diff options
-rw-r--r-- | category.php | 117 | ||||
-rw-r--r-- | include/category_default.inc.php | 48 | ||||
-rw-r--r-- | include/common.inc.php | 20 | ||||
-rw-r--r-- | include/functions_category.inc.php | 388 | ||||
-rw-r--r-- | include/functions_html.inc.php | 6 | ||||
-rw-r--r-- | include/functions_user.inc.php | 23 | ||||
-rw-r--r-- | include/section_init.inc.php | 400 | ||||
-rw-r--r-- | include/user.inc.php | 9 | ||||
-rw-r--r-- | picture.php | 225 | ||||
-rw-r--r-- | profile.php | 9 | ||||
-rw-r--r-- | search.php | 2 | ||||
-rw-r--r-- | upload.php | 9 |
12 files changed, 645 insertions, 611 deletions
diff --git a/category.php b/category.php index d90e76886..0f0a370b5 100644 --- a/category.php +++ b/category.php @@ -41,23 +41,20 @@ if ( isset( $_GET['act'] ) $url = 'category.php'; redirect( $url ); } -//-------------------------------------------------- access authorization check -if (isset($_GET['cat'])) +//---------------------------------------------- change of image display order +if (isset($_GET['image_order'])) { - check_cat_id($_GET['cat']); -} -check_login_authorization(); -if (isset($page['cat']) and is_numeric($page['cat'])) -{ - check_restrictions($page['cat']); -} -//----------------------------------------------- change of image dispaly order -if ( isset($_GET['image_order']) ) -{ - setcookie( 'pwg_image_order', - $_GET['image_order']>0 ? $_GET['image_order'] : '', 0 ); - redirect( PHPWG_ROOT_PATH.'category.php'. - get_query_string_diff(array('image_order')) ); + setcookie( + 'pwg_image_order', + $_GET['image_order'] > 0 ? $_GET['image_order'] : '', + 0 + ); + + redirect( + PHPWG_ROOT_PATH + .'category.php' + .get_query_string_diff(array('image_order')) + ); } //-------------------------------------------------------------- initialization // detection of the start picture to display @@ -72,20 +69,51 @@ else $page['start'] = $_GET['start']; } -initialize_category(); +include(PHPWG_ROOT_PATH.'include/section_init.inc.php'); + +// access authorization check +if (isset($page['cat']) and is_numeric($page['cat'])) +{ + check_restrictions($page['cat']); +} + +if (isset($page['cat']) + and $page['cat_nb_images'] > $user['nb_image_page']) +{ + // $nav_url is used to create the navigation bar + $nav_url = PHPWG_ROOT_PATH.'category.php?cat='.$page['cat']; + + switch ($page['cat']) + { + case 'search': + { + $nav_url.= '&search='.$_GET['search']; + break; + } + case 'list': + { + $nav_url.= '&list='.$_GET['list']; + break; + } + } + + $page['navigation_bar'] = create_navigation_bar( + $nav_url, + $page['cat_nb_images'], + $page['start'], + $user['nb_image_page'], + 'back' + ); +} +else +{ + $page['navigation_bar'] = ''; +} // caddie filling :-) if (isset($_GET['caddie'])) { -// include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); - - $query = ' -SELECT DISTINCT(id) - FROM '.IMAGES_TABLE.' AS i - INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id - '.$page['where'].' -;'; - fill_caddie(array_from_query($query, 'id')); + fill_caddie($page['items']); } //----------------------------------------------------- template initialization @@ -324,42 +352,7 @@ if (isset($page['cat']) } //------------------------------------------------------ main part : thumbnails -if (isset($page['cat']) - and ((is_numeric($page['cat']) and $page['cat_nb_images'] != 0) - or in_array($page['cat'], - array('search' - ,'most_visited' - ,'recent_pics' - ,'best_rated' - ,'list' - ,'fav' - )))) -{ - include(PHPWG_ROOT_PATH.'include/category_default.inc.php'); - - if ('admin' == $user['status']) - { - $template->assign_block_vars( - 'caddie', - array( - 'URL' => - PHPWG_ROOT_PATH.'category.php' - .get_query_string_diff(array('caddie')).'&caddie=1') - ); - } -} -elseif (isset($page['cat']) and $page['cat'] == 'calendar') -{ - include(PHPWG_ROOT_PATH.'include/category_calendar.inc.php'); -} -elseif (isset($page['cat']) and $page['cat'] == 'recent_cats') -{ - include(PHPWG_ROOT_PATH.'include/category_recent_cats.inc.php'); -} -else -{ - include(PHPWG_ROOT_PATH.'include/category_subcats.inc.php'); -} +include(PHPWG_ROOT_PATH.$page['thumbnails_include']); //------------------------------------------------------- category informations if ( isset ( $page['cat'] ) ) { diff --git a/include/category_default.inc.php b/include/category_default.inc.php index fd04181e9..009d9ef14 100644 --- a/include/category_default.inc.php +++ b/include/category_default.inc.php @@ -31,26 +31,36 @@ * */ -/** - * $array_cat_directories is a cache hash associating category id with their - * complete directory - */ -$array_cat_directories = array(); - -$query = ' -SELECT DISTINCT(id),path,file,date_available - ,tn_ext,name,filesize,storage_category_id,average_rate,hit - FROM '.IMAGES_TABLE.' AS i - INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id=ic.image_id - '.$page['where'].' - '.$conf['order_by'].' - LIMIT '.$page['start'].','.$page['nb_image_page'].' +$page['rank_of'] = array_flip($page['items']); + +$pictures = array(); + +$selection = array_slice( + $page['items'], + $page['start'], + $page['nb_image_page'] + ); + +if (count($selection) > 0) +{ + $query = ' +SELECT * + FROM '.IMAGES_TABLE.' + WHERE id IN ('.implode(',', $selection).') ;'; -//echo '<pre>'.$query.'</pre>'; -$result = pwg_query($query); + $result = pwg_query($query); + while ($row = mysql_fetch_array($result)) + { + $row['rank'] = $page['rank_of'][ $row['id'] ]; + + array_push($pictures, $row); + } + + usort($pictures, 'rank_compare'); +} // template thumbnail initialization -if ( mysql_num_rows($result) > 0 ) +if (count($pictures) > 0) { $template->assign_block_vars('thumbnails', array()); // first line @@ -59,7 +69,7 @@ if ( mysql_num_rows($result) > 0 ) $row_number = 0; } -while ($row = mysql_fetch_array($result)) +foreach ($pictures as $row) { $thumbnail_url = get_thumbnail_src($row['path'], @$row['tn_ext']); @@ -150,4 +160,6 @@ SELECT COUNT(*) AS nb_comments $row_number = 0; } } + +pwg_debug('end include/category_default.inc.php'); ?>
\ No newline at end of file diff --git a/include/common.inc.php b/include/common.inc.php index 83e1bf30d..b89258df1 100644 --- a/include/common.inc.php +++ b/include/common.inc.php @@ -198,6 +198,19 @@ if (defined('IN_ADMIN') and IN_ADMIN) include_once(get_language_filepath('admin.lang.php')); } +if ($conf['gallery_locked']) +{ + echo + '<div style="text-align:center;">' + .$lang['gallery_locked_message'] + .'</div>'; + + if ($user['status'] != 'admin') + { + exit(); + } +} + // only now we can set the localized username of the guest user (and not in // include/user.inc.php) if ($user['is_the_guest']) @@ -209,7 +222,12 @@ if ($user['is_the_guest']) list($user['template'], $user['theme']) = explode('/', $user['template']); // TODO : replace initial $user['template'] by $user['layout'] -include(PHPWG_ROOT_PATH.'template/'.$user['template'].'/theme/'.$user['theme'].'/themeconf.inc.php'); +include( + PHPWG_ROOT_PATH + .'template/'.$user['template'] + .'/theme/'.$user['theme'] + .'/themeconf.inc.php' + ); // template instance $template = new Template(PHPWG_ROOT_PATH.'template/'.$user['template']); diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php index 351fa1007..30f91dd65 100644 --- a/include/functions_category.inc.php +++ b/include/functions_category.inc.php @@ -53,71 +53,6 @@ function check_restrictions($category_id) } } -/** - * Checks whether the argument is a right parameter category id - * - * The argument is a right parameter if corresponds to one of these : - * - * - is numeric and corresponds to a category in the database - * - equals 'fav' (for favorites) - * - equals 'search' (when the result of a search is displayed) - * - equals 'most_visited' - * - equals 'best_rated' - * - equals 'recent_pics' - * - equals 'recent_cats' - * - equals 'calendar' - * - equals 'list' - * - * The function fills the global var $page['cat'] and returns nothing - * - * @param mixed category id or special category name - * @return void - */ -function check_cat_id( $cat ) -{ - global $page; - - unset( $page['cat'] ); - if ( isset( $cat ) ) - { - if ( isset( $page['plain_structure'][$cat] ) ) - { - $page['cat'] = $cat; - } - else if ( is_numeric( $cat ) ) - { - $query = 'SELECT id'; - $query.= ' FROM '.CATEGORIES_TABLE.' WHERE id = '.$cat.';'; - $result = pwg_query( $query ); - if ( mysql_num_rows( $result ) != 0 ) - { - $page['cat'] = $cat; - } - } - if ( $cat == 'fav' - or $cat == 'most_visited' - or $cat == 'best_rated' - or $cat == 'recent_pics' - or $cat == 'recent_cats' - or $cat == 'calendar' ) - { - $page['cat'] = $cat; - } - if ($cat == 'search' - and isset($_GET['search']) - and is_numeric($_GET['search'])) - { - $page['cat'] = $cat; - } - if ($cat == 'list' - and isset($_GET['list']) - and preg_match('/^\d+(,\d+)*$/', $_GET['list'])) - { - $page['cat'] = 'list'; - } - } -} - function get_categories_menu() { global $page,$user; @@ -332,319 +267,6 @@ function get_category_preferred_image_orders() ); } - -// initialize_category initializes ;-) the variables in relation -// with category : -// 1. calculation of the number of pictures in the category -// 2. determination of the SQL query part to ask to find the right category -// $page['where'] is not the same if we are in -// - simple category -// - search result -// - favorites displaying -// - most visited pictures -// - best rated pictures -// - recent pictures -// - defined list (used for random) -// 3. determination of the title of the page -// 4. creation of the navigation bar -function initialize_category( $calling_page = 'category' ) -{ - pwg_debug( 'start initialize_category' ); - global $page,$lang,$user,$conf; - - if ( isset( $page['cat'] ) ) - { - // $page['nb_image_page'] is the number of picture to display on this page - // By default, it is the same as the $user['nb_image_page'] - $page['nb_image_page'] = $user['nb_image_page']; - // $url is used to create the navigation bar - $url = PHPWG_ROOT_PATH.'category.php?cat='.$page['cat']; - if ( isset($page['expand']) ) $url.= '&expand='.$page['expand']; - // simple category - if ( is_numeric( $page['cat'] ) ) - { - $result = get_cat_info( $page['cat'] ); - $page['comment'] = $result['comment']; - $page['cat_dir'] = $result['dir']; - $page['cat_name'] = $result['name']; - $page['cat_nb_images'] = $result['nb_images']; - $page['cat_site_id'] = $result['site_id']; - $page['cat_uploadable'] = $result['uploadable']; - $page['cat_commentable'] = $result['commentable']; - $page['cat_id_uppercat'] = $result['id_uppercat']; - $page['uppercats'] = $result['uppercats']; - $page['title'] = - get_cat_display_name($page['cat_name'], - '', - false); - $page['where'] = ' WHERE category_id = '.$page['cat']; - } - else - { - if ($page['cat'] == 'search' - or $page['cat'] == 'most_visited' - or $page['cat'] == 'recent_pics' - or $page['cat'] == 'recent_cats' - or $page['cat'] == 'best_rated' - or $page['cat'] == 'calendar' - or $page['cat'] == 'list') - { - // we must not show pictures of a forbidden category - if ( $user['forbidden_categories'] != '' ) - { - $forbidden = ' category_id NOT IN '; - $forbidden.= '('.$user['forbidden_categories'].')'; - } - } - // search result - if ( $page['cat'] == 'search' ) - { - $page['title'] = $lang['search_result']; - if ( $calling_page == 'picture' ) - { - $page['title'].= ' : <span style="font-style:italic;">'; - $page['title'].= $_GET['search']."</span>"; - } - - $page['where'] = 'WHERE '.get_sql_search_clause($_GET['search']); - - if (isset($forbidden)) - { - $page['where'].= "\n AND ".$forbidden; - } - - $query = ' -SELECT COUNT(DISTINCT(id)) AS nb_total_images - FROM '.IMAGES_TABLE.' - INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id - '.$page['where'].' -;'; - $url.= '&search='.$_GET['search']; - } - // favorites displaying - else if ( $page['cat'] == 'fav' ) - { - check_user_favorites(); - - $page['title'] = $lang['favorites']; - - $page['where'] = ', '.FAVORITES_TABLE.' AS fav'; - $page['where'].= ' WHERE user_id = '.$user['id']; - $page['where'].= ' AND fav.image_id = id'; - - $query = 'SELECT COUNT(*) AS nb_total_images'; - $query.= ' FROM '.FAVORITES_TABLE; - $query.= ' WHERE user_id = '.$user['id']; - $query.= ';'; - } - // pictures within the short period - else if ( $page['cat'] == 'recent_pics' ) - { - $page['title'] = $lang['recent_pics_cat']; - // We must find the date corresponding to : - // today - $conf['periode_courte'] - $date = time() - 60*60*24*$user['recent_period']; - $page['where'] = " WHERE date_available > '"; - $page['where'].= date( 'Y-m-d', $date )."'"; - if ( isset( $forbidden ) ) $page['where'].= ' AND '.$forbidden; - - $query = ' -SELECT COUNT(DISTINCT(id)) AS nb_total_images - FROM '.IMAGES_TABLE.' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic - ON id = ic.image_id - '.$page['where'].' -;'; - } - // categories containing recent pictures - else if ( $page['cat'] == 'recent_cats' ) - { - $page['title'] = $lang['recent_cats_cat']; - $page['cat_nb_images'] = 0; - } - // most visited pictures - else if ( $page['cat'] == 'most_visited' ) - { - $page['title'] = $conf['top_number'].' '.$lang['most_visited_cat']; - - $page['where'] = 'WHERE hit > 0'; - if (isset($forbidden)) - { - $page['where'] .= "\n".' AND '.$forbidden; - } - - $conf['order_by'] = ' ORDER BY hit DESC, file ASC'; - - // $page['cat_nb_images'] equals $conf['top_number'] unless there - // are less visited items - $query =' -SELECT COUNT(DISTINCT(id)) AS count - FROM '.IMAGES_TABLE.' - INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id - '.$page['where'].' -;'; - $row = mysql_fetch_array(pwg_query($query)); - if ($row['count'] < $conf['top_number']) - { - $page['cat_nb_images'] = $row['count']; - } - else - { - $page['cat_nb_images'] = $conf['top_number']; - } - unset($query); - - if ( isset( $page['start'] ) - and ($page['start']+$user['nb_image_page']>=$conf['top_number'])) - { - $page['nb_image_page'] = $conf['top_number'] - $page['start']; - } - } - else if ( $page['cat'] == 'calendar' ) - { - $page['cat_nb_images'] = 0; - $page['title'] = $lang['calendar']; - if (isset($_GET['year']) - and preg_match('/^\d+$/', $_GET['year'])) - { - $page['calendar_year'] = (int)$_GET['year']; - } - if (isset($_GET['month']) - and preg_match('/^(\d+)\.(\d{2})$/', $_GET['month'], $matches)) - { - $page['calendar_year'] = (int)$matches[1]; - $page['calendar_month'] = (int)$matches[2]; - } - if (isset($_GET['day']) - and preg_match('/^(\d+)\.(\d{2})\.(\d{2})$/', - $_GET['day'], - $matches)) - { - $page['calendar_year'] = (int)$matches[1]; - $page['calendar_month'] = (int)$matches[2]; - $page['calendar_day'] = (int)$matches[3]; - } - if (isset($page['calendar_year'])) - { - $page['title'] .= ' ('; - if (isset($page['calendar_day'])) - { - if ($page['calendar_year'] >= 1970) - { - $unixdate = mktime(0,0,0, - $page['calendar_month'], - $page['calendar_day'], - $page['calendar_year']); - $page['title'].= $lang['day'][date("w", $unixdate)]; - } - $page['title'].= ' '.$page['calendar_day'].', '; - } - if (isset($page['calendar_month'])) - { - $page['title'] .= $lang['month'][$page['calendar_month']].' '; - } - $page['title'] .= $page['calendar_year']; - $page['title'] .= ')'; - } - - $page['where'] = 'WHERE '.$conf['calendar_datefield'].' IS NOT NULL'; - if (isset($forbidden)) - { - $page['where'].= ' AND '.$forbidden; - } - } - else if ($page['cat'] == 'best_rated') - { - $page['title'] = $conf['top_number'].' '.$lang['best_rated_cat']; - - $page['where'] = ' WHERE average_rate IS NOT NULL'; - - if (isset($forbidden)) - { - $page['where'].= ' AND '.$forbidden; - } - - $conf['order_by'] = ' ORDER BY average_rate DESC, id ASC'; - - // $page['cat_nb_images'] equals $conf['top_number'] unless there - // are less rated items - $query =' -SELECT COUNT(DISTINCT(id)) AS count - FROM '.IMAGES_TABLE.' - INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id - '.$page['where'].' -;'; - $row = mysql_fetch_array(pwg_query($query)); - if ($row['count'] < $conf['top_number']) - { - $page['cat_nb_images'] = $row['count']; - } - else - { - $page['cat_nb_images'] = $conf['top_number']; - } - unset($query); - - - if (isset($page['start']) - and ($page['start']+$user['nb_image_page']>=$conf['top_number'])) - { - $page['nb_image_page'] = $conf['top_number'] - $page['start']; - } - } - else if ($page['cat'] == 'list') - { - $page['title'] = $lang['random_cat']; - - $page['where'] = 'WHERE 1=1'; - if (isset($forbidden)) - { - $page['where'].= ' AND '.$forbidden; - } - $page['where'].= ' AND image_id IN ('.$_GET['list'].')'; - $page['cat_nb_images'] = count(explode(',', $_GET['list'])); - - $url.= '&list='.$_GET['list']; - } - - if (isset($query)) - { - $result = pwg_query( $query ); - $row = mysql_fetch_array( $result ); - $page['cat_nb_images'] = $row['nb_total_images']; - } - } - if ( $calling_page == 'category' ) - { - $page['navigation_bar'] = - create_navigation_bar( $url, $page['cat_nb_images'], $page['start'], - $user['nb_image_page'], 'back' ); - } - - if ($page['cat'] != 'most_visited' and $page['cat'] != 'best_rated') - { - $available_image_orders = get_category_preferred_image_orders(); - - $order_idx=0; - if ( isset($_COOKIE['pwg_image_order']) ) - { - $order_idx = $_COOKIE['pwg_image_order']; - } - - if ( $order_idx > 0 ) - { - $order = $available_image_orders[$order_idx][1]; - $conf['order_by'] = str_replace('ORDER BY ', 'ORDER BY '.$order.',', - $conf['order_by'] ); - } - } - } - else - { - $page['title'] = $lang['no_category']; - } - pwg_debug( 'end initialize_category' ); -} - function display_select_categories($categories, $selecteds, $blockname, @@ -735,4 +357,14 @@ function global_rank_compare($a, $b) { return strnatcasecmp($a['global_rank'], $b['global_rank']); } + +function rank_compare($a, $b) +{ + if ($a['rank'] == $b['rank']) + { + return 0; + } + + return ($a['rank'] < $b['rank']) ? -1 : 1; +} ?> diff --git a/include/functions_html.inc.php b/include/functions_html.inc.php index e53e5e2f1..e23a2e3b2 100644 --- a/include/functions_html.inc.php +++ b/include/functions_html.inc.php @@ -349,7 +349,8 @@ function get_html_menu_category($categories) $ref_level = 0; $level = 0; $menu = ''; - + + // $page_cat value remains 0 for special sections $page_cat = 0; if (isset($page['cat']) and is_numeric($page['cat']) ) { @@ -383,7 +384,8 @@ function get_html_menu_category($categories) $url = PHPWG_ROOT_PATH.'category.php?cat='.$category['id']; $menu.= "\n".'<a href="'.$url.'"'; - if ($category['id'] == $page['cat_id_uppercat']) + if ($page_cat != 0 + and $category['id'] == $page['cat_id_uppercat']) { $menu.= ' rel="up"'; } diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index 8c02f3324..ec4480bfd 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -100,29 +100,6 @@ SELECT MAX('.$conf['user_fields']['id'].') + 1 return $errors; } -function check_login_authorization($guest_allowed = true) -{ - global $user,$lang,$conf,$template; - - if ($user['is_the_guest'] and !$guest_allowed) - { - echo '<div style="text-align:center;">'.$lang['only_members'].'<br />'; - echo '<a href="./identification.php">'.$lang['ident_title'].'</a></div>'; - exit(); - } - - if ($conf['gallery_locked']) - { - echo '<div style="text-align:center;">'; - echo $lang['gallery_locked_message']; - echo '</div>'; - if ($user['status'] != 'admin') - { - exit(); - } - } -} - function setup_style($style) { return new Template(PHPWG_ROOT_PATH.'template/'.$style); diff --git a/include/section_init.inc.php b/include/section_init.inc.php new file mode 100644 index 000000000..e54b050a0 --- /dev/null +++ b/include/section_init.inc.php @@ -0,0 +1,400 @@ +<?php +// +-----------------------------------------------------------------------+ +// | PhpWebGallery - a PHP based picture gallery | +// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net | +// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | +// +-----------------------------------------------------------------------+ +// | branch : BSF (Best So Far) +// | file : $RCSfile$ +// | last update : $Date: 2006-01-27 02:11:43 +0100 (ven, 27 jan 2006) $ +// | last modifier : $Author: rvelices $ +// | revision : $Revision: 1014 $ +// +-----------------------------------------------------------------------+ +// | This program is free software; you can redistribute it and/or modify | +// | it under the terms of the GNU General Public License as published by | +// | the Free Software Foundation | +// | | +// | This program is distributed in the hope that it will be useful, but | +// | WITHOUT ANY WARRANTY; without even the implied warranty of | +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | +// | General Public License for more details. | +// | | +// | You should have received a copy of the GNU General Public License | +// | along with this program; if not, write to the Free Software | +// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | +// | USA. | +// +-----------------------------------------------------------------------+ + +/** + * This included page checks section related parameter and provides + * following informations: + * + * - $page['title'] + * + * - $page['items']: ordered list of items to display + * + * - $page['cat_nb_images']: number of items in the section (should be equal + * to count($page['items'])) + * + * - $page['thumbnails_include']: include page managing thumbnails to + * display + */ + +unset($page['cat']); + +if (isset($_GET['cat'])) +{ + if (is_numeric($_GET['cat'])) + { + $page['cat'] = $_GET['cat']; + } + else if ($_GET['cat'] == 'fav' + or $_GET['cat'] == 'most_visited' + or $_GET['cat'] == 'best_rated' + or $_GET['cat'] == 'recent_pics' + or $_GET['cat'] == 'recent_cats' + or $_GET['cat'] == 'calendar') + { + $page['cat'] = $_GET['cat']; + } + else if ($_GET['cat'] == 'search') + { + if (!isset($_GET['search'])) + { + die('search GET parameter is missing'); + } + else if (!is_numeric($_GET['search'])) + { + die('wrong format on search GET parameter'); + } + else + { + $page['cat'] = 'search'; + } + } + else if ($_GET['cat'] == 'list') + { + if (!isset($_GET['list'])) + { + die('list GET parameter is missing'); + } + else if (!preg_match('/^\d+(,\d+)*$/', $_GET['list'])) + { + die('wrong format on list GET parameter'); + } + else + { + $page['cat'] = 'list'; + } + } + else + { + die('unknown cat GET parameter value'); + } +} + + +if (isset($page['cat'])) +{ + // $page['nb_image_page'] is the number of picture to display on this page + // By default, it is the same as the $user['nb_image_page'] + $page['nb_image_page'] = $user['nb_image_page']; + + if ($page['cat'] != 'most_visited' and $page['cat'] != 'best_rated') + { + if (isset($_COOKIE['pwg_image_order']) + and is_numeric($_COOKIE['pwg_image_order']) + and $_COOKIE['pwg_image_order'] > 0) + { + $orders = get_category_preferred_image_orders(); + + $conf['order_by'] = str_replace( + 'ORDER BY ', + 'ORDER BY '.$orders[ $_COOKIE['pwg_image_order'] ][1].',', + $conf['order_by'] + ); + } + } + +// +-----------------------------------------------------------------------+ +// | category | +// +-----------------------------------------------------------------------+ + if (is_numeric($page['cat'])) + { + $query = ' +SELECT image_id + FROM '.IMAGE_CATEGORY_TABLE.' + INNER JOIN '.IMAGES_TABLE.' ON id = image_id + WHERE category_id = '.$page['cat'].' + '.$conf['order_by'].' +;'; + + $result = get_cat_info($page['cat']); + + $page = array_merge( + $page, + array( + 'comment' => $result['comment'], + 'cat_dir' => $result['dir'], + 'cat_name' => $result['name'], + 'cat_nb_images' => $result['nb_images'], + 'cat_site_id' => $result['site_id'], + 'cat_uploadable' => $result['uploadable'], + 'cat_commentable' => $result['commentable'], + 'cat_id_uppercat' => $result['id_uppercat'], + 'uppercats' => $result['uppercats'], + + 'title' => get_cat_display_name($result['name'], '', false), + 'items' => array_from_query($query, 'image_id'), + 'thumbnails_include' => + $result['nb_images'] > 0 + ? 'include/category_default.inc.php' + : 'include/category_subcats.inc.php', + ) + ); + } + // special section + else + { + if (!empty($user['forbidden_categories'])) + { + $forbidden = + ' category_id NOT IN ('.$user['forbidden_categories'].')'; + } + else + { + $forbidden = ' 1=1'; + } + +// +-----------------------------------------------------------------------+ +// | search section | +// +-----------------------------------------------------------------------+ + if ( $page['cat'] == 'search' ) + { + $query = ' +SELECT DISTINCT(id) + FROM '.IMAGES_TABLE.' + INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id + WHERE '.get_sql_search_clause($_GET['search']).' + AND '.$forbidden.' + '.$conf['order_by'].' +;'; + + $page = array_merge( + $page, + array( + 'title' => $lang['search_result'], + 'items' => array_from_query($query, 'id'), + 'thumbnails_include' => 'include/category_default.inc.php', + ) + ); + } +// +-----------------------------------------------------------------------+ +// | favorite section | +// +-----------------------------------------------------------------------+ + else if ($page['cat'] == 'fav') + { + check_user_favorites(); + + $query = ' +SELECT image_id + FROM '.FAVORITES_TABLE.' + INNER JOIN '.IMAGES_TABLE.' ON image_id = id + WHERE user_id = '.$user['id'].' + '.$conf['order_by'].' +;'; + + $page = array_merge( + $page, + array( + 'title' => $lang['favorites'], + 'items' => array_from_query($query, 'id'), + 'thumbnails_include' => 'include/category_default.inc.php', + ) + ); + } +// +-----------------------------------------------------------------------+ +// | recent pictures section | +// +-----------------------------------------------------------------------+ + else if ($page['cat'] == 'recent_pics') + { + $query = ' +SELECT DISTINCT(id) + FROM '.IMAGES_TABLE.' + INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id + WHERE date_available > \''. + date('Y-m-d', time() - 60*60*24*$user['recent_period']).'\' + AND '.$forbidden.' + '.$conf['order_by'].' +;'; + + $page = array_merge( + $page, + array( + 'title' => $lang['recent_pics_cat'], + 'items' => array_from_query($query, 'id'), + 'thumbnails_include' => 'include/category_default.inc.php', + ) + ); + } +// +-----------------------------------------------------------------------+ +// | recently updated categories section | +// +-----------------------------------------------------------------------+ + else if ($page['cat'] == 'recent_cats') + { + $page = array_merge( + $page, + array( + 'title' => $lang['recent_cats_cat'], + 'cat_nb_images' => 0, + 'thumbnails_include' => 'include/category_recent_cats.inc.php', + ) + ); + } +// +-----------------------------------------------------------------------+ +// | most visited section | +// +-----------------------------------------------------------------------+ + else if ($page['cat'] == 'most_visited') + { + $query = ' +SELECT DISTINCT(id) + FROM '.IMAGES_TABLE.' + INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id + WHERE hit > 0 + AND '.$forbidden.' + ORDER BY hit DESC, file ASC + LIMIT 0, '.$conf['top_number'].' +;'; + + $page = array_merge( + $page, + array( + 'title' => $conf['top_number'].' '.$lang['most_visited_cat'], + 'items' => array_from_query($query, 'id'), + 'thumbnails_include' => 'include/category_default.inc.php', + ) + ); + } +// +-----------------------------------------------------------------------+ +// | calendar section | +// +-----------------------------------------------------------------------+ + else if ($page['cat'] == 'calendar') + { + $page['cat_nb_images'] = 0; + $page['title'] = $lang['calendar']; + if (isset($_GET['year']) + and preg_match('/^\d+$/', $_GET['year'])) + { + $page['calendar_year'] = (int)$_GET['year']; + } + if (isset($_GET['month']) + and preg_match('/^(\d+)\.(\d{2})$/', $_GET['month'], $matches)) + { + $page['calendar_year'] = (int)$matches[1]; + $page['calendar_month'] = (int)$matches[2]; + } + if (isset($_GET['day']) + and preg_match('/^(\d+)\.(\d{2})\.(\d{2})$/', + $_GET['day'], + $matches)) + { + $page['calendar_year'] = (int)$matches[1]; + $page['calendar_month'] = (int)$matches[2]; + $page['calendar_day'] = (int)$matches[3]; + } + if (isset($page['calendar_year'])) + { + $page['title'] .= ' ('; + if (isset($page['calendar_day'])) + { + if ($page['calendar_year'] >= 1970) + { + $unixdate = mktime( + 0, + 0, + 0, + $page['calendar_month'], + $page['calendar_day'], + $page['calendar_year'] + ); + $page['title'].= $lang['day'][date("w", $unixdate)]; + } + $page['title'].= ' '.$page['calendar_day'].', '; + } + if (isset($page['calendar_month'])) + { + $page['title'] .= $lang['month'][$page['calendar_month']].' '; + } + $page['title'] .= $page['calendar_year']; + $page['title'] .= ')'; + } + + $page['where'] = 'WHERE '.$conf['calendar_datefield'].' IS NOT NULL'; + if (isset($forbidden)) + { + $page['where'].= ' AND '.$forbidden; + } + + $page['thumbnails_include'] = 'include/category_calendar.inc.php'; + } +// +-----------------------------------------------------------------------+ +// | best rated section | +// +-----------------------------------------------------------------------+ + else if ($page['cat'] == 'best_rated') + { + $query =' +SELECT DISTINCT(id) + FROM '.IMAGES_TABLE.' + INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id + WHERE average_rate IS NOT NULL + AND '.$forbidden.' + ORDER BY average_rate DESC, id ASC + LIMIT 0, '.$conf['top_number'].' +;'; + $page = array_merge( + $page, + array( + 'title' => $conf['top_number'].' '.$lang['best_rated_cat'], + 'items' => array_from_query($query, 'id'), + 'thumbnails_include' => 'include/category_default.inc.php', + ) + ); + } +// +-----------------------------------------------------------------------+ +// | list section | +// +-----------------------------------------------------------------------+ + else if ($page['cat'] == 'list') + { + $query =' +SELECT DISTINCT(id) + FROM '.IMAGES_TABLE.' + INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id + WHERE image_id IN ('.$_GET['list'].') + AND '.$forbidden.' + '.$conf['order_by'].' +;'; + $page = array_merge( + $page, + array( + 'title' => $lang['random_cat'], + 'items' => array_from_query($query, 'id'), + 'thumbnails_include' => 'include/category_default.inc.php', + ) + ); + } + + if (!isset($page['cat_nb_images'])) + { + $page['cat_nb_images'] = count($page['items']); + } + } +} +// +-----------------------------------------------------------------------+ +// | root category | +// +-----------------------------------------------------------------------+ +else +{ + $page['title'] = $lang['no_category']; + $page['thumbnails_include'] = 'include/category_subcats.inc.php'; +} +?>
\ No newline at end of file diff --git a/include/user.inc.php b/include/user.inc.php index ad58b3f92..c22f4b369 100644 --- a/include/user.inc.php +++ b/include/user.inc.php @@ -59,8 +59,13 @@ if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER'])) $user['is_the_guest'] = false; } -$use_cache = (defined('IN_ADMIN') and IN_ADMIN) ? false : true; -$user = array_merge($user, getuserdata($user['id'], $use_cache)); +$user = array_merge( + $user, + getuserdata( + $user['id'], + defined('IN_ADMIN') and IN_ADMIN ? false : true // use cache ? + ) + ); // properties of user guest are found in the configuration if ($user['is_the_guest']) diff --git a/picture.php b/picture.php index f63301a24..22f66b038 100644 --- a/picture.php +++ b/picture.php @@ -30,18 +30,75 @@ $rate_items = array(0,1,2,3,4,5); define('PHPWG_ROOT_PATH','./'); include_once(PHPWG_ROOT_PATH.'include/common.inc.php'); //-------------------------------------------------- access authorization check -check_cat_id( $_GET['cat'] ); +if (isset($page['cat']) and is_numeric($page['cat'])) +{ + check_restrictions($page['cat']); +} +//-------------------------------------------------------------- initialization +include(PHPWG_ROOT_PATH.'include/section_init.inc.php'); -if (!isset($page['cat'])) +// if this image_id doesn't correspond to this category, an error message is +// displayed, and execution is stopped +if (!in_array($_GET['image_id'], $page['items'])) { - die($lang['access_forbiden']); + echo ' +<div style="text-align:center;">'.$lang['access_forbiden'].'<br /> + <a href="'.PHPWG_ROOT_PATH.'category.php'.'">'.$lang['thumbnails'].'</a> +</div>'; + exit(); } -check_login_authorization(); -if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) ) +$page['rank_of'] = array_flip($page['items']); + +// caching first_rank, last_rank, current_rank in the displayed +// section. This should also help in readability. +$page['first_rank'] = 0; +$page['last_rank'] = count($page['items']) - 1; +$page['current_rank'] = $page['rank_of'][ $_GET['image_id'] ]; + +// caching current item : readability purpose +$page['current_item'] = $_GET['image_id']; + +if ($page['current_rank'] != $page['first_rank']) { - check_restrictions( $page['cat'] ); + // "go to first picture of this section" link is displayed only if the + // displayed item is not the first. + $template->assign_block_vars( + 'first', + array( + 'U_IMG' => + PHPWG_ROOT_PATH.'picture.php'. + get_query_string_diff( + array('image_id', 'add_fav', 'slideshow', 'rate') + ). + '&image_id='.$page['items'][ $page['first_rank'] ], + ) + ); + + // caching previous item : readability purpose + $page['previous_item'] = $page['items'][ $page['current_rank'] - 1 ]; } + +if ($page['current_rank'] != $page['last_rank']) +{ + // "go to last picture of this section" link is displayed only if the + // displayed item is not the last. + $template->assign_block_vars( + 'last', + array( + 'U_IMG' => + PHPWG_ROOT_PATH.'picture.php'. + get_query_string_diff( + array('image_id', 'add_fav', 'slideshow', 'rate') + ). + '&image_id='.$page['items'][ $page['last_rank'] ], + ) + ); + + // caching next item : readability purpose + $page['next_item'] = $page['items'][ $page['current_rank'] + 1 ]; +} + //---------------------------------------- incrementation of the number of hits if ( count(array_intersect( array_keys($_GET), @@ -55,64 +112,7 @@ if ( count(array_intersect( ;'; @pwg_query( $query ); } -//-------------------------------------------------------------- initialization -initialize_category( 'picture' ); -// retrieving the number of the picture in its category (in order) -$query = ' -SELECT DISTINCT(id) - FROM '.IMAGES_TABLE.' - INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id - '.$page['where'].' - '.$conf['order_by'].' -;'; -$result = pwg_query( $query ); -$page['num'] = 0; -$belongs = false; -while ($row = mysql_fetch_array($result)) -{ - if ($row['id'] == $_GET['image_id']) - { - $belongs = true; - break; - } - if ($page['num']==0) - { - $url_first_last = PHPWG_ROOT_PATH.'picture.php'; - $url_first_last.= get_query_string_diff(array('image_id','add_fav', - 'slideshow','rate')); - $url_first_last.= '&image_id='; - $template->assign_block_vars( - 'first', - array( - 'U_IMG' => $url_first_last . $row['id'], - )); - } - $page['num']++; -} -if ($page['cat_nb_images']>0 and $page['num'] < $page['cat_nb_images'] - 1) -{ - mysql_data_seek($result, $page['cat_nb_images'] - 1); - $row = mysql_fetch_array($result); - $url_first_last = PHPWG_ROOT_PATH.'picture.php'; - $url_first_last.= get_query_string_diff(array('image_id','add_fav', - 'slideshow','rate')); - $url_first_last.= '&image_id='; - $template->assign_block_vars( - 'last', - array( - 'U_IMG' => $url_first_last . $row['id'], - )); -} -// if this image_id doesn't correspond to this category, an error message is -// displayed, and execution is stopped -if (!$belongs) -{ - echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />'; - echo '<a href="'.PHPWG_ROOT_PATH.'category.php'.'">'; - echo $lang['thumbnails'].'</a></div>'; - exit(); -} //-------------------------------------------------------------- representative if ('admin' == $user['status'] and isset($_GET['representative'])) { @@ -161,57 +161,39 @@ usort($related_categories, 'global_rank_compare'); //------------------------------------- prev, current & next picture management $picture = array(); -if ($page['num'] == 0) +$ids = array($_GET['image_id']); +if (isset($page['previous_item'])) { - $has_prev = false; + array_push($ids, $page['previous_item']); } -else +if (isset($page['next_item'])) { - $has_prev = true; -} - -if ($page['num'] == $page['cat_nb_images'] - 1) -{ - $has_next = false; -} -else -{ - $has_next = true; + array_push($ids, $page['next_item']); } $query = ' -SELECT DISTINCT(i.id), i.* - FROM '.IMAGES_TABLE.' AS i - INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON i.id = ic.image_id - '.$page['where'].' - '.$conf['order_by'].' - '; - -if ( !$has_prev ) -{ - $query.= ' LIMIT 0,2'; -} -else -{ - $query.= ' LIMIT '.($page['num'] - 1).',3'; -} -$query.= ';'; +SELECT * + FROM '.IMAGES_TABLE.' + WHERE id IN ('.implode(',', $ids).') +;'; -$result = pwg_query( $query ); -$indexes = array('prev', 'current', 'next'); +$result = pwg_query($query); -foreach (array('prev', 'current', 'next') as $i) +while ($row = mysql_fetch_array($result)) { - if ($i == 'prev' and !$has_prev) + if (isset($page['previous_item']) and $row['id'] == $page['previous_item']) { - continue; + $i = 'prev'; } - if ($i == 'next' and !$has_next) + else if (isset($page['next_item']) and $row['id'] == $page['next_item']) { - break; + $i = 'next'; } - - $row = mysql_fetch_array($result); + else + { + $i = 'current'; + } + foreach (array_keys($row) as $key) { if (!is_numeric($key)) @@ -234,8 +216,9 @@ foreach (array('prev', 'current', 'next') as $i) if (isset($row['representative_ext']) and $row['representative_ext'] != '') { - $picture[$i]['src'] = $cat_directory.'/pwg_representative/'; - $picture[$i]['src'].= $file_wo_ext.'.'.$row['representative_ext']; + $picture[$i]['src'] = + $cat_directory.'/pwg_representative/' + .$file_wo_ext.'.'.$row['representative_ext']; } else { @@ -274,14 +257,15 @@ foreach (array('prev', 'current', 'next') as $i) $picture[$i]['name'] = str_replace('_', ' ', $file_wo_ext); } - $picture[$i]['url'] = PHPWG_ROOT_PATH.'picture.php'; - $picture[$i]['url'].= get_query_string_diff(array('image_id','add_fav', - 'slideshow','rate')); - $picture[$i]['url'].= '&image_id='.$row['id']; + $picture[$i]['url'] = + PHPWG_ROOT_PATH.'picture.php' + .get_query_string_diff(array('image_id', 'add_fav', 'slideshow', 'rate')) + .'&image_id='.$row['id']; } $url_up = PHPWG_ROOT_PATH.'category.php?cat='.$page['cat']; -$url_up_start = floor( $page['num'] / $user['nb_image_page'] ); + +$url_up_start = floor( $page['current_rank'] / $user['nb_image_page'] ); $url_up_start *= $user['nb_image_page']; if ($url_up_start>0) { @@ -297,12 +281,13 @@ if ( $page['cat'] == 'list' ) $url_up.= "&list=".$_GET['list']; } -$url_admin = PHPWG_ROOT_PATH.'admin.php?page=picture_modify'; -$url_admin.= '&cat_id='.$page['cat']; -$url_admin.= '&image_id='.$_GET['image_id']; +$url_admin = + PHPWG_ROOT_PATH.'admin.php?page=picture_modify' + .'&cat_id='.$page['cat'] + .'&image_id='.$_GET['image_id']; -$url_slide = $picture['current']['url']; -$url_slide.= '&slideshow='.$conf['slideshow_period']; +$url_slide = + $picture['current']['url'].'&slideshow='.$conf['slideshow_period']; //----------------------------------------------------------- rate registration if (isset($_GET['rate']) @@ -484,7 +469,7 @@ $title_nb = ''; if (is_numeric( $page['cat'] )) { $title_img = replace_space(get_cat_display_name($page['cat_name'])); - $n = $page['num'] + 1; + $n = $page['current_rank'] + 1; $title_nb = $n.'/'.$page['cat_nb_images']; } else if ( $page['cat'] == 'search' ) @@ -526,8 +511,8 @@ if ($metadata_showable and !isset($_GET['show_metadata'])) } $page['body_id'] = 'thePicturePage'; -//-------------------------------------------------------- navigation management -if ($has_prev) +//------------------------------------------------------- navigation management +if (isset($page['previous_item'])) { $template->assign_block_vars( 'previous', @@ -536,10 +521,11 @@ if ($has_prev) 'IMG' => $picture['prev']['thumbnail'], 'U_IMG' => $picture['prev']['url'], 'U_IMG_SRC' => $picture['prev']['src'] - )); + ) + ); } -if ($has_next) +if (isset($page['next_item'])) { $template->assign_block_vars( 'next', @@ -548,7 +534,8 @@ if ($has_next) 'IMG' => $picture['next']['thumbnail'], 'U_IMG' => $picture['next']['url'], 'U_IMG_SRC' => $picture['next']['src'] // allow navigator to preload - )); + ) + ); } include(PHPWG_ROOT_PATH.'include/page_header.php'); diff --git a/profile.php b/profile.php index a92ee12c3..2aab4c05d 100644 --- a/profile.php +++ b/profile.php @@ -32,7 +32,14 @@ define('PHPWG_ROOT_PATH','./'); include_once(PHPWG_ROOT_PATH.'include/common.inc.php'); -check_login_authorization(false); + +if ($user['is_the_guest'] and !$guest_allowed) +{ + echo '<div style="text-align:center;">'.$lang['only_members'].'<br />'; + echo '<a href="./identification.php">'.$lang['ident_title'].'</a></div>'; + exit(); +} + $userdata = $user; //------------------------------------------------------ update & customization diff --git a/search.php b/search.php index 28796535d..e4a63ae7d 100644 --- a/search.php +++ b/search.php @@ -28,8 +28,6 @@ //--------------------------------------------------------------------- include define('PHPWG_ROOT_PATH','./'); include_once( PHPWG_ROOT_PATH.'include/common.inc.php' ); -//-------------------------------------------------- access authorization check -check_login_authorization(); //------------------------------------------------------------------ form check $errors = array(); $search = array(); diff --git a/upload.php b/upload.php index dce72a66f..a3fb0e576 100644 --- a/upload.php +++ b/upload.php @@ -112,9 +112,12 @@ function validate_upload( $temp_name, $my_max_file_size, } //-------------------------------------------------- access authorization check -check_login_authorization(); -check_cat_id( $_GET['cat'] ); -if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) ) +if (is_numeric($_GET['cat'])) +{ + $page['cat'] = $_GET['cat']; +} + +if (isset($page['cat'])) { check_restrictions( $page['cat'] ); $result = get_cat_info( $page['cat'] ); |