diff options
author | rvelices <rv-github@modusoptimus.com> | 2006-03-30 00:37:07 +0000 |
---|---|---|
committer | rvelices <rv-github@modusoptimus.com> | 2006-03-30 00:37:07 +0000 |
commit | 4d322701de488c66916d15955099c3ed1ad061ab (patch) | |
tree | 19f13abdb83f21f13d6bd3b75f54c5eeccdf35a3 | |
parent | a2dd39df73d6c29073dbd8d7d87f34adf9aef621 (diff) |
fix: image_order cookie path fixed for url rewriting
improve: add function access_denied called when check_status or
check_restrictions fail
fix: french language correction
fix: remove php warnings in clean_iptc_value
split search functions into include/functions_search.inc.php
git-svn-id: http://piwigo.org/svn/trunk@1113 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r-- | include/functions.inc.php | 194 | ||||
-rw-r--r-- | include/functions_category.inc.php | 19 | ||||
-rw-r--r-- | include/functions_html.inc.php | 30 | ||||
-rw-r--r-- | include/functions_metadata.inc.php | 14 | ||||
-rw-r--r-- | include/functions_search.inc.php | 219 | ||||
-rw-r--r-- | include/functions_user.inc.php | 9 | ||||
-rw-r--r-- | include/section_init.inc.php | 3 | ||||
-rw-r--r-- | index.php | 2 | ||||
-rw-r--r-- | language/fr_FR.iso-8859-1/common.lang.php | 4 | ||||
-rw-r--r-- | search_rules.php | 9 |
10 files changed, 272 insertions, 231 deletions
diff --git a/include/functions.inc.php b/include/functions.inc.php index 520f8d52a..981da55c4 100644 --- a/include/functions.inc.php +++ b/include/functions.inc.php @@ -5,7 +5,7 @@ // | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) -// | file : $RCSfile$ +// | file : $Id$ // | last update : $Date$ // | last modifier : $Author$ // | revision : $Revision$ @@ -785,196 +785,6 @@ function get_themeconf($key) } /** - * Prepends and appends a string at each value of the given array. - * - * @param array - * @param string prefix to each array values - * @param string suffix to each array values - */ -function prepend_append_array_items($array, $prepend_str, $append_str) -{ - array_walk( - $array, - create_function('&$s', '$s = "'.$prepend_str.'".$s."'.$append_str.'";') - ); - - return $array; -} - -/** - * returns search rules stored into a serialized array in "search" - * table. Each search rules set is numericaly identified. - * - * @param int search_id - * @return array - */ -function get_search_array($search_id) -{ - if (!is_numeric($search_id)) - { - die('Search id must be an integer'); - } - - $query = ' -SELECT rules - FROM '.SEARCH_TABLE.' - WHERE id = '.$search_id.' -;'; - list($serialized_rules) = mysql_fetch_row(pwg_query($query)); - - return unserialize($serialized_rules); -} - -/** - * returns the SQL clause from a search identifier - * - * Search rules are stored in search table as a serialized array. This array - * need to be transformed into an SQL clause to be used in queries. - * - * @param int search_id - * @return string - */ -function get_sql_search_clause($search_id) -{ - $search = get_search_array($search_id); - - // SQL where clauses are stored in $clauses array during query - // construction - $clauses = array(); - - foreach (array('file','name','comment','keywords','author') as $textfield) - { - if (isset($search['fields'][$textfield])) - { - $local_clauses = array(); - foreach ($search['fields'][$textfield]['words'] as $word) - { - array_push($local_clauses, $textfield." LIKE '%".$word."%'"); - } - - // adds brackets around where clauses - $local_clauses = prepend_append_array_items($local_clauses, '(', ')'); - - array_push( - $clauses, - implode( - ' '.$search['fields'][$textfield]['mode'].' ', - $local_clauses - ) - ); - } - } - - if (isset($search['fields']['allwords'])) - { - $fields = array('file', 'name', 'comment', 'keywords', 'author'); - // in the OR mode, request bust be : - // ((field1 LIKE '%word1%' OR field2 LIKE '%word1%') - // OR (field1 LIKE '%word2%' OR field2 LIKE '%word2%')) - // - // in the AND mode : - // ((field1 LIKE '%word1%' OR field2 LIKE '%word1%') - // AND (field1 LIKE '%word2%' OR field2 LIKE '%word2%')) - $word_clauses = array(); - foreach ($search['fields']['allwords']['words'] as $word) - { - $field_clauses = array(); - foreach ($fields as $field) - { - array_push($field_clauses, $field." LIKE '%".$word."%'"); - } - // adds brackets around where clauses - array_push( - $word_clauses, - implode( - "\n OR ", - $field_clauses - ) - ); - } - - array_walk( - $word_clauses, - create_function('&$s','$s="(".$s.")";') - ); - - array_push( - $clauses, - "\n ". - implode( - "\n ". - $search['fields']['allwords']['mode']. - "\n ", - $word_clauses - ) - ); - } - - foreach (array('date_available', 'date_creation') as $datefield) - { - if (isset($search['fields'][$datefield])) - { - array_push( - $clauses, - $datefield." = '".$search['fields'][$datefield]['date']."'" - ); - } - - foreach (array('after','before') as $suffix) - { - $key = $datefield.'-'.$suffix; - - if (isset($search['fields'][$key])) - { - array_push( - $clauses, - - $datefield. - ($suffix == 'after' ? ' >' : ' <'). - ($search['fields'][$key]['inc'] ? '=' : ''). - " '".$search['fields'][$key]['date']."'" - - ); - } - } - } - - if (isset($search['fields']['cat'])) - { - if ($search['fields']['cat']['sub_inc']) - { - // searching all the categories id of sub-categories - $cat_ids = get_subcat_ids($search['fields']['cat']['words']); - } - else - { - $cat_ids = $search['fields']['cat']['words']; - } - - $local_clause = 'category_id IN ('.implode(',', $cat_ids).')'; - array_push($clauses, $local_clause); - } - - // adds brackets around where clauses - $clauses = prepend_append_array_items($clauses, '(', ')'); - - $where_separator = - implode( - "\n ".$search['mode'].' ', - $clauses - ); - - $search_clause = $where_separator; - - if (isset($forbidden)) - { - $search_clause.= "\n AND ".$forbidden; - } - - return $search_clause; -} - -/** * Returns webmaster mail address depending on $conf['webmaster_id'] * * @return string @@ -1020,4 +830,4 @@ function get_available_upgrade_ids() return $available_upgrade_ids; } -?> +?>
\ No newline at end of file diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php index 601ec1b64..a671474ef 100644 --- a/include/functions_category.inc.php +++ b/include/functions_category.inc.php @@ -5,7 +5,7 @@ // | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) -// | file : $RCSfile$ +// | file : $Id$ // | last update : $Date$ // | last modifier : $Author$ // | revision : $Revision$ @@ -42,22 +42,11 @@ */ function check_restrictions($category_id) { - global $user, $lang; + global $user; if (in_array($category_id, explode(',', $user['forbidden_categories']))) { - $login_url = - get_root_url().'identification.php?redirect=' - .urlencode(urlencode($_SERVER['REQUEST_URI'])); - - if (!$user['is_the_guest']) - { - die('Fatal: you are trying to reach a forbidden category'); - } - else - { - redirect($login_url); - } + access_denied(); } } @@ -360,4 +349,4 @@ function rank_compare($a, $b) return ($a['rank'] < $b['rank']) ? -1 : 1; } -?> +?>
\ No newline at end of file diff --git a/include/functions_html.inc.php b/include/functions_html.inc.php index 37f4d8a59..7e7df7c41 100644 --- a/include/functions_html.inc.php +++ b/include/functions_html.inc.php @@ -5,7 +5,7 @@ // | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) -// | file : $RCSfile$ +// | file : $Id$ // | last update : $Date$ // | last modifier : $Author$ // | revision : $Revision$ @@ -493,4 +493,30 @@ function get_cat_display_name_from_id($cat_id, $cat_info = get_cat_info($cat_id); return get_cat_display_name($cat_info['name'], $url, $replace_space); } -?> + +/** + * exits the current script (either exit or redirect) + */ +function access_denied() +{ + global $user, $lang; + + $login_url = + get_root_url().'identification.php?redirect=' + .urlencode(urlencode($_SERVER['REQUEST_URI'])); + + if ( isset($user['is_the_guest']) and !$user['is_the_guest'] ) + { + echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />'; + echo '<a href="'.get_root_url().'identification.php">'.$lang['identification'].'</a> '; + echo '<a href="'.make_index_url().'">'.$lang['home'].'</a></div>'; + exit(); + } + else + { + header('HTTP/1.1 401 Authorization required'); + header('Status: 401 Authorization required'); + redirect($login_url); + } +} +?>
\ No newline at end of file diff --git a/include/functions_metadata.inc.php b/include/functions_metadata.inc.php index d03327f60..4a655c37c 100644 --- a/include/functions_metadata.inc.php +++ b/include/functions_metadata.inc.php @@ -5,7 +5,7 @@ // | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) -// | file : $RCSfile$ +// | file : $Id$ // | last update : $Date$ // | last modifier : $Author$ // | revision : $Revision$ @@ -35,13 +35,13 @@ function get_iptc_data($filename, $map) { $result = array(); - + // Read IPTC data $iptc = array(); - + $imginfo = array(); getimagesize($filename, $imginfo); - + if (isset($imginfo['APP13'])) { $iptc = iptcparse($imginfo['APP13']); @@ -82,13 +82,13 @@ function get_iptc_data($filename, $map) function clean_iptc_value($value) { // strip leading zeros (weird Kodak Scanner software) - while ($value[0] == chr(0)) + while ( isset($value[0]) and $value[0] == chr(0)) { $value = substr($value, 1); } // remove binary nulls $value = str_replace(chr(0x00), ' ', $value); - + return $value; } @@ -107,7 +107,7 @@ function get_exif_data($filename, $map) { die('Exif extension not available, admin should disable exif use'); } - + // Read EXIF data if ($exif = @read_exif_data($filename)) { diff --git a/include/functions_search.inc.php b/include/functions_search.inc.php new file mode 100644 index 000000000..2ca87969e --- /dev/null +++ b/include/functions_search.inc.php @@ -0,0 +1,219 @@ +<?php +// +-----------------------------------------------------------------------+ +// | PhpWebGallery - a PHP based picture gallery | +// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net | +// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net | +// +-----------------------------------------------------------------------+ +// | branch : BSF (Best So Far) +// | file : $Id$ +// | last update : $Date$ +// | last modifier : $Author$ +// | revision : $Revision$ +// +-----------------------------------------------------------------------+ +// | This program is free software; you can redistribute it and/or modify | +// | it under the terms of the GNU General Public License as published by | +// | the Free Software Foundation | +// | | +// | This program is distributed in the hope that it will be useful, but | +// | WITHOUT ANY WARRANTY; without even the implied warranty of | +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | +// | General Public License for more details. | +// | | +// | You should have received a copy of the GNU General Public License | +// | along with this program; if not, write to the Free Software | +// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | +// | USA. | +// +-----------------------------------------------------------------------+ + + +/** + * Prepends and appends a string at each value of the given array. + * + * @param array + * @param string prefix to each array values + * @param string suffix to each array values + */ +function prepend_append_array_items($array, $prepend_str, $append_str) +{ + array_walk( + $array, + create_function('&$s', '$s = "'.$prepend_str.'".$s."'.$append_str.'";') + ); + + return $array; +} + +/** + * returns search rules stored into a serialized array in "search" + * table. Each search rules set is numericaly identified. + * + * @param int search_id + * @return array + */ +function get_search_array($search_id) +{ + if (!is_numeric($search_id)) + { + die('Search id must be an integer'); + } + + $query = ' +SELECT rules + FROM '.SEARCH_TABLE.' + WHERE id = '.$search_id.' +;'; + list($serialized_rules) = mysql_fetch_row(pwg_query($query)); + + return unserialize($serialized_rules); +} + +/** + * returns the SQL clause from a search identifier + * + * Search rules are stored in search table as a serialized array. This array + * need to be transformed into an SQL clause to be used in queries. + * + * @param int search_id + * @return string + */ +function get_sql_search_clause($search_id) +{ + $search = get_search_array($search_id); + + // SQL where clauses are stored in $clauses array during query + // construction + $clauses = array(); + + foreach (array('file','name','comment','keywords','author') as $textfield) + { + if (isset($search['fields'][$textfield])) + { + $local_clauses = array(); + foreach ($search['fields'][$textfield]['words'] as $word) + { + array_push($local_clauses, $textfield." LIKE '%".$word."%'"); + } + + // adds brackets around where clauses + $local_clauses = prepend_append_array_items($local_clauses, '(', ')'); + + array_push( + $clauses, + implode( + ' '.$search['fields'][$textfield]['mode'].' ', + $local_clauses + ) + ); + } + } + + if (isset($search['fields']['allwords'])) + { + $fields = array('file', 'name', 'comment', 'keywords', 'author'); + // in the OR mode, request bust be : + // ((field1 LIKE '%word1%' OR field2 LIKE '%word1%') + // OR (field1 LIKE '%word2%' OR field2 LIKE '%word2%')) + // + // in the AND mode : + // ((field1 LIKE '%word1%' OR field2 LIKE '%word1%') + // AND (field1 LIKE '%word2%' OR field2 LIKE '%word2%')) + $word_clauses = array(); + foreach ($search['fields']['allwords']['words'] as $word) + { + $field_clauses = array(); + foreach ($fields as $field) + { + array_push($field_clauses, $field." LIKE '%".$word."%'"); + } + // adds brackets around where clauses + array_push( + $word_clauses, + implode( + "\n OR ", + $field_clauses + ) + ); + } + + array_walk( + $word_clauses, + create_function('&$s','$s="(".$s.")";') + ); + + array_push( + $clauses, + "\n ". + implode( + "\n ". + $search['fields']['allwords']['mode']. + "\n ", + $word_clauses + ) + ); + } + + foreach (array('date_available', 'date_creation') as $datefield) + { + if (isset($search['fields'][$datefield])) + { + array_push( + $clauses, + $datefield." = '".$search['fields'][$datefield]['date']."'" + ); + } + + foreach (array('after','before') as $suffix) + { + $key = $datefield.'-'.$suffix; + + if (isset($search['fields'][$key])) + { + array_push( + $clauses, + + $datefield. + ($suffix == 'after' ? ' >' : ' <'). + ($search['fields'][$key]['inc'] ? '=' : ''). + " '".$search['fields'][$key]['date']."'" + + ); + } + } + } + + if (isset($search['fields']['cat'])) + { + if ($search['fields']['cat']['sub_inc']) + { + // searching all the categories id of sub-categories + $cat_ids = get_subcat_ids($search['fields']['cat']['words']); + } + else + { + $cat_ids = $search['fields']['cat']['words']; + } + + $local_clause = 'category_id IN ('.implode(',', $cat_ids).')'; + array_push($clauses, $local_clause); + } + + // adds brackets around where clauses + $clauses = prepend_append_array_items($clauses, '(', ')'); + + $where_separator = + implode( + "\n ".$search['mode'].' ', + $clauses + ); + + $search_clause = $where_separator; + + if (isset($forbidden)) + { + $search_clause.= "\n AND ".$forbidden; + } + + return $search_clause; +} + +?>
\ No newline at end of file diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index 7af517980..c1e601aeb 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -5,11 +5,10 @@ // | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) -// | file : $RCSfile$ +// | file : $Id$ // | last update : $Date$ // | last modifier : $Author$ // | revision : $Revision$ -// | revision : $Revision$ // +-----------------------------------------------------------------------+ // | This program is free software; you can redistribute it and/or modify | // | it under the terms of the GNU General Public License as published by | @@ -608,13 +607,9 @@ function is_autorize_status($access_type, $user_status = '') */ function check_status($access_type, $user_status = '') { - global $lang; - if (!is_autorize_status($access_type, $user_status)) { - echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />'; - echo '<a href="'.PHPWG_ROOT_PATH.'identification.php">'.$lang['identification'].'</a></div>'; - exit(); + access_denied(); } } diff --git a/include/section_init.inc.php b/include/section_init.inc.php index 12e720d2d..cc7c074c2 100644 --- a/include/section_init.inc.php +++ b/include/section_init.inc.php @@ -5,7 +5,7 @@ // | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) -// | file : $RCSfile$ +// | file : $Id$ // | last update : $Date$ // | last modifier : $Author$ // | revision : $Revision$ @@ -342,6 +342,7 @@ else // +-----------------------------------------------------------------------+ if ($page['section'] == 'search') { + include_once( PHPWG_ROOT_PATH .'include/functions_search.inc.php' ); $query = ' SELECT DISTINCT(id) FROM '.IMAGES_TABLE.' @@ -54,7 +54,7 @@ if (isset($_GET['image_order'])) setcookie( 'pwg_image_order', $_GET['image_order'] > 0 ? $_GET['image_order'] : '', - 0 + 0, cookie_path() ); redirect( diff --git a/language/fr_FR.iso-8859-1/common.lang.php b/language/fr_FR.iso-8859-1/common.lang.php index a7a7f8d52..13c2cb993 100644 --- a/language/fr_FR.iso-8859-1/common.lang.php +++ b/language/fr_FR.iso-8859-1/common.lang.php @@ -245,7 +245,7 @@ $lang['password_hint'] = 'Vous n\'avez à donner votre mot de passe que si vous d $lang['periods_error'] = 'La période de nouveauté doit être un entier positif'; $lang['picture'] = 'image'; $lang['picture_high'] = 'Cliquer sur l\'image pour la visualiser en haute définition'; -$lang['picture_show_metadata'] = 'Monter les méta-données du fichier'; +$lang['picture_show_metadata'] = 'Montrer les méta-données du fichier'; $lang['powered_by'] = 'Propulsé par'; $lang['preferences'] = 'Préférences'; $lang['previous_page'] = 'Précédent'; @@ -332,4 +332,4 @@ $lang['useful when password forgotten'] = 'utile en cas d\'oubli de mot de passe $lang['w_month'] = 'Mois'; $lang['yes'] = 'Oui'; $lang['adviser_mode_enabled'] = 'Mode conseiller actif'; -?> +?>
\ No newline at end of file diff --git a/search_rules.php b/search_rules.php index 8c3a3df25..6e6900e90 100644 --- a/search_rules.php +++ b/search_rules.php @@ -5,10 +5,10 @@ // | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) -// | file : $RCSfile$ -// | last update : $Date: 2005-09-27 23:57:14 +0200 (mar, 27 sep 2005) $ -// | last modifier : $Author: plg $ -// | revision : $Revision: 879 $ +// | file : $Id$ +// | last update : $Date$ +// | last modifier : $Author$ +// | revision : $Revision$ // +-----------------------------------------------------------------------+ // | This program is free software; you can redistribute it and/or modify | // | it under the terms of the GNU General Public License as published by | @@ -43,6 +43,7 @@ function inc_exc_str($is_included) define('PHPWG_ROOT_PATH','./'); include_once( PHPWG_ROOT_PATH.'include/common.inc.php' ); +include_once( PHPWG_ROOT_PATH.'include/functions_search.inc.php' ); $page['body_id'] = 'thePopuphelpPage'; $title = l10n('PhpWebGallery Help'); |