aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorrvelices <rv-github@modusoptimus.com>2006-03-30 00:37:07 +0000
committerrvelices <rv-github@modusoptimus.com>2006-03-30 00:37:07 +0000
commit4d322701de488c66916d15955099c3ed1ad061ab (patch)
tree19f13abdb83f21f13d6bd3b75f54c5eeccdf35a3 /include
parenta2dd39df73d6c29073dbd8d7d87f34adf9aef621 (diff)
fix: image_order cookie path fixed for url rewriting
improve: add function access_denied called when check_status or check_restrictions fail fix: french language correction fix: remove php warnings in clean_iptc_value split search functions into include/functions_search.inc.php git-svn-id: http://piwigo.org/svn/trunk@1113 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r--include/functions.inc.php194
-rw-r--r--include/functions_category.inc.php19
-rw-r--r--include/functions_html.inc.php30
-rw-r--r--include/functions_metadata.inc.php14
-rw-r--r--include/functions_search.inc.php219
-rw-r--r--include/functions_user.inc.php9
-rw-r--r--include/section_init.inc.php3
7 files changed, 264 insertions, 224 deletions
diff --git a/include/functions.inc.php b/include/functions.inc.php
index 520f8d52a..981da55c4 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -5,7 +5,7 @@
// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
-// | file : $RCSfile$
+// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
@@ -785,196 +785,6 @@ function get_themeconf($key)
}
/**
- * Prepends and appends a string at each value of the given array.
- *
- * @param array
- * @param string prefix to each array values
- * @param string suffix to each array values
- */
-function prepend_append_array_items($array, $prepend_str, $append_str)
-{
- array_walk(
- $array,
- create_function('&$s', '$s = "'.$prepend_str.'".$s."'.$append_str.'";')
- );
-
- return $array;
-}
-
-/**
- * returns search rules stored into a serialized array in "search"
- * table. Each search rules set is numericaly identified.
- *
- * @param int search_id
- * @return array
- */
-function get_search_array($search_id)
-{
- if (!is_numeric($search_id))
- {
- die('Search id must be an integer');
- }
-
- $query = '
-SELECT rules
- FROM '.SEARCH_TABLE.'
- WHERE id = '.$search_id.'
-;';
- list($serialized_rules) = mysql_fetch_row(pwg_query($query));
-
- return unserialize($serialized_rules);
-}
-
-/**
- * returns the SQL clause from a search identifier
- *
- * Search rules are stored in search table as a serialized array. This array
- * need to be transformed into an SQL clause to be used in queries.
- *
- * @param int search_id
- * @return string
- */
-function get_sql_search_clause($search_id)
-{
- $search = get_search_array($search_id);
-
- // SQL where clauses are stored in $clauses array during query
- // construction
- $clauses = array();
-
- foreach (array('file','name','comment','keywords','author') as $textfield)
- {
- if (isset($search['fields'][$textfield]))
- {
- $local_clauses = array();
- foreach ($search['fields'][$textfield]['words'] as $word)
- {
- array_push($local_clauses, $textfield." LIKE '%".$word."%'");
- }
-
- // adds brackets around where clauses
- $local_clauses = prepend_append_array_items($local_clauses, '(', ')');
-
- array_push(
- $clauses,
- implode(
- ' '.$search['fields'][$textfield]['mode'].' ',
- $local_clauses
- )
- );
- }
- }
-
- if (isset($search['fields']['allwords']))
- {
- $fields = array('file', 'name', 'comment', 'keywords', 'author');
- // in the OR mode, request bust be :
- // ((field1 LIKE '%word1%' OR field2 LIKE '%word1%')
- // OR (field1 LIKE '%word2%' OR field2 LIKE '%word2%'))
- //
- // in the AND mode :
- // ((field1 LIKE '%word1%' OR field2 LIKE '%word1%')
- // AND (field1 LIKE '%word2%' OR field2 LIKE '%word2%'))
- $word_clauses = array();
- foreach ($search['fields']['allwords']['words'] as $word)
- {
- $field_clauses = array();
- foreach ($fields as $field)
- {
- array_push($field_clauses, $field." LIKE '%".$word."%'");
- }
- // adds brackets around where clauses
- array_push(
- $word_clauses,
- implode(
- "\n OR ",
- $field_clauses
- )
- );
- }
-
- array_walk(
- $word_clauses,
- create_function('&$s','$s="(".$s.")";')
- );
-
- array_push(
- $clauses,
- "\n ".
- implode(
- "\n ".
- $search['fields']['allwords']['mode'].
- "\n ",
- $word_clauses
- )
- );
- }
-
- foreach (array('date_available', 'date_creation') as $datefield)
- {
- if (isset($search['fields'][$datefield]))
- {
- array_push(
- $clauses,
- $datefield." = '".$search['fields'][$datefield]['date']."'"
- );
- }
-
- foreach (array('after','before') as $suffix)
- {
- $key = $datefield.'-'.$suffix;
-
- if (isset($search['fields'][$key]))
- {
- array_push(
- $clauses,
-
- $datefield.
- ($suffix == 'after' ? ' >' : ' <').
- ($search['fields'][$key]['inc'] ? '=' : '').
- " '".$search['fields'][$key]['date']."'"
-
- );
- }
- }
- }
-
- if (isset($search['fields']['cat']))
- {
- if ($search['fields']['cat']['sub_inc'])
- {
- // searching all the categories id of sub-categories
- $cat_ids = get_subcat_ids($search['fields']['cat']['words']);
- }
- else
- {
- $cat_ids = $search['fields']['cat']['words'];
- }
-
- $local_clause = 'category_id IN ('.implode(',', $cat_ids).')';
- array_push($clauses, $local_clause);
- }
-
- // adds brackets around where clauses
- $clauses = prepend_append_array_items($clauses, '(', ')');
-
- $where_separator =
- implode(
- "\n ".$search['mode'].' ',
- $clauses
- );
-
- $search_clause = $where_separator;
-
- if (isset($forbidden))
- {
- $search_clause.= "\n AND ".$forbidden;
- }
-
- return $search_clause;
-}
-
-/**
* Returns webmaster mail address depending on $conf['webmaster_id']
*
* @return string
@@ -1020,4 +830,4 @@ function get_available_upgrade_ids()
return $available_upgrade_ids;
}
-?>
+?> \ No newline at end of file
diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php
index 601ec1b64..a671474ef 100644
--- a/include/functions_category.inc.php
+++ b/include/functions_category.inc.php
@@ -5,7 +5,7 @@
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
-// | file : $RCSfile$
+// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
@@ -42,22 +42,11 @@
*/
function check_restrictions($category_id)
{
- global $user, $lang;
+ global $user;
if (in_array($category_id, explode(',', $user['forbidden_categories'])))
{
- $login_url =
- get_root_url().'identification.php?redirect='
- .urlencode(urlencode($_SERVER['REQUEST_URI']));
-
- if (!$user['is_the_guest'])
- {
- die('Fatal: you are trying to reach a forbidden category');
- }
- else
- {
- redirect($login_url);
- }
+ access_denied();
}
}
@@ -360,4 +349,4 @@ function rank_compare($a, $b)
return ($a['rank'] < $b['rank']) ? -1 : 1;
}
-?>
+?> \ No newline at end of file
diff --git a/include/functions_html.inc.php b/include/functions_html.inc.php
index 37f4d8a59..7e7df7c41 100644
--- a/include/functions_html.inc.php
+++ b/include/functions_html.inc.php
@@ -5,7 +5,7 @@
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
-// | file : $RCSfile$
+// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
@@ -493,4 +493,30 @@ function get_cat_display_name_from_id($cat_id,
$cat_info = get_cat_info($cat_id);
return get_cat_display_name($cat_info['name'], $url, $replace_space);
}
-?>
+
+/**
+ * exits the current script (either exit or redirect)
+ */
+function access_denied()
+{
+ global $user, $lang;
+
+ $login_url =
+ get_root_url().'identification.php?redirect='
+ .urlencode(urlencode($_SERVER['REQUEST_URI']));
+
+ if ( isset($user['is_the_guest']) and !$user['is_the_guest'] )
+ {
+ echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
+ echo '<a href="'.get_root_url().'identification.php">'.$lang['identification'].'</a>&nbsp;';
+ echo '<a href="'.make_index_url().'">'.$lang['home'].'</a></div>';
+ exit();
+ }
+ else
+ {
+ header('HTTP/1.1 401 Authorization required');
+ header('Status: 401 Authorization required');
+ redirect($login_url);
+ }
+}
+?> \ No newline at end of file
diff --git a/include/functions_metadata.inc.php b/include/functions_metadata.inc.php
index d03327f60..4a655c37c 100644
--- a/include/functions_metadata.inc.php
+++ b/include/functions_metadata.inc.php
@@ -5,7 +5,7 @@
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
-// | file : $RCSfile$
+// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
@@ -35,13 +35,13 @@
function get_iptc_data($filename, $map)
{
$result = array();
-
+
// Read IPTC data
$iptc = array();
-
+
$imginfo = array();
getimagesize($filename, $imginfo);
-
+
if (isset($imginfo['APP13']))
{
$iptc = iptcparse($imginfo['APP13']);
@@ -82,13 +82,13 @@ function get_iptc_data($filename, $map)
function clean_iptc_value($value)
{
// strip leading zeros (weird Kodak Scanner software)
- while ($value[0] == chr(0))
+ while ( isset($value[0]) and $value[0] == chr(0))
{
$value = substr($value, 1);
}
// remove binary nulls
$value = str_replace(chr(0x00), ' ', $value);
-
+
return $value;
}
@@ -107,7 +107,7 @@ function get_exif_data($filename, $map)
{
die('Exif extension not available, admin should disable exif use');
}
-
+
// Read EXIF data
if ($exif = @read_exif_data($filename))
{
diff --git a/include/functions_search.inc.php b/include/functions_search.inc.php
new file mode 100644
index 000000000..2ca87969e
--- /dev/null
+++ b/include/functions_search.inc.php
@@ -0,0 +1,219 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | branch : BSF (Best So Far)
+// | file : $Id$
+// | last update : $Date$
+// | last modifier : $Author$
+// | revision : $Revision$
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify |
+// | it under the terms of the GNU General Public License as published by |
+// | the Free Software Foundation |
+// | |
+// | This program is distributed in the hope that it will be useful, but |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
+// | General Public License for more details. |
+// | |
+// | You should have received a copy of the GNU General Public License |
+// | along with this program; if not, write to the Free Software |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA. |
+// +-----------------------------------------------------------------------+
+
+
+/**
+ * Prepends and appends a string at each value of the given array.
+ *
+ * @param array
+ * @param string prefix to each array values
+ * @param string suffix to each array values
+ */
+function prepend_append_array_items($array, $prepend_str, $append_str)
+{
+ array_walk(
+ $array,
+ create_function('&$s', '$s = "'.$prepend_str.'".$s."'.$append_str.'";')
+ );
+
+ return $array;
+}
+
+/**
+ * returns search rules stored into a serialized array in "search"
+ * table. Each search rules set is numericaly identified.
+ *
+ * @param int search_id
+ * @return array
+ */
+function get_search_array($search_id)
+{
+ if (!is_numeric($search_id))
+ {
+ die('Search id must be an integer');
+ }
+
+ $query = '
+SELECT rules
+ FROM '.SEARCH_TABLE.'
+ WHERE id = '.$search_id.'
+;';
+ list($serialized_rules) = mysql_fetch_row(pwg_query($query));
+
+ return unserialize($serialized_rules);
+}
+
+/**
+ * returns the SQL clause from a search identifier
+ *
+ * Search rules are stored in search table as a serialized array. This array
+ * need to be transformed into an SQL clause to be used in queries.
+ *
+ * @param int search_id
+ * @return string
+ */
+function get_sql_search_clause($search_id)
+{
+ $search = get_search_array($search_id);
+
+ // SQL where clauses are stored in $clauses array during query
+ // construction
+ $clauses = array();
+
+ foreach (array('file','name','comment','keywords','author') as $textfield)
+ {
+ if (isset($search['fields'][$textfield]))
+ {
+ $local_clauses = array();
+ foreach ($search['fields'][$textfield]['words'] as $word)
+ {
+ array_push($local_clauses, $textfield." LIKE '%".$word."%'");
+ }
+
+ // adds brackets around where clauses
+ $local_clauses = prepend_append_array_items($local_clauses, '(', ')');
+
+ array_push(
+ $clauses,
+ implode(
+ ' '.$search['fields'][$textfield]['mode'].' ',
+ $local_clauses
+ )
+ );
+ }
+ }
+
+ if (isset($search['fields']['allwords']))
+ {
+ $fields = array('file', 'name', 'comment', 'keywords', 'author');
+ // in the OR mode, request bust be :
+ // ((field1 LIKE '%word1%' OR field2 LIKE '%word1%')
+ // OR (field1 LIKE '%word2%' OR field2 LIKE '%word2%'))
+ //
+ // in the AND mode :
+ // ((field1 LIKE '%word1%' OR field2 LIKE '%word1%')
+ // AND (field1 LIKE '%word2%' OR field2 LIKE '%word2%'))
+ $word_clauses = array();
+ foreach ($search['fields']['allwords']['words'] as $word)
+ {
+ $field_clauses = array();
+ foreach ($fields as $field)
+ {
+ array_push($field_clauses, $field." LIKE '%".$word."%'");
+ }
+ // adds brackets around where clauses
+ array_push(
+ $word_clauses,
+ implode(
+ "\n OR ",
+ $field_clauses
+ )
+ );
+ }
+
+ array_walk(
+ $word_clauses,
+ create_function('&$s','$s="(".$s.")";')
+ );
+
+ array_push(
+ $clauses,
+ "\n ".
+ implode(
+ "\n ".
+ $search['fields']['allwords']['mode'].
+ "\n ",
+ $word_clauses
+ )
+ );
+ }
+
+ foreach (array('date_available', 'date_creation') as $datefield)
+ {
+ if (isset($search['fields'][$datefield]))
+ {
+ array_push(
+ $clauses,
+ $datefield." = '".$search['fields'][$datefield]['date']."'"
+ );
+ }
+
+ foreach (array('after','before') as $suffix)
+ {
+ $key = $datefield.'-'.$suffix;
+
+ if (isset($search['fields'][$key]))
+ {
+ array_push(
+ $clauses,
+
+ $datefield.
+ ($suffix == 'after' ? ' >' : ' <').
+ ($search['fields'][$key]['inc'] ? '=' : '').
+ " '".$search['fields'][$key]['date']."'"
+
+ );
+ }
+ }
+ }
+
+ if (isset($search['fields']['cat']))
+ {
+ if ($search['fields']['cat']['sub_inc'])
+ {
+ // searching all the categories id of sub-categories
+ $cat_ids = get_subcat_ids($search['fields']['cat']['words']);
+ }
+ else
+ {
+ $cat_ids = $search['fields']['cat']['words'];
+ }
+
+ $local_clause = 'category_id IN ('.implode(',', $cat_ids).')';
+ array_push($clauses, $local_clause);
+ }
+
+ // adds brackets around where clauses
+ $clauses = prepend_append_array_items($clauses, '(', ')');
+
+ $where_separator =
+ implode(
+ "\n ".$search['mode'].' ',
+ $clauses
+ );
+
+ $search_clause = $where_separator;
+
+ if (isset($forbidden))
+ {
+ $search_clause.= "\n AND ".$forbidden;
+ }
+
+ return $search_clause;
+}
+
+?> \ No newline at end of file
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index 7af517980..c1e601aeb 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -5,11 +5,10 @@
// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
-// | file : $RCSfile$
+// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
-// | revision : $Revision$
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
@@ -608,13 +607,9 @@ function is_autorize_status($access_type, $user_status = '')
*/
function check_status($access_type, $user_status = '')
{
- global $lang;
-
if (!is_autorize_status($access_type, $user_status))
{
- echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
- echo '<a href="'.PHPWG_ROOT_PATH.'identification.php">'.$lang['identification'].'</a></div>';
- exit();
+ access_denied();
}
}
diff --git a/include/section_init.inc.php b/include/section_init.inc.php
index 12e720d2d..cc7c074c2 100644
--- a/include/section_init.inc.php
+++ b/include/section_init.inc.php
@@ -5,7 +5,7 @@
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
-// | file : $RCSfile$
+// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
@@ -342,6 +342,7 @@ else
// +-----------------------------------------------------------------------+
if ($page['section'] == 'search')
{
+ include_once( PHPWG_ROOT_PATH .'include/functions_search.inc.php' );
$query = '
SELECT DISTINCT(id)
FROM '.IMAGES_TABLE.'