diff options
| author | z0rglub <z0rglub@piwigo.org> | 2003-05-17 10:49:14 +0000 |
|---|---|---|
| committer | z0rglub <z0rglub@piwigo.org> | 2003-05-17 10:49:14 +0000 |
| commit | 8b044b0111a9a22066b82a33c28f956981819f55 (patch) | |
| tree | c4ed5d300daf64788042b94681893e95b241e46c | |
| parent | b7b705f2685da04caa0be91debc2c66d279fddf5 (diff) | |
*** empty log message ***
git-svn-id: http://piwigo.org/svn/trunk@10 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
| -rw-r--r-- | admin/admin.php | 6 | ||||
| -rw-r--r-- | admin/cat.php | 37 | ||||
| -rw-r--r-- | admin/configuration.php | 41 | ||||
| -rw-r--r-- | admin/create_listing_file.php | 280 | ||||
| -rw-r--r-- | admin/edit_cat.php | 8 | ||||
| -rw-r--r-- | admin/historique.php | 6 | ||||
| -rw-r--r-- | admin/infos_images.php | 10 | ||||
| -rw-r--r-- | admin/install.php | 442 | ||||
| -rw-r--r-- | admin/perm.php | 20 | ||||
| -rw-r--r-- | admin/update.php | 575 | ||||
| -rw-r--r-- | admin/user_add.php | 2 | ||||
| -rw-r--r-- | admin/user_list.php | 8 | ||||
| -rw-r--r-- | admin/user_modify.php | 4 | ||||
| -rw-r--r-- | admin/waiting.php | 6 | ||||
| -rw-r--r-- | category.php | 12 | ||||
| -rw-r--r-- | identification.php | 6 | ||||
| -rw-r--r-- | index.php | 2 | ||||
| -rw-r--r-- | picture.php | 40 | ||||
| -rw-r--r-- | profile.php | 4 | ||||
| -rw-r--r-- | search.php | 2 | ||||
| -rw-r--r-- | upload.php | 94 |
21 files changed, 1098 insertions, 507 deletions
diff --git a/admin/admin.php b/admin/admin.php index a4c8b77c3..5730356fe 100644 --- a/admin/admin.php +++ b/admin/admin.php @@ -35,7 +35,7 @@ switch ( $_GET['page'] ) $titre = $lang['title_modify']; $page_valide = true; break; case 'historique': $titre = $lang['title_history']; $page_valide = true; break; - case 'miseajour': + case 'update': $titre = $lang['title_update']; $page_valide = true; break; case 'configuration': $titre = $lang['title_configuration']; $page_valide = true; break; @@ -115,7 +115,7 @@ $vtp->addSession( $handle, 'summary' ); $vtp->setVar( $handle, 'summary.indent', '' ); $vtp->setVar( $handle, 'summary.link', add_session_id( $link_start.'waiting' ) ); -$query = 'select id from '.$prefixeTable.'waiting;'; +$query = 'select id from '.PREFIX_TABLE.'waiting;'; $result = mysql_query( $query ); $nb_waiting = ''; if ( mysql_num_rows( $result ) > 0 ) @@ -128,7 +128,7 @@ $vtp->closeSession( $handle, 'summary' ); $vtp->addSession( $handle, 'summary' ); $vtp->setVar( $handle, 'summary.indent', '' ); $vtp->setVar( $handle, 'summary.link', - add_session_id( $link_start.'miseajour' ) ); + add_session_id( $link_start.'update' ) ); $vtp->setVar( $handle, 'summary.name', $lang['menu_update'] ); $vtp->closeSession( $handle, 'summary' ); // thumbnails diff --git a/admin/cat.php b/admin/cat.php index 2033d667d..890fa866a 100644 --- a/admin/cat.php +++ b/admin/cat.php @@ -1,11 +1,10 @@ <?php /*************************************************************************** - * this file is a part of PhpWebGallery * + * cat.php * * ------------------- * - * version : 1.3 * - * url : http://phpwebgallery.net * - * help : http://forum.phpwebgallery.net * - * author : Pierrick LE GALL * + * application : PhpWebGallery 1.3 * + * website : http://www.phpwebgallery.net * + * author : Pierrick LE GALL <pierrick@z0rglub.com> * * * ***************************************************************************/ @@ -32,7 +31,7 @@ if ( isset( $_GET['up'] ) && is_numeric( $_GET['up'] ) ) // 1. searching level (id_uppercat) // and rank of the category to move $query = 'select id_uppercat,rank'; - $query.= ' from '.$prefixeTable.'categories'; + $query.= ' from '.PREFIX_TABLE.'categories'; $query.= ' where id = '.$_GET['up']; $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); @@ -41,7 +40,7 @@ if ( isset( $_GET['up'] ) && is_numeric( $_GET['up'] ) ) // 2. searching the id and the rank of the category // just above at the same level $query = 'select id,rank'; - $query.= ' from '.$prefixeTable.'categories'; + $query.= ' from '.PREFIX_TABLE.'categories'; $query.= ' where rank < '.$rank; if ( $level == '' ) { @@ -58,12 +57,12 @@ if ( isset( $_GET['up'] ) && is_numeric( $_GET['up'] ) ) $new_rank = $row['rank']; $replaced_cat = $row['id']; // 3. exchanging ranks between the two categories - $query = 'update '.$prefixeTable.'categories'; + $query = 'update '.PREFIX_TABLE.'categories'; $query.= ' set rank = '.$new_rank; $query.= ' where id = '.$_GET['up']; $query.= ';'; mysql_query( $query ); - $query = 'update '.$prefixeTable.'categories'; + $query = 'update '.PREFIX_TABLE.'categories'; $query.= ' set rank = '.$rank; $query.= ' where id = '.$replaced_cat; $query.= ';'; @@ -74,7 +73,7 @@ if ( isset( $_GET['down'] ) && is_numeric( $_GET['down'] ) ) // 1. searching level (id_uppercat) // and rank of the category to move $query = 'select id_uppercat,rank'; - $query.= ' from '.$prefixeTable.'categories'; + $query.= ' from '.PREFIX_TABLE.'categories'; $query.= ' where id = '.$_GET['down']; $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); @@ -83,7 +82,7 @@ if ( isset( $_GET['down'] ) && is_numeric( $_GET['down'] ) ) // 2. searching the id and the rank of the category // just below at the same level $query = 'select id,rank'; - $query.= ' from '.$prefixeTable.'categories'; + $query.= ' from '.PREFIX_TABLE.'categories'; $query.= ' where rank > '.$rank; if ( $level == '' ) { @@ -100,12 +99,12 @@ if ( isset( $_GET['down'] ) && is_numeric( $_GET['down'] ) ) $new_rank = $row['rank']; $replaced_cat = $row['id']; // 3. exchanging ranks between the two categories - $query = 'update '.$prefixeTable.'categories'; + $query = 'update '.PREFIX_TABLE.'categories'; $query.= ' set rank = '.$new_rank; $query.= ' where id = '.$_GET['down']; $query.= ';'; mysql_query( $query ); - $query = 'update '.$prefixeTable.'categories'; + $query = 'update '.PREFIX_TABLE.'categories'; $query.= ' set rank = '.$rank; $query.= ' where id = '.$replaced_cat; $query.= ';'; @@ -114,12 +113,10 @@ if ( isset( $_GET['down'] ) && is_numeric( $_GET['down'] ) ) //------------------------------------------------------------------ reordering function ordering( $id_uppercat ) { - global $prefixeTable; - $rank = 1; $query = 'select id'; - $query.= ' from '.$prefixeTable.'categories'; + $query.= ' from '.PREFIX_TABLE.'categories'; if ( !is_numeric( $id_uppercat ) ) { $query.= ' where id_uppercat is NULL'; @@ -133,7 +130,7 @@ function ordering( $id_uppercat ) $result = mysql_query( $query ); while ( $row = mysql_fetch_array( $result ) ) { - $query = 'update '.$prefixeTable.'categories'; + $query = 'update '.PREFIX_TABLE.'categories'; $query.= ' set rank = '.$rank; $query.= ' where id = '.$row['id']; $query.= ';'; @@ -148,11 +145,11 @@ ordering( 'NULL' ); function display_cat_manager( $id_uppercat, $indent, $uppercat_visible, $level ) { - global $prefixeTable,$lang,$conf,$sub,$vtp; + global $lang,$conf,$sub,$vtp; // searching the min_rank and the max_rank of the category $query = 'select min(rank) as min, max(rank) as max'; - $query.= ' from '.$prefixeTable.'categories'; + $query.= ' from '.PREFIX_TABLE.'categories'; if ( !is_numeric( $id_uppercat ) ) { $query.= ' where id_uppercat is NULL'; @@ -180,7 +177,7 @@ function display_cat_manager( $id_uppercat, $indent, } $query = 'select id,name,dir,nb_images,status,rank,site_id'; - $query.= ' from '.$prefixeTable.'categories'; + $query.= ' from '.PREFIX_TABLE.'categories'; if ( !is_numeric( $id_uppercat ) ) { $query.= ' where id_uppercat is NULL'; diff --git a/admin/configuration.php b/admin/configuration.php index d0d4a6fc5..75be943db 100644 --- a/admin/configuration.php +++ b/admin/configuration.php @@ -3,6 +3,7 @@ * configuration.php * * ------------------- * * application : PhpWebGallery 1.3 * + * website : http://www.phpwebgallery.net * * author : Pierrick LE GALL <pierrick@z0rglub.com> * * * ***************************************************************************/ @@ -34,17 +35,16 @@ $Caracs = array("¥" => "Y", "µ" => "u", "À" => "A", "Á" => "A", "ù" => "u", "ú" => "u", "û" => "u", "ü" => "u", "ý" => "y", "ÿ" => "y"); //------------------------------ verification and registration of modifications -$conf_infos = array( 'prefixe_thumbnail', 'webmaster', 'mail_webmaster', - 'acces', 'session_id_size', 'session_time', - 'session_keyword', 'max_user_listbox', 'show_comments', - 'nb_comment_page', 'upload_available', - 'upload_maxfilesize', 'upload_maxwidth', - 'upload_maxheight', 'upload_maxwidth_thumbnail', - 'upload_maxheight_thumbnail' ); -$default_user_infos = array( 'nb_image_line', 'nb_line_page', 'theme', - 'language', 'maxwidth', 'maxheight', 'expand', - 'show_nb_comments', 'short_period', 'long_period', - 'template' ); +$conf_infos = +array( 'prefixe_thumbnail','webmaster','mail_webmaster','acces', + 'session_id_size','session_time','session_keyword','max_user_listbox', + 'show_comments','nb_comment_page','upload_available', + 'upload_maxfilesize', 'upload_maxwidth','upload_maxheight', + 'upload_maxwidth_thumbnail','upload_maxheight_thumbnail' ); +$default_user_infos = +array( 'nb_image_line','nb_line_page','theme','language','maxwidth', + 'maxheight','expand','show_nb_comments','short_period','long_period', + 'template' ); $error = array(); $i = 0; if ( $_GET['valider'] == 1 ) @@ -52,13 +52,13 @@ if ( $_GET['valider'] == 1 ) //purge de la table des session si demandé if ( $_POST['empty_session_table'] == 1 ) { - $query = 'delete from '.$prefixeTable.'sessions'; + $query = 'delete from '.PREFIX_TABLE.'sessions'; $query.= ' where expiration < '.time().';'; mysql_query( $query ); } // deletion of site as asked $query = 'select id'; - $query.= ' from '.$prefixeTable.'sites'; + $query.= ' from '.PREFIX_TABLE.'sites'; $query.= " where galleries_url <> './galleries/';"; $result = mysql_query( $query ); while ( $row = mysql_fetch_array( $result ) ) @@ -182,8 +182,8 @@ if ( $_GET['valider'] == 1 ) // dans le cas où il n'y aucune erreurs if ( sizeof( $error ) == 0 ) { - mysql_query( 'delete from '.$prefixeTable.'config;' ); - $query = 'insert into '.$prefixeTable.'config'; + mysql_query( 'delete from '.PREFIX_TABLE.'config;' ); + $query = 'insert into '.PREFIX_TABLE.'config'; $query.= ' ('; for ( $i = 0; $i < sizeof( $conf_infos ); $i++ ) { @@ -219,7 +219,7 @@ if ( $_GET['valider'] == 1 ) $tab_theme = explode( ' - ', $_POST['theme'] ); $_POST['theme'] = $tab_theme[0].'/'.$tab_theme[1]; - $query = 'update '.$prefixeTable.'users'; + $query = 'update '.PREFIX_TABLE.'users'; $query.= ' set'; for ( $i = 0; $i < sizeof( $default_user_infos ); $i++ ) { @@ -271,7 +271,7 @@ else } $query.= $conf_infos[$i]; } - $query .= ' from '.$prefixeTable.'config;'; + $query .= ' from '.PREFIX_TABLE.'config;'; $row = mysql_fetch_array( mysql_query( $query ) ); @@ -292,7 +292,7 @@ else } $query.= $default_user_infos[$i]; } - $query .= ' from '.$prefixeTable.'users'; + $query .= ' from '.PREFIX_TABLE.'users'; $query.= " where username = 'guest'"; $query.= ';'; @@ -308,8 +308,7 @@ $sub = $vtp->Open( '../template/'.$user['template']. '/admin/configuration.vtp' ); // language $vtp->setGlobalVar( $sub, 'conf_confirmation', $lang['conf_confirmation'] ); -$vtp->setGlobalVar( $sub, 'conf_remote_site_title', - $lang['conf_remote_site_title'] ); +$vtp->setGlobalVar( $sub, 'remote_site', $lang['remote_site'] ); $vtp->setGlobalVar( $sub, 'delete', $lang['delete'] ); $vtp->setGlobalVar( $sub, 'conf_remote_site_delete_info', $lang['conf_remote_site_delete_info'] ); @@ -885,7 +884,7 @@ $vtp->closeSession( $sub, 'space_line' ); $vtp->closeSession( $sub, 'line' ); //------------------------------------------------ remote sites administration $query = 'select id,galleries_url'; -$query.= ' from '.$prefixeTable.'sites'; +$query.= ' from '.PREFIX_TABLE.'sites'; $query.= " where galleries_url <> './galleries/';"; $result = mysql_query( $query ); if ( mysql_num_rows( $result ) > 0 ) diff --git a/admin/create_listing_file.php b/admin/create_listing_file.php index 9b94486ef..f3b816bbc 100644 --- a/admin/create_listing_file.php +++ b/admin/create_listing_file.php @@ -1,128 +1,162 @@ <?php - $prefixe_thumbnail = "TN-"; +$prefixe_thumbnail = 'TN-'; - - $tab_ext = array ( 'jpg', 'JPG','gif','GIF','png','PNG' ); +$conf['picture_ext'] = array ( 'jpg', 'gif', 'png', 'JPG', 'GIF', 'PNG' ); - $listing = ""; - - $local_folder = substr( $PHP_SELF, 0, strrpos( $PHP_SELF, "/" ) + 1 ); - $url = "http://".$HTTP_HOST.$local_folder; - $listing.= "<url>$url</url>"; - - // get_dirs retourne un tableau contenant tous les sous-répertoires d'un répertoire - function get_dirs( $rep, $indent, $level ) - { - $sub_rep = array(); - $i = 0; - $dirs = ""; - if ( $opendir = opendir ( $rep ) ) - { - while ( $file = readdir ( $opendir ) ) - { - if ( $file != "." && $file != ".." && is_dir ( $rep."/".$file ) && $file != "thumbnail" ) - { - $sub_rep[$i++] = $file; - } - } - } - // write of the dirs - for ( $i = 0; $i < sizeof( $sub_rep ); $i++ ) - { - $dirs.= "\n".$indent."<dir".$level.">"; - $dirs.= "\n".$indent."\t<name>".$sub_rep[$i]."</name>"; - $dirs.= get_pictures( $rep."/".$sub_rep[$i], $indent."\t" ); - $dirs.= get_dirs( $rep."/".$sub_rep[$i], $indent."\t", $level + 1 ); - $dirs.= "\n".$indent."</dir".$level.">"; - } - return $dirs; - } - - function is_image ( $filename ) - { - global $tab_ext; - if ( in_array ( substr ( strrchr($filename,"."), 1, strlen ( $filename ) ), $tab_ext ) ) - { - return true; - } - else - { - return false; - } - } +$listing = ''; + +$end = strrpos( $_SERVER['PHP_SELF'], '/' ) + 1; +$local_folder = substr( $_SERVER['PHP_SELF'], 0, $end ); +$url = 'http://'.$_SERVER['HTTP_HOST'].$local_folder; + +$listing.= "<url>$url</url>"; - function TN_exist ( $dir, $file ) - { - global $tab_ext, $prefixe_thumbnail; - - $titre = substr ( $file, 0, -4 ); - for ( $i = 0; $i < sizeof ( $tab_ext ); $i++ ) - { - $test = $dir."/thumbnail/".$prefixe_thumbnail.$titre.".".$tab_ext[$i]; - if ( is_file ( $test ) ) - { - return $tab_ext[$i]; - } - } - return false; - } - - function get_pictures( $rep, $indent ) - { - $pictures = array(); - $i = 0; - $tn_ext = ""; - $root = ""; - if ( $opendir = opendir ( $rep ) ) - { - while ( $file = readdir ( $opendir ) ) - { - if ( is_image( $file ) && $tn_ext = TN_exist( $rep, $file ) ) - { - $pictures[$i] = array(); - $pictures[$i]['file'] = $file; - $pictures[$i]['tn_ext'] = $tn_ext; - $pictures[$i]['date'] = date( "Y-m-d", filemtime ( $rep."/".$file ) ); - $pictures[$i]['filesize'] = floor ( filesize( $rep."/".$file ) / 1024 ); - $image_size = @getimagesize( $rep."/".$file ); - $pictures[$i]['width'] = $image_size[0]; - $pictures[$i]['height'] = $image_size[1]; - $i++; - } - } - } - // write of the node <root> with all the pictures at the root of the directory - $root.= "\n".$indent."<root>"; - if ( sizeof( $pictures ) > 0 ) - { - for( $i = 0; $i < sizeof( $pictures ); $i++ ) - { - $root.= "\n".$indent."\t<picture>"; - $root.= "\n".$indent."\t\t<file>".$pictures[$i]['file']."</file>"; - $root.= "\n".$indent."\t\t<tn_ext>".$pictures[$i]['tn_ext']."</tn_ext>"; - $root.= "\n".$indent."\t\t<date>".$pictures[$i]['date']."</date>"; - $root.= "\n".$indent."\t\t<filesize>".$pictures[$i]['filesize']."</filesize>"; - $root.= "\n".$indent."\t\t<width>".$pictures[$i]['width']."</width>"; - $root.= "\n".$indent."\t\t<height>".$pictures[$i]['height']."</height>"; - $root.= "\n".$indent."\t</picture>"; - } - } - $root.= "\n".$indent."</root>"; - return $root; - } - - $listing.= get_dirs( ".", "", 0 ); - - if ( $fp = @fopen("./listing.xml","w") ) - { - fwrite( $fp, $listing ); - fclose( $fp ); - } - else - { - echo "impossible de créer ou d'écrire dans le fichier listing.xml"; - } - - //echo str_replace( "\t", " ", nl2br( htmlspecialchars( $listing, ENT_QUOTES ) ) ); - echo "listing.xml created"; +// get_dirs retourne un tableau contenant tous les sous-répertoires d'un +// répertoire +function get_dirs( $rep, $indent, $level ) +{ + $sub_rep = array(); + $i = 0; + $dirs = ""; + if ( $opendir = opendir ( $rep ) ) + { + while ( $file = readdir ( $opendir ) ) + { + if ( $file != "." + and $file != ".." + and is_dir ( $rep."/".$file ) + and $file != "thumbnail" ) + { + $sub_rep[$i++] = $file; + } + } + } + // write of the dirs + for ( $i = 0; $i < sizeof( $sub_rep ); $i++ ) + { + $dirs.= "\n".$indent.'<dir'.$level.' name="'.$sub_rep[$i].'">'; + $dirs.= get_pictures( $rep.'/'.$sub_rep[$i], $indent.' ' ); + $dirs.= get_dirs( $rep.'/'.$sub_rep[$i], $indent.' ', $level + 1 ); + $dirs.= "\n".$indent.'</dir'.$level.'>'; + } + return $dirs; +} + +// get_extension returns the part of the string after the last "." +function get_extension( $filename ) +{ + return substr( strrchr( $filename, '.' ), 1, strlen ( $filename ) ); +} + +// get_filename_wo_extension returns the part of the string before the last +// ".". +// get_filename_wo_extension( 'test.tar.gz' ) -> 'test.tar' +function get_filename_wo_extension( $filename ) +{ + return substr( $filename, 0, strrpos( $filename, '.' ) ); +} + +function is_image( $filename ) +{ + global $conf; + + if ( !is_dir( $filename ) + and in_array( get_extension( $filename ), $conf['picture_ext'] ) ) + { + return true; + } + return false; +} + +function TN_exists( $dir, $file ) +{ + global $conf, $prefixe_thumbnail; + + $titre = get_filename_wo_extension( $file ); + + for ( $i = 0; $i < sizeof ( $conf['picture_ext'] ); $i++ ) + { + $base_tn_name = $dir.'/thumbnail/'.$prefixe_thumbnail.$titre.'.'; + $ext = $conf['picture_ext'][$i]; + if ( is_file( $base_tn_name.$ext ) ) + { + return $ext; + } + } + echo 'The thumbnail is missing for '.$dir.'/'.$file; + echo '-> '.$dir.'/thumbnail/'.$prefixe_thumbnail.$titre.'.xxx'; + echo ' ("xxx" can be : '; + for ( $i = 0; $i < sizeof ( $conf['picture_ext'] ); $i++ ) + { + if ( $i > 0 ) + { + echo ', '; + } + echo '"'.$conf['picture_ext'][$i].'"'; + } + echo ')<br />'; + return false; +} + +function get_pictures( $rep, $indent ) +{ + $pictures = array(); + + $tn_ext = ''; + $root = ''; + if ( $opendir = opendir ( $rep ) ) + { + while ( $file = readdir ( $opendir ) ) + { + if ( is_image( $file ) and $tn_ext = TN_exists( $rep, $file ) ) + { + $picture = array(); + + $picture['file'] = $file; + $picture['tn_ext'] = $tn_ext; + $picture['date'] = date('Y-m-d',filemtime( $rep.'/'.$file ) ); + $picture['filesize'] = floor( filesize( $rep."/".$file ) / 1024 ); + $image_size = @getimagesize( $rep."/".$file ); + $picture['width'] = $image_size[0]; + $picture['height'] = $image_size[1]; + + array_push( $pictures, $picture ); + } + } + } + // write of the node <root> with all the pictures at the root of the + // directory + $root.= "\n".$indent."<root>"; + if ( sizeof( $pictures ) > 0 ) + { + for( $i = 0; $i < sizeof( $pictures ); $i++ ) + { + $root.= "\n".$indent.' '; + $root.= '<picture'; + $root.= ' file="'. $pictures[$i]['file']. '"'; + $root.= ' tn_ext="'. $pictures[$i]['tn_ext']. '"'; + $root.= ' date="'. $pictures[$i]['date']. '"'; + $root.= ' filesize="'. $pictures[$i]['filesize']. '"'; + $root.= ' width="'. $pictures[$i]['width']. '"'; + $root.= ' height="'. $pictures[$i]['height']. '"'; + $root.= ' />'; + } + } + $root.= "\n".$indent.'</root>'; + return $root; +} + +$listing.= get_dirs( '.', '', 0 ); + +if ( $fp = @fopen("./listing.xml","w") ) +{ + fwrite( $fp, $listing ); + fclose( $fp ); +} +else +{ + echo "I can't write the file listing.xml"; +} + +echo "listing.xml created"; ?>
\ No newline at end of file diff --git a/admin/edit_cat.php b/admin/edit_cat.php index ae93521c0..c813bac66 100644 --- a/admin/edit_cat.php +++ b/admin/edit_cat.php @@ -18,7 +18,7 @@ if ( $HTTP_GET_VARS['valider'] == 1 ) { - $query = "update $prefixeTable"."categories "; + $query = "update PREFIX_TABLE"."categories "; if ( $HTTP_POST_VARS['name'] == "" ) { $query.= "set name = NULL, "; @@ -39,7 +39,7 @@ $query.= "where id = '".$HTTP_GET_VARS['cat']."';"; mysql_query( $query ); - $result = mysql_query( "select id from $prefixeTable"."users where pseudo != '".$conf['webmaster']."';" ); + $result = mysql_query( "select id from PREFIX_TABLE"."users where pseudo != '".$conf['webmaster']."';" ); while ( $row = mysql_fetch_array ( $result ) ) { check_favorites( $row['id'] ); @@ -52,7 +52,7 @@ <form action=\"".add_session_id_to_url( "./admin.php?page=edit_cat&cat=".$HTTP_GET_VARS['cat']."&valider=1" )."\" method=\"post\"> <table style=\"width:100%;\">"; $query = "select a.id,name,dir,status,comment,id_uppercat,site_id,galleries_url"; - $query.= " from $prefixeTable"."categories as a, $prefixeTable"."sites as b"; + $query.= " from PREFIX_TABLE"."categories as a, PREFIX_TABLE"."sites as b"; $query.= " where a.id = ".$HTTP_GET_VARS['cat']; $query.= " and a.site_id = b.id;"; $row = mysql_fetch_array( mysql_query( $query ) ); @@ -86,7 +86,7 @@ // on récupère toutes les status possibles dans la base // par l'intermédiaire de la fonction get_enums trouvable // dans le fichier config.php - $option = get_enums( $prefixeTable."categories", "status" ); + $option = get_enums( PREFIX_TABLE."categories", "status" ); for ( $i = 0; $i < sizeof( $option ); $i++ ) { if ( $option[$i] == $row['status'] ) diff --git a/admin/historique.php b/admin/historique.php index 2aca5bfc1..eda2b1b27 100644 --- a/admin/historique.php +++ b/admin/historique.php @@ -18,7 +18,7 @@ if ( $HTTP_GET_VARS['empty'] == 1 ) { - mysql_query( "delete from $prefixeTable"."history;" ); + mysql_query( "delete from PREFIX_TABLE"."history;" ); } define (NB_JOUR_HISTO,"7"); $tMois = array("janvier", "février", "mars", "avril", "mai", "juin", "juillet", "août", "septembre", "octobre", "novembre", "décembre"); @@ -28,7 +28,7 @@ // il faut trouver le unix date de la veille à 00h00 : // time (); nous donne le nombre de secondes actuelle $date_ref = time() - (7*24*60*60); - $result = mysql_query( "select date,login,IP,categorie,page,titre,commentaire from $prefixeTable"."history where date > '$date_ref' order by date desc;"); + $result = mysql_query( "select date,login,IP,categorie,page,titre,commentaire from PREFIX_TABLE"."history where date > '$date_ref' order by date desc;"); echo"<div style=\"text-align:center;\"><a href=\"".add_session_id_to_url( "./admin.php?page=historique&empty=1" )."\">empty / vider</a></div>"; echo"<div style=\"color:green;text-align:center;margin:10px\">"; // affichage de la date du jour @@ -71,7 +71,7 @@ </tr>"; // 2. affichage de tous les évènements pour le jour donné // entre la veille à 23h59m59s et le jour même 23h59m59s - $result = mysql_query("select date,login,IP,categorie,page,titre,commentaire from $prefixeTable"."history where date > '$debut' and date < '$fin' order by date desc;"); + $result = mysql_query("select date,login,IP,categorie,page,titre,commentaire from PREFIX_TABLE"."history where date > '$debut' and date < '$fin' order by date desc;"); $fin = $debut; // on recule le début d'une journée complète $debut = $debut - 24*60*60; diff --git a/admin/infos_images.php b/admin/infos_images.php index a5c1b75a4..f1921c6d3 100644 --- a/admin/infos_images.php +++ b/admin/infos_images.php @@ -53,7 +53,7 @@ //------------------------------------------------------------mises à jour // 1. options individuelles $query = "select id,file "; - $query.= "from $prefixeTable"."images "; + $query.= "from PREFIX_TABLE"."images "; $query.= "where cat_id = ".$page['cat']." "; $result = mysql_query( $query ); $i = 1; @@ -65,7 +65,7 @@ $date_creation = "date_creation-".$row['id']; if ( isset( $HTTP_POST_VARS[$name] ) ) { - $query = "update $prefixeTable"."images "; + $query = "update PREFIX_TABLE"."images "; if ( $HTTP_POST_VARS[$name] == "" ) { $query.= "set name = NULL "; @@ -106,7 +106,7 @@ // 2. options générales if ( $HTTP_POST_VARS['use_common_author'] == 1 ) { - $query = "update $prefixeTable"."images "; + $query = "update PREFIX_TABLE"."images "; if ( $HTTP_POST_VARS['author_cat'] == "" ) { $query.= "set author = NULL "; @@ -125,7 +125,7 @@ if ( check_date_format( $HTTP_POST_VARS['date_creation_cat'] ) ) { $date = date_convert( $HTTP_POST_VARS['date_creation_cat'] ); - $query = "update $prefixeTable"."images "; + $query = "update PREFIX_TABLE"."images "; if ( $HTTP_POST_VARS['date_creation_cat'] == "" ) { $query.= "set date_creation = NULL "; @@ -200,7 +200,7 @@ <td class=\"row2\" style=\"text-align:center;\">".$lang['infoimage_creation_date']."</td> </tr>"; $query = "select id,file,comment,author,tn_ext,name,date_creation"; - $query.= " from $prefixeTable"."images"; + $query.= " from PREFIX_TABLE"."images"; $query.= " where cat_id = ".$page['cat']; $query.= $conf['order_by']; $query.= " limit ".$page['start'].",".$page['nb_image_page']; diff --git a/admin/install.php b/admin/install.php index c87a63bbd..00058365f 100644 --- a/admin/install.php +++ b/admin/install.php @@ -14,9 +14,9 @@ * the Free Software Foundation; * * * ***************************************************************************/ - function header_install() - { - $output = " +function header_install() +{ + $output = " <html> <head> <title>PhpWebGallery 1.2</title> @@ -125,12 +125,12 @@ <table width=\"700\" class=\"table1\" style=\"margin:auto;\"> <tr> <td class=\"contenucellule\">"; - return $output; - } + return $output; +} - function footer_install() - { - $output = " +function footer_install() +{ + $output = " </td> </tr> </table> @@ -139,92 +139,92 @@ </table> </body> </html>"; - return $output; - } + return $output; +} - if ( isset( $HTTP_GET_VARS['language'] ) ) - { - $isadmin = true; - $lang = array(); - include( "../language/".$HTTP_GET_VARS['language'].".php" ); - } +if ( isset( $HTTP_GET_VARS['language'] ) ) +{ + $isadmin = true; + $lang = array(); + include( "../language/".$HTTP_GET_VARS['language'].".php" ); +} - /*---------------------------------------Step 1------------------------------------*/ - if ( $HTTP_GET_VARS['step'] == 1 ) - { - $erreur1 = true; - $message = ""; - // création du fichier de configuration de connexion à la BD mysql - if( isset( $HTTP_POST_VARS['cfgBase'] ) && isset( $HTTP_POST_VARS['cfgUser'] ) && isset( $HTTP_POST_VARS['cfgPassword'] ) && isset( $HTTP_POST_VARS['cfgHote'] ) ) - { - if ( @mysql_connect( $HTTP_POST_VARS['cfgHote'], $HTTP_POST_VARS['cfgUser'], $HTTP_POST_VARS['cfgPassword'] ) ) - { - if ( @mysql_select_db($HTTP_POST_VARS['cfgBase'] ) ) - { - $message.= "<div class=\"info\">".$lang['step1_confirmation']."</div>"; - $erreur1 = false; - } - else - { - $message.= "<div class=\"erreur\">".$lang['step1_err_db']."</div>"; - } - } - else - { - $message.= "<div class=\"erreur\">".$lang['step1_err_server']."</div>"; - } +/*---------------------------------------Step 1------------------------------------*/ +if ( $HTTP_GET_VARS['step'] == 1 ) +{ + $erreur1 = true; + $message = ""; + // création du fichier de configuration de connexion à la BD mysql + if( isset( $HTTP_POST_VARS['cfgBase'] ) && isset( $HTTP_POST_VARS['cfgUser'] ) && isset( $HTTP_POST_VARS['cfgPassword'] ) && isset( $HTTP_POST_VARS['cfgHote'] ) ) + { + if ( @mysql_connect( $HTTP_POST_VARS['cfgHote'], $HTTP_POST_VARS['cfgUser'], $HTTP_POST_VARS['cfgPassword'] ) ) + { + if ( @mysql_select_db($HTTP_POST_VARS['cfgBase'] ) ) + { + $message.= "<div class=\"info\">".$lang['step1_confirmation']."</div>"; + $erreur1 = false; + } + else + { + $message.= "<div class=\"erreur\">".$lang['step1_err_db']."</div>"; + } + } + else + { + $message.= "<div class=\"erreur\">".$lang['step1_err_server']."</div>"; + } - if ( !$erreur1 ) - { - // écriture du fichier de configuration - if ( $fp = @fopen("../include/mysql.inc.php","a+") ) - { - fwrite( $fp, "<?php\n\t\$cfgBase='".$HTTP_POST_VARS['cfgBase']."';\n\t\$cfgUser='".$HTTP_POST_VARS['cfgUser']."';\n\t\$cfgPassword='".$HTTP_POST_VARS['cfgPassword']."';\n\t\$cfgHote='".$HTTP_POST_VARS['cfgHote']."';\n\t\$prefixeTable='".$HTTP_POST_VARS['prefixe']."';\n?>" ); - fclose( $fp ); - } - $cfgHote = ""; - $cfgUser = ""; - $cfgPassword = ""; - $cfgBase = ""; - include ( "../include/mysql.inc.php" ); - $erreur2 = true; - if ( @mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) ) - { - if ( @mysql_select_db ( $cfgBase ) ) - { - $erreur2 = false; - } - } - if ( $erreur2 ) - { - $message.="<br /><br />".$lang['step1_err_copy']." :<br /> + if ( !$erreur1 ) + { + // écriture du fichier de configuration + if ( $fp = @fopen("../include/mysql.inc.php","a+") ) + { + fwrite( $fp, "<?php\n\t\$cfgBase='".$HTTP_POST_VARS['cfgBase']."';\n\t\$cfgUser='".$HTTP_POST_VARS['cfgUser']."';\n\t\$cfgPassword='".$HTTP_POST_VARS['cfgPassword']."';\n\t\$cfgHote='".$HTTP_POST_VARS['cfgHote']."';\n\t\PREFIX_TABLE='".$HTTP_POST_VARS['prefixe']."';\n?>" ); + fclose( $fp ); + } + $cfgHote = ""; + $cfgUser = ""; + $cfgPassword = ""; + $cfgBase = ""; + include ( "../include/mysql.inc.php" ); + $erreur2 = true; + if ( @mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) ) + { + if ( @mysql_select_db ( $cfgBase ) ) + { + $erreur2 = false; + } + } + if ( $erreur2 ) + { + $message.="<br /><br />".$lang['step1_err_copy']." :<br /> -----------------------------------------------------<br /> <div style=\"color:blue;\"><?php<br /> \$cfgBase = '".$HTTP_POST_VARS['cfgBase']."';<br /> \$cfgUser = '".$HTTP_POST_VARS['cfgUser']."';<br /> \$cfgPassword = '".$HTTP_POST_VARS['cfgPassword']."';<br /> \$cfgHote = '".$HTTP_POST_VARS['cfgHote']."';<br /> - \$prefixeTable = '".$HTTP_POST_VARS['prefixe']."';<br /> + \PREFIX_TABLE = '".$HTTP_POST_VARS['prefixe']."';<br /> ?></div> -----------------------------------------------------<br />"; - $message.= "<div style=\"text-align:center;\">".$lang['step1_err_copy_2']."<br />"; - $message.= "<a href=\"install.php?step=2&language=".$HTTP_GET_VARS['language']."\">".$lang['step1_err_copy_next']."</a></div>"; - } - else - { - $url = "install.php?step=2&language=".$HTTP_GET_VARS['language']; - header("Request-URI: $url"); - header("Content-Location: $url"); - header("Location: $url"); - exit(); - } - } - } + $message.= "<div style=\"text-align:center;\">".$lang['step1_err_copy_2']."<br />"; + $message.= "<a href=\"install.php?step=2&language=".$HTTP_GET_VARS['language']."\">".$lang['step1_err_copy_next']."</a></div>"; + } + else + { + $url = "install.php?step=2&language=".$HTTP_GET_VARS['language']; + header("Request-URI: $url"); + header("Content-Location: $url"); + header("Location: $url"); + exit(); + } + } + } - echo header_install(); - if ( isset( $message ) && $message != "" ) - { - echo" + echo header_install(); + if ( isset( $message ) && $message != "" ) + { + echo" <table width=\"100%\"> <tr> <th>".$lang['install_message']."</th> @@ -233,10 +233,10 @@ <td>$message</td> </tr> </table>"; - } - if ( $erreur1 ) - { - echo" + } + if ( $erreur1 ) + { + echo" <form method=\"post\" action=\"install.php?step=1&language=".$HTTP_GET_VARS['language']."\"> <table width=\"100%\"> <tr> @@ -248,15 +248,15 @@ <tr> <td>".$lang['step1_host']."</td> <td align=center><input type='text' name='cfgHote' value='"; - if ( !isset( $HTTP_POST_VARS['cfgHote'] ) ) - { - echo"localhost"; - } - else - { - echo $HTTP_POST_VARS['cfgHote']; - } - echo"'></td> + if ( !isset( $HTTP_POST_VARS['cfgHote'] ) ) + { + echo"localhost"; + } + else + { + echo $HTTP_POST_VARS['cfgHote']; + } + echo"'></td> <td class=\"row2\">".$lang['step1_host_info']."</td> </tr> <tr> @@ -277,15 +277,15 @@ <tr> <td>".$lang['step1_prefix']."</td> <td align=center><input type='text' name='prefixe' value='"; - if ( !isset( $HTTP_POST_VARS['prefixe'] ) ) - { - echo"phpwebgallery_"; - } - else - { - echo $HTTP_POST_VARS['prefixe']; - } - echo"'></td> + if ( !isset( $HTTP_POST_VARS['prefixe'] ) ) + { + echo"phpwebgallery_"; + } + else + { + echo $HTTP_POST_VARS['prefixe']; + } + echo"'></td> <td class=\"row2\">".$lang['step1_prefix_info']."</td> </tr> <tr> @@ -296,19 +296,19 @@ </tr> </table> </form>"; - } - echo footer_install(); - } - /*---------------------------------------Step 2------------------------------------*/ - else if ( $HTTP_GET_VARS['step'] == 2 ) - { - include( "../include/mysql.inc.php" ); - mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) or die ( "erreur de connexion au serveur" ); - mysql_select_db( $cfgBase ) or die ( "erreur de connexion a la base de donnees" ); + } + echo footer_install(); +} +/*---------------------------------------Step 2------------------------------------*/ +else if ( $HTTP_GET_VARS['step'] == 2 ) +{ + include( "../include/mysql.inc.php" ); + mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) or die ( "erreur de connexion au serveur" ); + mysql_select_db( $cfgBase ) or die ( "erreur de connexion a la base de donnees" ); - if ( !isset( $HTTP_POST_VARS['submit'] ) ) - { - $query = "CREATE TABLE ".$prefixeTable."categories ( + if ( !isset( $HTTP_POST_VARS['submit'] ) ) + { + $query = "CREATE TABLE ".PREFIX_TABLE."categories ( id tinyint(3) unsigned NOT NULL auto_increment, date_dernier date NOT NULL default '0000-00-00', nb_images smallint(5) unsigned NOT NULL default '0', @@ -321,8 +321,8 @@ site_id tinyint(4) unsigned NOT NULL default '1', PRIMARY KEY (id) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."comments ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."comments ( id int(11) unsigned NOT NULL auto_increment, image_id smallint(5) unsigned NOT NULL default '0', date int(11) unsigned NOT NULL default '0', @@ -330,8 +330,8 @@ content longtext, PRIMARY KEY (id) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."config ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."config ( periode_courte smallint(5) unsigned NOT NULL default '7', periode_longue smallint(5) unsigned NOT NULL default '14', prefixe_thumbnail varchar(10) NOT NULL default 'TN-', @@ -352,14 +352,14 @@ upload_maxwidth_thumbnail smallint(5) unsigned NOT NULL default '150', upload_maxheight_thumbnail smallint(5) unsigned NOT NULL default '100' );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."favorites ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."favorites ( user_id smallint(5) unsigned NOT NULL default '0', image_id smallint(5) unsigned NOT NULL default '0', KEY user_id (user_id,image_id) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."history ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."history ( date int(11) NOT NULL default '0', login varchar(15) default NULL, IP varchar(50) NOT NULL default '', @@ -368,8 +368,8 @@ titre varchar(150) default NULL, commentaire varchar(200) default NULL );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."images ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."images ( id smallint(5) unsigned NOT NULL auto_increment, file varchar(255) NOT NULL default '', cat_id tinyint(3) unsigned NOT NULL default '0', @@ -386,29 +386,29 @@ PRIMARY KEY (id), KEY cat_id (cat_id) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."restrictions ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."restrictions ( user_id smallint(5) unsigned NOT NULL default '0', cat_id tinyint(3) unsigned NOT NULL default '0', PRIMARY KEY (user_id,cat_id) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."sessions ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."sessions ( id varchar(255) binary NOT NULL default '', user_id smallint(5) unsigned NOT NULL default '0', expiration int(10) unsigned NOT NULL default '0', ip varchar(255) NOT NULL default '', PRIMARY KEY (id) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."sites ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."sites ( id tinyint(4) NOT NULL auto_increment, galleries_url varchar(255) NOT NULL default '', PRIMARY KEY (id), UNIQUE KEY galleries_url (galleries_url) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."users ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."users ( id smallint(5) unsigned NOT NULL auto_increment, pseudo varchar(20) binary NOT NULL default '', password varchar(255) NOT NULL default '', @@ -423,8 +423,8 @@ PRIMARY KEY (id), UNIQUE KEY pseudo (pseudo) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."waiting ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."waiting ( id int(10) unsigned NOT NULL auto_increment, cat_id tinyint(3) unsigned NOT NULL default '0', file varchar(255) NOT NULL default '', @@ -434,67 +434,67 @@ tn_ext char(3) default NULL, PRIMARY KEY (id) );"; - mysql_query( $query ); - } - if ( isset( $HTTP_POST_VARS['submit'] ) ) - { - $configuration = false; - $erreur = ""; - $nb_erreur = 0; - // le pseudo du webmaster ne doit pas - // 1. être vide - // 2. commencer ou se terminer par un espace - // 3. comporter les caractères ' ou " - // Notes sur le pseudo du webmaster : - // - lorsque l'on trouve plusieurs occurences - // consécutives du caractère espace, on réduit à une seule occurence - if ( $HTTP_POST_VARS['webmaster'] == "" ) - { - $erreur .= "<li>".$lang['step2_err_login1']."</li>"; - $nb_erreur++; - } - $webmaster = ereg_replace( "[ ]{2,}", " ", $HTTP_POST_VARS['webmaster'] ); - if ( ereg( "^.* $", $webmaster ) || ereg( "^ .*$", $webmaster) ) - { - $erreur .= "<li>".$lang['step2_err_login2']."</li>"; - $nb_erreur++; - } - if ( ereg( "'",$webmaster ) || ereg( "\"",$webmaster ) ) - { - $erreur .= "<li>".$lang['step2_err_login3']."</li>"; - $nb_erreur++; - } - // on vérifie que le password rentré correspond bien à la confirmation faite par l'utilisateur - if ( $HTTP_POST_VARS['pwdWebmaster'] != $HTTP_POST_VARS['pwdWebmasterConf'] ) - { - $erreur .= "<li>".$lang['step2_err_pass']."</li>"; - $nb_erreur++; - } - // le mail doit être conforme à qqch du type : nom@serveur.com - if( !ereg("([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+)", $HTTP_POST_VARS['mail_webmaster'] ) ) - { - $erreur .= "<li>".$lang['step2_err_mail']."</li>"; - $nb_erreur++; - } - // on met à jour les paramètres de l'application dans le cas où il n'y aucune erreur - if ( $nb_erreur == 0 ) - { - mysql_query( "delete from $prefixeTable"."config" ); - $query = "insert into $prefixeTable"."config (webmaster,mail_webmaster) values ('$webmaster','".$HTTP_POST_VARS['mail_webmaster']."')"; - mysql_query($query); - $query = "insert into $prefixeTable"."sites values (1, './galleries/');"; - mysql_query($query); - $query = "insert into $prefixeTable"."users (pseudo,password,status,language) values ('$webmaster','".md5( $pwdWebmaster )."','admin','".$HTTP_GET_VARS['language']."')"; - mysql_query($query); - mysql_query("insert into $prefixeTable"."users (pseudo,password,status,language) values ('visiteur','".md5( "" )."','visiteur','".$HTTP_GET_VARS['language']."')"); - $configuration = true; - } - } + mysql_query( $query ); + } + if ( isset( $HTTP_POST_VARS['submit'] ) ) + { + $configuration = false; + $erreur = ""; + $nb_erreur = 0; + // le pseudo du webmaster ne doit pas + // 1. être vide + // 2. commencer ou se terminer par un espace + // 3. comporter les caractères ' ou " + // Notes sur le pseudo du webmaster : + // - lorsque l'on trouve plusieurs occurences + // consécutives du caractère espace, on réduit à une seule occurence + if ( $HTTP_POST_VARS['webmaster'] == "" ) + { + $erreur .= "<li>".$lang['step2_err_login1']."</li>"; + $nb_erreur++; + } + $webmaster = ereg_replace( "[ ]{2,}", " ", $HTTP_POST_VARS['webmaster'] ); + if ( ereg( "^.* $", $webmaster ) || ereg( "^ .*$", $webmaster) ) + { + $erreur .= "<li>".$lang['step2_err_login2']."</li>"; + $nb_erreur++; + } + if ( ereg( "'",$webmaster ) || ereg( "\"",$webmaster ) ) + { + $erreur .= "<li>".$lang['step2_err_login3']."</li>"; + $nb_erreur++; + } + // on vérifie que le password rentré correspond bien à la confirmation faite par l'utilisateur + if ( $HTTP_POST_VARS['pwdWebmaster'] != $HTTP_POST_VARS['pwdWebmasterConf'] ) + { + $erreur .= "<li>".$lang['step2_err_pass']."</li>"; + $nb_erreur++; + } + // le mail doit être conforme à qqch du type : nom@serveur.com + if( !ereg("([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+)", $HTTP_POST_VARS['mail_webmaster'] ) ) + { + $erreur .= "<li>".$lang['step2_err_mail']."</li>"; + $nb_erreur++; + } + // on met à jour les paramètres de l'application dans le cas où il n'y aucune erreur + if ( $nb_erreur == 0 ) + { + mysql_query( "delete from PREFIX_TABLE"."config" ); + $query = "insert into PREFIX_TABLE"."config (webmaster,mail_webmaster) values ('$webmaster','".$HTTP_POST_VARS['mail_webmaster']."')"; + mysql_query($query); + $query = "insert into PREFIX_TABLE"."sites values (1, './galleries/');"; + mysql_query($query); + $query = "insert into PREFIX_TABLE"."users (pseudo,password,status,language) values ('$webmaster','".md5( $pwdWebmaster )."','admin','".$HTTP_GET_VARS['language']."')"; + mysql_query($query); + mysql_query("insert into PREFIX_TABLE"."users (pseudo,password,status,language) values ('visiteur','".md5( "" )."','visiteur','".$HTTP_GET_VARS['language']."')"); + $configuration = true; + } + } - echo header_install(); - if ( $configuration ) - { - echo" + echo header_install(); + if ( $configuration ) + { + echo" <table width=\"100%\"> <tr> <th>".$lang['install_end_title']."</th> @@ -506,12 +506,12 @@ <td>".$lang['install_end_message']."</td> </tr> </table>"; - } - else - { - if ( $nb_erreur > 0 ) - { - echo" + } + else + { + if ( $nb_erreur > 0 ) + { + echo" <table width=100%> <tr> <th>".$lang['install_message']."</th> @@ -526,8 +526,8 @@ <td> </td> </tr> </table>"; - } - echo" + } + echo" <form method=\"post\" action=\"install.php?step=2&language=".$HTTP_GET_VARS['language']."\"> <table width=100%> <tr> @@ -566,34 +566,34 @@ </tr> </table> </form>"; - } - echo footer_install(); - } - /*----------------------------------Language choice------------------------------------*/ - else - { - include( "../include/functions.php" ); - echo header_install(); - echo" + } + echo footer_install(); +} +/*----------------------------------Language choice------------------------------------*/ +else +{ + include( "../include/functions.php" ); + echo header_install(); + echo" <form method=\"get\" action=\"install.php\"> <input type=\"hidden\" name=\"step\" value=\"1\"/> <table width=\"100%\"> <tr> <td align=\"center\"> <select name=\"language\">"; - $languages = get_languages( "../language/" ); - for ( $i = 0; $i < sizeof ( $languages ); $i++ ) - { - echo" + $languages = get_languages( "../language/" ); + for ( $i = 0; $i < sizeof ( $languages ); $i++ ) + { + echo" <option>".$languages[$i]."</option>"; - } - echo" + } + echo" </select> <input type=\"submit\" value=\"Go\"> </td> </tr> </table> </form>"; - echo footer_install(); - } + echo footer_install(); +} ?>
\ No newline at end of file diff --git a/admin/perm.php b/admin/perm.php index 2407d9f6f..257bb21fb 100644 --- a/admin/perm.php +++ b/admin/perm.php @@ -18,7 +18,7 @@ //---------------------------------------------------données de l'utilisateur if ( isset( $HTTP_GET_VARS['user_id'] ) ) { - $query = "select id,pseudo,status from $prefixeTable"."users where id = '".$HTTP_GET_VARS['user_id']."';"; + $query = "select id,pseudo,status from PREFIX_TABLE"."users where id = '".$HTTP_GET_VARS['user_id']."';"; $result = mysql_query( $query ); $row = mysql_fetch_array( $result ); $page['pseudo'] = $row['pseudo']; @@ -51,14 +51,14 @@ { if ( isset( $HTTP_GET_VARS['user_id'] ) ) { - mysql_query ( "delete from $prefixeTable"."restrictions where user_id = ".$HTTP_GET_VARS['user_id'].";" ); - $result = mysql_query ( "select id from $prefixeTable"."categories;" ); + mysql_query ( "delete from PREFIX_TABLE"."restrictions where user_id = ".$HTTP_GET_VARS['user_id'].";" ); + $result = mysql_query ( "select id from PREFIX_TABLE"."categories;" ); while ( $row = mysql_fetch_array ( $result ) ) { $nom_select = "acces-".$row['id']; if ( $HTTP_POST_VARS[$nom_select] == 1 ) { - mysql_query ( "insert into $prefixeTable"."restrictions (user_id,cat_id) values ('".$HTTP_GET_VARS['user_id']."','".$row['id']."');" ); + mysql_query ( "insert into PREFIX_TABLE"."restrictions (user_id,cat_id) values ('".$HTTP_GET_VARS['user_id']."','".$row['id']."');" ); } } check_favorites( $HTTP_GET_VARS['user_id'] ); @@ -66,14 +66,14 @@ } else if ( isset( $HTTP_GET_VARS['cat_id'] ) ) { - mysql_query ( "delete from $prefixeTable"."restrictions where cat_id = '".$page['cat']."';" ); - $result = mysql_query( "select id from $prefixeTable"."users where pseudo != '".$conf['webmaster']."';" ); + mysql_query ( "delete from PREFIX_TABLE"."restrictions where cat_id = '".$page['cat']."';" ); + $result = mysql_query( "select id from PREFIX_TABLE"."users where pseudo != '".$conf['webmaster']."';" ); while ( $row = mysql_fetch_array ( $result ) ) { $nom_select = "acces-".$row['id']; if ( $HTTP_POST_VARS[$nom_select] == 1 ) { - mysql_query ( "insert into $prefixeTable"."restrictions (user_id,cat_id) values ('".$row['id']."','".$page['cat']."');" ); + mysql_query ( "insert into PREFIX_TABLE"."restrictions (user_id,cat_id) values ('".$row['id']."','".$page['cat']."');" ); } check_favorites( $row['id'] ); } @@ -83,7 +83,7 @@ //--------------------------------------------------------------- formulaire function display_cat_manager( $id_uppercat, $indent, $uppercat_authorized, $level, $restriction ) { - global $prefixeTable,$lang,$conf; + global PREFIX_TABLE,$lang,$conf; $output = ""; @@ -121,7 +121,7 @@ } $query = "select id,name,dir,rank"; - $query.= " from $prefixeTable"."categories"; + $query.= " from PREFIX_TABLE"."categories"; if ( !is_numeric( $id_uppercat ) ) { $query.= " where id_uppercat is NULL"; @@ -214,7 +214,7 @@ <form action=\"".add_session_id_to_url( "./admin.php?page=perm&cat_id=".$page['cat'] )."\" method=\"post\"> <table style=\"width:100%;\">"; - $result = mysql_query( "select id,pseudo,status from $prefixeTable"."users where pseudo != '".$conf['webmaster']."';" ); + $result = mysql_query( "select id,pseudo,status from PREFIX_TABLE"."users where pseudo != '".$conf['webmaster']."';" ); $i = 0; while ( $row = mysql_fetch_array( $result ) ) { diff --git a/admin/update.php b/admin/update.php new file mode 100644 index 000000000..8684660e1 --- /dev/null +++ b/admin/update.php @@ -0,0 +1,575 @@ +<?php +/*************************************************************************** + * update.php * + * ------------------ * + * application : PhpWebGallery 1.3 * + * author : Pierrick LE GALL <pierrick@z0rglub.com> * + * * + ***************************************************************************/ + +/*************************************************************************** + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; * + * * + ***************************************************************************/ + +include_once( './include/isadmin.inc.php' ); +//------------------------------------------------------------------- functions +function insert_local_category( $cat_id ) +{ + global $conf, $page; + + $site_id = 1; + + // 0. retrieving informations on the category to display + $cat_directory = '../galleries'; + + if ( is_numeric( $cat_id ) ) + { + $result = get_cat_info( $cat_id ); + $cat_directory.= '/'.$result['local_dir']; + // 1. display the category name to update + $output = '<img src="./images/puce.gif" alt=">" />'; + $output.= '<span style="font-weight:bold;">'.$result['name'][0].'</span>'; + $output.= ' [ '.$result['last_dir'].' ]'; + $output.= '<div class="retrait">'; + + // 2. we search pictures of the category only if the update is for all + // or a cat_id is specified + if ( isset( $page['cat'] ) or $_GET['update'] == 'all' ) + { + $output.= insert_local_image( $cat_directory, $cat_id ); + update_cat_info( $cat_id ); + } + } + + // 3. we have to remove the categories of the database not present anymore + $query = 'SELECT id'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ' WHERE site_id = '.$site_id; + if ( !is_numeric( $cat_id ) ) + { + $query.= ' AND id_uppercat IS NULL'; + } + else + { + $query.= ' AND id_uppercat = '.$cat_id; + } + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + // retrieving the directory + $rep = '../galleries'; + $resultat = get_cat_info( $row['id'] ); + $rep.= '/'.$resultat['local_dir']; + + // is the directory present ? + if ( !is_dir( $rep ) ) + { + delete_category( $row['id'] ); + } + } + + // 4. retrieving the sub-directories + $sub_rep = array(); + $i = 0; + $dirs = ''; + if ( $opendir = opendir ( $cat_directory ) ) + { + while ( $file = readdir ( $opendir ) ) + { + if ( $file != '.' + and $file != '..' + and is_dir ( $cat_directory.'/'.$file ) + and $file != 'thumbnail' ) + { + $sub_rep[$i++] = $file; + } + } + } + + for ( $i = 0; $i < sizeof( $sub_rep ); $i++ ) + { + // 5. Is the category already existing ? we create a subcat if not + // existing + $category_id = ''; + $query = 'SELECT id'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ' WHERE site_id = '.$site_id; + $query.= " AND dir = '".$sub_rep[$i]."'"; + if ( !is_numeric( $cat_id ) ) + { + $query.= ' AND id_uppercat IS NULL'; + } + else + { + $query.= ' AND id_uppercat = '.$cat_id; + } + $query.= ';'; + $result = mysql_query( $query ); + if ( mysql_num_rows( $result ) == 0 ) + { + // we have to create the category + $query = 'INSERT INTO '.PREFIX_TABLE.'categories'; + $query.= ' (dir,site_id,id_uppercat) VALUES'; + $query.= " ('".$sub_rep[$i]."','".$site_id."'"; + if ( !is_numeric( $cat_id ) ) + { + $query.= ',NULL'; + } + else + { + $query.= ",'".$cat_id."'"; + } + $query.= ');'; + mysql_query( $query ); + $category_id = mysql_insert_id(); + } + else + { + // we get the already registered id + $row = mysql_fetch_array( $result ); + $category_id = $row['id']; + } + // 6. recursive call + $output.= insert_local_category( $category_id ); + } + + if ( is_numeric( $cat_id ) ) + { + $output.= '</div>'; + } + return $output; +} + +function insert_local_image( $rep, $category_id ) +{ + global $lang,$conf,$count_new; + + $output = ''; + // we have to delete all the images from the database that : + // - are not in the directory anymore + // - don't have the associated thumbnail available anymore + $query = 'SELECT id,file,tn_ext'; + $query.= ' FROM '.PREFIX_TABLE.'images'; + $query.= ' WHERE cat_id = '.$category_id; + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + $lien_image = $rep.'/'.$row['file']; + $lien_thumbnail = $rep.'/thumbnail/'.$conf['prefixe_thumbnail']; + $lien_thumbnail.= get_filename_wo_extension( $row['file'] ); + $lien_thumbnail.= '.'.$row['tn_ext']; + + if ( !is_file ( $lien_image ) or !is_file ( $lien_thumbnail ) ) + { + if ( !is_file ( $lien_image ) ) + { + $output.= $row['file']; + $output.= ' <span style="font-weight:bold;">'; + $output.= $lang['update_disappeared'].'</span><br />'; + } + if ( !is_file ( $lien_thumbnail ) ) + { + $output.= $row['file']; + $output.= ' : <span style="font-weight:bold;">'; + $output.= $lang['update_disappeared_tn'].'</span><br />'; + } + // suppression de la base : + delete_image( $row['id'] ); + } + } + + // searching the new images in the directory + $pictures = array(); + $tn_ext = ''; + if ( $opendir = opendir ( $rep ) ) + { + while ( $file = readdir ( $opendir ) ) + { + if ( is_file( $rep.'/'.$file ) and is_image( $rep.'/'.$file ) ) + { + // is the picture waiting for validation by an administrator ? + $query = 'SELECT id'; + $query.= ' FROM '.PREFIX_TABLE.'waiting'; + $query.= ' WHERE cat_id = '.$category_id; + $query.= " AND file = '".$file."'"; + $query.= ';'; + $result = mysql_query( $query ); + if ( mysql_num_rows( $result ) == 0 ) + { + if ( $tn_ext = TN_exists( $rep, $file ) ) + { + // is the picture already in the database ? + $query = 'SELECT id'; + $query.= ' FROM '.PREFIX_TABLE.'images'; + $query.= ' WHERE cat_id = '.$category_id; + $query.= " AND file = '".$file."'"; + $query.= ';'; + $result = mysql_query( $query ); + if ( mysql_num_rows( $result ) == 0 ) + { + $picture = array(); + $picture['file'] = $file; + $picture['tn_ext'] = $tn_ext; + $picture['date'] = date( 'Y-m-d', filemtime ( $rep.'/'.$file ) ); + $picture['filesize'] = floor( filesize( $rep.'/'.$file ) / 1024); + $image_size = @getimagesize( $rep.'/'.$file ); + $picture['width'] = $image_size[0]; + $picture['height'] = $image_size[1]; + array_push( $pictures, $picture ); + } + } + else + { + $output.= '<span style="color:red;">'; + $output.= $lang['update_missing_tn'].' : '.$file; + $output.= ' (<span style="font-weight:bold;">'; + $output.= $conf['prefixe_thumbnail']; + $output.= get_filename_wo_extension( $file ).'.XXX</span>'; + $output.= ', XXX = '; + $output.= implode( ', ', $conf['picture_ext'] ); + $output.= ')</span><br />'; + } + } + } + } + } + // inserting the pictures found in the directory + foreach ( $pictures as $picture ) { + $query = 'INSERT INTO '.PREFIX_TABLE.'images'; + $query.= ' (file,cat_id,date_available,tn_ext,filesize,width,height)'; + $query.= ' VALUES '; + $query.= "('".$picture['file']."','".$category_id."'"; + $query.= ",'".$picture['date']."','".$picture['tn_ext']."'"; + $query.= ",'".$picture['filesize']."','".$picture['width']."'"; + $query.= ",'".$picture['height']."')"; + $query.= ';'; + mysql_query( $query ); + $count_new++; + + $output.= $picture['file']; + $output.= ' <span style="font-weight:bold;">'; + $output.= $lang['update_research_added'].'</span>'; + $output.= ' ('.$lang['update_research_tn_ext'].' '.$picture['tn_ext'].')'; + $output.= '<br />'; + } + return $output; +} + +// The function "update_cat_info" updates the information about the last +// online image and the number of images in the category +function update_cat_info( $category_id ) +{ + $query = 'SELECT date_available'; + $query.= ' FROM '.PREFIX_TABLE.'images'; + $query.= ' WHERE cat_id = '.$category_id; + $query.= ' ORDER BY date_available DESC'; + $query.= ' LIMIT 0,1'; + $query.= ';'; + $result = mysql_query( $query ); + $row = mysql_fetch_array( $result ); + $date_last = $row['date_available']; + + $query = 'SELECT COUNT(*) as nb_images'; + $query.= ' FROM '.PREFIX_TABLE.'images'; + $query.= ' WHERE cat_id = '.$category_id; + $result = mysql_query( $query ); + $row = mysql_fetch_array( $result ); + $nb_images = $row['nb_images']; + + $query = 'UPDATE '.PREFIX_TABLE.'categories'; + $query.= " SET date_dernier = '".$date_last."'"; + $query.= ', nb_images = '.$nb_images; + $query.= ' where id = '.$category_id; + $query.= ';'; + mysql_query( $query ); +} + +// remote_images verifies if a file named "listing.xml" is present is the +// admin directory. If it is the case, creation of a remote picture storage +// site if it doesn't already exists. Then, the function calls +// insert_remote_category for this remote site on the root category. +function remote_images() +{ + global $conf, $lang, $vtp, $sub; + + // 1. is there a file listing.xml ? + if ( !( $xml_content = getXmlCode( 'listing.xml' ) ) ) + { + return false; + } + $url = getContent( getChild( $xml_content, 'url' ) ); + $vtp->setVar( $sub, 'remote_update.url', $url ); + + // 2. is the site already existing ? + $query = 'select id'; + $query.= ' from '.PREFIX_TABLE.'sites'; + $query.= " where galleries_url = '".$url."'"; + $query.= ';'; + $result = mysql_query( $query ); + if ( mysql_num_rows($result ) == 0 ) + { + // we have to register this site in the database + $query = 'insert into '.PREFIX_TABLE.'sites'; + $query.= " (galleries_url) values ('".$url."')"; + $query.= ';'; + mysql_query( $query ); + $site_id = mysql_insert_id(); + } + else + { + // we get the already registered id + $row = mysql_fetch_array( $result ); + $site_id = $row['id']; + } + + // 3. available dirs in the file + $categories = insert_remote_category( $xml_content, $site_id, 'NULL', 0 ); + $vtp->setVar( $sub, 'remote_update.categories', $categories ); +} + +// insert_remote_category searchs the "dir" node of the xml_dir given and +// insert the contained categories if the are not in the database yet. The +// function also deletes the categories that are in the database and not in +// the xml_file. +function insert_remote_category( $xml_dir, $site_id, $id_uppercat, $level ) +{ + global $conf; + + $output = ''; + $categories = array(); + $list_dirs = getChildren( $xml_dir, 'dir'.$level ); + for ( $i = 0; $i < sizeof( $list_dirs ); $i++ ) + { + // is the category already existing ? + $category_id = ''; + $name = getAttribute( $list_dirs[$i], 'name' ); + $categories[$i] = $name; + + $output.= '<img src="./images/puce.gif">'; + $output.= '<span style="font-weight:bold;">'.$name.'</span>'; + $output.= '<div class="retrait">'; + + $query = 'select id'; + $query.= ' from '.PREFIX_TABLE.'categories'; + $query.= ' where site_id = '.$site_id; + $query.= " and dir = '".$name."'"; + if ( $id_uppercat == 'NULL' ) + { + $query.= ' and id_uppercat is NULL'; + } + else + { + $query.= ' and id_uppercat = '.$id_uppercat; + } + $query.= ';'; + $result = mysql_query( $query ); + if ( mysql_num_rows( $result ) == 0 ) + { + // we have to create the category + $query = 'insert into '.PREFIX_TABLE.'categories'; + $query.= " (dir,site_id,id_uppercat) values ('".$name."',".$site_id; + if ( !is_numeric( $id_uppercat ) ) + { + $query.= ',NULL'; + } + else + { + $query.= ','.$id_uppercat; + } + $query.= ');'; + mysql_query( $query ); + $category_id = mysql_insert_id(); + } + else + { + // we get the already registered id + $row = mysql_fetch_array( $result ); + $category_id = $row['id']; + } + $output.= insert_remote_image( $list_dirs[$i], $category_id ); + update_cat_info( $category_id ); + $output.= insert_remote_category( $list_dirs[$i], $site_id, + $category_id, $level+1 ); + $output.= '</div>'; + } + // we have to remove the categories of the database not present in the xml + // file (ie deleted from the picture storage server) + $query = 'select dir,id'; + $query.= ' from '.PREFIX_TABLE.'categories'; + $query.= ' where site_id = '.$site_id; + if ( !is_numeric( $id_uppercat ) ) + { + $query.= ' and id_uppercat is NULL'; + } + else + { + $query.= ' and id_uppercat = '.$id_uppercat; + } + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + // is the category in the xml file ? + if ( !in_array( $row['dir'], $categories ) ) + { + delete_category( $row['id'] ); + } + } + + return $output; +} + +// insert_remote_image searchs the "root" node of the xml_dir given and +// insert the contained pictures if the are not in the database yet. +function insert_remote_image( $xml_dir, $category_id ) +{ + global $count_new,$lang; + + $output = ''; + $root = getChild( $xml_dir, 'root' ); + $pictures = array(); + $xml_pictures = getChildren( $root, 'picture' ); + for ( $j = 0; $j < sizeof( $xml_pictures ); $j++ ) + { + //<picture file="albatros.jpg" tn_ext="png" date="2002-04-14" + // filesize="35" width="640" height="480" /> + $file = getAttribute( $xml_pictures[$j], 'file' ); + $tn_ext = getAttribute( $xml_pictures[$j], 'tn_ext' ); + $date = getAttribute( $xml_pictures[$j], 'date' ); + $filesize = getAttribute( $xml_pictures[$j], 'filesize' ); + $width = getAttribute( $xml_pictures[$j], 'width' ); + $height = getAttribute( $xml_pictures[$j], 'height' ); + + $pictures[$j] = $file; + + // is the picture already existing in the database ? + $query = 'select id,tn_ext'; + $query.= ' from '.PREFIX_TABLE.'images'; + $query.= ' where cat_id = '.$category_id; + $query.= " and file = '".$file."'"; + $query.= ';'; + $result = mysql_query( $query ); + $query = ''; + if ( mysql_num_rows( $result ) == 0 ) + { + $query = 'insert into '.PREFIX_TABLE.'images'; + $query.= ' (file,cat_id,date_available,tn_ext,filesize,width,height)'; + $query.= ' values ('; + $query.= "'".$file."'"; + $query.= ",'".$category_id."'"; + $query.= ",'".$date."'"; + $query.= ",'".$tn_ext."'"; + $query.= ",'".$filesize."'"; + $query.= ",'".$width."'"; + $query.= ",'".$height."'"; + $query.= ')'; + $query.= ';'; + + $output.= $file; + $output.= ' <span style="font-weight:bold;">'; + $output.= $lang['update_research_added'].'</span>'; + $output.= ' ('.$lang['update_research_tn_ext'].' '.$tn_ext.')<br />'; + + $count_new++; + } + else + { + // is the tn_ext the same in the xml file and in the database ? + $row = mysql_fetch_array( $result ); + if ( $row['tn_ext'] != $tn_ext ) + { + $query = 'update '.PREFIX_TABLE.'images'; + $query.= ' set'; + $query.= " tn_ext = '".$tn_ext."'"; + $query.= ' where cat_id = '.$category_id; + $query.= " and file = '".$file."'"; + $query.= ';'; + } + } + // execution of the query + if ( $query != '' ) + { + mysql_query( $query ); + } + } + // we have to remove the pictures of the database not present in the xml file + // (ie deleted from the picture storage server) + $query = 'select id,file'; + $query.= ' from '.PREFIX_TABLE.'images'; + $query.= ' where cat_id = '.$category_id; + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + // is the file in the xml file ? + if ( !in_array( $row['file'], $pictures ) ) + { + delete_image( $row['id'] ); + } + } + return $output; +} +//----------------------------------------------------- template initialization +$sub = $vtp->Open( '../template/'.$user['template'].'/admin/update.vtp' ); +$tpl = array( 'update_default_title', 'update_only_cat', 'update_all', + 'update_research_conclusion', 'update_deletion_conclusion', + 'remote_site', 'update_part_research' ); +templatize_array( $tpl, 'lang', $sub ); +//-------------------------------------------- introduction : choices of update +// Display choice if "update" var is not specified +check_cat_id( $_GET['update'] ); +if ( !isset( $_GET['update'] ) + and !( isset( $page['cat'] ) + or $_GET['update'] == 'cats' + or $_GET['update'] == 'all' ) ) +{ + $vtp->addSession( $sub, 'introduction' ); + // only update the categories, not the pictures. + $url = add_session_id( './admin.php?page=update&update=cats' ); + $vtp->setVar( $sub, 'introduction.only_cat:url', $url ); + // update the entire tree folder + $url = add_session_id( './admin.php?page=update&update=all' ); + $vtp->setVar( $sub, 'introduction.all:url', $url ); + $vtp->closeSession( $sub, 'introduction' ); +} +//------------------------------------------------- local update : ../galleries +else +{ + $count_new = 0; + $count_deleted = 0; + $vtp->addSession( $sub, 'local_update' ); + if ( isset( $page['cat'] ) ) + { + $categories = insert_local_category( $page['cat'] ); + } + else + { + $categories = insert_local_category( 'NULL' ); + } + $vtp->setVar( $sub, 'local_update.categories', $categories ); + $vtp->setVar( $sub, 'local_update.count_new', $count_new ); + $vtp->setVar( $sub, 'local_update.count_deleted', $count_deleted ); + $vtp->closeSession( $sub, 'local_update' ); +} +//------------------------------------------------- remote update : listing.xml +if ( @is_file( './listing.xml' ) ) +{ + $count_new = 0; + $count_deleted = 0; + $vtp->addSession( $sub, 'remote_update' ); + + remote_images(); + $vtp->setVar( $sub, 'remote_update.count_new', $count_new ); + $vtp->setVar( $sub, 'remote_update.count_deleted', $count_deleted ); + + $vtp->closeSession( $sub, 'remote_update' ); +} +//----------------------------------------------------------- sending html code +$vtp->Parse( $handle , 'sub', $sub ); +?>
\ No newline at end of file diff --git a/admin/user_add.php b/admin/user_add.php index ef50c13f1..d138c4933 100644 --- a/admin/user_add.php +++ b/admin/user_add.php @@ -63,7 +63,7 @@ if ( !isset( $_POST['status'] ) ) { $_POST['status'] = 'guest'; } -$option = get_enums( $prefixeTable.'users', 'status' ); +$option = get_enums( PREFIX_TABLE.'users', 'status' ); for ( $i = 0; $i < sizeof( $option ); $i++ ) { $vtp->addSession( $sub, 'status_option' ); diff --git a/admin/user_list.php b/admin/user_list.php index bcf6cc988..d4289489d 100644 --- a/admin/user_list.php +++ b/admin/user_list.php @@ -41,7 +41,7 @@ $vtp->setGlobalVar( $sub, 'listuser_button_create_address', if ( isset ( $_GET['delete'] ) and is_numeric( $_GET['delete'] ) ) { $query = 'select username'; - $query.= ' from '.$prefixeTable.'users'; + $query.= ' from '.PREFIX_TABLE.'users'; $query.= ' where id = '.$_GET['delete']; $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); @@ -65,7 +65,7 @@ if ( isset ( $_GET['delete'] ) and is_numeric( $_GET['delete'] ) ) and $row['username'] != $conf['webmaster'] ) { $query = 'select count(*) as nb_result'; - $query.= ' from '.$prefixeTable.'users'; + $query.= ' from '.PREFIX_TABLE.'users'; $query.= ' where id = '.$_GET['delete']; $query.= ';'; $row2 = mysql_fetch_array( mysql_query( $query ) ); @@ -103,7 +103,7 @@ else $vtp->setVar( $sub, 'users.form_action', $action ); $query = 'select id,username,status,mail_address'; - $query.= ' from '.$prefixeTable.'users'; + $query.= ' from '.PREFIX_TABLE.'users'; $query.= ' order by status asc, username asc'; $query.= ';'; $result = mysql_query( $query ); @@ -217,7 +217,7 @@ else $i = 0; $query = 'select'; $query.= ' id,mail_address'; - $query.= ' from '.$prefixeTable.'users'; + $query.= ' from '.PREFIX_TABLE.'users'; $query.= ';'; $result = mysql_query( $query ); while ( $row = mysql_fetch_array( $result ) ) diff --git a/admin/user_modify.php b/admin/user_modify.php index 6e14589c3..4989c31e2 100644 --- a/admin/user_modify.php +++ b/admin/user_modify.php @@ -30,7 +30,7 @@ $display_form = true; // id in $_GET['user_id'] $query = 'select'; $query.= ' username,status,mail_address'; -$query.= ' from '.$prefixeTable.'users'; +$query.= ' from '.PREFIX_TABLE.'users'; $query.= ' where id = '.$_GET['user_id']; $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); @@ -107,7 +107,7 @@ if ( $display_form ) { $_POST['status'] = 'guest'; } - $option = get_enums( $prefixeTable.'users', 'status' ); + $option = get_enums( PREFIX_TABLE.'users', 'status' ); for ( $i = 0; $i < sizeof( $option ); $i++ ) { $vtp->addSession( $sub, 'status_option' ); diff --git a/admin/waiting.php b/admin/waiting.php index 9e8f16dcc..927c976ae 100644 --- a/admin/waiting.php +++ b/admin/waiting.php @@ -19,7 +19,7 @@ if ( isset( $HTTP_POST_VARS['submit'] ) ) { $query = "select id,cat_id,file,tn_ext"; - $query.= " from $prefixeTable"."waiting"; + $query.= " from PREFIX_TABLE"."waiting"; $query.= ";"; $result = mysql_query( $query ); while ( $row = mysql_fetch_array( $result ) ) @@ -27,7 +27,7 @@ $key = "validate-".$row['id']; if ( isset( $HTTP_POST_VARS[$key] ) ) { - $query = "delete from $prefixeTable"."waiting"; + $query = "delete from PREFIX_TABLE"."waiting"; $query.= " where id = ".$row['id']; $query.= ";"; mysql_query( $query ); @@ -59,7 +59,7 @@ <th style=\"width:1px;\"> </th> </tr>"; $query = "select id,cat_id,file,username,mail_address,date,tn_ext"; - $query.= " from $prefixeTable"."waiting"; + $query.= " from PREFIX_TABLE"."waiting"; $query.= " order by cat_id"; $query.= ";"; $result = mysql_query( $query ); diff --git a/category.php b/category.php index 6f36b1366..8aaf4941e 100644 --- a/category.php +++ b/category.php @@ -53,7 +53,7 @@ if ( $user['expand'] == 'true' or $_GET['expand'] == 'all' ) { $page['tab_expand'] = array(); $query = 'select id'; - $query.= ' from '.$prefixeTable.'categories'; + $query.= ' from '.PREFIX_TABLE.'categories'; $query.= ' where id_uppercat is null;'; $result = mysql_query( $query ); $i = 0; @@ -125,7 +125,7 @@ if ( !$user['is_the_guest'] ) $vtp->setVar( $handle, 'favorites.url', $url ); // searching the number of favorite picture $query = 'select count(*) as count'; - $query.= ' from '.$prefixeTable.'favorites'; + $query.= ' from '.PREFIX_TABLE.'favorites'; $query.= ' where user_id = '.$user['id'].';'; $result = mysql_query( $query ); $row = mysql_fetch_array( $result ); @@ -240,7 +240,7 @@ if ( isset( $page['cat'] ) and $page['cat_nb_images'] != 0 ) $query = 'select id,file,date_available,comment,'; $query.= ' author,tn_ext,name,filesize,width,height,cat_id'; - $query.= ' from '.$prefixeTable.'images'; + $query.= ' from '.PREFIX_TABLE.'images'; $query.= $page['where']; $query.= $conf['order_by']; $query.= ' limit '.$page['start'].','.$page['nb_image_page']; @@ -339,7 +339,7 @@ if ( isset( $page['cat'] ) and $page['cat_nb_images'] != 0 ) { $vtp->addSession( $handle, 'nb_comments' ); $query = 'select count(*) as nb_comments'; - $query.= ' from '.$prefixeTable.'comments'; + $query.= ' from '.PREFIX_TABLE.'comments'; $query.= ' where image_id = '.$row['id']; $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); @@ -373,7 +373,7 @@ elseif ( isset( $page['cat'] ) $vtp->addSession( $handle, 'thumbnails' ); $query = 'select id,name,dir,date_dernier'; - $query.= ' from '.$prefixeTable.'categories'; + $query.= ' from '.PREFIX_TABLE.'categories'; $query.= ' where id_uppercat = '.$page['cat']; $query.= ' order by rank;'; $cat_result = mysql_query( $query ); @@ -397,7 +397,7 @@ elseif ( isset( $page['cat'] ) $name = replace_space( $name ); $query = 'select file,tn_ext'; - $query.= ' from '.$prefixeTable.'images'; + $query.= ' from '.PREFIX_TABLE.'images'; $query.= ' where cat_id = '.$cat_row['id']; $query.= ' order by rand()'; $query.= ' limit 0,1'; diff --git a/identification.php b/identification.php index ddbc2b932..5f10f106a 100644 --- a/identification.php +++ b/identification.php @@ -24,7 +24,7 @@ if ( isset( $_POST['login'] ) ) $i = 0; // retrieving the encrypted password of the login submitted $query = 'select password'; - $query.= ' from '.$prefixeTable.'users'; + $query.= ' from '.PREFIX_TABLE.'users'; $query.= " where username = '".$_POST['login']."';"; $row = mysql_fetch_array( mysql_query( $query ) ); if( $row['password'] == md5( $_POST['pass'] ) ) @@ -77,7 +77,7 @@ if ( sizeof( $error ) != 0 ) } //------------------------------------------------------------------ users list // retrieving all the users login -$query = 'select username from '.$prefixeTable.'users;'; +$query = 'select username from '.PREFIX_TABLE.'users;'; $result = mysql_query( $query ); if ( mysql_num_rows ( $result ) < $conf['max_user_listbox'] ) { @@ -114,7 +114,7 @@ if ( $conf['acces'] == "libre" ) $code = $vtp->Display( $handle, 0 ); echo $code; //------------------------------------------------------------ log informations -$query = 'insert into '.$prefixeTable.'history'; +$query = 'insert into '.PREFIX_TABLE.'history'; $query.= '(date,login,IP,page) values'; $query.= "('".time()."', '".$user['pseudo']; $query.= "','$REMOTE_ADDR','identification');"; @@ -4,7 +4,7 @@ include_once( './include/functions.inc.php' ); database_connection(); // récupération des informations de configuration du site $query = 'select acces '; -$query .= 'from '.$prefixeTable.'config;'; +$query .= 'from '.PREFIX_TABLE.'config;'; $row = mysql_fetch_array( mysql_query( $query ) ); $url = 'category'; if ( $row['acces'] == 'restreint' ) diff --git a/picture.php b/picture.php index c3523fb80..4c3fd749c 100644 --- a/picture.php +++ b/picture.php @@ -1,9 +1,9 @@ <?php /*************************************************************************** - * picture.php is a part of PhpWebGallery * + * picture.php * * ------------------- * - * last update : Tuesday, July 16, 2002 * - * email : pierrick@z0rglub.com * + * application : PhpWebGallery 1.3 * + * author : Pierrick LE GALL <pierrick@z0rglub.com> * * * ***************************************************************************/ @@ -28,7 +28,7 @@ if ( isset( $page['cat'] ) && is_numeric( $page['cat'] ) ) check_restrictions( $page['cat'] ); } //---------------------------------------- incrementation of the number of hits -$query = 'update '.$prefixeTable.'images'; +$query = 'update '.PREFIX_TABLE.'images'; $query.= ' set hit=hit+1'; $query.= ' where id='.$_GET['image_id']; $query.= ';'; @@ -39,7 +39,7 @@ $cat_directory = $page['cat_dir']; // by default //------------------------------------- main picture information initialization $query = 'select id,date_available,comment,hit'; $query.= ',author,name,file,date_creation,filesize,width,height,cat_id'; -$query.= ' from '.$prefixeTable.'images'; +$query.= ' from '.PREFIX_TABLE.'images'; $query.= $page['where']; $query.= ' and id = '.$_GET['image_id']; $query.= $conf['order_by']; @@ -60,7 +60,7 @@ $page['height'] = $row['height']; $page['cat_id'] = $row['cat_id']; // retrieving the number of the picture in its category (in order) $query = 'select id'; -$query.= ' from '.$prefixeTable.'images'; +$query.= ' from '.PREFIX_TABLE.'images'; $query.= $page['where']; $query.= $conf['order_by']; $query.= ';'; @@ -79,7 +79,7 @@ if ( isset( $_GET['add_fav'] ) ) { // verify if the picture is already in the favorite of the user $query = 'select count(*) as nb_fav'; - $query.= ' from '.$prefixeTable.'favorites'; + $query.= ' from '.PREFIX_TABLE.'favorites'; $query.= ' where image_id = '.$page['id']; $query.= ' and user_id = '.$user['id']; $query.= ';'; @@ -87,7 +87,7 @@ if ( isset( $_GET['add_fav'] ) ) $row = mysql_fetch_array( $result ); if ( $row['nb_fav'] == 0 ) { - $query = 'insert into '.$prefixeTable.'favorites'; + $query = 'insert into '.PREFIX_TABLE.'favorites'; $query.= ' (image_id,user_id) values'; $query.= ' ('.$page['id'].','.$user['id'].')'; $query.= ';'; @@ -96,7 +96,7 @@ if ( isset( $_GET['add_fav'] ) ) } if ( $_GET['add_fav'] == 0 ) { - $query = 'delete from '.$prefixeTable.'favorites'; + $query = 'delete from '.PREFIX_TABLE.'favorites'; $query.= ' where user_id = '.$user['id']; $query.= ' and image_id = '.$page['id']; $query.= ';'; @@ -121,7 +121,7 @@ if ( isset( $_GET['add_fav'] ) ) $page['num'] = 0; } $query = 'select id'; - $query.= ' from '.$prefixeTable.'images'; + $query.= ' from '.PREFIX_TABLE.'images'; $query.= $page['where']; $query.= $conf['order_by']; $query.= ' limit '.$page['num'].',1'; @@ -173,7 +173,7 @@ if ( $page['num'] >= 1 ) { $prev = $page['num'] - 1; $query = 'select id,name,file,tn_ext,cat_id'; - $query.= ' from '.$prefixeTable.'images'; + $query.= ' from '.PREFIX_TABLE.'images'; $query.= $page['where']; $query.= $conf['order_by']; $query.= ' limit '.$prev.',1'; @@ -421,12 +421,12 @@ if ( $user['status'] == "admin" && is_numeric( $page['cat'] ) ) if ( $page['num'] < $page['cat_nb_images']-1 ) { $next = $page['num'] + 1; - $query = "select id,name,file,tn_ext,cat_id"; - $query.= " from $prefixeTable"."images"; + $query = 'SELECT id,name,file,tn_ext,cat_id'; + $query.= ' FROM '.PREFIX_TABLE.'images'; $query.= $page['where']; $query.= $conf['order_by']; - $query.= " limit $next,1"; - $query.= ";"; + $query.= ' LIMIT '.$next.',1'; + $query.= ';'; $result = mysql_query( $query ); $row = mysql_fetch_array( $result ); @@ -485,7 +485,7 @@ if ( $conf['show_comments'] ) { $author = $_POST['author']; } - $query = 'insert into '.$prefixeTable.'comments'; + $query = 'insert into '.PREFIX_TABLE.'comments'; $query.= ' (author,date,image_id,content) values'; $query.= " ('".$author."',".time().",".$page['id']; $query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."');"; @@ -496,13 +496,13 @@ if ( $conf['show_comments'] ) && is_numeric( $_GET['del'] ) && $user['status'] == 'admin' ) { - $query = 'delete from '.$prefixeTable.'comments'; + $query = 'delete from '.PREFIX_TABLE.'comments'; $query.= ' where id = '.$_GET['del'].';'; mysql_query( $query ); } // number of comment for this picture $query = 'select count(*) as nb_comments'; - $query.= ' from '.$prefixeTable.'comments'; + $query.= ' from '.PREFIX_TABLE.'comments'; $query.= ' where image_id = '.$page['id'].';'; $row = mysql_fetch_array( mysql_query( $query ) ); $page['nb_comments'] = $row['nb_comments']; @@ -532,7 +532,7 @@ if ( $conf['show_comments'] ) $vtp->setGlobalVar( $handle, 'nb_comments', $page['nb_comments'] ); $query = 'select id,author,date,image_id,content'; - $query.= ' from '.$prefixeTable.'comments'; + $query.= ' from '.PREFIX_TABLE.'comments'; $query.= ' where image_id = '.$page['id']; $query.= ' order by date asc'; $query.= ' limit '.$page['start'].', '.$conf['nb_comment_page'].';'; @@ -581,7 +581,7 @@ mysql_close(); $code = $vtp->Display( $handle, 0 ); echo $code; //------------------------------------------------------------ log informations -$query = 'insert into '.$prefixeTable.'history'; +$query = 'insert into '.PREFIX_TABLE.'history'; $query.= ' (date,login,IP,page,titre,categorie) values'; $query.= " (".time().", '".$user['pseudo']."','".$_SERVER['REMOTE_ADDR']."'"; $query.= ",'picture','".$page['file']."','".$intitule_cat."');"; diff --git a/profile.php b/profile.php index b72e6db6a..654497bce 100644 --- a/profile.php +++ b/profile.php @@ -92,7 +92,7 @@ if ( isset( $_POST['submit'] ) ) $tab_theme = explode( ' - ', $_POST['theme'] ); $_POST['theme'] = $tab_theme[0].'/'.$tab_theme[1]; - $query = 'update '.$prefixeTable.'users'; + $query = 'update '.PREFIX_TABLE.'users'; $query.= ' set'; for ( $i = 0; $i < sizeof( $infos ); $i++ ) { @@ -121,7 +121,7 @@ if ( isset( $_POST['submit'] ) ) if ( $_POST['use_new_pwd'] == 1 ) { - $query = 'update '.$prefixeTable.'users'; + $query = 'update '.PREFIX_TABLE.'users'; $query.= " set password = '".md5( $_POST['password'] )."'"; $query.= ' where id = '.$user['id']; $query.= ';'; diff --git a/search.php b/search.php index 7538ae712..e751fa032 100644 --- a/search.php +++ b/search.php @@ -82,7 +82,7 @@ $vtp->setGlobalVar( $handle, 'back_url', add_session_id( './category.php' ) ); $code = $vtp->Display( $handle, 0 ); echo $code; //------------------------------------------------------------ log informations -$query = 'insert into '.$prefixeTable.'history'; +$query = 'insert into '.PREFIX_TABLE.'history'; $query.= '(date,login,IP,page) values'; $query.= "('".time()."', '".$user['pseudo']."','".$_SERVER['REMOTE_ADDR']."'"; $query.= ",'search');"; diff --git a/upload.php b/upload.php index d352427db..e9e1c979f 100644 --- a/upload.php +++ b/upload.php @@ -1,9 +1,9 @@ <?php /*************************************************************************** - * upload.php is a part of PhpWebGallery * + * upload.php * * ------------------- * - * last update : Sunday, October 27, 2002 * - * email : pierrick@z0rglub.com * + * application : PhpWebGallery 1.3 * + * author : Pierrick LE GALL <pierrick@z0rglub.com> * * * ***************************************************************************/ @@ -14,10 +14,9 @@ * the Free Software Foundation; * * * ***************************************************************************/ -function get_extension( $filename ) -{ - return substr ( strrchr( $filename, "." ), 1, strlen ( $filename ) ); -} + +//------------------------------------------------------------------- functions + // The validate_upload function checks if the image of the given path is valid. // A picture is valid when : // - width, height and filesize are not higher than the maximum @@ -37,7 +36,7 @@ function validate_upload( $temp_name, $my_max_file_size, $i = 0; //echo $_FILES['picture']['name']."<br />".$temp_name; $extension = get_extension( $_FILES['picture']['name'] ); - if ( $extension != 'gif' && $extension != 'jpg' && $extension != 'png' ) + if ( $extension != 'gif' and $extension != 'jpg' and $extension != 'png' ) { $result['error'][$i++] = $lang['upload_advise_filetype']; return $result; @@ -49,7 +48,8 @@ function validate_upload( $temp_name, $my_max_file_size, } else if ( $_FILES['picture']['size'] > $my_max_file_size * 1024 ) { - $result['error'][$i++] = $lang['upload_advise_width'].$my_max_file_size." KB"; + $result['error'][$i++] = + $lang['upload_advise_width'].$my_max_file_size.' KB'; } else { @@ -63,21 +63,23 @@ function validate_upload( $temp_name, $my_max_file_size, { $size = getimagesize( $temp_name ); if ( isset( $image_max_width ) - && $image_max_width != "" - && $size[0] > $image_max_width ) + and $image_max_width != "" + and $size[0] > $image_max_width ) { - $result['error'][$i++] = $lang['upload_advise_width'].$image_max_width." px"; + $result['error'][$i++] = + $lang['upload_advise_width'].$image_max_width." px"; } if ( isset( $image_max_height ) - && $image_max_height != "" - && $size[1] > $image_max_height ) + and $image_max_height != "" + and $size[1] > $image_max_height ) { - $result['error'][$i++] = $lang['upload_advise_height'].$image_max_height." px"; + $result['error'][$i++] = + $lang['upload_advise_height'].$image_max_height." px"; } // $size[2] == 1 means GIF // $size[2] == 2 means JPG // $size[2] == 3 means PNG - if ( $size[2] != 1 && $size[2] != 2 && $size[2] != 3 ) + if ( $size[2] != 1 and $size[2] != 2 and $size[2] != 3 ) { $result['error'][$i++] = $lang['upload_advise_filetype']; } @@ -86,20 +88,11 @@ function validate_upload( $temp_name, $my_max_file_size, switch ( $size[2] ) { case 1 : - { - $result['type'] = 'gif'; - break; - } + $result['type'] = 'gif'; break; case 2 : - { - $result['type'] = 'jpg'; - break; - } + $result['type'] = 'jpg'; break; case 3 : - { - $result['type'] = 'png'; - break; - } + $result['type'] = 'png'; break; } } } @@ -116,7 +109,7 @@ include_once( './include/init.inc.php' ); //-------------------------------------------------- access authorization check check_login_authorization(); check_cat_id( $_GET['cat'] ); -if ( isset( $page['cat'] ) && is_numeric( $page['cat'] ) ) +if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) ) { check_restrictions( $page['cat'] ); $result = get_cat_info( $page['cat'] ); @@ -129,33 +122,26 @@ else $access_forbidden = true; } if ( $access_forbidden == true - || $page['cat_site_id'] != 1 - || $conf['upload_available'] == 'false' ) + or $page['cat_site_id'] != 1 + or $conf['upload_available'] == 'false' ) { - echo"<div style=\"text-align:center;\">".$lang['upload_forbidden']."<br />"; - echo "<a href=\"".add_session_id_to_url( "./diapo.php" )."\">".$lang['thumbnails']."</a></div>"; + echo '<div style="text-align:center;">'.$lang['upload_forbidden'].'<br />'; + echo '<a href="'.add_session_id_to_url( './diapo.php' ).'">'; + echo $lang['thumbnails'].'</a></div>'; exit(); } //----------------------------------------------------- template initialization $vtp = new VTemplate; -$handle = $vtp->Open( './template/default/upload.vtp' ); -// language -$vtp->setGlobalVar( $handle, 'upload_page_title',$lang['upload_title'] ); -$vtp->setGlobalVar( $handle, 'upload_title', $lang['upload_title'] ); -$vtp->setGlobalVar( $handle, 'upload_username', $lang['upload_username'] ); -$vtp->setGlobalVar( $handle, 'reg_mail_address', $lang['reg_mail_address'] ); -$vtp->setGlobalVar( $handle, 'submit', $lang['submit'] ); -$vtp->setGlobalVar( $handle, 'upload_successful',$lang['upload_successful'] ); -$vtp->setGlobalVar( $handle, 'search_return_main_page', - $lang['search_return_main_page'] ); +$handle = $vtp->Open( './template/'.$user['template'].'/upload.vtp' ); +initialize_template(); + +$tpl = array( 'upload_title', 'upload_username', 'mail_address', 'submit', + 'upload_successful', 'search_return_main_page' ); +templatize_array( $tpl, 'lang', $sub ); // user -$vtp->setGlobalVar( $handle, 'page_style', $user['style'] ); -$vtp->setGlobalVar( $handle, 'user_login', $user['pseudo'] ); +$vtp->setGlobalVar( $handle, 'style', $user['style'] ); +$vtp->setGlobalVar( $handle, 'user_login', $user['username'] ); $vtp->setGlobalVar( $handle, 'user_mail_address',$user['mail_address'] ); -// structure -$vtp->setGlobalVar( $handle, 'frame_start', get_frame_start() ); -$vtp->setGlobalVar( $handle, 'frame_begin', get_frame_begin() ); -$vtp->setGlobalVar( $handle, 'frame_end', get_frame_end() ); $error = array(); $i = 0; @@ -166,7 +152,7 @@ if ( isset( $_GET['waiting_id'] ) ) } //-------------------------------------------------------------- picture upload // vérification de la présence et de la validité des champs. -if ( isset( $_POST['submit'] ) && !isset( $_GET['waiting_id'] ) ) +if ( isset( $_POST['submit'] ) and !isset( $_GET['waiting_id'] ) ) { $path = $page['cat_dir'].$_FILES['picture']['name']; if ( @is_file( $path ) ) @@ -202,7 +188,7 @@ if ( isset( $_POST['submit'] ) && !isset( $_GET['waiting_id'] ) ) if ( sizeof( $error ) == 0 ) { - $query = 'insert into '.$prefixeTable.'waiting'; + $query = 'insert into '.PREFIX_TABLE.'waiting'; $query.= ' (cat_id,file,username,mail_address,date) values'; $query.= " (".$page['cat'].",'".$_FILES['picture']['name']."'"; $query.= ",'".htmlspecialchars( $_POST['username'], ENT_QUOTES)."'"; @@ -213,11 +199,11 @@ if ( isset( $_POST['submit'] ) && !isset( $_GET['waiting_id'] ) ) } } //------------------------------------------------------------ thumbnail upload -if ( isset( $_POST['submit'] ) && isset( $_GET['waiting_id'] ) ) +if ( isset( $_POST['submit'] ) and isset( $_GET['waiting_id'] ) ) { // upload of the thumbnail $query = 'select file'; - $query.= ' from '.$prefixeTable.'waiting'; + $query.= ' from '.PREFIX_TABLE.'waiting'; $query.= ' where id = '.$_GET['waiting_id']; $query.= ';'; $result= mysql_query( $query ); @@ -236,7 +222,7 @@ if ( isset( $_POST['submit'] ) && isset( $_GET['waiting_id'] ) ) } if ( sizeof( $error ) == 0 ) { - $query = 'update '.$prefixeTable.'waiting'; + $query = 'update '.PREFIX_TABLE.'waiting'; $query.= " set tn_ext = '".$extension."'"; $query.= ' where id = '.$_GET['waiting_id']; $query.= ';'; |