diff options
Diffstat (limited to '')
-rw-r--r-- | admin/cat_list.php | 2 | ||||
-rw-r--r-- | admin/configuration.php | 26 | ||||
-rw-r--r-- | admin/picture_modify.php | 28 | ||||
-rw-r--r-- | admin/update.php | 56 |
4 files changed, 104 insertions, 8 deletions
diff --git a/admin/cat_list.php b/admin/cat_list.php index b5b4a6852..55d34ff18 100644 --- a/admin/cat_list.php +++ b/admin/cat_list.php @@ -329,7 +329,7 @@ else $template->assign_vars(array( 'CATEGORIES_NAV'=>$navigation, 'NEXT_RANK'=>$next_rank, - 'F_ACTION'=>$form_action, + 'F_ACTION'=>add_session_id($form_action), 'L_ADD_VIRTUAL'=>$lang['cat_add'], 'L_SUBMIT'=>$lang['submit'], diff --git a/admin/configuration.php b/admin/configuration.php index 9b3ca801a..35e92c5b9 100644 --- a/admin/configuration.php +++ b/admin/configuration.php @@ -66,12 +66,8 @@ if (isset($_POST['submit'])) { array_push($errors, $lang['conf_prefix_thumbnail_error']); } - // mail must be formatted as follows : name@server.com - $pattern = '/^[\w-]+(\.[\w-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+$/'; - if (!preg_match($pattern, $_POST['mail_webmaster'])) - { - array_push($errors, $lang['conf_mail_webmaster_error']); - } + // as webmaster mail address shown on the website, it can be obfuscated + // and no comply with normal mail address pattern break; } case 'comments' : @@ -94,6 +90,22 @@ if (isset($_POST['submit'])) { array_push($errors, $lang['periods_error']); } + // maxwidth + if (isset($_POST['default_maxwidth']) + and !empty($_POST['default_maxwidth']) + and (!preg_match($int_pattern, $_POST['default_maxwidth']) + or $_POST['default_maxwidth'] < 50)) + { + array_push($errors, $lang['maxwidth_error']); + } + // maxheight + if (isset($_POST['default_maxheight']) + and !empty($_POST['default_maxheight']) + and (!preg_match($int_pattern, $_POST['default_maxheight']) + or $_POST['default_maxheight'] < 50)) + { + array_push($errors, $lang['maxheight_error']); + } break; } case 'upload' : @@ -255,6 +267,8 @@ switch ($page['section']) 'CONF_STYLE_SELECT'=>style_select($conf['default_template'], 'default_template'), 'CONF_RECENT'=>$conf['recent_period'], 'NB_COMMENTS_PAGE'=>$conf['nb_comment_page'], + 'MAXWIDTH'=>$conf['default_maxwidth'], + 'MAXHEIGHT'=>$conf['default_maxheight'], 'EXPAND_YES'=>$expand_yes, 'EXPAND_NO'=>$expand_no, 'SHOW_COMMENTS_YES'=>$show_yes, diff --git a/admin/picture_modify.php b/admin/picture_modify.php index fc2e2eb51..fffb6ff5c 100644 --- a/admin/picture_modify.php +++ b/admin/picture_modify.php @@ -159,7 +159,33 @@ else $thumbnail_url = get_thumbnail_src($row['path'], @$row['tn_ext']); $url_img = PHPWG_ROOT_PATH.'picture.php?image_id='.$_GET['image_id']; -$url_img .= '&cat='.$row['storage_category_id']; + +$query = ' +SELECT category_id + FROM '.IMAGE_CATEGORY_TABLE.' + WHERE image_id = '.$_GET['image_id']; + +if (isset($user['forbidden_categories']) + and !empty($user['forbidden_categories'])) +{ + $query.= ' + AND category_id NOT IN ('.$user['forbidden_categories'].')'; +} +$query.= ' + ORDER BY RAND() +;'; +$result = pwg_query($query); + +if (mysql_num_rows($result) > 0) +{ + list($category_id) = mysql_fetch_array($result); + $url_img .= '&cat='.$category_id; +} +else +{ + $url_img .= '&cat='.$row['storage_category_id']; +} + $date = isset($_POST['date_creation']) && empty($errors) ?$_POST['date_creation']:date_convert_back(@$row['date_creation']); diff --git a/admin/update.php b/admin/update.php index 56843d21a..59e748198 100644 --- a/admin/update.php +++ b/admin/update.php @@ -453,6 +453,62 @@ SELECT IF(MAX(id)+1 IS NULL, 1, MAX(id)+1) AS next_element_id echo '<!-- scanning files : '; echo get_elapsed_time($start_files, get_moment()); echo ' -->'."\n"; + + // retrieving informations given by uploaders + if (!$simulate) + { + $query = ' +SELECT id,file,storage_category_id,infos + FROM '.WAITING_TABLE.' + WHERE storage_category_id IN ( +'.wordwrap(implode(', ', $cat_ids), 80, "\n").') + AND validated = \'true\' +;'; + $result = pwg_query($query); + + $datas = array(); + $fields = + array( + 'primary' => array('id'), + 'update' => array('date_creation', 'author', 'name', 'comment') + ); + + $waiting_to_delete = array(); + + while ($row = mysql_fetch_array($result)) + { + $data = array(); + + $query = ' +SELECT id + FROM '.IMAGES_TABLE.' + WHERE storage_category_id = \''.$row['storage_category_id'].'\' + AND file = \''.$row['file'].'\' +;'; + list($data['id']) = mysql_fetch_array(pwg_query($query)); + + foreach ($fields['update'] as $field) + { + $data[$field] = getAttribute($row['infos'], $field); + } + + array_push($datas, $data); + array_push($waiting_to_delete, $row['id']); + } + + if (count($datas) > 0) + { + mass_updates(IMAGES_TABLE, $fields, $datas); + + // delete now useless waiting elements + $query = ' +DELETE + FROM '.WAITING_TABLE.' + WHERE id IN ('.implode(',', $waiting_to_delete).') +;'; + pwg_query($query); + } + } } // +-----------------------------------------------------------------------+ // | template initialization | |