform_action('activate', $dest);
                 }
                 if (file_exists($extract_path.'/obsolete.list')
                   and $old_files = file($extract_path.'/obsolete.list', FILE_IGNORE_NEW_LINES)
                   and !empty($old_files))
                 {
-                  $old_files[] = 'obsolete.list';
+                  array_push($old_files, 'obsolete.list');
                   foreach($old_files as $old_file)
                   {
                     $path = $extract_path.'/'.$old_file;
@@ -379,7 +333,10 @@ UPDATE '.USER_INFOS_TABLE.'
                     }
                     elseif (is_dir($path))
                     {
-                      deltree($path, PHPWG_ROOT_PATH.'language/trash');
+                      if (!$this->deltree($path))
+                      {
+                        $this->send_to_trash($path);
+                      }
                     }
                   }
                 }
@@ -401,11 +358,56 @@ UPDATE '.USER_INFOS_TABLE.'
   }
 
   /**
-   * Sort functions
+   * delete $path directory
+   * @param string - path
    */
-  function extension_name_compare($a, $b)
+  function deltree($path)
   {
-    return strcmp(strtolower($a['extension_name']), strtolower($b['extension_name']));
+    if (is_dir($path))
+    {
+      $fh = opendir($path);
+      while ($file = readdir($fh))
+      {
+        if ($file != '.' and $file != '..')
+        {
+          $pathfile = $path . '/' . $file;
+          if (is_dir($pathfile))
+          {
+            $this->deltree($pathfile);
+          }
+          else
+          {
+            @unlink($pathfile);
+          }
+        }
+      }
+      closedir($fh);
+      return @rmdir($path);
+    }
+  }
+
+  /**
+   * send $path to trash directory
+   * @param string - path
+   */
+  function send_to_trash($path)
+  {
+    $trash_path = PHPWG_ROOT_PATH . 'language/trash';
+    if (!is_dir($trash_path))
+    {
+      @mkdir($trash_path);
+      $file = @fopen($trash_path . '/.htaccess', 'w');
+      @fwrite($file, 'deny from all');
+      @fclose($file);
+    }
+    while ($r = $trash_path . '/' . md5(uniqid(rand(), true)))
+    {
+      if (!is_dir($r))
+      {
+        @rename($path, $r);
+        break;
+      }
+    }
   }
 }
-?>
+?>

admin/include/mysqldump.php

@@ -1,421 +0,0 @@
-<?php
-/**
-* Dump MySQL database
-*
-* Here is an inline example:
-* <code>
-* $connection = @mysql_connect($dbhost,$dbuser,$dbpsw);
-* $dumper = new MySQLDump($dbname,'filename.sql',false,false);
-* $dumper->doDump();
-* </code>
-*
-* Special thanks to:
-* - Andrea Ingaglio <andrea@coders4fun.com> helping in development of all class code
-* - Dylan Pugh for precious advices halfing the size of the output file and for helping in debug
-*
-* @name    MySQLDump
-* @author  Daniele Viganò - CreativeFactory.it <daniele.vigano@creativefactory.it>
-* @version 2.20 - 02/11/2007
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License
-*/
-
-class MySQLDump {
-	/**
-	* @access private
-	*/
-	var $database = null;
-
-	/**
-	* @access private
-	*/
-	var $compress = false;
-
-	/**
-	* @access private
-	*/
-	var $hexValue = false;
-
-  /**
-	* The output filename
-	* @access private
-	*/
-	var $filename = null;
-
-	/**
-	* The pointer of the output file
-	* @access private
-	*/
-	var $file = null;
-
-	/**
-	* @access private
-	*/
-	var $isWritten = false;
-
-	/**
-	* Class constructor
-	* @param string $db The database name
-	* @param string $filepath The file where the dump will be written
-	* @param boolean $compress It defines if the output file is compress (gzip) or not
-	* @param boolean $hexValue It defines if the outup values are base-16 or not
-	*/
-	function __construct($db = null, $filepath = 'dump.sql', $compress = false, $hexValue = false){
-		$this->compress = $compress;
-		if ( !$this->setOutputFile($filepath) )
-			return false;
-		return $this->setDatabase($db);
-	}
-
-	/**
-	* Sets the database to work on
-	* @param string $db The database name
-	*/
-	function setDatabase($db){
-		$this->database = $db;
-		if ( !@mysql_select_db($this->database) )
-			return false;
-		return true;
-  }
-
-	/**
-	* Returns the database where the class is working on
-	* @return string
-	*/
-  function getDatabase(){
-		return $this->database;
-	}
-
-	/**
-	* Sets the output file type (It can be made only if the file hasn't been already written)
-	* @param boolean $compress If it's true, the output file will be compressed
-	*/
-	function setCompress($compress){
-		if ( $this->isWritten )
-			return false;
-		$this->compress = $compress;
-		$this->openFile($this->filename);
-		return true;
-  }
-
-	/**
-	* Returns if the output file is or not compressed
-	* @return boolean
-	*/
-  function getCompress(){
-		return $this->compress;
-	}
-
-	/**
-	* Sets the output file
-	* @param string $filepath The file where the dump will be written
-	*/
-	function setOutputFile($filepath){
-		if ( $this->isWritten )
-			return false;
-		$this->filename = $filepath;
-		$this->file = $this->openFile($this->filename);
-		return $this->file;
-  }
-
-  /**
-	* Returns the output filename
-	* @return string
-	*/
-  function getOutputFile(){
-		return $this->filename;
-	}
-
-	/**
-	* Writes to file the $table's structure
-	* @param string $table The table name
-	*/
-  function getTableStructure($table){
-		if ( !$this->setDatabase($this->database) )
-			return false;
-		// Structure Header
-		$structure = "-- \n";
-		$structure .= "-- Table structure for table `{$table}` \n";
-		$structure .= "-- \n\n";
-		// Dump Structure
-		$structure .= 'DROP TABLE IF EXISTS `'.$table.'`;'."\n";
-		$structure .= "CREATE TABLE `".$table."` (\n";
-		$records = @mysql_query('SHOW FIELDS FROM `'.$table.'`');
-		if ( @mysql_num_rows($records) == 0 )
-			return false;
-		while ( $record = mysql_fetch_assoc($records) ) {
-			$structure .= '`'.$record['Field'].'` '.$record['Type'];
-			if ( isset($record['Default']) )
-				$structure .= ' DEFAULT \''.$record['Default'].'\'';
-			if ( @strcmp($record['Null'],'YES') != 0 )
-				$structure .= ' NOT NULL';
-			elseif ( is_null($record['Default']) )
-				$structure .= ' DEFAULT NULL';
-			if ( !empty($record['Extra']) )
-				$structure .= ' '.$record['Extra'];
-			$structure .= ",\n";
-		}
-		$structure = @ereg_replace(",\n$", null, $structure);
-
-		// Save all Column Indexes
-		$structure .= $this->getSqlKeysTable($table);
-		$structure .= "\n)";
-
-		//Save table engine
-		$records = @mysql_query("SHOW TABLE STATUS LIKE '".$table."'");
-
-		if ( $record = @mysql_fetch_assoc($records) ) {
-			if ( !empty($record['Engine']) )
-				$structure .= ' ENGINE='.$record['Engine'];
-			if ( !empty($record['Auto_increment']) )
-				$structure .= ' AUTO_INCREMENT='.$record['Auto_increment'];
-		}
-
-		$structure .= ";\n\n-- --------------------------------------------------------\n\n";
-		$this->saveToFile($this->file,$structure);
-	}
-
-	/**
-	* Writes to file the $table's data
-	* @param string $table The table name
-	* @param boolean $hexValue It defines if the output is base 16 or not
-	*/
-	function getTableData($table,$hexValue = true) {
-		if ( !$this->setDatabase($this->database) )
-			return false;
-		// Header
-		$data = "-- \n";
-		$data .= "-- Dumping data for table `$table` \n";
-		$data .= "-- \n\n";
-
-		$records = mysql_query('SHOW FIELDS FROM `'.$table.'`');
-		$num_fields = @mysql_num_rows($records);
-		if ( $num_fields == 0 )
-			return false;
-		// Field names
-		$selectStatement = "SELECT ";
-		$insertStatement = "INSERT INTO `$table` (";
-		$hexField = array();
-		for ($x = 0; $x < $num_fields; $x++) {
-			$record = @mysql_fetch_assoc($records);
-			if ( ($hexValue) && ($this->isTextValue($record['Type'])) ) {
-				$selectStatement .= 'HEX(`'.$record['Field'].'`)';
-				$hexField [$x] = true;
-			}
-			else
-				$selectStatement .= '`'.$record['Field'].'`';
-			$insertStatement .= '`'.$record['Field'].'`';
-			$insertStatement .= ", ";
-			$selectStatement .= ", ";
-		}
-		$insertStatement = @substr($insertStatement,0,-2).') VALUES'."\n";
-		$selectStatement = @substr($selectStatement,0,-2).' FROM `'.$table.'`';
-
-		$records = @mysql_query($selectStatement);
-		$num_rows = @mysql_num_rows($records);
-		$num_fields = @mysql_num_fields($records);
-		// Dump data
-		if ( $num_rows > 0 ) {
-			$data .= $insertStatement;
-			for ($i = 0; $i < $num_rows; $i++) {
-				$record = @mysql_fetch_assoc($records);
-				$data .= ' (';
-				for ($j = 0; $j < $num_fields; $j++) {
-					$field_name = @mysql_field_name($records, $j);
-					if ( @$hexField[$j] && (@strlen($record[$field_name]) > 0) )
-						$data .= "0x".$record[$field_name];
-					elseif (is_null($record[$field_name]))
-						$data .= "NULL";
-					else
-						$data .= "'".@str_replace('\"','"',@mysql_real_escape_string($record[$field_name]))."'";
-					$data .= ',';
-				}
-				$data = @substr($data,0,-1).")";
-				$data .= ( $i < ($num_rows-1) ) ? ',' : ';';
-				$data .= "\n";
-				//if data in greather than 1MB save
-				if (strlen($data) > 1048576) {
-					$this->saveToFile($this->file,$data);
-					$data = '';
-				}
-			}
-			$data .= "\n-- --------------------------------------------------------\n\n";
-			$this->saveToFile($this->file,$data);
-		}
-	}
-
-  /**
-	* Writes to file all the selected database tables structure
-	* @return boolean
-	*/
-	function getDatabaseStructure(){
-		$records = @mysql_query('SHOW TABLES');
-		if ( @mysql_num_rows($records) == 0 )
-			return false;
-    $structure = '';
-		while ( $record = @mysql_fetch_row($records) ) {
-			$structure .= $this->getTableStructure($record[0]);
-		}
-		return true;
-  }
-
-	/**
-	* Writes to file all the selected database tables data
-	* @param boolean $hexValue It defines if the output is base-16 or not
-	*/
-	function getDatabaseData($hexValue = true){
-		$records = @mysql_query('SHOW TABLES');
-		if ( @mysql_num_rows($records) == 0 )
-			return false;
-		while ( $record = @mysql_fetch_row($records) ) {
-			$this->getTableData($record[0],$hexValue);
-		}
-  }
-
-	/**
-	* Writes to file the selected database dump
-	*/
-	function doDump() {
-		$this->saveToFile($this->file,"SET FOREIGN_KEY_CHECKS = 0;\n\n");
-		$this->getDatabaseStructure();
-		$this->getDatabaseData($this->hexValue);
-		$this->saveToFile($this->file,"SET FOREIGN_KEY_CHECKS = 1;\n\n");
-		$this->closeFile($this->file);
-		return true;
-	}
-	
-	/**
-	* @deprecated Look at the doDump() method
-	*/
-	function writeDump($filename) {
-		if ( !$this->setOutputFile($filename) )
-			return false;
-		$this->doDump();
-    $this->closeFile($this->file);
-    return true;
-	}
-
-	/**
-	* @access private
-	*/
-	function getSqlKeysTable ($table) {
-		$primary = "";
-		$unique = array();
-		$index = array();
-		$fulltext = array();
-		$results = mysql_query("SHOW KEYS FROM `{$table}`");
-		if ( @mysql_num_rows($results) == 0 )
-			return false;
-		while($row = mysql_fetch_object($results)) {
-			if (($row->Key_name == 'PRIMARY') AND ($row->Index_type == 'BTREE')) {
-				if ( $primary == "" )
-					$primary = "  PRIMARY KEY  (`{$row->Column_name}`";
-				else
-					$primary .= ", `{$row->Column_name}`";
-			}
-			if (($row->Key_name != 'PRIMARY') AND ($row->Non_unique == '0') AND ($row->Index_type == 'BTREE')) {
-				if ( (empty($unique)) OR (empty($unique[$row->Key_name])) )
-					$unique[$row->Key_name] = "  UNIQUE KEY `{$row->Key_name}` (`{$row->Column_name}`";
-				else
-					$unique[$row->Key_name] .= ", `{$row->Column_name}`";
-			}
-			if (($row->Key_name != 'PRIMARY') AND ($row->Non_unique == '1') AND ($row->Index_type == 'BTREE')) {
-				if ( (empty($index)) OR (empty($index[$row->Key_name])) )
-					$index[$row->Key_name] = "  KEY `{$row->Key_name}` (`{$row->Column_name}`";
-				else
-					$index[$row->Key_name] .= ", `{$row->Column_name}`";
-			}
-			if (($row->Key_name != 'PRIMARY') AND ($row->Non_unique == '1') AND ($row->Index_type == 'FULLTEXT')) {
-				if ( (empty($fulltext)) OR (empty($fulltext[$row->Key_name])) )
-					$fulltext[$row->Key_name] = "  FULLTEXT `{$row->Key_name}` (`{$row->Column_name}`";
-				else
-					$fulltext[$row->Key_name] .= ", `{$row->Column_name}`";
-			}
-		}
-		$sqlKeyStatement = '';
-		// generate primary, unique, key and fulltext
-		if ( $primary != "" ) {
-			$sqlKeyStatement .= ",\n";
-			$primary .= ")";
-			$sqlKeyStatement .= $primary;
-		}
-		if (!empty($unique)) {
-			foreach ($unique as $keyName => $keyDef) {
-				$sqlKeyStatement .= ",\n";
-				$keyDef .= ")";
-				$sqlKeyStatement .= $keyDef;
-
-			}
-		}
-		if (!empty($index)) {
-			foreach ($index as $keyName => $keyDef) {
-				$sqlKeyStatement .= ",\n";
-				$keyDef .= ")";
-				$sqlKeyStatement .= $keyDef;
-			}
-		}
-		if (!empty($fulltext)) {
-			foreach ($fulltext as $keyName => $keyDef) {
-				$sqlKeyStatement .= ",\n";
-				$keyDef .= ")";
-				$sqlKeyStatement .= $keyDef;
-			}
-		}
-		return $sqlKeyStatement;
-	}
-
-  /**
-	* @access private
-	*/
-	function isTextValue($field_type) {
-		switch ($field_type) {
-			case "tinytext":
-			case "text":
-			case "mediumtext":
-			case "longtext":
-			case "binary":
-			case "varbinary":
-			case "tinyblob":
-			case "blob":
-			case "mediumblob":
-			case "longblob":
-				return True;
-				break;
-			default:
-				return False;
-		}
-	}
-	
-	/**
-	* @access private
-	*/
-	function openFile($filename) {
-		$file = false;
-		if ( $this->compress )
-			$file = @gzopen($filename, "w9");
-		else
-			$file = @fopen($filename, "w");
-		return $file;
-	}
-
-  /**
-	* @access private
-	*/
-	function saveToFile($file, $data) {
-		if ( $this->compress )
-			@gzwrite($file, $data);
-		else
-			@fwrite($file, $data);
-		$this->isWritten = true;
-	}
-
-  /**
-	* @access private
-	*/
-	function closeFile($file) {
-		if ( $this->compress )
-			@gzclose($file);
-		else
-			@fclose($file);
-	}
-}
-?>

admin/include/pclzip.lib.php

@@ -212,7 +212,7 @@
   //   Note that no real action is taken, if the archive does not exist it is not
   //   created. Use create() for that.
   // --------------------------------------------------------------------------------
-  function __construct($p_zipname)
+  function PclZip($p_zipname)
   {
 
     // ----- Tests the zlib

admin/include/photos_add_direct_prepare.inc.php

@@ -1,227 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-// +-----------------------------------------------------------------------+
-// | Photo selection                                                       |
-// +-----------------------------------------------------------------------+
-
-$template->assign(
-    array(
-      'F_ADD_ACTION'=> PHOTOS_ADD_BASE_URL,
-      'chunk_size' => $conf['upload_form_chunk_size'],
-    )
-  );
-
-// what is the maximum number of pixels permitted by the memory_limit?
-if (pwg_image::get_library() == 'gd')
-{
-  $fudge_factor = 1.7;
-  $available_memory = get_ini_size('memory_limit') - memory_get_usage();
-  $max_upload_width = round(sqrt($available_memory/(2 * $fudge_factor)));
-  $max_upload_height = round(2 * $max_upload_width / 3);
-  
-  // we don't want dimensions like 2995x1992 but 3000x2000
-  $max_upload_width = round($max_upload_width/100)*100;
-  $max_upload_height = round($max_upload_height/100)*100;
-  
-  $max_upload_resolution = floor($max_upload_width * $max_upload_height / (1000000));
-
-  // no need to display a limitation warning if the limitation is huge like 20MP
-  if ($max_upload_resolution < 25)
-  {
-    $template->assign(
-      array(
-        'max_upload_width' => $max_upload_width,
-        'max_upload_height' => $max_upload_height,
-        'max_upload_resolution' => $max_upload_resolution,
-        )
-      );
-  }
-}
-
-//warn the user if the picture will be resized after upload
-if ($conf['original_resize'])
-{
-  $template->assign(
-    array(
-        'original_resize_maxwidth' => $conf['original_resize_maxwidth'],
-        'original_resize_maxheight' => $conf['original_resize_maxheight'],
-      )
-    );
-}
-
-
-$template->assign(
-    array(
-      'form_action' => PHOTOS_ADD_BASE_URL,
-      'pwg_token' => get_pwg_token(),
-    )
-  );
-
-$unique_exts = array_unique(
-  array_map(
-    'strtolower',
-    $conf['upload_form_all_types'] ? $conf['file_ext'] : $conf['picture_ext']
-    )
-  );
-
-$template->assign(
-  array(
-    'upload_file_types' => implode(', ', $unique_exts),
-    'file_exts' => implode(',', $unique_exts),
-    )
-  );
-
-// +-----------------------------------------------------------------------+
-// | Categories                                                            |
-// +-----------------------------------------------------------------------+
-
-// we need to know the category in which the last photo was added
-$selected_category = array();
-
-if (isset($_GET['album']))
-{
-  // set the category from get url or ...
-  check_input_parameter('album', $_GET, false, PATTERN_ID);
-  
-  // test if album really exists
-  $query = '
-SELECT id
-  FROM '.CATEGORIES_TABLE.'
-  WHERE id = '.$_GET['album'].'
-;';
-  $result = pwg_query($query);
-  if (pwg_db_num_rows($result) == 1)
-  {
-    $selected_category = array($_GET['album']);
-    
-    // lets put in the session to persist in case of upload method switch
-    $_SESSION['selected_category'] = $selected_category;
-  }
-  else
-  {
-    fatal_error('[Hacking attempt] the album id = "'.$_GET['album'].'" is not valid');
-  }
-}
-else if (isset($_SESSION['selected_category']))
-{
-  $selected_category = $_SESSION['selected_category'];
-}
-else
-{
-  // we need to know the category in which the last photo was added
-  $query = '
-SELECT category_id
-  FROM '.IMAGES_TABLE.' AS i
-    JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON image_id = i.id
-    JOIN '.CATEGORIES_TABLE.' AS c ON category_id = c.id
-  ORDER BY i.id DESC
-  LIMIT 1
-;
-';
-  $result = pwg_query($query);
-  if (pwg_db_num_rows($result) > 0)
-  {
-    $row = pwg_db_fetch_assoc($result);
-    $selected_category = array($row['category_id']);
-  }
-}
-
-// existing album
-$template->assign('selected_category', $selected_category);
-
-
-// image level options
-$selected_level = isset($_POST['level']) ? $_POST['level'] : 0;
-$template->assign(
-    array(
-      'level_options'=> get_privacy_level_options(),
-      'level_options_selected' => array($selected_level)
-    )
-  );
-
-// +-----------------------------------------------------------------------+
-// | Setup errors/warnings                                                 |
-// +-----------------------------------------------------------------------+
-
-// Errors
-$setup_errors = array();
-
-$error_message = ready_for_upload_message();
-if (!empty($error_message))
-{
-  $setup_errors[] = $error_message;
-}
-
-if (!function_exists('gd_info'))
-{
-  $setup_errors[] = l10n('GD library is missing');
-}
-
-$template->assign(array(
-  'setup_errors'=> $setup_errors,
-  'CACHE_KEYS' => get_admin_client_cache_keys(array('categories')),
-  ));
-
-// Warnings
-if (isset($_GET['hide_warnings']))
-{
-  $_SESSION['upload_hide_warnings'] = true;
-}
-
-if (!isset($_SESSION['upload_hide_warnings']))
-{
-  $setup_warnings = array();
-  
-  if ($conf['use_exif'] and !function_exists('read_exif_data'))
-  {
-    $setup_warnings[] = l10n('Exif extension not available, admin should disable exif use');
-  }
-
-  if (get_ini_size('upload_max_filesize') > get_ini_size('post_max_size'))
-  {
-    $setup_warnings[] = l10n(
-      'In your php.ini file, the upload_max_filesize (%sB) is bigger than post_max_size (%sB), you should change this setting',
-      get_ini_size('upload_max_filesize', false),
-      get_ini_size('post_max_size', false)
-      );
-  }
-
-  if (get_ini_size('upload_max_filesize') < $conf['upload_form_chunk_size']*1024)
-  {
-    $setup_warnings[] = sprintf(
-      'Piwigo setting upload_form_chunk_size (%ukB) should be smaller than PHP configuration setting upload_max_filesize (%ukB)',
-      $conf['upload_form_chunk_size'],
-      ceil(get_ini_size('upload_max_filesize') / 1024)
-      );
-  }
-
-  $template->assign(
-    array(
-      'setup_warnings' => $setup_warnings,
-      'hide_warnings_link' => PHOTOS_ADD_BASE_URL.'&amp;hide_warnings=1'
-      )
-    );
-}
-
-?>

admin/include/plugins.class.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -21,55 +21,16 @@
 // | USA.                                                                  |
 // +-----------------------------------------------------------------------+
 
-/**
- * class DummyPlugin_maintain
- * used when a plugin uses the old procedural declaration of maintenance methods
- */
-class DummyPlugin_maintain extends PluginMaintain
-{
-  function install($plugin_version, &$errors=array())
-  {
-    if (is_callable('plugin_install'))
-    {
-      return plugin_install($this->plugin_id, $plugin_version, $errors);
-    }
-  }
-  function activate($plugin_version, &$errors=array())
-  {
-    if (is_callable('plugin_activate'))
-    {
-      return plugin_activate($this->plugin_id, $plugin_version, $errors);
-    }
-  }
-  function deactivate()
-  {
-    if (is_callable('plugin_deactivate'))
-    {
-      return plugin_deactivate($this->plugin_id);
-    }
-  }
-  function uninstall()
-  {
-    if (is_callable('plugin_uninstall'))
-    {
-      return plugin_uninstall($this->plugin_id);
-    }
-  }
-  function update($old_version, $new_version, &$errors=array()) {}
-}
-
-
 class plugins
 {
   var $fs_plugins = array();
   var $db_plugins_by_id = array();
   var $server_plugins = array();
-  var $default_plugins = array('LocalFilesEditor', 'language_switch', 'TakeATour', 'AdminTools');
 
   /**
    * Initialize $fs_plugins and $db_plugins_by_id
-   */
-  function __construct()
+  */
+  function plugins()
   {
     $this->get_fs_plugins();
 
@@ -80,190 +41,162 @@ class plugins
   }
 
   /**
-   * Returns the maintain class of a plugin
-   * or build a new class with the procedural methods
-   * @param string $plugin_id
+   * Set tabsheet for plugins pages.
+   * @param string selected page.
    */
-  private static function build_maintain_class($plugin_id)
+  function set_tabsheet($selected)
   {
-    $file_to_include = PHPWG_PLUGINS_PATH . $plugin_id . '/maintain';
-    $classname = $plugin_id.'_maintain';
+    include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
 
-    // 2.7 pattern (OO only)
-    if (file_exists($file_to_include.'.class.php'))
-    {
-      include_once($file_to_include.'.class.php');
-      return new $classname($plugin_id);
-    }
+    $link = get_root_url().'admin.php?page=';
 
-    // before 2.7 pattern (OO or procedural)
-    if (file_exists($file_to_include.'.inc.php'))
-    {
-      include_once($file_to_include.'.inc.php');
-
-      if (class_exists($classname))
-      {
-        return new $classname($plugin_id);
-      }
-    }
-
-    return new DummyPlugin_maintain($plugin_id);
+    $tabsheet = new tabsheet();
+    $tabsheet->add('plugins_list', l10n('Plugin list'), $link.'plugins_list');
+    $tabsheet->add('plugins_update', l10n('Check for updates'), $link.'plugins_update');
+    $tabsheet->add('plugins_new', l10n('Other plugins'), $link.'plugins_new');
+    $tabsheet->select($selected);
+    $tabsheet->assign();
   }
 
-  /**
+ /**
    * Perform requested actions
-   * @param string - action
-   * @param string - plugin id
-   * @param array - errors
-   */
-  function perform_action($action, $plugin_id, $options=array())
+  *  @param string - action
+  * @param string - plugin id
+  * @param array - errors
+  */
+  function perform_action($action, $plugin_id)
   {
     if (isset($this->db_plugins_by_id[$plugin_id]))
     {
       $crt_db_plugin = $this->db_plugins_by_id[$plugin_id];
     }
-
-    if ($action !== 'update')
-    { // wait for files to be updated
-      $plugin_maintain = self::build_maintain_class($plugin_id);
-    }
+    $file_to_include = PHPWG_PLUGINS_PATH . $plugin_id . '/maintain.inc.php';
 
     $errors = array();
 
     switch ($action)
     {
       case 'install':
-        if (!empty($crt_db_plugin) or !isset($this->fs_plugins[$plugin_id]))
+        if (!empty($crt_db_plugin))
         {
+          array_push($errors, 'CANNOT INSTALL - ALREADY INSTALLED');
           break;
         }
-
-        $plugin_maintain->install($this->fs_plugins[$plugin_id]['version'], $errors);
-
+        if (!isset($this->fs_plugins[$plugin_id]))
+        {
+          array_push($errors, 'CANNOT INSTALL - NO SUCH PLUGIN');
+          break;
+        }
+        if (file_exists($file_to_include))
+        {
+          include_once($file_to_include);
+          if (function_exists('plugin_install'))
+          {
+            plugin_install($plugin_id, $this->fs_plugins[$plugin_id]['version'], $errors);
+          }
+        }
         if (empty($errors))
         {
           $query = '
-INSERT INTO '. PLUGINS_TABLE .' (id,version)
-  VALUES (\''. $plugin_id .'\', \''. $this->fs_plugins[$plugin_id]['version'] .'\')
-;';
+INSERT INTO ' . PLUGINS_TABLE . ' (id,version) VALUES (\''
+. $plugin_id . '\',\'' . $this->fs_plugins[$plugin_id]['version'] . '\'
+)';
           pwg_query($query);
         }
         break;
 
-      case 'update':
-        $previous_version = $this->fs_plugins[$plugin_id]['version'];
-        $errors[0] = $this->extract_plugin_files('upgrade', $options['revision'], $plugin_id);
-
-        if ($errors[0] === 'ok')
-        {
-          $this->get_fs_plugin($plugin_id); // refresh plugins list
-          $new_version = $this->fs_plugins[$plugin_id]['version'];
-
-          $plugin_maintain = self::build_maintain_class($plugin_id);
-          $plugin_maintain->update($previous_version, $new_version, $errors);
-
-          if ($new_version != 'auto')
-          {
-            $query = '
-UPDATE '. PLUGINS_TABLE .'
-  SET version=\''. $new_version .'\'
-  WHERE id=\''. $plugin_id .'\'
-;';
-            pwg_query($query);
-          }
-        }
-
-        break;
-
       case 'activate':
         if (!isset($crt_db_plugin))
         {
-          $errors = $this->perform_action('install', $plugin_id);
-          list($crt_db_plugin) = get_db_plugins(null, $plugin_id);
-          load_conf_from_db();
-        }
-        elseif ($crt_db_plugin['state'] == 'active')
-        {
+          array_push($errors, 'CANNOT ACTIVATE - NOT INSTALLED');
           break;
         }
-
-        if (empty($errors))
+        if ($crt_db_plugin['state'] != 'inactive')
         {
-          $plugin_maintain->activate($crt_db_plugin['version'], $errors);
+          array_push($errors, 'invalid current state ' . $crt_db_plugin['state']);
+          break;
+        }
+        if (file_exists($file_to_include))
+        {
+          include_once($file_to_include);
+          if (function_exists('plugin_activate'))
+          {
+            plugin_activate($plugin_id, $crt_db_plugin['version'], $errors);
+          }
         }
-
         if (empty($errors))
         {
           $query = '
-UPDATE '. PLUGINS_TABLE .'
-  SET state=\'active\'
-  WHERE id=\''. $plugin_id .'\'
-;';
+UPDATE ' . PLUGINS_TABLE . '
+SET state=\'active\', version=\''.$this->fs_plugins[$plugin_id]['version'].'\'
+WHERE id=\'' . $plugin_id . '\'';
           pwg_query($query);
         }
         break;
 
       case 'deactivate':
-        if (!isset($crt_db_plugin) or $crt_db_plugin['state'] != 'active')
+        if (!isset($crt_db_plugin))
         {
-          break;
+          die ('CANNOT DEACTIVATE - NOT INSTALLED');
+        }
+        if ($crt_db_plugin['state'] != 'active')
+        {
+          die('invalid current state ' . $crt_db_plugin['state']);
         }
-
         $query = '
-UPDATE '. PLUGINS_TABLE .'
-  SET state=\'inactive\'
-  WHERE id=\''. $plugin_id .'\'
-;';
+UPDATE ' . PLUGINS_TABLE . ' SET state=\'inactive\' WHERE id=\'' . $plugin_id . '\'';
         pwg_query($query);
-
-        $plugin_maintain->deactivate();
+        if (file_exists($file_to_include))
+        {
+          include_once($file_to_include);
+          if (function_exists('plugin_deactivate'))
+          {
+            plugin_deactivate($plugin_id);
+          }
+        }
         break;
 
       case 'uninstall':
         if (!isset($crt_db_plugin))
         {
-          break;
+          die ('CANNOT UNINSTALL - NOT INSTALLED');
         }
-        if ($crt_db_plugin['state'] == 'active')
-        {
-          $this->perform_action('deactivate', $plugin_id);
-        }
-
         $query = '
-DELETE FROM '. PLUGINS_TABLE .'
-  WHERE id=\''. $plugin_id .'\'
-;';
+DELETE FROM ' . PLUGINS_TABLE . ' WHERE id=\'' . $plugin_id . '\'';
         pwg_query($query);
-
-        $plugin_maintain->uninstall();
-        break;
-
-      case 'restore':
-        $this->perform_action('uninstall', $plugin_id);
-        unset($this->db_plugins_by_id[$plugin_id]);
-        $errors = $this->perform_action('activate', $plugin_id);
+        if (file_exists($file_to_include))
+        {
+          include_once($file_to_include);
+          if (function_exists('plugin_uninstall'))
+          {
+            plugin_uninstall($plugin_id);
+          }
+        }
         break;
 
       case 'delete':
         if (!empty($crt_db_plugin))
         {
-          $this->perform_action('uninstall', $plugin_id);
+          array_push($errors, 'CANNOT DELETE - PLUGIN IS INSTALLED');
+          break;
         }
         if (!isset($this->fs_plugins[$plugin_id]))
         {
+          array_push($errors, 'CANNOT DELETE - NO SUCH PLUGIN');
           break;
         }
-
-        deltree(PHPWG_PLUGINS_PATH . $plugin_id, PHPWG_PLUGINS_PATH . 'trash');
+        if (!$this->deltree(PHPWG_PLUGINS_PATH . $plugin_id))
+        {
+          $this->send_to_trash(PHPWG_PLUGINS_PATH . $plugin_id);
+        }
         break;
     }
-
     return $errors;
   }
 
   /**
-   * Get plugins defined in the plugin directory
-   */
+  *  Get plugins defined in the plugin directory
+  */  
   function get_fs_plugins()
   {
     $dir = opendir(PHPWG_PLUGINS_PATH);
@@ -271,82 +204,63 @@ DELETE FROM '. PLUGINS_TABLE .'
     {
       if ($file!='.' and $file!='..')
       {
-        if (preg_match('/^[a-zA-Z0-9-_]+$/', $file))
+        $path = PHPWG_PLUGINS_PATH.$file;
+        if (is_dir($path) and !is_link($path)
+            and preg_match('/^[a-zA-Z0-9-_]+$/', $file )
+            and file_exists($path.'/main.inc.php')
+            )
         {
-          $this->get_fs_plugin($file);
+          $plugin = array(
+              'name'=>$file,
+              'version'=>'0',
+              'uri'=>'',
+              'description'=>'',
+              'author'=>'',
+            );
+          $plg_data = implode( '', file($path.'/main.inc.php') );
+
+          if ( preg_match("|Plugin Name: (.*)|", $plg_data, $val) )
+          {
+            $plugin['name'] = trim( $val[1] );
+          }
+          if (preg_match("|Version: (.*)|", $plg_data, $val))
+          {
+            $plugin['version'] = trim($val[1]);
+          }
+          if ( preg_match("|Plugin URI: (.*)|", $plg_data, $val) )
+          {
+            $plugin['uri'] = trim($val[1]);
+          }
+          if ($desc = load_language('description.txt', $path.'/', array('return' => true)))
+          {
+            $plugin['description'] = trim($desc);
+          }
+          elseif ( preg_match("|Description: (.*)|", $plg_data, $val) )
+          {
+            $plugin['description'] = trim($val[1]);
+          }
+          if ( preg_match("|Author: (.*)|", $plg_data, $val) )
+          {
+            $plugin['author'] = trim($val[1]);
+          }
+          if ( preg_match("|Author URI: (.*)|", $plg_data, $val) )
+          {
+            $plugin['author uri'] = trim($val[1]);
+          }
+          if (!empty($plugin['uri']) and strpos($plugin['uri'] , 'extension_view.php?eid='))
+          {
+            list( , $extension) = explode('extension_view.php?eid=', $plugin['uri']);
+            if (is_numeric($extension)) $plugin['extension'] = $extension;
+          }
+          // IMPORTANT SECURITY !
+          $plugin = array_map('htmlspecialchars', $plugin);
+          $this->fs_plugins[$file] = $plugin;
         }
       }
     }
     closedir($dir);
   }
 
-  /**
-   * Load metadata of a plugin in `fs_plugins` array
-   * @from 2.7
-   * @param $plugin_id
-   * @return false|array
-   */
-  function get_fs_plugin($plugin_id)
-  {
-    $path = PHPWG_PLUGINS_PATH.$plugin_id;
-
-    if (is_dir($path) and !is_link($path)
-        and file_exists($path.'/main.inc.php')
-        )
-    {
-      $plugin = array(
-          'name'=>$plugin_id,
-          'version'=>'0',
-          'uri'=>'',
-          'description'=>'',
-          'author'=>'',
-        );
-      $plg_data = file_get_contents($path.'/main.inc.php', null, null, 0, 2048);
-
-      if (preg_match("|Plugin Name:\\s*(.+)|", $plg_data, $val))
-      {
-        $plugin['name'] = trim( $val[1] );
-      }
-      if (preg_match("|Version:\\s*([\\w.-]+)|", $plg_data, $val))
-      {
-        $plugin['version'] = trim($val[1]);
-      }
-      if (preg_match("|Plugin URI:\\s*(https?:\\/\\/.+)|", $plg_data, $val))
-      {
-        $plugin['uri'] = trim($val[1]);
-      }
-      if ($desc = load_language('description.txt', $path.'/', array('return' => true)))
-      {
-        $plugin['description'] = trim($desc);
-      }
-      elseif (preg_match("|Description:\\s*(.+)|", $plg_data, $val))
-      {
-        $plugin['description'] = trim($val[1]);
-      }
-      if (preg_match("|Author:\\s*(.+)|", $plg_data, $val))
-      {
-        $plugin['author'] = trim($val[1]);
-      }
-      if (preg_match("|Author URI:\\s*(https?:\\/\\/.+)|", $plg_data, $val))
-      {
-        $plugin['author uri'] = trim($val[1]);
-      }
-      if (!empty($plugin['uri']) and strpos($plugin['uri'] , 'extension_view.php?eid='))
-      {
-        list( , $extension) = explode('extension_view.php?eid=', $plugin['uri']);
-        if (is_numeric($extension)) $plugin['extension'] = $extension;
-      }
-
-      // IMPORTANT SECURITY !
-      $plugin = array_map('htmlspecialchars', $plugin);
-      $this->fs_plugins[$plugin_id] = $plugin;
-
-      return $plugin;
-    }
-
-    return false;
-  }
-
   /**
    * Sort fs_plugins
    */
@@ -369,20 +283,29 @@ DELETE FROM '. PLUGINS_TABLE .'
     }
   }
 
-  // Retrieve PEM versions
-  function get_versions_to_check($version=PHPWG_VERSION)
+  /**
+   * Retrieve PEM server datas to $server_plugins
+   */
+  function get_server_plugins($new=false)
   {
-    global $conf;
+    global $user;
 
+    $get_data = array(
+      'category_id' => 12,
+      'format' => 'php',
+    );
+
+    // Retrieve PEM versions
+    $version = PHPWG_VERSION;
     $versions_to_check = array();
-    $url = PEM_URL . '/api/get_version_list.php?category_id='. $conf['pem_plugins_category'] .'&format=php';
-    if (fetchRemote($url, $result) and $pem_versions = @unserialize($result))
+    $url = PEM_URL . '/api/get_version_list.php';
+    if (fetchRemote($url, $result, $get_data) and $pem_versions = @unserialize($result))
     {
-      if (!preg_match('/^\d+\.\d+\.\d+$/', $version))
+      if (!preg_match('/^\d+\.\d+\.\d+/', $version))
       {
         $version = $pem_versions[0]['name'];
       }
-      $branch = get_branch_from_version($version);
+      $branch = substr($version, 0, strrpos($version, '.'));
       foreach ($pem_versions as $pem_version)
       {
         if (strpos($pem_version['name'], $branch) === 0)
@@ -391,17 +314,6 @@ DELETE FROM '. PLUGINS_TABLE .'
         }
       }
     }
-    return $versions_to_check;
-  }
-
-  /**
-   * Retrieve PEM server datas to $server_plugins
-   */
-  function get_server_plugins($new=false)
-  {
-    global $user, $conf;
-
-    $versions_to_check = $this->get_versions_to_check();
     if (empty($versions_to_check))
     {
       return false;
@@ -419,13 +331,12 @@ DELETE FROM '. PLUGINS_TABLE .'
 
     // Retrieve PEM plugins infos
     $url = PEM_URL . '/api/get_revision_list.php';
-    $get_data = array(
-      'category_id' => $conf['pem_plugins_category'],
-      'format' => 'php',
+    $get_data = array_merge($get_data, array(
       'last_revision_only' => 'true',
       'version' => implode(',', $versions_to_check),
       'lang' => substr($user['language'], 0, 2),
       'get_nb_downloads' => 'true',
+      )
     );
 
     if (!empty($plugins_to_check))
@@ -454,77 +365,7 @@ DELETE FROM '. PLUGINS_TABLE .'
     }
     return false;
   }
-
-  function get_incompatible_plugins($actualize=false)
-  {
-    if (isset($_SESSION['incompatible_plugins']) and !$actualize
-      and $_SESSION['incompatible_plugins']['~~expire~~'] > time())
-    {
-      return $_SESSION['incompatible_plugins'];
-    }
-
-    $_SESSION['incompatible_plugins'] = array('~~expire~~' => time() + 300);
-
-    $versions_to_check = $this->get_versions_to_check();
-    if (empty($versions_to_check))
-    {
-      return false;
-    }
-
-    global $conf;
-
-    // Plugins to check
-    $plugins_to_check = array();
-    foreach($this->fs_plugins as $fs_plugin)
-    {
-      if (isset($fs_plugin['extension']))
-      {
-        $plugins_to_check[] = $fs_plugin['extension'];
-      }
-    }
-
-    // Retrieve PEM plugins infos
-    $url = PEM_URL . '/api/get_revision_list.php';
-    $get_data = array(
-      'category_id' => $conf['pem_plugins_category'],
-      'format' => 'php',
-      'version' => implode(',', $versions_to_check),
-      'extension_include' => implode(',', $plugins_to_check),
-    );
-
-    if (fetchRemote($url, $result, $get_data))
-    {
-      $pem_plugins = @unserialize($result);
-      if (!is_array($pem_plugins))
-      {
-        return false;
-      }
-
-      $server_plugins = array();
-      foreach ($pem_plugins as $plugin)
-      {
-        if (!isset($server_plugins[$plugin['extension_id']]))
-        {
-          $server_plugins[$plugin['extension_id']] = array();
-        }
-        $server_plugins[$plugin['extension_id']][] = $plugin['revision_name'];
-      }
-
-      foreach ($this->fs_plugins as $plugin_id => $fs_plugin)
-      {
-        if (isset($fs_plugin['extension'])
-          and !in_array($plugin_id, $this->default_plugins)
-          and $fs_plugin['version'] != 'auto'
-          and (!isset($server_plugins[$fs_plugin['extension']]) or !in_array($fs_plugin['version'], $server_plugins[$fs_plugin['extension']])))
-        {
-          $_SESSION['incompatible_plugins'][$plugin_id] = $fs_plugin['version'];
-        }
-      }
-      return $_SESSION['incompatible_plugins'];
-    }
-    return false;
-  }
-
+  
   /**
    * Sort $server_plugins
    */
@@ -556,7 +397,7 @@ DELETE FROM '. PLUGINS_TABLE .'
    *  @param string - archive URL
     * @param string - plugin id or extension id
    */
-  function extract_plugin_files($action, $revision, $dest, &$plugin_id=null)
+  function extract_plugin_files($action, $revision, $dest)
   {
     if ($archive = tempnam( PHPWG_PLUGINS_PATH, 'zip'))
     {
@@ -569,7 +410,7 @@ DELETE FROM '. PLUGINS_TABLE .'
       if ($handle = @fopen($archive, 'wb') and fetchRemote($url, $handle, $get_data))
       {
         fclose($handle);
-        include_once(PHPWG_ROOT_PATH.'admin/include/pclzip.lib.php');
+        include(PHPWG_ROOT_PATH.'admin/include/pclzip.lib.php');
         $zip = new PclZip($archive);
         if ($list = $zip->listContent())
         {
@@ -588,14 +429,13 @@ DELETE FROM '. PLUGINS_TABLE .'
             $root = dirname($main_filepath); // main.inc.php path in archive
             if ($action == 'upgrade')
             {
-              $plugin_id = $dest;
+              $extract_path = PHPWG_PLUGINS_PATH . $dest;
             }
             else
             {
-              $plugin_id = ($root == '.' ? 'extension_' . $dest : basename($root));
+              $extract_path = PHPWG_PLUGINS_PATH
+                  . ($root == '.' ? 'extension_' . $dest : basename($root));
             }
-            $extract_path = PHPWG_PLUGINS_PATH . $plugin_id;
-
             if($result = $zip->extract(PCLZIP_OPT_PATH, $extract_path,
                                        PCLZIP_OPT_REMOVE_PATH, $root,
                                        PCLZIP_OPT_REPLACE_NEWER))
@@ -612,7 +452,7 @@ DELETE FROM '. PLUGINS_TABLE .'
                 and $old_files = file($extract_path.'/obsolete.list', FILE_IGNORE_NEW_LINES)
                 and !empty($old_files))
               {
-                $old_files[] = 'obsolete.list';
+                array_push($old_files, 'obsolete.list');
                 foreach($old_files as $old_file)
                 {
                   $path = $extract_path.'/'.$old_file;
@@ -622,7 +462,10 @@ DELETE FROM '. PLUGINS_TABLE .'
                   }
                   elseif (is_dir($path))
                   {
-                    deltree($path, PHPWG_PLUGINS_PATH . 'trash');
+                    if (!$this->deltree($path))
+                    {
+                      $this->send_to_trash($path);
+                    }
                   }
                 }
               }
@@ -640,28 +483,75 @@ DELETE FROM '. PLUGINS_TABLE .'
     @unlink($archive);
     return $status;
   }
-
-  function get_merged_extensions($version=PHPWG_VERSION)
+  
+  /**
+   * delete $path directory
+   * @param string - path
+   */
+  function deltree($path)
   {
-    $file = PHPWG_ROOT_PATH.'install/obsolete_extensions.list';
-    $merged_extensions = array();
-
-    if (file_exists($file) and $obsolete_ext = file($file, FILE_IGNORE_NEW_LINES) and !empty($obsolete_ext))
+    if (is_dir($path))
     {
-      foreach ($obsolete_ext as $ext)
+      $fh = opendir($path);
+      while ($file = readdir($fh))
       {
-        if (preg_match('/^(\d+) ?: ?(.*?)$/', $ext, $matches))
+        if ($file != '.' and $file != '..')
         {
-          $merged_extensions[$matches[1]] = $matches[2];
+          $pathfile = $path . '/' . $file;
+          if (is_dir($pathfile))
+          {
+            $this->deltree($pathfile);
+          }
+          else
+          {
+            @unlink($pathfile);
+          }
         }
       }
+      closedir($fh);
+      return @rmdir($path);
+    }
+  }
+
+  /**
+   * send $path to trash directory
+   * @param string - path
+   */
+  function send_to_trash($path)
+  {
+    $trash_path = PHPWG_PLUGINS_PATH . 'trash';
+    if (!is_dir($trash_path))
+    {
+      @mkdir($trash_path);
+      $file = @fopen($trash_path . '/.htaccess', 'w');
+      @fwrite($file, 'deny from all');
+      @fclose($file);
+    }
+    while ($r = $trash_path . '/' . md5(uniqid(rand(), true)))
+    {
+      if (!is_dir($r))
+      {
+        @rename($path, $r);
+        break;
+      }
     }
-    return $merged_extensions;
   }
 
   /**
    * Sort functions
    */
+  function plugin_version_compare($a, $b)
+  {
+    if (strtolower($a) == 'auto') return false;
+
+    $pattern = array('/([a-z])/ei', '/\.+/', '/\.\Z|\A\./');
+    $replacement = array( "'.'.intval('\\1', 36).'.'", '.', '');
+
+    $array = preg_replace($pattern, $replacement, array($a, $b));
+
+    return version_compare($array[0], $array[1], '>=');
+  }
+
   function extension_revision_compare($a, $b)
   {
     if ($a['revision_date'] < $b['revision_date']) return 1;
@@ -716,4 +606,4 @@ DELETE FROM '. PLUGINS_TABLE .'
     $this->fs_plugins = $active_plugins + $inactive_plugins + $not_installed;
   }
 }
-?>
+?>

admin/include/tabsheet.class.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -24,7 +24,6 @@
 class tabsheet
 {
   var $sheets;
-  var $uniqid;
   var $name;
   var $titlename;
   var $selected;
@@ -33,19 +32,13 @@ class tabsheet
     $name is the tabsheet's name inside the template .tpl file
     $titlename in the template is affected by $titlename value
   */
-  function __construct($name = 'TABSHEET', $titlename = 'TABSHEET_TITLE')
+  function tabsheet($name = 'TABSHEET', $titlename = 'TABSHEET_TITLE')
   {
     $this->sheets = array();
-    $this->uniqid = null;
     $this->name = $name;
     $this->titlename = $titlename;
     $this->selected = "";
   }
-  
-  function set_id($id)
-  {
-    $this->uniqid = $id;
-  }
 
   /*
      add a tab
@@ -88,12 +81,6 @@ class tabsheet
   */
   function select($name)
   {
-    $this->sheets = trigger_change('tabsheet_before_select', $this->sheets, $this->uniqid);
-    if (!array_key_exists($name, $this->sheets))
-    {
-      $keys = array_keys($this->sheets);
-      $name = $keys[0];
-    }
     $this->selected = $name;
   }
 

admin/include/themes.class.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -21,36 +21,6 @@
 // | USA.                                                                  |
 // +-----------------------------------------------------------------------+
 
-/**
- * class DummyTheme_maintain
- * used when a theme uses the old procedural declaration of maintenance methods
- */
-class DummyTheme_maintain extends ThemeMaintain
-{
-  function activate($theme_version, &$errors=array())
-  {
-    if (is_callable('theme_activate'))
-    {
-      return theme_activate($this->theme_id, $theme_version, $errors);
-    }
-  }
-  function deactivate()
-  {
-    if (is_callable('theme_deactivate'))
-    {
-      return theme_deactivate($this->theme_id);
-    }
-  }
-  function delete()
-  {
-    if (is_callable('theme_delete'))
-    {
-      return theme_delete($this->theme_id);
-    }
-  }
-}
-
-
 class themes
 {
   var $fs_themes = array();
@@ -60,7 +30,7 @@ class themes
   /**
    * Initialize $fs_themes and $db_themes_by_id
   */
-  function __construct()
+  function themes()
   {
     $this->get_fs_themes();
 
@@ -71,26 +41,20 @@ class themes
   }
 
   /**
-   * Returns the maintain class of a theme
-   * or build a new class with the procedural methods
-   * @param string $theme_id
+   * Set tabsheet for themes pages.
+   * @param string selected page.
    */
-  private static function build_maintain_class($theme_id)
+  function set_tabsheet($selected)
   {
-    $file_to_include = PHPWG_THEMES_PATH.'/'.$theme_id.'/admin/maintain.inc.php';
-    $classname = $theme_id.'_maintain';
+    include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
 
-    if (file_exists($file_to_include))
-    {
-      include_once($file_to_include);
+    $link = get_root_url().'admin.php?page=';
 
-      if (class_exists($classname))
-      {
-        return new $classname($theme_id);
-      }
-    }
-    
-    return new DummyTheme_maintain($theme_id);
+    $tabsheet = new tabsheet();
+    $tabsheet->add('themes_installed', l10n('Installed Themes'), $link.'themes_installed');
+    $tabsheet->add('themes_new', l10n('Add New Theme'), $link.'themes_new');
+    $tabsheet->select($selected);
+    $tabsheet->assign();
   }
 
   /**
@@ -101,14 +65,12 @@ class themes
    */
   function perform_action($action, $theme_id)
   {
-    global $conf;
-
     if (isset($this->db_themes_by_id[$theme_id]))
     {
       $crt_db_theme = $this->db_themes_by_id[$theme_id];
     }
 
-    $theme_maintain = self::build_maintain_class($theme_id);
+    $file_to_include = PHPWG_THEMES_PATH.'/'.$theme_id.'/admin/maintain.inc.php';
 
     $errors = array();
 
@@ -130,24 +92,26 @@ class themes
         $missing_parent = $this->missing_parent_theme($theme_id);
         if (isset($missing_parent))
         {
-          $errors[] = l10n(
-            'Impossible to activate this theme, the parent theme is missing: %s',
-            $missing_parent
+          array_push(
+            $errors, 
+            sprintf(
+              l10n('Impossible to activate this theme, the parent theme is missing: %s'),
+              $missing_parent
+              )
             );
-
+          
           break;
         }
 
-        if ($this->fs_themes[$theme_id]['mobile']
-            and !empty($conf['mobile_theme'])
-            and $conf['mobile_theme'] != $theme_id)
+        if (file_exists($file_to_include))
         {
-          $errors[] = l10n('You can activate only one mobile theme.');
-          break;
+          include($file_to_include);
+          if (function_exists('theme_activate'))
+          {
+            theme_activate($theme_id, $this->fs_themes[$theme_id]['version'], $errors);
+          }
         }
 
-        $theme_maintain->activate($this->fs_themes[$theme_id]['version'], $errors);
-
         if (empty($errors))
         {
           $query = '
@@ -158,11 +122,6 @@ INSERT INTO '.THEMES_TABLE.'
          \''.$this->fs_themes[$theme_id]['name'].'\')
 ;';
           pwg_query($query);
-
-          if ($this->fs_themes[$theme_id]['mobile'])
-          {
-            conf_update_param('mobile_theme', $theme_id);
-          }
         }
         break;
 
@@ -176,7 +135,10 @@ INSERT INTO '.THEMES_TABLE.'
         // you can't deactivate the last theme
         if (count($this->db_themes_by_id) <= 1)
         {
-          $errors[] = l10n('Impossible to deactivate this theme, you need at least one theme.');
+          array_push(
+            $errors,
+            l10n('Impossible to deactivate this theme, you need at least one theme.')
+            );
           break;
         }
 
@@ -186,7 +148,8 @@ INSERT INTO '.THEMES_TABLE.'
           $new_theme = null;
 
           $query = '
-SELECT id
+SELECT
+    id
   FROM '.THEMES_TABLE.'
   WHERE id != \''.$theme_id.'\'
 ;';
@@ -203,7 +166,14 @@ SELECT id
           $this->set_default_theme($new_theme);
         }
 
-        $theme_maintain->deactivate();
+        if (file_exists($file_to_include))
+        {
+          include($file_to_include);
+          if (function_exists('theme_deactivate'))
+          {
+            theme_deactivate($theme_id);
+          }
+        }
 
         $query = '
 DELETE
@@ -211,17 +181,12 @@ DELETE
   WHERE id= \''.$theme_id.'\'
 ;';
         pwg_query($query);
-
-        if ($this->fs_themes[$theme_id]['mobile'])
-        {
-          conf_update_param('mobile_theme', '');
-        }
         break;
 
       case 'delete':
         if (!empty($crt_db_theme))
         {
-          $errors[] = 'CANNOT DELETE - THEME IS INSTALLED';
+          array_push($errors, 'CANNOT DELETE - THEME IS INSTALLED');
           break;
         }
         if (!isset($this->fs_themes[$theme_id]))
@@ -233,21 +198,25 @@ DELETE
         $children = $this->get_children_themes($theme_id);
         if (count($children) > 0)
         {
-          $errors[] = l10n(
-            'Impossible to delete this theme. Other themes depends on it: %s',
-            implode(', ', $children)
+          array_push(
+            $errors,
+            sprintf(
+              l10n('Impossible to delete this theme. Other themes depends on it: %s'),
+              implode(', ', $children)
+              )
             );
           break;
         }
-
-        $theme_maintain->delete();
-
-        deltree(PHPWG_THEMES_PATH.$theme_id, PHPWG_THEMES_PATH . 'trash');
+        
+        if (!$this->deltree(PHPWG_THEMES_PATH.$theme_id))
+        {
+          $this->send_to_trash(PHPWG_THEMES_PATH.$theme_id);
+        }
         break;
 
       case 'set_default':
         // first we need to know which users are using the current default theme
-        $this->set_default_theme($theme_id);
+        $this->set_default_theme($theme_id);        
         break;
     }
     return $errors;
@@ -259,14 +228,14 @@ DELETE
     {
       return null;
     }
-
+    
     $parent = $this->fs_themes[$theme_id]['parent'];
-
+      
     if ('default' == $parent)
     {
       return null;
     }
-
+      
     if (!isset($this->fs_themes[$parent]))
     {
       return $parent;
@@ -278,25 +247,25 @@ DELETE
   function get_children_themes($theme_id)
   {
     $children = array();
-
+    
     foreach ($this->fs_themes as $test_child)
     {
       if (isset($test_child['parent']) and $test_child['parent'] == $theme_id)
       {
-        $children[] = $test_child['name'];
+        array_push($children, $test_child['name']);
       }
     }
 
     return $children;
-  }
+  } 
 
   function set_default_theme($theme_id)
   {
     global $conf;
-
+    
     // first we need to know which users are using the current default theme
     $default_theme = get_default_theme();
-
+    
     $query = '
 SELECT
     user_id
@@ -327,7 +296,7 @@ UPDATE '.USER_INFOS_TABLE.'
 SELECT
     *
   FROM '.THEMES_TABLE;
-
+    
     $clauses = array();
     if (!empty($id))
     {
@@ -343,19 +312,19 @@ SELECT
     $themes = array();
     while ($row = pwg_db_fetch_assoc($result))
     {
-      $themes[] = $row;
+      array_push($themes, $row);
     }
     return $themes;
   }
 
-
+  
   /**
   *  Get themes defined in the theme directory
-  */
+  */  
   function get_fs_themes()
   {
     $dir = opendir(PHPWG_THEMES_PATH);
-
+    
     while ($file = readdir($dir))
     {
       if ($file!='.' and $file!='..')
@@ -373,19 +342,18 @@ SELECT
             'uri' => '',
             'description' => '',
             'author' => '',
-            'mobile' => false,
             );
-          $theme_data = implode('', file($path.'/themeconf.inc.php'));
+          $theme_data = implode( '', file($path.'/themeconf.inc.php') );
 
-          if (preg_match("|Theme Name:\\s*(.+)|", $theme_data, $val))
+          if ( preg_match("|Theme Name: (.*)|", $theme_data, $val) )
           {
             $theme['name'] = trim( $val[1] );
           }
-          if (preg_match("|Version:\\s*([\\w.-]+)|", $theme_data, $val))
+          if (preg_match("|Version: (.*)|", $theme_data, $val))
           {
             $theme['version'] = trim($val[1]);
           }
-          if (preg_match("|Theme URI:\\s*(https?:\\/\\/.+)|", $theme_data, $val))
+          if ( preg_match("|Theme URI: (.*)|", $theme_data, $val) )
           {
             $theme['uri'] = trim($val[1]);
           }
@@ -393,15 +361,15 @@ SELECT
           {
             $theme['description'] = trim($desc);
           }
-          elseif (preg_match("|Description:\\s*(.+)|", $theme_data, $val))
+          elseif ( preg_match("|Description: (.*)|", $theme_data, $val) )
           {
             $theme['description'] = trim($val[1]);
           }
-          if (preg_match("|Author:\\s*(.+)|", $theme_data, $val))
+          if ( preg_match("|Author: (.*)|", $theme_data, $val) )
           {
             $theme['author'] = trim($val[1]);
           }
-          if (preg_match("|Author URI:\\s*(https?:\\/\\/.+)|", $theme_data, $val))
+          if ( preg_match("|Author URI: (.*)|", $theme_data, $val) )
           {
             $theme['author uri'] = trim($val[1]);
           }
@@ -414,14 +382,10 @@ SELECT
           {
             $theme['parent'] = $val[1];
           }
-          if (preg_match('/["\']activable["\'].*?(true|false)/i', $theme_data, $val))
+          if (preg_match('/["\']activable["\'].*?(true|false)/', $theme_data, $val))
           {
             $theme['activable'] = get_boolean($val[1]);
           }
-          if (preg_match('/["\']mobile["\'].*?(true|false)/i', $theme_data, $val))
-          {
-            $theme['mobile'] = get_boolean($val[1]);
-          }
 
           // screenshot
           $screenshot_path = $path.'/screenshot.png';
@@ -481,10 +445,10 @@ SELECT
    */
   function get_server_themes($new=false)
   {
-    global $user, $conf;
+    global $user;
 
     $get_data = array(
-      'category_id' => $conf['pem_themes_category'],
+      'category_id' => 10,
       'format' => 'php',
     );
 
@@ -494,11 +458,11 @@ SELECT
     $url = PEM_URL . '/api/get_version_list.php';
     if (fetchRemote($url, $result, $get_data) and $pem_versions = @unserialize($result))
     {
-      if (!preg_match('/^\d+\.\d+\.\d+$/', $version))
+      if (!preg_match('/^\d+\.\d+\.\d+/', $version))
       {
         $version = $pem_versions[0]['name'];
       }
-      $branch = get_branch_from_version($version);
+      $branch = substr($version, 0, strrpos($version, '.'));
       foreach ($pem_versions as $pem_version)
       {
         if (strpos($pem_version['name'], $branch) === 0)
@@ -558,7 +522,7 @@ SELECT
     }
     return false;
   }
-
+  
   /**
    * Sort $server_themes
    */
@@ -604,7 +568,7 @@ SELECT
       if ($handle = @fopen($archive, 'wb') and fetchRemote($url, $handle, $get_data))
       {
         fclose($handle);
-        include_once(PHPWG_ROOT_PATH.'admin/include/pclzip.lib.php');
+        include(PHPWG_ROOT_PATH.'admin/include/pclzip.lib.php');
         $zip = new PclZip($archive);
         if ($list = $zip->listContent())
         {
@@ -649,7 +613,7 @@ SELECT
                 and $old_files = file($extract_path.'/obsolete.list', FILE_IGNORE_NEW_LINES)
                 and !empty($old_files))
               {
-                $old_files[] = 'obsolete.list';
+                array_push($old_files, 'obsolete.list');
                 foreach($old_files as $old_file)
                 {
                   $path = $extract_path.'/'.$old_file;
@@ -659,7 +623,10 @@ SELECT
                   }
                   elseif (is_dir($path))
                   {
-                    deltree($path, PHPWG_THEMES_PATH . 'trash');
+                    if (!$this->deltree($path))
+                    {
+                      $this->send_to_trash($path);
+                    }
                   }
                 }
               }
@@ -677,10 +644,73 @@ SELECT
     @unlink($archive);
     return $status;
   }
+  
+  /**
+   * delete $path directory
+   * @param string - path
+   */
+  function deltree($path)
+  {
+    if (is_dir($path))
+    {
+      $fh = opendir($path);
+      while ($file = readdir($fh))
+      {
+        if ($file != '.' and $file != '..')
+        {
+          $pathfile = $path . '/' . $file;
+          if (is_dir($pathfile))
+          {
+            $this->deltree($pathfile);
+          }
+          else
+          {
+            @unlink($pathfile);
+          }
+        }
+      }
+      closedir($fh);
+      return @rmdir($path);
+    }
+  }
+
+  /**
+   * send $path to trash directory
+   * @param string - path
+   */
+  function send_to_trash($path)
+  {
+    $trash_path = PHPWG_THEMES_PATH . 'trash';
+    if (!is_dir($trash_path))
+    {
+      @mkdir($trash_path);
+      $file = @fopen($trash_path . '/.htaccess', 'w');
+      @fwrite($file, 'deny from all');
+      @fclose($file);
+    }
+    while ($r = $trash_path . '/' . md5(uniqid(rand(), true)))
+    {
+      if (!is_dir($r))
+      {
+        @rename($path, $r);
+        break;
+      }
+    }
+  }
 
   /**
    * Sort functions
    */
+  function theme_version_compare($a, $b)
+  {
+    $pattern = array('/([a-z])/ei', '/\.+/', '/\.\Z|\A\./');
+    $replacement = array( "'.'.intval('\\1', 36).'.'", '.', '');
+
+    $array = preg_replace($pattern, $replacement, array($a, $b));
+
+    return version_compare($array[0], $array[1], '>=');
+  }
+
   function extension_revision_compare($a, $b)
   {
     if ($a['revision_date'] < $b['revision_date']) return 1;
@@ -735,5 +765,39 @@ SELECT
     $this->fs_themes = $active_themes + $inactive_themes + $not_installed;
   }
 
+  // themes specific methods
+  function get_fs_themes_with_ini()
+  {
+    $themes_dir = PHPWG_ROOT_PATH.'themes';
+
+    $fs_themes = array();
+
+    foreach (get_dirs($themes_dir) as $theme)
+    {
+      $conf_file = $themes_dir.'/'.$theme.'/themeconf.inc.php';
+      if (file_exists($conf_file))
+      {
+        $theme_data = array(
+          'name' => $theme,
+          );
+        
+        $ini_file = $themes_dir.'/'.$theme.'/theme.ini';
+        if (file_exists($ini_file))
+        {
+          $theme_ini = parse_ini_file($ini_file);
+          if (isset($theme_ini['extension_id']))
+          {
+            $theme_data['extension_id'] = $theme_ini['extension_id'];
+          }
+        }
+
+        array_push($fs_themes, $theme_data);
+      }
+    }
+
+    echo '<pre>'; print_r($fs_themes); echo '</pre>';
+  }
+
+  
 }
-?>
+?>

admin/include/updates.class.php

@@ -1,482 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
-
-class updates
-{
-  var $types = array();
-  var $plugins;
-  var $themes;
-  var $languages;
-  var $missing = array();
-  var $default_plugins = array();
-  var $default_themes = array();
-  var $default_languages = array();
-  var $merged_extensions = array();
-  var $merged_extension_url = 'http://piwigo.org/download/merged_extensions.txt';
-
-  function __construct($page='updates')
-  {
-    $this->types = array('plugins', 'themes', 'languages');
-
-    if (in_array($page, $this->types))
-    {
-      $this->types = array($page);
-    }
-    $this->default_themes = array('clear', 'dark', 'Sylvia', 'elegant', 'smartpocket');
-    $this->default_plugins = array('AdminTools', 'TakeATour', 'language_switch', 'LocalFilesEditor');
-
-    foreach ($this->types as $type)
-    {
-      include_once(PHPWG_ROOT_PATH.'admin/include/'.$type.'.class.php');
-      $this->$type = new $type();
-    }
-  }
-
-  static function check_piwigo_upgrade()
-  {
-    $_SESSION['need_update'] = null;
-
-    if (preg_match('/(\d+\.\d+)\.(\d+)/', PHPWG_VERSION, $matches)
-      and @fetchRemote(PHPWG_URL.'/download/all_versions.php?rand='.md5(uniqid(rand(), true)), $result))
-    {
-      $all_versions = @explode("\n", $result);
-      $new_version = trim($all_versions[0]);
-      $_SESSION['need_update'] = version_compare(PHPWG_VERSION, $new_version, '<');
-    }
-  }
-
-  function get_server_extensions($version=PHPWG_VERSION)
-  {
-    global $user;
-
-    $get_data = array(
-      'format' => 'php',
-    );
-
-    // Retrieve PEM versions
-    $versions_to_check = array();
-    $url = PEM_URL . '/api/get_version_list.php';
-    if (fetchRemote($url, $result, $get_data) and $pem_versions = @unserialize($result))
-    {
-      if (!preg_match('/^\d+\.\d+\.\d+$/', $version))
-      {
-        $version = $pem_versions[0]['name'];
-      }
-      $branch = get_branch_from_version($version);
-      foreach ($pem_versions as $pem_version)
-      {
-        if (strpos($pem_version['name'], $branch) === 0)
-        {
-          $versions_to_check[] = $pem_version['id'];
-        }
-      }
-    }
-    if (empty($versions_to_check))
-    {
-      return false;
-    }
-
-    // Extensions to check
-    $ext_to_check = array();
-    foreach ($this->types as $type)
-    {
-      $fs = 'fs_'.$type;
-      foreach ($this->$type->$fs as $ext)
-      {
-        if (isset($ext['extension']))
-        {
-          $ext_to_check[$ext['extension']] = $type;
-        }
-      }
-    }
-
-    // Retrieve PEM plugins infos
-    $url = PEM_URL . '/api/get_revision_list.php';
-    $get_data = array_merge($get_data, array(
-      'last_revision_only' => 'true',
-      'version' => implode(',', $versions_to_check),
-      'lang' => substr($user['language'], 0, 2),
-      'get_nb_downloads' => 'true',
-      )
-    );
-
-    $post_data = array();
-    if (!empty($ext_to_check))
-    {
-      $post_data['extension_include'] = implode(',', array_keys($ext_to_check));
-    }
-
-    if (fetchRemote($url, $result, $get_data, $post_data))
-    {
-      $pem_exts = @unserialize($result);
-      if (!is_array($pem_exts))
-      {
-        return false;
-      }
-
-      $servers = array();
-      
-      foreach ($pem_exts as $ext)
-      {
-        if (isset($ext_to_check[$ext['extension_id']]))
-        {
-          $type = $ext_to_check[$ext['extension_id']];
-          
-          if (!isset($servers[$type]))
-          {
-            $servers[$type] = array();
-          }
-
-          $servers[$type][ $ext['extension_id'] ] = $ext;
-          
-          unset($ext_to_check[$ext['extension_id']]);
-        }
-      }
-
-      foreach ($servers as $server_type => $extension_list)
-      {
-        $server_string = 'server_'.$server_type;
-
-        $this->$server_type->$server_string = $extension_list;
-      }
-      
-      $this->check_missing_extensions($ext_to_check);
-      return true;
-    }
-    return false;
-  }
-
-  // Check all extensions upgrades
-  function check_extensions()
-  {
-    global $conf;
-
-    if (!$this->get_server_extensions())
-    {
-      return false;
-    }
-
-    $_SESSION['extensions_need_update'] = array();
-
-    foreach ($this->types as $type)
-    {
-      $fs = 'fs_'.$type;
-      $server = 'server_'.$type;
-      $server_ext = $this->$type->$server;
-      $fs_ext = $this->$type->$fs;
-
-      $ignore_list = array();
-      $need_upgrade = array();
-
-      foreach($fs_ext as $ext_id => $fs_ext)
-      {
-        if (isset($fs_ext['extension']) and isset($server_ext[$fs_ext['extension']]))
-        {
-          $ext_info = $server_ext[$fs_ext['extension']];
-
-          if (!safe_version_compare($fs_ext['version'], $ext_info['revision_name'], '>='))
-          {
-            if (in_array($ext_id, $conf['updates_ignored'][$type]))
-            {
-              $ignore_list[] = $ext_id;
-            }
-            else
-            {
-              $_SESSION['extensions_need_update'][$type][$ext_id] = $ext_info['revision_name'];
-            }
-          }
-        }
-      }
-      $conf['updates_ignored'][$type] = $ignore_list;
-    }
-    conf_update_param('updates_ignored', pwg_db_real_escape_string(serialize($conf['updates_ignored'])));
-  }
-
-  // Check if extension have been upgraded since last check
-  function check_updated_extensions()
-  {
-    foreach ($this->types as $type)
-    {
-      if (!empty($_SESSION['extensions_need_update'][$type]))
-      {
-        $fs = 'fs_'.$type;
-        foreach($this->$type->$fs as $ext_id => $fs_ext)
-        {
-          if (isset($_SESSION['extensions_need_update'][$type][$ext_id])
-            and safe_version_compare($fs_ext['version'], $_SESSION['extensions_need_update'][$type][$ext_id], '>='))
-          {
-            // Extension have been upgraded
-            $this->check_extensions();
-            break;
-          }
-        }
-      }
-    }
-  }
-
-  function check_missing_extensions($missing)
-  {
-    foreach ($missing as $id => $type)
-    {
-      $fs = 'fs_'.$type;
-      $default = 'default_'.$type;
-      foreach ($this->$type->$fs as $ext_id => $ext)
-      {
-        if (isset($ext['extension']) and $id == $ext['extension']
-          and !in_array($ext_id, $this->$default)
-          and !in_array($ext['extension'], $this->merged_extensions))
-        {
-          $this->missing[$type][] = $ext;
-          break;
-        }
-      }
-    }
-  }
-
-  function get_merged_extensions($version)
-  {
-    if (fetchRemote($this->merged_extension_url, $result))
-    {
-      $rows = explode("\n", $result);
-      foreach ($rows as $row)
-      {
-        if (preg_match('/^(\d+\.\d+): *(.*)$/', $row, $match))
-        {
-          if (version_compare($version, $match[1], '>='))
-          {
-            $extensions = explode(',', trim($match[2]));
-            $this->merged_extensions = array_merge($this->merged_extensions, $extensions);
-          }
-        }
-      }
-    }
-  }
-
-  static function process_obsolete_list($file)
-  {
-    if (file_exists(PHPWG_ROOT_PATH.$file)
-      and $old_files = file(PHPWG_ROOT_PATH.$file, FILE_IGNORE_NEW_LINES)
-      and !empty($old_files))
-    {
-      $old_files[] = $file;
-      foreach($old_files as $old_file)
-      {
-        $path = PHPWG_ROOT_PATH.$old_file;
-        if (is_file($path))
-        {
-          @unlink($path);
-        }
-        elseif (is_dir($path))
-        {
-          deltree($path, PHPWG_ROOT_PATH.'_trash');
-        }
-      }
-    }
-  }
-
-  static function dump_database($include_history=false)
-  {
-    global $page, $conf, $cfgBase;
-
-    if (version_compare(PHPWG_VERSION, '2.1', '<'))
-    {
-      $conf['db_base'] = $cfgBase;
-    }
-
-    include(PHPWG_ROOT_PATH.'admin/include/mysqldump.php');
-
-    $path = PHPWG_ROOT_PATH.$conf['data_location'].'update';
-
-    if (@mkgetdir($path)
-      and ($backupFile = tempnam($path, 'sql'))
-      and ($dumper = new MySQLDump($conf['db_base'],$backupFile,false,false)))
-    {
-      foreach (get_defined_constants() as $constant => $value)
-      {
-        if (preg_match('/_TABLE$/', $constant))
-        {
-          $dumper->getTableStructure($value);
-          if ($constant == 'HISTORY_TABLE' and !$include_history)
-          {
-            continue;
-          }
-          $dumper->getTableData($value);
-        }
-      }
-    }
-
-    if (@filesize($backupFile))
-    {
-      $http_headers = array(
-        'Content-Length: '.@filesize($backupFile),
-        'Content-Type: text/x-sql',
-        'Content-Disposition: attachment; filename="database.sql";',
-        'Content-Transfer-Encoding: binary',
-        );
-
-      foreach ($http_headers as $header) {
-        header($header);
-      }
-
-      @readfile($backupFile);
-      deltree(PHPWG_ROOT_PATH.$conf['data_location'].'update');
-      exit();
-    }
-    else
-    {
-      $page['errors'][] = l10n('Unable to dump database.');
-    }
-  }
-
-  static function upgrade_to($upgrade_to, &$step, $check_current_version=true)
-  {
-    global $page, $conf, $template;
-
-    if ($check_current_version and !version_compare($upgrade_to, PHPWG_VERSION, '>'))
-    {
-      redirect(get_root_url().'admin.php?page=plugin-'.basename(dirname(__FILE__)));
-    }
-
-    if ($step == 2)
-    {
-      preg_match('/(\d+\.\d+)\.(\d+)/', PHPWG_VERSION, $matches);
-      $code =  $matches[1].'.x_to_'.$upgrade_to;
-      $dl_code = str_replace(array('.', '_'), '', $code);
-      $remove_path = $code;
-      $obsolete_list = 'obsolete.list';
-    }
-    else
-    {
-      $code = $upgrade_to;
-      $dl_code = $code;
-      $remove_path = version_compare($code, '2.0.8', '>=') ? 'piwigo' : 'piwigo-'.$code;
-      $obsolete_list = PHPWG_ROOT_PATH.'install/obsolete.list';
-    }
-
-    if (empty($page['errors']))
-    {
-      $path = PHPWG_ROOT_PATH.$conf['data_location'].'update';
-      $filename = $path.'/'.$code.'.zip';
-      @mkgetdir($path);
-
-      $chunk_num = 0;
-      $end = false;
-      $zip = @fopen($filename, 'w');
-
-      while (!$end)
-      {
-        $chunk_num++;
-        if (@fetchRemote(PHPWG_URL.'/download/dlcounter.php?code='.$dl_code.'&chunk_num='.$chunk_num, $result)
-          and $input = @unserialize($result))
-        {
-          if (0 == $input['remaining'])
-          {
-            $end = true;
-          }
-          @fwrite($zip, base64_decode($input['data']));
-        }
-        else
-        {
-          $end = true;
-        }
-      }
-      @fclose($zip);
-
-      if (@filesize($filename))
-      {
-        $zip = new PclZip($filename);
-        if ($result = $zip->extract(PCLZIP_OPT_PATH, PHPWG_ROOT_PATH,
-                                    PCLZIP_OPT_REMOVE_PATH, $remove_path,
-                                    PCLZIP_OPT_SET_CHMOD, 0755,
-                                    PCLZIP_OPT_REPLACE_NEWER))
-        {
-          //Check if all files were extracted
-          $error = '';
-          foreach($result as $extract)
-          {
-            if (!in_array($extract['status'], array('ok', 'filtered', 'already_a_directory')))
-            {
-              // Try to change chmod and extract
-              if (@chmod(PHPWG_ROOT_PATH.$extract['filename'], 0777)
-                and ($res = $zip->extract(PCLZIP_OPT_BY_NAME, $remove_path.'/'.$extract['filename'],
-                                          PCLZIP_OPT_PATH, PHPWG_ROOT_PATH,
-                                          PCLZIP_OPT_REMOVE_PATH, $remove_path,
-                                          PCLZIP_OPT_SET_CHMOD, 0755,
-                                          PCLZIP_OPT_REPLACE_NEWER))
-                and isset($res[0]['status'])
-                and $res[0]['status'] == 'ok')
-              {
-                continue;
-              }
-              else
-              {
-                $error .= $extract['filename'].': '.$extract['status']."\n";
-              }
-            }
-          }
-
-          if (empty($error))
-          {
-            self::process_obsolete_list($obsolete_list);
-            deltree(PHPWG_ROOT_PATH.$conf['data_location'].'update');
-            invalidate_user_cache(true);
-            $template->delete_compiled_templates();
-            unset($_SESSION['need_update']);
-            if ($step == 2)
-            {
-              $page['infos'][] = l10n('Update Complete');
-              $page['infos'][] = $upgrade_to;
-              $step = -1;
-            }
-            else
-            {
-              redirect(PHPWG_ROOT_PATH.'upgrade.php?now=');
-            }
-          }
-          else
-          {
-            file_put_contents(PHPWG_ROOT_PATH.$conf['data_location'].'update/log_error.txt', $error);
-            
-            $page['errors'][] = l10n(
-              'An error has occured during extract. Please check files permissions of your piwigo installation.<br><a href="%s">Click here to show log error</a>.',
-              get_root_url().$conf['data_location'].'update/log_error.txt'
-              );
-          }
-        }
-        else
-        {
-          deltree(PHPWG_ROOT_PATH.$conf['data_location'].'update');
-          $page['errors'][] = l10n('An error has occured during upgrade.');
-        }
-      }
-      else
-      {
-        $page['errors'][] = l10n('Piwigo cannot retrieve upgrade file from server');
-      }
-    }
-  }
-}
-
-?>

admin/include/uploadify/uploadify.css

@@ -0,0 +1,60 @@
+/*
+Uploadify v2.1.0
+Release Date: August 24, 2009
+
+Copyright (c) 2009 Ronnie Garcia, Travis Nickels
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+*/
+#fileQueue {
+        width: 420px;
+        max-height: 300px;
+        overflow: auto;
+        border: 1px solid #333;
+        margin: 0 auto 10px auto;
+        padding: 5px 0 10px 0;
+}
+
+.uploadifyQueueItem {
+	border: 1px solid #666;
+	background-color: #444;
+        color:#999;
+	margin: 5px auto 0 auto;
+	padding: 10px;
+	width: 350px;
+
+}
+.uploadifyError {
+	border: 2px solid #FBCBBC !important;
+	background-color: #FDE5DD !important;
+}
+.uploadifyQueueItem .cancel {
+	float: right;
+}
+.uploadifyProgress {
+	background-color: #333;
+	border: 1px solid #666;
+	margin-top: 10px;
+	width: 100%;
+}
+.uploadifyProgressBar {
+	background-color: #FF3363;
+	width: 1px;
+	height: 3px;
+}

admin/include/uploadify/uploadify.php

@@ -0,0 +1,73 @@
+<?php
+define('PHPWG_ROOT_PATH','../../../');
+define('IN_ADMIN', true);
+
+$_COOKIE['pwg_id'] = $_POST['session_id'];
+
+include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
+include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
+include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
+
+check_pwg_token();
+
+ob_start();
+echo '$_FILES'."\n";
+print_r($_FILES);
+echo '$_POST'."\n";
+print_r($_POST);
+echo '$user'."\n";
+print_r($user);
+$tmp = ob_get_contents(); 
+ob_end_clean();
+// error_log($tmp, 3, "/tmp/php-".date('YmdHis').'-'.sprintf('%020u', rand()).".log");
+
+if ($_FILES['Filedata']['error'] !== UPLOAD_ERR_OK)
+{
+  $error_message = file_upload_error_message($_FILES['Filedata']['error']);
+  
+  add_upload_error(
+    $_POST['upload_id'],
+    sprintf(
+      l10n('Error on file "%s" : %s'),
+      $_FILES['Filedata']['name'],
+      $error_message
+      )
+    );
+
+  echo "File Size Error";
+  exit();
+}
+
+ob_start();
+
+$image_id = add_uploaded_file(
+  $_FILES['Filedata']['tmp_name'],
+  $_FILES['Filedata']['name'],
+  null,
+  8
+  );
+
+if (!isset($_SESSION['uploads']))
+{
+  $_SESSION['uploads'] = array();
+}
+
+if (!isset($_SESSION['uploads'][ $_POST['upload_id'] ]))
+{
+  $_SESSION['uploads'][ $_POST['upload_id'] ] = array();
+}
+
+array_push(
+  $_SESSION['uploads'][ $_POST['upload_id'] ],
+  $image_id
+  );
+
+$output = ob_get_contents(); 
+ob_end_clean();
+if (!empty($output))
+{
+  add_upload_error($_POST['upload_id'], $output);
+}
+
+echo "1";
+?>

admin/index.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+

admin/intro.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -29,7 +29,6 @@ if (!defined('PHPWG_ROOT_PATH'))
 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
 include_once(PHPWG_ROOT_PATH.'admin/include/check_integrity.class.php');
 include_once(PHPWG_ROOT_PATH.'admin/include/c13y_internal.class.php');
-include_once(PHPWG_ROOT_PATH.'admin/include/image.class.php');
 
 // +-----------------------------------------------------------------------+
 // | Check Access and exit when user status is not ok                      |
@@ -45,7 +44,7 @@ if (isset($_GET['action']) and 'check_upgrade' == $_GET['action'])
 {
   if (!fetchRemote(PHPWG_URL.'/download/latest_version', $result))
   {
-    $page['errors'][] = l10n('Unable to check for upgrade.');
+    array_push($page['errors'], l10n('Unable to check for upgrade.'));
   }
   else
   {
@@ -73,21 +72,33 @@ if (isset($_GET['action']) and 'check_upgrade' == $_GET['action'])
 
     if ('' == $versions['latest'])
     {
-      $page['errors'][] = l10n('Check for upgrade failed for unknown reasons.');
+      array_push(
+        $page['errors'],
+        l10n('Check for upgrade failed for unknown reasons.')
+        );
     }
     // concatenation needed to avoid automatic transformation by release
     // script generator
     else if ('%'.'PWGVERSION'.'%' == $versions['current'])
     {
-      $page['infos'][] = l10n('You are running on development sources, no check possible.');
+      array_push(
+        $page['infos'],
+        l10n('You are running on development sources, no check possible.')
+        );
     }
     else if (version_compare($versions['current'], $versions['latest']) < 0)
     {
-      $page['infos'][] = l10n('A new version of Piwigo is available.');
+      array_push(
+        $page['infos'],
+        l10n('A new version of Piwigo is available.')
+        );
     }
     else
     {
-      $page['infos'][] = l10n('You are running the latest version of Piwigo.');
+      array_push(
+        $page['infos'],
+        l10n('You are running the latest version of Piwigo.')
+        );
     }
   }
 }
@@ -175,9 +186,9 @@ list($nb_groups) = pwg_db_fetch_row(pwg_query($query));
 
 $query = '
 SELECT COUNT(*)
-  FROM '.RATE_TABLE.'
+  FROM '.COMMENTS_TABLE.'
 ;';
-list($nb_rates) = pwg_db_fetch_row(pwg_query($query));
+list($nb_comments) = pwg_db_fetch_row(pwg_query($query));
 
 $template->assign(
   array(
@@ -185,35 +196,28 @@ $template->assign(
     'PWG_VERSION' => PHPWG_VERSION,
     'OS' => PHP_OS,
     'PHP_VERSION' => phpversion(),
-    'DB_ENGINE' => 'MySQL',
+    'DB_ENGINE' => $conf['dblayer'],
     'DB_VERSION' => $db_version,
-    'DB_ELEMENTS' => l10n_dec('%d photo', '%d photos', $nb_elements),
+    'DB_ELEMENTS' => l10n_dec('%d image', '%d images', $nb_elements),
     'DB_CATEGORIES' =>
-      l10n_dec('%d album including', '%d albums including', $nb_categories).
-      l10n_dec('%d physical', '%d physicals', $nb_physical).
-      l10n_dec(' and %d virtual', ' and %d virtuals', $nb_virtual),
+      l10n_dec('%d category including', '%d categories including',
+        $nb_categories).
+      l10n_dec('%d physical', '%d physical',
+        $nb_physical).
+      l10n_dec(' and %d virtual', ' and %d virtual',
+        $nb_virtual),
     'DB_IMAGE_CATEGORY' => l10n_dec('%d association', '%d associations', $nb_image_category),
     'DB_TAGS' => l10n_dec('%d tag', '%d tags', $nb_tags),
     'DB_IMAGE_TAG' => l10n_dec('%d association', '%d associations', $nb_image_tag),
     'DB_USERS' => l10n_dec('%d user', '%d users', $nb_users),
     'DB_GROUPS' => l10n_dec('%d group', '%d groups', $nb_groups),
-    'DB_RATES' => ($nb_rates == 0) ? l10n('no rate') : l10n('%d rates', $nb_rates),
+    'DB_COMMENTS' => l10n_dec('%d comment', '%d comments', $nb_comments),
     'U_CHECK_UPGRADE' => PHPWG_ROOT_PATH.'admin.php?action=check_upgrade',
     'U_PHPINFO' => PHPWG_ROOT_PATH.'admin.php?action=phpinfo',
     'PHP_DATATIME' => $php_current_timestamp,
     'DB_DATATIME' => $db_current_date,
     )
   );
-  
-if ($conf['activate_comments'])
-{
-  $query = '
-SELECT COUNT(*)
-  FROM '.COMMENTS_TABLE.'
-;';
-  list($nb_comments) = pwg_db_fetch_row(pwg_query($query));
-  $template->assign('DB_COMMENTS', l10n_dec('%d comment', '%d comments', $nb_comments));
-}
 
 if ($nb_elements > 0)
 {
@@ -227,39 +231,50 @@ SELECT MIN(date_available)
     'first_added',
     array(
       'DB_DATE' =>
-      l10n('first photo added on %s', format_date($first_date))
+      sprintf(
+        l10n('first element added on %s'),
+        format_date($first_date)
+        )
       )
     );
 }
 
-// graphics library
-switch (pwg_image::get_library())
+// waiting elements
+$query = '
+SELECT COUNT(*)
+  FROM '.WAITING_TABLE.'
+  WHERE validated=\'false\'
+;';
+list($nb_waiting) = pwg_db_fetch_row(pwg_query($query));
+
+if ($nb_waiting > 0)
 {
-  case 'imagick':
-    $library = 'ImageMagick';
-    $img = new Imagick();
-    $version = $img->getVersion();
-    if (preg_match('/ImageMagick \d+\.\d+\.\d+-?\d*/', $version['versionString'], $match))
-    {
-      $library = $match[0];
-    }
-    $template->assign('GRAPHICS_LIBRARY', $library);
-    break;
+  $template->assign(
+    'waiting',
+    array(
+      'URL' => PHPWG_ROOT_PATH.'admin.php?page=upload',
+      'INFO' => sprintf(l10n('%d waiting for validation'), $nb_waiting)
+      )
+    );
+}
 
-  case 'ext_imagick':
-    $library = 'External ImageMagick';
-    exec($conf['ext_imagick_dir'].'convert -version', $returnarray);
-    if (preg_match('/Version: ImageMagick (\d+\.\d+\.\d+-?\d*)/', $returnarray[0], $match))
-    {
-      $library .= ' ' . $match[1];
-    }
-    $template->assign('GRAPHICS_LIBRARY', $library);
-    break;
+// unvalidated comments
+$query = '
+SELECT COUNT(*)
+  FROM '.COMMENTS_TABLE.'
+  WHERE validated=\'false\'
+;';
+list($nb_comments) = pwg_db_fetch_row(pwg_query($query));
 
-  case 'gd':
-    $gd_info = gd_info();
-    $template->assign('GRAPHICS_LIBRARY', 'GD '.@$gd_info['GD Version']);
-    break;
+if ($nb_comments > 0)
+{
+  $template->assign(
+    'unvalidated',
+    array(
+      'URL' => PHPWG_ROOT_PATH.'admin.php?page=comments',
+      'INFO' => sprintf(l10n('%d waiting for validation'), $nb_comments)
+      )
+    );
 }
 
 // +-----------------------------------------------------------------------+

admin/languages.php

@@ -1,48 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if( !defined("PHPWG_ROOT_PATH") )
-{
-  die ("Hacking attempt!");
-}
-
-include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
-
-$my_base_url = get_root_url().'admin.php?page=languages';
-
-if (isset($_GET['tab']))
-  $page['tab'] = $_GET['tab'];
-else
-  $page['tab'] = 'installed';
-
-$tabsheet = new tabsheet();
-$tabsheet->set_id('languages');
-$tabsheet->select($page['tab']);
-$tabsheet->assign();
-
-if ($page['tab'] == 'update')
-  include(PHPWG_ROOT_PATH.'admin/updates_ext.php');
-else
-  include(PHPWG_ROOT_PATH.'admin/languages_'.$page['tab'].'.php');
-
-?>

admin/languages_installed.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2009 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -34,9 +34,10 @@ $base_url = get_root_url().'admin.php?page='.$page['page'];
 
 $languages = new languages();
 $languages->get_db_languages();
+$languages->set_tabsheet($page['page']);
 
 //--------------------------------------------------perform requested actions
-if (isset($_GET['action']) and isset($_GET['language']))
+if (isset($_GET['action']) and isset($_GET['language']) and !is_adviser())
 {
   $page['errors'] = $languages->perform_action($_GET['action'], $_GET['language']);
 
@@ -53,9 +54,13 @@ $default_language = get_default_language();
 
 $tpl_languages = array();
 
-foreach($languages->fs_languages as $language_id => $language)
+foreach($languages->fs_languages as $language_id => $language_name)
 {
-  $language['u_action'] = add_url_params($base_url, array('language' => $language_id));
+  $language = array(
+    'id' => $language_id,
+    'name' => $language_name,
+    'u_action' => $base_url.'&amp;language='.$language_id,
+    );
 
   if (in_array($language_id, array_keys($languages->db_languages)))
   {
@@ -87,7 +92,7 @@ foreach($languages->fs_languages as $language_id => $language)
   else
   {
     $language['is_default'] = false;
-    $tpl_languages[] = $language;
+    array_push($tpl_languages, $language);
   }
 }
 

admin/languages_new.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2009 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -30,10 +30,11 @@ include_once(PHPWG_ROOT_PATH.'admin/include/languages.class.php');
 
 $template->set_filenames(array('languages' => 'languages_new.tpl'));
 
-$base_url = get_root_url().'admin.php?page='.$page['page'].'&tab='.$page['tab'];
+$base_url = get_root_url().'admin.php?page='.$page['page'];
 
 $languages = new languages();
 $languages->get_db_languages();
+$languages->set_tabsheet($page['page']);
 
 // +-----------------------------------------------------------------------+
 // |                           setup check                                 |
@@ -42,18 +43,24 @@ $languages->get_db_languages();
 $languages_dir = PHPWG_ROOT_PATH.'language';
 if (!is_writable($languages_dir))
 {
-  $page['errors'][] = l10n('Add write access to the "%s" directory', 'language');
+  array_push(
+    $page['errors'],
+    sprintf(
+      l10n('Add write access to the "%s" directory'),
+      'language'
+      )
+    );
 }
 
 // +-----------------------------------------------------------------------+
 // |                       perform installation                            |
 // +-----------------------------------------------------------------------+
 
-if (isset($_GET['revision']))
+if (isset($_GET['revision']) and !is_adviser())
 {
   if (!is_webmaster())
   {
-    $page['errors'][] = l10n('Webmaster status is required.');
+    array_push($page['errors'], l10n('Webmaster status is required.'));
   }
   else
   {
@@ -73,30 +80,34 @@ if (isset($_GET['installstatus']))
   switch ($_GET['installstatus'])
   {
     case 'ok':
-      $page['infos'][] = l10n('Language has been successfully installed');
+      array_push($page['infos'],
+        l10n('Language has been successfully installed')
+      );
       break;
 
     case 'temp_path_error':
-      $page['errors'][] = l10n('Can\'t create temporary file.');
+      array_push($page['errors'], l10n('Can\'t create temporary file.'));
       break;
 
     case 'dl_archive_error':
-      $page['errors'][] = l10n('Can\'t download archive.');
+      array_push($page['errors'], l10n('Can\'t download archive.'));
       break;
 
     case 'archive_error':
-      $page['errors'][] = l10n('Can\'t read or extract archive.');
+      array_push($page['errors'], l10n('Can\'t read or extract archive.'));
       break;
 
     default:
-      $page['errors'][] = l10n('An error occured during extraction (%s).', htmlspecialchars($_GET['installstatus']));
+      array_push($page['errors'],
+        sprintf(l10n('An error occured during extraction (%s).'), $_GET['installstatus'])
+      );
   }  
 }
 
 // +-----------------------------------------------------------------------+
 // |                     start template output                             |
 // +-----------------------------------------------------------------------+
-if ($languages->get_server_languages(true))
+if ($languages->get_server_languages())
 {
   foreach($languages->server_languages as $language)
   {
@@ -121,7 +132,7 @@ if ($languages->get_server_languages(true))
 }
 else
 {
-  $page['errors'][] = l10n('Can\'t connect to server.');
+  array_push($page['errors'], l10n('Can\'t connect to server.'));
 }
 
 $template->assign_var_from_handle('ADMIN_CONTENT', 'languages');

admin/maintenance.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -31,38 +31,18 @@ include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
 // +-----------------------------------------------------------------------+
 // | Check Access and exit when user status is not ok                      |
 // +-----------------------------------------------------------------------+
-
 check_status(ACCESS_ADMINISTRATOR);
 
-if (isset($_GET['action']))
-{
-  check_pwg_token();
-}
-
 // +-----------------------------------------------------------------------+
 // |                                actions                                |
 // +-----------------------------------------------------------------------+
 
-$action = isset($_GET['action']) ? $_GET['action'] : '';
+$action = (isset($_GET['action']) and !is_adviser()) ? $_GET['action'] : '';
 
 switch ($action)
 {
-  case 'lock_gallery' :
-  {
-    conf_update_param('gallery_locked', 'true');
-    redirect(get_root_url().'admin.php?page=maintenance');
-    break;
-  }
-  case 'unlock_gallery' :
-  {
-    conf_update_param('gallery_locked', 'false');
-    $_SESSION['page_infos'] = array(l10n('Gallery unlocked'));
-    redirect(get_root_url().'admin.php?page=maintenance');
-    break;
-  }
   case 'categories' :
   {
-    images_integrity();
     update_uppercats();
     update_category('all');
     update_global_rank();
@@ -71,21 +51,8 @@ switch ($action)
   }
   case 'images' :
   {
-    images_integrity();
     update_path();
-		include_once(PHPWG_ROOT_PATH.'include/functions_rate.inc.php');
-    update_rating_score();
-    invalidate_user_cache();
-    break;
-  }
-  case 'delete_orphan_tags' :
-  {
-    delete_orphan_tags();
-    break;
-  }
-  case 'user_cache' :
-  {
-    invalidate_user_cache();
+    update_average_rate();
     break;
   }
   case 'history_detail' :
@@ -109,46 +76,6 @@ DELETE
   case 'sessions' :
   {
     pwg_session_gc();
-
-    // delete all sessions associated to invalid user ids (it should never happen)
-    $query = '
-SELECT
-    id,
-    data
-  FROM '.SESSIONS_TABLE.'
-;';
-    $sessions = query2array($query);
-
-    $query = '
-SELECT
-    '.$conf['user_fields']['id'].' AS id
-  FROM '.USERS_TABLE.'
-;';
-    $all_user_ids = query2array($query, 'id', null);
-
-    $sessions_to_delete = array();
-
-    foreach ($sessions as $session)
-    {
-      if (preg_match('/pwg_uid\|i:(\d+);/', $session['data'], $matches))
-      {
-        if (!isset($all_user_ids[ $matches[1] ]))
-        {
-          $sessions_to_delete[] = $session['id'];
-        }
-      }
-    }
-
-    if (count($sessions_to_delete) > 0)
-    {
-      $query = '
-DELETE
-  FROM '.SESSIONS_TABLE.'
-  WHERE id IN (\''.implode("','", $sessions_to_delete).'\')
-;';
-      pwg_query($query);
-    }
-
     break;
   }
   case 'feeds' :
@@ -182,16 +109,9 @@ DELETE
     pwg_query($query);
     break;
   }
-  case 'compiled-templates':
+  case 'compiled-templates' :
   {
     $template->delete_compiled_templates();
-    FileCombiner::clear_combined_files();
-    $persistent_cache->purge(true);
-    break;
-  }
-  case 'derivatives':
-  {
-    clear_derivative_cache($_GET['type']);
     break;
   }
   default :
@@ -206,61 +126,48 @@ DELETE
 
 $template->set_filenames(array('maintenance'=>'maintenance.tpl'));
 
-$url_format = get_root_url().'admin.php?page=maintenance&amp;action=%s&amp;pwg_token='.get_pwg_token();
-
-$purge_urls[l10n('All')] = sprintf($url_format, 'derivatives').'&amp;type=all';
-foreach(ImageStdParams::get_defined_type_map() as $params)
-{
-  $purge_urls[ l10n($params->type) ] = sprintf($url_format, 'derivatives').'&amp;type='.$params->type;
-}
-$purge_urls[ l10n(IMG_CUSTOM) ] = sprintf($url_format, 'derivatives').'&amp;type='.IMG_CUSTOM;
+$start_url = get_root_url().'admin.php?page=maintenance&amp;action=';
 
 $template->assign(
   array(
-    'U_MAINT_CATEGORIES' => sprintf($url_format, 'categories'),
-    'U_MAINT_IMAGES' => sprintf($url_format, 'images'),
-    'U_MAINT_ORPHAN_TAGS' => sprintf($url_format, 'delete_orphan_tags'),
-    'U_MAINT_USER_CACHE' => sprintf($url_format, 'user_cache'),
-    'U_MAINT_HISTORY_DETAIL' => sprintf($url_format, 'history_detail'),
-    'U_MAINT_HISTORY_SUMMARY' => sprintf($url_format, 'history_summary'),
-    'U_MAINT_SESSIONS' => sprintf($url_format, 'sessions'),
-    'U_MAINT_FEEDS' => sprintf($url_format, 'feeds'),
-    'U_MAINT_DATABASE' => sprintf($url_format, 'database'),
-    'U_MAINT_C13Y' => sprintf($url_format, 'c13y'),
-    'U_MAINT_SEARCH' => sprintf($url_format, 'search'),
-    'U_MAINT_COMPILED_TEMPLATES' => sprintf($url_format, 'compiled-templates'),
-    'U_MAINT_DERIVATIVES' => sprintf($url_format, 'derivatives'),
-    'purge_derivatives' => $purge_urls,
+    'U_MAINT_CATEGORIES' => $start_url.'categories',
+    'U_MAINT_IMAGES' => $start_url.'images',
+    'U_MAINT_HISTORY_DETAIL' => $start_url.'history_detail',
+    'U_MAINT_HISTORY_SUMMARY' => $start_url.'history_summary',
+    'U_MAINT_SESSIONS' => $start_url.'sessions',
+    'U_MAINT_FEEDS' => $start_url.'feeds',
+    'U_MAINT_DATABASE' => $start_url.'database',
+    'U_MAINT_C13Y' => $start_url.'c13y',
+	'U_MAINT_SEARCH' => $start_url.'search',
+    'U_MAINT_COMPILED_TEMPLATES' => $start_url.'compiled-templates',
     'U_HELP' => get_root_url().'admin/popuphelp.php?page=maintenance',
     )
   );
 
-
-if ($conf['gallery_locked'])
-{
-  $template->assign(
-    array(
-      'U_MAINT_UNLOCK_GALLERY' => sprintf($url_format, 'unlock_gallery'),
-      )
-    );
-}
-else
-{
-  $template->assign(
-    array(
-      'U_MAINT_LOCK_GALLERY' => sprintf($url_format, 'lock_gallery'),
-      )
-    );
-}
-
 // +-----------------------------------------------------------------------+
 // | Define advanced features                                              |
 // +-----------------------------------------------------------------------+
 
 $advanced_features = array();
 
+array_push(
+  $advanced_features,
+  array(
+    'CAPTION' => l10n('Not linked elements'),
+    'URL' => get_root_url().'admin.php?page=element_set&amp;cat=not_linked'
+    )
+  );
+
+array_push(
+  $advanced_features,
+  array(
+    'CAPTION' => l10n('Files with same name in more than one physical category'),
+    'URL' => get_root_url().'admin.php?page=element_set&amp;cat=duplicates'
+    )
+  );
+
 //$advanced_features is array of array composed of CAPTION & URL
-$advanced_features = trigger_change(
+$advanced_features = trigger_event(
   'get_admin_advanced_features_links',
   $advanced_features
   );

admin/menubar.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -64,7 +64,7 @@ foreach ($mb_conf as $id => $pos)
     unset($mb_conf[$id]);
 }
 
-if ( isset($_POST['reset']))
+if ( isset($_POST['reset']) and !is_adviser())
 {
   $mb_conf = array();
   $query = '
@@ -85,7 +85,7 @@ foreach ($reg_blocks as $id => $block)
 }
 
 
-if ( isset($_POST['submit']) )
+if ( isset($_POST['submit']) and !is_adviser() )
 {
   foreach ( $mb_conf as $id => $pos )
   {
@@ -148,7 +148,7 @@ UPDATE '.CONFIG_TABLE.'
   ';
   pwg_query($query);
 
-  $page['infos'][] = l10n('Order of menubar items has been updated successfully.');
+  array_push($page['infos'], l10n('Order of menubar items has been updated successfully.'));
 }
 
 make_consecutive( $mb_conf );

admin/notification_by_mail.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -80,11 +80,10 @@ function do_timeout_treatment($post_keyname, $check_key_treated = array())
       $_POST[$post_keyname] = array_diff($_POST[$post_keyname], $check_key_treated);
 
       $must_repost = true;
-      $page['errors'][] = l10n_dec(
-        'Execution time is out, treatment must be continue [Estimated time: %d second].',
-        'Execution time is out, treatment must be continue [Estimated time: %d seconds].',
-        $time_refresh
-        );
+      array_push($page['errors'],
+        l10n_dec('Execution time is out, treatment must be continue [Estimated time: %d second].',
+                 'Execution time is out, treatment must be continue [Estimated time: %d seconds].',
+                  $time_refresh));
     }
   }
 
@@ -157,20 +156,29 @@ order by
       $nbm_user['check_key'] = find_available_check_key();
 
       // Save key
-      $check_key_list[] = $nbm_user['check_key'];
+      array_push($check_key_list, $nbm_user['check_key']);
 
       // Insert new nbm_users
-      $inserts[] = array(
-        'user_id' => $nbm_user['user_id'],
-        'check_key' => $nbm_user['check_key'],
-        'enabled' => 'false' // By default if false, set to true with specific functions
-        );
+      array_push
+      (
+        $inserts,
+        array
+        (
+          'user_id' => $nbm_user['user_id'],
+          'check_key' => $nbm_user['check_key'],
+          'enabled' => 'false' // By default if false, set to true with specific functions
+        )
+      );
 
-      $page['infos'][] = l10n(
-        'User %s [%s] added.',
-        stripslashes($nbm_user['username']),
-        $nbm_user['mail_address']
-        );
+      array_push
+      (
+        $page['infos'],
+        sprintf(
+          l10n('User %s [%s] added.'),
+          stripslashes($nbm_user['username']),
+          get_email_address_as_display_text($nbm_user['mail_address'])
+        )
+      );
     }
 
     // Insert new nbm_users
@@ -192,7 +200,7 @@ order by
         $query = 'delete from '.USER_MAIL_NOTIFICATION_TABLE.' where check_key in ('.implode(",", $quoted_check_key_list).');';
         $result = pwg_query($query);
 
-        redirect($base_url.get_query_string_diff(array(), false), l10n('Operation in progress')."\n".l10n('Please wait...'));
+        redirect($base_url.get_query_string_diff(array(), false), l10n('Processing treatment.')."\n".l10n('Please wait...'));
       }
     }
   }
@@ -253,7 +261,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
         }
 
         $customize_mail_content = 
-          trigger_change('nbm_render_global_customize_mail_content', $customize_mail_content);
+          trigger_event('nbm_render_global_customize_mail_content', $customize_mail_content);
 
 
         // Prepare message after change language
@@ -274,13 +282,13 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
           if ((!$is_action_send) and check_sendmail_timeout())
           {
             // Stop fill list on 'list_to_send', if the quota is override
-            $page['infos'][] = $msg_break_timeout;
+            array_push($page['infos'], $msg_break_timeout);
             break;
           }
           if (($is_action_send) and check_sendmail_timeout())
           {
             // Stop fill list on 'send', if the quota is override
-            $page['errors'][] = $msg_break_timeout;
+            array_push($page['errors'], $msg_break_timeout);
             break;
           }
 
@@ -289,24 +297,13 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
 
           if ($is_action_send)
           {
-            $auth = null;
-            $add_url_params = array();
-            
-            $auth_key = create_user_auth_key($nbm_user['user_id'], $nbm_user['status']);
-            
-            if ($auth_key !== false)
-            {
-              $auth = $auth_key['auth_key'];
-              $add_url_params['auth'] = $auth;
-            }
-            
             set_make_full_url();
             // Fill return list of "treated" check_key for 'send'
-            $return_list[] = $nbm_user['check_key'];
+            array_push($return_list, $nbm_user['check_key']);
 
             if ($conf['nbm_send_detailed_content'])
             {
-              $news = news($nbm_user['last_send'], $dbnow, false, $conf['nbm_send_html_mail'], $auth);
+               $news = news($nbm_user['last_send'], $dbnow, false, $conf['nbm_send_html_mail']);
                $exist_data = count($news) > 0;
             }
             else
@@ -316,7 +313,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
 
             if ($exist_data)
             {
-              $subject = '['.$conf['gallery_title'].'] '.l10n('New photos added');
+              $subject = '['.$conf['gallery_title'].']: '.l10n('New elements added');
 
               // Assign current var for nbm mail
               assign_vars_nbm_mail_content($nbm_user);
@@ -351,7 +348,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
               }
 
               $nbm_user_customize_mail_content = 
-                trigger_change('nbm_render_user_customize_mail_content',
+                trigger_event('nbm_render_user_customize_mail_content',
                   $customize_mail_content, $nbm_user);
               if (!empty($nbm_user_customize_mail_content))
               {
@@ -373,7 +370,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
                     array
                     (
                       'TITLE' => get_title_recent_post_date($date_detail),
-                      'HTML_DATA' => get_html_description_recent_post_date($date_detail, $auth)
+                      'HTML_DATA' => get_html_description_recent_post_date($date_detail)
                     )
                   );
                 }
@@ -384,34 +381,30 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
                 array
                 (
                   'GOTO_GALLERY_TITLE' => $conf['gallery_title'],
-                  'GOTO_GALLERY_URL' => add_url_params(get_gallery_home_url(), $add_url_params),
+                  'GOTO_GALLERY_URL' => get_gallery_home_url(),
                   'SEND_AS_NAME'      => $env_nbm['send_as_name'],
                 )
               );
-              
-              $ret = pwg_mail(
-                array(
-                  'name' => stripslashes($nbm_user['username']),
-                  'email' => $nbm_user['mail_address'],
-                  ),
-                array(
-                  'from' => $env_nbm['send_as_mail_formated'],
-                  'subject' => $subject,
-                  'email_format' => $env_nbm['email_format'],
-                  'content' => $env_nbm['mail_template']->parse('notification_by_mail', true),
-                  'content_format' => $env_nbm['email_format'],
-                  'auth_key' => $auth,
-                  )
-                );
 
-              if ($ret)
+              if (pwg_mail
+                  (
+                    format_email(stripslashes($nbm_user['username']), $nbm_user['mail_address']),
+                    array
+                    (
+                      'from' => $env_nbm['send_as_mail_formated'],
+                      'subject' => $subject,
+                      'email_format' => $env_nbm['email_format'],
+                      'content' => $env_nbm['mail_template']->parse('notification_by_mail', true),
+                      'content_format' => $env_nbm['email_format'],
+                      'theme' => $nbm_user['theme']
+                    )
+                  ))
               {
                 inc_mail_sent_success($nbm_user);
 
-                $datas[] = array(
-                  'user_id' => $nbm_user['user_id'],
-                  'last_send' => $dbnow
-                  );
+                $data = array('user_id' => $nbm_user['user_id'],
+                              'last_send' => $dbnow);
+                array_push($datas, $data);
               }
               else
               {
@@ -426,7 +419,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
             if (news_exists($nbm_user['last_send'], $dbnow))
             {
               // Fill return list of "selected" users for 'list_to_send'
-              $return_list[] = $nbm_user;
+              array_push($return_list, $nbm_user);
             }
           }
 
@@ -455,7 +448,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
       {
         if ($is_action_send)
         {
-          $page['errors'][] = l10n('No user to send notifications by mail.');
+          array_push($page['errors'], l10n('No user to send notifications by mail.'));
         }
       }
     }
@@ -494,7 +487,7 @@ check_status(get_tab_status($page['mode']));
 // | Add event handler                                                     |
 // +-----------------------------------------------------------------------+
 add_event_handler('nbm_render_global_customize_mail_content', 'render_global_customize_mail_content');
-trigger_notify('nbm_event_handler_added');
+trigger_action('nbm_event_handler_added');
 
 
 // +-----------------------------------------------------------------------+
@@ -513,7 +506,7 @@ switch ($page['mode'])
 {
   case 'param' :
   {
-    if (isset($_POST['param_submit']))
+    if (isset($_POST['param_submit']) and !is_adviser())
     {
       $updated_param_count = 0;
       // Update param
@@ -536,10 +529,9 @@ where
         }
       }
 
-      $page['infos'][] = l10n_dec(
-        '%d parameter was updated.', '%d parameters were updated.',
-        $updated_param_count
-        );
+      array_push($page['infos'],
+        l10n_dec('%d parameter was updated.', '%d parameters were updated.',
+          $updated_param_count));
 
       // Reload conf with new values
       load_conf_from_db('param like \'nbm\\_%\'');
@@ -547,23 +539,26 @@ where
   }
   case 'subscribe' :
   {
-    if (isset($_POST['falsify']) and isset($_POST['cat_true']))
+    if (!is_adviser())
     {
-      $check_key_treated = unsubscribe_notification_by_mail(true, $_POST['cat_true']);
-      do_timeout_treatment('cat_true', $check_key_treated);
-    }
-    else
-    if (isset($_POST['trueify']) and isset($_POST['cat_false']))
-    {
-      $check_key_treated = subscribe_notification_by_mail(true, $_POST['cat_false']);
-      do_timeout_treatment('cat_false', $check_key_treated);
+      if (isset($_POST['falsify']) and isset($_POST['cat_true']))
+      {
+        $check_key_treated = unsubscribe_notification_by_mail(true, $_POST['cat_true']);
+        do_timeout_treatment('cat_true', $check_key_treated);
+      }
+      else
+      if (isset($_POST['trueify']) and isset($_POST['cat_false']))
+      {
+        $check_key_treated = subscribe_notification_by_mail(true, $_POST['cat_false']);
+        do_timeout_treatment('cat_false', $check_key_treated);
+      }
     }
     break;
   }
 
   case 'send' :
   {
-    if (isset($_POST['send_submit']) and isset($_POST['send_selection']) and isset($_POST['send_customize_mail_content']))
+    if (isset($_POST['send_submit']) and isset($_POST['send_selection']) and isset($_POST['send_customize_mail_content']) and !is_adviser())
     {
       $check_key_treated = do_action_send_mail_notification('send', $_POST['send_selection'], stripslashes($_POST['send_customize_mail_content']));
       do_timeout_treatment('send_selection', $check_key_treated);
@@ -596,8 +591,19 @@ if (is_autorize_status(ACCESS_WEBMASTER))
 {
   // TabSheet
   $tabsheet = new tabsheet();
-  $tabsheet->set_id('nbm');
+  // TabSheet initialization
+  $tabsheet->add('param', l10n('Parameter'),
+    add_url_params($base_url.get_query_string_diff(array('mode', 'select')),
+        array('mode' => 'param')));
+  $tabsheet->add('subscribe', l10n('Subscribe'),
+    add_url_params($base_url.get_query_string_diff(array('mode', 'select')),
+      array('mode' => 'subscribe')));
+  $tabsheet->add('send', l10n('Send'),
+    add_url_params($base_url.get_query_string_diff(array('mode', 'select')),
+      array('mode' => 'send')));
+  // TabSheet selection
   $tabsheet->select($page['mode']);
+  // Assign tabsheet to template
   $tabsheet->assign();
 }
 
@@ -658,7 +664,7 @@ switch ($page['mode'])
     {
       if (get_boolean($nbm_user['enabled']))
       {
-        $opt_true[ $nbm_user['check_key'] ] = stripslashes($nbm_user['username']).'['.$nbm_user['mail_address'].']';
+        $opt_true[ $nbm_user['check_key'] ] = stripslashes($nbm_user['username']).'['.get_email_address_as_display_text($nbm_user['mail_address']).']';
         if ((isset($_POST['falsify']) and isset($_POST['cat_true']) and in_array($nbm_user['check_key'], $_POST['cat_true'])))
         {
           $opt_true_selected[] = $nbm_user['check_key'];
@@ -666,7 +672,7 @@ switch ($page['mode'])
       }
       else
       {
-        $opt_false[ $nbm_user['check_key'] ] = stripslashes($nbm_user['username']).'['.$nbm_user['mail_address'].']';
+        $opt_false[ $nbm_user['check_key'] ] = stripslashes($nbm_user['username']).'['.get_email_address_as_display_text($nbm_user['mail_address']).']';
         if (isset($_POST['trueify']) and isset($_POST['cat_false']) and in_array($nbm_user['check_key'], $_POST['cat_false']))
         {
           $opt_false_selected[] = $nbm_user['check_key'];
@@ -712,27 +718,13 @@ switch ($page['mode'])
                               !in_array($nbm_user['check_key'], $_POST['send_selection']) // not selected
                             )   ? '' : 'checked="checked"',
               'USERNAME'=> stripslashes($nbm_user['username']),
-              'EMAIL' => $nbm_user['mail_address'],
+              'EMAIL' => get_email_address_as_display_text($nbm_user['mail_address']),
               'LAST_SEND'=> $nbm_user['last_send']
               );
         }
       }
     }
     $template->assign($page['mode'], $tpl_var);
-
-    if ($conf['auth_key_duration'] > 0)
-    {
-      $template->assign(
-        'auth_key_duration',
-        time_since(
-          strtotime('now -'.$conf['auth_key_duration'].' second'),
-          'second',
-          null,
-          false
-          )
-        );
-    }
-
     break;
   }
 }

admin/permalinks.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -49,7 +49,7 @@ function parse_sort_variables(
   foreach( $sortable_by as $field)
   {
     $url = $base_url;
-    $disp = '↓'; // TODO: an small image is better
+    $disp = '&dArr;'; // TODO: an small image is better
 
     if ( $field !== @$_GET[$get_param] )
     {
@@ -59,13 +59,13 @@ function parse_sort_variables(
       }
       elseif (isset($default_field) and !isset($_GET[$get_param]) )
       {
-        $ret[] = $field;
+        array_push($ret, $field);
         $disp = '<em>'.$disp.'</em>';
       }
     }
     else
     {
-      $ret[] = $field;
+      array_push($ret, $field);
       $disp = '<em>'.$disp.'</em>';
     }
     if ( isset($template_var) )
@@ -83,7 +83,7 @@ if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
 include_once(PHPWG_ROOT_PATH.'admin/include/functions_permalinks.php');
 
 $selected_cat = array();
-if ( isset($_POST['set_permalink']) and $_POST['cat_id']>0 )
+if ( isset($_POST['set_permalink']) and $_POST['cat_id']>0 and !is_adviser() )
 {
   $permalink = $_POST['permalink'];
   if ( empty($permalink) )
@@ -92,7 +92,7 @@ if ( isset($_POST['set_permalink']) and $_POST['cat_id']>0 )
     set_cat_permalink($_POST['cat_id'], $permalink, isset($_POST['save']) );
   $selected_cat = array( $_POST['cat_id'] );
 }
-elseif ( isset($_GET['delete_permanent']) )
+elseif ( isset($_GET['delete_permanent']) and !is_adviser() )
 {
   $query = '
 DELETE FROM '.OLD_PERMALINKS_TABLE.'
@@ -100,26 +100,16 @@ DELETE FROM '.OLD_PERMALINKS_TABLE.'
   LIMIT 1';
   $result = pwg_query($query);
   if (pwg_db_changes($result)==0)
-  {
-    $page['errors'][] = l10n('Cannot delete the old permalink !');
-  }
+    array_push($page['errors'], l10n('Cannot delete the old permalink !'));
 }
 
 
 $template->set_filename('permalinks', 'permalinks.tpl' );
 
-// +-----------------------------------------------------------------------+
-// | tabs                                                                  |
-// +-----------------------------------------------------------------------+
-
-$page['tab'] = 'permalinks';
-include(PHPWG_ROOT_PATH.'admin/include/albums_tab.inc.php');
-
-
 $query = '
 SELECT
   id, permalink,
-  CONCAT(id, " - ", name, IF(permalink IS NULL, "", " &radic;") ) AS name,
+  '.pwg_db_concat(array('id', '\' - \'', 'name')).' AS name,
   uppercats, global_rank
 FROM '.CATEGORIES_TABLE;
 

admin/photo.php

@@ -1,84 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if( !defined("PHPWG_ROOT_PATH") )
-{
-  die ("Hacking attempt!");
-}
-
-// +-----------------------------------------------------------------------+
-// | Basic checks                                                          |
-// +-----------------------------------------------------------------------+
-
-check_status(ACCESS_ADMINISTRATOR);
-
-check_input_parameter('cat_id', $_GET, false, PATTERN_ID);
-check_input_parameter('image_id', $_GET, false, PATTERN_ID);
-
-$admin_photo_base_url = get_root_url().'admin.php?page=photo-'.$_GET['image_id'];
-
-if (isset($_GET['cat_id']))
-{
-  $query = '
-SELECT *
-  FROM '.CATEGORIES_TABLE.'
-  WHERE id = '.$_GET['cat_id'].'
-;';
-  $category = pwg_db_fetch_assoc(pwg_query($query));
-}
-
-// +-----------------------------------------------------------------------+
-// | Tabs                                                                  |
-// +-----------------------------------------------------------------------+
-
-include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
-
-$page['tab'] = 'properties';
-
-if (isset($_GET['tab']))
-{
-  $page['tab'] = $_GET['tab'];
-}
-
-$tabsheet = new tabsheet();
-$tabsheet->set_id('photo');
-$tabsheet->select($page['tab']);
-$tabsheet->assign();
-
-// +-----------------------------------------------------------------------+
-// | Load the tab                                                          |
-// +-----------------------------------------------------------------------+
-
-if ('properties' == $page['tab'])
-{
-  include(PHPWG_ROOT_PATH.'admin/picture_modify.php');
-}
-elseif ('coi' == $page['tab'])
-{
-  include(PHPWG_ROOT_PATH.'admin/picture_coi.php');
-}
-else
-{
-  include(PHPWG_ROOT_PATH.'admin/photo_'.$page['tab'].'.php');
-}
-?>

admin/photos_add.php

@@ -1,10 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
+// | Copyright(C) 2010      Pierrick LE GALL             http://piwigo.org |
 // +-----------------------------------------------------------------------+
 // | This program is free software; you can redistribute it and/or modify  |
 // | it under the terms of the GNU General Public License as published by  |
@@ -29,7 +27,6 @@ if( !defined("PHPWG_ROOT_PATH") )
 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
 include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
 include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
-include_once(PHPWG_ROOT_PATH.'admin/include/image.class.php');
 
 define(
   'PHOTOS_ADD_BASE_URL',
@@ -46,28 +43,151 @@ check_status(ACCESS_ADMINISTRATOR);
 // |                          Load configuration                           |
 // +-----------------------------------------------------------------------+
 
-$upload_form_config = get_upload_form_config();
+// automatic fill of configuration parameters
+$upload_form_config = array(
+  'websize_resize' => array(
+    'default' => true,
+    'can_be_null' => false,
+    ),
+  
+  'websize_maxwidth' => array(
+    'default' => 800,
+    'min' => 100,
+    'max' => 1600,
+    'pattern' => '/^\d+$/',
+    'can_be_null' => true,
+    'error_message' => l10n('The websize maximum width must be a number between %d and %d'),
+    ),
+  
+  'websize_maxheight' => array(
+    'default' => 600,
+    'min' => 100,
+    'max' => 1200,
+    'pattern' => '/^\d+$/',
+    'can_be_null' => true,
+    'error_message' => l10n('The websize maximum height must be a number between %d and %d'),
+    ),
+  
+  'websize_quality' => array(
+    'default' => 95,
+    'min' => 50,
+    'max' => 100,
+    'pattern' => '/^\d+$/',
+    'can_be_null' => false,
+    'error_message' => l10n('The websize image quality must be a number between %d and %d'),
+    ),
+  
+  'thumb_maxwidth' => array(
+    'default' => 128,
+    'min' => 50,
+    'max' => 300,
+    'pattern' => '/^\d+$/',
+    'can_be_null' => false,
+    'error_message' => l10n('The thumbnail maximum width must be a number between %d and %d'),
+    ),
+  
+  'thumb_maxheight' => array(
+    'default' => 96,
+    'min' => 50,
+    'max' => 300,
+    'pattern' => '/^\d+$/',
+    'can_be_null' => false,
+    'error_message' => l10n('The thumbnail maximum height must be a number between %d and %d'),
+    ),
+  
+  'thumb_quality' => array(
+    'default' => 95,
+    'min' => 50,
+    'max' => 100,
+    'pattern' => '/^\d+$/',
+    'can_be_null' => false,
+    'error_message' => l10n('The thumbnail image quality must be a number between %d and %d'),
+    ),
+  );
+
+$inserts = array();
+
+foreach ($upload_form_config as $param_shortname => $param)
+{
+  $param_name = 'upload_form_'.$param_shortname;
+  
+  if (!isset($conf[$param_name]))
+  {
+    $param_value = boolean_to_string($param['default']);
+    
+    array_push(
+      $inserts,
+      array(
+        'param' => $param_name,
+        'value' => $param_value,
+        )
+      );
+    $conf[$param_name] = $param_value;
+  }
+}
+
+if (count($inserts) > 0)
+{
+  mass_inserts(
+    CONFIG_TABLE,
+    array_keys($inserts[0]),
+    $inserts
+    );
+}
 
 // +-----------------------------------------------------------------------+
 // |                                 Tabs                                  |
 // +-----------------------------------------------------------------------+
-if (isset($_GET['section']))
+
+$tabs = array(
+  array(
+    'code' => 'direct',
+    'label' => l10n('Upload Photos'),
+    ),
+  array(
+    'code' => 'settings',
+    'label' => l10n('Settings'),
+    ),
+  array(
+    'code' => 'ploader',
+    'label' => l10n('Piwigo Uploader'),
+    ),
+  );
+
+if ($conf['enable_synchronization'])
+{
+  array_push(
+    $tabs,
+    array(
+      'code' => 'ftp',
+      'label' => l10n('FTP + Synchronization'),
+      )
+    );
+}
+
+$tab_codes = array_map(
+  create_function('$a', 'return $a["code"];'),
+  $tabs
+  );
+
+if (isset($_GET['section']) and in_array($_GET['section'], $tab_codes))
 {
   $page['tab'] = $_GET['section'];
-
-  // backward compatibility
-  if ('ploader' == $page['tab'])
-  {
-    $page['tab'] = 'applications';
-  }
 }
 else
 {
-  $page['tab'] = 'direct';
+  $page['tab'] = $tabs[0]['code'];
 }
 
 $tabsheet = new tabsheet();
-$tabsheet->set_id('photos_add');
+foreach ($tabs as $tab)
+{
+  $tabsheet->add(
+    $tab['code'],
+    $tab['label'],
+    PHOTOS_ADD_BASE_URL.'&amp;section='.$tab['code']
+    );
+}
 $tabsheet->select($page['tab']);
 $tabsheet->assign();
 
@@ -81,6 +201,11 @@ $template->set_filenames(
     )
   );
 
+// $template->append(
+//   'head_elements',
+//   '<link rel="stylesheet" type="text/css" href="'.UPLOAD_FORM_PATH.'upload.css">'."\n"
+//   );
+
 // +-----------------------------------------------------------------------+
 // |                             Load the tab                              |
 // +-----------------------------------------------------------------------+

admin/photos_add_applications.php

@@ -1,47 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if (!defined('PHOTOS_ADD_BASE_URL'))
-{
-  die ("Hacking attempt!");
-}
-
-// +-----------------------------------------------------------------------+
-// |                             template init                             |
-// +-----------------------------------------------------------------------+
-
-$template->assign(
-    array(
-      'URL_DOWNLOAD_WINDOWS' => $conf['ploader_download_windows'],
-      'URL_DOWNLOAD_MAC' => $conf['ploader_download_mac'],
-      'URL_DOWNLOAD_LINUX' => $conf['ploader_download_linux'],
-    )
-  );
-
-
-// +-----------------------------------------------------------------------+
-// |                           sending html code                           |
-// +-----------------------------------------------------------------------+
-
-$template->assign_var_from_handle('ADMIN_CONTENT', 'photos_add');
-?>

admin/photos_add_direct.php

@@ -1,10 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
+// | Copyright(C) 2010      Pierrick LE GALL             http://piwigo.org |
 // +-----------------------------------------------------------------------+
 // | This program is free software; you can redistribute it and/or modify  |
 // | it under the terms of the GNU General Public License as published by  |
@@ -43,9 +41,12 @@ DELETE FROM '.CADDIE_TABLE.'
   $inserts = array();
   foreach (explode(',', $_GET['batch']) as $image_id)
   {
-    $inserts[] = array(
-      'user_id' => $user['id'],
-      'element_id' => $image_id,
+    array_push(
+      $inserts,
+      array(
+        'user_id' => $user['id'],
+        'element_id' => $image_id,
+        )
       );
   }
   mass_inserts(
@@ -54,19 +55,502 @@ DELETE FROM '.CADDIE_TABLE.'
     $inserts
     );
 
-  redirect(get_root_url().'admin.php?page=batch_manager&filter=prefilter-caddie');
+  redirect(get_root_url().'admin.php?page=element_set&cat=caddie');
 }
 
 // +-----------------------------------------------------------------------+
-// |                             prepare form                              |
+// |                             process form                              |
 // +-----------------------------------------------------------------------+
 
-include_once(PHPWG_ROOT_PATH.'admin/include/photos_add_direct_prepare.inc.php');
+if (isset($_GET['processed']))
+{
+//   echo '<pre>POST'."\n"; print_r($_POST); echo '</pre>';
+//   echo '<pre>FILES'."\n"; print_r($_FILES); echo '</pre>';
+//   echo '<pre>SESSION'."\n"; print_r($_SESSION); echo '</pre>';
+//   exit();
+
+  // sometimes, you have submitted the form but you have nothing in $_POST
+  // and $_FILES. This may happen when you have an HTML upload and you
+  // exceeded the post_max_size (but not the upload_max_size)
+  if (!isset($_POST['submit_upload']))
+  {
+    array_push(
+      $page['errors'],
+      sprintf(
+        l10n('The uploaded files exceed the post_max_size directive in php.ini: %sB'),
+        ini_get('post_max_size')
+        )
+      );
+  }
+  
+  $category_id = null;
+  if (!isset($_POST['category_type']))
+  {
+    // nothing to do, we certainly have the post_max_size issue
+  }
+  elseif ('existing' == $_POST['category_type'])
+  {
+    $category_id = $_POST['category'];
+  }
+  elseif ('new' == $_POST['category_type'])
+  {
+    $output_create = create_virtual_category(
+      $_POST['category_name'],
+      (0 == $_POST['category_parent'] ? null : $_POST['category_parent'])
+      );
+    
+    $category_id = $output_create['id'];
+
+    if (isset($output_create['error']))
+    {
+      array_push($page['errors'], $output_create['error']);
+    }
+    else
+    {
+      $category_name = get_cat_display_name_from_id($category_id, 'admin.php?page=cat_modify&amp;cat_id=');
+      // information
+      array_push(
+        $page['infos'],
+        sprintf(
+          l10n('Category "%s" has been added'),
+          '<em>'.$category_name.'</em>'
+          )
+        );
+      // TODO: add the onclick="window.open(this.href); return false;"
+      // attribute with jQuery on upload.tpl side for href containing
+      // "cat_modify"
+    }
+  }
+
+  $image_ids = array();
+        
+  if (isset($_FILES) and !empty($_FILES['image_upload']))
+  {
+    $starttime = get_moment();
+
+  foreach ($_FILES['image_upload']['error'] as $idx => $error)
+  {
+    if (UPLOAD_ERR_OK == $error)
+    {
+      $images_to_add = array();
+      
+      $extension = pathinfo($_FILES['image_upload']['name'][$idx], PATHINFO_EXTENSION);
+      if ('zip' == strtolower($extension))
+      {
+        $upload_dir = $conf['upload_dir'].'/buffer';
+        prepare_directory($upload_dir);
+        
+        $temporary_archive_name = date('YmdHis').'-'.generate_key(10);
+        $archive_path = $upload_dir.'/'.$temporary_archive_name.'.zip';
+        
+        move_uploaded_file(
+          $_FILES['image_upload']['tmp_name'][$idx],
+          $archive_path
+          );
+
+        define('PCLZIP_TEMPORARY_DIR', $upload_dir.'/');
+        include(PHPWG_ROOT_PATH.'admin/include/pclzip.lib.php');
+        $zip = new PclZip($archive_path);
+        if ($list = $zip->listContent())
+        {
+          $indexes_to_extract = array();
+          
+          foreach ($list as $node)
+          {
+            if (1 == $node['folder'])
+            {
+              continue;
+            }
+
+            if (is_valid_image_extension(pathinfo($node['filename'], PATHINFO_EXTENSION)))
+            {
+              array_push($indexes_to_extract, $node['index']);
+              
+              array_push(
+                $images_to_add,
+                array(
+                  'source_filepath' => $upload_dir.'/'.$temporary_archive_name.'/'.$node['filename'],
+                  'original_filename' => basename($node['filename']),
+                  )
+                );
+            }
+          }
+      
+          if (count($indexes_to_extract) > 0)
+          {
+            $zip->extract(
+              PCLZIP_OPT_PATH, $upload_dir.'/'.$temporary_archive_name,
+              PCLZIP_OPT_BY_INDEX, $indexes_to_extract,
+              PCLZIP_OPT_ADD_TEMP_FILE_ON
+              );
+          }
+        }
+      }
+      elseif (is_valid_image_extension($extension))
+      {
+        array_push(
+          $images_to_add,
+          array(
+            'source_filepath' => $_FILES['image_upload']['tmp_name'][$idx],
+            'original_filename' => $_FILES['image_upload']['name'][$idx],
+            )
+          );
+      }
+
+      foreach ($images_to_add as $image_to_add)
+      {
+        $image_id = add_uploaded_file(
+          $image_to_add['source_filepath'],
+          $image_to_add['original_filename'],
+          array($category_id),
+          $_POST['level']
+          );
+
+        array_push($image_ids, $image_id);
+
+        // TODO: if $image_id is not an integer, something went wrong
+      }
+    }
+    else
+    {
+      $error_message = file_upload_error_message($error);
+      
+      array_push(
+        $page['errors'],
+        sprintf(
+          l10n('Error on file "%s" : %s'),
+          $_FILES['image_upload']['name'][$idx],
+          $error_message
+          )
+        );
+    }
+  }
+  
+  $endtime = get_moment();
+  $elapsed = ($endtime - $starttime) * 1000;
+  // printf('%.2f ms', $elapsed);
+
+  } // if (!empty($_FILES))
+
+  if (isset($_POST['upload_id']))
+  {
+    // we're on a multiple upload, with uploadify and so on
+    if (isset($_SESSION['uploads_error'][ $_POST['upload_id'] ]))
+    {
+      foreach ($_SESSION['uploads_error'][ $_POST['upload_id'] ] as $error)
+      {
+        array_push($page['errors'], $error);
+      }
+    }
+
+    if (isset($_SESSION['uploads'][ $_POST['upload_id'] ]))
+    {
+      $image_ids = $_SESSION['uploads'][ $_POST['upload_id'] ];
+
+      associate_images_to_categories(
+        $image_ids,
+        array($category_id)
+        );
+
+      $query = '
+UPDATE '.IMAGES_TABLE.'
+  SET level = '.$_POST['level'].'
+  WHERE id IN ('.implode(', ', $image_ids).')
+;';
+      pwg_query($query);
+    
+      invalidate_user_cache();
+    }
+  }
+  
+  $page['thumbnails'] = array();
+  foreach ($image_ids as $image_id)
+  {
+    // we could return the list of properties from the add_uploaded_file
+    // function, but I like the "double check". And it costs nothing
+    // compared to the upload process.
+    $thumbnail = array();
+      
+    $query = '
+SELECT
+    file,
+    path,
+    tn_ext
+  FROM '.IMAGES_TABLE.'
+  WHERE id = '.$image_id.'
+;';
+    $image_infos = pwg_db_fetch_assoc(pwg_query($query));
+
+    $thumbnail['file'] = $image_infos['file'];
+    
+    $thumbnail['src'] = get_thumbnail_location(
+      array(
+        'path' => $image_infos['path'],
+        'tn_ext' => $image_infos['tn_ext'],
+        )
+      );
+
+    // TODO: when implementing this plugin in Piwigo core, we should have
+    // a function get_image_name($name, $file) (if name is null, then
+    // compute a temporary name from filename) that would be also used in
+    // picture.php. UPDATE: in fact, "get_name_from_file($file)" already
+    // exists and is used twice (element_set_unit + comments, but not in
+    // picture.php I don't know why) with the same pattern if
+    // (empty($name)) {$name = get_name_from_file($file)}, a clean
+    // function get_image_name($name, $file) would be better
+    $thumbnail['title'] = get_name_from_file($image_infos['file']);
+
+    $thumbnail['link'] = PHPWG_ROOT_PATH.'admin.php?page=picture_modify'
+      .'&amp;image_id='.$image_id
+      .'&amp;cat_id='.$category_id
+      ;
+
+    array_push($page['thumbnails'], $thumbnail);
+  }
+  
+  if (!empty($page['thumbnails']))
+  {
+    array_push(
+      $page['infos'],
+      sprintf(
+        l10n('%d photos uploaded'),
+        count($page['thumbnails'])
+        )
+      );
+    
+    if (0 != $_POST['level'])
+    {
+      array_push(
+        $page['infos'],
+        sprintf(
+          l10n('Privacy level set to "%s"'),
+          l10n(
+            sprintf('Level %d', $_POST['level'])
+            )
+          )
+        );
+    }
+
+    if ('existing' == $_POST['category_type'])
+    {
+      $query = '
+SELECT
+    COUNT(*)
+  FROM '.IMAGE_CATEGORY_TABLE.'
+  WHERE category_id = '.$category_id.'
+;';
+      list($count) = pwg_db_fetch_row(pwg_query($query));
+      $category_name = get_cat_display_name_from_id($category_id, 'admin.php?page=cat_modify&amp;cat_id=');
+      
+      // information
+      array_push(
+        $page['infos'],
+        sprintf(
+          l10n('Category "%s" now contains %d photos'),
+          '<em>'.$category_name.'</em>',
+          $count
+          )
+        );
+    }
+
+    $page['batch_link'] = PHOTOS_ADD_BASE_URL.'&batch='.implode(',', $image_ids);
+  }
+}
+
+// +-----------------------------------------------------------------------+
+// |                             template init                             |
+// +-----------------------------------------------------------------------+
+
+$uploadify_path = PHPWG_ROOT_PATH.'admin/include/uploadify';
+
+$template->assign(
+    array(
+      'F_ADD_ACTION'=> PHOTOS_ADD_BASE_URL,
+      'uploadify_path' => $uploadify_path,
+      'upload_max_filesize' => min(
+        get_ini_size('upload_max_filesize'),
+        get_ini_size('post_max_size')
+        ),
+    )
+  );
+
+$upload_modes = array('html', 'multiple');
+$upload_mode = isset($conf['upload_mode']) ? $conf['upload_mode'] : 'multiple';
+
+if (isset($_GET['upload_mode']) and in_array($_GET['upload_mode'], $upload_modes))
+{
+  $upload_mode = $_GET['upload_mode'];
+  conf_update_param('upload_mode', $upload_mode);
+}
+
+// what is the upload switch mode
+$index_of_upload_mode = array_flip($upload_modes);
+$upload_mode_index = $index_of_upload_mode[$upload_mode];
+$upload_switch = $upload_modes[ ($upload_mode_index + 1) % 2 ];
+
+$template->assign(
+    array(
+      'upload_mode' => $upload_mode,
+      'form_action' => PHOTOS_ADD_BASE_URL.'&amp;upload_mode='.$upload_mode.'&amp;processed=1',
+      'switch_url' => PHOTOS_ADD_BASE_URL.'&amp;upload_mode='.$upload_switch,
+      'upload_id' => md5(rand()),
+      'session_id' => session_id(),
+      'pwg_token' => get_pwg_token(),
+      'another_upload_link' => PHOTOS_ADD_BASE_URL.'&amp;upload_mode='.$upload_mode,
+    )
+  );
+
+$template->append(
+  'head_elements',
+  '<link rel="stylesheet" type="text/css" href="'.$uploadify_path.'/uploadify.css">'."\n"
+  );
+
+if (isset($page['thumbnails']))
+{
+  $template->assign(
+    array(
+      'thumbnails' => $page['thumbnails'],
+      )
+    );
+
+  // only display the batch link if we have more than 1 photo
+  if (count($page['thumbnails']) > 1)
+  {
+    $template->assign(
+      array(
+        'batch_link' => $page['batch_link'],
+        'batch_label' => sprintf(
+          l10n('Manage this set of %d photos'),
+          count($page['thumbnails'])
+          ),
+        )
+      );
+  }
+}
+
+// categories
+//
+// we need to know the category in which the last photo was added
+$selected_category = array();
+$selected_parent = array();
+
+$query = '
+SELECT
+    category_id,
+    id_uppercat
+  FROM '.IMAGES_TABLE.' AS i
+    JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON image_id = i.id
+    JOIN '.CATEGORIES_TABLE.' AS c ON category_id = c.id
+  ORDER BY i.id DESC
+  LIMIT 1
+;';
+$result = pwg_query($query);
+if (pwg_db_num_rows($result) > 0)
+{
+  $row = pwg_db_fetch_assoc($result);
+  
+  $selected_category = array($row['category_id']);
+
+  if (!empty($row['id_uppercat']))
+  {
+    $selected_parent = array($row['id_uppercat']);
+  }
+}
+
+// existing category
+$query = '
+SELECT id,name,uppercats,global_rank
+  FROM '.CATEGORIES_TABLE.'
+;';
+
+display_select_cat_wrapper(
+  $query,
+  $selected_category,
+  'category_options'
+  );
+
+// new category
+display_select_cat_wrapper(
+  $query,
+  $selected_parent,
+  'category_parent_options'
+  );
+
+
+// image level options
+$selected_level = isset($_POST['level']) ? $_POST['level'] : 0;
+$template->assign(
+    array(
+      'level_options'=> get_privacy_level_options(),
+      'level_options_selected' => array($selected_level)
+    )
+  );
+
+// +-----------------------------------------------------------------------+
+// |                         setup errors/warnings                         |
+// +-----------------------------------------------------------------------+
+
+// Errors
+$setup_errors = array();
+
+$error_message = ready_for_upload_message();
+if (!empty($error_message))
+{
+  array_push($setup_errors, $error_message);
+}
+
+if (!function_exists('gd_info'))
+{
+  array_push($setup_errors, l10n('GD library is missing'));
+}
+
+$template->assign(
+  array(
+    'setup_errors'=> $setup_errors,
+    )
+  );
+
+// Warnings
+if (isset($_GET['hide_warnings']))
+{
+  $_SESSION['upload_hide_warnings'] = true;
+}
+
+if (!isset($_SESSION['upload_hide_warnings']))
+{
+  $setup_warnings = array();
+  
+  if ($conf['use_exif'] and !function_exists('read_exif_data'))
+  {
+    array_push(
+      $setup_warnings,
+      l10n('Exif extension not available, admin should disable exif use')
+      );
+  }
+
+  if (get_ini_size('upload_max_filesize') > get_ini_size('post_max_size'))
+  {
+    array_push(
+      $setup_warnings,
+      sprintf(
+        l10n('In your php.ini file, the upload_max_filesize (%sB) is bigger than post_max_size (%sB), you should change this setting'),
+        get_ini_size('upload_max_filesize', false),
+        get_ini_size('post_max_size', false)
+        )
+      );
+  }
+
+  $template->assign(
+    array(
+      'setup_warnings' => $setup_warnings,
+      'hide_warnings_link' => PHOTOS_ADD_BASE_URL.'&amp;upload_mode='.$upload_mode.'&amp;hide_warnings=1'
+      )
+    );
+}
 
 // +-----------------------------------------------------------------------+
 // |                           sending html code                           |
 // +-----------------------------------------------------------------------+
-trigger_notify('loc_end_photo_add_direct');
 
 $template->assign_var_from_handle('ADMIN_CONTENT', 'photos_add');
 ?>

admin/photos_add_ftp.php

@@ -1,10 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
+// | Copyright(C) 2010      Pierrick LE GALL             http://piwigo.org |
 // +-----------------------------------------------------------------------+
 // | This program is free software; you can redistribute it and/or modify  |
 // | it under the terms of the GNU General Public License as published by  |

admin/photos_add_ploader.php

@@ -0,0 +1,45 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | Piwigo - a PHP based picture gallery                                  |
+// +-----------------------------------------------------------------------+
+// | Copyright(C) 2010      Pierrick LE GALL             http://piwigo.org |
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+if (!defined('PHOTOS_ADD_BASE_URL'))
+{
+  die ("Hacking attempt!");
+}
+
+// +-----------------------------------------------------------------------+
+// |                             template init                             |
+// +-----------------------------------------------------------------------+
+
+$template->assign(
+    array(
+      'URL_DOWNLOAD_WINDOWS' => $conf['ploader_download_windows'],
+      'URL_DOWNLOAD_MAC' => $conf['ploader_download_mac'],
+      'URL_DOWNLOAD_LINUX' => $conf['ploader_download_linux'],
+    )
+  );
+
+
+// +-----------------------------------------------------------------------+
+// |                           sending html code                           |
+// +-----------------------------------------------------------------------+
+
+$template->assign_var_from_handle('ADMIN_CONTENT', 'photos_add');
+?>

admin/photos_add_settings.php

@@ -0,0 +1,155 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | Piwigo - a PHP based picture gallery                                  |
+// +-----------------------------------------------------------------------+
+// | Copyright(C) 2010      Pierrick LE GALL             http://piwigo.org |
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+if (!defined('PHOTOS_ADD_BASE_URL'))
+{
+  die ("Hacking attempt!");
+}
+
+// by default, the form values are the current configuration
+// we may overwrite them with the current form values
+$form_values = array();
+
+foreach ($upload_form_config as $param_shortname => $param)
+{
+  $param_name = 'upload_form_'.$param_shortname;
+  $form_values[$param_shortname] = $conf[$param_name];
+}
+
+// +-----------------------------------------------------------------------+
+// |                             process form                              |
+// +-----------------------------------------------------------------------+
+
+if (isset($_POST['submit']))
+{
+  $updates = array();
+
+  // let's care about the specific checkbox that disable/enable other
+  // settings
+  $field = 'websize_resize';
+  
+  if (empty($_POST[$field]))
+  {
+    $value = false;
+  }
+  else
+  {
+    $fields[] = 'websize_maxwidth';
+    $fields[] = 'websize_maxheight';
+    $fields[] = 'websize_quality';
+
+    $value = true;
+  }
+  
+  $updates[] = array(
+    'param' => 'upload_form_'.$field,
+    'value' => boolean_to_string($value),
+    );
+  $form_values[$field] = $value;;
+
+  // and now other fields, processed in a generic way
+  $fields[] = 'thumb_maxwidth';
+  $fields[] = 'thumb_maxheight';
+  $fields[] = 'thumb_quality';
+  
+  foreach ($fields as $field)
+  {
+    $value = null;
+    if (!empty($_POST[$field]))
+    {
+      $value = $_POST[$field];
+    }
+    $form_values[$field] = $value;
+    
+    if ($upload_form_config[$field]['can_be_null'] and empty($value))
+    {
+      $updates[] = array(
+        'param' => 'upload_form_'.$field,
+        'value' => 'false'
+        );
+    }
+    else
+    {
+      $min = $upload_form_config[$field]['min'];
+      $max = $upload_form_config[$field]['max'];
+      $pattern = $upload_form_config[$field]['pattern'];
+      
+      if (preg_match($pattern, $value) and $value >= $min and $value <= $max)
+      {
+         $updates[] = array(
+          'param' => 'upload_form_'.$field,
+          'value' => $value
+          );
+      }
+      else
+      {
+        array_push(
+          $page['errors'],
+          sprintf(
+            $upload_form_config[$field]['error_message'],
+            $min,
+            $max
+            )
+          );
+      }
+    }
+  }
+
+  if (count($page['errors']) == 0)
+  {
+    mass_updates(
+      CONFIG_TABLE,
+      array(
+        'primary' => array('param'),
+        'update' => array('value')
+        ),
+      $updates
+      );
+    
+    array_push(
+      $page['infos'],
+      l10n('Your configuration settings are saved')
+      );
+  }
+}
+
+// +-----------------------------------------------------------------------+
+// |                             template init                             |
+// +-----------------------------------------------------------------------+
+
+// specific case, "websize_resize" is a checkbox
+$field = 'websize_resize';
+$form_values[$field] = $form_values[$field] ? 'checked="checked"' : '';
+
+$template->assign(
+    array(
+      'F_ADD_ACTION'=> PHOTOS_ADD_BASE_URL,
+      'values' => $form_values
+    )
+  );
+
+
+// +-----------------------------------------------------------------------+
+// |                           sending html code                           |
+// +-----------------------------------------------------------------------+
+
+$template->assign_var_from_handle('ADMIN_CONTENT', 'photos_add');
+?>

admin/picture_coi.php

@@ -1,113 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if(!defined("PHPWG_ROOT_PATH"))
-{
-  die('Hacking attempt!');
-}
-
-// +-----------------------------------------------------------------------+
-// | Check Access and exit when user status is not ok                      |
-// +-----------------------------------------------------------------------+
-check_status(ACCESS_ADMINISTRATOR);
-
-check_input_parameter('image_id', $_GET, false, PATTERN_ID);
-
-if (isset($_POST['submit']))
-{
-  $query = 'UPDATE '.IMAGES_TABLE;
-  if (strlen($_POST['l'])==0)
-  {
-    $query .= ' SET coi=NULL';
-  }
-  else
-  {
-    $coi = fraction_to_char($_POST['l'])
-      .fraction_to_char($_POST['t'])
-      .fraction_to_char($_POST['r'])
-      .fraction_to_char($_POST['b']);
-    $query .= ' SET coi=\''.$coi.'\'';
-  }
-  $query .= ' WHERE id='.$_GET['image_id'];
-  pwg_query($query);
-}
-
-$query = 'SELECT * FROM '.IMAGES_TABLE.' WHERE id='.$_GET['image_id'];
-$row = pwg_db_fetch_assoc( pwg_query($query) );
-
-if (isset($_POST['submit']))
-{
-  foreach(ImageStdParams::get_defined_type_map() as $params)
-  {
-    if ($params->sizing->max_crop != 0)
-    {
-      delete_element_derivatives($row, $params->type);
-    }
-  }
-  delete_element_derivatives($row, IMG_CUSTOM);
-  $uid = '&b='.time();
-  $conf['question_mark_in_urls'] = $conf['php_extension_in_urls'] = true;
-  if ($conf['derivative_url_style']==1)
-  {
-    $conf['derivative_url_style']=0; //auto
-  }
-}
-else
-{
-  $uid = '';
-}
-
-$tpl_var = array(
-  'TITLE' => render_element_name($row),
-  'ALT' => $row['file'],
-  'U_IMG' => DerivativeImage::url(IMG_LARGE, $row),
-  );
-
-if (!empty($row['coi']))
-{
-  $tpl_var['coi'] = array(
-    'l'=> char_to_fraction($row['coi'][0]),
-    't'=> char_to_fraction($row['coi'][1]),
-    'r'=> char_to_fraction($row['coi'][2]),
-    'b'=> char_to_fraction($row['coi'][3]),
-  );
-}
-
-foreach(ImageStdParams::get_defined_type_map() as $params)
-{
-  if ($params->sizing->max_crop != 0)
-  {
-    $derivative = new DerivativeImage($params, new SrcImage($row) );
-    $template->append( 'cropped_derivatives', array( 
-      'U_IMG' => $derivative->get_url().$uid,
-      'HTM_SIZE' => $derivative->get_size_htm(),
-    ) );
-  }
-}
-
-
-$template->assign($tpl_var);
-$template->set_filename('picture_coi', 'picture_coi.tpl');
-
-$template->assign_var_from_handle('ADMIN_CONTENT', 'picture_coi');
-?>

admin/picture_modify.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -36,169 +36,156 @@ check_status(ACCESS_ADMINISTRATOR);
 check_input_parameter('image_id', $_GET, false, PATTERN_ID);
 check_input_parameter('cat_id', $_GET, false, PATTERN_ID);
 
-// represent
-$query = '
-SELECT id
-  FROM '.CATEGORIES_TABLE.'
-  WHERE representative_picture_id = '.$_GET['image_id'].'
-;';
-$represented_albums = query2array($query, null, 'id');
-
-// +-----------------------------------------------------------------------+
-// |                             delete photo                              |
-// +-----------------------------------------------------------------------+
-
-if (isset($_GET['delete']))
-{
-  check_pwg_token();
-
-  delete_elements(array($_GET['image_id']), true);
-  invalidate_user_cache();
-
-  // where to redirect the user now?
-  //
-  // 1. if a category is available in the URL, use it
-  // 2. else use the first reachable linked category
-  // 3. redirect to gallery root
-
-  if (isset($_GET['cat_id']) and !empty($_GET['cat_id']))
-  {
-    redirect(
-      make_index_url(
-        array(
-          'category' => get_cat_info($_GET['cat_id'])
-          )
-        )
-      );
-  }
-
-  $query = '
-SELECT category_id
-  FROM '.IMAGE_CATEGORY_TABLE.'
-  WHERE image_id = '.$_GET['image_id'].'
-;';
-
-  $authorizeds = array_diff(
-    array_from_query($query, 'category_id'),
-    explode(',', calculate_permissions($user['id'], $user['status']))
-    );
-
-  foreach ($authorizeds as $category_id)
-  {
-    redirect(
-      make_index_url(
-        array(
-          'category' => get_cat_info($category_id)
-          )
-        )
-      );
-  }
-
-  redirect(make_index_url());
-}
-
 // +-----------------------------------------------------------------------+
 // |                          synchronize metadata                         |
 // +-----------------------------------------------------------------------+
 
-if (isset($_GET['sync_metadata']))
+if (isset($_GET['sync_metadata']) and !is_adviser())
 {
-  sync_metadata(array( intval($_GET['image_id'])));
-  $page['infos'][] = l10n('Metadata synchronized from file');
+  $query = '
+SELECT path
+  FROM '.IMAGES_TABLE.'
+  WHERE id = '.$_GET['image_id'].'
+;';
+  list($path) = pwg_db_fetch_row(pwg_query($query));
+  update_metadata(array($_GET['image_id'] => $path));
+
+  array_push($page['infos'], l10n('Metadata synchronized from file'));
 }
 
 //--------------------------------------------------------- update informations
-if (isset($_POST['submit']))
+
+// first, we verify whether there is a mistake on the given creation date
+if (isset($_POST['date_creation_action'])
+    and 'set' == $_POST['date_creation_action'])
+{
+  if (!is_numeric($_POST['date_creation_year'])
+    or !checkdate(
+          $_POST['date_creation_month'],
+          $_POST['date_creation_day'],
+          $_POST['date_creation_year'])
+    )
+  {
+    array_push($page['errors'], l10n('wrong date'));
+  }
+}
+
+if (isset($_POST['submit']) and count($page['errors']) == 0 and !is_adviser())
 {
   $data = array();
-  $data['id'] = $_GET['image_id'];
-  $data['name'] = $_POST['name'];
-  $data['author'] = $_POST['author'];
+  $data{'id'} = $_GET['image_id'];
+  $data{'name'} = $_POST['name'];
+  $data{'author'} = $_POST['author'];
   $data['level'] = $_POST['level'];
 
   if ($conf['allow_html_descriptions'])
   {
-    $data['comment'] = @$_POST['description'];
+    $data{'comment'} = @$_POST['description'];
   }
   else
   {
-    $data['comment'] = strip_tags(@$_POST['description']);
+    $data{'comment'} = strip_tags(@$_POST['description']);
   }
 
-  if (!empty($_POST['date_creation']))
+  if (isset($_POST['date_creation_action']))
   {
-    $data['date_creation'] = $_POST['date_creation'];
-  }
-  else
-  {
-    $data['date_creation'] = null;
+    if ('set' == $_POST['date_creation_action'])
+    {
+      $data{'date_creation'} = $_POST['date_creation_year']
+                                 .'-'.$_POST['date_creation_month']
+                                 .'-'.$_POST['date_creation_day'];
+    }
+    else if ('unset' == $_POST['date_creation_action'])
+    {
+      $data{'date_creation'} = '';
+    }
   }
 
-  $data = trigger_change('picture_modify_before_update', $data);
-  
-  single_update(
+  mass_updates(
     IMAGES_TABLE,
-    $data,
-    array('id' => $data['id'])
+    array(
+      'primary' => array('id'),
+      'update' => array_diff(array_keys($data), array('id'))
+      ),
+    array($data)
     );
 
   // time to deal with tags
   $tag_ids = array();
-  if (!empty($_POST['tags']))
+  if (isset($_POST['tags']))
   {
-    $tag_ids = get_tag_ids($_POST['tags']);
+    $tag_ids = get_fckb_tag_ids($_POST['tags']);
   }
   set_tags($tag_ids, $_GET['image_id']);
 
-  // association to albums
-  if (!isset($_POST['associate']))
+  array_push($page['infos'], l10n('Picture informations updated'));
+}
+// associate the element to other categories than its storage category
+if (isset($_POST['associate'])
+    and isset($_POST['cat_dissociated'])
+    and count($_POST['cat_dissociated']) > 0
+    and !is_adviser()
+  )
+{
+  associate_images_to_categories(
+    array($_GET['image_id']),
+    $_POST['cat_dissociated']
+    );
+}
+// dissociate the element from categories (but not from its storage category)
+if (isset($_POST['dissociate'])
+    and isset($_POST['cat_associated'])
+    and count($_POST['cat_associated']) > 0
+    and !is_adviser()
+  )
+{
+  $query = '
+DELETE FROM '.IMAGE_CATEGORY_TABLE.'
+  WHERE image_id = '.$_GET['image_id'].'
+    AND category_id IN ('.implode(',', $_POST['cat_associated']).')
+';
+  pwg_query($query);
+
+  update_category($_POST['cat_associated']);
+}
+// elect the element to represent the given categories
+if (isset($_POST['elect'])
+    and isset($_POST['cat_dismissed'])
+    and count($_POST['cat_dismissed']) > 0
+    and !is_adviser()
+  )
+{
+  $datas = array();
+  foreach ($_POST['cat_dismissed'] as $category_id)
   {
-    $_POST['associate'] = array();
+    array_push($datas,
+               array('id' => $category_id,
+                     'representative_picture_id' => $_GET['image_id']));
   }
-  check_input_parameter('associate', $_POST, true, PATTERN_ID);
-  move_images_to_categories(array($_GET['image_id']), $_POST['associate']);
-
-  invalidate_user_cache();
-
-  // thumbnail for albums
-  if (!isset($_POST['represent']))
-  {
-    $_POST['represent'] = array();
-  }
-  check_input_parameter('represent', $_POST, true, PATTERN_ID);
-
-  $no_longer_thumbnail_for = array_diff($represented_albums, $_POST['represent']);
-  if (count($no_longer_thumbnail_for) > 0)
-  {
-    set_random_representant($no_longer_thumbnail_for);
-  }
-
-  $new_thumbnail_for = array_diff($_POST['represent'], $represented_albums);
-  if (count($new_thumbnail_for) > 0)
-  {
-    $query = '
-UPDATE '.CATEGORIES_TABLE.'
-  SET representative_picture_id = '.$_GET['image_id'].'
-  WHERE id IN ('.implode(',', $new_thumbnail_for).')
-;';
-    pwg_query($query);
-  }
-
-  $represented_albums = $_POST['represent'];
-
-  $page['infos'][] = l10n('Photo informations updated');
+  $fields = array('primary' => array('id'),
+                  'update' => array('representative_picture_id'));
+  mass_updates(CATEGORIES_TABLE, $fields, $datas);
+}
+// dismiss the element as representant of the given categories
+if (isset($_POST['dismiss'])
+    and isset($_POST['cat_elected'])
+    and count($_POST['cat_elected']) > 0
+    and !is_adviser()
+  )
+{
+  set_random_representant($_POST['cat_elected']);
 }
 
 // tags
 $query = '
 SELECT
-    id,
-    name
+    tag_id,
+    name AS tag_name
   FROM '.IMAGE_TAG_TABLE.' AS it
     JOIN '.TAGS_TABLE.' AS t ON t.id = it.tag_id
   WHERE image_id = '.$_GET['image_id'].'
 ;';
-$tag_selection = get_taglist($query);
+$tags = get_fckb_taglist($query);
 
 // retrieving direct information about picture
 $query = '
@@ -226,29 +213,23 @@ $template->set_filenames(
     )
   );
 
-$admin_url_start = $admin_photo_base_url.'-properties';
-$admin_url_start.= isset($_GET['cat_id']) ? '&amp;cat_id='.$_GET['cat_id'] : '';
-
-$src_image = new SrcImage($row);
-
 $template->assign(
   array(
-    'tag_selection' => $tag_selection,
-    'U_DOWNLOAD' => 'action.php?id='.$_GET['image_id'].'&amp;part=e&amp;pwg_token='.get_pwg_token().'&amp;download',
-    'U_SYNC' => $admin_url_start.'&amp;sync_metadata=1',
-    'U_DELETE' => $admin_url_start.'&amp;delete=1&amp;pwg_token='.get_pwg_token(),
+    'tags' => $tags,
+    'U_SYNC' =>
+        get_root_url().'admin.php?page=picture_modify'.
+        '&amp;image_id='.$_GET['image_id'].
+        (isset($_GET['cat_id']) ? '&amp;cat_id='.$_GET['cat_id'] : '').
+        '&amp;sync_metadata=1',
 
     'PATH'=>$row['path'],
 
-    'TN_SRC' => DerivativeImage::url(IMG_THUMB, $src_image),
-    'FILE_SRC' => DerivativeImage::url(IMG_LARGE, $src_image),
+    'TN_SRC' => get_thumbnail_url($row),
 
     'NAME' =>
       isset($_POST['name']) ?
         stripslashes($_POST['name']) : @$row['name'],
 
-    'TITLE' => render_element_name($row),
-
     'DIMENSIONS' => @$row['width'].' * '.@$row['height'],
 
     'FILESIZE' => @$row['filesize'].' KB',
@@ -261,8 +242,6 @@ $template->assign(
         : @$row['author']
       ),
 
-    'DATE_CREATION' => $row['date_creation'],
-
     'DESCRIPTION' =>
       htmlspecialchars( isset($_POST['description']) ?
         stripslashes($_POST['description']) : @$row['comment'] ),
@@ -273,65 +252,14 @@ $template->assign(
     )
   );
 
-$added_by = 'N/A';
-$query = '
-SELECT '.$conf['user_fields']['username'].' AS username
-  FROM '.USERS_TABLE.'
-  WHERE '.$conf['user_fields']['id'].' = '.$row['added_by'].'
-;';
-$result = pwg_query($query);
-while ($user_row = pwg_db_fetch_assoc($result))
+if ($row['has_high'] == 'true')
 {
-  $row['added_by'] = $user_row['username'];
-}
-
-$intro_vars = array(
-  'file' => l10n('Original file : %s', $row['file']),
-  'add_date' => l10n('Posted %s on %s', time_since($row['date_available'], 'year'), format_date($row['date_available'], array('day', 'month', 'year'))),
-  'added_by' => l10n('Added by %s', $row['added_by']),
-  'size' => $row['width'].'&times;'.$row['height'].' pixels, '.sprintf('%.2f', $row['filesize']/1024).'MB',
-  'stats' => l10n('Visited %d times', $row['hit']),
-  'id' => l10n('Numeric identifier : %d', $row['id']),
-  );
-
-if ($conf['rate'] and !empty($row['rating_score']))
-{
-  $query = '
-SELECT
-    COUNT(*)
-  FROM '.RATE_TABLE.'
-  WHERE element_id = '.$_GET['image_id'].'
-;';
-  list($row['nb_rates']) = pwg_db_fetch_row(pwg_query($query));
-
-  $intro_vars['stats'].= ', '.sprintf(l10n('Rated %d times, score : %.2f'), $row['nb_rates'], $row['rating_score']);
-}
-
-$query = '
-SELECT *
-  FROM '.IMAGE_FORMAT_TABLE.'
-  WHERE image_id = '.$row['id'].'
-;';
-$formats = query2array($query);
-
-if (!empty($formats))
-{
-  $format_strings = array();
-  
-  foreach ($formats as $format)
-  {
-    $format_strings[] = sprintf('%s (%.2fMB)', $format['ext'], $format['filesize']/1024);
-  }
-
-  $intro_vars['formats'] = l10n('Formats: %s', implode(', ', $format_strings));
-}
-
-$template->assign('INTRO', $intro_vars);
-
-
-if (in_array(get_extension($row['path']),$conf['picture_ext']))
-{
-  $template->assign('U_COI', get_root_url().'admin.php?page=picture_coi&amp;image_id='.$_GET['image_id']);
+  $template->assign(
+    'HIGH_FILESIZE',
+    isset($row['high_filesize'])
+        ? $row['high_filesize'].' KB'
+        : l10n('unknown')
+    );
 }
 
 // image level options
@@ -343,7 +271,40 @@ $template->assign(
     )
   );
 
-// categories
+// creation date
+unset($day, $month, $year);
+
+if (isset($_POST['date_creation_action'])
+    and 'set' == $_POST['date_creation_action'])
+{
+  foreach (array('day', 'month', 'year') as $varname)
+  {
+    $$varname = $_POST['date_creation_'.$varname];
+  }
+}
+else if (isset($row['date_creation']) and !empty($row['date_creation']))
+{
+  list($year, $month, $day) = explode('-', $row['date_creation']);
+}
+else
+{
+  list($year, $month, $day) = array('', 0, 0);
+}
+
+
+$month_list = $lang['month'];
+$month_list[0]='------------';
+ksort($month_list);
+
+$template->assign(
+    array(
+      'DATE_CREATION_DAY_VALUE' => $day,
+      'DATE_CREATION_MONTH_VALUE' => $month,
+      'DATE_CREATION_YEAR_VALUE' => $year,
+      'month_list' => $month_list,
+      )
+    );
+
 $query = '
 SELECT category_id, uppercats
   FROM '.IMAGE_CATEGORY_TABLE.' AS ic
@@ -358,7 +319,8 @@ while ($row = pwg_db_fetch_assoc($result))
   $name =
     get_cat_display_name_cache(
       $row['uppercats'],
-      get_root_url().'admin.php?page=album-'
+      get_root_url().'admin.php?page=cat_modify&amp;cat_id=',
+      false
       );
 
   if ($row['category_id'] == $storage_category_id)
@@ -424,23 +386,53 @@ if (isset($url_img))
   $template->assign( 'U_JUMPTO', $url_img );
 }
 
-// associate to albums
+// associate to another category ?
 $query = '
-SELECT id
+SELECT id,name,uppercats,global_rank
   FROM '.CATEGORIES_TABLE.'
     INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id = category_id
-  WHERE image_id = '.$_GET['image_id'].'
+  WHERE image_id = '.$_GET['image_id'];
+if (isset($storage_category_id))
+{
+  $query.= '
+    AND id != '.$storage_category_id;
+}
+$query.= '
 ;';
-$associated_albums = query2array($query, null, 'id');
+display_select_cat_wrapper($query, array(), 'associated_options');
 
-$template->assign(array(
-  'associated_albums' => $associated_albums,
-  'represented_albums' => $represented_albums,
-  'STORAGE_ALBUM' => $storage_category_id,
-  'CACHE_KEYS' => get_admin_client_cache_keys(array('tags', 'categories')),
-  ));
+$result = pwg_query($query);
+$associateds = array(-1);
+if (isset($storage_category_id))
+{
+  array_push($associateds, $storage_category_id);
+}
+while ($row = pwg_db_fetch_assoc($result))
+{
+  array_push($associateds, $row['id']);
+}
+$query = '
+SELECT id,name,uppercats,global_rank
+  FROM '.CATEGORIES_TABLE.'
+  WHERE id NOT IN ('.implode(',', $associateds).')
+;';
+display_select_cat_wrapper($query, array(), 'dissociated_options');
 
-trigger_notify('loc_end_picture_modify');
+// representing
+$query = '
+SELECT id,name,uppercats,global_rank
+  FROM '.CATEGORIES_TABLE.'
+  WHERE representative_picture_id = '.$_GET['image_id'].'
+;';
+display_select_cat_wrapper($query, array(), 'elected_options');
+
+$query = '
+SELECT id,name,uppercats,global_rank
+  FROM '.CATEGORIES_TABLE.'
+  WHERE representative_picture_id != '.$_GET['image_id'].'
+    OR representative_picture_id IS NULL
+;';
+display_select_cat_wrapper($query, array(), 'dismissed_options');
 
 //----------------------------------------------------------- sending html code
 

admin/plugin.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -45,12 +45,6 @@ if (count($sections)<2)
 }
 
 $plugin_id = $sections[0];
-
-if (!preg_match('/^[\w-]+$/', $plugin_id))
-{
-  die('Invalid plugin identifier');
-}
-
 if ( !isset($pwg_loaded_plugins[$plugin_id]) )
 {
   die('Invalid URL - plugin '.$plugin_id.' not active');

admin/plugins.php

@@ -1,48 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if( !defined("PHPWG_ROOT_PATH") )
-{
-  die ("Hacking attempt!");
-}
-
-include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
-
-$my_base_url = get_root_url().'admin.php?page=plugins';
-
-if (isset($_GET['tab']))
-  $page['tab'] = $_GET['tab'];
-else
-  $page['tab'] = 'installed';
-
-$tabsheet = new tabsheet();
-$tabsheet->set_id('plugins');
-$tabsheet->select($page['tab']);
-$tabsheet->assign();
-
-if ($page['tab'] == 'update')
-  include(PHPWG_ROOT_PATH.'admin/updates_ext.php');
-else
-  include(PHPWG_ROOT_PATH.'admin/plugins_'.$page['tab'].'.php');
-
-?>

admin/plugins_installed.php

@@ -1,210 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if( !defined("PHPWG_ROOT_PATH") )
-{
-  die ("Hacking attempt!");
-}
-
-include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
-
-$template->set_filenames(array('plugins' => 'plugins_installed.tpl'));
-
-// should we display details on plugins?
-if (isset($_GET['show_details']))
-{
-  if (1 == $_GET['show_details'])
-  {
-    $show_details = true;
-  }
-  else
-  {
-    $show_details = false;
-  }
-
-  pwg_set_session_var('plugins_show_details', $show_details);
-}
-elseif (null != pwg_get_session_var('plugins_show_details'))
-{
-  $show_details = pwg_get_session_var('plugins_show_details');
-}
-else
-{
-  $show_details = false;
-}
-
-$base_url = get_root_url().'admin.php?page='.$page['page'];
-$pwg_token = get_pwg_token();
-$action_url = $base_url.'&amp;plugin='.'%s'.'&amp;pwg_token='.$pwg_token;
-
-$plugins = new plugins();
-
-//--------------------------------------------------perform requested actions
-if (isset($_GET['action']) and isset($_GET['plugin']))
-{
-  if (!is_webmaster())
-  {
-    $page['errors'][] = l10n('Webmaster status is required.');
-  }
-  else
-  {
-    check_pwg_token();
-
-    $page['errors'] = $plugins->perform_action($_GET['action'], $_GET['plugin']);
-
-    if (empty($page['errors']))
-    {
-      if ($_GET['action'] == 'activate' or $_GET['action'] == 'deactivate')
-      {
-        $template->delete_compiled_templates();
-        $persistent_cache->purge(true);
-      }
-      redirect($base_url);
-    }
-  }
-}
-
-//--------------------------------------------------------Incompatible Plugins
-if (isset($_GET['incompatible_plugins']))
-{
-  $incompatible_plugins = array();
-  foreach ($plugins->get_incompatible_plugins() as $plugin => $version)
-  {
-    if ($plugin == '~~expire~~') continue;
-    $incompatible_plugins[] = $plugin;
-    
-  }
-  echo json_encode($incompatible_plugins);
-  exit;
-}
-
-// +-----------------------------------------------------------------------+
-// |                     start template output                             |
-// +-----------------------------------------------------------------------+
-
-$plugins->sort_fs_plugins('name');
-$merged_extensions = $plugins->get_merged_extensions();
-$merged_plugins = false;
-$tpl_plugins = array();
-$active_plugins = 0;
-
-foreach($plugins->fs_plugins as $plugin_id => $fs_plugin)
-{
-  if (isset($_SESSION['incompatible_plugins'][$plugin_id])
-    and $fs_plugin['version'] != $_SESSION['incompatible_plugins'][$plugin_id])
-  {
-    // Incompatible plugins must be reinitilized
-    unset($_SESSION['incompatible_plugins']);
-  }
-
-  $tpl_plugin = array(
-    'ID' => $plugin_id,
-    'NAME' => $fs_plugin['name'],
-    'VISIT_URL' => $fs_plugin['uri'],
-    'VERSION' => $fs_plugin['version'],
-    'DESC' => $fs_plugin['description'],
-    'AUTHOR' => $fs_plugin['author'],
-    'AUTHOR_URL' => @$fs_plugin['author uri'],
-    'U_ACTION' => sprintf($action_url, $plugin_id),
-    );
-
-  if (isset($plugins->db_plugins_by_id[$plugin_id]))
-  {
-    $tpl_plugin['STATE'] = $plugins->db_plugins_by_id[$plugin_id]['state'];
-  }
-  else
-  {
-    $tpl_plugin['STATE'] = 'inactive';
-  }
-
-  if (isset($fs_plugin['extension']) and isset($merged_extensions[$fs_plugin['extension']]))
-  {
-    // Deactivate manually plugin from database
-    $query = 'UPDATE '.PLUGINS_TABLE.' SET state=\'inactive\' WHERE id=\''.$plugin_id.'\'';
-    pwg_query($query);
-
-    $tpl_plugin['STATE'] = 'merged';
-    $tpl_plugin['DESC'] = l10n('THIS PLUGIN IS NOW PART OF PIWIGO CORE! DELETE IT NOW.');
-    $merged_plugins = true;
-  }
-  
-  if ($tpl_plugin['STATE'] == 'active')
-  {
-    $active_plugins++;
-  }
-
-  $tpl_plugins[] = $tpl_plugin;
-}
-
-$template->append('plugin_states', 'active');
-$template->append('plugin_states', 'inactive');
-
-if ($merged_plugins)
-{
-  $template->append('plugin_states', 'merged');
-}
-
-$missing_plugin_ids = array_diff(
-  array_keys($plugins->db_plugins_by_id),
-  array_keys($plugins->fs_plugins)
-  );
-
-if (count($missing_plugin_ids) > 0)
-{
-  foreach ($missing_plugin_ids as $plugin_id)
-  {
-    $tpl_plugins[] = array(
-      'NAME' => $plugin_id,
-      'VERSION' => $plugins->db_plugins_by_id[$plugin_id]['version'],
-      'DESC' => l10n('ERROR: THIS PLUGIN IS MISSING BUT IT IS INSTALLED! UNINSTALL IT NOW.'),
-      'U_ACTION' => sprintf($action_url, $plugin_id),
-      'STATE' => 'missing',
-      );
-  }
-  $template->append('plugin_states', 'missing');
-}
-
-// sort plugins by state then by name
-function cmp($a, $b)
-{ 
-  $s = array('merged' => 0, 'missing' => 1, 'active' => 2, 'inactive' => 3);
-  
-  if($a['STATE'] == $b['STATE'])
-    return strcasecmp($a['NAME'], $b['NAME']); 
-  else
-    return $s[$a['STATE']] >= $s[$b['STATE']]; 
-}
-usort($tpl_plugins, 'cmp');
-
-$template->assign(
-  array(
-    'plugins' => $tpl_plugins,
-    'active_plugins' => $active_plugins,
-    'PWG_TOKEN' => $pwg_token,
-    'base_url' => $base_url,
-    'show_details' => $show_details,
-    )
-  );
-
-$template->assign_var_from_handle('ADMIN_CONTENT', 'plugins');
-?>

admin/plugins_list.php

@@ -0,0 +1,117 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | Piwigo - a PHP based picture gallery                                  |
+// +-----------------------------------------------------------------------+
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
+// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+if( !defined("PHPWG_ROOT_PATH") )
+{
+  die ("Hacking attempt!");
+}
+
+include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
+
+$template->set_filenames(array('plugins' => 'plugins_list.tpl'));
+
+$base_url = get_root_url().'admin.php?page='.$page['page'];
+$action_url = $base_url.'&amp;plugin='.'%s'.'&amp;pwg_token='.get_pwg_token();
+
+$plugins = new plugins();
+
+//--------------------------------------------------perform requested actions
+if (isset($_GET['action']) and isset($_GET['plugin']) and !is_adviser())
+{
+  check_pwg_token();
+
+  $page['errors'] = $plugins->perform_action($_GET['action'], $_GET['plugin']);
+
+  if (empty($page['errors']))
+  {
+    if ($_GET['action'] == 'activate' or $_GET['action'] == 'deactivate')
+    {
+      $template->delete_compiled_templates();
+    }
+    redirect($base_url);
+  }
+}
+
+//--------------------------------------------------------------------Tabsheet
+$plugins->set_tabsheet($page['page']);
+
+// +-----------------------------------------------------------------------+
+// |                     start template output                             |
+// +-----------------------------------------------------------------------+
+
+$plugins->sort_fs_plugins('name');
+
+foreach($plugins->fs_plugins as $plugin_id => $fs_plugin)
+{
+  $tpl_plugin = array(
+    'NAME' => $fs_plugin['name'],
+    'VISIT_URL' => $fs_plugin['uri'],
+    'VERSION' => $fs_plugin['version'],
+    'DESC' => $fs_plugin['description'],
+    'AUTHOR' => $fs_plugin['author'],
+    'AUTHOR_URL' => @$fs_plugin['author uri'],
+    'U_ACTION' => sprintf($action_url, $plugin_id)
+    );
+
+  if (isset($plugins->db_plugins_by_id[$plugin_id]))
+  {
+    $tpl_plugin['STATE'] = $plugins->db_plugins_by_id[$plugin_id]['state'];
+  }
+  else
+  {
+    $tpl_plugin['STATE'] = 'uninstalled';
+  }
+
+  $template->append('plugins', $tpl_plugin);
+}
+
+$missing_plugin_ids = array_diff(
+  array_keys($plugins->db_plugins_by_id),
+  array_keys($plugins->fs_plugins)
+  );
+
+foreach($missing_plugin_ids as $plugin_id)
+{
+  $template->append(
+    'plugins',
+    array(
+      'NAME' => $plugin_id,
+      'VERSION' => $plugins->db_plugins_by_id[$plugin_id]['version'],
+      'DESC' => "ERROR: THIS PLUGIN IS MISSING BUT IT IS INSTALLED! UNINSTALL IT NOW !",
+      'U_ACTION' => sprintf($action_url, $plugin_id),
+      'STATE' => 'missing',
+      )
+    );
+}
+
+$template->append('plugin_states', 'active');
+$template->append('plugin_states', 'inactive');
+$template->append('plugin_states', 'uninstalled');
+
+if (count($missing_plugin_ids) > 0)
+{
+  $template->append('plugin_states', 'missing');
+}
+
+$template->assign_var_from_handle('ADMIN_CONTENT', 'plugins');
+?>

admin/plugins_new.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -30,7 +30,8 @@ include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
 
 $template->set_filenames(array('plugins' => 'plugins_new.tpl'));
 
-$base_url = get_root_url().'admin.php?page='.$page['page'].'&tab='.$page['tab'];
+$order = isset($_GET['order']) ? $_GET['order'] : 'date';
+$base_url = get_root_url().'admin.php?page='.$page['page'].'&order='.$order;
 
 $plugins = new plugins();
 
@@ -39,15 +40,15 @@ if (isset($_GET['revision']) and isset($_GET['extension']))
 {
   if (!is_webmaster())
   {
-    $page['errors'][] = l10n('Webmaster status is required.');
+    array_push($page['errors'], l10n('Webmaster status is required.'));
   }
   else
   {
     check_pwg_token();
     
-    $install_status = $plugins->extract_plugin_files('install', $_GET['revision'], $_GET['extension'], $plugin_id);
+    $install_status = $plugins->extract_plugin_files('install', $_GET['revision'], $_GET['extension']);
 
-    redirect($base_url.'&installstatus='.$install_status.'&plugin_id='.$plugin_id);
+    redirect($base_url.'&installstatus='.$install_status);
   }
 }
 
@@ -57,59 +58,50 @@ if (isset($_GET['installstatus']))
   switch ($_GET['installstatus'])
   {
     case 'ok':
-      $activate_url = get_root_url().'admin.php?page=plugins'
-        . '&amp;plugin=' . $_GET['plugin_id']
-        . '&amp;pwg_token=' . get_pwg_token()
-        . '&amp;action=activate';
-
-      $page['infos'][] = l10n('Plugin has been successfully copied');
-      $page['infos'][] = '<a href="'. $activate_url . '">' . l10n('Activate it now') . '</a>';
+      array_push($page['infos'],
+        l10n('Plugin has been successfully copied'),
+        l10n('You might go to plugin list to install and activate it.'));
       break;
 
     case 'temp_path_error':
-      $page['errors'][] = l10n('Can\'t create temporary file.');
+      array_push($page['errors'], l10n('Can\'t create temporary file.'));
       break;
 
     case 'dl_archive_error':
-      $page['errors'][] = l10n('Can\'t download archive.');
+      array_push($page['errors'], l10n('Can\'t download archive.'));
       break;
 
     case 'archive_error':
-      $page['errors'][] = l10n('Can\'t read or extract archive.');
+      array_push($page['errors'], l10n('Can\'t read or extract archive.'));
       break;
 
     default:
-      $page['errors'][] = l10n('An error occured during extraction (%s).', htmlspecialchars($_GET['installstatus']));
-      $page['errors'][] = l10n('Please check "plugins" folder and sub-folders permissions (CHMOD).');
+      array_push($page['errors'],
+        sprintf(l10n('An error occured during extraction (%s).'), $_GET['installstatus']),
+        l10n('Please check "plugins" folder and sub-folders permissions (CHMOD).'));
   }  
 }
 
+//--------------------------------------------------------------------Tabsheet
+$plugins->set_tabsheet($page['page']);
+
 //---------------------------------------------------------------Order options
+$link = get_root_url().'admin.php?page='.$page['page'].'&amp;order=';
 $template->assign('order_options',
   array(
-    'date' => l10n('Post date'),
-    'revision' => l10n('Last revisions'),
-    'name' => l10n('Name'),
-    'author' => l10n('Author'),
-    'downloads' => l10n('Number of downloads')));
+    $link.'date' => l10n('Post date'),
+    $link.'revision' => l10n('Last revisions'),
+    $link.'name' => l10n('Name'),
+    $link.'author' => l10n('Author'),
+    $link.'downloads' => l10n('Number of downloads')));
+$template->assign('order_selected', $link.$order);
 
 // +-----------------------------------------------------------------------+
 // |                     start template output                             |
 // +-----------------------------------------------------------------------+
 if ($plugins->get_server_plugins(true))
 {
-  /* order plugins */
-  if (pwg_get_session_var('plugins_new_order') != null)
-  {
-    $order_selected = pwg_get_session_var('plugins_new_order');
-    $plugins->sort_server_plugins($order_selected);
-    $template->assign('order_selected', $order_selected);
-  }
-  else
-  {
-    $plugins->sort_server_plugins('date');
-    $template->assign('order_selected', 'date');
-  }
+  $plugins->sort_server_plugins($order);
 
   foreach($plugins->server_plugins as $plugin)
   {
@@ -129,7 +121,6 @@ if ($plugins->get_server_plugins(true))
       'SMALL_DESC' => trim($small_desc, " \r\n"),
       'BIG_DESC' => $ext_desc,
       'VERSION' => $plugin['revision_name'],
-      'REVISION_DATE' => preg_replace('/[^0-9]/', '', $plugin['revision_date']),
       'AUTHOR' => $plugin['author_name'],
       'DOWNLOADS' => $plugin['extension_nb_downloads'],
       'URL_INSTALL' => $url_auto_install,
@@ -138,7 +129,7 @@ if ($plugins->get_server_plugins(true))
 }
 else
 {
-  $page['errors'][] = l10n('Can\'t connect to server.');
+  array_push($page['errors'], l10n('Can\'t connect to server.'));
 }
 
 $template->assign_var_from_handle('ADMIN_CONTENT', 'plugins');

admin/plugins_update.php

@@ -0,0 +1,179 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | Piwigo - a PHP based picture gallery                                  |
+// +-----------------------------------------------------------------------+
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
+// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+if( !defined("PHPWG_ROOT_PATH") )
+{
+  die ("Hacking attempt!");
+}
+
+include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
+
+$template->set_filenames(array('plugins' => 'plugins_update.tpl'));
+
+$base_url = get_root_url().'admin.php?page='.$page['page'];
+
+$plugins = new plugins();
+
+//-----------------------------------------------------------automatic upgrade
+if (isset($_GET['plugin']) and isset($_GET['revision']) and !is_adviser())
+{
+  if (!is_webmaster())
+  {
+    array_push($page['errors'], l10n('Webmaster status is required.'));
+  }
+  else
+  {
+    check_pwg_token();
+    
+    $plugin_id = $_GET['plugin'];
+    $revision = $_GET['revision'];
+
+    if (isset($plugins->db_plugins_by_id[$plugin_id])
+      and $plugins->db_plugins_by_id[$plugin_id]['state'] == 'active')
+    {
+      $plugins->perform_action('deactivate', $plugin_id);
+
+      redirect($base_url
+        . '&revision=' . $revision
+        . '&plugin=' . $plugin_id
+        . '&pwg_token='.get_pwg_token()
+        . '&reactivate=true');
+    }
+
+    $upgrade_status = $plugins->extract_plugin_files('upgrade', $revision, $plugin_id);
+
+    if (isset($_GET['reactivate']))
+    {
+      $plugins->perform_action('activate', $plugin_id);
+    }
+
+    $template->delete_compiled_templates();
+
+    redirect($base_url.'&plugin='.$plugin_id.'&upgradestatus='.$upgrade_status);
+  }
+}
+
+//--------------------------------------------------------------upgrade result
+if (isset($_GET['upgradestatus']) and isset($_GET['plugin']))
+{
+  switch ($_GET['upgradestatus'])
+  {
+    case 'ok':
+      array_push($page['infos'],
+         sprintf(
+            l10n('%s has been successfully upgraded.'),
+            $plugins->fs_plugins[$_GET['plugin']]['name']));
+      break;
+
+    case 'temp_path_error':
+      array_push($page['errors'], l10n('Can\'t create temporary file.'));
+      break;
+
+    case 'dl_archive_error':
+      array_push($page['errors'], l10n('Can\'t download archive.'));
+      break;
+
+    case 'archive_error':
+      array_push($page['errors'], l10n('Can\'t read or extract archive.'));
+      break;
+
+    default:
+      array_push($page['errors'],
+        sprintf(l10n('An error occured during extraction (%s).'), $_GET['upgradestatus']),
+        l10n('Please check "plugins" folder and sub-folders permissions (CHMOD).'));
+  }  
+}
+
+//--------------------------------------------------------------------Tabsheet
+$plugins->set_tabsheet($page['page']);
+
+// +-----------------------------------------------------------------------+
+// |                     start template output                             |
+// +-----------------------------------------------------------------------+
+if ($plugins->get_server_plugins())
+{
+  foreach($plugins->fs_plugins as $plugin_id => $fs_plugin)
+  {
+    if (isset($fs_plugin['extension'])
+      and isset($plugins->server_plugins[$fs_plugin['extension']]))
+    {
+      $plugin_info = $plugins->server_plugins[$fs_plugin['extension']];
+
+      list($date, ) = explode(' ', $plugin_info['revision_date']);
+
+      $ext_desc = '<i>'.l10n('Downloads').':</i> '.$plugin_info['extension_nb_downloads']."\r\n"
+        ."\r\n"
+        .$plugin_info['extension_description'];
+
+      $rev_desc = '<i>'.l10n('Version').':</i> '.$plugin_info['revision_name']."\r\n"
+        .'<i>'.l10n('Released on').':</i> '.$date."\r\n"
+        .'<i>'.l10n('Downloads').':</i> '.$plugin_info['revision_nb_downloads']."\r\n"
+        ."\r\n"
+        .$plugin_info['revision_description'];
+
+      if ($plugins->plugin_version_compare($fs_plugin['version'], $plugin_info['revision_name']))
+      {
+        // Plugin is up to date
+        $template->append('plugins_uptodate', array(
+          'URL' => PEM_URL.'/extension_view.php?eid='.$plugin_info['extension_id'],
+          'NAME' => $fs_plugin['name'],
+          'EXT_DESC' => $ext_desc,
+          'VERSION' => $fs_plugin['version'],
+          'VER_DESC' => $rev_desc));
+      }
+      else
+      {
+        // Plugin need upgrade
+        $url_auto_update = $base_url
+          . '&amp;revision=' . $plugin_info['revision_id']
+          . '&amp;plugin=' . $plugin_id
+          . '&amp;pwg_token='.get_pwg_token()
+          ;
+
+        $template->append('plugins_not_uptodate', array(
+          'EXT_NAME' => $fs_plugin['name'],
+          'EXT_URL' => PEM_URL.'/extension_view.php?eid='.$plugin_info['extension_id'],
+          'EXT_DESC' => $ext_desc,
+          'VERSION' => $fs_plugin['version'],
+          'NEW_VERSION' => $plugin_info['revision_name'],
+          'NEW_VER_DESC' => $rev_desc,
+          'URL_UPDATE' => $url_auto_update,
+          'URL_DOWNLOAD' => $plugin_info['download_url'] . '&amp;origin=piwigo_download'));
+      }
+    }
+    else
+    {
+      // Can't check plugin
+      $template->append('plugins_cant_check', array(
+        'NAME' => $fs_plugin['name'],
+        'VERSION' => $fs_plugin['version']));
+    }
+  }
+}
+else
+{
+  array_push($page['errors'], l10n('Can\'t connect to server.'));
+}
+
+$template->assign_var_from_handle('ADMIN_CONTENT', 'plugins');
+?>

admin/popuphelp.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -47,21 +47,16 @@ if
     and preg_match('/^[a-z_]*$/', $_GET['page'])
   )
 {
-  $help_content = load_language(
-    'help/'.$_GET['page'].'.html',
-    '',
-    array(
-      'force_fallback' => 'en_UK',
-      'return' => true,
-      )
-    );
+  $help_content =
+    load_language('help/'.$_GET['page'].'.html', '', array('return'=>true) );
 
   if ($help_content == false)
   {
     $help_content = '';
   }
 
-  $help_content = trigger_change('get_popup_help_content', $help_content, $_GET['page']);
+  $help_content = trigger_event(
+    'get_popup_help_content', $help_content, $_GET['page']);
 }
 else
 {

admin/profile.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -33,7 +33,10 @@ if (!empty($_POST))
 include_once(PHPWG_ROOT_PATH.'profile.php');
 
 $errors = array();
-save_profile_from_post($edit_user, $errors);
+if ( !is_adviser() )
+{
+  save_profile_from_post($edit_user, $errors);
+}
 
 load_profile_in_template(
   get_root_url().'admin.php?page=profile&amp;user_id='.$edit_user['id'],

admin/rating.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -33,13 +33,6 @@ include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
 // +-----------------------------------------------------------------------+
 check_status(ACCESS_ADMINISTRATOR);
 
-
-include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
-$tabsheet = new tabsheet();
-$tabsheet->set_id('rating');
-$tabsheet->select('rating');
-$tabsheet->assign();
-
 // +-----------------------------------------------------------------------+
 // |                            initialization                             |
 // +-----------------------------------------------------------------------+
@@ -77,6 +70,24 @@ if (isset($_GET['users']))
   }
 }
 
+if (isset($_GET['del']) and !is_adviser())
+{
+  $del_params = urldecode( $_GET['del'] );
+  parse_str($del_params, $vars);
+  if ( !is_numeric($vars['e']) or !is_numeric($vars['u']) )
+  {
+    die('Hacking attempt');
+  }
+  $query = '
+DELETE FROM '. RATE_TABLE .'
+WHERE element_id=' . $vars['e'] . '
+AND user_id=' . $vars['u'] . '
+AND anonymous_id=\'' . $vars['a'] . '\'
+;';
+  pwg_query($query);
+  update_average_rate( $vars['e'] );
+}
+
 $users = array();
 $query = '
 SELECT '.$conf['user_fields']['username'].' as username, '.$conf['user_fields']['id'].' as id
@@ -89,9 +100,10 @@ while ($row = pwg_db_fetch_assoc($result))
 }
 
 
-$query = 'SELECT COUNT(DISTINCT(r.element_id))
-FROM '.RATE_TABLE.' AS r
-WHERE 1=1'. $page['user_filter'];
+$query = 'SELECT COUNT(DISTINCT(i.id))
+FROM '.RATE_TABLE.' AS r, '.IMAGES_TABLE.' AS i
+WHERE r.element_id=i.id'. $page['user_filter'] .
+';';
 list($nb_images) = pwg_db_fetch_row(pwg_query($query));
 
 
@@ -119,8 +131,7 @@ $template->assign(
 
 $available_order_by= array(
     array(l10n('Rate date'), 'recently_rated DESC'),
-    array(l10n('Rating score'), 'score DESC'),
-    array(l10n('Average rate'), 'avg_rates DESC'),
+    array(l10n('Average rate'), 'average_rate DESC'),
     array(l10n('Number of rates'), 'nb_rates DESC'),
     array(l10n('Sum of rates'), 'sum_rates DESC'),
     array(l10n('File name'), 'file DESC'),
@@ -150,22 +161,21 @@ $template->assign('user_options_selected', array(@$_GET['users']) );
 
 $query = '
 SELECT i.id,
-    i.path,
-    i.file,
-    i.representative_ext,
-    i.rating_score       AS score,
-    MAX(r.date)          AS recently_rated,
-    ROUND(AVG(r.rate),2) AS avg_rates,
-    COUNT(r.rate)        AS nb_rates,
-    SUM(r.rate)          AS sum_rates
+       i.path,
+       i.file,
+       i.tn_ext,
+       i.average_rate,
+       MAX(r.date)          AS recently_rated,
+       COUNT(r.rate)        AS nb_rates,
+       SUM(r.rate)          AS sum_rates
   FROM '.RATE_TABLE.' AS r
     LEFT JOIN '.IMAGES_TABLE.' AS i ON r.element_id = i.id
   WHERE 1 = 1 ' . $page['user_filter'] . '
   GROUP BY i.id,
         i.path,
         i.file,
-        i.representative_ext,
-        i.rating_score,
+        i.tn_ext,
+        i.average_rate,
         r.element_id
   ORDER BY ' . $available_order_by[$order_by_index][1] .'
   LIMIT '.$elements_per_page.' OFFSET '.$start.'
@@ -175,15 +185,16 @@ $images = array();
 $result = pwg_query($query);
 while ($row = pwg_db_fetch_assoc($result))
 {
-  $images[] = $row;
+  array_push($images, $row);
 }
 
 $template->assign( 'images', array() );
 foreach ($images as $image)
 {
-  $thumbnail_src = DerivativeImage::thumb_url($image);
+  $thumbnail_src = get_thumbnail_url($image);
 
-  $image_url = get_root_url().'admin.php?page=photo-'.$image['id'];
+  $image_url = PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
+            '&amp;image_id='.$image['id'];
 
   $query = 'SELECT *
 FROM '.RATE_TABLE.' AS r
@@ -193,12 +204,10 @@ ORDER BY date DESC;';
   $nb_rates = pwg_db_num_rows($result);
 
   $tpl_image = 
-    array(
-      'id' => $image['id'],
-      'U_THUMB' => $thumbnail_src,
-      'U_URL' => $image_url,
-      'SCORE_RATE' => $image['score'],
-       'AVG_RATE' => $image['avg_rates'],
+     array(
+       'U_THUMB' => $thumbnail_src,
+       'U_URL' => $image_url,
+       'AVG_RATE' => $image['average_rate'],
        'SUM_RATE' => $image['sum_rates'],
        'NB_RATES' => (int)$image['nb_rates'],
        'NB_RATES_TOTAL' => (int)$nb_rates,
@@ -208,6 +217,16 @@ ORDER BY date DESC;';
 
   while ($row = pwg_db_fetch_assoc($result))
   {
+
+    $url_del = PHPWG_ROOT_PATH.'admin.php'.
+                get_query_string_diff(array('del'));
+
+    $del_param = 'e='.$image['id'].
+                 '&u='.$row['user_id'].
+                 '&a='.$row['anonymous_id'];
+
+    $url_del .= '&amp;del='.urlencode(urlencode($del_param));
+
     if ( isset($users[$row['user_id']]) )
     {
       $user_rate = $users[$row['user_id']];
@@ -221,8 +240,13 @@ ORDER BY date DESC;';
       $user_rate .= '('.$row['anonymous_id'].')';
     }
 
-    $row['USER'] = $user_rate;
-    $tpl_image['rates'][] = $row;
+    $tpl_image['rates'][] =
+       array(
+         'DATE' => format_date($row['date']),
+         'RATE' => $row['rate'],
+         'USER' => $user_rate,
+         'U_DELETE' => $url_del
+     );
   }
   $template->append( 'images', $tpl_image );
 }

admin/rating_user.php

@@ -1,259 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-defined('PHPWG_ROOT_PATH') or die ("Hacking attempt!");
-
-include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
-$tabsheet = new tabsheet();
-$tabsheet->set_id('rating');
-$tabsheet->select('rating_user');
-$tabsheet->assign();
-
-$filter_min_rates = 2;
-if (isset($_GET['f_min_rates']))
-{
-  $filter_min_rates = (int)$_GET['f_min_rates'];
-}
-
-$consensus_top_number = $conf['top_number'];
-if (isset($_GET['consensus_top_number']))
-{
-  $consensus_top_number = (int)$_GET['consensus_top_number'];
-}
-
-// build users
-global $conf;
-$query = 'SELECT DISTINCT
-  u.'.$conf['user_fields']['id'].' AS id,
-  u.'.$conf['user_fields']['username'].' AS name,
-  ui.status
-  FROM '.USERS_TABLE.' AS u INNER JOIN '.USER_INFOS_TABLE.' AS ui
-    ON u.'.$conf['user_fields']['id'].' = ui.user_id';
-
-$users_by_id = array();
-$result = pwg_query($query);
-while ($row = pwg_db_fetch_assoc($result))
-{
-  $users_by_id[(int)$row['id']] = array(
-    'name' => $row['name'],
-    'anon' => is_autorize_status(ACCESS_CLASSIC, $row['status']) ? false : true
-  );
-}
-
-$by_user_rating_model = array( 'rates' => array() );
-foreach($conf['rate_items'] as $rate)
-{
-  $by_user_rating_model['rates'][$rate] = array();
-}
-
-// by user aggregation
-$image_ids = array();
-$by_user_ratings = array();
-$query = '
-SELECT * FROM '.RATE_TABLE.' ORDER by date DESC';
-$result = pwg_query($query);
-while ($row = pwg_db_fetch_assoc($result))
-{
-  if (!isset($users_by_id[$row['user_id']]))
-  {
-    $users_by_id[$row['user_id']] = array('name' => '???'.$row['user_id'], 'anon' => false);
-  }
-  $usr = $users_by_id[$row['user_id']];
-  if ($usr['anon'])
-  {
-    $user_key = $usr['name'].'('.$row['anonymous_id'].')';
-  }
-  else
-  {
-    $user_key = $usr['name'];
-  }
-  $rating = & $by_user_ratings[$user_key];
-  if ( is_null($rating) )
-  {
-    $rating = $by_user_rating_model;
-    $rating['uid'] = (int)$row['user_id'];
-    $rating['aid'] = $usr['anon'] ? $row['anonymous_id'] : '';
-    $rating['last_date'] = $rating['first_date'] = $row['date'];
-  }
-  else
-    $rating['first_date'] = $row['date'];
-
-  $rating['rates'][$row['rate']][] = array(
-    'id' => $row['element_id'],
-    'date' => $row['date'],
-  );
-  $image_ids[$row['element_id']] = 1;
-  unset($rating);
-}
-
-// get image tn urls
-$image_urls = array();
-if (count($image_ids) > 0 )
-{
-  $query = 'SELECT id, name, file, path, representative_ext, level
-  FROM '.IMAGES_TABLE.'
-  WHERE id IN ('.implode(',', array_keys($image_ids)).')';
-  $result = pwg_query($query);
-  $params = ImageStdParams::get_by_type(IMG_SQUARE);
-  while ($row = pwg_db_fetch_assoc($result))
-  {
-    $image_urls[ $row['id'] ] = array(
-      'tn' => DerivativeImage::url($params, $row),
-      'page' => make_picture_url( array('image_id'=>$row['id'], 'image_file'=>$row['file']) ),
-    );
-  }
-}
-
-//all image averages
-$query='SELECT element_id,
-    AVG(rate) AS avg
-  FROM '.RATE_TABLE.'
-  GROUP BY element_id';
-$all_img_sum = array();
-$result = pwg_query($query);
-while ($row = pwg_db_fetch_assoc($result))
-{
-  $all_img_sum[(int)$row['element_id']] = array( 'avg'=>(float)$row['avg'] );
-}
-
-$query='SELECT id
-  FROM '.IMAGES_TABLE.'
-  ORDER by rating_score DESC
-  LIMIT '.$consensus_top_number;
-$best_rated = array_flip( array_from_query($query, 'id'));
-
-// by user stats
-foreach($by_user_ratings as $id => &$rating)
-{
-  $c=0; $s=0; $ss=0; $consensus_dev=0; $consensus_dev_top=0; $consensus_dev_top_count=0;
-  foreach($rating['rates'] as $rate => $rates)
-  {
-    $ct = count($rates);
-    $c += $ct;
-    $s += $ct * $rate;
-    $ss += $ct * $rate * $rate;
-    foreach($rates as $id_date)
-    {
-      $dev = abs($rate - $all_img_sum[$id_date['id']]['avg']);
-      $consensus_dev += $dev;
-      if (isset($best_rated[$id_date['id']]))
-      {
-        $consensus_dev_top += $dev;
-        $consensus_dev_top_count++;
-      }
-    }
-  }
-
-  $consensus_dev /= $c;
-  if ($consensus_dev_top_count)
-    $consensus_dev_top /= $consensus_dev_top_count;
-
-  $var = ($ss - $s*$s/$c)/$c;
-  $rating += array(
-    'id' => $id,
-    'count' => $c,
-    'avg' => $s/$c,
-    'cv'  => $s==0 ? -1 : sqrt($var)/($s/$c), // http://en.wikipedia.org/wiki/Coefficient_of_variation
-    'cd'  => $consensus_dev,
-    'cdtop'  => $consensus_dev_top_count ? $consensus_dev_top : '',
-  );
-}
-unset($rating);
-
-// filter
-foreach($by_user_ratings as $id => $rating)
-{
-  if ($rating['count'] <= $filter_min_rates)
-  {
-    unset($by_user_ratings[$id]);
-  }
-}
-
-
-function avg_compare($a, $b)
-{
-  $d = $a['avg'] - $b['avg'];
-  return ($d==0) ? 0 : ($d<0 ? -1 : 1);
-}
-
-function count_compare($a, $b)
-{
-  $d = $a['count'] - $b['count'];
-  return ($d==0) ? 0 : ($d<0 ? -1 : 1);
-}
-
-function cv_compare($a, $b)
-{
-  $d = $b['cv'] - $a['cv']; //desc
-  return ($d==0) ? 0 : ($d<0 ? -1 : 1);
-}
-
-function consensus_dev_compare($a, $b)
-{
-  $d = $b['cd'] - $a['cd']; //desc
-  return ($d==0) ? 0 : ($d<0 ? -1 : 1);
-}
-
-function last_rate_compare($a, $b)
-{
-  return -strcmp( $a['last_date'], $b['last_date']);
-}
-
-$order_by_index=4;
-if (isset($_GET['order_by']) and is_numeric($_GET['order_by']))
-{
-  $order_by_index = $_GET['order_by'];
-}
-
-$available_order_by= array(
-    array(l10n('Average rate'), 'avg_compare'),
-    array(l10n('Number of rates'), 'count_compare'),
-    array(l10n('Variation'), 'cv_compare'),
-    array(l10n('Consensus deviation'), 'consensus_dev_compare'),
-    array(l10n('Last'), 'last_rate_compare'),
-  );
-
-for ($i=0; $i<count($available_order_by); $i++)
-{
-  $template->append(
-    'order_by_options',
-    $available_order_by[$i][0]
-    );
-}
-$template->assign('order_by_options_selected', array($order_by_index) );
-
-$x = uasort($by_user_ratings, $available_order_by[$order_by_index][1] );
-
-$template->assign( array(
-  'F_ACTION' => get_root_url().'admin.php',
-  'F_MIN_RATES' => $filter_min_rates,
-  'CONSENSUS_TOP_NUMBER' => $consensus_top_number,
-  'available_rates' => $conf['rate_items'],
-  'ratings' => $by_user_ratings,
-  'image_urls' => $image_urls,
-  'TN_WIDTH' => ImageStdParams::get_by_type(IMG_SQUARE)->sizing->ideal_size[0],
-  ) );
-$template->set_filename('rating', 'rating_user.tpl');
-$template->assign_var_from_handle('ADMIN_CONTENT', 'rating');
-
-?>

admin/site_manager.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -31,12 +31,6 @@ include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
 // +-----------------------------------------------------------------------+
 // | Check Access and exit when user status is not ok                      |
 // +-----------------------------------------------------------------------+
-
-if (!$conf['enable_synchronization'])
-{
-  die('synchronization is disabled');
-}
-
 check_status(ACCESS_ADMINISTRATOR);
 
 if (!empty($_POST) or isset($_GET['action']))
@@ -44,6 +38,43 @@ if (!empty($_POST) or isset($_GET['action']))
   check_pwg_token();
 }
 
+/**
+ * requests the given $url (a remote create_listing_file.php) and fills a
+ * list of lines corresponding to request output
+ *
+ * @param string $url
+ * @return void
+ */
+function remote_output($url)
+{
+  global $template, $page;
+
+  if (fetchRemote($url, $result))
+  {
+    $lines = explode("\r\n", $result);
+    // cleaning lines from HTML tags
+    foreach ($lines as $line)
+    {
+      $line = trim(strip_tags($line));
+      if (preg_match('/^PWG-([A-Z]+)-/', $line, $matches))
+      {
+        $template->append(
+          'remote_output',
+          array(
+            'CLASS' => 'remote'.ucfirst(strtolower($matches[1])),
+            'CONTENT' => $line
+           )
+         );
+      }
+    }
+  }
+  else
+  {
+    array_push($page['errors'], l10n('file create_listing_file.php on remote site was not found'));
+  }
+}
+
+
 // +-----------------------------------------------------------------------+
 // |                             template init                             |
 // +-----------------------------------------------------------------------+
@@ -52,18 +83,18 @@ $template->set_filenames(array('site_manager'=>'site_manager.tpl'));
 // +-----------------------------------------------------------------------+
 // |                        new site creation form                         |
 // +-----------------------------------------------------------------------+
-if (isset($_POST['submit']) and !empty($_POST['galleries_url']))
+if (isset($_POST['submit']) and !empty($_POST['galleries_url'])
+    and !is_adviser() )
 {
   $is_remote = url_is_remote( $_POST['galleries_url'] );
-  if ($is_remote)
-  {
-    fatal_error('remote sites not supported');
-  }
   $url = preg_replace('/[\/]*$/', '', $_POST['galleries_url']);
   $url.= '/';
-  if ( ! (strpos($url, '.') === 0 ) )
+  if (! $is_remote)
   {
-    $url = './' . $url;
+    if ( ! (strpos($url, '.') === 0 ) )
+    {
+      $url = './' . $url;
+    }
   }
 
   // site must not exists
@@ -75,13 +106,43 @@ SELECT COUNT(id) AS count
   $row = pwg_db_fetch_assoc(pwg_query($query));
   if ($row['count'] > 0)
   {
-    $page['errors'][] = l10n('This site already exists').' ['.$url.']';
+    array_push($page['errors'],
+      l10n('This site already exists').' ['.$url.']');
   }
   if (count($page['errors']) == 0)
   {
-    if ( ! file_exists($url) )
+    if ($is_remote)
     {
-      $page['errors'][] = l10n('Directory does not exist').' ['.$url.']';
+      if ( ! isset($_POST['no_check']) )
+      {
+        $clf_url = $url.'create_listing_file.php';
+        $get_data = array(
+          'action' => 'test',
+          'version' => PHPWG_VERSION,
+        );
+        if (fetchRemote($clf_url, $result, $get_data))
+        {
+          $lines = explode("\r\n", $result);
+          $first_line = strip_tags($lines[0]);
+          if (!preg_match('/^PWG-INFO-2:/', $first_line))
+          {
+            array_push($page['errors'],
+                       l10n('an error happened').' : '.$first_line);
+          }
+        }
+        else
+        {
+          array_push($page['errors'], l10n('file create_listing_file.php on remote site was not found') );
+        }
+      }
+    }
+    else
+    { // local directory
+      if ( ! file_exists($url) )
+      {
+        array_push($page['errors'],
+          l10n('Directory does not exist').' ['.$url.']');
+      }
     }
   }
 
@@ -94,7 +155,8 @@ INSERT INTO '.SITES_TABLE.'
   (\''.$url.'\')
 ;';
     pwg_query($query);
-    $page['infos'][] = $url.' '.l10n('created');
+    array_push($page['infos'],
+               $url.' '.l10n('created'));
   }
 }
 
@@ -105,7 +167,7 @@ if (isset($_GET['site']) and is_numeric($_GET['site']))
 {
   $page['site'] = $_GET['site'];
 }
-if (isset($_GET['action']) and isset($page['site']))
+if (isset($_GET['action']) and isset($page['site']) and !is_adviser())
 {
   $query = '
 SELECT galleries_url
@@ -115,10 +177,29 @@ SELECT galleries_url
   list($galleries_url) = pwg_db_fetch_row(pwg_query($query));
   switch($_GET['action'])
   {
+    case 'generate' :
+    {
+      $title = $galleries_url.' : '.l10n('generate listing');
+      remote_output($galleries_url.'create_listing_file.php?action=generate');
+      break;
+    }
+    case 'test' :
+    {
+      $title = $galleries_url.' : '.l10n('test');
+      remote_output($galleries_url.'create_listing_file.php?action=test&version='.PHPWG_VERSION);
+      break;
+    }
+    case 'clean' :
+    {
+      $title = $galleries_url.' : '.l10n('clean');
+      remote_output($galleries_url.'create_listing_file.php?action=clean');
+      break;
+    }
     case 'delete' :
     {
       delete_site($page['site']);
-      $page['infos'][] = $galleries_url.' '.l10n('deleted');
+      array_push($page['infos'],
+                 $galleries_url.' '.l10n('deleted'));
       break;
     }
   }
@@ -126,11 +207,29 @@ SELECT galleries_url
 
 $template->assign(
   array(
+    'U_HELP'    => get_root_url().'admin/popuphelp.php?page=site_manager',
     'F_ACTION'  => get_root_url().'admin.php'.get_query_string_diff(array('action','site','pwg_token')),
     'PWG_TOKEN' => get_pwg_token(),
     )
   );
 
+// +-----------------------------------------------------------------------+
+// |                           remote sites list                           |
+// +-----------------------------------------------------------------------+
+
+if ( is_file(PHPWG_ROOT_PATH.'listing.xml') )
+{
+  $xml_content = getXmlCode(PHPWG_ROOT_PATH.'listing.xml');
+  $local_listing_site_url = getAttribute(
+          getChild($xml_content, 'informations'),
+          'url'
+        );
+  if ( !url_is_remote($local_listing_site_url) )
+  {
+    $local_listing_site_url = null;
+  }
+}
+
 $query = '
 SELECT c.site_id, COUNT(DISTINCT c.id) AS nb_categories, COUNT(i.id) AS nb_images
   FROM '.CATEGORIES_TABLE.' AS c LEFT JOIN '.IMAGES_TABLE.' AS i
@@ -168,6 +267,16 @@ while ($row = pwg_db_fetch_assoc($result))
       'U_SYNCHRONIZE' => $update_url
      );
      
+   if ($is_remote)
+   {
+     $tpl_var['remote'] =
+       array(
+         'U_TEST' => $base_url.'test',
+         'U_GENERATE' => $row['galleries_url'].'create_listing_file.php?action=generate',
+         'U_CLEAN' => $base_url.'clean',
+         );
+   }
+
   if ($row['id'] != 1)
   {
     $tpl_var['U_DELETE'] = $base_url.'delete';
@@ -176,12 +285,35 @@ while ($row = pwg_db_fetch_assoc($result))
   $plugin_links = array();
   //$plugin_links is array of array composed of U_HREF, U_HINT & U_CAPTION
   $plugin_links =
-    trigger_change('get_admins_site_links',
+    trigger_event('get_admins_site_links',
       $plugin_links, $row['id'], $is_remote);
   $tpl_var['plugin_links'] = $plugin_links;
 
   $template->append('sites', $tpl_var);
+
+  if ( isset($local_listing_site_url) and
+       $row['galleries_url']==$local_listing_site_url )
+  {
+    $local_listing_site_id = $row['id'];
+    $template->assign( 'local_listing',
+        array(
+          'URL' =>  $local_listing_site_url,
+          'U_SYNCHRONIZE' => $update_url.'&amp;local_listing=1'
+        )
+      );
+  }
 }
 
+if ( isset($local_listing_site_url) and !isset($local_listing_site_id) )
+{
+  $template->assign( 'local_listing',
+      array(
+        'URL' =>  $local_listing_site_url,
+        'CREATE' => true
+      )
+    );
+}
+
+
 $template->assign_var_from_handle('ADMIN_CONTENT', 'site_manager');
 ?>

admin/site_reader_local.php

@@ -1,212 +1,276 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-// provides data for site synchronization from the local file system
-class LocalSiteReader
-{
-
-var $site_url;
-
-function __construct($url)
-{
-  $this->site_url = $url;
-  global $conf;
-  if (!isset($conf['flip_file_ext']))
-  {
-    $conf['flip_file_ext'] = array_flip($conf['file_ext']);
-  }
-  if (!isset($conf['flip_picture_ext']))
-  {
-    $conf['flip_picture_ext'] = array_flip($conf['picture_ext']);
-  }
-}
-
-/**
- * Is this local site ok ?
- *
- * @return true on success, false otherwise
- */
-function open()
-{
-  global $errors;
-
-  if (!is_dir($this->site_url))
-  {
-    $errors[] = array(
-      'path' => $this->site_url,
-      'type' => 'PWG-ERROR-NO-FS'
-      );
-
-    return false;
-  }
-
-  return true;
-}
-
-// retrieve file system sub-directories fulldirs
-function get_full_directories($basedir)
-{
-  $fs_fulldirs = get_fs_directories($basedir);
-  return $fs_fulldirs;
-}
-
-/**
- * Returns an array with all file system files according to $conf['file_ext']
- * and $conf['picture_ext']
- * @param string $path recurse in this directory
- * @return array like "pic.jpg"=>array('representative_ext'=>'jpg' ... )
- */
-function get_elements($path)
-{
-  global $conf;
-
-  $subdirs = array();
-  $fs = array();
-  if (is_dir($path) && $contents = opendir($path) )
-  {
-    while (($node = readdir($contents)) !== false)
-    {
-      if ($node == '.' or $node == '..') continue;
-
-      if (is_file($path.'/'.$node))
-      {
-        $extension = get_extension($node);
-        $filename_wo_ext = get_filename_wo_extension($node);
-
-        if ( isset($conf['flip_file_ext'][$extension]) )
-        {
-          $representative_ext = null;
-          if (! isset($conf['flip_picture_ext'][$extension]) )
-          {
-            $representative_ext = $this->get_representative_ext($path, $filename_wo_ext);
-          }
-
-          $fs[ $path.'/'.$node ] = array('representative_ext' => $representative_ext);
-
-          if ($conf['enable_formats'])
-          {
-            $fs[ $path.'/'.$node ]['formats'] = $this->get_formats($path, $filename_wo_ext);
-          }
-        }
-      }
-      else if (is_dir($path.'/'.$node)
-               and $node != 'pwg_high'
-               and $node != 'pwg_representative'
-               and $node != 'pwg_format'
-               and $node != 'thumbnail' )
-      {
-        $subdirs[] = $node;
-      }
-    } //end while readdir
-    closedir($contents);
-
-    foreach ($subdirs as $subdir)
-    {
-      $tmp_fs = $this->get_elements($path.'/'.$subdir);
-      $fs = array_merge($fs, $tmp_fs);
-    }
-    ksort($fs);
-  } //end if is_dir
-  return $fs;
-}
-
-// returns the name of the attributes that are supported for
-// files update/synchronization
-function get_update_attributes()
-{
-  return array('representative_ext');
-}
-
-function get_element_update_attributes($file)
-{
-  global $conf;
-  $data = array();
-
-  $filename = basename($file);
-  $extension = get_extension($filename);
-
-  $representative_ext = null;
-  if (! isset($conf['flip_picture_ext'][$extension]) )
-  {
-    $dirname = dirname($file);
-    $filename_wo_ext = get_filename_wo_extension($filename);
-    $representative_ext = $this->get_representative_ext($dirname, $filename_wo_ext);
-  }
-
-  $data['representative_ext'] = $representative_ext;
-  return $data;
-}
-
-// returns the name of the attributes that are supported for
-// metadata update/synchronization according to configuration
-function get_metadata_attributes()
-{
-  return get_sync_metadata_attributes();
-}
-
-// returns a hash of attributes (metadata+filesize+width,...) for file
-function get_element_metadata($infos)
-{
-  return get_sync_metadata($infos);
-}
-
-
-//-------------------------------------------------- private functions --------
-function get_representative_ext($path, $filename_wo_ext)
-{
-  global $conf;
-  $base_test = $path.'/pwg_representative/'.$filename_wo_ext.'.';
-  foreach ($conf['picture_ext'] as $ext)
-  {
-    $test = $base_test.$ext;
-    if (is_file($test))
-    {
-      return $ext;
-    }
-  }
-  return null;
-}
-
-function get_formats($path, $filename_wo_ext)
-{
-  global $conf;
-
-  $formats = array();
-  
-  $base_test = $path.'/pwg_format/'.$filename_wo_ext.'.';
-  
-  foreach ($conf['format_ext'] as $ext)
-  {
-    $test = $base_test.$ext;
-    
-    if (is_file($test))
-    {
-      $formats[$ext] = floor(filesize($test) / 1024);
-    }
-  }
-  
-  return $formats;
-}
-
-}
+<?php
+// +-----------------------------------------------------------------------+
+// | Piwigo - a PHP based picture gallery                                  |
+// +-----------------------------------------------------------------------+
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
+// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+// provides data for site synchronization from the local file system
+class LocalSiteReader
+{
+
+var $site_url;
+
+function LocalSiteReader($url)
+{
+  $this->site_url = $url;
+}
+
+/**
+ * Is this local site ok ?
+ *
+ * @return true on success, false otherwise
+ */
+function open()
+{
+  global $errors;
+
+  if (!is_dir($this->site_url))
+  {
+    array_push(
+      $errors,
+      array(
+        'path' => $this->site_url,
+        'type' => 'PWG-ERROR-NO-FS'
+        )
+      );
+
+    return false;
+  }
+
+  return true;
+}
+
+// retrieve file system sub-directories fulldirs
+function get_full_directories($basedir)
+{
+  $fs_fulldirs = get_fs_directories($basedir);
+  return $fs_fulldirs;
+}
+
+/**
+ * Returns an array with all file system files according to $conf['file_ext']
+ * and $conf['picture_ext']
+ * @param string $path recurse in this directory
+ * @return array like "pic.jpg"=>array('tn_ext'=>'jpg' ... )
+ */
+function get_elements($path)
+{
+  global $conf;
+  if (!isset($conf['flip_file_ext']))
+  {
+    $conf['flip_file_ext'] = array_flip($conf['file_ext']);
+  }
+
+  $subdirs = array();
+  $fs = array();
+  if (is_dir($path) && $contents = opendir($path) )
+  {
+    while (($node = readdir($contents)) !== false)
+    {
+      if (is_file($path.'/'.$node))
+      {
+        $extension = get_extension($node);
+        $filename_wo_ext = get_filename_wo_extension($node);
+
+        if ( isset($conf['flip_file_ext'][$extension]) )
+        {
+          $tn_ext = $this->get_tn_ext($path, $filename_wo_ext);
+          $fs[ $path.'/'.$node ] = array(
+            'tn_ext' => $tn_ext,
+            );
+        }
+      }
+      elseif (is_dir($path.'/'.$node)
+               and $node != '.'
+               and $node != '..'
+               and $node != 'pwg_high'
+               and $node != 'pwg_representative'
+               and $node != 'thumbnail' )
+      {
+        array_push($subdirs, $node);
+      }
+    } //end while readdir
+    closedir($contents);
+
+    foreach ($subdirs as $subdir)
+    {
+      $tmp_fs = $this->get_elements($path.'/'.$subdir);
+      $fs = array_merge($fs, $tmp_fs);
+    }
+    ksort($fs);
+  } //end if is_dir
+  return $fs;
+}
+
+// returns the name of the attributes that are supported for
+// files update/synchronization
+function get_update_attributes()
+{
+  return array('tn_ext', 'has_high', 'representative_ext');
+}
+
+function get_element_update_attributes($file)
+{
+  global $conf;
+  $data = array();
+
+  $filename = basename($file);
+  $dirname = dirname($file);
+  $filename_wo_ext = get_filename_wo_extension($filename);
+  $extension = get_extension($filename);
+
+  $data['tn_ext'] = $this->get_tn_ext($dirname, $filename_wo_ext);
+  $data['has_high'] = $this->get_has_high($dirname, $filename);
+
+  if ( !isset($conf['flip_picture_ext'][$extension]) )
+  {
+    $data['representative_ext'] = $this->get_representative_ext(
+        $dirname, $filename_wo_ext
+      );
+  }
+  return $data;
+}
+
+// returns the name of the attributes that are supported for
+// metadata update/synchronization according to configuration
+function get_metadata_attributes()
+{
+  global $conf;
+
+  $update_fields = array('filesize', 'width', 'height', 'high_filesize');
+
+  if ($conf['use_exif'])
+  {
+    $update_fields =
+      array_merge(
+        $update_fields,
+        array_keys($conf['use_exif_mapping'])
+        );
+  }
+
+  if ($conf['use_iptc'])
+  {
+    $update_fields =
+      array_merge(
+        $update_fields,
+        array_keys($conf['use_iptc_mapping'])
+        );
+  }
+
+  return $update_fields;
+}
+
+// returns a hash of attributes (metadata+filesize+width,...) for file
+function get_element_metadata($file, $has_high = false)
+{
+  global $conf;
+  if (!is_file($file))
+  {
+    return null;
+  }
+
+  $data = array();
+
+  $data['filesize'] = floor(filesize($file)/1024);
+
+  if ($image_size = @getimagesize($file))
+  {
+    $data['width'] = $image_size[0];
+    $data['height'] = $image_size[1];
+  }
+
+  if ($has_high)
+  {
+    $high_file = dirname($file).'/pwg_high/'.basename($file);
+
+    $data['high_filesize'] = floor(filesize($high_file)/1024);
+  }
+
+  if ($conf['use_exif'])
+  {
+    $exif = get_sync_exif_data($file);
+    if (count($exif) == 0 and isset($data['high_filesize']))
+    {
+      $exif = get_sync_exif_data($high_file);
+    }
+    $data = array_merge($data, $exif);
+  }
+
+  if ($conf['use_iptc'])
+  {
+    $iptc = get_sync_iptc_data($file);
+    if (count($iptc) == 0 and isset($data['high_filesize']))
+    {
+      $iptc = get_sync_iptc_data($high_file);
+    }
+    $data = array_merge($data, $iptc);
+  }
+
+  return $data;
+}
+
+
+//-------------------------------------------------- private functions --------
+function get_representative_ext($path, $filename_wo_ext)
+{
+  global $conf;
+  $base_test = $path.'/pwg_representative/'.$filename_wo_ext.'.';
+  foreach ($conf['picture_ext'] as $ext)
+  {
+    $test = $base_test.$ext;
+    if (is_file($test))
+    {
+      return $ext;
+    }
+  }
+  return null;
+}
+
+function get_tn_ext($path, $filename_wo_ext)
+{
+  global $conf;
+
+  $base_test =
+    $path.'/thumbnail/'.$conf['prefix_thumbnail'].$filename_wo_ext.'.';
+
+  foreach ($conf['picture_ext'] as $ext)
+  {
+    $test = $base_test.$ext;
+    if (is_file($test))
+    {
+      return $ext;
+    }
+  }
+
+  return null;
+}
+
+function get_has_high($path, $filename)
+{
+  if (is_file($path.'/pwg_high/'.$filename))
+  {
+    return 'true';
+  }
+
+  return null;
+}
+
+}
 ?>

admin/site_reader_remote.php

@@ -0,0 +1,249 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | Piwigo - a PHP based picture gallery                                  |
+// +-----------------------------------------------------------------------+
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
+// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+
+// provides data for site synchronization from a remote listing.xml
+class RemoteSiteReader
+{
+
+var $site_url;
+var $listing_url;
+var $site_dirs;
+var $site_files;
+var $insert_attributes;
+var $metadata_attributes;
+
+function RemoteSiteReader($url, $listing_url)
+{
+  $this->site_url = $url;
+  $this->insert_attributes = array(
+    'tn_ext',
+    );
+  $this->update_attributes = array(
+    'tn_ext', 'representative_ext', 'has_high',
+    );
+  $this->metadata_attributes = array(
+    'filesize', 'width', 'height', 'high_filesize'
+    );
+
+  if (!isset($listing_url))
+  {
+    $this->listing_url = $this->site_url.'listing.xml';
+  }
+  else
+  {
+    $this->listing_url = $listing_url;
+  }
+}
+
+/**
+ * Is this remote site ok ?
+ *
+ * @return true on success, false otherwise
+ */
+function open()
+{
+  global $errors;
+
+  if ($xml_content = getXmlCode($this->listing_url))
+  {
+    $this->site_dirs = array();
+    $this->site_files = array();
+    $info_xml_element = getChild($xml_content, 'informations');
+    if (getAttribute($info_xml_element , 'phpwg_version') != PHPWG_VERSION)
+    {
+      array_push(
+        $errors,
+        array(
+          'path' => $this->listing_url,
+          'type' => 'PWG-ERROR-VERSION'
+          )
+        );
+
+      return false;
+    }
+
+    $additional_metadata = getAttribute($info_xml_element, 'metadata');
+
+    if ($additional_metadata != '')
+    {
+      $this->metadata_attributes = array_merge(
+        $this->metadata_attributes,
+        explode(',', $additional_metadata)
+        );
+    }
+    
+    $this->build_structure($xml_content, '', 0);
+
+    return true;
+  }
+  else
+  {
+    array_push(
+      $errors,
+      array(
+        'path' => $this->listing_url,
+        'type' => 'PWG-ERROR-NOLISTING'
+        )
+      );
+
+    return false;
+  }
+}
+
+// retrieve xml sub-directories fulldirs
+function get_full_directories($basedir)
+{
+  $dirs = array();
+  foreach ( array_keys($this->site_dirs) as $dir)
+  {
+    $full_dir = $this->site_url . $dir;
+    if ($full_dir != $basedir
+        and strpos($full_dir, $basedir) === 0
+      )
+    {
+      array_push($dirs, $full_dir);
+    }
+  }
+  return $dirs;
+}
+
+/**
+ * Returns a hash with all elements (images and files) inside the full $path
+ * according to listing.xml
+ * @param string $path recurse in this directory only
+ * @return array like "pic.jpg"=>array('tn_ext'=>'jpg' ... )
+ */
+function get_elements($path)
+{
+  $elements = array();
+  foreach ( $this->site_dirs as $dir=>$files)
+  {
+    $full_dir = $this->site_url . $dir;
+    if (strpos($full_dir, $path) === 0)
+    {
+      foreach ($files as $file)
+      {
+        $data = $this->get_element_attributes(
+          $file,
+          $this->insert_attributes
+          );
+        $elements[$file] = $data;
+      }
+    }
+  }
+
+  return $elements;
+}
+
+// returns the name of the attributes that are supported for
+// files update/synchronization
+function get_update_attributes()
+{
+  return $this->update_attributes;
+}
+
+function get_element_update_attributes($file)
+{
+  return $this->get_element_attributes(
+    $file,
+    $this->update_attributes
+    );
+}
+
+// returns the name of the attributes that are supported for
+// metadata update/synchronization according to listing.xml
+function get_metadata_attributes()
+{
+  return $this->metadata_attributes;
+}
+
+// returns a hash of attributes (metadata+width,...) for file
+function get_element_metadata($file, $has_high = false)
+{
+  return $this->get_element_attributes(
+    $file,
+    $this->metadata_attributes
+    );
+}
+
+//-------------------------------------------------- private functions --------
+/**
+ * Returns a hash of image/file attributes
+ * @param string $file fully qualified file name
+ * @param array $attributes specifies which attributes to retrieve
+ *  returned
+*/
+function get_element_attributes($file, $attributes)
+{
+  $xml_element = $this->site_files[$file];
+  if (!isset($xml_element))
+  {
+    return null;
+  }
+  $data = array();
+  foreach($attributes as $att)
+  {
+    if (getAttribute($xml_element, $att) != '')
+    {
+      $val = getAttribute($xml_element, $att);
+      $data[$att] = addslashes($val);
+    }
+  }
+  return $data;
+}
+
+// recursively parse the xml_content for later usage
+function build_structure($xml_content, $basedir, $level)
+{
+  $temp_dirs = getChildren($xml_content, 'dir'.$level);
+  foreach ($temp_dirs as $temp_dir)
+  {
+    $dir_name = $basedir;
+    if ($dir_name != '' )
+    {
+      $dir_name .= '/';
+    }
+    $dir_name .= getAttribute($temp_dir, 'name');
+    $this->site_dirs[ $dir_name ] = array();
+    $this->build_structure($temp_dir, $dir_name, $level+1);
+  }
+
+  if ($basedir != '')
+  {
+    $xml_elements = getChildren(
+      getChild($xml_content, 'root'),
+      'element'
+      );
+    foreach ($xml_elements as $xml_element)
+    {
+      $path = getAttribute($xml_element, 'path');
+      $this->site_files[$path] = $xml_element;
+      array_push($this->site_dirs[$basedir], $path);
+    }
+  }
+}
+
+}
+
+?>

admin/site_update.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -31,12 +31,6 @@ include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
 // +-----------------------------------------------------------------------+
 // | Check Access and exit when user status is not ok                      |
 // +-----------------------------------------------------------------------+
-
-if (!$conf['enable_synchronization'])
-{
-  die('synchronization is disabled');
-}
-
 check_status(ACCESS_ADMINISTRATOR);
 
 if (!is_numeric($_GET['site']))
@@ -64,17 +58,36 @@ $error_labels = array(
     l10n('wrong filename'),
     l10n('The name of directories and files must be composed of letters, numbers, "-", "_" or "."')
     ),
+  'PWG-UPDATE-2' => array(
+    l10n('missing thumbnail'),
+    l10n('a picture filetype requires a thumbnail. The thumbnail must be present in the sub-directory "thumbnail" of the category directory. The thumbnail filename must start with the configured thumbnail prefix and the extension must be among the following list :').implode(',', $conf['picture_ext'])
+    ),
   'PWG-ERROR-NO-FS' => array(
     l10n('File/directory read error'),
     l10n('The file or directory cannot be accessed (either it does not exist or the access is denied)')
     ),
+  'PWG-ERROR-VERSION' => array(
+    l10n('Piwigo version differs on the remote site'),
+    l10n('Version of create_listing_file.php on the remote site and Piwigo must be the same')
+    ),
+  'PWG-ERROR-NOLISTING' => array(
+    l10n('listing.xml file was not found'),
+    l10n('listing.xml file was not found on the remote site. This file is generated by choosing the "generate listing" command in the Site manager')
+    )
   );
 $errors = array();
 $infos = array();
 
 if ($site_is_remote)
 {
-  fatal_error('remote sites not supported');
+  include_once(PHPWG_ROOT_PATH.'admin/site_reader_remote.php');
+  $local_listing = null;
+  if ( isset($_GET['local_listing'])
+      and $_GET['local_listing'] )
+  {
+    $local_listing = PHPWG_ROOT_PATH.'listing.xml';
+  }
+  $site_reader = new RemoteSiteReader($site_url, $local_listing);
 }
 else
 {
@@ -85,13 +98,17 @@ else
 $general_failure = true;
 if (isset($_POST['submit']))
 {
+  if (!isset($conf['flip_picture_ext']))
+  {
+    $conf['flip_picture_ext'] = array_flip($conf['picture_ext']);
+  }
   if ($site_reader->open())
   {
     $general_failure = false;
   }
 
   // shall we simulate only
-  if (isset($_POST['simulate']) and $_POST['simulate'] == 1)
+  if ((isset($_POST['simulate']) and $_POST['simulate'] == 1) or is_adviser())
   {
     $simulate = true;
   }
@@ -199,9 +216,9 @@ SELECT id_uppercat, MAX(rank)+1 AS next_rank
   // category directory, we need to include it in our array
   if (isset($_POST['cat']))
   {
-    $fs_fulldirs[] = $basedir;
+    array_push($fs_fulldirs, $basedir);
   }
-  // If $_POST['subcats-included'] != 1 ("Search in sub-albums" is unchecked)
+  // If $_POST['subcats-included'] != 1 ("Search in subcategories" is unchecked)
   // $db_fulldirs doesn't include any subdirectories and $fs_fulldirs does
   // So $fs_fulldirs will be limited to the selected basedir
   // (if that one is in $fs_fulldirs)
@@ -214,7 +231,7 @@ SELECT id_uppercat, MAX(rank)+1 AS next_rank
   foreach (array_diff($fs_fulldirs, array_keys($db_fulldirs)) as $fulldir)
   {
     $dir = basename($fulldir);
-    if (preg_match($conf['sync_chars_regex'], $dir))
+    if (preg_match('/^[a-zA-Z0-9-_.]+$/', $dir))
     {
       $insert = array(
         'id'          => $next_id++,
@@ -223,6 +240,9 @@ SELECT id_uppercat, MAX(rank)+1 AS next_rank
         'site_id'     => $site_id,
         'commentable' =>
           boolean_to_string($conf['newcat_default_commentable']),
+        'uploadable'  => $site_is_remote
+          ? 'false'
+          : boolean_to_string($conf['newcat_default_uploadable']),
         'status'      => $conf['newcat_default_status'],
         'visible'     => boolean_to_string($conf['newcat_default_visible']),
         );
@@ -253,17 +273,19 @@ SELECT id_uppercat, MAX(rank)+1 AS next_rank
         $insert['global_rank'] = $insert['rank'];
       }
 
-      $inserts[] = $insert;
-      $infos[] = array(
+      array_push($inserts, $insert);
+      array_push(
+        $infos,
+        array(
           'path' => $fulldir,
-          'info' => l10n('added'),
-          );
+          'info' => l10n('added')
+          )
+        );
 
       // add the new category to $db_categories and $db_fulldirs array
       $db_categories[$insert{'id'}] =
         array(
           'id' => $insert['id'],
-          'parent' => (isset($parent)) ? $parent : Null,
           'status' => $insert['status'],
           'visible' => $insert['visible'],
           'uppercats' => $insert['uppercats'],
@@ -274,9 +296,12 @@ SELECT id_uppercat, MAX(rank)+1 AS next_rank
     }
     else
     {
-      $errors[] = array(
-        'path' => $fulldir,
-        'type' => 'PWG-UPDATE-1'
+      array_push(
+        $errors,
+        array(
+          'path' => $fulldir,
+          'type' => 'PWG-UPDATE-1'
+          )
         );
     }
   }
@@ -287,120 +312,9 @@ SELECT id_uppercat, MAX(rank)+1 AS next_rank
     {
       $dbfields = array(
         'id','dir','name','site_id','id_uppercat','uppercats','commentable',
-        'visible','status','rank','global_rank'
+        'uploadable','visible','status','rank','global_rank'
         );
       mass_inserts(CATEGORIES_TABLE, $dbfields, $inserts);
-
-      // add default permissions to categories
-      $category_ids = array();
-      $category_up = array();
-      foreach ($inserts as $category)
-      {
-        $category_ids[] = $category['id'];
-        if (!empty($category['id_uppercat']))
-        {
-          $category_up[] = $category['id_uppercat'];
-        }
-      }
-      $category_up=implode(',',array_unique($category_up));
-      if ($conf['inheritance_by_default'])
-      {
-        $query = '
-          SELECT *
-          FROM '.GROUP_ACCESS_TABLE.'
-          WHERE cat_id IN ('.$category_up.')
-        ;';
-        $result = pwg_query($query);
-        if (!empty($result))
-        {
-          $granted_grps = array();
-          while ($row = pwg_db_fetch_assoc($result))
-          {
-            if (!isset($granted_grps[$row['cat_id']]))
-            {
-              $granted_grps[$row['cat_id']]=array();
-            }
-            // TODO: explanaition
-            array_push(
-              $granted_grps,
-              array(
-                $row['cat_id'] => array_push($granted_grps[$row['cat_id']],$row['group_id'])
-              )
-            );
-          }
-        }
-        $query = '
-          SELECT *
-          FROM '.USER_ACCESS_TABLE.'
-          WHERE cat_id IN ('.$category_up.')
-        ;';
-        $result = pwg_query($query);
-        if (!empty($result))
-        {
-          $granted_users = array();
-          while ($row = pwg_db_fetch_assoc($result))
-          {
-            if (!isset($granted_users[$row['cat_id']]))
-            {
-              $granted_users[$row['cat_id']]=array();
-            }
-            // TODO: explanaition
-            array_push(
-              $granted_users,
-              array(
-                $row['cat_id'] => array_push($granted_users[$row['cat_id']],$row['user_id'])
-              )
-            );
-          }
-        }
-        $insert_granted_users=array();
-        $insert_granted_grps=array();
-        foreach ($category_ids as $ids)
-        {
-          $parent_id=$db_categories[$ids]['parent'];
-          while (in_array($parent_id, $category_ids))
-          {
-            $parent_id= $db_categories[$parent_id]['parent'];
-          }
-          if ($db_categories[$ids]['status']=='private' and !is_null($parent_id))
-          {
-            if (isset($granted_grps[$parent_id]))
-            {
-              foreach ($granted_grps[$parent_id] as $granted_grp)
-              {
-                $insert_granted_grps[] = array(
-                  'group_id' => $granted_grp,
-                  'cat_id' => $ids
-                  );
-              }
-            }
-            if (isset($granted_users[$parent_id]))
-            {
-              foreach ($granted_users[$parent_id] as $granted_user)
-              {
-                $insert_granted_users[] = array(
-                  'user_id' => $granted_user,
-                  'cat_id' => $ids
-                  );
-              }
-            }
-            foreach (get_admins() as $granted_user)
-            {
-              $insert_granted_users[] = array(
-                'user_id' => $granted_user,
-                'cat_id' => $ids
-                );
-            }
-          }
-        }
-        mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $insert_granted_grps);
-        $insert_granted_users=array_unique($insert_granted_users, SORT_REGULAR);
-        mass_inserts(USER_ACCESS_TABLE, array('user_id','cat_id'), $insert_granted_users);
-      }
-      else
-      {
-        add_permission_on_category($category_ids, get_admins());
-      }
     }
 
     $counts['new_categories'] = count($inserts);
@@ -408,37 +322,18 @@ SELECT id_uppercat, MAX(rank)+1 AS next_rank
 
   // to delete categories
   $to_delete = array();
-  $to_delete_derivative_dirs = array();
-  
   foreach (array_diff(array_keys($db_fulldirs), $fs_fulldirs) as $fulldir)
   {
-    $to_delete[] = $db_fulldirs[$fulldir];
+    array_push($to_delete, $db_fulldirs[$fulldir]);
     unset($db_fulldirs[$fulldir]);
-    
-    $infos[] = array(
-      'path' => $fulldir,
-      'info' => l10n('deleted')
-      );
-      
-    if (substr_compare($fulldir, '../', 0, 3)==0)
-    {
-      $fulldir = substr($fulldir, 3);
-    }
-    $to_delete_derivative_dirs[] = PHPWG_ROOT_PATH.PWG_DERIVATIVE_DIR.$fulldir;
+    array_push($infos, array('path' => $fulldir,
+                             'info' => l10n('deleted')));
   }
-  
   if (count($to_delete) > 0)
   {
     if (!$simulate)
     {
       delete_categories($to_delete);
-      foreach($to_delete_derivative_dirs as $to_delete_dir)
-      {
-        if (is_dir($to_delete_dir))
-        {
-          clear_derivative_cache_rec($to_delete_dir, '#.+#');
-        }
-      }
     }
     $counts['del_categories'] = count($to_delete);
   }
@@ -457,7 +352,6 @@ if (isset($_POST['submit']) and $_POST['sync'] == 'files'
   $start= $start_files;
 
   $fs = $site_reader->get_elements($basedir);
-
   $template->append('footer_elements', '<!-- get_elements: '
     . get_elapsed_time($start, get_moment())
     . ' -->' );
@@ -465,6 +359,7 @@ if (isset($_POST['submit']) and $_POST['sync'] == 'files'
   $cat_ids = array_diff(array_keys($db_categories), $to_delete);
 
   $db_elements = array();
+  $db_unvalidated = array();
 
   if (count($cat_ids) > 0)
   {
@@ -474,10 +369,30 @@ SELECT id, path
   WHERE storage_category_id IN ('
       .wordwrap(
         implode(', ', $cat_ids),
-        160,
+        80,
         "\n"
         ).')';
     $db_elements = simple_hash_from_query($query, 'id', 'path');
+
+    // searching the unvalidated waiting elements (they must not be taken into
+    // account)
+    $query = '
+SELECT file,storage_category_id
+  FROM '.WAITING_TABLE.'
+  WHERE storage_category_id IN (
+'.wordwrap(implode(', ', $cat_ids), 80, "\n").')
+    AND validated = \'false\'';
+    $result = pwg_query($query);
+    while ($row = pwg_db_fetch_assoc($result))
+    {
+      array_push(
+        $db_unvalidated,
+        array_search(
+          $row['storage_category_id'],
+          $db_fulldirs)
+        .'/'.$row['file']
+        );
+    }
   }
 
   // next element id available
@@ -487,10 +402,8 @@ SELECT id, path
 
   $inserts = array();
   $insert_links = array();
-  $insert_formats = array();
-  $formats_to_delete = array();
 
-  foreach (array_diff(array_keys($fs), $db_elements) as $path)
+  foreach (array_diff(array_keys($fs), $db_elements, $db_unvalidated) as $path)
   {
     $insert = array();
     // storage category must exist
@@ -500,157 +413,85 @@ SELECT id, path
       continue;
     }
     $filename = basename($path);
-    if (!preg_match($conf['sync_chars_regex'], $filename))
+    if (!preg_match('/^[a-zA-Z0-9-_.]+$/', $filename))
     {
-      $errors[] = array(
-        'path' => $path,
-        'type' => 'PWG-UPDATE-1'
+      array_push(
+        $errors,
+        array(
+          'path' => $path,
+          'type' => 'PWG-UPDATE-1'
+          )
         );
 
       continue;
     }
 
-    $insert = array(
-      'id'             => $next_element_id++,
-      'file'           => $filename,
-      'name'           => get_name_from_file($filename),
-      'date_available' => CURRENT_DATE,
-      'path'           => $path,
-      'representative_ext'  => $fs[$path]['representative_ext'],
-      'storage_category_id' => $db_fulldirs[$dirname],
-      'added_by'       => $user['id'],
-      );
-
-    if ( $_POST['privacy_level']!=0 )
-    {
-      $insert['level'] = $_POST['privacy_level'];
+    if ( isset( $conf['flip_picture_ext'][get_extension($filename)] )
+          and !isset($fs[$path]['tn_ext']) )
+    { // For a picture thumbnail is mandatory and for non picture element,
+      // thumbnail and representative are optionnal
+      array_push(
+        $errors,
+        array(
+          'path' => $path,
+          'type' => 'PWG-UPDATE-2'
+          )
+        );
     }
-
-    $inserts[] = $insert;
-
-    $insert_links[] = array(
-      'image_id'    => $insert['id'],
-      'category_id' => $insert['storage_category_id'],
-      );
-
-    $infos[] = array(
-      'path' => $insert['path'],
-      'info' => l10n('added')
-      );
-
-    if ($conf['enable_formats'])
+    else
     {
-      foreach ($fs[$path]['formats'] as $ext => $filesize)
-      {
-        $insert_formats[] = array(
-          'image_id' => $insert['id'],
-          'ext' => $ext,
-          'filesize' => $filesize,
-          );
+      $insert = array(
+        'id'             => $next_element_id++,
+        'file'           => $filename,
+        'date_available' => CURRENT_DATE,
+        'path'           => $path,
+        'tn_ext'         => isset($fs[$path]['tn_ext'])
+          ? $fs[$path]['tn_ext']
+          : null,
+        'storage_category_id' => $db_fulldirs[$dirname],
+        );
 
-        $infos[] = array(
+      if ( $_POST['privacy_level']!=0 )
+      {
+        $insert['level'] = $_POST['privacy_level'];
+      }
+
+      array_push(
+        $inserts,
+        $insert
+        );
+
+      array_push(
+        $insert_links,
+        array(
+          'image_id'    => $insert['id'],
+          'category_id' => $insert['storage_category_id'],
+          )
+        );
+
+      array_push(
+        $infos,
+        array(
           'path' => $insert['path'],
-          'info' => l10n('format %s added', $ext)
-          );
-      }
-    }
+          'info' => l10n('added')
+          )
+        );
 
-    $caddiables[] = $insert['id'];
-  }
-
-  // search new/removed formats on photos already registered in database
-  if ($conf['enable_formats'])
-  {
-    $db_elements_flip = array_flip($db_elements);
-
-    $existing_ids = array();
-  
-    foreach (array_intersect_key($fs, $db_elements_flip) as $path => $existing)
-    {
-      $existing_ids[] = $db_elements_flip[$path];
-    }
-
-    $logger->debug('existing_ids', 'sync', $existing_ids);
-
-    if (count($existing_ids) > 0)
-    {
-      $db_formats = array();
-    
-      // find formats for existing photos (already in database)
-      $query = '
-SELECT *
-  FROM '.IMAGE_FORMAT_TABLE.'
-  WHERE image_id IN ('.implode(',', $existing_ids).')
-;';
-      $result = pwg_query($query);
-      while ($row = pwg_db_fetch_assoc($result))
-      {
-        if (!isset($db_formats[$row['image_id']]))
-        {
-          $db_formats[$row['image_id']] = array();
-        }
-        
-        $db_formats[$row['image_id']][$row['ext']] = $row['format_id'];
-      }
-
-      // first we search the formats that were removed
-      foreach ($db_formats as $image_id => $formats)
-      {
-        $image_formats_to_delete = array_diff_key($formats, $fs[ $db_elements[$image_id] ]['formats']);
-        $logger->debug('image_formats_to_delete', 'sync', $image_formats_to_delete);
-        foreach ($image_formats_to_delete as $ext => $format_id)
-        {
-          $formats_to_delete[] = $format_id;
-          
-          $infos[] = array(
-            'path' => $db_elements[$image_id],
-            'info' => l10n('format %s removed', $ext)
-            );
-        }
-      }
-
-      // then we search for new formats on existing photos
-      foreach ($existing_ids as $image_id)
-      {
-        $path = $db_elements[$image_id];
-        
-        $formats = array();
-        if (isset($db_formats[$image_id]))
-        {
-          $formats = $db_formats[$image_id];
-        }
-        
-        $image_formats_to_insert = array_diff_key($fs[$path]['formats'], $formats);
-        $logger->debug('image_formats_to_insert', 'sync', $image_formats_to_insert);
-        foreach ($image_formats_to_insert as $ext => $filesize)
-        {
-          $insert_formats[] = array(
-            'image_id' => $image_id,
-            'ext' => $ext,
-            'filesize' => $filesize,
-            );
-
-          $infos[] = array(
-            'path' => $db_elements[$image_id],
-            'info' => l10n('format %s added', $ext)
-            );
-        }
-      }
+      $caddiables[] = $insert['id'];
     }
   }
 
-  
-  if (!$simulate)
+  if (count($inserts) > 0)
   {
-    // inserts all new elements
-    if (count($inserts) > 0)
+    if (!$simulate)
     {
+      // inserts all new elements
       mass_inserts(
         IMAGES_TABLE,
         array_keys($inserts[0]),
         $inserts
         );
-      
+
       // inserts all links between new elements and their storage category
       mass_inserts(
         IMAGE_CATEGORY_TABLE,
@@ -658,45 +499,22 @@ SELECT *
         $insert_links
         );
 
-      // add new photos to caddie
+      // add new elements to caddie
       if (isset($_POST['add_to_caddie']) and $_POST['add_to_caddie'] == 1)
       {
         fill_caddie($caddiables);
       }
     }
-      
-    // inserts all formats
-    if (count($insert_formats) > 0)
-    {
-      mass_inserts(
-        IMAGE_FORMAT_TABLE,
-        array_keys($insert_formats[0]),
-        $insert_formats
-        );
-    }
-
-    if (count($formats_to_delete) > 0)
-    {
-      $query = '
-DELETE
-  FROM '.IMAGE_FORMAT_TABLE.'
-  WHERE format_id IN ('.implode(',', $formats_to_delete).')
-;';
-      pwg_query($query);
-    }
+    $counts['new_elements'] = count($inserts);
   }
 
-  $counts['new_elements'] = count($inserts);
-
   // delete elements that are in database but not in the filesystem
   $to_delete_elements = array();
   foreach (array_diff($db_elements, array_keys($fs)) as $path)
   {
-    $to_delete_elements[] = array_search($path, $db_elements);
-    $infos[] = array(
-      'path' => $path,
-      'info' => l10n('deleted')
-      );
+    array_push($to_delete_elements, array_search($path, $db_elements));
+    array_push($infos, array('path' => $path,
+                             'info' => l10n('deleted')));
   }
   if (count($to_delete_elements) > 0)
   {
@@ -710,6 +528,60 @@ DELETE
   $template->append('footer_elements', '<!-- scanning files : '
     . get_elapsed_time($start_files, get_moment())
     . ' -->' );
+
+  // retrieving informations given by uploaders
+  if (!$simulate and count($cat_ids) > 0)
+  {
+    $query = '
+SELECT id,file,storage_category_id,infos
+  FROM '.WAITING_TABLE.'
+  WHERE storage_category_id IN (
+'.wordwrap(implode(', ', $cat_ids), 80, "\n").')
+    AND validated = \'true\'';
+    $result = pwg_query($query);
+
+    $datas = array();
+    $fields =
+      array(
+        'primary' => array('id'),
+        'update'  => array('date_creation', 'author', 'name', 'comment')
+        );
+
+    $waiting_to_delete = array();
+
+    while ($row = pwg_db_fetch_assoc($result))
+    {
+      $data = array();
+
+      $query = '
+SELECT id
+  FROM '.IMAGES_TABLE.'
+  WHERE storage_category_id = '.$row['storage_category_id'].'
+    AND file = \''.$row['file'].'\'';
+      list($data['id']) = pwg_db_fetch_row(pwg_query($query));
+
+      foreach ($fields['update'] as $field)
+      {
+        $data[$field] = addslashes( getAttribute($row['infos'], $field) );
+      }
+
+      array_push($datas, $data);
+      array_push($waiting_to_delete, $row['id']);
+    }
+
+    if (count($datas) > 0)
+    {
+      mass_updates(IMAGES_TABLE, $fields, $datas);
+
+      // delete now useless waiting elements
+      $query = '
+DELETE
+  FROM '.WAITING_TABLE.'
+  WHERE id IN ('.implode(',', $waiting_to_delete).')
+;';
+      pwg_query($query);
+    }
+  }
 }
 
 // +-----------------------------------------------------------------------+
@@ -757,15 +629,29 @@ if (isset($_POST['submit'])
     $datas = array();
     foreach ( $files as $id=>$file )
     {
-      $file = $file['path'];
       $data = $site_reader->get_element_update_attributes($file);
       if ( !is_array($data) )
       {
         continue;
       }
+      $extension = get_extension($file);
+      if ( isset($conf['flip_picture_ext'][$extension]) )
+      {
+        if ( !isset($data['tn_ext']) )
+        {
+          array_push(
+            $errors,
+            array(
+              'path' => $file,
+              'type' => 'PWG-UPDATE-2'
+              )
+            );
+          continue;
+        }
+      }
 
       $data['id']=$id;
-      $datas[] = $data;
+      array_push($datas, $data);
     } // end foreach file
 
     $counts['upd_elements'] = count($datas);
@@ -838,15 +724,38 @@ if (isset($_POST['submit']) and isset($_POST['sync_meta'])
   $datas = array();
   $tags_of = array();
 
-  foreach ( $files as $id => $element_infos )
+  $has_high_images = array();
+
+  $image_ids = array();
+  foreach ($files as $id => $file)
   {
-    $data = $site_reader->get_element_metadata($element_infos);
+    array_push($image_ids, $id);
+  }
+
+  if (count($image_ids) > 0)
+  {
+    $query = '
+SELECT id
+  FROM '.IMAGES_TABLE.'
+  WHERE has_high = \'true\'
+    AND id IN (
+'.wordwrap(implode(', ', $image_ids), 80, "\n").'
+)';
+    $has_high_images = array_from_query($query, 'id' );
+  }
+
+  foreach ( $files as $id=>$file )
+  {
+    $data = $site_reader->get_element_metadata(
+      $file,
+      in_array($id, $has_high_images)
+      );
 
     if ( is_array($data) )
     {
       $data['date_metadata_update'] = CURRENT_DATE;
       $data['id']=$id;
-      $datas[] = $data;
+      array_push($datas, $data);
 
       foreach (array('keywords', 'tags') as $key)
       {
@@ -859,17 +768,17 @@ if (isset($_POST['submit']) and isset($_POST['sync_meta'])
 
           foreach (explode(',', $data[$key]) as $tag_name)
           {
-            $tags_of[$id][] = tag_id_from_tag_name($tag_name);
+            array_push(
+              $tags_of[$id],
+              tag_id_from_tag_name($tag_name)
+              );
           }
         }
       }
     }
     else
     {
-      $errors[] = array(
-        'path' => $element_infos['path'],
-        'type' => 'PWG-ERROR-NO-FS'
-        );
+      array_push($errors, array('path' => $file, 'type' => 'PWG-ERROR-NO-FS'));
     }
   }
 
@@ -919,7 +828,7 @@ $template->set_filenames(array('update'=>'site_update.tpl'));
 $result_title = '';
 if (isset($simulate) and $simulate)
 {
-  $result_title.= '['.l10n('Simulation').'] ';
+  $result_title.= l10n('[Simulation]').' ';
 }
 
 // used_metadata string is displayed to inform admin which metadata will be
@@ -979,14 +888,6 @@ else
     );
 
   $cat_selected = array();
-
-  if (isset($_GET['cat_id']))
-  {
-    check_input_parameter('cat_id', $_GET, false, PATTERN_ID);
-
-    $cat_selected = array($_GET['cat_id']);
-    $tpl_introduction['sync'] = 'files';
-  }
 }
 
 $tpl_introduction['privacy_level_options'] = get_privacy_level_options();

admin/stats.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -97,7 +97,7 @@ SELECT
   $output = array();
   while ($row = pwg_db_fetch_assoc($result))
   {
-    $output[] = $row;
+    array_push($output, $row);
   }
 
   return $output;
@@ -226,7 +226,7 @@ SELECT *
     if (isset($need_update[$key]))
     {
       $row['nb_pages'] += $need_update[$key];
-      $updates[] = $row;
+      array_push($updates, $row);
       unset($need_update[$key]);
     }
   }
@@ -236,13 +236,16 @@ foreach ($need_update as $time_key => $nb_pages)
 {
   $time_tokens = explode('-', $time_key);
 
-  $inserts[] = array(
-    'year'     => $time_tokens[0],
-    'month'    => @$time_tokens[1],
-    'day'      => @$time_tokens[2],
-    'hour'     => @$time_tokens[3],
-    'nb_pages' => $nb_pages,
-    );
+  array_push(
+      $inserts,
+      array(
+        'year'     => $time_tokens[0],
+        'month'    => @$time_tokens[1],
+        'day'      => @$time_tokens[2],
+        'hour'     => @$time_tokens[3],
+        'nb_pages' => $nb_pages,
+        )
+      );
 }
 
 if (count($updates) > 0)
@@ -320,7 +323,10 @@ $title_parts = array();
 
 $url = PHPWG_ROOT_PATH.'admin.php?page=stats';
 
-$title_parts[] = '<a href="'.$url.'">'.l10n('Overall').'</a>';
+array_push(
+  $title_parts,
+  '<a href="'.$url.'">'.l10n('Overall').'</a>'
+  );
 
 $period_label = l10n('Year');
 
@@ -328,7 +334,10 @@ if (isset($page['year']))
 {
   $url.= '&amp;year='.$page['year'];
 
-  $title_parts[] = '<a href="'.$url.'">'.$page['year'].'</a>';
+  array_push(
+    $title_parts,
+    '<a href="'.$url.'">'.$page['year'].'</a>'
+    );
 
   $period_label = l10n('Month');
 }
@@ -337,7 +346,10 @@ if (isset($page['month']))
 {
   $url.= '&amp;month='.$page['month'];
 
-  $title_parts[] = '<a href="'.$url.'">'.$lang['month'][$page['month']].'</a>';
+  array_push(
+    $title_parts,
+    '<a href="'.$url.'">'.$lang['month'][$page['month']].'</a>'
+    );
 
   $period_label = l10n('Day');
 }
@@ -354,7 +366,10 @@ if (isset($page['day']))
     $lang['day'][date('w', $time)]
     );
 
-  $title_parts[] = '<a href="'.$url.'">'.$day_title.'</a>';
+  array_push(
+    $title_parts,
+    '<a href="'.$url.'">'.$day_title.'</a>'
+    );
 
   $period_label = l10n('Hour');
 }

admin/tags.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -38,14 +38,14 @@ if (!empty($_POST))
 // |                                edit tags                              |
 // +-----------------------------------------------------------------------+
 
-if (isset($_POST['edit_submit']))
+if (isset($_POST['submit']) and !is_adviser())
 {
   $query = '
 SELECT name
   FROM '.TAGS_TABLE.'
 ;';
   $existing_names = array_from_query($query, 'name');
-
+  
 
   $current_name_of = array();
   $query = '
@@ -58,7 +58,7 @@ SELECT id, name
   {
     $current_name_of[ $row['id'] ] = $row['name'];
   }
-
+  
   $updates = array();
   // we must not rename tag with an already existing name
   foreach (explode(',', $_POST['edit_list']) as $tag_id)
@@ -69,117 +69,27 @@ SELECT id, name
     {
       if (in_array($tag_name, $existing_names))
       {
-        $page['errors'][] = l10n('Tag "%s" already exists', $tag_name);
-      }
-      else if (!empty($tag_name))
-      {
-        $updates[] = array(
-          'id' => $tag_id,
-          'name' => addslashes($tag_name),
-          'url_name' => trigger_change('render_tag_url', $tag_name),
-          );
-      }
-    }
-  }
-  mass_updates(
-    TAGS_TABLE,
-    array(
-      'primary' => array('id'),
-      'update' => array('name', 'url_name'),
-      ),
-    $updates
-    );
-}
-// +-----------------------------------------------------------------------+
-// |                            dulicate tags                              |
-// +-----------------------------------------------------------------------+
-
-if (isset($_POST['duplic_submit']))
-{
-  $query = '
-SELECT name
-  FROM '.TAGS_TABLE.'
-;';
-  $existing_names = array_from_query($query, 'name');
-
-
-  $current_name_of = array();
-  $query = '
-SELECT id, name
-  FROM '.TAGS_TABLE.'
-  WHERE id IN ('.$_POST['edit_list'].')
-;';
-  $result = pwg_query($query);
-  while ($row = pwg_db_fetch_assoc($result))
-  {
-    $current_name_of[ $row['id'] ] = $row['name'];
-  }
-
-  $updates = array();
-  // we must not rename tag with an already existing name
-  foreach (explode(',', $_POST['edit_list']) as $tag_id)
-  {
-    $tag_name = stripslashes($_POST['tag_name-'.$tag_id]);
-
-    if ($tag_name != $current_name_of[$tag_id])
-    {
-      if (in_array($tag_name, $existing_names))
-      {
-        $page['errors'][] = l10n('Tag "%s" already exists', $tag_name);
-      }
-      else if (!empty($tag_name))
-      {
-        single_insert(
-          TAGS_TABLE,
-          array(
-            'name' => $tag_name,
-            'url_name' => trigger_change('render_tag_url', $tag_name),
+        array_push(
+          $page['errors'],
+          sprintf(
+            l10n('Tag "%s" already exists'),
+            $tag_name
             )
           );
-
-        $query = '
-        SELECT id
-          FROM '.TAGS_TABLE.'
-          WHERE name = \''.$tag_name.'\'
-        ;';
-        $destination_tag = array_from_query($query, 'id');
-        $destination_tag_id = $destination_tag[0];
-
-        $query = '
-        SELECT
-            image_id
-          FROM '.IMAGE_TAG_TABLE.'
-          WHERE tag_id = '.$tag_id.'
-        ;';
-        $destination_tag_image_ids = array_from_query($query, 'image_id');
-
-        $inserts = array();
-        foreach ($destination_tag_image_ids as $image_id)
-        {
-          $inserts[] = array(
-            'tag_id' => $destination_tag_id,
-            'image_id' => $image_id
-            );
-        }
-
-        if (count($inserts) > 0)
-        {
-          mass_inserts(
-            IMAGE_TAG_TABLE,
-            array_keys($inserts[0]),
-            $inserts
-            );
-        }
-        
-        $page['infos'][] = l10n(
-          'Tag "%s" is now a duplicate of "%s"',
-          stripslashes($tag_name),
-          $current_name_of[$tag_id]
+      }
+      else if (!empty($tag_name))
+      {
+        array_push(
+          $updates,
+          array(
+            'id' => $tag_id,
+            'name' => addslashes($tag_name),
+            'url_name' => str2url($tag_name),
+            )
           );
       }
     }
   }
-
   mass_updates(
     TAGS_TABLE,
     array(
@@ -190,104 +100,11 @@ SELECT id, name
     );
 }
 
-// +-----------------------------------------------------------------------+
-// |                               merge tags                              |
-// +-----------------------------------------------------------------------+
-
-if (isset($_POST['merge_submit']))
-{
-  if (!isset($_POST['destination_tag']))
-  {
-    $page['errors'][] = l10n('No destination tag selected');
-  }
-  else
-  {
-    $destination_tag_id = $_POST['destination_tag'];
-    $tag_ids = explode(',', $_POST['merge_list']);
-
-    if (is_array($tag_ids) and count($tag_ids) > 1)
-    {
-      $name_of_tag = array();
-      $query = '
-SELECT
-    id,
-    name
-  FROM '.TAGS_TABLE.'
-  WHERE id IN ('.implode(',', $tag_ids).')
-;';
-      $result = pwg_query($query);
-      while ($row = pwg_db_fetch_assoc($result))
-      {
-        $name_of_tag[ $row['id'] ] = trigger_change('render_tag_name', $row['name'], $row);
-      }
-
-      $tag_ids_to_delete = array_diff(
-        $tag_ids,
-        array($destination_tag_id)
-        );
-
-      $query = '
-SELECT
-    DISTINCT(image_id)
-  FROM '.IMAGE_TAG_TABLE.'
-  WHERE tag_id IN ('.implode(',', $tag_ids_to_delete).')
-;';
-      $image_ids = array_from_query($query, 'image_id');
-
-      delete_tags($tag_ids_to_delete);
-
-      $query = '
-SELECT
-    image_id
-  FROM '.IMAGE_TAG_TABLE.'
-  WHERE tag_id = '.$destination_tag_id.'
-;';
-      $destination_tag_image_ids = array_from_query($query, 'image_id');
-
-      $image_ids_to_link = array_diff(
-        $image_ids,
-        $destination_tag_image_ids
-        );
-
-      $inserts = array();
-      foreach ($image_ids_to_link as $image_id)
-      {
-        $inserts[] = array(
-          'tag_id' => $destination_tag_id,
-          'image_id' => $image_id
-          );
-      }
-
-      if (count($inserts) > 0)
-      {
-        mass_inserts(
-          IMAGE_TAG_TABLE,
-          array_keys($inserts[0]),
-          $inserts
-          );
-      }
-
-      $tags_deleted = array();
-      foreach ($tag_ids_to_delete as $tag_id)
-      {
-        $tags_deleted[] = $name_of_tag[$tag_id];
-      }
-
-      $page['infos'][] = l10n(
-        'Tags <em>%s</em> merged into tag <em>%s</em>',
-        implode(', ', $tags_deleted),
-        $name_of_tag[$destination_tag_id]
-        );
-    }
-  }
-}
-
-
 // +-----------------------------------------------------------------------+
 // |                               delete tags                             |
 // +-----------------------------------------------------------------------+
 
-if (isset($_POST['delete']) and isset($_POST['tags']))
+if (isset($_POST['delete']) and isset($_POST['tags']) and !is_adviser())
 {
   $query = '
 SELECT name
@@ -295,44 +112,77 @@ SELECT name
   WHERE id IN ('.implode(',', $_POST['tags']).')
 ;';
   $tag_names = array_from_query($query, 'name');
-
-  delete_tags($_POST['tags']);
-
-  $page['infos'][] = l10n_dec(
-    'The following tag was deleted', 'The %d following tags were deleted',
-    count($tag_names)
-    )
-  .' : '.implode(', ', $tag_names);
-}
-
-// +-----------------------------------------------------------------------+
-// |                           delete orphan tags                          |
-// +-----------------------------------------------------------------------+
-
-if (isset($_GET['action']) and 'delete_orphans' == $_GET['action'])
-{
-  check_pwg_token();
-
-  delete_orphan_tags();
-  $_SESSION['page_infos'] = array(l10n('Orphan tags deleted'));
-  redirect(get_root_url().'admin.php?page=tags');
+  
+  $query = '
+DELETE
+  FROM '.IMAGE_TAG_TABLE.'
+  WHERE tag_id IN ('.implode(',', $_POST['tags']).')
+;';
+  pwg_query($query);
+  
+  $query = '
+DELETE
+  FROM '.TAGS_TABLE.'
+  WHERE id IN ('.implode(',', $_POST['tags']).')
+;';
+  pwg_query($query);
+  
+  array_push(
+    $page['infos'],
+    l10n_dec(
+      'The following tag was deleted', 
+      'The %d following tags were deleted',
+      count($tag_names)).' : '.
+      implode(', ', $tag_names)
+    );
 }
 
 // +-----------------------------------------------------------------------+
 // |                               add a tag                               |
 // +-----------------------------------------------------------------------+
 
-if (isset($_POST['add']) and !empty($_POST['add_tag']))
+if (isset($_POST['add']) and !empty($_POST['add_tag']) and !is_adviser())
 {
-  $ret = create_tag($_POST['add_tag']);
-  
-  if (isset($ret['error']))
+  $tag_name = $_POST['add_tag'];
+
+  // does the tag already exists?
+  $query = '
+SELECT id
+  FROM '.TAGS_TABLE.'
+  WHERE name = \''.$tag_name.'\'
+;';
+  $existing_tags = array_from_query($query, 'id');
+
+  if (count($existing_tags) == 0)
   {
-    $page['errors'][] = $ret['error'];
+    mass_inserts(
+      TAGS_TABLE,
+      array('name', 'url_name'),
+      array(
+        array(
+          'name' => $tag_name,
+          'url_name' => str2url($tag_name),
+          )
+        )
+      );
+    
+    array_push(
+      $page['infos'],
+      sprintf(
+        l10n('Tag "%s" was added'),
+        stripslashes($tag_name)
+        )
+      );
   }
   else
   {
-    $page['infos'][] = $ret['info'];
+    array_push(
+      $page['errors'],
+      sprintf(
+        l10n('Tag "%s" already exists'),
+        stripslashes($tag_name)
+        )
+      );
   }
 }
 
@@ -349,86 +199,26 @@ $template->assign(
     )
   );
 
-// +-----------------------------------------------------------------------+
-// |                              orphan tags                              |
-// +-----------------------------------------------------------------------+
-
-$orphan_tags = get_orphan_tags();
-
-$orphan_tag_names = array();
-foreach ($orphan_tags as $tag)
-{
-  $orphan_tag_names[] = trigger_change('render_tag_name', $tag['name'], $tag);
-}
-
-if (count($orphan_tag_names) > 0)
-{
-  $page['warnings'][] = sprintf(
-    l10n('You have %d orphan tags: %s.').' <a href="%s">'.l10n('Delete orphan tags').'</a>',
-    count($orphan_tag_names),
-    implode(', ', $orphan_tag_names),
-    get_root_url().'admin.php?page=tags&amp;action=delete_orphans&amp;pwg_token='.get_pwg_token()
-    );
-}
-
 // +-----------------------------------------------------------------------+
 // |                             form creation                             |
 // +-----------------------------------------------------------------------+
 
-
-// tag counters
-$query = '
-SELECT tag_id, COUNT(image_id) AS counter
-  FROM '.IMAGE_TAG_TABLE.'
-  GROUP BY tag_id';
-$tag_counters = simple_hash_from_query($query, 'tag_id', 'counter');
-
-// all tags
-$query = '
-SELECT *
-  FROM '.TAGS_TABLE.'
-;';
-$result = pwg_query($query);
-$all_tags = array();
-while ($tag = pwg_db_fetch_assoc($result))
-{
-  $raw_name = $tag['name'];
-  $tag['name'] = trigger_change('render_tag_name', $raw_name, $tag);
-  $tag['counter'] = intval(@$tag_counters[ $tag['id'] ]);
-  $tag['U_VIEW'] = make_index_url(array('tags'=>array($tag)));
-  $tag['U_EDIT'] = 'admin.php?page=batch_manager&amp;filter=tag-'.$tag['id'];
-
-  $alt_names = trigger_change('get_tag_alt_names', array(), $raw_name);
-  $alt_names = array_diff( array_unique($alt_names), array($tag['name']) );
-  if (count($alt_names))
-  {
-    $tag['alt_names'] = implode(', ', $alt_names);
-  }
-  $all_tags[] = $tag;
-}
-usort($all_tags, 'tag_alpha_compare');
-
-
-
 $template->assign(
   array(
-    'all_tags' => $all_tags,
+    'TAG_SELECTION' => get_html_tag_selection(
+      get_all_tags(),
+      'tags'
+      ),
     )
   );
 
-if ((isset($_POST['edit']) or isset($_POST['duplicate']) or isset($_POST['merge'])) and isset($_POST['tags']))
+if (isset($_POST['edit']) and isset($_POST['tags']))
 {
-  $list_name = 'EDIT_TAGS_LIST';
-  if (isset($_POST['duplicate']))
-  {
-    $list_name = 'DUPLIC_TAGS_LIST';
-  }
-  elseif (isset($_POST['merge']))
-  {
-    $list_name = 'MERGE_TAGS_LIST';
-  }
-
-  $template->assign($list_name, implode(',', $_POST['tags']));
+  $template->assign(
+    array(
+      'EDIT_TAGS_LIST' => implode(',', $_POST['tags']),
+      )
+    );
 
   $query = '
 SELECT id, name
@@ -437,12 +227,17 @@ SELECT id, name
 ;';
   $result = pwg_query($query);
   while ($row = pwg_db_fetch_assoc($result))
+  {
+    $name_of[ $row['id'] ] = $row['name'];
+  }
+
+  foreach ($_POST['tags'] as $tag_id)
   {
     $template->append(
       'tags',
       array(
-        'ID' => $row['id'],
-        'NAME' => $row['name'],
+        'ID' => $tag_id,
+        'NAME' => $name_of[$tag_id],
         )
       );
   }

admin/theme.php

@@ -1,8 +1,8 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
 // +-----------------------------------------------------------------------+
@@ -34,13 +34,6 @@ if (empty($_GET['theme']))
   die('Invalid theme URL');
 }
 
-include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php');
-$themes = new themes();
-if (!in_array($_GET['theme'], array_keys($themes->fs_themes)))
-{
-  die('Invalid theme');
-}
-
 $filename = PHPWG_THEMES_PATH.$_GET['theme'].'/admin/admin.inc.php';
 if (is_file($filename))
 {

admin/themes.php

@@ -1,48 +0,0 @@
-<?php
-// +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
-// +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
-// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
-// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
-// +-----------------------------------------------------------------------+
-// | This program is free software; you can redistribute it and/or modify  |
-// | it under the terms of the GNU General Public License as published by  |
-// | the Free Software Foundation                                          |
-// |                                                                       |
-// | This program is distributed in the hope that it will be useful, but   |
-// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
-// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
-// | General Public License for more details.                              |
-// |                                                                       |
-// | You should have received a copy of the GNU General Public License     |
-// | along with this program; if not, write to the Free Software           |
-// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
-// | USA.                                                                  |
-// +-----------------------------------------------------------------------+
-
-if( !defined("PHPWG_ROOT_PATH") )
-{
-  die ("Hacking attempt!");
-}
-
-include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
-
-$my_base_url = get_root_url().'admin.php?page=themes';
-
-if (isset($_GET['tab']))
-  $page['tab'] = $_GET['tab'];
-else
-  $page['tab'] = 'installed';
-
-$tabsheet = new tabsheet();
-$tabsheet->set_id('themes');
-$tabsheet->select($page['tab']);
-$tabsheet->assign();
-
-if ($page['tab'] == 'update')
-  include(PHPWG_ROOT_PATH.'admin/updates_ext.php');
-else
-  include(PHPWG_ROOT_PATH.'admin/themes_'.$page['tab'].'.php');
-
-?>