aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--admin/admin.php6
-rw-r--r--admin/cat.php37
-rw-r--r--admin/configuration.php41
-rw-r--r--admin/create_listing_file.php280
-rw-r--r--admin/edit_cat.php8
-rw-r--r--admin/historique.php6
-rw-r--r--admin/infos_images.php10
-rw-r--r--admin/install.php442
-rw-r--r--admin/perm.php20
-rw-r--r--admin/update.php575
-rw-r--r--admin/user_add.php2
-rw-r--r--admin/user_list.php8
-rw-r--r--admin/user_modify.php4
-rw-r--r--admin/waiting.php6
-rw-r--r--category.php12
-rw-r--r--identification.php6
-rw-r--r--index.php2
-rw-r--r--picture.php40
-rw-r--r--profile.php4
-rw-r--r--search.php2
-rw-r--r--upload.php94
21 files changed, 1098 insertions, 507 deletions
diff --git a/admin/admin.php b/admin/admin.php
index a4c8b77c3..5730356fe 100644
--- a/admin/admin.php
+++ b/admin/admin.php
@@ -35,7 +35,7 @@ switch ( $_GET['page'] )
$titre = $lang['title_modify']; $page_valide = true; break;
case 'historique':
$titre = $lang['title_history']; $page_valide = true; break;
- case 'miseajour':
+ case 'update':
$titre = $lang['title_update']; $page_valide = true; break;
case 'configuration':
$titre = $lang['title_configuration']; $page_valide = true; break;
@@ -115,7 +115,7 @@ $vtp->addSession( $handle, 'summary' );
$vtp->setVar( $handle, 'summary.indent', '' );
$vtp->setVar( $handle, 'summary.link',
add_session_id( $link_start.'waiting' ) );
-$query = 'select id from '.$prefixeTable.'waiting;';
+$query = 'select id from '.PREFIX_TABLE.'waiting;';
$result = mysql_query( $query );
$nb_waiting = '';
if ( mysql_num_rows( $result ) > 0 )
@@ -128,7 +128,7 @@ $vtp->closeSession( $handle, 'summary' );
$vtp->addSession( $handle, 'summary' );
$vtp->setVar( $handle, 'summary.indent', '' );
$vtp->setVar( $handle, 'summary.link',
- add_session_id( $link_start.'miseajour' ) );
+ add_session_id( $link_start.'update' ) );
$vtp->setVar( $handle, 'summary.name', $lang['menu_update'] );
$vtp->closeSession( $handle, 'summary' );
// thumbnails
diff --git a/admin/cat.php b/admin/cat.php
index 2033d667d..890fa866a 100644
--- a/admin/cat.php
+++ b/admin/cat.php
@@ -1,11 +1,10 @@
<?php
/***************************************************************************
- * this file is a part of PhpWebGallery *
+ * cat.php *
* ------------------- *
- * version : 1.3 *
- * url : http://phpwebgallery.net *
- * help : http://forum.phpwebgallery.net *
- * author : Pierrick LE GALL *
+ * application : PhpWebGallery 1.3 *
+ * website : http://www.phpwebgallery.net *
+ * author : Pierrick LE GALL <pierrick@z0rglub.com> *
* *
***************************************************************************/
@@ -32,7 +31,7 @@ if ( isset( $_GET['up'] ) && is_numeric( $_GET['up'] ) )
// 1. searching level (id_uppercat)
// and rank of the category to move
$query = 'select id_uppercat,rank';
- $query.= ' from '.$prefixeTable.'categories';
+ $query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where id = '.$_GET['up'];
$query.= ';';
$row = mysql_fetch_array( mysql_query( $query ) );
@@ -41,7 +40,7 @@ if ( isset( $_GET['up'] ) && is_numeric( $_GET['up'] ) )
// 2. searching the id and the rank of the category
// just above at the same level
$query = 'select id,rank';
- $query.= ' from '.$prefixeTable.'categories';
+ $query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where rank < '.$rank;
if ( $level == '' )
{
@@ -58,12 +57,12 @@ if ( isset( $_GET['up'] ) && is_numeric( $_GET['up'] ) )
$new_rank = $row['rank'];
$replaced_cat = $row['id'];
// 3. exchanging ranks between the two categories
- $query = 'update '.$prefixeTable.'categories';
+ $query = 'update '.PREFIX_TABLE.'categories';
$query.= ' set rank = '.$new_rank;
$query.= ' where id = '.$_GET['up'];
$query.= ';';
mysql_query( $query );
- $query = 'update '.$prefixeTable.'categories';
+ $query = 'update '.PREFIX_TABLE.'categories';
$query.= ' set rank = '.$rank;
$query.= ' where id = '.$replaced_cat;
$query.= ';';
@@ -74,7 +73,7 @@ if ( isset( $_GET['down'] ) && is_numeric( $_GET['down'] ) )
// 1. searching level (id_uppercat)
// and rank of the category to move
$query = 'select id_uppercat,rank';
- $query.= ' from '.$prefixeTable.'categories';
+ $query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where id = '.$_GET['down'];
$query.= ';';
$row = mysql_fetch_array( mysql_query( $query ) );
@@ -83,7 +82,7 @@ if ( isset( $_GET['down'] ) && is_numeric( $_GET['down'] ) )
// 2. searching the id and the rank of the category
// just below at the same level
$query = 'select id,rank';
- $query.= ' from '.$prefixeTable.'categories';
+ $query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where rank > '.$rank;
if ( $level == '' )
{
@@ -100,12 +99,12 @@ if ( isset( $_GET['down'] ) && is_numeric( $_GET['down'] ) )
$new_rank = $row['rank'];
$replaced_cat = $row['id'];
// 3. exchanging ranks between the two categories
- $query = 'update '.$prefixeTable.'categories';
+ $query = 'update '.PREFIX_TABLE.'categories';
$query.= ' set rank = '.$new_rank;
$query.= ' where id = '.$_GET['down'];
$query.= ';';
mysql_query( $query );
- $query = 'update '.$prefixeTable.'categories';
+ $query = 'update '.PREFIX_TABLE.'categories';
$query.= ' set rank = '.$rank;
$query.= ' where id = '.$replaced_cat;
$query.= ';';
@@ -114,12 +113,10 @@ if ( isset( $_GET['down'] ) && is_numeric( $_GET['down'] ) )
//------------------------------------------------------------------ reordering
function ordering( $id_uppercat )
{
- global $prefixeTable;
-
$rank = 1;
$query = 'select id';
- $query.= ' from '.$prefixeTable.'categories';
+ $query.= ' from '.PREFIX_TABLE.'categories';
if ( !is_numeric( $id_uppercat ) )
{
$query.= ' where id_uppercat is NULL';
@@ -133,7 +130,7 @@ function ordering( $id_uppercat )
$result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) )
{
- $query = 'update '.$prefixeTable.'categories';
+ $query = 'update '.PREFIX_TABLE.'categories';
$query.= ' set rank = '.$rank;
$query.= ' where id = '.$row['id'];
$query.= ';';
@@ -148,11 +145,11 @@ ordering( 'NULL' );
function display_cat_manager( $id_uppercat, $indent,
$uppercat_visible, $level )
{
- global $prefixeTable,$lang,$conf,$sub,$vtp;
+ global $lang,$conf,$sub,$vtp;
// searching the min_rank and the max_rank of the category
$query = 'select min(rank) as min, max(rank) as max';
- $query.= ' from '.$prefixeTable.'categories';
+ $query.= ' from '.PREFIX_TABLE.'categories';
if ( !is_numeric( $id_uppercat ) )
{
$query.= ' where id_uppercat is NULL';
@@ -180,7 +177,7 @@ function display_cat_manager( $id_uppercat, $indent,
}
$query = 'select id,name,dir,nb_images,status,rank,site_id';
- $query.= ' from '.$prefixeTable.'categories';
+ $query.= ' from '.PREFIX_TABLE.'categories';
if ( !is_numeric( $id_uppercat ) )
{
$query.= ' where id_uppercat is NULL';
diff --git a/admin/configuration.php b/admin/configuration.php
index d0d4a6fc5..75be943db 100644
--- a/admin/configuration.php
+++ b/admin/configuration.php
@@ -3,6 +3,7 @@
* configuration.php *
* ------------------- *
* application : PhpWebGallery 1.3 *
+ * website : http://www.phpwebgallery.net *
* author : Pierrick LE GALL <pierrick@z0rglub.com> *
* *
***************************************************************************/
@@ -34,17 +35,16 @@ $Caracs = array("¥" => "Y", "µ" => "u", "À" => "A", "Á" => "A",
"ù" => "u", "ú" => "u", "û" => "u", "ü" => "u",
"ý" => "y", "ÿ" => "y");
//------------------------------ verification and registration of modifications
-$conf_infos = array( 'prefixe_thumbnail', 'webmaster', 'mail_webmaster',
- 'acces', 'session_id_size', 'session_time',
- 'session_keyword', 'max_user_listbox', 'show_comments',
- 'nb_comment_page', 'upload_available',
- 'upload_maxfilesize', 'upload_maxwidth',
- 'upload_maxheight', 'upload_maxwidth_thumbnail',
- 'upload_maxheight_thumbnail' );
-$default_user_infos = array( 'nb_image_line', 'nb_line_page', 'theme',
- 'language', 'maxwidth', 'maxheight', 'expand',
- 'show_nb_comments', 'short_period', 'long_period',
- 'template' );
+$conf_infos =
+array( 'prefixe_thumbnail','webmaster','mail_webmaster','acces',
+ 'session_id_size','session_time','session_keyword','max_user_listbox',
+ 'show_comments','nb_comment_page','upload_available',
+ 'upload_maxfilesize', 'upload_maxwidth','upload_maxheight',
+ 'upload_maxwidth_thumbnail','upload_maxheight_thumbnail' );
+$default_user_infos =
+array( 'nb_image_line','nb_line_page','theme','language','maxwidth',
+ 'maxheight','expand','show_nb_comments','short_period','long_period',
+ 'template' );
$error = array();
$i = 0;
if ( $_GET['valider'] == 1 )
@@ -52,13 +52,13 @@ if ( $_GET['valider'] == 1 )
//purge de la table des session si demandé
if ( $_POST['empty_session_table'] == 1 )
{
- $query = 'delete from '.$prefixeTable.'sessions';
+ $query = 'delete from '.PREFIX_TABLE.'sessions';
$query.= ' where expiration < '.time().';';
mysql_query( $query );
}
// deletion of site as asked
$query = 'select id';
- $query.= ' from '.$prefixeTable.'sites';
+ $query.= ' from '.PREFIX_TABLE.'sites';
$query.= " where galleries_url <> './galleries/';";
$result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) )
@@ -182,8 +182,8 @@ if ( $_GET['valider'] == 1 )
// dans le cas où il n'y aucune erreurs
if ( sizeof( $error ) == 0 )
{
- mysql_query( 'delete from '.$prefixeTable.'config;' );
- $query = 'insert into '.$prefixeTable.'config';
+ mysql_query( 'delete from '.PREFIX_TABLE.'config;' );
+ $query = 'insert into '.PREFIX_TABLE.'config';
$query.= ' (';
for ( $i = 0; $i < sizeof( $conf_infos ); $i++ )
{
@@ -219,7 +219,7 @@ if ( $_GET['valider'] == 1 )
$tab_theme = explode( ' - ', $_POST['theme'] );
$_POST['theme'] = $tab_theme[0].'/'.$tab_theme[1];
- $query = 'update '.$prefixeTable.'users';
+ $query = 'update '.PREFIX_TABLE.'users';
$query.= ' set';
for ( $i = 0; $i < sizeof( $default_user_infos ); $i++ )
{
@@ -271,7 +271,7 @@ else
}
$query.= $conf_infos[$i];
}
- $query .= ' from '.$prefixeTable.'config;';
+ $query .= ' from '.PREFIX_TABLE.'config;';
$row = mysql_fetch_array( mysql_query( $query ) );
@@ -292,7 +292,7 @@ else
}
$query.= $default_user_infos[$i];
}
- $query .= ' from '.$prefixeTable.'users';
+ $query .= ' from '.PREFIX_TABLE.'users';
$query.= " where username = 'guest'";
$query.= ';';
@@ -308,8 +308,7 @@ $sub = $vtp->Open( '../template/'.$user['template'].
'/admin/configuration.vtp' );
// language
$vtp->setGlobalVar( $sub, 'conf_confirmation', $lang['conf_confirmation'] );
-$vtp->setGlobalVar( $sub, 'conf_remote_site_title',
- $lang['conf_remote_site_title'] );
+$vtp->setGlobalVar( $sub, 'remote_site', $lang['remote_site'] );
$vtp->setGlobalVar( $sub, 'delete', $lang['delete'] );
$vtp->setGlobalVar( $sub, 'conf_remote_site_delete_info',
$lang['conf_remote_site_delete_info'] );
@@ -885,7 +884,7 @@ $vtp->closeSession( $sub, 'space_line' );
$vtp->closeSession( $sub, 'line' );
//------------------------------------------------ remote sites administration
$query = 'select id,galleries_url';
-$query.= ' from '.$prefixeTable.'sites';
+$query.= ' from '.PREFIX_TABLE.'sites';
$query.= " where galleries_url <> './galleries/';";
$result = mysql_query( $query );
if ( mysql_num_rows( $result ) > 0 )
diff --git a/admin/create_listing_file.php b/admin/create_listing_file.php
index 9b94486ef..f3b816bbc 100644
--- a/admin/create_listing_file.php
+++ b/admin/create_listing_file.php
@@ -1,128 +1,162 @@
<?php
- $prefixe_thumbnail = "TN-";
+$prefixe_thumbnail = 'TN-';
-
- $tab_ext = array ( 'jpg', 'JPG','gif','GIF','png','PNG' );
+$conf['picture_ext'] = array ( 'jpg', 'gif', 'png', 'JPG', 'GIF', 'PNG' );
- $listing = "";
-
- $local_folder = substr( $PHP_SELF, 0, strrpos( $PHP_SELF, "/" ) + 1 );
- $url = "http://".$HTTP_HOST.$local_folder;
- $listing.= "<url>$url</url>";
-
- // get_dirs retourne un tableau contenant tous les sous-répertoires d'un répertoire
- function get_dirs( $rep, $indent, $level )
- {
- $sub_rep = array();
- $i = 0;
- $dirs = "";
- if ( $opendir = opendir ( $rep ) )
- {
- while ( $file = readdir ( $opendir ) )
- {
- if ( $file != "." && $file != ".." && is_dir ( $rep."/".$file ) && $file != "thumbnail" )
- {
- $sub_rep[$i++] = $file;
- }
- }
- }
- // write of the dirs
- for ( $i = 0; $i < sizeof( $sub_rep ); $i++ )
- {
- $dirs.= "\n".$indent."<dir".$level.">";
- $dirs.= "\n".$indent."\t<name>".$sub_rep[$i]."</name>";
- $dirs.= get_pictures( $rep."/".$sub_rep[$i], $indent."\t" );
- $dirs.= get_dirs( $rep."/".$sub_rep[$i], $indent."\t", $level + 1 );
- $dirs.= "\n".$indent."</dir".$level.">";
- }
- return $dirs;
- }
-
- function is_image ( $filename )
- {
- global $tab_ext;
- if ( in_array ( substr ( strrchr($filename,"."), 1, strlen ( $filename ) ), $tab_ext ) )
- {
- return true;
- }
- else
- {
- return false;
- }
- }
+$listing = '';
+
+$end = strrpos( $_SERVER['PHP_SELF'], '/' ) + 1;
+$local_folder = substr( $_SERVER['PHP_SELF'], 0, $end );
+$url = 'http://'.$_SERVER['HTTP_HOST'].$local_folder;
+
+$listing.= "<url>$url</url>";
- function TN_exist ( $dir, $file )
- {
- global $tab_ext, $prefixe_thumbnail;
-
- $titre = substr ( $file, 0, -4 );
- for ( $i = 0; $i < sizeof ( $tab_ext ); $i++ )
- {
- $test = $dir."/thumbnail/".$prefixe_thumbnail.$titre.".".$tab_ext[$i];
- if ( is_file ( $test ) )
- {
- return $tab_ext[$i];
- }
- }
- return false;
- }
-
- function get_pictures( $rep, $indent )
- {
- $pictures = array();
- $i = 0;
- $tn_ext = "";
- $root = "";
- if ( $opendir = opendir ( $rep ) )
- {
- while ( $file = readdir ( $opendir ) )
- {
- if ( is_image( $file ) && $tn_ext = TN_exist( $rep, $file ) )
- {
- $pictures[$i] = array();
- $pictures[$i]['file'] = $file;
- $pictures[$i]['tn_ext'] = $tn_ext;
- $pictures[$i]['date'] = date( "Y-m-d", filemtime ( $rep."/".$file ) );
- $pictures[$i]['filesize'] = floor ( filesize( $rep."/".$file ) / 1024 );
- $image_size = @getimagesize( $rep."/".$file );
- $pictures[$i]['width'] = $image_size[0];
- $pictures[$i]['height'] = $image_size[1];
- $i++;
- }
- }
- }
- // write of the node <root> with all the pictures at the root of the directory
- $root.= "\n".$indent."<root>";
- if ( sizeof( $pictures ) > 0 )
- {
- for( $i = 0; $i < sizeof( $pictures ); $i++ )
- {
- $root.= "\n".$indent."\t<picture>";
- $root.= "\n".$indent."\t\t<file>".$pictures[$i]['file']."</file>";
- $root.= "\n".$indent."\t\t<tn_ext>".$pictures[$i]['tn_ext']."</tn_ext>";
- $root.= "\n".$indent."\t\t<date>".$pictures[$i]['date']."</date>";
- $root.= "\n".$indent."\t\t<filesize>".$pictures[$i]['filesize']."</filesize>";
- $root.= "\n".$indent."\t\t<width>".$pictures[$i]['width']."</width>";
- $root.= "\n".$indent."\t\t<height>".$pictures[$i]['height']."</height>";
- $root.= "\n".$indent."\t</picture>";
- }
- }
- $root.= "\n".$indent."</root>";
- return $root;
- }
-
- $listing.= get_dirs( ".", "", 0 );
-
- if ( $fp = @fopen("./listing.xml","w") )
- {
- fwrite( $fp, $listing );
- fclose( $fp );
- }
- else
- {
- echo "impossible de créer ou d'écrire dans le fichier listing.xml";
- }
-
- //echo str_replace( "\t", "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;", nl2br( htmlspecialchars( $listing, ENT_QUOTES ) ) );
- echo "listing.xml created";
+// get_dirs retourne un tableau contenant tous les sous-répertoires d'un
+// répertoire
+function get_dirs( $rep, $indent, $level )
+{
+ $sub_rep = array();
+ $i = 0;
+ $dirs = "";
+ if ( $opendir = opendir ( $rep ) )
+ {
+ while ( $file = readdir ( $opendir ) )
+ {
+ if ( $file != "."
+ and $file != ".."
+ and is_dir ( $rep."/".$file )
+ and $file != "thumbnail" )
+ {
+ $sub_rep[$i++] = $file;
+ }
+ }
+ }
+ // write of the dirs
+ for ( $i = 0; $i < sizeof( $sub_rep ); $i++ )
+ {
+ $dirs.= "\n".$indent.'<dir'.$level.' name="'.$sub_rep[$i].'">';
+ $dirs.= get_pictures( $rep.'/'.$sub_rep[$i], $indent.' ' );
+ $dirs.= get_dirs( $rep.'/'.$sub_rep[$i], $indent.' ', $level + 1 );
+ $dirs.= "\n".$indent.'</dir'.$level.'>';
+ }
+ return $dirs;
+}
+
+// get_extension returns the part of the string after the last "."
+function get_extension( $filename )
+{
+ return substr( strrchr( $filename, '.' ), 1, strlen ( $filename ) );
+}
+
+// get_filename_wo_extension returns the part of the string before the last
+// ".".
+// get_filename_wo_extension( 'test.tar.gz' ) -> 'test.tar'
+function get_filename_wo_extension( $filename )
+{
+ return substr( $filename, 0, strrpos( $filename, '.' ) );
+}
+
+function is_image( $filename )
+{
+ global $conf;
+
+ if ( !is_dir( $filename )
+ and in_array( get_extension( $filename ), $conf['picture_ext'] ) )
+ {
+ return true;
+ }
+ return false;
+}
+
+function TN_exists( $dir, $file )
+{
+ global $conf, $prefixe_thumbnail;
+
+ $titre = get_filename_wo_extension( $file );
+
+ for ( $i = 0; $i < sizeof ( $conf['picture_ext'] ); $i++ )
+ {
+ $base_tn_name = $dir.'/thumbnail/'.$prefixe_thumbnail.$titre.'.';
+ $ext = $conf['picture_ext'][$i];
+ if ( is_file( $base_tn_name.$ext ) )
+ {
+ return $ext;
+ }
+ }
+ echo 'The thumbnail is missing for '.$dir.'/'.$file;
+ echo '-> '.$dir.'/thumbnail/'.$prefixe_thumbnail.$titre.'.xxx';
+ echo ' ("xxx" can be : ';
+ for ( $i = 0; $i < sizeof ( $conf['picture_ext'] ); $i++ )
+ {
+ if ( $i > 0 )
+ {
+ echo ', ';
+ }
+ echo '"'.$conf['picture_ext'][$i].'"';
+ }
+ echo ')<br />';
+ return false;
+}
+
+function get_pictures( $rep, $indent )
+{
+ $pictures = array();
+
+ $tn_ext = '';
+ $root = '';
+ if ( $opendir = opendir ( $rep ) )
+ {
+ while ( $file = readdir ( $opendir ) )
+ {
+ if ( is_image( $file ) and $tn_ext = TN_exists( $rep, $file ) )
+ {
+ $picture = array();
+
+ $picture['file'] = $file;
+ $picture['tn_ext'] = $tn_ext;
+ $picture['date'] = date('Y-m-d',filemtime( $rep.'/'.$file ) );
+ $picture['filesize'] = floor( filesize( $rep."/".$file ) / 1024 );
+ $image_size = @getimagesize( $rep."/".$file );
+ $picture['width'] = $image_size[0];
+ $picture['height'] = $image_size[1];
+
+ array_push( $pictures, $picture );
+ }
+ }
+ }
+ // write of the node <root> with all the pictures at the root of the
+ // directory
+ $root.= "\n".$indent."<root>";
+ if ( sizeof( $pictures ) > 0 )
+ {
+ for( $i = 0; $i < sizeof( $pictures ); $i++ )
+ {
+ $root.= "\n".$indent.' ';
+ $root.= '<picture';
+ $root.= ' file="'. $pictures[$i]['file']. '"';
+ $root.= ' tn_ext="'. $pictures[$i]['tn_ext']. '"';
+ $root.= ' date="'. $pictures[$i]['date']. '"';
+ $root.= ' filesize="'. $pictures[$i]['filesize']. '"';
+ $root.= ' width="'. $pictures[$i]['width']. '"';
+ $root.= ' height="'. $pictures[$i]['height']. '"';
+ $root.= ' />';
+ }
+ }
+ $root.= "\n".$indent.'</root>';
+ return $root;
+}
+
+$listing.= get_dirs( '.', '', 0 );
+
+if ( $fp = @fopen("./listing.xml","w") )
+{
+ fwrite( $fp, $listing );
+ fclose( $fp );
+}
+else
+{
+ echo "I can't write the file listing.xml";
+}
+
+echo "listing.xml created";
?> \ No newline at end of file
diff --git a/admin/edit_cat.php b/admin/edit_cat.php
index ae93521c0..c813bac66 100644
--- a/admin/edit_cat.php
+++ b/admin/edit_cat.php
@@ -18,7 +18,7 @@
if ( $HTTP_GET_VARS['valider'] == 1 )
{
- $query = "update $prefixeTable"."categories ";
+ $query = "update PREFIX_TABLE"."categories ";
if ( $HTTP_POST_VARS['name'] == "" )
{
$query.= "set name = NULL, ";
@@ -39,7 +39,7 @@
$query.= "where id = '".$HTTP_GET_VARS['cat']."';";
mysql_query( $query );
- $result = mysql_query( "select id from $prefixeTable"."users where pseudo != '".$conf['webmaster']."';" );
+ $result = mysql_query( "select id from PREFIX_TABLE"."users where pseudo != '".$conf['webmaster']."';" );
while ( $row = mysql_fetch_array ( $result ) )
{
check_favorites( $row['id'] );
@@ -52,7 +52,7 @@
<form action=\"".add_session_id_to_url( "./admin.php?page=edit_cat&amp;cat=".$HTTP_GET_VARS['cat']."&amp;valider=1" )."\" method=\"post\">
<table style=\"width:100%;\">";
$query = "select a.id,name,dir,status,comment,id_uppercat,site_id,galleries_url";
- $query.= " from $prefixeTable"."categories as a, $prefixeTable"."sites as b";
+ $query.= " from PREFIX_TABLE"."categories as a, PREFIX_TABLE"."sites as b";
$query.= " where a.id = ".$HTTP_GET_VARS['cat'];
$query.= " and a.site_id = b.id;";
$row = mysql_fetch_array( mysql_query( $query ) );
@@ -86,7 +86,7 @@
// on récupère toutes les status possibles dans la base
// par l'intermédiaire de la fonction get_enums trouvable
// dans le fichier config.php
- $option = get_enums( $prefixeTable."categories", "status" );
+ $option = get_enums( PREFIX_TABLE."categories", "status" );
for ( $i = 0; $i < sizeof( $option ); $i++ )
{
if ( $option[$i] == $row['status'] )
diff --git a/admin/historique.php b/admin/historique.php
index 2aca5bfc1..eda2b1b27 100644
--- a/admin/historique.php
+++ b/admin/historique.php
@@ -18,7 +18,7 @@
if ( $HTTP_GET_VARS['empty'] == 1 )
{
- mysql_query( "delete from $prefixeTable"."history;" );
+ mysql_query( "delete from PREFIX_TABLE"."history;" );
}
define (NB_JOUR_HISTO,"7");
$tMois = array("janvier", "février", "mars", "avril", "mai", "juin", "juillet", "août", "septembre", "octobre", "novembre", "décembre");
@@ -28,7 +28,7 @@
// il faut trouver le unix date de la veille à 00h00 :
// time (); nous donne le nombre de secondes actuelle
$date_ref = time() - (7*24*60*60);
- $result = mysql_query( "select date,login,IP,categorie,page,titre,commentaire from $prefixeTable"."history where date > '$date_ref' order by date desc;");
+ $result = mysql_query( "select date,login,IP,categorie,page,titre,commentaire from PREFIX_TABLE"."history where date > '$date_ref' order by date desc;");
echo"<div style=\"text-align:center;\"><a href=\"".add_session_id_to_url( "./admin.php?page=historique&amp;empty=1" )."\">empty / vider</a></div>";
echo"<div style=\"color:green;text-align:center;margin:10px\">";
// affichage de la date du jour
@@ -71,7 +71,7 @@
</tr>";
// 2. affichage de tous les évènements pour le jour donné
// entre la veille à 23h59m59s et le jour même 23h59m59s
- $result = mysql_query("select date,login,IP,categorie,page,titre,commentaire from $prefixeTable"."history where date > '$debut' and date < '$fin' order by date desc;");
+ $result = mysql_query("select date,login,IP,categorie,page,titre,commentaire from PREFIX_TABLE"."history where date > '$debut' and date < '$fin' order by date desc;");
$fin = $debut;
// on recule le début d'une journée complète
$debut = $debut - 24*60*60;
diff --git a/admin/infos_images.php b/admin/infos_images.php
index a5c1b75a4..f1921c6d3 100644
--- a/admin/infos_images.php
+++ b/admin/infos_images.php
@@ -53,7 +53,7 @@
//------------------------------------------------------------mises à jour
// 1. options individuelles
$query = "select id,file ";
- $query.= "from $prefixeTable"."images ";
+ $query.= "from PREFIX_TABLE"."images ";
$query.= "where cat_id = ".$page['cat']." ";
$result = mysql_query( $query );
$i = 1;
@@ -65,7 +65,7 @@
$date_creation = "date_creation-".$row['id'];
if ( isset( $HTTP_POST_VARS[$name] ) )
{
- $query = "update $prefixeTable"."images ";
+ $query = "update PREFIX_TABLE"."images ";
if ( $HTTP_POST_VARS[$name] == "" )
{
$query.= "set name = NULL ";
@@ -106,7 +106,7 @@
// 2. options générales
if ( $HTTP_POST_VARS['use_common_author'] == 1 )
{
- $query = "update $prefixeTable"."images ";
+ $query = "update PREFIX_TABLE"."images ";
if ( $HTTP_POST_VARS['author_cat'] == "" )
{
$query.= "set author = NULL ";
@@ -125,7 +125,7 @@
if ( check_date_format( $HTTP_POST_VARS['date_creation_cat'] ) )
{
$date = date_convert( $HTTP_POST_VARS['date_creation_cat'] );
- $query = "update $prefixeTable"."images ";
+ $query = "update PREFIX_TABLE"."images ";
if ( $HTTP_POST_VARS['date_creation_cat'] == "" )
{
$query.= "set date_creation = NULL ";
@@ -200,7 +200,7 @@
<td class=\"row2\" style=\"text-align:center;\">".$lang['infoimage_creation_date']."</td>
</tr>";
$query = "select id,file,comment,author,tn_ext,name,date_creation";
- $query.= " from $prefixeTable"."images";
+ $query.= " from PREFIX_TABLE"."images";
$query.= " where cat_id = ".$page['cat'];
$query.= $conf['order_by'];
$query.= " limit ".$page['start'].",".$page['nb_image_page'];
diff --git a/admin/install.php b/admin/install.php
index c87a63bbd..00058365f 100644
--- a/admin/install.php
+++ b/admin/install.php
@@ -14,9 +14,9 @@
* the Free Software Foundation; *
* *
***************************************************************************/
- function header_install()
- {
- $output = "
+function header_install()
+{
+ $output = "
<html>
<head>
<title>PhpWebGallery 1.2</title>
@@ -125,12 +125,12 @@
<table width=\"700\" class=\"table1\" style=\"margin:auto;\">
<tr>
<td class=\"contenucellule\">";
- return $output;
- }
+ return $output;
+}
- function footer_install()
- {
- $output = "
+function footer_install()
+{
+ $output = "
</td>
</tr>
</table>
@@ -139,92 +139,92 @@
</table>
</body>
</html>";
- return $output;
- }
+ return $output;
+}
- if ( isset( $HTTP_GET_VARS['language'] ) )
- {
- $isadmin = true;
- $lang = array();
- include( "../language/".$HTTP_GET_VARS['language'].".php" );
- }
+if ( isset( $HTTP_GET_VARS['language'] ) )
+{
+ $isadmin = true;
+ $lang = array();
+ include( "../language/".$HTTP_GET_VARS['language'].".php" );
+}
- /*---------------------------------------Step 1------------------------------------*/
- if ( $HTTP_GET_VARS['step'] == 1 )
- {
- $erreur1 = true;
- $message = "";
- // création du fichier de configuration de connexion à la BD mysql
- if( isset( $HTTP_POST_VARS['cfgBase'] ) && isset( $HTTP_POST_VARS['cfgUser'] ) && isset( $HTTP_POST_VARS['cfgPassword'] ) && isset( $HTTP_POST_VARS['cfgHote'] ) )
- {
- if ( @mysql_connect( $HTTP_POST_VARS['cfgHote'], $HTTP_POST_VARS['cfgUser'], $HTTP_POST_VARS['cfgPassword'] ) )
- {
- if ( @mysql_select_db($HTTP_POST_VARS['cfgBase'] ) )
- {
- $message.= "<div class=\"info\">".$lang['step1_confirmation']."</div>";
- $erreur1 = false;
- }
- else
- {
- $message.= "<div class=\"erreur\">".$lang['step1_err_db']."</div>";
- }
- }
- else
- {
- $message.= "<div class=\"erreur\">".$lang['step1_err_server']."</div>";
- }
+/*---------------------------------------Step 1------------------------------------*/
+if ( $HTTP_GET_VARS['step'] == 1 )
+{
+ $erreur1 = true;
+ $message = "";
+ // création du fichier de configuration de connexion à la BD mysql
+ if( isset( $HTTP_POST_VARS['cfgBase'] ) && isset( $HTTP_POST_VARS['cfgUser'] ) && isset( $HTTP_POST_VARS['cfgPassword'] ) && isset( $HTTP_POST_VARS['cfgHote'] ) )
+ {
+ if ( @mysql_connect( $HTTP_POST_VARS['cfgHote'], $HTTP_POST_VARS['cfgUser'], $HTTP_POST_VARS['cfgPassword'] ) )
+ {
+ if ( @mysql_select_db($HTTP_POST_VARS['cfgBase'] ) )
+ {
+ $message.= "<div class=\"info\">".$lang['step1_confirmation']."</div>";
+ $erreur1 = false;
+ }
+ else
+ {
+ $message.= "<div class=\"erreur\">".$lang['step1_err_db']."</div>";
+ }
+ }
+ else
+ {
+ $message.= "<div class=\"erreur\">".$lang['step1_err_server']."</div>";
+ }
- if ( !$erreur1 )
- {
- // écriture du fichier de configuration
- if ( $fp = @fopen("../include/mysql.inc.php","a+") )
- {
- fwrite( $fp, "<?php\n\t\$cfgBase='".$HTTP_POST_VARS['cfgBase']."';\n\t\$cfgUser='".$HTTP_POST_VARS['cfgUser']."';\n\t\$cfgPassword='".$HTTP_POST_VARS['cfgPassword']."';\n\t\$cfgHote='".$HTTP_POST_VARS['cfgHote']."';\n\t\$prefixeTable='".$HTTP_POST_VARS['prefixe']."';\n?>" );
- fclose( $fp );
- }
- $cfgHote = "";
- $cfgUser = "";
- $cfgPassword = "";
- $cfgBase = "";
- include ( "../include/mysql.inc.php" );
- $erreur2 = true;
- if ( @mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) )
- {
- if ( @mysql_select_db ( $cfgBase ) )
- {
- $erreur2 = false;
- }
- }
- if ( $erreur2 )
- {
- $message.="<br /><br />".$lang['step1_err_copy']." :<br />
+ if ( !$erreur1 )
+ {
+ // écriture du fichier de configuration
+ if ( $fp = @fopen("../include/mysql.inc.php","a+") )
+ {
+ fwrite( $fp, "<?php\n\t\$cfgBase='".$HTTP_POST_VARS['cfgBase']."';\n\t\$cfgUser='".$HTTP_POST_VARS['cfgUser']."';\n\t\$cfgPassword='".$HTTP_POST_VARS['cfgPassword']."';\n\t\$cfgHote='".$HTTP_POST_VARS['cfgHote']."';\n\t\PREFIX_TABLE='".$HTTP_POST_VARS['prefixe']."';\n?>" );
+ fclose( $fp );
+ }
+ $cfgHote = "";
+ $cfgUser = "";
+ $cfgPassword = "";
+ $cfgBase = "";
+ include ( "../include/mysql.inc.php" );
+ $erreur2 = true;
+ if ( @mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) )
+ {
+ if ( @mysql_select_db ( $cfgBase ) )
+ {
+ $erreur2 = false;
+ }
+ }
+ if ( $erreur2 )
+ {
+ $message.="<br /><br />".$lang['step1_err_copy']." :<br />
-----------------------------------------------------<br />
<div style=\"color:blue;\">&lt;?php<br />
\$cfgBase = '".$HTTP_POST_VARS['cfgBase']."';<br />
\$cfgUser = '".$HTTP_POST_VARS['cfgUser']."';<br />
\$cfgPassword = '".$HTTP_POST_VARS['cfgPassword']."';<br />
\$cfgHote = '".$HTTP_POST_VARS['cfgHote']."';<br />
- \$prefixeTable = '".$HTTP_POST_VARS['prefixe']."';<br />
+ \PREFIX_TABLE = '".$HTTP_POST_VARS['prefixe']."';<br />
?&gt;</div>
-----------------------------------------------------<br />";
- $message.= "<div style=\"text-align:center;\">".$lang['step1_err_copy_2']."<br />";
- $message.= "<a href=\"install.php?step=2&amp;language=".$HTTP_GET_VARS['language']."\">".$lang['step1_err_copy_next']."</a></div>";
- }
- else
- {
- $url = "install.php?step=2&language=".$HTTP_GET_VARS['language'];
- header("Request-URI: $url");
- header("Content-Location: $url");
- header("Location: $url");
- exit();
- }
- }
- }
+ $message.= "<div style=\"text-align:center;\">".$lang['step1_err_copy_2']."<br />";
+ $message.= "<a href=\"install.php?step=2&amp;language=".$HTTP_GET_VARS['language']."\">".$lang['step1_err_copy_next']."</a></div>";
+ }
+ else
+ {
+ $url = "install.php?step=2&language=".$HTTP_GET_VARS['language'];
+ header("Request-URI: $url");
+ header("Content-Location: $url");
+ header("Location: $url");
+ exit();
+ }
+ }
+ }
- echo header_install();
- if ( isset( $message ) && $message != "" )
- {
- echo"
+ echo header_install();
+ if ( isset( $message ) && $message != "" )
+ {
+ echo"
<table width=\"100%\">
<tr>
<th>".$lang['install_message']."</th>
@@ -233,10 +233,10 @@
<td>$message</td>
</tr>
</table>";
- }
- if ( $erreur1 )
- {
- echo"
+ }
+ if ( $erreur1 )
+ {
+ echo"
<form method=\"post\" action=\"install.php?step=1&amp;language=".$HTTP_GET_VARS['language']."\">
<table width=\"100%\">
<tr>
@@ -248,15 +248,15 @@
<tr>
<td>".$lang['step1_host']."</td>
<td align=center><input type='text' name='cfgHote' value='";
- if ( !isset( $HTTP_POST_VARS['cfgHote'] ) )
- {
- echo"localhost";
- }
- else
- {
- echo $HTTP_POST_VARS['cfgHote'];
- }
- echo"'></td>
+ if ( !isset( $HTTP_POST_VARS['cfgHote'] ) )
+ {
+ echo"localhost";
+ }
+ else
+ {
+ echo $HTTP_POST_VARS['cfgHote'];
+ }
+ echo"'></td>
<td class=\"row2\">".$lang['step1_host_info']."</td>
</tr>
<tr>
@@ -277,15 +277,15 @@
<tr>
<td>".$lang['step1_prefix']."</td>
<td align=center><input type='text' name='prefixe' value='";
- if ( !isset( $HTTP_POST_VARS['prefixe'] ) )
- {
- echo"phpwebgallery_";
- }
- else
- {
- echo $HTTP_POST_VARS['prefixe'];
- }
- echo"'></td>
+ if ( !isset( $HTTP_POST_VARS['prefixe'] ) )
+ {
+ echo"phpwebgallery_";
+ }
+ else
+ {
+ echo $HTTP_POST_VARS['prefixe'];
+ }
+ echo"'></td>
<td class=\"row2\">".$lang['step1_prefix_info']."</td>
</tr>
<tr>
@@ -296,19 +296,19 @@
</tr>
</table>
</form>";
- }
- echo footer_install();
- }
- /*---------------------------------------Step 2------------------------------------*/
- else if ( $HTTP_GET_VARS['step'] == 2 )
- {
- include( "../include/mysql.inc.php" );
- mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) or die ( "erreur de connexion au serveur" );
- mysql_select_db( $cfgBase ) or die ( "erreur de connexion a la base de donnees" );
+ }
+ echo footer_install();
+}
+/*---------------------------------------Step 2------------------------------------*/
+else if ( $HTTP_GET_VARS['step'] == 2 )
+{
+ include( "../include/mysql.inc.php" );
+ mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) or die ( "erreur de connexion au serveur" );
+ mysql_select_db( $cfgBase ) or die ( "erreur de connexion a la base de donnees" );
- if ( !isset( $HTTP_POST_VARS['submit'] ) )
- {
- $query = "CREATE TABLE ".$prefixeTable."categories (
+ if ( !isset( $HTTP_POST_VARS['submit'] ) )
+ {
+ $query = "CREATE TABLE ".PREFIX_TABLE."categories (
id tinyint(3) unsigned NOT NULL auto_increment,
date_dernier date NOT NULL default '0000-00-00',
nb_images smallint(5) unsigned NOT NULL default '0',
@@ -321,8 +321,8 @@
site_id tinyint(4) unsigned NOT NULL default '1',
PRIMARY KEY (id)
);";
- mysql_query( $query );
- $query = "CREATE TABLE ".$prefixeTable."comments (
+ mysql_query( $query );
+ $query = "CREATE TABLE ".PREFIX_TABLE."comments (
id int(11) unsigned NOT NULL auto_increment,
image_id smallint(5) unsigned NOT NULL default '0',
date int(11) unsigned NOT NULL default '0',
@@ -330,8 +330,8 @@
content longtext,
PRIMARY KEY (id)
);";
- mysql_query( $query );
- $query = "CREATE TABLE ".$prefixeTable."config (
+ mysql_query( $query );
+ $query = "CREATE TABLE ".PREFIX_TABLE."config (
periode_courte smallint(5) unsigned NOT NULL default '7',
periode_longue smallint(5) unsigned NOT NULL default '14',
prefixe_thumbnail varchar(10) NOT NULL default 'TN-',
@@ -352,14 +352,14 @@
upload_maxwidth_thumbnail smallint(5) unsigned NOT NULL default '150',
upload_maxheight_thumbnail smallint(5) unsigned NOT NULL default '100'
);";
- mysql_query( $query );
- $query = "CREATE TABLE ".$prefixeTable."favorites (
+ mysql_query( $query );
+ $query = "CREATE TABLE ".PREFIX_TABLE."favorites (
user_id smallint(5) unsigned NOT NULL default '0',
image_id smallint(5) unsigned NOT NULL default '0',
KEY user_id (user_id,image_id)
);";
- mysql_query( $query );
- $query = "CREATE TABLE ".$prefixeTable."history (
+ mysql_query( $query );
+ $query = "CREATE TABLE ".PREFIX_TABLE."history (
date int(11) NOT NULL default '0',
login varchar(15) default NULL,
IP varchar(50) NOT NULL default '',
@@ -368,8 +368,8 @@
titre varchar(150) default NULL,
commentaire varchar(200) default NULL
);";
- mysql_query( $query );
- $query = "CREATE TABLE ".$prefixeTable."images (
+ mysql_query( $query );
+ $query = "CREATE TABLE ".PREFIX_TABLE."images (
id smallint(5) unsigned NOT NULL auto_increment,
file varchar(255) NOT NULL default '',
cat_id tinyint(3) unsigned NOT NULL default '0',
@@ -386,29 +386,29 @@
PRIMARY KEY (id),
KEY cat_id (cat_id)
);";
- mysql_query( $query );
- $query = "CREATE TABLE ".$prefixeTable."restrictions (
+ mysql_query( $query );
+ $query = "CREATE TABLE ".PREFIX_TABLE."restrictions (
user_id smallint(5) unsigned NOT NULL default '0',
cat_id tinyint(3) unsigned NOT NULL default '0',
PRIMARY KEY (user_id,cat_id)
);";
- mysql_query( $query );
- $query = "CREATE TABLE ".$prefixeTable."sessions (
+ mysql_query( $query );
+ $query = "CREATE TABLE ".PREFIX_TABLE."sessions (
id varchar(255) binary NOT NULL default '',
user_id smallint(5) unsigned NOT NULL default '0',
expiration int(10) unsigned NOT NULL default '0',
ip varchar(255) NOT NULL default '',
PRIMARY KEY (id)
);";
- mysql_query( $query );
- $query = "CREATE TABLE ".$prefixeTable."sites (
+ mysql_query( $query );
+ $query = "CREATE TABLE ".PREFIX_TABLE."sites (
id tinyint(4) NOT NULL auto_increment,
galleries_url varchar(255) NOT NULL default '',
PRIMARY KEY (id),
UNIQUE KEY galleries_url (galleries_url)
);";
- mysql_query( $query );
- $query = "CREATE TABLE ".$prefixeTable."users (
+ mysql_query( $query );
+ $query = "CREATE TABLE ".PREFIX_TABLE."users (
id smallint(5) unsigned NOT NULL auto_increment,
pseudo varchar(20) binary NOT NULL default '',
password varchar(255) NOT NULL default '',
@@ -423,8 +423,8 @@
PRIMARY KEY (id),
UNIQUE KEY pseudo (pseudo)
);";
- mysql_query( $query );
- $query = "CREATE TABLE ".$prefixeTable."waiting (
+ mysql_query( $query );
+ $query = "CREATE TABLE ".PREFIX_TABLE."waiting (
id int(10) unsigned NOT NULL auto_increment,
cat_id tinyint(3) unsigned NOT NULL default '0',
file varchar(255) NOT NULL default '',
@@ -434,67 +434,67 @@
tn_ext char(3) default NULL,
PRIMARY KEY (id)
);";
- mysql_query( $query );
- }
- if ( isset( $HTTP_POST_VARS['submit'] ) )
- {
- $configuration = false;
- $erreur = "";
- $nb_erreur = 0;
- // le pseudo du webmaster ne doit pas
- // 1. être vide
- // 2. commencer ou se terminer par un espace
- // 3. comporter les caractères ' ou "
- // Notes sur le pseudo du webmaster :
- // - lorsque l'on trouve plusieurs occurences
- // consécutives du caractère espace, on réduit à une seule occurence
- if ( $HTTP_POST_VARS['webmaster'] == "" )
- {
- $erreur .= "<li>".$lang['step2_err_login1']."</li>";
- $nb_erreur++;
- }
- $webmaster = ereg_replace( "[ ]{2,}", " ", $HTTP_POST_VARS['webmaster'] );
- if ( ereg( "^.* $", $webmaster ) || ereg( "^ .*$", $webmaster) )
- {
- $erreur .= "<li>".$lang['step2_err_login2']."</li>";
- $nb_erreur++;
- }
- if ( ereg( "'",$webmaster ) || ereg( "\"",$webmaster ) )
- {
- $erreur .= "<li>".$lang['step2_err_login3']."</li>";
- $nb_erreur++;
- }
- // on vérifie que le password rentré correspond bien à la confirmation faite par l'utilisateur
- if ( $HTTP_POST_VARS['pwdWebmaster'] != $HTTP_POST_VARS['pwdWebmasterConf'] )
- {
- $erreur .= "<li>".$lang['step2_err_pass']."</li>";
- $nb_erreur++;
- }
- // le mail doit être conforme à qqch du type : nom@serveur.com
- if( !ereg("([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+)", $HTTP_POST_VARS['mail_webmaster'] ) )
- {
- $erreur .= "<li>".$lang['step2_err_mail']."</li>";
- $nb_erreur++;
- }
- // on met à jour les paramètres de l'application dans le cas où il n'y aucune erreur
- if ( $nb_erreur == 0 )
- {
- mysql_query( "delete from $prefixeTable"."config" );
- $query = "insert into $prefixeTable"."config (webmaster,mail_webmaster) values ('$webmaster','".$HTTP_POST_VARS['mail_webmaster']."')";
- mysql_query($query);
- $query = "insert into $prefixeTable"."sites values (1, './galleries/');";
- mysql_query($query);
- $query = "insert into $prefixeTable"."users (pseudo,password,status,language) values ('$webmaster','".md5( $pwdWebmaster )."','admin','".$HTTP_GET_VARS['language']."')";
- mysql_query($query);
- mysql_query("insert into $prefixeTable"."users (pseudo,password,status,language) values ('visiteur','".md5( "" )."','visiteur','".$HTTP_GET_VARS['language']."')");
- $configuration = true;
- }
- }
+ mysql_query( $query );
+ }
+ if ( isset( $HTTP_POST_VARS['submit'] ) )
+ {
+ $configuration = false;
+ $erreur = "";
+ $nb_erreur = 0;
+ // le pseudo du webmaster ne doit pas
+ // 1. être vide
+ // 2. commencer ou se terminer par un espace
+ // 3. comporter les caractères ' ou "
+ // Notes sur le pseudo du webmaster :
+ // - lorsque l'on trouve plusieurs occurences
+ // consécutives du caractère espace, on réduit à une seule occurence
+ if ( $HTTP_POST_VARS['webmaster'] == "" )
+ {
+ $erreur .= "<li>".$lang['step2_err_login1']."</li>";
+ $nb_erreur++;
+ }
+ $webmaster = ereg_replace( "[ ]{2,}", " ", $HTTP_POST_VARS['webmaster'] );
+ if ( ereg( "^.* $", $webmaster ) || ereg( "^ .*$", $webmaster) )
+ {
+ $erreur .= "<li>".$lang['step2_err_login2']."</li>";
+ $nb_erreur++;
+ }
+ if ( ereg( "'",$webmaster ) || ereg( "\"",$webmaster ) )
+ {
+ $erreur .= "<li>".$lang['step2_err_login3']."</li>";
+ $nb_erreur++;
+ }
+ // on vérifie que le password rentré correspond bien à la confirmation faite par l'utilisateur
+ if ( $HTTP_POST_VARS['pwdWebmaster'] != $HTTP_POST_VARS['pwdWebmasterConf'] )
+ {
+ $erreur .= "<li>".$lang['step2_err_pass']."</li>";
+ $nb_erreur++;
+ }
+ // le mail doit être conforme à qqch du type : nom@serveur.com
+ if( !ereg("([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+)", $HTTP_POST_VARS['mail_webmaster'] ) )
+ {
+ $erreur .= "<li>".$lang['step2_err_mail']."</li>";
+ $nb_erreur++;
+ }
+ // on met à jour les paramètres de l'application dans le cas où il n'y aucune erreur
+ if ( $nb_erreur == 0 )
+ {
+ mysql_query( "delete from PREFIX_TABLE"."config" );
+ $query = "insert into PREFIX_TABLE"."config (webmaster,mail_webmaster) values ('$webmaster','".$HTTP_POST_VARS['mail_webmaster']."')";
+ mysql_query($query);
+ $query = "insert into PREFIX_TABLE"."sites values (1, './galleries/');";
+ mysql_query($query);
+ $query = "insert into PREFIX_TABLE"."users (pseudo,password,status,language) values ('$webmaster','".md5( $pwdWebmaster )."','admin','".$HTTP_GET_VARS['language']."')";
+ mysql_query($query);
+ mysql_query("insert into PREFIX_TABLE"."users (pseudo,password,status,language) values ('visiteur','".md5( "" )."','visiteur','".$HTTP_GET_VARS['language']."')");
+ $configuration = true;
+ }
+ }
- echo header_install();
- if ( $configuration )
- {
- echo"
+ echo header_install();
+ if ( $configuration )
+ {
+ echo"
<table width=\"100%\">
<tr>
<th>".$lang['install_end_title']."</th>
@@ -506,12 +506,12 @@
<td>".$lang['install_end_message']."</td>
</tr>
</table>";
- }
- else
- {
- if ( $nb_erreur > 0 )
- {
- echo"
+ }
+ else
+ {
+ if ( $nb_erreur > 0 )
+ {
+ echo"
<table width=100%>
<tr>
<th>".$lang['install_message']."</th>
@@ -526,8 +526,8 @@
<td>&nbsp;</td>
</tr>
</table>";
- }
- echo"
+ }
+ echo"
<form method=\"post\" action=\"install.php?step=2&amp;language=".$HTTP_GET_VARS['language']."\">
<table width=100%>
<tr>
@@ -566,34 +566,34 @@
</tr>
</table>
</form>";
- }
- echo footer_install();
- }
- /*----------------------------------Language choice------------------------------------*/
- else
- {
- include( "../include/functions.php" );
- echo header_install();
- echo"
+ }
+ echo footer_install();
+}
+/*----------------------------------Language choice------------------------------------*/
+else
+{
+ include( "../include/functions.php" );
+ echo header_install();
+ echo"
<form method=\"get\" action=\"install.php\">
<input type=\"hidden\" name=\"step\" value=\"1\"/>
<table width=\"100%\">
<tr>
<td align=\"center\">
<select name=\"language\">";
- $languages = get_languages( "../language/" );
- for ( $i = 0; $i < sizeof ( $languages ); $i++ )
- {
- echo"
+ $languages = get_languages( "../language/" );
+ for ( $i = 0; $i < sizeof ( $languages ); $i++ )
+ {
+ echo"
<option>".$languages[$i]."</option>";
- }
- echo"
+ }
+ echo"
</select>
<input type=\"submit\" value=\"Go\">
</td>
</tr>
</table>
</form>";
- echo footer_install();
- }
+ echo footer_install();
+}
?> \ No newline at end of file
diff --git a/admin/perm.php b/admin/perm.php
index 2407d9f6f..257bb21fb 100644
--- a/admin/perm.php
+++ b/admin/perm.php
@@ -18,7 +18,7 @@
//---------------------------------------------------données de l'utilisateur
if ( isset( $HTTP_GET_VARS['user_id'] ) )
{
- $query = "select id,pseudo,status from $prefixeTable"."users where id = '".$HTTP_GET_VARS['user_id']."';";
+ $query = "select id,pseudo,status from PREFIX_TABLE"."users where id = '".$HTTP_GET_VARS['user_id']."';";
$result = mysql_query( $query );
$row = mysql_fetch_array( $result );
$page['pseudo'] = $row['pseudo'];
@@ -51,14 +51,14 @@
{
if ( isset( $HTTP_GET_VARS['user_id'] ) )
{
- mysql_query ( "delete from $prefixeTable"."restrictions where user_id = ".$HTTP_GET_VARS['user_id'].";" );
- $result = mysql_query ( "select id from $prefixeTable"."categories;" );
+ mysql_query ( "delete from PREFIX_TABLE"."restrictions where user_id = ".$HTTP_GET_VARS['user_id'].";" );
+ $result = mysql_query ( "select id from PREFIX_TABLE"."categories;" );
while ( $row = mysql_fetch_array ( $result ) )
{
$nom_select = "acces-".$row['id'];
if ( $HTTP_POST_VARS[$nom_select] == 1 )
{
- mysql_query ( "insert into $prefixeTable"."restrictions (user_id,cat_id) values ('".$HTTP_GET_VARS['user_id']."','".$row['id']."');" );
+ mysql_query ( "insert into PREFIX_TABLE"."restrictions (user_id,cat_id) values ('".$HTTP_GET_VARS['user_id']."','".$row['id']."');" );
}
}
check_favorites( $HTTP_GET_VARS['user_id'] );
@@ -66,14 +66,14 @@
}
else if ( isset( $HTTP_GET_VARS['cat_id'] ) )
{
- mysql_query ( "delete from $prefixeTable"."restrictions where cat_id = '".$page['cat']."';" );
- $result = mysql_query( "select id from $prefixeTable"."users where pseudo != '".$conf['webmaster']."';" );
+ mysql_query ( "delete from PREFIX_TABLE"."restrictions where cat_id = '".$page['cat']."';" );
+ $result = mysql_query( "select id from PREFIX_TABLE"."users where pseudo != '".$conf['webmaster']."';" );
while ( $row = mysql_fetch_array ( $result ) )
{
$nom_select = "acces-".$row['id'];
if ( $HTTP_POST_VARS[$nom_select] == 1 )
{
- mysql_query ( "insert into $prefixeTable"."restrictions (user_id,cat_id) values ('".$row['id']."','".$page['cat']."');" );
+ mysql_query ( "insert into PREFIX_TABLE"."restrictions (user_id,cat_id) values ('".$row['id']."','".$page['cat']."');" );
}
check_favorites( $row['id'] );
}
@@ -83,7 +83,7 @@
//--------------------------------------------------------------- formulaire
function display_cat_manager( $id_uppercat, $indent, $uppercat_authorized, $level, $restriction )
{
- global $prefixeTable,$lang,$conf;
+ global PREFIX_TABLE,$lang,$conf;
$output = "";
@@ -121,7 +121,7 @@
}
$query = "select id,name,dir,rank";
- $query.= " from $prefixeTable"."categories";
+ $query.= " from PREFIX_TABLE"."categories";
if ( !is_numeric( $id_uppercat ) )
{
$query.= " where id_uppercat is NULL";
@@ -214,7 +214,7 @@
<form action=\"".add_session_id_to_url( "./admin.php?page=perm&amp;cat_id=".$page['cat'] )."\" method=\"post\">
<table style=\"width:100%;\">";
- $result = mysql_query( "select id,pseudo,status from $prefixeTable"."users where pseudo != '".$conf['webmaster']."';" );
+ $result = mysql_query( "select id,pseudo,status from PREFIX_TABLE"."users where pseudo != '".$conf['webmaster']."';" );
$i = 0;
while ( $row = mysql_fetch_array( $result ) )
{
diff --git a/admin/update.php b/admin/update.php
new file mode 100644
index 000000000..8684660e1
--- /dev/null
+++ b/admin/update.php
@@ -0,0 +1,575 @@
+<?php
+/***************************************************************************
+ * update.php *
+ * ------------------ *
+ * application : PhpWebGallery 1.3 *
+ * author : Pierrick LE GALL <pierrick@z0rglub.com> *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+
+include_once( './include/isadmin.inc.php' );
+//------------------------------------------------------------------- functions
+function insert_local_category( $cat_id )
+{
+ global $conf, $page;
+
+ $site_id = 1;
+
+ // 0. retrieving informations on the category to display
+ $cat_directory = '../galleries';
+
+ if ( is_numeric( $cat_id ) )
+ {
+ $result = get_cat_info( $cat_id );
+ $cat_directory.= '/'.$result['local_dir'];
+ // 1. display the category name to update
+ $output = '<img src="./images/puce.gif" alt="&gt;" />';
+ $output.= '<span style="font-weight:bold;">'.$result['name'][0].'</span>';
+ $output.= ' [ '.$result['last_dir'].' ]';
+ $output.= '<div class="retrait">';
+
+ // 2. we search pictures of the category only if the update is for all
+ // or a cat_id is specified
+ if ( isset( $page['cat'] ) or $_GET['update'] == 'all' )
+ {
+ $output.= insert_local_image( $cat_directory, $cat_id );
+ update_cat_info( $cat_id );
+ }
+ }
+
+ // 3. we have to remove the categories of the database not present anymore
+ $query = 'SELECT id';
+ $query.= ' FROM '.PREFIX_TABLE.'categories';
+ $query.= ' WHERE site_id = '.$site_id;
+ if ( !is_numeric( $cat_id ) )
+ {
+ $query.= ' AND id_uppercat IS NULL';
+ }
+ else
+ {
+ $query.= ' AND id_uppercat = '.$cat_id;
+ }
+ $query.= ';';
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ // retrieving the directory
+ $rep = '../galleries';
+ $resultat = get_cat_info( $row['id'] );
+ $rep.= '/'.$resultat['local_dir'];
+
+ // is the directory present ?
+ if ( !is_dir( $rep ) )
+ {
+ delete_category( $row['id'] );
+ }
+ }
+
+ // 4. retrieving the sub-directories
+ $sub_rep = array();
+ $i = 0;
+ $dirs = '';
+ if ( $opendir = opendir ( $cat_directory ) )
+ {
+ while ( $file = readdir ( $opendir ) )
+ {
+ if ( $file != '.'
+ and $file != '..'
+ and is_dir ( $cat_directory.'/'.$file )
+ and $file != 'thumbnail' )
+ {
+ $sub_rep[$i++] = $file;
+ }
+ }
+ }
+
+ for ( $i = 0; $i < sizeof( $sub_rep ); $i++ )
+ {
+ // 5. Is the category already existing ? we create a subcat if not
+ // existing
+ $category_id = '';
+ $query = 'SELECT id';
+ $query.= ' FROM '.PREFIX_TABLE.'categories';
+ $query.= ' WHERE site_id = '.$site_id;
+ $query.= " AND dir = '".$sub_rep[$i]."'";
+ if ( !is_numeric( $cat_id ) )
+ {
+ $query.= ' AND id_uppercat IS NULL';
+ }
+ else
+ {
+ $query.= ' AND id_uppercat = '.$cat_id;
+ }
+ $query.= ';';
+ $result = mysql_query( $query );
+ if ( mysql_num_rows( $result ) == 0 )
+ {
+ // we have to create the category
+ $query = 'INSERT INTO '.PREFIX_TABLE.'categories';
+ $query.= ' (dir,site_id,id_uppercat) VALUES';
+ $query.= " ('".$sub_rep[$i]."','".$site_id."'";
+ if ( !is_numeric( $cat_id ) )
+ {
+ $query.= ',NULL';
+ }
+ else
+ {
+ $query.= ",'".$cat_id."'";
+ }
+ $query.= ');';
+ mysql_query( $query );
+ $category_id = mysql_insert_id();
+ }
+ else
+ {
+ // we get the already registered id
+ $row = mysql_fetch_array( $result );
+ $category_id = $row['id'];
+ }
+ // 6. recursive call
+ $output.= insert_local_category( $category_id );
+ }
+
+ if ( is_numeric( $cat_id ) )
+ {
+ $output.= '</div>';
+ }
+ return $output;
+}
+
+function insert_local_image( $rep, $category_id )
+{
+ global $lang,$conf,$count_new;
+
+ $output = '';
+ // we have to delete all the images from the database that :
+ // - are not in the directory anymore
+ // - don't have the associated thumbnail available anymore
+ $query = 'SELECT id,file,tn_ext';
+ $query.= ' FROM '.PREFIX_TABLE.'images';
+ $query.= ' WHERE cat_id = '.$category_id;
+ $query.= ';';
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ $lien_image = $rep.'/'.$row['file'];
+ $lien_thumbnail = $rep.'/thumbnail/'.$conf['prefixe_thumbnail'];
+ $lien_thumbnail.= get_filename_wo_extension( $row['file'] );
+ $lien_thumbnail.= '.'.$row['tn_ext'];
+
+ if ( !is_file ( $lien_image ) or !is_file ( $lien_thumbnail ) )
+ {
+ if ( !is_file ( $lien_image ) )
+ {
+ $output.= $row['file'];
+ $output.= ' <span style="font-weight:bold;">';
+ $output.= $lang['update_disappeared'].'</span><br />';
+ }
+ if ( !is_file ( $lien_thumbnail ) )
+ {
+ $output.= $row['file'];
+ $output.= ' : <span style="font-weight:bold;">';
+ $output.= $lang['update_disappeared_tn'].'</span><br />';
+ }
+ // suppression de la base :
+ delete_image( $row['id'] );
+ }
+ }
+
+ // searching the new images in the directory
+ $pictures = array();
+ $tn_ext = '';
+ if ( $opendir = opendir ( $rep ) )
+ {
+ while ( $file = readdir ( $opendir ) )
+ {
+ if ( is_file( $rep.'/'.$file ) and is_image( $rep.'/'.$file ) )
+ {
+ // is the picture waiting for validation by an administrator ?
+ $query = 'SELECT id';
+ $query.= ' FROM '.PREFIX_TABLE.'waiting';
+ $query.= ' WHERE cat_id = '.$category_id;
+ $query.= " AND file = '".$file."'";
+ $query.= ';';
+ $result = mysql_query( $query );
+ if ( mysql_num_rows( $result ) == 0 )
+ {
+ if ( $tn_ext = TN_exists( $rep, $file ) )
+ {
+ // is the picture already in the database ?
+ $query = 'SELECT id';
+ $query.= ' FROM '.PREFIX_TABLE.'images';
+ $query.= ' WHERE cat_id = '.$category_id;
+ $query.= " AND file = '".$file."'";
+ $query.= ';';
+ $result = mysql_query( $query );
+ if ( mysql_num_rows( $result ) == 0 )
+ {
+ $picture = array();
+ $picture['file'] = $file;
+ $picture['tn_ext'] = $tn_ext;
+ $picture['date'] = date( 'Y-m-d', filemtime ( $rep.'/'.$file ) );
+ $picture['filesize'] = floor( filesize( $rep.'/'.$file ) / 1024);
+ $image_size = @getimagesize( $rep.'/'.$file );
+ $picture['width'] = $image_size[0];
+ $picture['height'] = $image_size[1];
+ array_push( $pictures, $picture );
+ }
+ }
+ else
+ {
+ $output.= '<span style="color:red;">';
+ $output.= $lang['update_missing_tn'].' : '.$file;
+ $output.= ' (<span style="font-weight:bold;">';
+ $output.= $conf['prefixe_thumbnail'];
+ $output.= get_filename_wo_extension( $file ).'.XXX</span>';
+ $output.= ', XXX = ';
+ $output.= implode( ', ', $conf['picture_ext'] );
+ $output.= ')</span><br />';
+ }
+ }
+ }
+ }
+ }
+ // inserting the pictures found in the directory
+ foreach ( $pictures as $picture ) {
+ $query = 'INSERT INTO '.PREFIX_TABLE.'images';
+ $query.= ' (file,cat_id,date_available,tn_ext,filesize,width,height)';
+ $query.= ' VALUES ';
+ $query.= "('".$picture['file']."','".$category_id."'";
+ $query.= ",'".$picture['date']."','".$picture['tn_ext']."'";
+ $query.= ",'".$picture['filesize']."','".$picture['width']."'";
+ $query.= ",'".$picture['height']."')";
+ $query.= ';';
+ mysql_query( $query );
+ $count_new++;
+
+ $output.= $picture['file'];
+ $output.= ' <span style="font-weight:bold;">';
+ $output.= $lang['update_research_added'].'</span>';
+ $output.= ' ('.$lang['update_research_tn_ext'].' '.$picture['tn_ext'].')';
+ $output.= '<br />';
+ }
+ return $output;
+}
+
+// The function "update_cat_info" updates the information about the last
+// online image and the number of images in the category
+function update_cat_info( $category_id )
+{
+ $query = 'SELECT date_available';
+ $query.= ' FROM '.PREFIX_TABLE.'images';
+ $query.= ' WHERE cat_id = '.$category_id;
+ $query.= ' ORDER BY date_available DESC';
+ $query.= ' LIMIT 0,1';
+ $query.= ';';
+ $result = mysql_query( $query );
+ $row = mysql_fetch_array( $result );
+ $date_last = $row['date_available'];
+
+ $query = 'SELECT COUNT(*) as nb_images';
+ $query.= ' FROM '.PREFIX_TABLE.'images';
+ $query.= ' WHERE cat_id = '.$category_id;
+ $result = mysql_query( $query );
+ $row = mysql_fetch_array( $result );
+ $nb_images = $row['nb_images'];
+
+ $query = 'UPDATE '.PREFIX_TABLE.'categories';
+ $query.= " SET date_dernier = '".$date_last."'";
+ $query.= ', nb_images = '.$nb_images;
+ $query.= ' where id = '.$category_id;
+ $query.= ';';
+ mysql_query( $query );
+}
+
+// remote_images verifies if a file named "listing.xml" is present is the
+// admin directory. If it is the case, creation of a remote picture storage
+// site if it doesn't already exists. Then, the function calls
+// insert_remote_category for this remote site on the root category.
+function remote_images()
+{
+ global $conf, $lang, $vtp, $sub;
+
+ // 1. is there a file listing.xml ?
+ if ( !( $xml_content = getXmlCode( 'listing.xml' ) ) )
+ {
+ return false;
+ }
+ $url = getContent( getChild( $xml_content, 'url' ) );
+ $vtp->setVar( $sub, 'remote_update.url', $url );
+
+ // 2. is the site already existing ?
+ $query = 'select id';
+ $query.= ' from '.PREFIX_TABLE.'sites';
+ $query.= " where galleries_url = '".$url."'";
+ $query.= ';';
+ $result = mysql_query( $query );
+ if ( mysql_num_rows($result ) == 0 )
+ {
+ // we have to register this site in the database
+ $query = 'insert into '.PREFIX_TABLE.'sites';
+ $query.= " (galleries_url) values ('".$url."')";
+ $query.= ';';
+ mysql_query( $query );
+ $site_id = mysql_insert_id();
+ }
+ else
+ {
+ // we get the already registered id
+ $row = mysql_fetch_array( $result );
+ $site_id = $row['id'];
+ }
+
+ // 3. available dirs in the file
+ $categories = insert_remote_category( $xml_content, $site_id, 'NULL', 0 );
+ $vtp->setVar( $sub, 'remote_update.categories', $categories );
+}
+
+// insert_remote_category searchs the "dir" node of the xml_dir given and
+// insert the contained categories if the are not in the database yet. The
+// function also deletes the categories that are in the database and not in
+// the xml_file.
+function insert_remote_category( $xml_dir, $site_id, $id_uppercat, $level )
+{
+ global $conf;
+
+ $output = '';
+ $categories = array();
+ $list_dirs = getChildren( $xml_dir, 'dir'.$level );
+ for ( $i = 0; $i < sizeof( $list_dirs ); $i++ )
+ {
+ // is the category already existing ?
+ $category_id = '';
+ $name = getAttribute( $list_dirs[$i], 'name' );
+ $categories[$i] = $name;
+
+ $output.= '<img src="./images/puce.gif">';
+ $output.= '<span style="font-weight:bold;">'.$name.'</span>';
+ $output.= '<div class="retrait">';
+
+ $query = 'select id';
+ $query.= ' from '.PREFIX_TABLE.'categories';
+ $query.= ' where site_id = '.$site_id;
+ $query.= " and dir = '".$name."'";
+ if ( $id_uppercat == 'NULL' )
+ {
+ $query.= ' and id_uppercat is NULL';
+ }
+ else
+ {
+ $query.= ' and id_uppercat = '.$id_uppercat;
+ }
+ $query.= ';';
+ $result = mysql_query( $query );
+ if ( mysql_num_rows( $result ) == 0 )
+ {
+ // we have to create the category
+ $query = 'insert into '.PREFIX_TABLE.'categories';
+ $query.= " (dir,site_id,id_uppercat) values ('".$name."',".$site_id;
+ if ( !is_numeric( $id_uppercat ) )
+ {
+ $query.= ',NULL';
+ }
+ else
+ {
+ $query.= ','.$id_uppercat;
+ }
+ $query.= ');';
+ mysql_query( $query );
+ $category_id = mysql_insert_id();
+ }
+ else
+ {
+ // we get the already registered id
+ $row = mysql_fetch_array( $result );
+ $category_id = $row['id'];
+ }
+ $output.= insert_remote_image( $list_dirs[$i], $category_id );
+ update_cat_info( $category_id );
+ $output.= insert_remote_category( $list_dirs[$i], $site_id,
+ $category_id, $level+1 );
+ $output.= '</div>';
+ }
+ // we have to remove the categories of the database not present in the xml
+ // file (ie deleted from the picture storage server)
+ $query = 'select dir,id';
+ $query.= ' from '.PREFIX_TABLE.'categories';
+ $query.= ' where site_id = '.$site_id;
+ if ( !is_numeric( $id_uppercat ) )
+ {
+ $query.= ' and id_uppercat is NULL';
+ }
+ else
+ {
+ $query.= ' and id_uppercat = '.$id_uppercat;
+ }
+ $query.= ';';
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ // is the category in the xml file ?
+ if ( !in_array( $row['dir'], $categories ) )
+ {
+ delete_category( $row['id'] );
+ }
+ }
+
+ return $output;
+}
+
+// insert_remote_image searchs the "root" node of the xml_dir given and
+// insert the contained pictures if the are not in the database yet.
+function insert_remote_image( $xml_dir, $category_id )
+{
+ global $count_new,$lang;
+
+ $output = '';
+ $root = getChild( $xml_dir, 'root' );
+ $pictures = array();
+ $xml_pictures = getChildren( $root, 'picture' );
+ for ( $j = 0; $j < sizeof( $xml_pictures ); $j++ )
+ {
+ //<picture file="albatros.jpg" tn_ext="png" date="2002-04-14"
+ // filesize="35" width="640" height="480" />
+ $file = getAttribute( $xml_pictures[$j], 'file' );
+ $tn_ext = getAttribute( $xml_pictures[$j], 'tn_ext' );
+ $date = getAttribute( $xml_pictures[$j], 'date' );
+ $filesize = getAttribute( $xml_pictures[$j], 'filesize' );
+ $width = getAttribute( $xml_pictures[$j], 'width' );
+ $height = getAttribute( $xml_pictures[$j], 'height' );
+
+ $pictures[$j] = $file;
+
+ // is the picture already existing in the database ?
+ $query = 'select id,tn_ext';
+ $query.= ' from '.PREFIX_TABLE.'images';
+ $query.= ' where cat_id = '.$category_id;
+ $query.= " and file = '".$file."'";
+ $query.= ';';
+ $result = mysql_query( $query );
+ $query = '';
+ if ( mysql_num_rows( $result ) == 0 )
+ {
+ $query = 'insert into '.PREFIX_TABLE.'images';
+ $query.= ' (file,cat_id,date_available,tn_ext,filesize,width,height)';
+ $query.= ' values (';
+ $query.= "'".$file."'";
+ $query.= ",'".$category_id."'";
+ $query.= ",'".$date."'";
+ $query.= ",'".$tn_ext."'";
+ $query.= ",'".$filesize."'";
+ $query.= ",'".$width."'";
+ $query.= ",'".$height."'";
+ $query.= ')';
+ $query.= ';';
+
+ $output.= $file;
+ $output.= ' <span style="font-weight:bold;">';
+ $output.= $lang['update_research_added'].'</span>';
+ $output.= ' ('.$lang['update_research_tn_ext'].' '.$tn_ext.')<br />';
+
+ $count_new++;
+ }
+ else
+ {
+ // is the tn_ext the same in the xml file and in the database ?
+ $row = mysql_fetch_array( $result );
+ if ( $row['tn_ext'] != $tn_ext )
+ {
+ $query = 'update '.PREFIX_TABLE.'images';
+ $query.= ' set';
+ $query.= " tn_ext = '".$tn_ext."'";
+ $query.= ' where cat_id = '.$category_id;
+ $query.= " and file = '".$file."'";
+ $query.= ';';
+ }
+ }
+ // execution of the query
+ if ( $query != '' )
+ {
+ mysql_query( $query );
+ }
+ }
+ // we have to remove the pictures of the database not present in the xml file
+ // (ie deleted from the picture storage server)
+ $query = 'select id,file';
+ $query.= ' from '.PREFIX_TABLE.'images';
+ $query.= ' where cat_id = '.$category_id;
+ $query.= ';';
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ // is the file in the xml file ?
+ if ( !in_array( $row['file'], $pictures ) )
+ {
+ delete_image( $row['id'] );
+ }
+ }
+ return $output;
+}
+//----------------------------------------------------- template initialization
+$sub = $vtp->Open( '../template/'.$user['template'].'/admin/update.vtp' );
+$tpl = array( 'update_default_title', 'update_only_cat', 'update_all',
+ 'update_research_conclusion', 'update_deletion_conclusion',
+ 'remote_site', 'update_part_research' );
+templatize_array( $tpl, 'lang', $sub );
+//-------------------------------------------- introduction : choices of update
+// Display choice if "update" var is not specified
+check_cat_id( $_GET['update'] );
+if ( !isset( $_GET['update'] )
+ and !( isset( $page['cat'] )
+ or $_GET['update'] == 'cats'
+ or $_GET['update'] == 'all' ) )
+{
+ $vtp->addSession( $sub, 'introduction' );
+ // only update the categories, not the pictures.
+ $url = add_session_id( './admin.php?page=update&amp;update=cats' );
+ $vtp->setVar( $sub, 'introduction.only_cat:url', $url );
+ // update the entire tree folder
+ $url = add_session_id( './admin.php?page=update&amp;update=all' );
+ $vtp->setVar( $sub, 'introduction.all:url', $url );
+ $vtp->closeSession( $sub, 'introduction' );
+}
+//------------------------------------------------- local update : ../galleries
+else
+{
+ $count_new = 0;
+ $count_deleted = 0;
+ $vtp->addSession( $sub, 'local_update' );
+ if ( isset( $page['cat'] ) )
+ {
+ $categories = insert_local_category( $page['cat'] );
+ }
+ else
+ {
+ $categories = insert_local_category( 'NULL' );
+ }
+ $vtp->setVar( $sub, 'local_update.categories', $categories );
+ $vtp->setVar( $sub, 'local_update.count_new', $count_new );
+ $vtp->setVar( $sub, 'local_update.count_deleted', $count_deleted );
+ $vtp->closeSession( $sub, 'local_update' );
+}
+//------------------------------------------------- remote update : listing.xml
+if ( @is_file( './listing.xml' ) )
+{
+ $count_new = 0;
+ $count_deleted = 0;
+ $vtp->addSession( $sub, 'remote_update' );
+
+ remote_images();
+ $vtp->setVar( $sub, 'remote_update.count_new', $count_new );
+ $vtp->setVar( $sub, 'remote_update.count_deleted', $count_deleted );
+
+ $vtp->closeSession( $sub, 'remote_update' );
+}
+//----------------------------------------------------------- sending html code
+$vtp->Parse( $handle , 'sub', $sub );
+?> \ No newline at end of file
diff --git a/admin/user_add.php b/admin/user_add.php
index ef50c13f1..d138c4933 100644
--- a/admin/user_add.php
+++ b/admin/user_add.php
@@ -63,7 +63,7 @@ if ( !isset( $_POST['status'] ) )
{
$_POST['status'] = 'guest';
}
-$option = get_enums( $prefixeTable.'users', 'status' );
+$option = get_enums( PREFIX_TABLE.'users', 'status' );
for ( $i = 0; $i < sizeof( $option ); $i++ )
{
$vtp->addSession( $sub, 'status_option' );
diff --git a/admin/user_list.php b/admin/user_list.php
index bcf6cc988..d4289489d 100644
--- a/admin/user_list.php
+++ b/admin/user_list.php
@@ -41,7 +41,7 @@ $vtp->setGlobalVar( $sub, 'listuser_button_create_address',
if ( isset ( $_GET['delete'] ) and is_numeric( $_GET['delete'] ) )
{
$query = 'select username';
- $query.= ' from '.$prefixeTable.'users';
+ $query.= ' from '.PREFIX_TABLE.'users';
$query.= ' where id = '.$_GET['delete'];
$query.= ';';
$row = mysql_fetch_array( mysql_query( $query ) );
@@ -65,7 +65,7 @@ if ( isset ( $_GET['delete'] ) and is_numeric( $_GET['delete'] ) )
and $row['username'] != $conf['webmaster'] )
{
$query = 'select count(*) as nb_result';
- $query.= ' from '.$prefixeTable.'users';
+ $query.= ' from '.PREFIX_TABLE.'users';
$query.= ' where id = '.$_GET['delete'];
$query.= ';';
$row2 = mysql_fetch_array( mysql_query( $query ) );
@@ -103,7 +103,7 @@ else
$vtp->setVar( $sub, 'users.form_action', $action );
$query = 'select id,username,status,mail_address';
- $query.= ' from '.$prefixeTable.'users';
+ $query.= ' from '.PREFIX_TABLE.'users';
$query.= ' order by status asc, username asc';
$query.= ';';
$result = mysql_query( $query );
@@ -217,7 +217,7 @@ else
$i = 0;
$query = 'select';
$query.= ' id,mail_address';
- $query.= ' from '.$prefixeTable.'users';
+ $query.= ' from '.PREFIX_TABLE.'users';
$query.= ';';
$result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) )
diff --git a/admin/user_modify.php b/admin/user_modify.php
index 6e14589c3..4989c31e2 100644
--- a/admin/user_modify.php
+++ b/admin/user_modify.php
@@ -30,7 +30,7 @@ $display_form = true;
// id in $_GET['user_id']
$query = 'select';
$query.= ' username,status,mail_address';
-$query.= ' from '.$prefixeTable.'users';
+$query.= ' from '.PREFIX_TABLE.'users';
$query.= ' where id = '.$_GET['user_id'];
$query.= ';';
$row = mysql_fetch_array( mysql_query( $query ) );
@@ -107,7 +107,7 @@ if ( $display_form )
{
$_POST['status'] = 'guest';
}
- $option = get_enums( $prefixeTable.'users', 'status' );
+ $option = get_enums( PREFIX_TABLE.'users', 'status' );
for ( $i = 0; $i < sizeof( $option ); $i++ )
{
$vtp->addSession( $sub, 'status_option' );
diff --git a/admin/waiting.php b/admin/waiting.php
index 9e8f16dcc..927c976ae 100644
--- a/admin/waiting.php
+++ b/admin/waiting.php
@@ -19,7 +19,7 @@
if ( isset( $HTTP_POST_VARS['submit'] ) )
{
$query = "select id,cat_id,file,tn_ext";
- $query.= " from $prefixeTable"."waiting";
+ $query.= " from PREFIX_TABLE"."waiting";
$query.= ";";
$result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) )
@@ -27,7 +27,7 @@
$key = "validate-".$row['id'];
if ( isset( $HTTP_POST_VARS[$key] ) )
{
- $query = "delete from $prefixeTable"."waiting";
+ $query = "delete from PREFIX_TABLE"."waiting";
$query.= " where id = ".$row['id'];
$query.= ";";
mysql_query( $query );
@@ -59,7 +59,7 @@
<th style=\"width:1px;\">&nbsp;</th>
</tr>";
$query = "select id,cat_id,file,username,mail_address,date,tn_ext";
- $query.= " from $prefixeTable"."waiting";
+ $query.= " from PREFIX_TABLE"."waiting";
$query.= " order by cat_id";
$query.= ";";
$result = mysql_query( $query );
diff --git a/category.php b/category.php
index 6f36b1366..8aaf4941e 100644
--- a/category.php
+++ b/category.php
@@ -53,7 +53,7 @@ if ( $user['expand'] == 'true' or $_GET['expand'] == 'all' )
{
$page['tab_expand'] = array();
$query = 'select id';
- $query.= ' from '.$prefixeTable.'categories';
+ $query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where id_uppercat is null;';
$result = mysql_query( $query );
$i = 0;
@@ -125,7 +125,7 @@ if ( !$user['is_the_guest'] )
$vtp->setVar( $handle, 'favorites.url', $url );
// searching the number of favorite picture
$query = 'select count(*) as count';
- $query.= ' from '.$prefixeTable.'favorites';
+ $query.= ' from '.PREFIX_TABLE.'favorites';
$query.= ' where user_id = '.$user['id'].';';
$result = mysql_query( $query );
$row = mysql_fetch_array( $result );
@@ -240,7 +240,7 @@ if ( isset( $page['cat'] ) and $page['cat_nb_images'] != 0 )
$query = 'select id,file,date_available,comment,';
$query.= ' author,tn_ext,name,filesize,width,height,cat_id';
- $query.= ' from '.$prefixeTable.'images';
+ $query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= $conf['order_by'];
$query.= ' limit '.$page['start'].','.$page['nb_image_page'];
@@ -339,7 +339,7 @@ if ( isset( $page['cat'] ) and $page['cat_nb_images'] != 0 )
{
$vtp->addSession( $handle, 'nb_comments' );
$query = 'select count(*) as nb_comments';
- $query.= ' from '.$prefixeTable.'comments';
+ $query.= ' from '.PREFIX_TABLE.'comments';
$query.= ' where image_id = '.$row['id'];
$query.= ';';
$row = mysql_fetch_array( mysql_query( $query ) );
@@ -373,7 +373,7 @@ elseif ( isset( $page['cat'] )
$vtp->addSession( $handle, 'thumbnails' );
$query = 'select id,name,dir,date_dernier';
- $query.= ' from '.$prefixeTable.'categories';
+ $query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where id_uppercat = '.$page['cat'];
$query.= ' order by rank;';
$cat_result = mysql_query( $query );
@@ -397,7 +397,7 @@ elseif ( isset( $page['cat'] )
$name = replace_space( $name );
$query = 'select file,tn_ext';
- $query.= ' from '.$prefixeTable.'images';
+ $query.= ' from '.PREFIX_TABLE.'images';
$query.= ' where cat_id = '.$cat_row['id'];
$query.= ' order by rand()';
$query.= ' limit 0,1';
diff --git a/identification.php b/identification.php
index ddbc2b932..5f10f106a 100644
--- a/identification.php
+++ b/identification.php
@@ -24,7 +24,7 @@ if ( isset( $_POST['login'] ) )
$i = 0;
// retrieving the encrypted password of the login submitted
$query = 'select password';
- $query.= ' from '.$prefixeTable.'users';
+ $query.= ' from '.PREFIX_TABLE.'users';
$query.= " where username = '".$_POST['login']."';";
$row = mysql_fetch_array( mysql_query( $query ) );
if( $row['password'] == md5( $_POST['pass'] ) )
@@ -77,7 +77,7 @@ if ( sizeof( $error ) != 0 )
}
//------------------------------------------------------------------ users list
// retrieving all the users login
-$query = 'select username from '.$prefixeTable.'users;';
+$query = 'select username from '.PREFIX_TABLE.'users;';
$result = mysql_query( $query );
if ( mysql_num_rows ( $result ) < $conf['max_user_listbox'] )
{
@@ -114,7 +114,7 @@ if ( $conf['acces'] == "libre" )
$code = $vtp->Display( $handle, 0 );
echo $code;
//------------------------------------------------------------ log informations
-$query = 'insert into '.$prefixeTable.'history';
+$query = 'insert into '.PREFIX_TABLE.'history';
$query.= '(date,login,IP,page) values';
$query.= "('".time()."', '".$user['pseudo'];
$query.= "','$REMOTE_ADDR','identification');";
diff --git a/index.php b/index.php
index bea8122e7..54782e237 100644
--- a/index.php
+++ b/index.php
@@ -4,7 +4,7 @@ include_once( './include/functions.inc.php' );
database_connection();
// récupération des informations de configuration du site
$query = 'select acces ';
-$query .= 'from '.$prefixeTable.'config;';
+$query .= 'from '.PREFIX_TABLE.'config;';
$row = mysql_fetch_array( mysql_query( $query ) );
$url = 'category';
if ( $row['acces'] == 'restreint' )
diff --git a/picture.php b/picture.php
index c3523fb80..4c3fd749c 100644
--- a/picture.php
+++ b/picture.php
@@ -1,9 +1,9 @@
<?php
/***************************************************************************
- * picture.php is a part of PhpWebGallery *
+ * picture.php *
* ------------------- *
- * last update : Tuesday, July 16, 2002 *
- * email : pierrick@z0rglub.com *
+ * application : PhpWebGallery 1.3 *
+ * author : Pierrick LE GALL <pierrick@z0rglub.com> *
* *
***************************************************************************/
@@ -28,7 +28,7 @@ if ( isset( $page['cat'] ) && is_numeric( $page['cat'] ) )
check_restrictions( $page['cat'] );
}
//---------------------------------------- incrementation of the number of hits
-$query = 'update '.$prefixeTable.'images';
+$query = 'update '.PREFIX_TABLE.'images';
$query.= ' set hit=hit+1';
$query.= ' where id='.$_GET['image_id'];
$query.= ';';
@@ -39,7 +39,7 @@ $cat_directory = $page['cat_dir']; // by default
//------------------------------------- main picture information initialization
$query = 'select id,date_available,comment,hit';
$query.= ',author,name,file,date_creation,filesize,width,height,cat_id';
-$query.= ' from '.$prefixeTable.'images';
+$query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= ' and id = '.$_GET['image_id'];
$query.= $conf['order_by'];
@@ -60,7 +60,7 @@ $page['height'] = $row['height'];
$page['cat_id'] = $row['cat_id'];
// retrieving the number of the picture in its category (in order)
$query = 'select id';
-$query.= ' from '.$prefixeTable.'images';
+$query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= $conf['order_by'];
$query.= ';';
@@ -79,7 +79,7 @@ if ( isset( $_GET['add_fav'] ) )
{
// verify if the picture is already in the favorite of the user
$query = 'select count(*) as nb_fav';
- $query.= ' from '.$prefixeTable.'favorites';
+ $query.= ' from '.PREFIX_TABLE.'favorites';
$query.= ' where image_id = '.$page['id'];
$query.= ' and user_id = '.$user['id'];
$query.= ';';
@@ -87,7 +87,7 @@ if ( isset( $_GET['add_fav'] ) )
$row = mysql_fetch_array( $result );
if ( $row['nb_fav'] == 0 )
{
- $query = 'insert into '.$prefixeTable.'favorites';
+ $query = 'insert into '.PREFIX_TABLE.'favorites';
$query.= ' (image_id,user_id) values';
$query.= ' ('.$page['id'].','.$user['id'].')';
$query.= ';';
@@ -96,7 +96,7 @@ if ( isset( $_GET['add_fav'] ) )
}
if ( $_GET['add_fav'] == 0 )
{
- $query = 'delete from '.$prefixeTable.'favorites';
+ $query = 'delete from '.PREFIX_TABLE.'favorites';
$query.= ' where user_id = '.$user['id'];
$query.= ' and image_id = '.$page['id'];
$query.= ';';
@@ -121,7 +121,7 @@ if ( isset( $_GET['add_fav'] ) )
$page['num'] = 0;
}
$query = 'select id';
- $query.= ' from '.$prefixeTable.'images';
+ $query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= $conf['order_by'];
$query.= ' limit '.$page['num'].',1';
@@ -173,7 +173,7 @@ if ( $page['num'] >= 1 )
{
$prev = $page['num'] - 1;
$query = 'select id,name,file,tn_ext,cat_id';
- $query.= ' from '.$prefixeTable.'images';
+ $query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= $conf['order_by'];
$query.= ' limit '.$prev.',1';
@@ -421,12 +421,12 @@ if ( $user['status'] == "admin" && is_numeric( $page['cat'] ) )
if ( $page['num'] < $page['cat_nb_images']-1 )
{
$next = $page['num'] + 1;
- $query = "select id,name,file,tn_ext,cat_id";
- $query.= " from $prefixeTable"."images";
+ $query = 'SELECT id,name,file,tn_ext,cat_id';
+ $query.= ' FROM '.PREFIX_TABLE.'images';
$query.= $page['where'];
$query.= $conf['order_by'];
- $query.= " limit $next,1";
- $query.= ";";
+ $query.= ' LIMIT '.$next.',1';
+ $query.= ';';
$result = mysql_query( $query );
$row = mysql_fetch_array( $result );
@@ -485,7 +485,7 @@ if ( $conf['show_comments'] )
{
$author = $_POST['author'];
}
- $query = 'insert into '.$prefixeTable.'comments';
+ $query = 'insert into '.PREFIX_TABLE.'comments';
$query.= ' (author,date,image_id,content) values';
$query.= " ('".$author."',".time().",".$page['id'];
$query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."');";
@@ -496,13 +496,13 @@ if ( $conf['show_comments'] )
&& is_numeric( $_GET['del'] )
&& $user['status'] == 'admin' )
{
- $query = 'delete from '.$prefixeTable.'comments';
+ $query = 'delete from '.PREFIX_TABLE.'comments';
$query.= ' where id = '.$_GET['del'].';';
mysql_query( $query );
}
// number of comment for this picture
$query = 'select count(*) as nb_comments';
- $query.= ' from '.$prefixeTable.'comments';
+ $query.= ' from '.PREFIX_TABLE.'comments';
$query.= ' where image_id = '.$page['id'].';';
$row = mysql_fetch_array( mysql_query( $query ) );
$page['nb_comments'] = $row['nb_comments'];
@@ -532,7 +532,7 @@ if ( $conf['show_comments'] )
$vtp->setGlobalVar( $handle, 'nb_comments', $page['nb_comments'] );
$query = 'select id,author,date,image_id,content';
- $query.= ' from '.$prefixeTable.'comments';
+ $query.= ' from '.PREFIX_TABLE.'comments';
$query.= ' where image_id = '.$page['id'];
$query.= ' order by date asc';
$query.= ' limit '.$page['start'].', '.$conf['nb_comment_page'].';';
@@ -581,7 +581,7 @@ mysql_close();
$code = $vtp->Display( $handle, 0 );
echo $code;
//------------------------------------------------------------ log informations
-$query = 'insert into '.$prefixeTable.'history';
+$query = 'insert into '.PREFIX_TABLE.'history';
$query.= ' (date,login,IP,page,titre,categorie) values';
$query.= " (".time().", '".$user['pseudo']."','".$_SERVER['REMOTE_ADDR']."'";
$query.= ",'picture','".$page['file']."','".$intitule_cat."');";
diff --git a/profile.php b/profile.php
index b72e6db6a..654497bce 100644
--- a/profile.php
+++ b/profile.php
@@ -92,7 +92,7 @@ if ( isset( $_POST['submit'] ) )
$tab_theme = explode( ' - ', $_POST['theme'] );
$_POST['theme'] = $tab_theme[0].'/'.$tab_theme[1];
- $query = 'update '.$prefixeTable.'users';
+ $query = 'update '.PREFIX_TABLE.'users';
$query.= ' set';
for ( $i = 0; $i < sizeof( $infos ); $i++ )
{
@@ -121,7 +121,7 @@ if ( isset( $_POST['submit'] ) )
if ( $_POST['use_new_pwd'] == 1 )
{
- $query = 'update '.$prefixeTable.'users';
+ $query = 'update '.PREFIX_TABLE.'users';
$query.= " set password = '".md5( $_POST['password'] )."'";
$query.= ' where id = '.$user['id'];
$query.= ';';
diff --git a/search.php b/search.php
index 7538ae712..e751fa032 100644
--- a/search.php
+++ b/search.php
@@ -82,7 +82,7 @@ $vtp->setGlobalVar( $handle, 'back_url', add_session_id( './category.php' ) );
$code = $vtp->Display( $handle, 0 );
echo $code;
//------------------------------------------------------------ log informations
-$query = 'insert into '.$prefixeTable.'history';
+$query = 'insert into '.PREFIX_TABLE.'history';
$query.= '(date,login,IP,page) values';
$query.= "('".time()."', '".$user['pseudo']."','".$_SERVER['REMOTE_ADDR']."'";
$query.= ",'search');";
diff --git a/upload.php b/upload.php
index d352427db..e9e1c979f 100644
--- a/upload.php
+++ b/upload.php
@@ -1,9 +1,9 @@
<?php
/***************************************************************************
- * upload.php is a part of PhpWebGallery *
+ * upload.php *
* ------------------- *
- * last update : Sunday, October 27, 2002 *
- * email : pierrick@z0rglub.com *
+ * application : PhpWebGallery 1.3 *
+ * author : Pierrick LE GALL <pierrick@z0rglub.com> *
* *
***************************************************************************/
@@ -14,10 +14,9 @@
* the Free Software Foundation; *
* *
***************************************************************************/
-function get_extension( $filename )
-{
- return substr ( strrchr( $filename, "." ), 1, strlen ( $filename ) );
-}
+
+//------------------------------------------------------------------- functions
+
// The validate_upload function checks if the image of the given path is valid.
// A picture is valid when :
// - width, height and filesize are not higher than the maximum
@@ -37,7 +36,7 @@ function validate_upload( $temp_name, $my_max_file_size,
$i = 0;
//echo $_FILES['picture']['name']."<br />".$temp_name;
$extension = get_extension( $_FILES['picture']['name'] );
- if ( $extension != 'gif' && $extension != 'jpg' && $extension != 'png' )
+ if ( $extension != 'gif' and $extension != 'jpg' and $extension != 'png' )
{
$result['error'][$i++] = $lang['upload_advise_filetype'];
return $result;
@@ -49,7 +48,8 @@ function validate_upload( $temp_name, $my_max_file_size,
}
else if ( $_FILES['picture']['size'] > $my_max_file_size * 1024 )
{
- $result['error'][$i++] = $lang['upload_advise_width'].$my_max_file_size." KB";
+ $result['error'][$i++] =
+ $lang['upload_advise_width'].$my_max_file_size.' KB';
}
else
{
@@ -63,21 +63,23 @@ function validate_upload( $temp_name, $my_max_file_size,
{
$size = getimagesize( $temp_name );
if ( isset( $image_max_width )
- && $image_max_width != ""
- && $size[0] > $image_max_width )
+ and $image_max_width != ""
+ and $size[0] > $image_max_width )
{
- $result['error'][$i++] = $lang['upload_advise_width'].$image_max_width." px";
+ $result['error'][$i++] =
+ $lang['upload_advise_width'].$image_max_width." px";
}
if ( isset( $image_max_height )
- && $image_max_height != ""
- && $size[1] > $image_max_height )
+ and $image_max_height != ""
+ and $size[1] > $image_max_height )
{
- $result['error'][$i++] = $lang['upload_advise_height'].$image_max_height." px";
+ $result['error'][$i++] =
+ $lang['upload_advise_height'].$image_max_height." px";
}
// $size[2] == 1 means GIF
// $size[2] == 2 means JPG
// $size[2] == 3 means PNG
- if ( $size[2] != 1 && $size[2] != 2 && $size[2] != 3 )
+ if ( $size[2] != 1 and $size[2] != 2 and $size[2] != 3 )
{
$result['error'][$i++] = $lang['upload_advise_filetype'];
}
@@ -86,20 +88,11 @@ function validate_upload( $temp_name, $my_max_file_size,
switch ( $size[2] )
{
case 1 :
- {
- $result['type'] = 'gif';
- break;
- }
+ $result['type'] = 'gif'; break;
case 2 :
- {
- $result['type'] = 'jpg';
- break;
- }
+ $result['type'] = 'jpg'; break;
case 3 :
- {
- $result['type'] = 'png';
- break;
- }
+ $result['type'] = 'png'; break;
}
}
}
@@ -116,7 +109,7 @@ include_once( './include/init.inc.php' );
//-------------------------------------------------- access authorization check
check_login_authorization();
check_cat_id( $_GET['cat'] );
-if ( isset( $page['cat'] ) && is_numeric( $page['cat'] ) )
+if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) )
{
check_restrictions( $page['cat'] );
$result = get_cat_info( $page['cat'] );
@@ -129,33 +122,26 @@ else
$access_forbidden = true;
}
if ( $access_forbidden == true
- || $page['cat_site_id'] != 1
- || $conf['upload_available'] == 'false' )
+ or $page['cat_site_id'] != 1
+ or $conf['upload_available'] == 'false' )
{
- echo"<div style=\"text-align:center;\">".$lang['upload_forbidden']."<br />";
- echo "<a href=\"".add_session_id_to_url( "./diapo.php" )."\">".$lang['thumbnails']."</a></div>";
+ echo '<div style="text-align:center;">'.$lang['upload_forbidden'].'<br />';
+ echo '<a href="'.add_session_id_to_url( './diapo.php' ).'">';
+ echo $lang['thumbnails'].'</a></div>';
exit();
}
//----------------------------------------------------- template initialization
$vtp = new VTemplate;
-$handle = $vtp->Open( './template/default/upload.vtp' );
-// language
-$vtp->setGlobalVar( $handle, 'upload_page_title',$lang['upload_title'] );
-$vtp->setGlobalVar( $handle, 'upload_title', $lang['upload_title'] );
-$vtp->setGlobalVar( $handle, 'upload_username', $lang['upload_username'] );
-$vtp->setGlobalVar( $handle, 'reg_mail_address', $lang['reg_mail_address'] );
-$vtp->setGlobalVar( $handle, 'submit', $lang['submit'] );
-$vtp->setGlobalVar( $handle, 'upload_successful',$lang['upload_successful'] );
-$vtp->setGlobalVar( $handle, 'search_return_main_page',
- $lang['search_return_main_page'] );
+$handle = $vtp->Open( './template/'.$user['template'].'/upload.vtp' );
+initialize_template();
+
+$tpl = array( 'upload_title', 'upload_username', 'mail_address', 'submit',
+ 'upload_successful', 'search_return_main_page' );
+templatize_array( $tpl, 'lang', $sub );
// user
-$vtp->setGlobalVar( $handle, 'page_style', $user['style'] );
-$vtp->setGlobalVar( $handle, 'user_login', $user['pseudo'] );
+$vtp->setGlobalVar( $handle, 'style', $user['style'] );
+$vtp->setGlobalVar( $handle, 'user_login', $user['username'] );
$vtp->setGlobalVar( $handle, 'user_mail_address',$user['mail_address'] );
-// structure
-$vtp->setGlobalVar( $handle, 'frame_start', get_frame_start() );
-$vtp->setGlobalVar( $handle, 'frame_begin', get_frame_begin() );
-$vtp->setGlobalVar( $handle, 'frame_end', get_frame_end() );
$error = array();
$i = 0;
@@ -166,7 +152,7 @@ if ( isset( $_GET['waiting_id'] ) )
}
//-------------------------------------------------------------- picture upload
// vérification de la présence et de la validité des champs.
-if ( isset( $_POST['submit'] ) && !isset( $_GET['waiting_id'] ) )
+if ( isset( $_POST['submit'] ) and !isset( $_GET['waiting_id'] ) )
{
$path = $page['cat_dir'].$_FILES['picture']['name'];
if ( @is_file( $path ) )
@@ -202,7 +188,7 @@ if ( isset( $_POST['submit'] ) && !isset( $_GET['waiting_id'] ) )
if ( sizeof( $error ) == 0 )
{
- $query = 'insert into '.$prefixeTable.'waiting';
+ $query = 'insert into '.PREFIX_TABLE.'waiting';
$query.= ' (cat_id,file,username,mail_address,date) values';
$query.= " (".$page['cat'].",'".$_FILES['picture']['name']."'";
$query.= ",'".htmlspecialchars( $_POST['username'], ENT_QUOTES)."'";
@@ -213,11 +199,11 @@ if ( isset( $_POST['submit'] ) && !isset( $_GET['waiting_id'] ) )
}
}
//------------------------------------------------------------ thumbnail upload
-if ( isset( $_POST['submit'] ) && isset( $_GET['waiting_id'] ) )
+if ( isset( $_POST['submit'] ) and isset( $_GET['waiting_id'] ) )
{
// upload of the thumbnail
$query = 'select file';
- $query.= ' from '.$prefixeTable.'waiting';
+ $query.= ' from '.PREFIX_TABLE.'waiting';
$query.= ' where id = '.$_GET['waiting_id'];
$query.= ';';
$result= mysql_query( $query );
@@ -236,7 +222,7 @@ if ( isset( $_POST['submit'] ) && isset( $_GET['waiting_id'] ) )
}
if ( sizeof( $error ) == 0 )
{
- $query = 'update '.$prefixeTable.'waiting';
+ $query = 'update '.PREFIX_TABLE.'waiting';
$query.= " set tn_ext = '".$extension."'";
$query.= ' where id = '.$_GET['waiting_id'];
$query.= ';';