aboutsummaryrefslogtreecommitdiffstats
path: root/admin
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--admin/admin.php222
-rw-r--r--admin/ajout.php326
-rw-r--r--admin/cat.php282
-rw-r--r--admin/configuration.php912
-rw-r--r--admin/create_listing_file.php128
-rw-r--r--admin/edit_cat.php116
-rw-r--r--admin/historique.php102
-rw-r--r--admin/images/admin.pngbin0 -> 5844 bytes
-rw-r--r--admin/images/arrow_up.gifbin0 -> 88 bytes
-rw-r--r--admin/images/index.htm8
-rw-r--r--admin/images/moins.gifbin0 -> 867 bytes
-rw-r--r--admin/images/plus.gifbin0 -> 870 bytes
-rw-r--r--admin/images/puce.gifbin0 -> 839 bytes
-rw-r--r--admin/include/functions.php194
-rw-r--r--admin/include/index.htm8
-rw-r--r--admin/include/isadmin.inc.php34
-rw-r--r--admin/index.htm8
-rw-r--r--admin/infos_images.php248
-rw-r--r--admin/install.php599
-rw-r--r--admin/manuel.php151
-rw-r--r--admin/miseajour.php531
-rw-r--r--admin/perm.php270
-rw-r--r--admin/thumbnail.php568
-rw-r--r--admin/user_add.php255
-rw-r--r--admin/user_list.php244
-rw-r--r--admin/waiting.php117
26 files changed, 5323 insertions, 0 deletions
diff --git a/admin/admin.php b/admin/admin.php
new file mode 100644
index 000000000..ce0f601e7
--- /dev/null
+++ b/admin/admin.php
@@ -0,0 +1,222 @@
+<?php
+/***************************************************************************
+ * admin.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Tuesday, July 16, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+
+//----------------------------------------------------------- personnal include
+include_once( './include/isadmin.inc.php' );
+//----------------------------------------------------- template initialization
+$vtp = new VTemplate;
+$handle = $vtp->Open( '../template/'.$user['template'].'/admin/admin.vtp' );
+// language
+$vtp->setGlobalVar( $handle, 'page_title', $lang['title_default'] );
+$vtp->setGlobalVar( $handle, 'menu_title', $lang['menu_title'] );
+//--------------------------------------- validating page and creation of title
+$page_valide = false;
+switch ( $_GET['page'] )
+{
+ case 'ajout':
+ {
+ $titre = $lang['title_add'];
+ $page_valide = true;
+ break;
+ }
+ case 'user_list':
+ {
+ $titre = $lang['title_liste_users'];
+ $page_valide = true;
+ break;
+ }
+ case 'historique':
+ {
+ $titre = $lang['title_history'];
+ $page_valide = true;
+ break;
+ }
+ case 'miseajour':
+ {
+ $titre = $lang['title_update'];
+ $page_valide = true;
+ break;
+ }
+ case 'configuration':
+ {
+ $titre = $lang['title_configuration'];
+ $page_valide = true;
+ break;
+ }
+ case 'manuel':
+ {
+ $titre = $lang['title_instructions'];
+ $page_valide = true;
+ break;
+ }
+ case 'perm':
+ {
+ $titre = $lang['title_permissions'];
+ $page_valide = true;
+ break;
+ }
+ case 'cat':
+ {
+ $titre = $lang['title_categories'];
+ $page_valide = true;
+ break;
+ }
+ case 'edit_cat':
+ {
+ $titre = $lang['title_edit_cat'];
+ $page_valide = true;
+ break;
+ }
+ case 'infos_images':
+ {
+ $titre = $lang['title_info_images'];
+ $page_valide = true;
+ break;
+ }
+ case 'thumbnail':
+ {
+ $titre = $lang['title_thumbnails'];
+ if ( isset( $_GET['dir'] ) )
+ {
+ $titre.= ' '.$lang['title_thumbnails_2'].' <span style="color:#006699;">';
+ // $_GET['dir'] contient :
+ // ../galleries/vieux_lyon ou
+ // ../galleries/vieux_lyon/visite ou
+ // ../galleries/vieux_lyon/visite/truc ...
+ $dir = explode( "/", $_GET['dir'] );
+ $titre.= $dir[2];
+ for ( $i = 3; $i < sizeof( $dir ) - 1; $i++ )
+ {
+ $titre.= ' &gt; '.$dir[$i];
+ }
+ $titre.= "</span>";
+ }
+ $page_valide = true;
+ break;
+ }
+ case 'waiting':
+ {
+ $titre = $lang['title_waiting'];
+ $page_valide = true;
+ break;
+ }
+ default:
+ {
+ $titre = $lang['title_default'];
+ break;
+ }
+}
+$vtp->setGlobalVar( $handle, 'title', $titre );
+//--------------------------------------------------------------------- summary
+$link_start = './admin.php?page=';
+// configuration
+$vtp->addSession( $handle, 'summary' );
+$vtp->setVar( $handle, 'summary.indent', '' );
+$vtp->setVar( $handle, 'summary.link',
+ add_session_id( $link_start.'configuration' ) );
+$vtp->setVar( $handle, 'summary.name', $lang['menu_config'] );
+$vtp->closeSession( $handle, 'summary' );
+// users
+$vtp->addSession( $handle, 'summary' );
+$vtp->setVar( $handle, 'summary.indent', '' );
+$vtp->setVar( $handle, 'summary.link',
+ add_session_id( $link_start.'liste_users' ) );
+$vtp->setVar( $handle, 'summary.name', $lang['menu_users'] );
+$vtp->closeSession( $handle, 'summary' );
+// user list
+$vtp->addSession( $handle, 'summary' );
+$vtp->setVar( $handle, 'summary.indent', '&nbsp;&nbsp;' );
+$vtp->setVar( $handle, 'summary.link',
+ add_session_id( $link_start.'user_list' ) );
+$vtp->setVar( $handle, 'summary.name', $lang['menu_list_user'] );
+$vtp->closeSession( $handle, 'summary' );
+// user add
+$vtp->addSession( $handle, 'summary' );
+$vtp->setVar( $handle, 'summary.indent', '&nbsp;&nbsp;' );
+$vtp->setVar( $handle, 'summary.link', add_session_id( $link_start.'ajout' ) );
+$vtp->setVar( $handle, 'summary.name', $lang['menu_add_user'] );
+$vtp->closeSession( $handle, 'summary' );
+// categories
+$vtp->addSession( $handle, 'summary' );
+$vtp->setVar( $handle, 'summary.indent', '' );
+$vtp->setVar( $handle, 'summary.link', add_session_id( $link_start.'cat' ) );
+$vtp->setVar( $handle, 'summary.name', $lang['menu_categories'] );
+$vtp->closeSession( $handle, 'summary' );
+// waiting
+$vtp->addSession( $handle, 'summary' );
+$vtp->setVar( $handle, 'summary.indent', '' );
+$vtp->setVar( $handle, 'summary.link',
+ add_session_id( $link_start.'waiting' ) );
+$query = 'select id from '.$prefixeTable.'waiting;';
+$result = mysql_query( $query );
+$nb_waiting = '';
+if ( mysql_num_rows( $result ) > 0 )
+{
+ $nb_waiting = ' [ '.mysql_num_rows( $result ).' ]';
+}
+$vtp->setVar( $handle, 'summary.name', $lang['menu_waiting'].$nb_waiting );
+$vtp->closeSession( $handle, 'summary' );
+// update
+$vtp->addSession( $handle, 'summary' );
+$vtp->setVar( $handle, 'summary.indent', '' );
+$vtp->setVar( $handle, 'summary.link',
+ add_session_id( $link_start.'miseajour' ) );
+$vtp->setVar( $handle, 'summary.name', $lang['menu_update'] );
+$vtp->closeSession( $handle, 'summary' );
+// thumbnails
+$vtp->addSession( $handle, 'summary' );
+$vtp->setVar( $handle, 'summary.indent', '' );
+$vtp->setVar( $handle, 'summary.link',
+ add_session_id( $link_start.'thumbnail' ) );
+$vtp->setVar( $handle, 'summary.name', $lang['menu_thumbnails'] );
+$vtp->closeSession( $handle, 'summary' );
+// history
+$vtp->addSession( $handle, 'summary' );
+$vtp->setVar( $handle, 'summary.indent', '' );
+$vtp->setVar( $handle, 'summary.link',
+ add_session_id( $link_start.'historique' ) );
+$vtp->setVar( $handle, 'summary.name', $lang['menu_history'] );
+$vtp->closeSession( $handle, 'summary' );
+// instructions
+$vtp->addSession( $handle, 'summary' );
+$vtp->setVar( $handle, 'summary.indent', '' );
+$vtp->setVar( $handle, 'summary.link',
+ add_session_id( $link_start.'manuel' ) );
+$vtp->setVar( $handle, 'summary.name', $lang['menu_instructions'] );
+$vtp->closeSession( $handle, 'summary' );
+// back to thumbnails page
+$vtp->addSession( $handle, 'summary' );
+$vtp->setVar( $handle, 'summary.indent', '' );
+$vtp->setVar( $handle, 'summary.link', add_session_id( '../category.php' ) );
+$vtp->setVar( $handle, 'summary.name', $lang['menu_back'] );
+$vtp->closeSession( $handle, 'summary' );
+//------------------------------------------------------------- content display
+if ( $page_valide )
+{
+ include ( $_GET['page'].'.php' );
+}
+else
+{
+ $vtp->setVar( $handle, 'sub',
+ '<div style="text-align:center">'.
+ $lang['default_message'].
+ '</div>' );
+}
+//----------------------------------------------------------- html code display
+$code = $vtp->Display( $handle, 0 );
+echo $code;
+?> \ No newline at end of file
diff --git a/admin/ajout.php b/admin/ajout.php
new file mode 100644
index 000000000..3ae1fa2f8
--- /dev/null
+++ b/admin/ajout.php
@@ -0,0 +1,326 @@
+<?php
+/***************************************************************************
+ * ajout.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Tuesday, July 16, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+
+ include_once( "./include/isadmin.inc.php" );
+ $error = array();
+ $absent = false;
+
+ $row = mysql_fetch_array( mysql_query( "select pseudo,status,mail_address from $prefixeTable"."users where id = '".$HTTP_GET_VARS['user_id']."';" ) );
+ $pseudo = $row['pseudo'];
+ $status = $row['status'];
+ $mail_address = $row['mail_address'];
+ if ( $pseudo == "visiteur" || ( $pseudo == $conf['webmaster'] && $user['pseudo'] != $conf['webmaster'] ) )
+ {
+ echo "<div class=\"erreur\">".$lang['user_err_modify']."</div>";
+ $absent = true;
+ }
+ if ( $HTTP_GET_VARS['mode'] == "modif" )
+ {
+ if ( $pseudo == "" )
+ {
+ echo"<div class=\"info\">".$lang['user_err_unknown']."</div>";
+ $absent = true;
+ }
+ }
+ if ( !$absent )
+ {
+ if ( $HTTP_GET_VARS['valider'] == 1 )
+ {
+ $i = 0;
+ // le pseudo ne doit pas
+ // 1. être vide
+ // 2. commencer ou se terminer par un espace
+ // 3. comporter les caractères ' ou "
+ // 4. être déjà utilisé
+ // Notes sur le pseudo du webmaster :
+ // - lorsque l'on trouve plusieurs occurences consécutives du caractère espace, on réduit à une seule occurence
+ if ( $HTTP_GET_VARS['mode'] != "modif" )
+ {
+ if ( $HTTP_POST_VARS['pseudo'] == "" )
+ {
+ $error[$i++] = $lang['reg_err_login1'];
+ }
+ $pseudo = ereg_replace( "[ ]{2,}", " ", $HTTP_POST_VARS['pseudo'] );
+ if ( ereg( "^.* $", $pseudo) )
+ {
+ $error[$i++] = $lang['reg_err_login2'];
+ }
+ if ( ereg( "^ .*$", $pseudo) )
+ {
+ $error[$i++] = $lang['reg_err_login3'];
+ }
+ if ( ereg( "'",$pseudo ) || ereg( "\"",$pseudo ) )
+ {
+ $error[$i++] = $lang['reg_err_login4'];
+ }
+ else
+ {
+ $query = "select id from $prefixeTable"."users where pseudo = '$pseudo';";
+ $result = mysql_query( $query );
+ if ( mysql_num_rows( $result ) > 0 )
+ {
+ $error[$i++] = "<li>".$lang['reg_err_login5']."</li>";
+ }
+ }
+ }
+ // le mail doit être conforme à qqch du type : nom@serveur.com
+ if( $HTTP_POST_VARS['mail_address'] != "" && !ereg( "([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+)", $HTTP_POST_VARS['mail_address'] ) )
+ {
+ $error[$i++] = $lang['reg_err_mail_address'];
+ }
+ // mis à jour des variables pour ne pas afficher celles issue de la BD
+ $pseudo = $HTTP_POST_VARS['pseudo'];
+ $password = $HTTP_POST_VARS['password'];
+ $status = $HTTP_POST_VARS['status'];
+ $mail_address = $HTTP_POST_VARS['mail_address'];
+ // on met à jour les paramètres de l'applicaiton dans le cas où il n'y aucune erreur
+ if ( sizeof( $error ) == 0 && $HTTP_GET_VARS['mode'] != "modif" )
+ {
+ // 1.récupération des valeurs par défaut de l'application pour nombre_image_ligne,nombre_ligne_page,couleur,language
+ $row = mysql_fetch_array( mysql_query( "select nombre_image_ligne,nombre_ligne_page,theme,language from $prefixeTable"."users where pseudo = 'visiteur';" ) );
+ // 2.ajout du nouvel utilisateur
+ $query = "insert into $prefixeTable"."users (pseudo,password,mail_address,nombre_image_ligne,nombre_ligne_page,theme,language,status) values ('$pseudo','".md5( $HTTP_POST_VARS['password'] )."',";
+ if ( $HTTP_POST_VARS['mail_address'] != "" )
+ {
+ $query.= "'".$HTTP_POST_VARS['mail_address']."'";
+ }
+ else
+ {
+ $query.= "NULL";
+ }
+ $query.= ",'".$row['nombre_image_ligne']."','".$row['nombre_ligne_page']."','".$row['theme']."','".$row['language']."','".$HTTP_POST_VARS['status']."');";
+ mysql_query( $query );
+ // 3. récupérer l'identifiant de l'utilisateur nouvellement créé
+ $row = mysql_fetch_array( mysql_query( "select id from $prefixeTable"."users where pseudo = '$pseudo';" ) );
+ $user_id = $row['id'];
+ // 4.ajouter les restrictions au nouvel utilisateur, les mêmes que celles de l'utilisateur par défaut
+ $query = "select cat_id ";
+ $query.= "from $prefixeTable"."restrictions as r,$prefixeTable"."users as u ";
+ $query.= "where u.id = r.user_id ";
+ $query.= "and u.pseudo = 'visiteur';";
+ $result = mysql_query( $query );
+ while( $row = mysql_fetch_array( $result ) )
+ {
+ mysql_query ( "insert into $prefixeTable"."restrictions (user_id,cat_id) values ('$user_id','".$row['cat_id']."');" );
+ }
+ }
+ if ( sizeof( $error ) == 0 && $HTTP_GET_VARS['mode'] == "modif" )
+ {
+ $query = "update $prefixeTable"."users";
+ $query.= " set status = '".$HTTP_POST_VARS['status']."'";
+ if ( $HTTP_POST_VARS['use_new_pwd'] == 1 )
+ {
+ $query.= ", password = '".md5( $HTTP_POST_VARS['password'] )."'";
+ }
+ $query.= ", mail_address = ";
+ if ( $HTTP_POST_VARS['mail_address'] != "" )
+ {
+ $query.= "'".$HTTP_POST_VARS['mail_address']."'";
+ }
+ else
+ {
+ $query.= "NULL";
+ }
+ $query.= " where id = '".$HTTP_GET_VARS['user_id']."';";
+ mysql_query( $query );
+ }
+ }
+ if ( sizeof( $error ) > 0 )
+ {
+ echo "<div class=\"erreur\">".$lang['adduser_err_message'].sizeof( $error )." :";
+ echo "<ul>";
+ for ( $i = 0; $i < sizeof( $error ); $i++ )
+ {
+ echo "<li>".$error[$i]."</li>";
+ }
+ echo "</ul>";
+ echo "</div>";
+ }
+ if ( sizeof( $error ) == 0 && $HTTP_GET_VARS['valider'] == 1 )
+ {
+ echo"<div class=\"info\">".$lang['adduser_info_message']."\"$pseudo\" ";
+ if ( $HTTP_POST_VARS['use_new_pwd'] == 1 )
+ {
+ echo $lang['adduser_info_password_updated']." ";
+ }
+ echo"[ <a href=\"".add_session_id_to_url( "./admin.php?page=liste_users" )."\">".$lang['adduser_info_back']."</a> ]</div>";
+ }
+ if ( $HTTP_GET_VARS['valider'] != 1 || $HTTP_GET_VARS['mode'] != "modif" || sizeof( $error ) > 0 )
+ {
+ if ( $HTTP_GET_VARS['mode'] != "modif" && sizeof( $error ) == 0 )
+ {
+ unset( $pseudo, $password, $status, $mail_address );
+ }
+ if ( !isset( $HTTP_POST_VARS['use_new_pwd'] ) || $HTTP_POST_VARS['use_new_pwd'] != 1 )
+ {
+ unset( $password );
+ }
+ $action = "./admin.php?page=ajout&amp;valider=1";
+ if ( $HTTP_GET_VARS['mode'] == "modif" )
+ {
+ $action.= "&amp;mode=modif&amp;user_id=".$HTTP_GET_VARS['user_id'];
+ }
+ echo"<form method=\"post\" action=\"".add_session_id_to_url( $action )."\">
+ <table style=\"width:100%;\">
+ <tr align=\"center\" valign=\"middle\">
+ <td>
+ <table style=\"margin-left:auto;margin-right:auto;\">
+ <tr>
+ <th colspan=\"2\">".$lang['adduser_fill_form']."</th>
+ </tr>
+ <tr>
+ <td colspan=\"2\"><div style=\"margin-bottom:0px;\">&nbsp;</div></td>
+ </tr>
+ <tr>
+ <td>".$lang['adduser_login']."</td>
+ <td>";
+ if ( $HTTP_GET_VARS['mode'] == "modif" )
+ {
+ echo"<span style=\"color:red;\">$pseudo [".$lang['adduser_unmodify']."]</span>";
+ echo"<input type=\"hidden\" name=\"pseudo\" value=\"$pseudo\"/>";
+ }
+ else
+ {
+ echo"<input type=\"text\" name=\"pseudo\" value=\"$pseudo\"/>";
+ }
+ echo"
+ </td>
+ </tr>";
+ echo"
+ <tr>
+ <td>";
+ if ( $HTTP_GET_VARS['mode'] == "modif" )
+ {
+ echo $lang['new']." ".$lang['password']."<input type=\"checkbox\" name=\"use_new_pwd\" value=\"1\"";
+ if ( isset( $HTTP_POST_VARS['use_new_pwd'] ) && $HTTP_POST_VARS['use_new_pwd'] == 1 )
+ {
+ echo " checked=\"checked\"";
+ }
+ echo " />";
+ }
+ else
+ {
+ echo $lang['password'];
+ }
+ echo"</td>
+ <td>";
+ echo"<input type=\"text\" name=\"password\" value=\"$password\"/></td>
+ </tr>";
+ echo"
+ <tr>
+ <td>".$lang['reg_mail_address']."</td>";
+ echo "
+ <td><input type=\"text\" name=\"mail_address\" value=\"$mail_address\"/></td>
+ </tr>";
+ echo"
+ <tr>
+ <td>".$lang['adduser_status']."</td>
+ <td>";
+ if ( $pseudo == $conf['webmaster'] )
+ {
+ echo "<span style=\"color:red;\">$status [".$lang['adduser_unmodify']."]</span>
+ <input type=\"hidden\" name=\"status\" value=\"$status\"/>";
+ }
+ else
+ {
+ echo"
+ <select name=\"status\">";
+ // on récupère toutes les status possibles dans la base
+ // par l'intermédiaire de la fonction get_enums
+ $option = get_enums( $prefixeTable."users", "status" );
+ for ( $i = 0; $i < sizeof( $option ); $i++ )
+ {
+ if ( isset( $status ) )
+ {
+ echo"
+ <option value=\"$option[$i]\"";
+ if ( $option[$i] == $status )
+ {
+ echo" selected=\"selected\"";
+ }
+ echo">";
+ switch ( $option[$i] )
+ {
+ case "admin" :
+ {
+ echo $lang['adduser_status_admin'];
+ break;
+ }
+ case "membre" :
+ {
+ echo $lang['adduser_status_member'];
+ break;
+ }
+ case "visiteur" :
+ {
+ echo $lang['adduser_status_guest'];
+ break;
+ }
+ }
+ echo"</option>";
+ }
+ else
+ {
+ echo"
+ <option value=\"$option[$i]\"";
+ if ( $option[$i] == "visiteur" )
+ {
+ echo" selected=\"selected\"";
+ }
+ echo">";
+ switch ( $option[$i] )
+ {
+ case "admin" :
+ {
+ echo $lang['adduser_status_admin'];
+ break;
+ }
+ case "membre" :
+ {
+ echo $lang['adduser_status_member'];
+ break;
+ }
+ case "visiteur" :
+ {
+ echo $lang['adduser_status_guest'];
+ break;
+ }
+ }
+ echo"</option>";
+ }
+ }
+ echo"
+ </select>";
+ }
+ echo"
+ </td>
+ </tr>
+ <tr>
+ <td colspan=\"2\" align=\"center\"><input type=\"submit\" value=\"".$lang['submit']."\"/></td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+ </form>";
+ if ( $HTTP_GET_VARS['mode'] == "modif" )
+ {
+ echo "<div style=\"text-align:center;margin-bottom:10px;\">[ <a href=\"".add_session_id_to_url( "./admin.php?page=liste_users" )."\">".$lang['adduser_info_back']."</a> ]</div>";
+ }
+ }
+ }
+?> \ No newline at end of file
diff --git a/admin/cat.php b/admin/cat.php
new file mode 100644
index 000000000..2033d667d
--- /dev/null
+++ b/admin/cat.php
@@ -0,0 +1,282 @@
+<?php
+/***************************************************************************
+ * this file is a part of PhpWebGallery *
+ * ------------------- *
+ * version : 1.3 *
+ * url : http://phpwebgallery.net *
+ * help : http://forum.phpwebgallery.net *
+ * author : Pierrick LE GALL *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+include_once( './include/isadmin.inc.php' );
+//----------------------------------------------------- template initialization
+$sub = $vtp->Open( '../template/'.$user['template'].'/admin/cat.vtp' );
+// language
+$vtp->setGlobalVar( $sub, 'cat_edit', $lang['cat_edit'] );
+$vtp->setGlobalVar( $sub, 'cat_up', $lang['cat_up'] );
+$vtp->setGlobalVar( $sub, 'cat_down', $lang['cat_down'] );
+$vtp->setGlobalVar( $sub, 'cat_image_info', $lang['cat_image_info'] );
+$vtp->setGlobalVar( $sub, 'cat_permission', $lang['cat_permission'] );
+$vtp->setGlobalVar( $sub, 'cat_update', $lang['cat_update'] );
+//--------------------------------------------------------------- rank updates
+if ( isset( $_GET['up'] ) && is_numeric( $_GET['up'] ) )
+{
+ // 1. searching level (id_uppercat)
+ // and rank of the category to move
+ $query = 'select id_uppercat,rank';
+ $query.= ' from '.$prefixeTable.'categories';
+ $query.= ' where id = '.$_GET['up'];
+ $query.= ';';
+ $row = mysql_fetch_array( mysql_query( $query ) );
+ $level = $row['id_uppercat'];
+ $rank = $row['rank'];
+ // 2. searching the id and the rank of the category
+ // just above at the same level
+ $query = 'select id,rank';
+ $query.= ' from '.$prefixeTable.'categories';
+ $query.= ' where rank < '.$rank;
+ if ( $level == '' )
+ {
+ $query.= ' and id_uppercat is null';
+ }
+ else
+ {
+ $query.= ' and id_uppercat = '.$level;
+ }
+ $query.= ' order by rank desc';
+ $query.= ' limit 0,1';
+ $query.= ';';
+ $row = mysql_fetch_array( mysql_query( $query ) );
+ $new_rank = $row['rank'];
+ $replaced_cat = $row['id'];
+ // 3. exchanging ranks between the two categories
+ $query = 'update '.$prefixeTable.'categories';
+ $query.= ' set rank = '.$new_rank;
+ $query.= ' where id = '.$_GET['up'];
+ $query.= ';';
+ mysql_query( $query );
+ $query = 'update '.$prefixeTable.'categories';
+ $query.= ' set rank = '.$rank;
+ $query.= ' where id = '.$replaced_cat;
+ $query.= ';';
+ mysql_query( $query );
+}
+if ( isset( $_GET['down'] ) && is_numeric( $_GET['down'] ) )
+{
+ // 1. searching level (id_uppercat)
+ // and rank of the category to move
+ $query = 'select id_uppercat,rank';
+ $query.= ' from '.$prefixeTable.'categories';
+ $query.= ' where id = '.$_GET['down'];
+ $query.= ';';
+ $row = mysql_fetch_array( mysql_query( $query ) );
+ $level = $row['id_uppercat'];
+ $rank = $row['rank'];
+ // 2. searching the id and the rank of the category
+ // just below at the same level
+ $query = 'select id,rank';
+ $query.= ' from '.$prefixeTable.'categories';
+ $query.= ' where rank > '.$rank;
+ if ( $level == '' )
+ {
+ $query.= ' and id_uppercat is null';
+ }
+ else
+ {
+ $query.= ' and id_uppercat = '.$level;
+ }
+ $query.= ' order by rank asc';
+ $query.= ' limit 0,1';
+ $query.= ';';
+ $row = mysql_fetch_array( mysql_query( $query ) );
+ $new_rank = $row['rank'];
+ $replaced_cat = $row['id'];
+ // 3. exchanging ranks between the two categories
+ $query = 'update '.$prefixeTable.'categories';
+ $query.= ' set rank = '.$new_rank;
+ $query.= ' where id = '.$_GET['down'];
+ $query.= ';';
+ mysql_query( $query );
+ $query = 'update '.$prefixeTable.'categories';
+ $query.= ' set rank = '.$rank;
+ $query.= ' where id = '.$replaced_cat;
+ $query.= ';';
+ mysql_query( $query );
+}
+//------------------------------------------------------------------ reordering
+function ordering( $id_uppercat )
+{
+ global $prefixeTable;
+
+ $rank = 1;
+
+ $query = 'select id';
+ $query.= ' from '.$prefixeTable.'categories';
+ if ( !is_numeric( $id_uppercat ) )
+ {
+ $query.= ' where id_uppercat is NULL';
+ }
+ else
+ {
+ $query.= ' where id_uppercat = '.$id_uppercat;
+ }
+ $query.= ' order by rank asc, dir asc';
+ $query.= ';';
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ $query = 'update '.$prefixeTable.'categories';
+ $query.= ' set rank = '.$rank;
+ $query.= ' where id = '.$row['id'];
+ $query.= ';';
+ mysql_query( $query );
+ $rank++;
+ ordering( $row['id'] );
+ }
+}
+
+ordering( 'NULL' );
+//----------------------------------------------------affichage de la page
+function display_cat_manager( $id_uppercat, $indent,
+ $uppercat_visible, $level )
+{
+ global $prefixeTable,$lang,$conf,$sub,$vtp;
+
+ // searching the min_rank and the max_rank of the category
+ $query = 'select min(rank) as min, max(rank) as max';
+ $query.= ' from '.$prefixeTable.'categories';
+ if ( !is_numeric( $id_uppercat ) )
+ {
+ $query.= ' where id_uppercat is NULL';
+ }
+ else
+ {
+ $query.= ' where id_uppercat = '.$id_uppercat;
+ }
+ $query.= ';';
+ $result = mysql_query( $query );
+ $row = mysql_fetch_array( $result );
+ $min_rank = $row['min'];
+ $max_rank = $row['max'];
+
+ // will we use <th> or <td> lines ?
+ $td = 'td';
+ $class = '';
+ if ( $level > 0 )
+ {
+ $class = 'row'.$level;
+ }
+ else
+ {
+ $td = 'th';
+ }
+
+ $query = 'select id,name,dir,nb_images,status,rank,site_id';
+ $query.= ' from '.$prefixeTable.'categories';
+ if ( !is_numeric( $id_uppercat ) )
+ {
+ $query.= ' where id_uppercat is NULL';
+ }
+ else
+ {
+ $query.= ' where id_uppercat = '.$id_uppercat;
+ }
+ $query.= ' order by rank asc';
+ $query.= ';';
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ $subcat_visible = true;
+
+ $vtp->addSession( $sub, 'cat' );
+ $vtp->setVar( $sub, 'cat.td', $td );
+ $vtp->setVar( $sub, 'cat.class', $class );
+ $vtp->setVar( $sub, 'cat.indent', $indent );
+ if ( $row['name'] == '' )
+ {
+ $name = str_replace( '_', ' ', $row['dir'] );
+ }
+ else
+ {
+ $name = $row['name'];
+ }
+ $vtp->setVar( $sub, 'cat.name', $name );
+ $vtp->setVar( $sub, 'cat.dir', $row['dir'] );
+ if ( $row['status'] == 'invisible' || !$uppercat_visible )
+ {
+ $subcat_visible = false;
+ $vtp->setVar( $sub, 'cat.invisible', $lang['cat_invisible'] );
+ }
+ $vtp->setVar( $sub, 'cat.nb_picture', $row['nb_images'] );
+ $url = add_session_id( './admin.php?page=edit_cat&amp;cat='.$row['id'] );
+ $vtp->setVar( $sub, 'cat.edit_url', $url );
+ if ( $row['rank'] != $min_rank )
+ {
+ $vtp->addSession( $sub, 'up' );
+ $url = add_session_id( './admin.php?page=cat&amp;up='.$row['id'] );
+ $vtp->setVar( $sub, 'up.up_url', $url );
+ $vtp->closeSession( $sub, 'up' );
+ }
+ else
+ {
+ $vtp->addSession( $sub, 'no_up' );
+ $vtp->closeSession( $sub, 'no_up' );
+ }
+ if ( $row['rank'] != $max_rank )
+ {
+ $vtp->addSession( $sub, 'down' );
+ $url = add_session_id( './admin.php?page=cat&amp;down='.$row['id'] );
+ $vtp->setVar( $sub, 'down.down_url', $url );
+ $vtp->closeSession( $sub, 'down' );
+ }
+ else
+ {
+ $vtp->addSession( $sub, 'no_down' );
+ $vtp->closeSession( $sub, 'no_down' );
+ }
+ if ( $row['nb_images'] > 0 )
+ {
+ $vtp->addSession( $sub, 'image_info' );
+ $url = add_session_id( './admin.php?page=infos_images&amp;cat_id='
+ .$row['id'] );
+ $vtp->setVar( $sub, 'image_info.image_info_url', $url );
+ $vtp->closeSession( $sub, 'image_info' );
+ }
+ else
+ {
+ $vtp->addSession( $sub, 'no_image_info' );
+ $vtp->closeSession( $sub, 'no_image_info' );
+ }
+ $url = add_session_id( './admin.php?page=perm&amp;cat_id='.$row['id'] );
+ $vtp->setVar( $sub, 'cat.permission_url', $url );
+ if ( $row['site_id'] == 1 )
+ {
+ $vtp->addSession( $sub, 'update' );
+ $url = add_session_id('./admin.php?page=update&amp;update='.$row['id']);
+ $vtp->setVar( $sub, 'update.update_url', $url );
+ $vtp->closeSession( $sub, 'update' );
+ }
+ else
+ {
+ $vtp->addSession( $sub, 'no_update' );
+ $vtp->closeSession( $sub, 'no_update' );
+ }
+
+ $vtp->closeSession( $sub, 'cat' );
+
+ display_cat_manager( $row['id'], $indent.str_repeat( '&nbsp', 4 ),
+ $subcat_visible, $level + 1 );
+ }
+}
+display_cat_manager( 'NULL', str_repeat( '&nbsp', 4 ), true, 0 );
+//----------------------------------------------------------- sending html code
+$vtp->Parse( $handle , 'sub', $sub );
+?> \ No newline at end of file
diff --git a/admin/configuration.php b/admin/configuration.php
new file mode 100644
index 000000000..6f1726f06
--- /dev/null
+++ b/admin/configuration.php
@@ -0,0 +1,912 @@
+<?
+/***************************************************************************
+ * configuration.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Tuesday, July 16, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+
+include_once( './include/isadmin.inc.php' );
+
+$Caracs = array("¥" => "Y", "µ" => "u", "À" => "A", "Á" => "A",
+ "Â" => "A", "Ã" => "A", "Ä" => "A", "Å" => "A",
+ "Æ" => "A", "Ç" => "C", "È" => "E", "É" => "E",
+ "Ê" => "E", "Ë" => "E", "Ì" => "I", "Í" => "I",
+ "Î" => "I", "Ï" => "I", "Ð" => "D", "Ñ" => "N",
+ "Ò" => "O", "Ó" => "O", "Ô" => "O", "Õ" => "O",
+ "Ö" => "O", "Ø" => "O", "Ù" => "U", "Ú" => "U",
+ "Û" => "U", "Ü" => "U", "Ý" => "Y", "ß" => "s",
+ "à" => "a", "á" => "a", "â" => "a", "ã" => "a",
+ "ä" => "a", "å" => "a", "æ" => "a", "ç" => "c",
+ "è" => "e", "é" => "e", "ê" => "e", "ë" => "e",
+ "ì" => "i", "í" => "i", "î" => "i", "ï" => "i",
+ "ð" => "o", "ñ" => "n", "ò" => "o", "ó" => "o",
+ "ô" => "o", "õ" => "o", "ö" => "o", "ø" => "o",
+ "ù" => "u", "ú" => "u", "û" => "u", "ü" => "u",
+ "ý" => "y", "ÿ" => "y");
+//------------------------------ verification and registration of modifications
+$conf_infos = array( 'prefixe_thumbnail', 'webmaster', 'mail_webmaster',
+ 'acces', 'session_id_size', 'session_time',
+ 'session_keyword', 'max_user_listbox', 'show_comments',
+ 'nb_comment_page', 'upload_available',
+ 'upload_maxfilesize', 'upload_maxwidth',
+ 'upload_maxheight', 'upload_maxwidth_thumbnail',
+ 'upload_maxheight_thumbnail' );
+$default_user_infos = array( 'nb_image_line', 'nb_line_page', 'theme',
+ 'language', 'maxwidth', 'maxheight', 'expand',
+ 'show_nb_comments', 'short_period', 'long_period',
+ 'template' );
+$error = array();
+$i = 0;
+if ( $_GET['valider'] == 1 )
+{
+ //purge de la table des session si demandé
+ if ( $_POST['empty_session_table'] == 1 )
+ {
+ $query = 'delete from '.$prefixeTable.'sessions';
+ $query.= ' where expiration < '.time().';';
+ mysql_query( $query );
+ }
+ // deletion of site as asked
+ $query = 'select id';
+ $query.= ' from '.$prefixeTable.'sites';
+ $query.= " where galleries_url <> './galleries/';";
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ $site = 'delete_site_'.$row['id'];
+ if ( $_POST[$site] == 1 )
+ {
+ delete_site( $row['id'] );
+ }
+ }
+ // le préfixe des thumbnails ne doit pas comporter d'accent
+ $ancien_prefixe = $_POST['prefixe_thumbnail'];
+ $prefixe = strtr( $_POST['prefixe_thumbnail'], $Caracs );
+ if ( $ancien_prefixe != $prefixe )
+ {
+ $error[$i++] = $lang['conf_err_prefixe'];
+ }
+ // le mail doit être conforme à qqch du type : nom@serveur.com
+ if ( !ereg( "([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+)",
+ $_POST['mail_webmaster'] ) )
+ {
+ $error[$i++] = $lang['conf_err_mail'];
+ }
+ // les période doivent être des entiers, il représentent des nombres de jours
+ if ( !ereg( "^[0-9]*$", $_POST['short_period'] )
+ || !ereg("^[0-9]*$", $_POST['long_period'] ) )
+ {
+ $error[$i++] = $lang['err_periods'];
+ }
+ else
+ {
+ // la période longue doit être supérieure à la période courte
+ if ( $_POST['long_period'] <= $_POST['short_period']
+ || $_POST['short_period'] <= 0 )
+ {
+ $error[$i++] = $lang['err_periods_2'];
+ }
+ }
+ //la taille de l'id de session doit être un entier entre 4 et 50
+ if ( !ereg( "^[1-9][0-9]*$", $_POST['session_id_size'] )
+ || $_POST['session_id_size'] < 4
+ || $_POST['session_id_size'] > 50 )
+ {
+ $error[$i++] = $lang['conf_err_sid_size'];
+ }
+ // la durée de la session doit être un entier
+ // supérieur à 5 et inférieur à 60 minutes
+ if ( !ereg( "^[1-9][0-9]?$", $_POST['session_time'] )
+ || $_POST['session_time'] < 5
+ || $_POST['session_time'] > 60 )
+ {
+ $error[$i++] = $lang['conf_err_sid_time'];
+ }
+ // max_user_listbox doit être un entier compris entre 0 et 255 inclus
+ if ( !ereg( "^[0-9]{0,3}$", $_POST['max_user_listbox'] )
+ || $_POST['max_user_listbox'] < 0
+ || $_POST['max_user_listbox'] > 255 )
+ {
+ $error[$i++] = $lang['conf_err_max_user_listbox'];
+ }
+ // le nombre de commentaires par page doit être compris entre 5 en 50 inclus
+ if ( !ereg( "^[1-9][0-9]?$", $_POST['nb_comment_page'] )
+ || $_POST['nb_comment_page'] < 5
+ || $_POST['nb_comment_page'] > 50 )
+ {
+ $error[$i++] = $lang['conf_err_comment_number'];
+ }
+ // le poids maximum des fichiers uploadé doit être un entier,
+ // compris entre 10 et 1000
+ if ( !ereg( "^[1-9][0-9]*$", $_POST['upload_maxfilesize'] )
+ || $_POST['upload_maxfilesize'] < 10
+ || $_POST['upload_maxfilesize'] > 1000 )
+ {
+ $error[$i++] = $lang['conf_err_upload_maxfilesize'];
+ }
+ // la largeur maximum des images uploadées doit être un entier,
+ // supérieur à 10
+ if ( !ereg( "^[1-9][0-9]*$", $_POST['upload_maxwidth'] )
+ || $_POST['upload_maxwidth'] < 10 )
+ {
+ $error[$i++] = $lang['conf_err_upload_maxwidth'];
+ }
+ // la hauteur maximum des images uploadées doit être un entier,
+ // supérieur à 10
+ if ( !ereg( "^[1-9][0-9]*$", $_POST['upload_maxheight'] )
+ || $_POST['upload_maxheight'] < 10 )
+ {
+ $error[$i++] = $lang['conf_err_upload_maxheight'];
+ }
+ // la largeur maximum des miniatures uploadées doit être un entier,
+ // supérieur à 10
+ if ( !ereg( "^[1-9][0-9]*$", $_POST['upload_maxwidth_thumbnail'] )
+ || $_POST['upload_maxwidth_thumbnail'] < 10 )
+ {
+ $error[$i++] = $lang['conf_err_upload_maxwidth_thumbnail'];
+ }
+ // la hauteur maximum des miniatures uploadées doit être un entier,
+ // supérieur à 10
+ if ( !ereg( "^[1-9][0-9]*$", $_POST['upload_maxheight_thumbnail'] )
+ || $_POST['upload_maxheight_thumbnail'] < 10 )
+ {
+ $error[$i++] = $lang['conf_err_upload_maxheight_thumbnail'];
+ }
+ if ( $_POST['maxwidth'] != '' )
+ {
+ if ( !ereg( "^[0-9]{2,}$", $_POST['maxwidth'] )
+ || $_POST['maxwidth'] < 50 )
+ {
+ $error[$i++] = $lang['err_maxwidth'];
+ }
+ }
+ if ( $_POST['maxheight'] != '' )
+ {
+ if ( !ereg( "^[0-9]{2,}$", $_POST['maxheight'] )
+ || $_POST['maxheight'] < 50 )
+ {
+ $error[$i++] = $lang['err_maxheight'];
+ }
+ }
+ // on met à jour les paramètres de l'application
+ // dans le cas où il n'y aucune erreurs
+ if ( sizeof( $error ) == 0 )
+ {
+ mysql_query( 'delete from '.$prefixeTable.'config;' );
+ $query = 'insert into '.$prefixeTable.'config';
+ $query.= ' (';
+ for ( $i = 0; $i < sizeof( $conf_infos ); $i++ )
+ {
+ if ( $i > 0 )
+ {
+ $query.= ',';
+ }
+ $query.= $conf_infos[$i];
+ }
+ $query.= ')';
+ $query.= ' values';
+ $query.= ' (';
+ for ( $i = 0; $i < sizeof( $conf_infos ); $i++ )
+ {
+ if ( $i > 0 )
+ {
+ $query.= ',';
+ }
+ if ( $_POST[$conf_infos[$i]] == '' )
+ {
+ $query.= 'NULL';
+ }
+ else
+ {
+ $query.= "'".$_POST[$conf_infos[$i]]."'";
+ }
+ }
+ $query.= ')';
+ $query.= ';';
+ echo $query;
+ mysql_query( $query );
+
+ $tab_theme = explode( ' - ', $_POST['theme'] );
+ $_POST['theme'] = $tab_theme[0].'/'.$tab_theme[1];
+
+ $query = 'update '.$prefixeTable.'users';
+ $query.= ' set';
+ for ( $i = 0; $i < sizeof( $default_user_infos ); $i++ )
+ {
+ if ( $i > 0 )
+ {
+ $query.= ',';
+ }
+ else
+ {
+ $query.= ' ';
+ }
+ $query.= $default_user_infos[$i];
+ $query.= ' = ';
+ if ( $_POST[$default_user_infos[$i]] == '' )
+ {
+ $query.= 'NULL';
+ }
+ else
+ {
+ $query.= "'".$_POST[$default_user_infos[$i]]."'";
+ }
+ }
+ $query.= " where pseudo = 'visiteur';";
+ mysql_query( $query );
+ }
+//--------------------------------------------------------- data initialization
+ for ( $i = 0; $i < sizeof( $conf_infos ); $i++ )
+ {
+ $$conf_infos[$i] = $_POST[$conf_infos[$i]];
+ }
+ for ( $i = 0; $i < sizeof( $default_user_infos ); $i++ )
+ {
+ $$default_user_infos[$i] = $_POST[$default_user_infos[$i]];
+ }
+}
+else
+{
+//--------------------------------------------------------- data initialization
+ $query = 'select';
+ for ( $i = 0; $i < sizeof( $conf_infos ); $i++ )
+ {
+ if ( $i > 0 )
+ {
+ $query.= ',';
+ }
+ else
+ {
+ $query.= ' ';
+ }
+ $query.= $conf_infos[$i];
+ }
+ $query .= ' from '.$prefixeTable.'config;';
+
+ $row = mysql_fetch_array( mysql_query( $query ) );
+
+ for ( $i = 0; $i < sizeof( $conf_infos ); $i++ )
+ {
+ $$conf_infos[$i] = $row[$conf_infos[$i]];
+ }
+ $query = 'select';
+ for ( $i = 0; $i < sizeof( $default_user_infos ); $i++ )
+ {
+ if ( $i > 0 )
+ {
+ $query.= ',';
+ }
+ else
+ {
+ $query.= ' ';
+ }
+ $query.= $default_user_infos[$i];
+ }
+ $query .= ' from '.$prefixeTable.'users';
+ $query.= " where pseudo ='visiteur';";
+
+ $row = mysql_fetch_array( mysql_query( $query ) );
+
+ for ( $i = 0; $i < sizeof( $default_user_infos ); $i++ )
+ {
+ $$default_user_infos[$i] = $row[$default_user_infos[$i]];
+ }
+}
+//----------------------------------------------------- template initialization
+$sub = $vtp->Open( '../template/'.$user['template'].
+ '/admin/configuration.vtp' );
+// language
+$vtp->setGlobalVar( $sub, 'conf_confirmation', $lang['conf_confirmation'] );
+$vtp->setGlobalVar( $sub, 'conf_remote_site_title',
+ $lang['conf_remote_site_title'] );
+$vtp->setGlobalVar( $sub, 'delete', $lang['delete'] );
+$vtp->setGlobalVar( $sub, 'conf_remote_site_delete_info',
+ $lang['conf_remote_site_delete_info'] );
+$vtp->setGlobalVar( $sub, 'submit', $lang['submit'] );
+//-------------------------------------------------------------- errors display
+if ( sizeof( $error ) != 0 )
+{
+ $vtp->addSession( $sub, 'errors' );
+ for ( $i = 0; $i < sizeof( $error ); $i++ )
+ {
+ $vtp->addSession( $sub, 'li' );
+ $vtp->setVar( $sub, 'li.li', $error[$i] );
+ $vtp->closeSession( $sub, 'li' );
+ }
+ $vtp->closeSession( $sub, 'errors' );
+}
+//-------------------------------------------------------- confirmation display
+if ( sizeof( $error ) == 0 && $_GET['valider'] == 1 )
+{
+ $vtp->addSession( $sub, 'confirmation' );
+ $vtp->closeSession( $sub, 'confirmation' );
+}
+//----------------------------------------------------------------- form action
+$form_action = add_session_id( './admin.php?page=configuration&valider=1' );
+$vtp->setVar( $sub, 'form_action', $form_action );
+//------------------------------------------------------- general configuration
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'title_line' );
+$vtp->setVar( $sub, 'title_line.title', $lang['conf_general_title'] );
+$vtp->closeSession( $sub, 'title_line' );
+$vtp->closeSession( $sub, 'line' );
+
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'line' );
+// webmaster name
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_general_webmaster'] );
+$vtp->addSession( $sub, 'hidden' );
+$vtp->setVar( $sub, 'hidden.text', $webmaster );
+$vtp->setVar( $sub, 'hidden.name', 'webmaster' );
+$vtp->setVar( $sub, 'hidden.value', $webmaster );
+$vtp->closeSession( $sub, 'hidden' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_general_webmaster_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// webmaster mail address
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_general_mail'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'mail_webmaster' );
+$vtp->setVar( $sub, 'text.value', $mail_webmaster );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_general_mail_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// prefix for thumbnails
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_general_prefix'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'prefixe_thumbnail' );
+$vtp->setVar( $sub, 'text.value', $prefixe_thumbnail );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_general_prefix_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// access type
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_general_access'] );
+$vtp->addSession( $sub, 'group' );
+$vtp->addSession( $sub, 'radio' );
+$vtp->setVar( $sub, 'radio.name', 'acces' );
+$vtp->setVar( $sub, 'radio.value', 'libre' );
+$vtp->setVar( $sub, 'radio.option', $lang['conf_general_access_1'] );
+$checked = '';
+if ( $acces == 'libre' )
+{
+ $checked = ' checked="checked"';
+}
+$vtp->setVar( $sub, 'radio.checked', $checked );
+$vtp->closeSession( $sub, 'radio' );
+$vtp->addSession( $sub, 'radio' );
+$vtp->setVar( $sub, 'radio.name', 'acces' );
+$vtp->setVar( $sub, 'radio.value', 'restreint' );
+$vtp->setVar( $sub, 'radio.option', $lang['conf_general_access_2'] );
+$checked = '';
+if ( $acces == 'restreint' )
+{
+ $checked = ' checked="checked"';
+}
+$vtp->setVar( $sub, 'radio.checked', $checked );
+$vtp->closeSession( $sub, 'radio' );
+$vtp->closeSession( $sub, 'group' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_general_access_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// maximum user number to display in the listbox of identification page
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name',
+ $lang['conf_general_max_user_listbox'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'max_user_listbox' );
+$vtp->setVar( $sub, 'text.value', $max_user_listbox );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def',
+ $lang['conf_general_max_user_listbox_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'line' );
+//------------------------------------------------------ comments configuration
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'title_line' );
+$vtp->setVar( $sub, 'title_line.title', $lang['conf_comments_title'] );
+$vtp->closeSession( $sub, 'title_line' );
+$vtp->closeSession( $sub, 'line' );
+
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'line' );
+// show comments ?
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_comments_show_comments'] );
+$vtp->addSession( $sub, 'group' );
+$vtp->addSession( $sub, 'radio' );
+$vtp->setVar( $sub, 'radio.name', 'show_comments' );
+$vtp->setVar( $sub, 'radio.value', 'true' );
+$vtp->setVar( $sub, 'radio.option', $lang['yes'] );
+$checked = '';
+if ( $show_comments == 'true' )
+{
+ $checked = ' checked="checked"';
+}
+$vtp->setVar( $sub, 'radio.checked', $checked );
+$vtp->closeSession( $sub, 'radio' );
+$vtp->addSession( $sub, 'radio' );
+$vtp->setVar( $sub, 'radio.name', 'show_comments' );
+$vtp->setVar( $sub, 'radio.value', 'false' );
+$vtp->setVar( $sub, 'radio.option', $lang['no'] );
+$checked = '';
+if ( $show_comments == 'false' )
+{
+ $checked = ' checked="checked"';
+}
+$vtp->setVar( $sub, 'radio.checked', $checked );
+$vtp->closeSession( $sub, 'radio' );
+$vtp->closeSession( $sub, 'group' );
+$vtp->setVar( $sub, 'param_line.def',
+ $lang['conf_comments_show_comments_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// number of comments per page
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name',
+ $lang['conf_comments_comments_number'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'nb_comment_page' );
+$vtp->setVar( $sub, 'text.value', $nb_comment_page );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def',
+ $lang['conf_comments_comments_number_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'line' );
+//-------------------------------------------------- default user configuration
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'title_line' );
+$vtp->setVar( $sub, 'title_line.title', $lang['conf_default_title'] );
+$vtp->closeSession( $sub, 'title_line' );
+$vtp->closeSession( $sub, 'line' );
+
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'line' );
+// default language
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['customize_language'] );
+$vtp->addSession( $sub, 'select' );
+$vtp->setVar( $sub, 'select.name', 'language' );
+$option = get_languages( '../language/' );
+for ( $i = 0; $i < sizeof( $option ); $i++ )
+{
+ $vtp->addSession( $sub, 'option' );
+ $vtp->setVar( $sub, 'option.option', $option[$i] );
+ if ( $option[$i] == $language )
+ {
+ $vtp->setVar( $sub, 'option.selected', ' selected="selected"' );
+ }
+ $vtp->closeSession( $sub, 'option' );
+}
+$vtp->closeSession( $sub, 'select' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_default_language_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// number of image per row
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['customize_nb_image_per_row'] );
+$vtp->addSession( $sub, 'select' );
+$vtp->setVar( $sub, 'select.name', 'nb_image_line' );
+for ( $i = 0; $i < sizeof( $conf['nb_image_row'] ); $i++ )
+{
+ $vtp->addSession( $sub, 'option' );
+ $vtp->setVar( $sub, 'option.option', $conf['nb_image_row'][$i] );
+ if ( $conf['nb_image_row'][$i] == $nb_image_line )
+ {
+ $vtp->setVar( $sub, 'option.selected', ' selected="selected"' );
+ }
+ $vtp->closeSession( $sub, 'option' );
+}
+$vtp->closeSession( $sub, 'select' );
+$vtp->setVar( $sub, 'param_line.def',
+ $lang['conf_default_nb_image_per_row_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// number of row per page
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['customize_nb_row_per_page'] );
+$vtp->addSession( $sub, 'select' );
+$vtp->setVar( $sub, 'select.name', 'nb_line_page' );
+for ( $i = 0; $i < sizeof( $conf['nb_row_page'] ); $i++ )
+{
+ $vtp->addSession( $sub, 'option' );
+ $vtp->setVar( $sub, 'option.option', $conf['nb_row_page'][$i] );
+ if ( $conf['nb_row_page'][$i] == $nb_line_page )
+ {
+ $vtp->setVar( $sub, 'option.selected', ' selected="selected"' );
+ }
+ $vtp->closeSession( $sub, 'option' );
+}
+$vtp->closeSession( $sub, 'select' );
+$vtp->setVar( $sub, 'param_line.def',
+ $lang['conf_default_nb_row_per_page_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// template
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['customize_template'] );
+$vtp->addSession( $sub, 'select' );
+$vtp->setVar( $sub, 'select.name', 'template' );
+$option = get_dirs( '../template/' );
+for ( $i = 0; $i < sizeof( $option ); $i++ )
+{
+ $vtp->addSession( $sub, 'option' );
+ $vtp->setVar( $sub, 'option.option', $option[$i] );
+ if ( $option[$i] == $template )
+ {
+ $vtp->setVar( $sub, 'option.selected', ' selected="selected"' );
+ }
+ $vtp->closeSession( $sub, 'option' );
+}
+$vtp->closeSession( $sub, 'select' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_default_template_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// theme
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['customize_theme'] );
+$vtp->addSession( $sub, 'select' );
+$vtp->setVar( $sub, 'select.name', 'theme' );
+$option = get_themes( '../theme/' );
+for ( $i = 0; $i < sizeof( $option ); $i++ )
+{
+ $vtp->addSession( $sub, 'option' );
+ $vtp->setVar( $sub, 'option.option', $option[$i] );
+ if ( $option[$i] == str_replace( "/", " - ", $theme ) )
+ {
+ $vtp->setVar( $sub, 'option.selected', ' selected="selected"' );
+ }
+ $vtp->closeSession( $sub, 'option' );
+}
+$vtp->closeSession( $sub, 'select' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_default_theme_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// short period time
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['customize_short_period'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'short_period' );
+$vtp->setVar( $sub, 'text.value', $short_period );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_default_short_period_info']);
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// long period time
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['customize_long_period'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'long_period' );
+$vtp->setVar( $sub, 'text.value', $long_period );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_default_long_period_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// max displayed width
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['maxwidth'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'maxwidth' );
+$vtp->setVar( $sub, 'text.value', $maxwidth );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_default_maxwidth_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// max displayed height
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['maxheight'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'maxheight' );
+$vtp->setVar( $sub, 'text.value', $maxheight );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_default_maxheight_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// expand all categories ?
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['customize_expand'] );
+$vtp->addSession( $sub, 'group' );
+$vtp->addSession( $sub, 'radio' );
+$vtp->setVar( $sub, 'radio.name', 'expand' );
+
+$vtp->setVar( $sub, 'radio.value', 'true' );
+$checked = '';
+if ( $expand == 'true' )
+{
+ $checked = ' checked="checked"';
+}
+$vtp->setVar( $sub, 'radio.checked', $checked );
+$vtp->setVar( $sub, 'radio.option', $lang['yes'] );
+$vtp->closeSession( $sub, 'radio' );
+$vtp->addSession( $sub, 'radio' );
+$vtp->setVar( $sub, 'radio.name', 'expand' );
+$vtp->setVar( $sub, 'radio.value', 'false' );
+$checked = '';
+if ( $expand == 'false' )
+{
+ $checked = ' checked="checked"';
+}
+$vtp->setVar( $sub, 'radio.checked', $checked );
+$vtp->setVar( $sub, 'radio.option', $lang['no'] );
+$vtp->closeSession( $sub, 'radio' );
+$vtp->closeSession( $sub, 'group' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_default_expand_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// show number of comments on thumbnails page
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['customize_show_nb_comments'] );
+$vtp->addSession( $sub, 'group' );
+$vtp->addSession( $sub, 'radio' );
+$vtp->setVar( $sub, 'radio.name', 'show_nb_comments' );
+$vtp->setVar( $sub, 'radio.value', 'true' );
+$checked = '';
+if ( $show_nb_comments == 'true' )
+{
+ $checked = ' checked="checked"';
+}
+$vtp->setVar( $sub, 'radio.checked', $checked );
+$vtp->setVar( $sub, 'radio.option', $lang['yes'] );
+$vtp->closeSession( $sub, 'radio' );
+$vtp->addSession( $sub, 'radio' );
+$vtp->setVar( $sub, 'radio.name', 'show_nb_comments' );
+$vtp->setVar( $sub, 'radio.value', 'false' );
+$checked = '';
+if ( $show_nb_comments == 'false' )
+{
+ $checked = ' checked="checked"';
+}
+$vtp->setVar( $sub, 'radio.checked', $checked );
+$vtp->setVar( $sub, 'radio.option', $lang['no'] );
+$vtp->closeSession( $sub, 'radio' );
+$vtp->closeSession( $sub, 'group' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_default_show_nb_comments_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'line' );
+//-------------------------------------------------------- upload configuration
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'title_line' );
+$vtp->setVar( $sub, 'title_line.title', $lang['conf_upload_title'] );
+$vtp->closeSession( $sub, 'title_line' );
+$vtp->closeSession( $sub, 'line' );
+
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'line' );
+// is upload available ?
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_upload_available'] );
+$vtp->addSession( $sub, 'group' );
+$vtp->addSession( $sub, 'radio' );
+$vtp->setVar( $sub, 'radio.name', 'upload_available' );
+$vtp->setVar( $sub, 'radio.value', 'true' );
+$checked = '';
+if ( $upload_available == 'true' )
+{
+ $checked = ' checked="checked"';
+}
+$vtp->setVar( $sub, 'radio.checked', $checked );
+$vtp->setVar( $sub, 'radio.option', $lang['yes'] );
+$vtp->closeSession( $sub, 'radio' );
+$vtp->addSession( $sub, 'radio' );
+$vtp->setVar( $sub, 'radio.name', 'upload_available' );
+$vtp->setVar( $sub, 'radio.value', 'false' );
+$checked = '';
+if ( $upload_available == 'false' )
+{
+ $checked = ' checked="checked"';
+}
+$vtp->setVar( $sub, 'radio.checked', $checked );
+$vtp->setVar( $sub, 'radio.option', $lang['no'] );
+$vtp->closeSession( $sub, 'radio' );
+$vtp->closeSession( $sub, 'group' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_upload_available_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// max filesize uploadable
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_upload_maxfilesize'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'upload_maxfilesize' );
+$vtp->setVar( $sub, 'text.value', $upload_maxfilesize );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_upload_maxfilesize_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// maxwidth uploadable
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_upload_maxwidth'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'upload_maxwidth' );
+$vtp->setVar( $sub, 'text.value', $upload_maxwidth );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_upload_maxwidth_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// maxheight uploadable
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_upload_maxheight'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'upload_maxheight' );
+$vtp->setVar( $sub, 'text.value', $upload_maxheight );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_upload_maxheight_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// maxwidth for thumbnail
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_upload_maxwidth_thumbnail'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'upload_maxwidth_thumbnail' );
+$vtp->setVar( $sub, 'text.value', $upload_maxwidth_thumbnail );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_upload_maxwidth_thumbnail_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// maxheight for thumbnail
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_upload_maxheight_thumbnail'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'upload_maxheight_thumbnail' );
+$vtp->setVar( $sub, 'text.value', $upload_maxheight_thumbnail );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_upload_maxheight_thumbnail_info']);
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'line' );
+//------------------------------------------------------ sessions configuration
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'title_line' );
+$vtp->setVar( $sub, 'title_line.title', $lang['conf_session_title'] );
+$vtp->closeSession( $sub, 'title_line' );
+$vtp->closeSession( $sub, 'line' );
+
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'line' );
+// session size
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_session_size'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'session_id_size' );
+$vtp->setVar( $sub, 'text.value', $session_id_size );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_session_size_info']);
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// session length
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_session_time'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'session_time' );
+$vtp->setVar( $sub, 'text.value', $session_time );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_session_time_info']);
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// session keyword
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_session_key'] );
+$vtp->addSession( $sub, 'text' );
+$vtp->setVar( $sub, 'text.name', 'session_keyword' );
+$vtp->setVar( $sub, 'text.value', $session_keyword );
+$vtp->closeSession( $sub, 'text' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_session_key_info']);
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+// session deletion
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'param_line' );
+$vtp->setVar( $sub, 'param_line.name', $lang['conf_session_delete'] );
+$vtp->addSession( $sub, 'check' );
+$vtp->addSession( $sub, 'box' );
+$vtp->setVar( $sub, 'box.name', 'empty_session_table' );
+$vtp->setVar( $sub, 'box.value', '1' );
+$vtp->setVar( $sub, 'box.checked', ' checked="checked"' );
+$vtp->closeSession( $sub, 'box' );
+$vtp->closeSession( $sub, 'check' );
+$vtp->setVar( $sub, 'param_line.def', $lang['conf_session_delete_info'] );
+$vtp->closeSession( $sub, 'param_line' );
+$vtp->closeSession( $sub, 'line' );
+
+$vtp->addSession( $sub, 'line' );
+$vtp->addSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'space_line' );
+$vtp->closeSession( $sub, 'line' );
+//------------------------------------------------ remote sites administration
+$query = 'select id,galleries_url';
+$query.= ' from '.$prefixeTable.'sites';
+$query.= " where galleries_url <> './galleries/';";
+$result = mysql_query( $query );
+if ( mysql_num_rows( $result ) > 0 )
+{
+ $vtp->addSession( $sub, 'remote_sites' );
+ $i = 0;
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ $vtp->addSession( $sub, 'site' );
+ $vtp->setVar( $sub, 'site.url', $row['galleries_url'] );
+ $vtp->setVar( $sub, 'site.id', $row['id'] );
+ if ( $i == 0 )
+ {
+ $vtp->addSession( $sub, 'rowspan' );
+ $vtp->setVar( $sub, 'rowspan.nb_sites', mysql_num_rows( $result ) );
+ $vtp->closeSession( $sub, 'rowspan' );
+ }
+ $vtp->closeSession( $sub, 'site' );
+ $i++;
+ }
+ $vtp->closeSession( $sub, 'remote_sites' );
+}
+//----------------------------------------------------------- sending html code
+$vtp->Parse( $handle , 'sub', $sub );
+?> \ No newline at end of file
diff --git a/admin/create_listing_file.php b/admin/create_listing_file.php
new file mode 100644
index 000000000..9b94486ef
--- /dev/null
+++ b/admin/create_listing_file.php
@@ -0,0 +1,128 @@
+<?php
+ $prefixe_thumbnail = "TN-";
+
+
+ $tab_ext = array ( 'jpg', 'JPG','gif','GIF','png','PNG' );
+
+ $listing = "";
+
+ $local_folder = substr( $PHP_SELF, 0, strrpos( $PHP_SELF, "/" ) + 1 );
+ $url = "http://".$HTTP_HOST.$local_folder;
+ $listing.= "<url>$url</url>";
+
+ // get_dirs retourne un tableau contenant tous les sous-répertoires d'un répertoire
+ function get_dirs( $rep, $indent, $level )
+ {
+ $sub_rep = array();
+ $i = 0;
+ $dirs = "";
+ if ( $opendir = opendir ( $rep ) )
+ {
+ while ( $file = readdir ( $opendir ) )
+ {
+ if ( $file != "." && $file != ".." && is_dir ( $rep."/".$file ) && $file != "thumbnail" )
+ {
+ $sub_rep[$i++] = $file;
+ }
+ }
+ }
+ // write of the dirs
+ for ( $i = 0; $i < sizeof( $sub_rep ); $i++ )
+ {
+ $dirs.= "\n".$indent."<dir".$level.">";
+ $dirs.= "\n".$indent."\t<name>".$sub_rep[$i]."</name>";
+ $dirs.= get_pictures( $rep."/".$sub_rep[$i], $indent."\t" );
+ $dirs.= get_dirs( $rep."/".$sub_rep[$i], $indent."\t", $level + 1 );
+ $dirs.= "\n".$indent."</dir".$level.">";
+ }
+ return $dirs;
+ }
+
+ function is_image ( $filename )
+ {
+ global $tab_ext;
+ if ( in_array ( substr ( strrchr($filename,"."), 1, strlen ( $filename ) ), $tab_ext ) )
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+
+ function TN_exist ( $dir, $file )
+ {
+ global $tab_ext, $prefixe_thumbnail;
+
+ $titre = substr ( $file, 0, -4 );
+ for ( $i = 0; $i < sizeof ( $tab_ext ); $i++ )
+ {
+ $test = $dir."/thumbnail/".$prefixe_thumbnail.$titre.".".$tab_ext[$i];
+ if ( is_file ( $test ) )
+ {
+ return $tab_ext[$i];
+ }
+ }
+ return false;
+ }
+
+ function get_pictures( $rep, $indent )
+ {
+ $pictures = array();
+ $i = 0;
+ $tn_ext = "";
+ $root = "";
+ if ( $opendir = opendir ( $rep ) )
+ {
+ while ( $file = readdir ( $opendir ) )
+ {
+ if ( is_image( $file ) && $tn_ext = TN_exist( $rep, $file ) )
+ {
+ $pictures[$i] = array();
+ $pictures[$i]['file'] = $file;
+ $pictures[$i]['tn_ext'] = $tn_ext;
+ $pictures[$i]['date'] = date( "Y-m-d", filemtime ( $rep."/".$file ) );
+ $pictures[$i]['filesize'] = floor ( filesize( $rep."/".$file ) / 1024 );
+ $image_size = @getimagesize( $rep."/".$file );
+ $pictures[$i]['width'] = $image_size[0];
+ $pictures[$i]['height'] = $image_size[1];
+ $i++;
+ }
+ }
+ }
+ // write of the node <root> with all the pictures at the root of the directory
+ $root.= "\n".$indent."<root>";
+ if ( sizeof( $pictures ) > 0 )
+ {
+ for( $i = 0; $i < sizeof( $pictures ); $i++ )
+ {
+ $root.= "\n".$indent."\t<picture>";
+ $root.= "\n".$indent."\t\t<file>".$pictures[$i]['file']."</file>";
+ $root.= "\n".$indent."\t\t<tn_ext>".$pictures[$i]['tn_ext']."</tn_ext>";
+ $root.= "\n".$indent."\t\t<date>".$pictures[$i]['date']."</date>";
+ $root.= "\n".$indent."\t\t<filesize>".$pictures[$i]['filesize']."</filesize>";
+ $root.= "\n".$indent."\t\t<width>".$pictures[$i]['width']."</width>";
+ $root.= "\n".$indent."\t\t<height>".$pictures[$i]['height']."</height>";
+ $root.= "\n".$indent."\t</picture>";
+ }
+ }
+ $root.= "\n".$indent."</root>";
+ return $root;
+ }
+
+ $listing.= get_dirs( ".", "", 0 );
+
+ if ( $fp = @fopen("./listing.xml","w") )
+ {
+ fwrite( $fp, $listing );
+ fclose( $fp );
+ }
+ else
+ {
+ echo "impossible de créer ou d'écrire dans le fichier listing.xml";
+ }
+
+ //echo str_replace( "\t", "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;", nl2br( htmlspecialchars( $listing, ENT_QUOTES ) ) );
+ echo "listing.xml created";
+?> \ No newline at end of file
diff --git a/admin/edit_cat.php b/admin/edit_cat.php
new file mode 100644
index 000000000..ae93521c0
--- /dev/null
+++ b/admin/edit_cat.php
@@ -0,0 +1,116 @@
+<?php
+/***************************************************************************
+ * edit_cat.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Tuesday, July 16, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+ include_once( "./include/isadmin.inc.php" );
+
+ if ( $HTTP_GET_VARS['valider'] == 1 )
+ {
+ $query = "update $prefixeTable"."categories ";
+ if ( $HTTP_POST_VARS['name'] == "" )
+ {
+ $query.= "set name = NULL, ";
+ }
+ else
+ {
+ $query.= "set name = '".htmlspecialchars( $HTTP_POST_VARS['name'], ENT_QUOTES)."', ";
+ }
+ if ( $HTTP_POST_VARS['comment'] == "" )
+ {
+ $query.= "comment = NULL, ";
+ }
+ else
+ {
+ $query.= "comment = '".htmlspecialchars( $HTTP_POST_VARS['comment'], ENT_QUOTES )."', ";
+ }
+ $query.= "status = '".$HTTP_POST_VARS['status']."' ";
+ $query.= "where id = '".$HTTP_GET_VARS['cat']."';";
+ mysql_query( $query );
+
+ $result = mysql_query( "select id from $prefixeTable"."users where pseudo != '".$conf['webmaster']."';" );
+ while ( $row = mysql_fetch_array ( $result ) )
+ {
+ check_favorites( $row['id'] );
+ }
+
+ echo"<div style=\"color:red;text-align:center;\">".$lang['editcat_confirm']." [ <a href=\"".add_session_id_to_url( "./admin.php?page=cat" )."\">".$lang['editcat_back']."</a> ]</div>";
+ }
+
+ echo "
+ <form action=\"".add_session_id_to_url( "./admin.php?page=edit_cat&amp;cat=".$HTTP_GET_VARS['cat']."&amp;valider=1" )."\" method=\"post\">
+ <table style=\"width:100%;\">";
+ $query = "select a.id,name,dir,status,comment,id_uppercat,site_id,galleries_url";
+ $query.= " from $prefixeTable"."categories as a, $prefixeTable"."sites as b";
+ $query.= " where a.id = ".$HTTP_GET_VARS['cat'];
+ $query.= " and a.site_id = b.id;";
+ $row = mysql_fetch_array( mysql_query( $query ) );
+ $result = get_cat_info( $row['id'] );
+ $array_cat_names = $result['name'];
+ echo "
+ <tr>
+ <th colspan=\"2\">".$lang['editcat_title1']." ".$lang['category']." \"".get_cat_display_name( $array_cat_names, " - ", "font-style:italic;" )."\" [ dir : ".$row['dir']." ]</th>
+ </tr>";
+ if ( $row['site_id'] != 1 )
+ {
+ echo "
+ <tr>
+ <td style=\"width:20%;\">Server</td>
+ <td class=\"row2\">".$row['galleries_url']."</td>
+ </tr>";
+ }
+ echo "
+ <tr>
+ <td style=\"width:20%;\">".$lang['editcat_name']."</td>
+ <td class=\"row2\"><input type=\"text\" name=\"name\" value=\"".$row['name']."\" maxlength=\"255\"/></td>
+ </tr>
+ <tr>
+ <td style=\"width:20%;\">".$lang['editcat_comment']."</td>
+ <td class=\"row2\"><textarea name=\"comment\" rows=\"5\" cols=\"50\" style=\"overflow:auto\">".$row['comment']."</textarea></td>
+ </tr>
+ <tr>
+ <td style=\"width:20%;\">".$lang['editcat_status']."</td>
+ <td class=\"row2\">
+ <select name=\"status\">";
+ // on récupère toutes les status possibles dans la base
+ // par l'intermédiaire de la fonction get_enums trouvable
+ // dans le fichier config.php
+ $option = get_enums( $prefixeTable."categories", "status" );
+ for ( $i = 0; $i < sizeof( $option ); $i++ )
+ {
+ if ( $option[$i] == $row['status'] )
+ {
+ echo"
+ <option selected>$option[$i]</option>";
+ }
+ else
+ {
+ echo"
+ <option>$option[$i]</option>";
+ }
+ }
+ echo"
+ </select>
+ ".$lang['editcat_status_info']."
+ </td>
+ </tr>
+ <tr>
+ <td colspan=\"2\">&nbsp;</td>
+ </tr>
+ <tr>
+ <td colspan=\"2\" align=\"center\"><input type=\"submit\" value=\"".$lang['submit']."\"/></td>
+ </tr>
+ </table>
+ </form>";
+?> \ No newline at end of file
diff --git a/admin/historique.php b/admin/historique.php
new file mode 100644
index 000000000..2aca5bfc1
--- /dev/null
+++ b/admin/historique.php
@@ -0,0 +1,102 @@
+<?php
+/***************************************************************************
+ * historique.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Monday, July 15, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+ include_once( "./include/isadmin.inc.php" );
+
+ if ( $HTTP_GET_VARS['empty'] == 1 )
+ {
+ mysql_query( "delete from $prefixeTable"."history;" );
+ }
+ define (NB_JOUR_HISTO,"7");
+ $tMois = array("janvier", "février", "mars", "avril", "mai", "juin", "juillet", "août", "septembre", "octobre", "novembre", "décembre");
+ $tJours = array("dimanche", "lundi", "mardi", "mercredi", "jeudi", "vendredi", "samedi");
+
+ // on affiche les visites pour les 48 dernières heures
+ // il faut trouver le unix date de la veille à 00h00 :
+ // time (); nous donne le nombre de secondes actuelle
+ $date_ref = time() - (7*24*60*60);
+ $result = mysql_query( "select date,login,IP,categorie,page,titre,commentaire from $prefixeTable"."history where date > '$date_ref' order by date desc;");
+ echo"<div style=\"text-align:center;\"><a href=\"".add_session_id_to_url( "./admin.php?page=historique&amp;empty=1" )."\">empty / vider</a></div>";
+ echo"<div style=\"color:green;text-align:center;margin:10px\">";
+ // affichage de la date du jour
+ echo $tJours[date("w")] ." ";
+ echo date("j").(date("j") == 1 ? "er " : " ");
+ echo $tMois[date("n")-1]." ".date("Y")." ";
+ echo " à ".date("G")."h".date("i");
+ echo"</div>";
+?>
+ <table width='100%'>
+ <tr>
+ <th width='1%'>date</th>
+ <th>login</th>
+ <th>IP</th>
+ <th>page</th>
+ <th>categorie</th>
+ <th>image</th>
+ </tr>
+ <tr>
+ <td colspan=7 height=5><div class='style1'></div></td>
+ </tr>
+ <?
+ $fin = time();
+ $debut = mktime ( 23,59,59,date("n"),date("j")-1,date("Y") );
+ for ( $i = 0; $i < NB_JOUR_HISTO; $i++ )
+ {
+ // 1. affichage du nom du jour
+ echo" <tr>
+ <td><nobr>";
+ echo"<img src=\"".$conf['repertoire_image']."moins.gif\">&nbsp;&nbsp;<b>";
+ echo $tJours[date("w",$fin)] ." ";
+ echo date("j",$fin).(date("j",$fin) == 1 ? "er " : " ");
+ echo $tMois[date("n",$fin)-1]." ".date("Y",$fin)."</b>";
+ echo" </nobr></td>
+ <td>&nbsp;</td>
+ <td>&nbsp;</td>
+ <td>&nbsp;</td>
+ <td>&nbsp;</td>
+ <td>&nbsp;</td>
+ </tr>";
+ // 2. affichage de tous les évènements pour le jour donné
+ // entre la veille à 23h59m59s et le jour même 23h59m59s
+ $result = mysql_query("select date,login,IP,categorie,page,titre,commentaire from $prefixeTable"."history where date > '$debut' and date < '$fin' order by date desc;");
+ $fin = $debut;
+ // on recule le début d'une journée complète
+ $debut = $debut - 24*60*60;
+ while($row=mysql_fetch_array($result))
+ {
+ $date = date("G\hi s", $row[date]);
+ $date = str_replace ( " ","min ", $date );
+ $date .= " sec";
+ // on réduit la taille du commentaire à ses premiers caractères
+ $affichage_commentaire = "";
+ if($row[commentaire] != '')
+ {
+ $affichage_commentaire = substr($row[commentaire],0,10);
+ $affichage_commentaire .= "...";
+ }
+ echo" <tr>
+ <td>&nbsp;|-&nbsp;&nbsp;$date</td>
+ <td>$row[login]</td>
+ <td>$row[IP]</td>
+ <td>$row[page]</td>
+ <td>$row[categorie]</td>
+ <td>$row[titre]</td>
+ </tr>";
+ }
+ }
+ echo" </table>
+ </center>";
+?> \ No newline at end of file
diff --git a/admin/images/admin.png b/admin/images/admin.png
new file mode 100644
index 000000000..ff8dc0160
--- /dev/null
+++ b/admin/images/admin.png
Binary files differ
diff --git a/admin/images/arrow_up.gif b/admin/images/arrow_up.gif
new file mode 100644
index 000000000..90da978cd
--- /dev/null
+++ b/admin/images/arrow_up.gif
Binary files differ
diff --git a/admin/images/index.htm b/admin/images/index.htm
new file mode 100644
index 000000000..960cd928d
--- /dev/null
+++ b/admin/images/index.htm
@@ -0,0 +1,8 @@
+<html>
+ <head>
+ <title>PhpWebGallery</title>
+ </head>
+ <body>
+ No access authorized
+ </body>
+</html> \ No newline at end of file
diff --git a/admin/images/moins.gif b/admin/images/moins.gif
new file mode 100644
index 000000000..74fa8736f
--- /dev/null
+++ b/admin/images/moins.gif
Binary files differ
diff --git a/admin/images/plus.gif b/admin/images/plus.gif
new file mode 100644
index 000000000..2fa7116c1
--- /dev/null
+++ b/admin/images/plus.gif
Binary files differ
diff --git a/admin/images/puce.gif b/admin/images/puce.gif
new file mode 100644
index 000000000..b8494bb77
--- /dev/null
+++ b/admin/images/puce.gif
Binary files differ
diff --git a/admin/include/functions.php b/admin/include/functions.php
new file mode 100644
index 000000000..1aee2d94d
--- /dev/null
+++ b/admin/include/functions.php
@@ -0,0 +1,194 @@
+<?php
+/***************************************************************************
+ * functions.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Tuesday, September 26, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************
+
+ ***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+
+ $tab_ext = array ( 'jpg', 'gif', 'JPG','GIF','png','PNG' );
+ $tab_ext_create_TN = array ( 'jpg', 'JPG','png','PNG' );
+
+ function get_extension( $filename )
+ {
+ return substr ( strrchr($filename,"."), 1, strlen ( $filename ) );
+ }
+
+ function is_image( $filename, $create_thumbnail = false )
+ {
+ global $tab_ext, $tab_ext_create_TN;
+ $is_image = false;
+ if ( is_file ( $filename ) )
+ {
+ $size = getimagesize( $filename );
+ // $size[2] == 1 means GIF
+ // $size[2] == 2 means JPG
+ // $size[2] == 3 means PNG
+ if ( !$create_thumbnail )
+ {
+ if ( in_array ( get_extension( $filename ), $tab_ext ) && ( $size[2] == 1 || $size[2] == 2 || $size[2] == 3 ) )
+ {
+ $is_image = true;
+ }
+ }
+ else
+ {
+ if ( in_array ( get_extension( $filename ), $tab_ext_create_TN ) && ( $size[2] == 2 || $size[2] == 3 ) )
+ {
+ $is_image = true;
+ }
+ }
+ }
+ return $is_image;
+ }
+
+ function TN_exist ( $dir, $file )
+ {
+ global $tab_ext, $conf;
+ $titre = substr ( $file, 0, strrpos ( $file, ".") );
+ for ( $i = 0; $i < sizeof ( $tab_ext ); $i++ )
+ {
+ $test = $dir."/thumbnail/".$conf['prefixe_thumbnail'].$titre.".".$tab_ext[$i];
+ if ( is_file ( $test ) )
+ {
+ return $tab_ext[$i];
+ }
+ }
+ return false;
+ }
+
+ // The function delete_site deletes a site
+ // and call the function delete_category for each primary category of the site
+ function delete_site( $id )
+ {
+ global $prefixeTable;
+
+ // destruction of the categories of the site
+ $query = "select id from $prefixeTable"."categories where site_id = $id;";
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ delete_category( $row['id'] );
+ }
+
+ // destruction of the site
+ $query = "delete from $prefixeTable"."sites where id = $id;";
+ mysql_query( $query );
+ }
+
+ // The function delete_category deletes the category identified by the $id
+ // It also deletes (in the database) :
+ // - all the images of the images (thanks to delete_image, see further)
+ // - all the restrictions linked to the category
+ // The function works recursively.
+ function delete_category( $id )
+ {
+ global $prefixeTable;
+
+ // destruction of all the related images
+ $query = "select id from $prefixeTable"."images where cat_id = '".$id."';";
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ delete_image( $row['id'] );
+ }
+
+ // destruction of the restrictions linked to the category
+ $query = "delete from $prefixeTable"."restrictions where cat_id = '".$id."';";
+ mysql_query( $query );
+
+ // destruction of the sub-categories
+ $query = "select id from $prefixeTable"."categories where id_uppercat = '$id';";
+ $result = mysql_query( $query );
+ while( $row = mysql_fetch_array( $result ) )
+ {
+ delete_category( $row['id'] );
+ }
+
+ // destruction of the category
+ $query = "delete from $prefixeTable"."categories where id = '$id';";
+ mysql_query( $query );
+ }
+
+ // The function delete_image deletes the image identified by the $id
+ // It also deletes (in the database) :
+ // - all the comments related to the image
+ // - all the favorites associated to the image
+ function delete_image( $id )
+ {
+ global $prefixeTable,$count_deleted;
+
+ // destruction of the comments on the image
+ $query = "delete from $prefixeTable"."comments where image_id = $id;";
+ mysql_query( $query );
+
+ // destruction of the favorites associated with the picture
+ $query = "delete from $prefixeTable"."favorites where image_id = $id;";
+ mysql_query( $query );
+
+ // destruction of the image
+ $query = "delete from $prefixeTable"."images where id = $id;";
+ mysql_query( $query );
+ $count_deleted++;
+ }
+
+ // The delete_user function delete a user identified by the $user_id
+ // It also deletes :
+ // - all the restrictions linked to this user
+ // - all the favorites linked to this user
+ function delete_user( $user_id )
+ {
+ global $prefixeTable;
+
+ // destruction of the restrictions linked to the user
+ $query = "delete from $prefixeTable"."restrictions where user_id = $user_id;";
+ mysql_query( $query );
+
+ // destruction of the favorites associated with the user
+ $query = "delete from $prefixeTable"."favorites where user_id = $user_id;";
+ mysql_query( $query );
+
+ // destruction of the user
+ $query = "delete from $prefixeTable"."users where id = $user_id;";
+ mysql_query( $query );
+ }
+
+ // The check_favorites function deletes all the favorites of a user if he is not allowed to see them
+ // (the category or an upper category is restricted or invisible)
+ function check_favorites( $user_id )
+ {
+ global $prefixeTable;
+
+ $row = mysql_fetch_array( mysql_query( "select status from $prefixeTable"."users where id = $user_id;" ) );
+ $status = $row['status'];
+ // retrieving all the restricted categories for this user
+ $restricted_cat = get_all_restrictions( $user_id, $status );
+ // retrieving all the favorites for this user and comparing their categories to the restricted categories
+ $query = "select image_id, cat_id";
+ $query.= " from $prefixeTable"."favorites, $prefixeTable"."images";
+ $query.= " where user_id = $user_id";
+ $query.= " and id = image_id";
+ $query.= ";";
+ $result = mysql_query ( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ if ( in_array( $row['cat_id'], $restricted_cat ) )
+ {
+ $query = "delete from $prefixeTable"."favorites";
+ $query.= " where image_id = ".$row['image_id'];
+ $query.= " and user_id = $user_id";
+ $query.= ";";
+ mysql_query( $query );
+ }
+ }
+ }
+?> \ No newline at end of file
diff --git a/admin/include/index.htm b/admin/include/index.htm
new file mode 100644
index 000000000..960cd928d
--- /dev/null
+++ b/admin/include/index.htm
@@ -0,0 +1,8 @@
+<html>
+ <head>
+ <title>PhpWebGallery</title>
+ </head>
+ <body>
+ No access authorized
+ </body>
+</html> \ No newline at end of file
diff --git a/admin/include/isadmin.inc.php b/admin/include/isadmin.inc.php
new file mode 100644
index 000000000..64a77e9f3
--- /dev/null
+++ b/admin/include/isadmin.inc.php
@@ -0,0 +1,34 @@
+<?php
+/***************************************************************************
+ * isadmin.inc.php *
+ * ------------------- *
+ * application : PhpWebGallery 1.3 *
+ * author : Pierrick LE GALL <pierrick@z0rglub.com> *
+ * *
+ ***************************************************************************
+
+ ***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+define( PREFIXE_INCLUDE, '.' );
+
+include_once( '../include/config.inc.php' );
+include_once( '../include/user.inc.php' );
+include( './include/functions.php' );
+
+$conf['lien_puce'] = $conf['repertoire_image'].'puce.gif';
+
+$isadmin = true;
+include_once( '../language/'.$user['language'].'.php' );
+
+if ( $user['status'] != 'admin' )
+{
+ echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
+ echo '<a href="../identification.php">'.$lang['ident_title'].'</a></div>';
+ exit();
+}
+?> \ No newline at end of file
diff --git a/admin/index.htm b/admin/index.htm
new file mode 100644
index 000000000..960cd928d
--- /dev/null
+++ b/admin/index.htm
@@ -0,0 +1,8 @@
+<html>
+ <head>
+ <title>PhpWebGallery</title>
+ </head>
+ <body>
+ No access authorized
+ </body>
+</html> \ No newline at end of file
diff --git a/admin/infos_images.php b/admin/infos_images.php
new file mode 100644
index 000000000..a5c1b75a4
--- /dev/null
+++ b/admin/infos_images.php
@@ -0,0 +1,248 @@
+<?php
+/***************************************************************************
+ * infos_images.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Wednesday, July 25, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+ function check_date_format ( $date )
+ {
+ // la date arrive à ce format : JJ/MM/AAAA
+ // checkdate ( int month, int day, int year)
+ $tab_date = explode( "/", $date );
+ return checkdate ( $tab_date[1], $tab_date[0], $tab_date[2]);
+ }
+
+ function date_convert( $date )
+ {
+ // la date arrive à ce format : JJ/MM/AAAA
+ // il faut la transformer en AAAA-MM-JJ
+ $tab_date = explode( "/", $date );
+ return $tab_date[2]."-".$tab_date[1]."-".$tab_date[0];
+ }
+
+ function date_convert_back( $date )
+ {
+ // la date arrive à ce format : AAAA-MM-JJ
+ // il faut la transformer en JJ/MM/AAAA
+ if ( $date != "" )
+ {
+ $tab_date = explode( "-", $date );
+ return $tab_date[2]."/".$tab_date[1]."/".$tab_date[0];
+ }
+ else
+ {
+ return "";
+ }
+ }
+
+ include_once( "./include/isadmin.inc.php" );
+ $page['nb_image_page'] = 5;
+ check_cat_id( $HTTP_GET_VARS['cat_id'] );
+ if ( isset( $page['cat'] ) )
+ {
+ //------------------------------------------------------------mises à jour
+ // 1. options individuelles
+ $query = "select id,file ";
+ $query.= "from $prefixeTable"."images ";
+ $query.= "where cat_id = ".$page['cat']." ";
+ $result = mysql_query( $query );
+ $i = 1;
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ $name = "name-".$row['id'];
+ $author = "author-".$row['id'];
+ $comment = "comment-".$row['id'];
+ $date_creation = "date_creation-".$row['id'];
+ if ( isset( $HTTP_POST_VARS[$name] ) )
+ {
+ $query = "update $prefixeTable"."images ";
+ if ( $HTTP_POST_VARS[$name] == "" )
+ {
+ $query.= "set name = NULL ";
+ }
+ else
+ {
+ $query.= "set name = '".htmlspecialchars( $HTTP_POST_VARS[$name], ENT_QUOTES )."' ";
+ }
+ if ( $HTTP_POST_VARS[$author] == "" )
+ {
+ $query.= ", author = NULL ";
+ }
+ else
+ {
+ $query.= ", author = '".htmlspecialchars( $HTTP_POST_VARS[$author], ENT_QUOTES )."' ";
+ }
+ if ( $HTTP_POST_VARS[$comment] == "" )
+ {
+ $query.= ", comment = NULL ";
+ }
+ else
+ {
+ $query.= ", comment = '".htmlspecialchars( $HTTP_POST_VARS[$comment], ENT_QUOTES )."' ";
+ }
+ if ( check_date_format( $HTTP_POST_VARS[$date_creation] ) )
+ {
+ $date = date_convert( $HTTP_POST_VARS[$date_creation] );
+ $query.= ", date_creation = '$date' ";
+ }
+ else if ( $HTTP_POST_VARS[$date_creation] == "" )
+ {
+ $query.= ", date_creation = NULL ";
+ }
+ $query.= "where id = '".$row['id']."';";
+ mysql_query( $query );
+ }
+ }
+ // 2. options générales
+ if ( $HTTP_POST_VARS['use_common_author'] == 1 )
+ {
+ $query = "update $prefixeTable"."images ";
+ if ( $HTTP_POST_VARS['author_cat'] == "" )
+ {
+ $query.= "set author = NULL ";
+ }
+ else
+ {
+ $query.= "set author = '".$HTTP_POST_VARS['author_cat']."' ";
+ }
+ $query.= "where cat_id = ".$page['cat'].";";
+ mysql_query( $query );
+ }
+ if ( $HTTP_POST_VARS['use_common_date_creation'] == 1 )
+ {
+ // la date arrive à ce format : JJ/MM/AAAA
+ // il faut la transformer en AAAA-MM-JJ
+ if ( check_date_format( $HTTP_POST_VARS['date_creation_cat'] ) )
+ {
+ $date = date_convert( $HTTP_POST_VARS['date_creation_cat'] );
+ $query = "update $prefixeTable"."images ";
+ if ( $HTTP_POST_VARS['date_creation_cat'] == "" )
+ {
+ $query.= "set date_creation = NULL ";
+ }
+ else
+ {
+ $query.= "set date_creation = '$date' ";
+ }
+ $query.= "where cat_id = ".$page['cat'].";";
+ mysql_query( $query );
+ }
+ else
+ {
+ echo $lang['infoimage_err_date'];
+ }
+ }
+ //----------------------------------------------------affichage de la page
+ // détection de la page en cours
+ if( !isset( $HTTP_GET_VARS['start'] ) || !is_numeric( $HTTP_GET_VARS['start'] ) || ( is_numeric( $HTTP_GET_VARS['start'] ) && $HTTP_GET_VARS['start'] < 0 ) )
+ {
+ $page['start'] = 0;
+ }
+ else
+ {
+ $page['start'] = $HTTP_GET_VARS['start'];
+ }
+
+ if ( is_numeric( $HTTP_GET_VARS['num'] ) && $HTTP_GET_VARS['num'] >= 0 )
+ {
+ $page['start'] = floor( $HTTP_GET_VARS['num'] / $page['nb_image_page'] ) * $page['nb_image_page'];
+ }
+ // retrieving category information
+ $result = get_cat_info( $page['cat'] );
+ $cat['local_dir'] = $result['local_dir'];
+ $cat['dir'] = $result['dir'];
+ $cat['name'] = $result['name'];
+ $cat['site_id'] = $result['site_id'];
+ $cat['nb_images'] = $result['nb_images'];
+
+ $url = "./admin.php?page=infos_images&amp;cat_id=".$page['cat'];
+ $page['navigation_bar'] = create_navigation_bar( $url, $cat['nb_images'], $page['start'], $page['nb_image_page'], "" );
+ echo"
+ <form method=\"post\" action=\"".add_session_id_to_url( "./admin.php?page=infos_images&amp;cat_id=".$page['cat']."&amp;start=".$page['start'] )."\">
+ <table width=\"100%\">
+ <tr>
+ <th colspan=\"3\">".$lang['infoimage_general']." \"".get_cat_display_name( $cat['name'], " - ", "font-style:italic;" )."\"</th>
+ </tr>
+ <tr>
+ <td><div style=\"margin-left:50px;\">".$lang['author']."</div></td>
+ <td style=\"text-align:center;\"><input type=\"text\" name=\"author_cat\" value=\"\" maxlength=\"255\"/></td>
+ <td style=\"text-align:left;\"><input type=\"checkbox\" name=\"use_common_author\" value=\"1\"/>".$lang['infoimage_useforall']."</td>
+ </tr>
+ <tr>
+ <td><div style=\"margin-left:50px;\">".$lang['infoimage_creation_date']." [DD/MM/YYYY]</div></td>
+ <td style=\"text-align:center;\"><input type=\"text\" name=\"date_creation_cat\" value=\"\" size=\"12\" maxlength=\"10\"/></td>
+ <td style=\"text-align:left;\"><input type=\"checkbox\" name=\"use_common_date_creation\" value=\"1\"/>".$lang['infoimage_useforall']."</td>
+ </tr>
+ </table>";
+ echo"
+ <table width=\"100%\">
+ <tr>
+ <th colspan=\"5\">".$lang['infoimage_detailed']."</th>
+ </tr>
+ <tr>
+ <td colspan=\"5\" align=\"center\">".$page['navigation_bar']."</td>
+ </tr>
+ <tr>
+ <td class=\"row2\" style=\"text-align:center;\">".$lang['thumbnail']."</td>
+ <td class=\"row2\" style=\"text-align:center;\">".$lang['infoimage_title']."</td>
+ <td class=\"row2\" style=\"text-align:center;\">".$lang['author']."</td>
+ <td class=\"row2\" style=\"text-align:center;\">".$lang['infoimage_comment']."</td>
+ <td class=\"row2\" style=\"text-align:center;\">".$lang['infoimage_creation_date']."</td>
+ </tr>";
+ $query = "select id,file,comment,author,tn_ext,name,date_creation";
+ $query.= " from $prefixeTable"."images";
+ $query.= " where cat_id = ".$page['cat'];
+ $query.= $conf['order_by'];
+ $query.= " limit ".$page['start'].",".$page['nb_image_page'];
+ $query.= ";";
+ $result = mysql_query( $query );
+ $i = 1;
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ echo"
+ <tr>";
+ // création des liens vers la miniature
+ $file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") );
+ if ( $cat['site_id'] == 1 )
+ {
+ $lien_thumbnail = "../galleries/".$cat['local_dir']."/";
+ }
+ else
+ {
+ $lien_thumbnail = $cat['dir'];
+ }
+ $lien_thumbnail.= "thumbnail/".$conf['prefixe_thumbnail'].$file.".".$row['tn_ext'];
+ // création du "style" de la ligne
+ $style = "style=\"text-align:center;\"";
+ if ( $i%2 == 0 )
+ {
+ $style.= " class=\"row2\"";
+ }
+ echo"
+ <td $style><a name=\"".$row['id']."\"><img src=\"$lien_thumbnail\" alt=\"\" class=\"miniature\" title=\"".$row['file']."\"/></td>
+ <td $style>$file<br /><input type=\"text\" name=\"name-".$row['id']."\" value=\"".$row['name']."\" maxlength=\"255\"/></td>
+ <td $style><input type=\"text\" name=\"author-".$row['id']."\" value=\"".$row['author']."\" maxlength=\"255\"/></td>
+ <td $style><textarea name=\"comment-".$row['id']."\" rows=\"3\" cols=\"40\" style=\"overflow:auto\">".$row['comment']."</textarea></td>
+ <td $style><input type=\"text\" name=\"date_creation-".$row['id']."\" value=\"".date_convert_back( $row['date_creation'] )."\" maxlength=\"10\" size=\"12\"/></td>";
+ echo"
+ </tr>";
+ $i++;
+ }
+ echo"
+ <tr>
+ <td colspan=\"5\" style=\"text-align:center;\"><input type=\"submit\" value=\"".$lang['submit']."\"/></td>
+ </tr>
+ </table>
+ </form>";
+ }
+?> \ No newline at end of file
diff --git a/admin/install.php b/admin/install.php
new file mode 100644
index 000000000..c87a63bbd
--- /dev/null
+++ b/admin/install.php
@@ -0,0 +1,599 @@
+<?php
+/***************************************************************************
+ * install_step1.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Tuesday, July 16, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+ function header_install()
+ {
+ $output = "
+<html>
+ <head>
+ <title>PhpWebGallery 1.2</title>
+ <style>
+ a
+ {
+ text-decoration : none;
+ color : #006699;
+ }
+ a:hover
+ {
+ text-decoration : underline;
+ }
+ body,table,input,form,select,textarea
+ {
+ font-family : Arial, Verdana, Sans-Serif;
+ font-size : 12px;
+ }
+ .miniature
+ {
+ border : solid 1px black;
+ }
+ body
+ {
+ background-color : #E5E5E5;
+ }
+ .titretable1
+ {
+ color : black;
+ background-color : #D3DCE3;
+ text-align : center;
+ border : 2px solid #006699;
+ }
+ .grostitre
+ {
+ text-align : center;
+ font-size : 20px;
+ margin-bottom : 20px;
+ }
+ .plan
+ {
+ margin : 10px 10px 10px 2px;
+ white-space : nowrap;
+ }
+ .table1
+ {
+ border-collapse : collapse;
+ background-color : #FFFFFF;
+ }
+ .contenucellule
+ {
+ background-color : #EEEEEE;
+ border : 2px solid #006699;
+ }
+ .style1
+ {
+ margin-top : 20px;
+ }
+ th
+ {
+ font-weight : bold;
+ background-color : #D3DCE3;
+ }
+ td.row1
+ {
+ background-color : #DDDDDD;
+ }
+ td.row2
+ {
+ background-color : #E8E8E8;
+ }
+ .cat_plan
+ {
+ font-weight : bold;
+ }
+ .retrait
+ {
+ margin : 10px;
+ margin-left : 30px;
+ margin-top : 2px;
+ }
+ input,textarea
+ {
+ border-width : 1;
+ border-color : #000000;
+ background : #ffffff;
+ color: #000000;
+ }
+ .erreur
+ {
+ color : red;
+ text-align : center;
+ }
+ .info
+ {
+ color : darkblue;
+ text-align : center;
+ }
+ </style>
+ </head>
+ <body>
+ <table style=\"width:100%;height:100%\">
+ <tr align=\"center\" valign=\"middle\">
+ <td>
+ <div class=\"grostitre\">PhpWebGallery 1.2</div>
+ <table width=\"700\" class=\"table1\" style=\"margin:auto;\">
+ <tr>
+ <td class=\"contenucellule\">";
+ return $output;
+ }
+
+ function footer_install()
+ {
+ $output = "
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+ </body>
+</html>";
+ return $output;
+ }
+
+ if ( isset( $HTTP_GET_VARS['language'] ) )
+ {
+ $isadmin = true;
+ $lang = array();
+ include( "../language/".$HTTP_GET_VARS['language'].".php" );
+ }
+
+ /*---------------------------------------Step 1------------------------------------*/
+ if ( $HTTP_GET_VARS['step'] == 1 )
+ {
+ $erreur1 = true;
+ $message = "";
+ // création du fichier de configuration de connexion à la BD mysql
+ if( isset( $HTTP_POST_VARS['cfgBase'] ) && isset( $HTTP_POST_VARS['cfgUser'] ) && isset( $HTTP_POST_VARS['cfgPassword'] ) && isset( $HTTP_POST_VARS['cfgHote'] ) )
+ {
+ if ( @mysql_connect( $HTTP_POST_VARS['cfgHote'], $HTTP_POST_VARS['cfgUser'], $HTTP_POST_VARS['cfgPassword'] ) )
+ {
+ if ( @mysql_select_db($HTTP_POST_VARS['cfgBase'] ) )
+ {
+ $message.= "<div class=\"info\">".$lang['step1_confirmation']."</div>";
+ $erreur1 = false;
+ }
+ else
+ {
+ $message.= "<div class=\"erreur\">".$lang['step1_err_db']."</div>";
+ }
+ }
+ else
+ {
+ $message.= "<div class=\"erreur\">".$lang['step1_err_server']."</div>";
+ }
+
+ if ( !$erreur1 )
+ {
+ // écriture du fichier de configuration
+ if ( $fp = @fopen("../include/mysql.inc.php","a+") )
+ {
+ fwrite( $fp, "<?php\n\t\$cfgBase='".$HTTP_POST_VARS['cfgBase']."';\n\t\$cfgUser='".$HTTP_POST_VARS['cfgUser']."';\n\t\$cfgPassword='".$HTTP_POST_VARS['cfgPassword']."';\n\t\$cfgHote='".$HTTP_POST_VARS['cfgHote']."';\n\t\$prefixeTable='".$HTTP_POST_VARS['prefixe']."';\n?>" );
+ fclose( $fp );
+ }
+ $cfgHote = "";
+ $cfgUser = "";
+ $cfgPassword = "";
+ $cfgBase = "";
+ include ( "../include/mysql.inc.php" );
+ $erreur2 = true;
+ if ( @mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) )
+ {
+ if ( @mysql_select_db ( $cfgBase ) )
+ {
+ $erreur2 = false;
+ }
+ }
+ if ( $erreur2 )
+ {
+ $message.="<br /><br />".$lang['step1_err_copy']." :<br />
+ -----------------------------------------------------<br />
+ <div style=\"color:blue;\">&lt;?php<br />
+ \$cfgBase = '".$HTTP_POST_VARS['cfgBase']."';<br />
+ \$cfgUser = '".$HTTP_POST_VARS['cfgUser']."';<br />
+ \$cfgPassword = '".$HTTP_POST_VARS['cfgPassword']."';<br />
+ \$cfgHote = '".$HTTP_POST_VARS['cfgHote']."';<br />
+ \$prefixeTable = '".$HTTP_POST_VARS['prefixe']."';<br />
+ ?&gt;</div>
+ -----------------------------------------------------<br />";
+ $message.= "<div style=\"text-align:center;\">".$lang['step1_err_copy_2']."<br />";
+ $message.= "<a href=\"install.php?step=2&amp;language=".$HTTP_GET_VARS['language']."\">".$lang['step1_err_copy_next']."</a></div>";
+ }
+ else
+ {
+ $url = "install.php?step=2&language=".$HTTP_GET_VARS['language'];
+ header("Request-URI: $url");
+ header("Content-Location: $url");
+ header("Location: $url");
+ exit();
+ }
+ }
+ }
+
+ echo header_install();
+ if ( isset( $message ) && $message != "" )
+ {
+ echo"
+ <table width=\"100%\">
+ <tr>
+ <th>".$lang['install_message']."</th>
+ </tr>
+ <tr>
+ <td>$message</td>
+ </tr>
+ </table>";
+ }
+ if ( $erreur1 )
+ {
+ echo"
+ <form method=\"post\" action=\"install.php?step=1&amp;language=".$HTTP_GET_VARS['language']."\">
+ <table width=\"100%\">
+ <tr>
+ <th colspan=\"3\">".$lang['step1_title']."</th>
+ </tr>
+ <tr>
+ <td colspan=\"3\">&nbsp;</th>
+ </tr>
+ <tr>
+ <td>".$lang['step1_host']."</td>
+ <td align=center><input type='text' name='cfgHote' value='";
+ if ( !isset( $HTTP_POST_VARS['cfgHote'] ) )
+ {
+ echo"localhost";
+ }
+ else
+ {
+ echo $HTTP_POST_VARS['cfgHote'];
+ }
+ echo"'></td>
+ <td class=\"row2\">".$lang['step1_host_info']."</td>
+ </tr>
+ <tr>
+ <td>".$lang['step1_user']."</td>
+ <td align=center><input type='text' name='cfgUser' value='".$HTTP_POST_VARS['cfgUser']."'></td>
+ <td class=\"row2\">".$lang['step1_user_info']."</td>
+ </tr>
+ <tr>
+ <td>".$lang['step1_pass']."</td>
+ <td align=center><input type='password' name='cfgPassword' value=''></td>
+ <td class=\"row2\">".$lang['step1_pass_info']."</td>
+ </tr>
+ <tr>
+ <td>".$lang['step1_database']."</td>
+ <td align=center><input type='text' name='cfgBase' value='".$HTTP_POST_VARS['cfgBase']."'></td>
+ <td class=\"row2\">".$lang['step1_database_info']."</td>
+ </tr>
+ <tr>
+ <td>".$lang['step1_prefix']."</td>
+ <td align=center><input type='text' name='prefixe' value='";
+ if ( !isset( $HTTP_POST_VARS['prefixe'] ) )
+ {
+ echo"phpwebgallery_";
+ }
+ else
+ {
+ echo $HTTP_POST_VARS['prefixe'];
+ }
+ echo"'></td>
+ <td class=\"row2\">".$lang['step1_prefix_info']."</td>
+ </tr>
+ <tr>
+ <td colspan=\"3\">&nbsp;</th>
+ </tr>
+ <tr>
+ <td colspan=3 align=center><input type='submit' name='Valider' value=\"".$lang['submit']." *\"></td>
+ </tr>
+ </table>
+ </form>";
+ }
+ echo footer_install();
+ }
+ /*---------------------------------------Step 2------------------------------------*/
+ else if ( $HTTP_GET_VARS['step'] == 2 )
+ {
+ include( "../include/mysql.inc.php" );
+ mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) or die ( "erreur de connexion au serveur" );
+ mysql_select_db( $cfgBase ) or die ( "erreur de connexion a la base de donnees" );
+
+ if ( !isset( $HTTP_POST_VARS['submit'] ) )
+ {
+ $query = "CREATE TABLE ".$prefixeTable."categories (
+ id tinyint(3) unsigned NOT NULL auto_increment,
+ date_dernier date NOT NULL default '0000-00-00',
+ nb_images smallint(5) unsigned NOT NULL default '0',
+ name varchar(255) default NULL,
+ id_uppercat tinyint(3) unsigned default NULL,
+ comment text,
+ dir varchar(255) NOT NULL default '',
+ rank tinyint(3) unsigned default NULL,
+ status enum('visible','invisible') NOT NULL default 'visible',
+ site_id tinyint(4) unsigned NOT NULL default '1',
+ PRIMARY KEY (id)
+ );";
+ mysql_query( $query );
+ $query = "CREATE TABLE ".$prefixeTable."comments (
+ id int(11) unsigned NOT NULL auto_increment,
+ image_id smallint(5) unsigned NOT NULL default '0',
+ date int(11) unsigned NOT NULL default '0',
+ author varchar(255) NOT NULL default '',
+ content longtext,
+ PRIMARY KEY (id)
+ );";
+ mysql_query( $query );
+ $query = "CREATE TABLE ".$prefixeTable."config (
+ periode_courte smallint(5) unsigned NOT NULL default '7',
+ periode_longue smallint(5) unsigned NOT NULL default '14',
+ prefixe_thumbnail varchar(10) NOT NULL default 'TN-',
+ webmaster varchar(255) NOT NULL default '',
+ mail_webmaster varchar(255) NOT NULL default '',
+ acces enum('libre','restreint') NOT NULL default 'libre',
+ session_id_size tinyint(3) unsigned NOT NULL default '4',
+ session_keyword varchar(255) NOT NULL default '',
+ session_time tinyint(3) unsigned NOT NULL default '30',
+ max_user_listbox tinyint(3) unsigned NOT NULL default '10',
+ expand enum('true','false') NOT NULL default 'false',
+ show_comments enum('true','false') NOT NULL default 'true',
+ nb_comment_page tinyint(4) NOT NULL default '10',
+ upload_available enum('true','false') NOT NULL default 'false',
+ upload_maxfilesize smallint(5) unsigned NOT NULL default '150',
+ upload_maxwidth smallint(5) unsigned NOT NULL default '800',
+ upload_maxheight smallint(5) unsigned NOT NULL default '600',
+ upload_maxwidth_thumbnail smallint(5) unsigned NOT NULL default '150',
+ upload_maxheight_thumbnail smallint(5) unsigned NOT NULL default '100'
+ );";
+ mysql_query( $query );
+ $query = "CREATE TABLE ".$prefixeTable."favorites (
+ user_id smallint(5) unsigned NOT NULL default '0',
+ image_id smallint(5) unsigned NOT NULL default '0',
+ KEY user_id (user_id,image_id)
+ );";
+ mysql_query( $query );
+ $query = "CREATE TABLE ".$prefixeTable."history (
+ date int(11) NOT NULL default '0',
+ login varchar(15) default NULL,
+ IP varchar(50) NOT NULL default '',
+ categorie varchar(150) default NULL,
+ page varchar(50) default NULL,
+ titre varchar(150) default NULL,
+ commentaire varchar(200) default NULL
+ );";
+ mysql_query( $query );
+ $query = "CREATE TABLE ".$prefixeTable."images (
+ id smallint(5) unsigned NOT NULL auto_increment,
+ file varchar(255) NOT NULL default '',
+ cat_id tinyint(3) unsigned NOT NULL default '0',
+ date_available date NOT NULL default '0000-00-00',
+ date_creation date default NULL,
+ tn_ext char(3) NOT NULL default 'jpg',
+ name varchar(255) default NULL,
+ comment varchar(255) default NULL,
+ author varchar(255) default NULL,
+ hit int(10) unsigned NOT NULL default '0',
+ filesize mediumint(9) unsigned default NULL,
+ width smallint(9) unsigned default NULL,
+ height smallint(9) unsigned default NULL,
+ PRIMARY KEY (id),
+ KEY cat_id (cat_id)
+ );";
+ mysql_query( $query );
+ $query = "CREATE TABLE ".$prefixeTable."restrictions (
+ user_id smallint(5) unsigned NOT NULL default '0',
+ cat_id tinyint(3) unsigned NOT NULL default '0',
+ PRIMARY KEY (user_id,cat_id)
+ );";
+ mysql_query( $query );
+ $query = "CREATE TABLE ".$prefixeTable."sessions (
+ id varchar(255) binary NOT NULL default '',
+ user_id smallint(5) unsigned NOT NULL default '0',
+ expiration int(10) unsigned NOT NULL default '0',
+ ip varchar(255) NOT NULL default '',
+ PRIMARY KEY (id)
+ );";
+ mysql_query( $query );
+ $query = "CREATE TABLE ".$prefixeTable."sites (
+ id tinyint(4) NOT NULL auto_increment,
+ galleries_url varchar(255) NOT NULL default '',
+ PRIMARY KEY (id),
+ UNIQUE KEY galleries_url (galleries_url)
+ );";
+ mysql_query( $query );
+ $query = "CREATE TABLE ".$prefixeTable."users (
+ id smallint(5) unsigned NOT NULL auto_increment,
+ pseudo varchar(20) binary NOT NULL default '',
+ password varchar(255) NOT NULL default '',
+ mail_address varchar(255) default NULL,
+ nombre_image_ligne tinyint(1) unsigned NOT NULL default '5',
+ nombre_ligne_page tinyint(3) unsigned NOT NULL default '3',
+ theme varchar(255) NOT NULL default 'melodie/blue',
+ status enum('admin','membre','visiteur') NOT NULL default 'visiteur',
+ language varchar(50) NOT NULL default 'english',
+ maxwidth smallint(6) default NULL,
+ maxheight smallint(6) default NULL,
+ PRIMARY KEY (id),
+ UNIQUE KEY pseudo (pseudo)
+ );";
+ mysql_query( $query );
+ $query = "CREATE TABLE ".$prefixeTable."waiting (
+ id int(10) unsigned NOT NULL auto_increment,
+ cat_id tinyint(3) unsigned NOT NULL default '0',
+ file varchar(255) NOT NULL default '',
+ username varchar(255) NOT NULL default '',
+ mail_address varchar(255) NOT NULL default '',
+ date int(10) unsigned NOT NULL default '0',
+ tn_ext char(3) default NULL,
+ PRIMARY KEY (id)
+ );";
+ mysql_query( $query );
+ }
+ if ( isset( $HTTP_POST_VARS['submit'] ) )
+ {
+ $configuration = false;
+ $erreur = "";
+ $nb_erreur = 0;
+ // le pseudo du webmaster ne doit pas
+ // 1. être vide
+ // 2. commencer ou se terminer par un espace
+ // 3. comporter les caractères ' ou "
+ // Notes sur le pseudo du webmaster :
+ // - lorsque l'on trouve plusieurs occurences
+ // consécutives du caractère espace, on réduit à une seule occurence
+ if ( $HTTP_POST_VARS['webmaster'] == "" )
+ {
+ $erreur .= "<li>".$lang['step2_err_login1']."</li>";
+ $nb_erreur++;
+ }
+ $webmaster = ereg_replace( "[ ]{2,}", " ", $HTTP_POST_VARS['webmaster'] );
+ if ( ereg( "^.* $", $webmaster ) || ereg( "^ .*$", $webmaster) )
+ {
+ $erreur .= "<li>".$lang['step2_err_login2']."</li>";
+ $nb_erreur++;
+ }
+ if ( ereg( "'",$webmaster ) || ereg( "\"",$webmaster ) )
+ {
+ $erreur .= "<li>".$lang['step2_err_login3']."</li>";
+ $nb_erreur++;
+ }
+ // on vérifie que le password rentré correspond bien à la confirmation faite par l'utilisateur
+ if ( $HTTP_POST_VARS['pwdWebmaster'] != $HTTP_POST_VARS['pwdWebmasterConf'] )
+ {
+ $erreur .= "<li>".$lang['step2_err_pass']."</li>";
+ $nb_erreur++;
+ }
+ // le mail doit être conforme à qqch du type : nom@serveur.com
+ if( !ereg("([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+)", $HTTP_POST_VARS['mail_webmaster'] ) )
+ {
+ $erreur .= "<li>".$lang['step2_err_mail']."</li>";
+ $nb_erreur++;
+ }
+ // on met à jour les paramètres de l'application dans le cas où il n'y aucune erreur
+ if ( $nb_erreur == 0 )
+ {
+ mysql_query( "delete from $prefixeTable"."config" );
+ $query = "insert into $prefixeTable"."config (webmaster,mail_webmaster) values ('$webmaster','".$HTTP_POST_VARS['mail_webmaster']."')";
+ mysql_query($query);
+ $query = "insert into $prefixeTable"."sites values (1, './galleries/');";
+ mysql_query($query);
+ $query = "insert into $prefixeTable"."users (pseudo,password,status,language) values ('$webmaster','".md5( $pwdWebmaster )."','admin','".$HTTP_GET_VARS['language']."')";
+ mysql_query($query);
+ mysql_query("insert into $prefixeTable"."users (pseudo,password,status,language) values ('visiteur','".md5( "" )."','visiteur','".$HTTP_GET_VARS['language']."')");
+ $configuration = true;
+ }
+ }
+
+ echo header_install();
+ if ( $configuration )
+ {
+ echo"
+ <table width=\"100%\">
+ <tr>
+ <th>".$lang['install_end_title']."</th>
+ </tr>
+ <tr>
+ <td>&nbsp;</th>
+ </tr>
+ <tr>
+ <td>".$lang['install_end_message']."</td>
+ </tr>
+ </table>";
+ }
+ else
+ {
+ if ( $nb_erreur > 0 )
+ {
+ echo"
+ <table width=100%>
+ <tr>
+ <th>".$lang['install_message']."</th>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ <tr>
+ <td>$erreur</td>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ </table>";
+ }
+ echo"
+ <form method=\"post\" action=\"install.php?step=2&amp;language=".$HTTP_GET_VARS['language']."\">
+ <table width=100%>
+ <tr>
+ <th colspan=\"3\">".$lang['step2_title']."</th>
+ </tr>
+ <tr>
+ <td colspan=\"3\">&nbsp;</td>
+ </tr>
+ <tr>
+ <td>".$lang['conf_general_webmaster']."</td>
+ <td align=\"center\"><input type='text' name='webmaster' value=\"".$HTTP_POST_VARS['webmaster']."\"></td>
+ <td class=\"row2\">".$lang['conf_general_webmaster_info']."</td>
+ </tr>
+ <tr>
+ <td>".$lang['step2_pwd']."</td>
+ <td align=center><input type='password' name='pwdWebmaster' value=''></td>
+ <td class=\"row2\">".$lang['step2_pwd_info']."</td>
+ </tr>
+ <tr>
+ <td>".$lang['step2_pwd_conf']."</td>
+ <td align=center><input type='password' name='pwdWebmasterConf' value=''></td>
+ <td class=\"row2\">".$lang['step2_pwd_conf_info']."</td>
+ </tr>
+ <tr>
+ <td>".$lang['conf_general_mail']."</td>
+ <td align=center><input type='text' name='mail_webmaster' value=\"".$HTTP_POST_VARS['mail_webmaster']."\"></td>
+ <td class=\"row2\">".$lang['conf_general_mail_info']."</td>
+ </tr>
+ <tr>
+ <td colspan=\"3\">&nbsp;</th>
+ </tr>
+ <tr>
+ <td colspan=3 align=center>
+ <input type='submit' name='submit' value='".$lang['submit']."'>
+ </td>
+ </tr>
+ </table>
+ </form>";
+ }
+ echo footer_install();
+ }
+ /*----------------------------------Language choice------------------------------------*/
+ else
+ {
+ include( "../include/functions.php" );
+ echo header_install();
+ echo"
+ <form method=\"get\" action=\"install.php\">
+ <input type=\"hidden\" name=\"step\" value=\"1\"/>
+ <table width=\"100%\">
+ <tr>
+ <td align=\"center\">
+ <select name=\"language\">";
+ $languages = get_languages( "../language/" );
+ for ( $i = 0; $i < sizeof ( $languages ); $i++ )
+ {
+ echo"
+ <option>".$languages[$i]."</option>";
+ }
+ echo"
+ </select>
+ <input type=\"submit\" value=\"Go\">
+ </td>
+ </tr>
+ </table>
+ </form>";
+ echo footer_install();
+ }
+?> \ No newline at end of file
diff --git a/admin/manuel.php b/admin/manuel.php
new file mode 100644
index 000000000..c36a0917e
--- /dev/null
+++ b/admin/manuel.php
@@ -0,0 +1,151 @@
+<?
+/***************************************************************************
+ * manuel.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Tuesday, July 16, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+ include_once( "./include/isadmin.inc.php" );
+
+ echo"
+ <table style=\"width:100%;\">
+ <tr>
+ <th>".$lang['help_images_title']."</th>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ <tr>
+ <td>
+ <div style=\"text-align:center;margin:auto;margin-bottom:10px;\"><img src=\"".$conf['repertoire_image']."admin.png\" style=\"border:1px solid black;\" alt=\"\"/></div>
+ ".$lang['help_images_intro']." :
+ <ul style=\"margin-right:10px;\">";
+ for ( $i = 0; $i < sizeof( $lang['help_images'] ); $i++ )
+ {
+ echo"
+ <li>".$lang['help_images'][$i]."</li>";
+ }
+ echo"
+ </ul>";
+ echo"
+ </td>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ <tr>
+ <th>".$lang['help_thumbnails_title']."</th>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ <tr>
+ <td>
+ <ul style=\"margin-right:10px;\">";
+ for ( $i = 0; $i < sizeof( $lang['help_thumbnails'] ); $i++ )
+ {
+ echo"
+ <li>".$lang['help_thumbnails'][$i]."</li>";
+ }
+ echo"
+ </ul>
+ </td>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ <tr>
+ <th>".$lang['help_database_title']."</th>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ <tr>
+ <td>
+ <ul style=\"margin-right:10px;\">";
+ for ( $i = 0; $i < sizeof( $lang['help_database'] ); $i++ )
+ {
+ echo"
+ <li>".$lang['help_database'][$i]."</li>";
+ }
+ echo"
+ </ul>
+ </td>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ <tr>
+ <th>".$lang['help_remote_title']."</th>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ <tr>
+ <td>
+ <ul style=\"margin-right:10px;\">";
+ for ( $i = 0; $i < sizeof( $lang['help_remote'] ); $i++ )
+ {
+ echo"
+ <li>".$lang['help_remote'][$i]."</li>";
+ }
+ echo"
+ </ul>
+ </td>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ <tr>
+ <th>".$lang['help_upload_title']."</th>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ <tr>
+ <td>
+ <ul style=\"margin-right:10px;\">";
+ for ( $i = 0; $i < sizeof( $lang['help_upload'] ); $i++ )
+ {
+ echo"
+ <li>".$lang['help_upload'][$i]."</li>";
+ }
+ echo"
+ </ul>
+ </td>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ <tr>
+ <th>".$lang['help_infos_title']."</th>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ <tr>
+ <td>
+ <ul style=\"margin-right:10px;\">";
+ for ( $i = 0; $i < sizeof( $lang['help_infos'] ); $i++ )
+ {
+ echo"
+ <li>".$lang['help_infos'][$i]."</li>";
+ }
+ echo"
+ </ul>
+ </td>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ </table>";
+?> \ No newline at end of file
diff --git a/admin/miseajour.php b/admin/miseajour.php
new file mode 100644
index 000000000..53ce3371d
--- /dev/null
+++ b/admin/miseajour.php
@@ -0,0 +1,531 @@
+<?
+/***************************************************************************
+ * miseajour.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Tuesday, July 16, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+ include_once( "./include/isadmin.inc.php" );
+
+ function insert_local_category( $cat_id )
+ {
+ global $prefixeTable,$conf,$page,$HTTP_GET_VARS;
+
+ $site_id = 1;
+
+ // 0. retrieving informations on the category to display
+ $cat_directory = "../galleries";
+
+ if ( is_numeric( $cat_id ) )
+ {
+ $result = get_cat_info( $cat_id );
+ $cat_directory.= "/".$result['local_dir'];
+ // 1. display the category name to update
+ echo "
+ <img src=\"".$conf['lien_puce']."\" alt=\"&gt;\" /><span style=\"font-weight:bold;\">".$result['name'][0]."</span> [ dir : ".$result['last_dir']." ]
+ <div class=\"retrait\">";
+
+ // 2. we search pictures of the category only if the update is for all or a cat_id is specified
+ if ( isset( $page['cat'] ) || $HTTP_GET_VARS['update'] == 'all' )
+ {
+ insert_local_image( $cat_directory, $cat_id );
+ update_cat_info( $cat_id );
+ }
+ }
+
+ // 3. we have to remove the categories of the database not present anymore
+ $query = "select id from $prefixeTable"."categories";
+ $query.= " where site_id = $site_id";
+ if ( !is_numeric( $cat_id ) )
+ {
+ $query.= " and id_uppercat is NULL;";
+ }
+ else
+ {
+ $query.= " and id_uppercat = $cat_id;";
+ }
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ // retrieving the directory
+ $rep = "../galleries";
+ $resultat = get_cat_info( $row['id'] );
+ $rep.= "/".$resultat['local_dir'];
+
+ // is the directory present ?
+ if ( !is_dir( $rep ) )
+ {
+ delete_category( $row['id'] );
+ }
+ }
+
+ // 4. retrieving the sub-directories
+ $sub_rep = array();
+ $i = 0;
+ $dirs = "";
+ if ( $opendir = opendir ( $cat_directory ) )
+ {
+ while ( $file = readdir ( $opendir ) )
+ {
+ if ( $file != "." && $file != ".." && is_dir ( $cat_directory."/".$file ) && $file != "thumbnail" )
+ {
+ $sub_rep[$i++] = $file;
+ }
+ }
+ }
+
+ for ( $i = 0; $i < sizeof( $sub_rep ); $i++ )
+ {
+ // 5. is the category already existing ? we create a subcat if not existing
+ $category_id = "";
+ $query = "select id from $prefixeTable"."categories";
+ $query.= " where site_id = $site_id";
+ $query.= " and dir = '".$sub_rep[$i]."'";
+ if ( !is_numeric( $cat_id ) )
+ {
+ $query.= " and id_uppercat is NULL;";
+ }
+ else
+ {
+ $query.= " and id_uppercat = $cat_id;";
+ }
+ $result = mysql_query( $query );
+ if ( mysql_num_rows( $result ) == 0 )
+ {
+ // we have to create the category
+ $query = "insert into $prefixeTable"."categories (dir,site_id,id_uppercat) values ('".$sub_rep[$i]."','$site_id'";
+ if ( !is_numeric( $cat_id ) )
+ {
+ $query.= ",NULL";
+ }
+ else
+ {
+ $query.= ",'$cat_id'";
+ }
+ $query.= ");";
+ mysql_query( $query );
+ $category_id = mysql_insert_id();
+ }
+ else
+ {
+ // we get the already registered id
+ $row = mysql_fetch_array( $result );
+ $category_id = $row['id'];
+ }
+ // 6. recursive call
+ insert_local_category( $category_id );
+ }
+
+ if ( is_numeric( $cat_id ) )
+ {
+ echo "
+ </div>";
+ }
+ }
+
+ function insert_local_image( $rep, $category_id )
+ {
+ global $prefixeTable,$lang,$conf,$count_new;
+
+ // we have to delete all the images from the database that :
+ // - are not in the directory anymore
+ // - don't have the associated thumbnail available anymore
+ $query = "select id,file,tn_ext from $prefixeTable"."images";
+ $query.= " where cat_id = $category_id;";
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ $lien_image = $rep."/".$row['file'];
+ $lien_thumbnail = $rep."/"."thumbnail/".$conf['prefixe_thumbnail'].substr( $row['file'], 0, strrpos( $row['file'], "." ) ).".".$row['tn_ext'];
+
+ if ( !is_file ( $lien_image ) || !is_file ( $lien_thumbnail ) )
+ {
+ if ( !is_file ( $lien_image ) )
+ {
+ echo $row['file']." <span style=\"font-weight:bold;\">".$lang['update_disappeared']."</span><br />";
+ }
+ if ( !is_file ( $lien_thumbnail ) )
+ {
+ echo $row['file']." : <span style=\"font-weight:bold;\">".$lang['update_disappeared_tn']."</span><br />";
+ }
+ // suppression de la base :
+ delete_image( $row['id'] );
+ }
+ }
+
+ // searching the new images in the directory
+ $pictures = array();
+ $i = 0;
+ $tn_ext = "";
+ $root = "";
+ if ( $opendir = opendir ( $rep ) )
+ {
+ while ( $file = readdir ( $opendir ) )
+ {
+ if ( is_file( $rep."/".$file ) && is_image( $rep."/".$file ) )
+ {
+ // is the picture waiting for validation by an administrator ?
+ $query = "select id from $prefixeTable"."waiting";
+ $query.= " where cat_id = $category_id";
+ $query.= " and file = '$file';";
+ $result = mysql_query( $query );
+ if ( mysql_num_rows( $result ) == 0 )
+ {
+ if ( $tn_ext = TN_exist( $rep, $file ) )
+ {
+ // is the picture already in the database ?
+ $query = "select id from $prefixeTable"."images";
+ $query.= " where cat_id = $category_id";
+ $query.= " and file = '$file';";
+ $result = mysql_query( $query );
+ if ( mysql_num_rows( $result ) == 0 )
+ {
+ $pictures[$i] = array();
+ $pictures[$i]['file'] = $file;
+ $pictures[$i]['tn_ext'] = $tn_ext;
+ $pictures[$i]['date'] = date( "Y-m-d", filemtime ( $rep."/".$file ) );
+ $pictures[$i]['filesize'] = floor ( filesize( $rep."/".$file ) / 1024 );
+ $image_size = @getimagesize( $rep."/".$file );
+ $pictures[$i]['width'] = $image_size[0];
+ $pictures[$i]['height'] = $image_size[1];
+ $i++;
+ }
+ }
+ else
+ {
+ echo "<span style=\"color:red;\">".$lang['update_missing_tn']." : $file (<span style=\"font-weight:bold;\">".$conf['prefixe_thumbnail'].substr( $file, 0, strrpos( $file, "." ) ).".XXX</span>, XXX = gif, png or jpg)</span><br />";
+ }
+ }
+ }
+ }
+ }
+ // inserting the pictures found in the directory
+ $root.= "\n".$indent."<root>";
+ if ( sizeof( $pictures ) > 0 )
+ {
+ for( $i = 0; $i < sizeof( $pictures ); $i++ )
+ {
+ $query = "insert into $prefixeTable"."images (file,cat_id,date_available,tn_ext,filesize,width,height) values ('".$pictures[$i]['file']."','".$category_id."','".$pictures[$i]['date']."','".$pictures[$i]['tn_ext']."','".$pictures[$i]['filesize']."','".$pictures[$i]['width']."','".$pictures[$i]['height']."');";
+ echo"
+ ".$pictures[$i]['file']." <span style=\"font-weight:bold;\">".$lang['update_research_added']."</span> (".$lang['update_research_tn_ext']." ".$pictures[$i]['tn_ext'].")<br />";
+ $count_new++;
+ mysql_query( $query );
+ }
+ }
+ }
+
+ // The function "update_cat_info" updates the information about the last online image
+ // and the number of images in the category
+ function update_cat_info( $category_id )
+ {
+ global $prefixeTable;
+
+ $query = "select date_available from $prefixeTable"."images";
+ $query.= " where cat_id = $category_id";
+ $query.= " order by date_available desc limit 0,1;";
+ $result = mysql_query( $query );
+ $row = mysql_fetch_array( $result );
+ $date_last = $row['date_available'];
+
+ $query = "select count(*) as nb_images from $prefixeTable"."images";
+ $query.= " where cat_id = $category_id";
+ $result = mysql_query( $query );
+ $row = mysql_fetch_array( $result );
+ $nb_images = $row['nb_images'];
+
+ $query = "update $prefixeTable"."categories";
+ $query.= " set date_dernier = '$date_last'";
+ $query.= ", nb_images = $nb_images";
+ $query.= " where id = $category_id;";
+ mysql_query( $query );
+ }
+
+ function getContent( $element, $node )
+ {
+ $content = str_replace( "<".$node.">", "", $element );
+ $content = str_replace( "</".$node.">", "", $content );
+ return $content;
+ }
+
+ function getChild( $document, $node )
+ {
+ preg_match("/\<".$node.">.*\<\/".$node."\>/U", $document, $retour);
+ return $retour[0];
+ }
+
+ function getChildren( $document, $node )
+ {
+ preg_match_all("/\<".$node.">.*\<\/".$node."\>/U", $document, $retour);
+ return $retour[0];
+ }
+
+ function remote_images()
+ {
+ global $conf, $prefixeTable, $lang;
+
+ // 1.is there a file listing.xml ?
+ $filename = "listing.xml";
+ $xml_content = "";
+ if ( $fp = @fopen ( $filename, "r" ) )
+ {
+ while ( !feof ( $fp ) )
+ {
+ $xml_content .= fgets ( $fp, 1024 );
+ }
+ @fclose( $file );
+ $xml_content = str_replace("\n","",$xml_content);
+ $xml_content = str_replace("\t","",$xml_content);
+ }
+ else
+ {
+ return false;
+ }
+ $url = getContent( getChild( $xml_content, "url" ), "url" );
+ echo "<span style=\"font-weight:bold;color:navy;\">$url</span><br /><br />";
+
+ // 2. is the site already existing ?
+ $site_id = "";
+ $result = mysql_query( "select id from $prefixeTable"."sites where galleries_url = '$url';" );
+ if ( mysql_num_rows($result ) == 0 )
+ {
+ // we have to register this site in the database
+ mysql_query( "insert into $prefixeTable"."sites (galleries_url) values ('$url');" );
+ $site_id = mysql_insert_id();
+ }
+ else
+ {
+ // we get the already registered id
+ $row = mysql_fetch_array( $result );
+ $site_id = $row['id'];
+ }
+
+ // 3. available dirs in the file
+ insert_remote_category( $xml_content, $site_id, "NULL", 0 );
+ }
+
+ // insert_remote_category search the "dir" node of the xml_dir given
+ // and insert the contained categories if the are not in the database yet.
+ // The function also delete the categories that are in the database
+ // and not in the xml_file
+ function insert_remote_category( $xml_dir, $site_id, $id_uppercat, $level )
+ {
+ global $prefixeTable,$conf;;
+
+ $categories = array();
+ $list_dirs = getChildren( $xml_dir, "dir".$level );
+ for ( $i = 0; $i < sizeof( $list_dirs ); $i++ )
+ {
+ // is the category already existing ?
+ $category_id = "";
+ $name = getContent( getChild( $list_dirs[$i], "name" ), "name" );
+ $categories[$i] = $name;
+ echo "
+ <img src=\"".$conf['lien_puce']."\"><span style=\"font-weight:bold;\">$name</span>
+ <div class=\"retrait\">";
+ $query = "select id from $prefixeTable"."categories";
+ $query.= " where site_id = '$site_id'";
+ $query.= " and dir = '$name'";
+ if ( $id_uppercat == "NULL" )
+ {
+ $query.= " and id_uppercat is NULL;";
+ }
+ else
+ {
+ $query.= " and id_uppercat = '$id_uppercat';";
+ }
+ //echo "<br />".$query;
+ $result = mysql_query( $query );
+ if ( mysql_num_rows( $result ) == 0 )
+ {
+ // we have to create the category
+ $query = "insert into $prefixeTable"."categories (dir,site_id,id_uppercat) values ('$name','$site_id'";
+ if ( $id_uppercat == "NULL" )
+ {
+ $query.= ",NULL";
+ }
+ else
+ {
+ $query.= ",'$id_uppercat'";
+ }
+ $query.= ");";
+ //echo "<br />".$query;
+ mysql_query( $query );
+ $category_id = mysql_insert_id();
+ }
+ else
+ {
+ // we get the already registered id
+ $row = mysql_fetch_array( $result );
+ $category_id = $row['id'];
+ }
+ insert_remote_image( $list_dirs[$i], $category_id );
+ update_cat_info( $category_id );
+ insert_remote_category( $list_dirs[$i], $site_id, $category_id, $level + 1 );
+ echo "
+ </div>";
+ }
+ // we have to remove the categories of the database not present in the xml file
+ // (ie deleted from the picture storage server)
+ $query = "select dir,id from $prefixeTable"."categories";
+ $query.= " where site_id = '$site_id'";
+ if ( $id_uppercat == "NULL" )
+ {
+ $query.= " and id_uppercat is NULL;";
+ }
+ else
+ {
+ $query.= " and id_uppercat = '$id_uppercat';";
+ }
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ // is the category in the xml file ?
+ if ( !in_array( $row['dir'], $categories ) )
+ {
+ delete_category( $row['id'] );
+ }
+ }
+ }
+
+ // insert_remote_image search the "root" node of the xml_dir given
+ // and insert the contained pictures if the are not in the database yet
+ function insert_remote_image( $xml_dir, $category_id )
+ {
+ global $prefixeTable,$count_new,$lang;
+
+ $root = getChild( $xml_dir, "root" );
+ $pictures = array();
+ $xml_pictures = getChildren( $root, "picture" );
+ for ( $j = 0; $j < sizeof( $xml_pictures ); $j++ )
+ {
+ //<picture>
+ // <file>albatros.jpg</file>
+ // <tn_ext>png</tn_ext>
+ // <date>2002-04-14</date>
+ // <filesize>35</filesize>
+ // <width>640</width>
+ // <height>480</height>
+ //</picture>
+ $file = getContent( getChild( $xml_pictures[$j], "file" ), "file" );
+ $tn_ext = getContent( getChild( $xml_pictures[$j], "tn_ext" ), "tn_ext" );
+ $date = getContent( getChild( $xml_pictures[$j], "date" ), "date" );
+ $filesize = getContent( getChild( $xml_pictures[$j], "filesize" ), "filesize" );
+ $width = getContent( getChild( $xml_pictures[$j], "width" ), "width" );
+ $height = getContent( getChild( $xml_pictures[$j], "height" ), "height" );
+
+ $pictures[$j] = $file;
+
+ // is the picture already existing in the database ?
+ $query = "select id,tn_ext from $prefixeTable"."images where cat_id = '$category_id' and file = '$file';";
+ $result = mysql_query( $query );
+ $query = "";
+ if ( mysql_num_rows( $result ) == 0 )
+ {
+ $query = "insert into $prefixeTable"."images (file,cat_id,date_available,tn_ext,filesize,width,height) values ('$file','$category_id','$date','$tn_ext','$filesize','$width','$height');";
+ echo"
+ $file <span style=\"font-weight:bold;\">".$lang['update_research_added']."</span> (".$lang['update_research_tn_ext']." $tn_ext)<br />";
+ $count_new++;
+ }
+ else
+ {
+ // is the tn_ext the same in the xml file and in the database ?
+ $row = mysql_fetch_array( $result );
+ if ( $row['tn_ext'] != $tn_ext )
+ {
+ $query = "update $prefixeTable"."images set tn_ext = '$tn_ext' where cat_id = '$category_id' and file = '$file';";
+ }
+ }
+ // execution of the query
+ if ( $query != "" )
+ {
+ mysql_query( $query );
+ }
+ }
+ // we have to remove the pictures of the database not present in the xml file
+ // (ie deleted from the picture storage server)
+ $query = "select id,file from $prefixeTable"."images where cat_id = '$category_id';";
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ // is the file in the xml file ?
+ if ( !in_array( $row['file'], $pictures ) )
+ {
+ delete_image( $row['id'] );
+ }
+ }
+ }
+ //------------------------------------------------------------------------------
+ echo "<table style=\"width:100%;\">";
+ //------------------------------------------------------------------------------
+ // Display choice if "update" var is not specified
+ check_cat_id( $HTTP_GET_VARS['update'] );
+ if ( !isset( $HTTP_GET_VARS['update'] ) && !( isset( $page['cat'] ) || $HTTP_GET_VARS['update'] == 'cats' || $HTTP_GET_VARS['update'] == 'all' ) )
+ {
+ echo"
+ <tr><th>".$lang['update_default_title']."</th></tr>
+ <tr>
+ <td>
+ <div class=\"retrait\">
+ <img src=\"".$conf['lien_puce']."\" alt=\"&gt;\" /><a href=\"".add_session_id_to_url( "./admin.php?page=miseajour&amp;update=cats" )."\">".$lang['update_only_cat']."</a>
+ <br /><img src=\"".$conf['lien_puce']."\" alt=\"&gt;\" /><a href=\"".add_session_id_to_url( "./admin.php?page=miseajour&amp;update=all" )."\">".$lang['update_all']."</a>
+ </div>
+ </td>
+ </tr>";
+ }
+ //------------------------------------------------------------------------------
+ // Recherche des nouvelles images dans les repertoires
+ else
+ {
+ $count_new = 0;
+ $count_deleted = 0;
+ echo"
+ <tr><th>".$lang['update_part_research']."</th></tr>
+ <tr>
+ <td>
+ <div class=\"retrait\">";
+ if ( isset( $page['cat'] ) )
+ {
+ insert_local_category( $page['cat'] );
+ }
+ else
+ {
+ insert_local_category( "NULL" );
+ }
+ echo "<br /><span style=\"color:blue;\">$count_new ".$lang['update_research_conclusion']."</span>";
+ echo "<br /><span style=\"color:red;\">$count_deleted ".$lang['update_deletion_conclusion']."</span>";
+ echo "
+ </div>
+ </td>
+ </tr>";
+ }
+ //------------------------------------------------------------------------------
+ // Searching new pictures in the file listing.xml from a remote storage server
+ if ( @is_file( "./listing.xml" ) )
+ {
+ $count_new = 0;
+ $count_deleted = 0;
+ echo"
+ <tr><th>Site distant</th></tr>
+ <tr>
+ <td>
+ <div class=\"retrait\">";
+ remote_images();
+ echo "<br /><span style=\"color:blue;\">$count_new ".$lang['update_research_conclusion']."</span>";
+ echo "<br /><span style=\"color:red;\">$count_deleted ".$lang['update_deletion_conclusion']."</span>";
+ echo "
+ </div>
+ </td>
+ </tr>";
+ }
+ //------------------------------------------------------------------------------
+ echo "</table>";
+?> \ No newline at end of file
diff --git a/admin/perm.php b/admin/perm.php
new file mode 100644
index 000000000..2407d9f6f
--- /dev/null
+++ b/admin/perm.php
@@ -0,0 +1,270 @@
+<?php
+/***************************************************************************
+ * perm.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Tuesday, July 16, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+ include_once( "./include/isadmin.inc.php" );
+ //---------------------------------------------------données de l'utilisateur
+ if ( isset( $HTTP_GET_VARS['user_id'] ) )
+ {
+ $query = "select id,pseudo,status from $prefixeTable"."users where id = '".$HTTP_GET_VARS['user_id']."';";
+ $result = mysql_query( $query );
+ $row = mysql_fetch_array( $result );
+ $page['pseudo'] = $row['pseudo'];
+ $page['status'] = $row['status'];
+ if ( mysql_num_rows( $result ) == 0 )
+ {
+ echo"<div class=\"erreur\">".$lang['user_err_unknown']."</div>";
+ $erreur = true;
+ }
+ if ( $row['pseudo'] == $conf['webmaster'] )
+ {
+ echo"<div class=\"erreur\">".$lang['user_err_modify']."</div>";
+ $erreur = true;
+ }
+ }
+ //---------------------------------------------------données de la catégorie
+ if ( isset( $HTTP_GET_VARS['cat_id'] ) )
+ {
+ $HTTP_GET_VARS['cat'] = $HTTP_GET_VARS['cat_id'];
+ check_cat_id( $HTTP_GET_VARS['cat_id'] );
+ if ( isset( $page['cat'] ) )
+ {
+ $result = get_cat_info( $page['cat'] );
+ $page['cat_name'] = $result['name'];
+ $page['id_uppercat'] = $result['id_uppercat'];
+ }
+ }
+ //--------------------------------------------------------------- mise à jour
+ if ( isset( $HTTP_POST_VARS['submit'] ) )
+ {
+ if ( isset( $HTTP_GET_VARS['user_id'] ) )
+ {
+ mysql_query ( "delete from $prefixeTable"."restrictions where user_id = ".$HTTP_GET_VARS['user_id'].";" );
+ $result = mysql_query ( "select id from $prefixeTable"."categories;" );
+ while ( $row = mysql_fetch_array ( $result ) )
+ {
+ $nom_select = "acces-".$row['id'];
+ if ( $HTTP_POST_VARS[$nom_select] == 1 )
+ {
+ mysql_query ( "insert into $prefixeTable"."restrictions (user_id,cat_id) values ('".$HTTP_GET_VARS['user_id']."','".$row['id']."');" );
+ }
+ }
+ check_favorites( $HTTP_GET_VARS['user_id'] );
+ echo "<div class=\"info\">".$lang['permuser_info_message']." [ <a href=\"".add_session_id_to_url( "./admin.php?page=liste_users" )."\">".$lang['adduser_info_back']."</a> ]</div>";
+ }
+ else if ( isset( $HTTP_GET_VARS['cat_id'] ) )
+ {
+ mysql_query ( "delete from $prefixeTable"."restrictions where cat_id = '".$page['cat']."';" );
+ $result = mysql_query( "select id from $prefixeTable"."users where pseudo != '".$conf['webmaster']."';" );
+ while ( $row = mysql_fetch_array ( $result ) )
+ {
+ $nom_select = "acces-".$row['id'];
+ if ( $HTTP_POST_VARS[$nom_select] == 1 )
+ {
+ mysql_query ( "insert into $prefixeTable"."restrictions (user_id,cat_id) values ('".$row['id']."','".$page['cat']."');" );
+ }
+ check_favorites( $row['id'] );
+ }
+ echo "<div class=\"info\">".$lang['permuser_info_message']." [ <a href=\"".add_session_id_to_url( "./admin.php?page=cat" )."\">".$lang['editcat_back']."</a> ]</div>";
+ }
+ }
+ //--------------------------------------------------------------- formulaire
+ function display_cat_manager( $id_uppercat, $indent, $uppercat_authorized, $level, $restriction )
+ {
+ global $prefixeTable,$lang,$conf;
+
+ $output = "";
+
+ // will we use <th> or <td> lines ?
+ if ( $level == 0 )
+ {
+ $start_line = "<th ";
+ $start_line2 = "<th ";
+ $end_line = "</th>";
+ }
+ else
+ {
+ $start_line = "<td ";
+ $end_line = "</td>";
+ if ( $level == 1 )
+ {
+ $start_line2 = "<td class=\"row1\" ";
+ }
+ else if ( $level == 2 )
+ {
+ $start_line2 = "<td class=\"row2\" ";
+ }
+ else if ( $level == 3 )
+ {
+ $start_line2 = "<td class=\"row3\" ";
+ }
+ else if ( $level == 4 )
+ {
+ $start_line2 = "<td class=\"row4\" ";
+ }
+ else
+ {
+ $start_line2 = "<td ";
+ }
+ }
+
+ $query = "select id,name,dir,rank";
+ $query.= " from $prefixeTable"."categories";
+ if ( !is_numeric( $id_uppercat ) )
+ {
+ $query.= " where id_uppercat is NULL";
+ }
+ else
+ {
+ $query.= " where id_uppercat = $id_uppercat";
+ }
+ $query.= " order by rank asc;";
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ $subcat_authorized = true;
+
+ $output.= "\n<tr>";
+ $output.= "\n\t".$start_line."style=\"width:85%;text-align:left;\">$indent<img src=\"".$conf['lien_puce']."\" alt=\"&gt;\" />&nbsp;";
+ if ( in_array( $row['id'], $restriction ) || !$uppercat_authorized )
+ {
+ $subcat_authorized = false;
+ $color = "red";
+ }
+ else
+ {
+ $color = "green";
+ }
+ $output.= "<span style=\"color:$color;\">";
+ if ( $row['name'] == "" )
+ {
+ $output.= str_replace( "_", " ", $row['dir'] );
+ }
+ else
+ {
+ $output.= $row['name'];
+ }
+ $output.= " [ dir : ".$row['dir']." ]";
+ $output.= "</span>".$end_line;
+ $output.= "\n\t".$start_line2." style=\"width:15%;white-space:nowrap;text-align:right;font-weight:normal;\">";
+ $output.= "\n\t\t<input type=\"radio\" name=\"acces-".$row['id']."\" value=\"0\" checked=\"checked\"/>".$lang['permuser_authorized'];
+ $output.= "\n\t\t<input type=\"radio\" name=\"acces-".$row['id']."\" value=\"1\"";
+ if ( in_array( $row['id'], $restriction ) )
+ {
+ $output.= " checked=\"checked\"";
+ }
+ $output.= "/>".$lang['permuser_forbidden'];
+ $output.= $end_line;
+ $output.= "\n<tr>";
+ $output.= display_cat_manager( $row['id'], $indent."&nbsp;&nbsp;&nbsp;&nbsp;", $subcat_authorized, $level + 1, $restriction );
+ }
+ return $output;
+ }
+
+ if ( !$erreur )
+ {
+ //----------------------------------------------
+ // cas 1 : permissions pour un utilisateur donné
+ if ( isset( $HTTP_GET_VARS['user_id'] ) )
+ {
+ echo"
+ <table style=\"width:100%;\">
+ <tr>
+ <th>".$lang['permuser_title']." \"".$page['pseudo']."\"</th>
+ </tr>
+ </table>";
+ $restriction = get_restrictions( $HTTP_GET_VARS['user_id'], $page['status'], false );
+ echo"
+ <form action=\"".add_session_id_to_url( "./admin.php?page=perm&amp;user_id=".$HTTP_GET_VARS['user_id'] )."\" method=\"post\">
+ <div style=\"color:darkblue;margin:10px;text-align:center;\">".$lang['permuser_warning']."</div>
+ <table style=\"width:100%;\">";
+
+ echo display_cat_manager( "NULL", "&nbsp;&nbsp;&nbsp;&nbsp;", true, 0, $restriction );
+
+ echo"
+ <tr>
+ <td colspan=\"2\" align=\"center\"><input type=\"submit\" name=\"submit\" value=\"".$lang['submit']."\"/></td>
+ </tr>
+ <table>
+ </form>";
+ }
+ //----------------------------------------------
+ // cas 2 : permissions pour une catégorie donnée
+ else if ( isset( $HTTP_GET_VARS['cat_id'] ) )
+ {
+ echo"
+ <table style=\"width:100%;\">
+ <tr>
+ <th>".$lang['permuser_cat_title']."\"".get_cat_display_name( $page['cat_name'], " - ", "font-style:italic;" )."\"</th>
+ </tr>
+ </table>";
+ echo"
+ <form action=\"".add_session_id_to_url( "./admin.php?page=perm&amp;cat_id=".$page['cat'] )."\" method=\"post\">
+ <table style=\"width:100%;\">";
+
+ $result = mysql_query( "select id,pseudo,status from $prefixeTable"."users where pseudo != '".$conf['webmaster']."';" );
+ $i = 0;
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ $restrictions = get_restrictions( $row['id'], $row['status'], false );
+ $is_user_allowed = is_user_allowed( $page['cat'], $restrictions );
+ $class = "";
+ if ( $i%2 == 1 )
+ {
+ $class = "class=\"row2\"";
+ }
+ echo"
+ <tr>
+ <td $class><a href=\"".add_session_id_to_url( "./admin.php?page=perm&amp;user_id=".$row['id'] )."\">";
+ echo "<span style=\"color:";
+ if ( $is_user_allowed > 0 )
+ {
+ echo "red";
+ }
+ else
+ {
+ echo "green";
+ }
+ echo "\">".$row['pseudo']."</span></a></td>
+ <td $class style=\"text-align:right;\">";
+ if ( $is_user_allowed == 2 )
+ {
+ echo "<a href=\"".add_session_id_to_url( "./admin.php?page=perm&amp;cat_id=".$page['id_uppercat'] )."\"><span style=\"color:red;\">".$lang['permuser_parent_forbidden']."</span></a>";
+ }
+ else
+ {
+ echo"
+ <input type=\"radio\" name=\"acces-".$row['id']."\" value=\"0\" checked=\"checked\"/>".$lang['permuser_authorized']."
+ <input type=\"radio\" name=\"acces-".$row['id']."\" value=\"1\"";
+ if ( $is_user_allowed == 1 )
+ {
+ echo" checked=\"checked\"";
+ }
+ echo"/>".$lang['permuser_forbidden'];
+ }
+ echo"
+ </td>
+ </tr>";
+ $i++;
+ }
+ echo"
+ <tr>
+ <td colspan=\"2\" align=\"center\"><input type=\"submit\" name=\"submit\" value=\"".$lang['submit']."\"/></td>
+ </tr>
+ </table>
+ </form>";
+ }
+ }
+?> \ No newline at end of file
diff --git a/admin/thumbnail.php b/admin/thumbnail.php
new file mode 100644
index 000000000..e68ee2407
--- /dev/null
+++ b/admin/thumbnail.php
@@ -0,0 +1,568 @@
+<?php
+/***************************************************************************
+ * thumbnail.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Thursday, July 25, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+include_once( "./include/isadmin.inc.php" );
+
+function get_subdirs( $rep )
+{
+ $sub_rep = array();
+ $i = 0;
+ if ( $opendir = opendir ( $rep ) )
+ {
+ while ( $file = readdir ( $opendir ) )
+ {
+ if ( $file != "thumbnail" && $file != "."
+ && $file != ".." && is_dir ( $rep.$file ) )
+ {
+ $sub_rep[$i++] = $file;
+ }
+ }
+ }
+ return $sub_rep;
+}
+
+/*
+ $tab_ext = array ( 'jpg', 'JPG','png','PNG' );
+ $tab_tn_ext = array ( 'jpg', 'JPG','png','PNG', 'gif', 'GIF' );
+*/
+function get_images_without_thumbnail( $dir )
+{
+ $i = 0;
+ if ( $opendir = opendir ( $dir ) )
+ {
+ while ( $file = readdir ( $opendir ) )
+ {
+ $lien_image = $dir."/".$file;
+ if ( is_image( $lien_image, true ) )
+ {
+ if ( !TN_exist( $dir, $file ) )
+ {
+ $taille_image = getimagesize( $lien_image );
+ $size = floor ( filesize( $lien_image ) / 1024 ). " KB";
+ $images[$i++] = array( 'name' => $file,
+ 'width' => $taille_image[0],
+ 'height' => $taille_image[1],
+ 'size' => $size
+ );
+ }
+ }
+ }
+ }
+ return $images;
+}
+
+function scandir( $DIR, $width, $height )
+{
+ global $HTTP_POST_VARS, $conf, $output;
+ $compteur = 0;
+ $temps = array();
+ if ( $ODIR = opendir( $DIR ) )
+ {
+ while ( $FILE = readdir ( $ODIR ) )
+ {
+ $TMP = $DIR."/".$FILE;
+ if ( is_image ( $TMP, true ) )
+ {
+ if ( $compteur < $HTTP_POST_VARS['n'] && !TN_exist( $DIR, $FILE ) )
+ {
+ $t1 = explode( " ", microtime() );
+ $t2 = explode( ".", $t1[0] );
+ $t2 = $t1[1].".".$t2[1];
+ $info = RatioResizeImg( $FILE, $width, $height, $DIR."/", "jpg" );
+ $t3 = explode( " ", microtime() );
+ $t4 = explode( ".", $t3[0] );
+ $t4 = $t3[1].".".$t4[1];
+ $info['temps'] = ( $t4 - $t2 ) * 1000;
+ $temps[$compteur++] = $info;
+ //$output.= " (".number_format( $temps[$compteur-1], 2, '.', ' ')." ms)<br />";;
+ }
+ }
+ }
+ }
+ return $temps;
+}
+
+function RatioResizeImg( $image, $newWidth, $newHeight, $path, $extension)
+{
+ global $conf, $HTTP_POST_VARS;
+ // chemin complet de l'image :
+ $chemin = $path.$image;
+ // détéction du type de l'image
+ eregi( "(...)$", $chemin, $regs);
+ $type = $regs[1];
+ switch( $type )
+ {
+ case "jpg": $srcImage = @imagecreatefromjpeg( $chemin ); break;
+ case "JPG": $srcImage = @imagecreatefromjpeg( $chemin ); break;
+ case "png": $srcImage = @imagecreatefrompng( $chemin ); break;
+ case "PNG": $srcImage = @imagecreatefrompng( $chemin ); break;
+ default : unset( $type ); break;
+ }
+
+ if( $srcImage )
+ {
+ // hauteurs/largeurs
+ $srcWidth = imagesx( $srcImage );
+ $srcHeight = imagesy( $srcImage );
+ $ratioWidth = $srcWidth/$newWidth;
+ $ratioHeight = $srcHeight/$newHeight;
+
+ // taille maximale dépassée ?
+ if (($ratioWidth > 1) || ($ratioHeight > 1))
+ {
+ if( $ratioWidth < $ratioHeight)
+ {
+ $destWidth = $srcWidth/$ratioHeight;
+ $destHeight = $newHeight;
+ }
+ else
+ {
+ $destWidth = $newWidth;
+ $destHeight = $srcHeight/$ratioWidth;
+ }
+ }
+ else
+ {
+ $destWidth = $srcWidth;
+ $destHeight = $srcHeight;
+ }
+ // selon votre version de GD installée sur le serveur hébergeur
+ if ( $HTTP_POST_VARS['gd'] == 2 )
+ {
+ // Partie 1 : GD 2.0 ou supérieur, résultat très bons
+ $destImage = imagecreatetruecolor( $destWidth, $destHeight);
+ imagecopyresampled( $destImage, $srcImage, 0, 0, 0, 0, $destWidth,$destHeight,$srcWidth,$srcHeight );
+ }
+ else
+ {
+ // Partie 2 : GD inférieur à 2, résultat très moyens
+ $destImage = imagecreate( $destWidth, $destHeight);
+ imagecopyresized( $destImage, $srcImage, 0, 0, 0, 0, $destWidth,$destHeight,$srcWidth,$srcHeight );
+ }
+
+
+ if( !is_dir( $path."thumbnail" ) )
+ {
+ umask(0000);
+ mkdir( $path."thumbnail", 0777 );
+ }
+ $dest_file = $path."thumbnail/".$conf['prefixe_thumbnail'].substr ( $image, 0, strrpos ( $image, ".") ).".".$extension;
+
+ // création et sauvegarde de l'image finale
+ imagejpeg($destImage, $dest_file);
+ // libère la mémoire
+ imagedestroy( $srcImage );
+ imagedestroy( $destImage );
+
+ // renvoit l'URL de l'image
+ //return $dest_file;
+ $taille_image = getimagesize( $chemin );
+ $size = number_format( floor ( filesize( $chemin ) / 1024 ), 0, '', ' ')." KB";
+ $tn_taille_image = getimagesize( $dest_file );
+ $tn_size = number_format( floor ( filesize( $dest_file ) ), 0, '', ' ')." octets";
+ $info = array( 'name' => $image,
+ 'width' => $taille_image[0],
+ 'height' => $taille_image[1],
+ 'size' => $size,
+ 'tn_name' => $conf['prefixe_thumbnail'].substr ( $image, 0, strrpos ( $image, ".") ).".".$extension,
+ 'tn_width' => $tn_taille_image[0],
+ 'tn_height' => $tn_taille_image[1],
+ 'tn_size' => $tn_size
+ );
+ return $info;
+ }
+ // erreur
+ else
+ {
+ echo $lang['tn_no_support']." ";
+ if ($type)
+ {
+ echo $lang['tn_format']." $type";
+ }
+ else
+ {
+ echo $lang['tn_thisformat'];
+ }
+ exit();
+ }
+}
+
+function array_max( $array )
+{
+ $max = 0;
+ for ( $i = 0; $i < sizeof( $array ); $i++ )
+ {
+ if ( $array[$i] > $max )
+ {
+ $max = $array[$i];
+ }
+ }
+ return $max;
+}
+
+function array_min( $array )
+{
+ $min = 99999999999999;
+ for ( $i = 0; $i < sizeof( $array ); $i++ )
+ {
+ if ( $array[$i] < $min )
+ {
+ $min = $array[$i];
+ }
+ }
+ return $min;
+}
+
+function array_moy( $array )
+{
+ return array_sum( $array ) / sizeof( $array );
+}
+
+// get_dirs retourne un tableau contenant tous les sous-répertoires d'un répertoire
+function get_displayed_dirs( $rep, $indent )
+{
+ global $conf,$lang;
+
+ $sub_rep = array();
+ $i = 0;
+ $dirs = "";
+ if ( $opendir = opendir ( $rep ) )
+ {
+ while ( $file = readdir ( $opendir ) )
+ {
+ if ( $file != "." && $file != ".." && is_dir ( $rep."/".$file ) && $file != "thumbnail" )
+ {
+ $sub_rep[$i++] = $file;
+ }
+ }
+ }
+ // write of the dirs
+ for ( $i = 0; $i < sizeof( $sub_rep ); $i++ )
+ {
+ $images = get_images_without_thumbnail( $rep."/".$sub_rep[$i] );
+ $nb_picture_without_TN = sizeof( $images );
+ $dirs.= $indent;
+ if ( $nb_picture_without_TN > 0 )
+ {
+ $dirs.= "<a href=\"".add_session_id_to_url( "./admin.php?page=thumbnail&amp;dir=".$rep."/".$sub_rep[$i] )."\">";
+ }
+ $dirs.= "<img src=\"".$conf['lien_puce']."\" style=\"border:none;\" alt=\"&gt;\"/>".$sub_rep[$i];
+ if ( $nb_picture_without_TN > 0 )
+ {
+ $dirs.= "</a>";
+ }
+ if ( $nb_picture_without_TN > 0 )
+ {
+ $dirs.= " [ $nb_picture_without_TN ".$lang['tn_dirs_alone']." ]";
+ }
+ $dirs.= "<br />";
+ $dirs.= get_displayed_dirs( $rep."/".$sub_rep[$i], $indent."&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;" );
+ }
+ return $dirs;
+}
+
+$output = "";
+
+if ( isset( $HTTP_GET_VARS['dir'] ) )
+{
+ //---------------vérification de la présence d'images sans thumbnail
+ $images = get_images_without_thumbnail( $HTTP_GET_VARS['dir'] );
+ if ( sizeof( $images ) == 0 )
+ {
+ $output.= "<div style=\"text-align:center;font-weight:bold;margin:10px;\"> [ 0 ".$lang['tn_dirs_alone']." ]</div>";
+ }
+ else if ( isset( $HTTP_POST_VARS['submit'] ) )
+ {
+ //----------------------------------------vérification des variables
+ $nb_erreur = 0;
+ $erreur = "";
+ if ( !ereg( "^[0-9]{2,3}$", $HTTP_POST_VARS['width'] ) || $HTTP_POST_VARS['width'] < 10 )
+ {
+ $nb_erreur++;
+ $erreur.= "<li>".$lang['tn_err_width']." 10</li>";
+ }
+ if ( !ereg( "^[0-9]{2,3}$", $HTTP_POST_VARS['height'] ) || $HTTP_POST_VARS['height'] < 10 )
+ {
+ $nb_erreur++;
+ $erreur.= "<li>".$lang['tn_err_height']." 10</li>";
+ }
+ if ( !isset( $HTTP_POST_VARS['gd'] ) )
+ {
+ $nb_erreur++;
+ $erreur.= "<li>".$lang['tn_err_GD']."</li>";
+ }
+
+ //---------------------------------------------listing des résultats
+ if ( $nb_erreur == 0 )
+ {
+ $style = "class=\"row2\" style=\"text-align:center;font-weight:bold;";
+ $output.= "
+ <table style=\"width:100%;\">
+ <tr>
+ <th colspan=\"10\">".$lang['tn_results_title']."</th>
+ </tr>
+ <tr>
+ <td ".$style."\">&nbsp;</td>
+ <td ".$style."\">".$lang['tn_picture']."</td>
+ <td ".$style."\">".$lang['tn_filesize']."</td>
+ <td ".$style."\">".$lang['tn_width']."</td>
+ <td ".$style."\">".$lang['tn_height']."</td>
+ <td ".$style."background-color:#D3DCE3;\">".$lang['tn_results_gen_time']."</td>
+ <td ".$style."\">".$lang['thumbnail']."</td>
+ <td ".$style."\">".$lang['tn_filesize']."</td>
+ <td ".$style."\">".$lang['tn_width']."</td>
+ <td ".$style."\">".$lang['tn_height']."</td>
+ </tr>";
+ $tab_infos = scandir( $HTTP_GET_VARS['dir'], $HTTP_POST_VARS['width'], $HTTP_POST_VARS['height'] );
+ for ( $i = 0; $i < sizeof ( $tab_infos ); $i++ )
+ {
+ $temps[$i] = $tab_infos[$i]['temps'];
+ }
+ $max = array_max( $temps );
+ $min = array_min( $temps );
+ for ( $i = 0; $i < sizeof ( $tab_infos ); $i++ )
+ {
+ $temps[$i] = $tab_infos[$i]['temps'];
+ $num = $i + 1;
+ $class = "";
+ if ( $i%2 == 1 )
+ {
+ $class = "class=\"row2\"";
+ }
+ $output.= "
+ <tr>
+ <td class=\"row2\">$num</td>
+ <td $class>".$tab_infos[$i]['name']."</td>
+ <td $class style=\"text-align:right;\">".$tab_infos[$i]['size']."</td>
+ <td $class style=\"text-align:right;\">".$tab_infos[$i]['width']."</td>
+ <td $class style=\"text-align:right;\">".$tab_infos[$i]['height']."</td>
+ <th><div style=\"text-align:right;margin-right:5px;";
+ if ( $tab_infos[$i]['temps'] == $max )
+ {
+ $output.= "color:red;";
+ }
+ if ( $tab_infos[$i]['temps'] == $min )
+ {
+ $output.= "color:green;";
+ }
+ $output.= "\">".number_format( $tab_infos[$i]['temps'], 2, '.', ' ')." ms</div></th>
+ <td $class>".$tab_infos[$i]['tn_name']."</td>
+ <td $class style=\"text-align:right;\">".$tab_infos[$i]['tn_size']."</td>
+ <td $class style=\"text-align:right;\">".$tab_infos[$i]['tn_width']."</td>
+ <td $class style=\"text-align:right;\">".$tab_infos[$i]['tn_height']."</td>
+ </tr>";
+ }
+ $output.= "
+ <tr>
+ <td colspan=\"10\">&nbsp;</td>
+ </tr>
+ </table>
+ <table style=\"margin:auto;border:1px solid black;\">
+ <tr>
+ <td colspan=\"2\" style=\"text-align:center;font-weight:bold;\" class=\"row2\">".$lang['tn_stats']."</td>
+ </tr>
+ <tr>
+ <td>".$lang['tn_stats_nb']." : </td>
+ <td style=\"text-align:center;\">".sizeof( $temps )."</td>
+ </tr>
+ <tr>
+ <td>".$lang['tn_stats_total']." : </td>
+ <td style=\"text-align:right;\">".number_format( array_sum( $temps ), 2, '.', ' ')." ms</td>
+ </tr>
+ <tr>
+ <td>".$lang['tn_stats_max']." : </td>
+ <td style=\"text-align:right;\">".number_format( $max, 2, '.', ' ')." ms</td>
+ </tr>
+ <tr>
+ <td>".$lang['tn_stats_min']." : </td>
+ <td style=\"text-align:right;\">".number_format( $min, 2, '.', ' ')." ms</td>
+ </tr>
+ <tr>
+ <td>".$lang['tn_stats_mean']." : </td>
+ <td style=\"text-align:right;\">".number_format( array_moy( $temps ), 2, '.', ' ')." ms</td>
+ </tr>
+ </table>
+ <table>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ </table>";
+ }
+ else
+ {
+ $output.= "
+ <div class=\"erreur\" style=\"margin-top:10px;\">".$lang['tn_err']."</div>
+ <div class=\"erreur\" style=\"text-align:left;margin-left:20px;\">
+ <ul>
+ $erreur
+ </ul>
+ </div>";
+ }
+ }
+ //-------------------------------------paramètres de miniaturisation
+ if ( sizeof( $images ) != 0 )
+ {
+ $output.= "
+ <style>
+ div.key
+ {
+ margin-left : 10px;
+ }
+ td.choice
+ {
+ text-align : center;
+ }
+ </style>";
+ $output.= "
+ <form method=\"post\" action=\"".add_session_id_to_url( "./admin.php?page=thumbnail&amp;dir=".$HTTP_GET_VARS['dir'] )."\">
+ <table style=\"width:100%;\">
+ <tr>
+ <th colspan=\"3\">".$lang['tn_params_title']."</th>
+ </tr>";
+ $output.= "
+ <tr>
+ <td colspan=\"3\">&nbsp;</td>
+ </tr>";
+ $output.= "
+ <tr>
+ <td><div class=\"key\">".$lang['tn_params_GD']."</div></td>
+ <td class=\"choice\">
+ <input type=\"radio\" name=\"gd\" value=\"2\"/ checked=\"checked\">2.x
+ <input type=\"radio\" name=\"gd\" value=\"1\"";
+ if ( $HTTP_POST_VARS['gd'] == 1 )
+ {
+ $output.= " checked=\"checked\"";
+ }
+ $output.= "/>1.x
+ </td>
+ <td style=\"width:50%;\" class=\"row2\">".$lang['tn_params_GD_info']."</td>
+ </tr>
+ <tr>
+ <td><div class=\"key\">".$lang['tn_width']."</div></td>
+ <td class=\"choice\"><input type=\"text\" name=\"width\" value=\"";
+ if ( isset( $HTTP_POST_VARS['width'] ) )
+ {
+ $output.= $HTTP_POST_VARS['width'];
+ }
+ else
+ {
+ $output.= "128";
+ }
+ $output.="\"/></td>
+ <td class=\"row2\">".$lang['tn_params_width_info']."</td>
+ </tr>
+ <tr>
+ <td><div class=\"key\">".$lang['tn_height']."</div></td>
+ <td class=\"choice\"><input type=\"text\" name=\"height\" value=\"";
+ if ( isset( $HTTP_POST_VARS['height'] ) )
+ {
+ $output.= $HTTP_POST_VARS['height'];
+ }
+ else
+ {
+ $output.= "96";
+ }
+ $output.="\"/></td>
+ <td class=\"row2\">".$lang['tn_params_height_info']."</td>
+ </tr>
+ <tr>
+ <td><div class=\"key\">".$lang['tn_params_create']."</div></td>
+ <td class=\"choice\">
+ <select name=\"n\">
+ <option>5</option>
+ <option>10</option>
+ <option>20</option>
+ <option>40</option>
+ </select>
+ </td>
+ <td class=\"row2\">".$lang['tn_params_create_info']."</td>
+ </tr>
+ <tr>
+ <td><div class=\"key\">".$lang['tn_params_format']."</div></td>
+ <td class=\"choice\"><span style=\"font-weight:bold;\">jpeg</span></td>
+ <td class=\"row2\">".$lang['tn_params_format_info']."</td>
+ </tr>
+ <tr>
+ <td colspan=\"3\">&nbsp;</td>
+ </tr>
+ <tr>
+ <td colspan=\"3\" style=\"text-align:center;\">
+ <input type=\"submit\" name=\"submit\" value=\"".$lang['submit']."\"/>
+ </td>
+ </tr>";
+ $output.= "
+ </table>
+ </form>";
+ //-----------------------------------liste des images sans miniature
+ $images = get_images_without_thumbnail( $HTTP_GET_VARS['dir'] );
+ $style = "class=\"row2\" style=\"text-align:center;font-weight:bold;";
+ $output.= "
+ <table style=\"width:100%;\">
+ <tr>
+ <th colspan=\"5\"><span style=\"color:#006699;\">".sizeof( $images )."</span> ".$lang['tn_alone_title']."</th>
+ </tr>
+ <tr>
+ <td ".$style."\">&nbsp;</td>
+ <td ".$style."width:50%;\">".$lang['tn_picture']."</td>
+ <td ".$style."width:17%;\">".$lang['tn_filesize']."</td>
+ <td ".$style."width:17%;\">".$lang['tn_width']."</td>
+ <td ".$style."width:16%;\">".$lang['tn_height']."</td>
+ </tr>";
+ for ( $i = 0; $i < sizeof( $images ); $i++ )
+ {
+ $num = $i + 1;
+ $class = "";
+ if ( $i%2 == 1 )
+ {
+ $class = " class=\"row2\"";
+ }
+ $output.= "
+ <tr>
+ <td class=\"row2\">".$num."</td>
+ <td $class><div style=\"margin-left:10px;\">".$images[$i]['name']."</div></td>
+ <td $class><div style=\"margin-left:10px;\">".$images[$i]['size']."</div></td>
+ <td $class><div style=\"margin-left:10px;\">".$images[$i]['width']."</div></td>
+ <td $class><div style=\"margin-left:10px;\">".$images[$i]['height']."</div></td>
+ </tr>";
+ }
+ $output.= "
+ </table>";
+ }
+}
+//-----------------------------------liste des répertoires
+//-------------------------si aucun répertoire selectionné
+else
+{
+ $output = "
+ <table style=\"width:100%;\">
+ <tr>
+ <th>".$lang['tn_dirs_title']."</th>
+ </tr>";
+ $output.= "
+ <tr>
+ <td>
+ <div class=\"retrait\">
+ <img src=\"".$conf['lien_puce']."\" alt=\"\"/>galleries";
+ $output.= "<br />";
+ $output.= get_displayed_dirs( "../galleries", "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;" );
+ $output.= "
+ </div>
+ </td>
+ </tr>
+ </table>";
+}
+echo $output;
+?> \ No newline at end of file
diff --git a/admin/user_add.php b/admin/user_add.php
new file mode 100644
index 000000000..cf67dcaa3
--- /dev/null
+++ b/admin/user_add.php
@@ -0,0 +1,255 @@
+<?php
+/***************************************************************************
+ * ajout.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Tuesday, July 16, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+
+include_once( './include/isadmin.inc.php' );
+
+$error = array();
+$absent = false;
+
+$query = 'select';
+$query.= ' pseudo,status,mail_address';
+$query.= ' from '.$prefixeTable.'users';
+$query.= ' where id = '.$_GET['user_id'];
+$query.= ';';
+$row = mysql_fetch_array( mysql_query( $query ) );
+
+$pseudo = $row['pseudo'];
+$status = $row['status'];
+$mail_address = $row['mail_address'];
+
+if ( $pseudo == 'visiteur' ||
+ ( $pseudo == $conf['webmaster']
+ && $user['pseudo'] != $conf['webmaster'] ) )
+{
+ echo "<div class=\"erreur\">".$lang['user_err_modify']."</div>";
+ $absent = true;
+}
+if ( $_GET['mode'] == 'modif' )
+{
+ if ( $pseudo == '' )
+ {
+ echo"<div class=\"info\">".$lang['user_err_unknown']."</div>";
+ $absent = true;
+ }
+}
+if ( !$absent )
+{
+ if ( $_GET['valider'] == 1 )
+ {
+ if ( $_GET['mode'] != 'modif' )
+ {
+ $error = register_user( $_POST['pseudo'], $_POST['password'],
+ $_POST['password'], $_POST['mail_address'],
+ $_POST['status'] );
+ }
+ else
+ {
+ $use_new_password = false;
+ if ( $_POST['use_new_pwd'] == 1)
+ {
+ $use_new_password = true;
+ }
+ $error = update_user( $_GET['user_id'], $_POST['mail_address'],
+ $_POST['status'], $use_new_password,
+ $_POST['password'] );
+ }
+ }
+ if ( sizeof( $error ) > 0 )
+ {
+ echo "<div class=\"erreur\">".$lang['adduser_err_message'].sizeof( $error )." :";
+ echo "<ul>";
+ for ( $i = 0; $i < sizeof( $error ); $i++ )
+ {
+ echo "<li>".$error[$i]."</li>";
+ }
+ echo "</ul>";
+ echo "</div>";
+ }
+ if ( sizeof( $error ) == 0 && $_GET['valider'] == 1 )
+ {
+ echo"<div class=\"info\">".$lang['adduser_info_message']."\"$pseudo\" ";
+ if ( $_POST['use_new_pwd'] == 1 )
+ {
+ echo $lang['adduser_info_password_updated']." ";
+ }
+ echo"[ <a href=\"".add_session_id_to_url( "./admin.php?page=liste_users" )."\">".$lang['adduser_info_back']."</a> ]</div>";
+ }
+ if ( $_GET['valider'] != 1 || $_GET['mode'] != "modif" || sizeof( $error ) > 0 )
+ {
+ if ( $_GET['mode'] != "modif" && sizeof( $error ) == 0 )
+ {
+ unset( $pseudo, $password, $status, $mail_address );
+ }
+ if ( !isset( $_POST['use_new_pwd'] ) || $_POST['use_new_pwd'] != 1 )
+ {
+ unset( $password );
+ }
+ $action = "./admin.php?page=ajout&amp;valider=1";
+ if ( $_GET['mode'] == "modif" )
+ {
+ $action.= "&amp;mode=modif&amp;user_id=".$_GET['user_id'];
+ }
+ echo"<form method=\"post\" action=\"".add_session_id_to_url( $action )."\">
+ <table style=\"width:100%;\">
+ <tr align=\"center\" valign=\"middle\">
+ <td>
+ <table style=\"margin-left:auto;margin-right:auto;\">
+ <tr>
+ <th colspan=\"2\">".$lang['adduser_fill_form']."</th>
+ </tr>
+ <tr>
+ <td colspan=\"2\"><div style=\"margin-bottom:0px;\">&nbsp;</div></td>
+ </tr>
+ <tr>
+ <td>".$lang['adduser_login']."</td>
+ <td>";
+ if ( $_GET['mode'] == "modif" )
+ {
+ echo"<span style=\"color:red;\">$pseudo [".$lang['adduser_unmodify']."]</span>";
+ echo"<input type=\"hidden\" name=\"pseudo\" value=\"$pseudo\"/>";
+ }
+ else
+ {
+ echo"<input type=\"text\" name=\"pseudo\" value=\"$pseudo\"/>";
+ }
+ echo"
+ </td>
+ </tr>";
+ echo"
+ <tr>
+ <td>";
+ if ( $_GET['mode'] == "modif" )
+ {
+ echo $lang['new']." ".$lang['password']."<input type=\"checkbox\" name=\"use_new_pwd\" value=\"1\"";
+ if ( isset( $_POST['use_new_pwd'] ) && $_POST['use_new_pwd'] == 1 )
+ {
+ echo " checked=\"checked\"";
+ }
+ echo " />";
+ }
+ else
+ {
+ echo $lang['password'];
+ }
+ echo"</td>
+ <td>";
+ echo"<input type=\"text\" name=\"password\" value=\"$password\"/></td>
+ </tr>";
+ echo"
+ <tr>
+ <td>".$lang['reg_mail_address']."</td>";
+ echo "
+ <td><input type=\"text\" name=\"mail_address\" value=\"$mail_address\"/></td>
+ </tr>";
+ echo"
+ <tr>
+ <td>".$lang['adduser_status']."</td>
+ <td>";
+ if ( $pseudo == $conf['webmaster'] )
+ {
+ echo "<span style=\"color:red;\">$status [".$lang['adduser_unmodify']."]</span>
+ <input type=\"hidden\" name=\"status\" value=\"$status\"/>";
+ }
+ else
+ {
+ echo"
+ <select name=\"status\">";
+ // on récupère toutes les status possibles dans la base
+ // par l'intermédiaire de la fonction get_enums
+ $option = get_enums( $prefixeTable."users", "status" );
+ for ( $i = 0; $i < sizeof( $option ); $i++ )
+ {
+ if ( isset( $status ) )
+ {
+ echo"
+ <option value=\"$option[$i]\"";
+ if ( $option[$i] == $status )
+ {
+ echo" selected=\"selected\"";
+ }
+ echo">";
+ switch ( $option[$i] )
+ {
+ case "admin" :
+ {
+ echo $lang['adduser_status_admin'];
+ break;
+ }
+ case "membre" :
+ {
+ echo $lang['adduser_status_member'];
+ break;
+ }
+ case "visiteur" :
+ {
+ echo $lang['adduser_status_guest'];
+ break;
+ }
+ }
+ echo"</option>";
+ }
+ else
+ {
+ echo"
+ <option value=\"$option[$i]\"";
+ if ( $option[$i] == "visiteur" )
+ {
+ echo" selected=\"selected\"";
+ }
+ echo">";
+ switch ( $option[$i] )
+ {
+ case "admin" :
+ {
+ echo $lang['adduser_status_admin'];
+ break;
+ }
+ case "membre" :
+ {
+ echo $lang['adduser_status_member'];
+ break;
+ }
+ case "visiteur" :
+ {
+ echo $lang['adduser_status_guest'];
+ break;
+ }
+ }
+ echo"</option>";
+ }
+ }
+ echo"
+ </select>";
+ }
+ echo"
+ </td>
+ </tr>
+ <tr>
+ <td colspan=\"2\" align=\"center\"><input type=\"submit\" value=\"".$lang['submit']."\"/></td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+ </form>";
+ if ( $_GET['mode'] == "modif" )
+ {
+ echo "<div style=\"text-align:center;margin-bottom:10px;\">[ <a href=\"".add_session_id_to_url( "./admin.php?page=liste_users" )."\">".$lang['adduser_info_back']."</a> ]</div>";
+ }
+ }
+}
+?> \ No newline at end of file
diff --git a/admin/user_list.php b/admin/user_list.php
new file mode 100644
index 000000000..8221ed30f
--- /dev/null
+++ b/admin/user_list.php
@@ -0,0 +1,244 @@
+<?php
+/***************************************************************************
+ * liste_users.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Tuesday, July 16, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+include_once( './include/isadmin.inc.php' );
+//----------------------------------------------------- template initialization
+$sub = $vtp->Open( '../template/'.$user['template'].'/admin/user_list.vtp' );
+// language
+$vtp->setGlobalVar( $sub, 'listuser_confirm', $lang['listuser_confirm'] );
+$vtp->setGlobalVar( $sub, 'listuser_modify_hint',
+ $lang['listuser_modify_hint'] );
+$vtp->setGlobalVar( $sub, 'listuser_modify', $lang['listuser_modify'] );
+$vtp->setGlobalVar( $sub, 'listuser_permission',
+ $lang['listuser_permission'] );
+$vtp->setGlobalVar( $sub, 'listuser_permission_hint',
+ $lang['listuser_permission_hint'] );
+$vtp->setGlobalVar( $sub, 'listuser_delete_hint',
+ $lang['listuser_delete_hint'] );
+$vtp->setGlobalVar( $sub, 'listuser_delete', $lang['listuser_delete'] );
+$vtp->setGlobalVar( $sub, 'yes', $lang['yes'] );
+$vtp->setGlobalVar( $sub, 'no', $lang['no'] );
+$vtp->setGlobalVar( $sub, 'listuser_button_all',
+ $lang['listuser_button_all'] );
+$vtp->setGlobalVar( $sub, 'listuser_button_invert',
+ $lang['listuser_button_invert'] );
+$vtp->setGlobalVar( $sub, 'listuser_button_create_address',
+ $lang['listuser_button_create_address'] );
+//--------------------------------------------------------------- delete a user
+if ( isset ( $_GET['delete'] ) && is_numeric( $_GET['delete'] ) )
+{
+ $query = 'select pseudo';
+ $query.= ' from '.$prefixeTable.'users';
+ $query.= ' where id = '.$_GET['delete'];
+ $query.= ';';
+ $row = mysql_fetch_array( mysql_query( $query ) );
+ // confirm user deletion ?
+ if ( $_GET['confirm'] != 1 )
+ {
+ $vtp->addSession( $sub, 'deletion' );
+ $vtp->setVar( $sub, 'deletion.login', $row['pseudo'] );
+ $yes_url = './admin.php?page=user_list&amp;delete='.$_GET['delete'];
+ $yes_url.= '&amp;confirm=1';
+ $vtp->setVar( $sub, 'deletion.yes_url', add_session_id( $yes_url ) );
+ $no_url = './admin.php?page=user_list';
+ $vtp->setVar( $sub, 'deletion.no_url', add_session_id( $no_url ) );
+ $vtp->closeSession( $sub, 'deletion' );
+ }
+ // user deletion confirmed
+ else
+ {
+ $vtp->addSession( $sub, 'confirmation' );
+ if ( $row['pseudo'] != 'visiteur' && $row['pseudo'] != $conf['webmaster'] )
+ {
+ $query = 'select count(*) as nb_result';
+ $query.= ' from '.$prefixeTable.'users';
+ $query.= ' where id = '.$_GET['delete'];
+ $query.= ';';
+ $row2 = mysql_fetch_array( mysql_query( $query ) );
+ if ( $row2['nb_result'] > 0 )
+ {
+ delete_user( $_GET['delete'] );
+ $vtp->setVar( $sub, 'confirmation.class', 'info' );
+ $info = '"'.$row['pseudo'].'" '.$lang['listuser_info_deletion'];
+ $vtp->setVar( $sub, 'confirmation.info', $info );
+ }
+ else
+ {
+ $vtp->setVar( $sub, 'confirmation.class', 'erreur' );
+ $vtp->setVar( $sub, 'confirmation.info', $lang['user_err_unknown'] );
+ }
+ }
+ else
+ {
+ $vtp->setVar( $sub, 'confirmation.class', 'erreur' );
+ $vtp->setVar( $sub, 'confirmation.info', $lang['user_err_modify'] );
+ }
+ $vtp->closeSession( $sub, 'confirmation' );
+ }
+}
+//------------------------------------------------------------------ users list
+else
+{
+ $vtp->addSession( $sub, 'users' );
+
+ $action = './admin.php?'.$_SERVER['QUERY_STRING'];
+ if ( !isset( $_GET['mail'] ) )
+ {
+ $action.= '&amp;mail=true';
+ }
+ $vtp->setVar( $sub, 'users.form_action', $action );
+
+ $query = 'select id,pseudo,status,mail_address';
+ $query.= ' from '.$prefixeTable.'users';
+ $query.= ' order by status asc, pseudo asc';
+ $query.= ';';
+ $result = mysql_query( $query );
+
+ $current_status = '';
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ // display the line indicating the status of the next users
+ if ( $row['status'] != $current_status )
+ {
+ if ( $current_status != '' )
+ {
+ $vtp->closeSession( $sub, 'category' );
+ }
+ $vtp->addSession( $sub, 'category' );
+ $title = $lang['listuser_user_group'].' ';
+ switch ( $row['status'] )
+ {
+ case 'admin' :
+ {
+ $title.= $lang['adduser_status_admin'];
+ break;
+ }
+ case 'visiteur' :
+ {
+ $title.= $lang['adduser_status_guest'];
+ break;
+ }
+ }
+ $vtp->setVar( $sub, 'category.title', $title );
+ $current_status = $row['status'];
+ }
+ $vtp->addSession( $sub, 'user' );
+ // checkbox for mail management if the user has a mail address
+ if ( $row['mail_address'] != '' && $row['pseudo'] != 'visiteur' )
+ {
+ $vtp->addSession( $sub, 'checkbox' );
+ $vtp->setVar( $sub, 'checkbox.name', 'mail-'.$row['id'] );
+ $vtp->closeSession( $sub, 'checkbox' );
+ }
+ // use a special color for the login of the user ?
+ if ( $row['pseudo'] == $conf['webmaster'] )
+ {
+ $vtp->setVar( $sub, 'user.color', 'red' );
+ }
+ if ( $row['pseudo'] == "visiteur" )
+ {
+ $vtp->setVar( $sub, 'user.color', 'green' );
+ }
+ $vtp->setVar( $sub, 'user.login', $row['pseudo'] );
+ // modify or not modify ?
+ if ( $row['pseudo'] == "visiteur"
+ || ( $row['pseudo'] == $conf['webmaster']
+ && $user['pseudo'] != $conf['webmaster'] ) )
+ {
+ $vtp->addSession( $sub, 'not_modify' );
+ $vtp->closeSession( $sub, 'not_modify' );
+ }
+ else
+ {
+ $vtp->addSession( $sub, 'modify' );
+ $url = './admin.php?page=user_add&amp;mode=modif&amp;user_id=';
+ $url.= $row['id'];
+ $vtp->setVar( $sub, 'modify.url', add_session_id( $url ) );
+ $vtp->setVar( $sub, 'modify.login', $row['pseudo'] );
+ $vtp->closeSession( $sub, 'modify' );
+ }
+ // manage permission or not ?
+ if ( $row['pseudo'] == $conf['webmaster'] )
+ {
+ $vtp->addSession( $sub, 'not_permission' );
+ $vtp->closeSession( $sub, 'not_permission' );
+ }
+ else
+ {
+ $vtp->addSession( $sub, 'permission' );
+ $url = './admin.php?page=perm&amp;user_id='.$row['id'];
+ $vtp->setVar( $sub, 'permission.url', add_session_id( $url ) );
+ $vtp->setVar( $sub, 'permission.login', $row['pseudo'] );
+ $vtp->closeSession( $sub, 'permission' );
+ }
+ // is the user deletable or not ?
+ if ( $row['pseudo'] == 'visiteur' || $row['pseudo'] == $conf['webmaster'] )
+ {
+ $vtp->addSession( $sub, 'not_delete' );
+ $vtp->closeSession( $sub, 'not_delete' );
+ }
+ else
+ {
+ $vtp->addSession( $sub, 'delete' );
+ $url = './admin.php?page=user_list&amp;delete='.$row['id'];
+ $vtp->setVar( $sub, 'delete.url', add_session_id( $url ) );
+ $vtp->setVar( $sub, 'delete.login', $row['pseudo'] );
+ $vtp->closeSession( $sub, 'delete' );
+ }
+ $vtp->closeSession( $sub, 'user' );
+ }
+ $vtp->closeSession( $sub, 'category' );
+ // mail management : creation of the mail address if asked by administrator
+ if ( isset( $_GET['mail'] ) )
+ {
+ $mail_address = array();
+ $i = 0;
+ $query = 'select';
+ $query.= ' id,mail_address';
+ $query.= ' from '.$prefixeTable.'users';
+ $query.= ';';
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ $key = 'mail-'.$row['id'];
+ if ( $_POST[$key] == 1 )
+ {
+ $mail_address[$i++] = $row['mail_address'];
+ }
+ }
+ $mail_destination = '';
+ for ( $i = 0; $i < sizeof( $mail_address ); $i++ )
+ {
+ $mail_destination.= $mail_address[$i];
+ if ( sizeof( $mail_address ) > 1 )
+ {
+ $mail_destination.= ';';
+ }
+ }
+ if ( sizeof( $mail_address ) > 0 )
+ {
+ $vtp->addSession( $sub, 'mail_link' );
+ $vtp->setVar( $sub, 'mail_link.mailto', $mail_destination );
+ $vtp->setVar( $sub, 'mail_link.mail_address_start',
+ substr( $mail_destination, 0, 50 ) );
+ $vtp->closeSession( $sub, 'mail_link' );
+ }
+ }
+ $vtp->closeSession( $sub, 'users' );
+}
+//----------------------------------------------------------- sending html code
+$vtp->Parse( $handle , 'sub', $sub );
+?> \ No newline at end of file
diff --git a/admin/waiting.php b/admin/waiting.php
new file mode 100644
index 000000000..9e8f16dcc
--- /dev/null
+++ b/admin/waiting.php
@@ -0,0 +1,117 @@
+<?php
+/***************************************************************************
+ * waiting.php is a part of PhpWebGallery *
+ * ------------------- *
+ * last update : Monday, October 28, 2002 *
+ * email : pierrick@z0rglub.com *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+ include_once( "./include/isadmin.inc.php" );
+ //-------------------------------------------------------------- mise à jour
+ if ( isset( $HTTP_POST_VARS['submit'] ) )
+ {
+ $query = "select id,cat_id,file,tn_ext";
+ $query.= " from $prefixeTable"."waiting";
+ $query.= ";";
+ $result = mysql_query( $query );
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ $key = "validate-".$row['id'];
+ if ( isset( $HTTP_POST_VARS[$key] ) )
+ {
+ $query = "delete from $prefixeTable"."waiting";
+ $query.= " where id = ".$row['id'];
+ $query.= ";";
+ mysql_query( $query );
+ if ( $HTTP_POST_VARS[$key] == "false" )
+ {
+ // we have to delete the picture and the thumbnail if it exists
+ $cat = get_cat_info( $row['cat_id'] );
+ unlink( ".".$cat['dir'].$row['file'] );
+ if ( $row['tn_ext'] != "" )
+ {
+ $file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") );
+ unlink( ".".$cat['dir']."thumbnail/".$conf['prefixe_thumbnail'].$file.".".$row['tn_ext'] );
+ }
+ }
+ }
+ }
+ }
+ //--------------------------------------------------------------- formulaire
+ $cat_names = array();
+ echo "
+ <form action=\"".add_session_id_to_url( "./admin.php?page=waiting" )."\" method=\"post\">
+ <table style=\"width:100%;\">
+ <tr>
+ <th style=\"width:20%;\">".$lang['category']."</th>
+ <th style=\"width:20%;\">".$lang['date']."</th>
+ <th style=\"width:20%;\">".$lang['file']."</th>
+ <th style=\"width:20%;\">".$lang['thumbnail']."</th>
+ <th style=\"width:20%;\">".$lang['author']."</th>
+ <th style=\"width:1px;\">&nbsp;</th>
+ </tr>";
+ $query = "select id,cat_id,file,username,mail_address,date,tn_ext";
+ $query.= " from $prefixeTable"."waiting";
+ $query.= " order by cat_id";
+ $query.= ";";
+ $result = mysql_query( $query );
+ $i = 0;
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ $style = "";
+ if ( $i%2 == 0 )
+ {
+ $style = "class=\"row2\"";
+ }
+ if ( !isset( $cat_names[$row['cat_id']] ) )
+ {
+ $cat = get_cat_info( $row['cat_id'] );
+ $cat_names[$row['cat_id']] = array();
+ $cat_names[$row['cat_id']]['dir'] = ".".$cat['dir'];
+ $cat_names[$row['cat_id']]['display_name'] = get_cat_display_name( $cat['name'], " - ", "font-style:italic;" );
+ }
+ echo "
+ <tr>
+ <td $style style=\"white-space:nowrap;\">".$cat_names[$row['cat_id']]['display_name']."</td>
+ <td $style style=\"white-space:nowrap;\">".$lang['day'][date( "w", $row['date'] )].date( " j ", $row['date'] ).$lang['month'][date( "n", $row['date'] )].date( " Y G:i", $row['date'] )."</td>
+ <td $style style=\"white-space:nowrap;\">
+ <a target=\"_blank\" href=\"".$cat_names[$row['cat_id']]['dir'].$row['file']."\">".$row['file']."</td>
+ </td>
+ <td $style style=\"white-space:nowrap;\">";
+ if ( $row['tn_ext'] != "" )
+ {
+ $file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") );
+ echo "<a target=\"_blank\" href=\"".$cat_names[$row['cat_id']]['dir']."thumbnail/".$conf['prefixe_thumbnail'].$file.".".$row['tn_ext']."\">".$conf['prefixe_thumbnail'].$file.".".$row['tn_ext'];
+ }
+ else
+ {
+ echo "&nbsp;";
+ }
+ echo "
+ </td>
+ <td $style style=\"white-space:nowrap;\">
+ <a href=\"mailto:".$row['mail_address']."\">".$row['username']."</a>
+ </td>
+ <td $style style=\"white-space:nowrap;\">
+ <input type=\"radio\" name=\"validate-".$row['id']."\" value=\"true\" />".$lang['submit']."
+ <input type=\"radio\" name=\"validate-".$row['id']."\" value=\"false\" />".$lang['delete']."
+ </td>
+ </tr>";
+ $i++;
+ }
+ echo "
+ <tr>
+ <td colspan=\"5\" align=\"center\"><input type=\"submit\" name=\"submit\" value=\"".$lang['submit']."\" style=\"margin:5px;\" /></td>
+ </tr>";
+ echo "
+ </table>
+ </form>";
+?> \ No newline at end of file