diff options
Diffstat (limited to 'admin')
| -rw-r--r-- | admin/cat_list.php | 133 | ||||
| -rw-r--r-- | admin/cat_modify.php | 73 | ||||
| -rw-r--r-- | admin/cat_perm.php | 6 | ||||
| -rw-r--r-- | admin/comments.php | 8 | ||||
| -rw-r--r-- | admin/configuration.php | 39 | ||||
| -rw-r--r-- | admin/create_listing_file.php | 214 | ||||
| -rw-r--r-- | admin/group_list.php | 2 | ||||
| -rw-r--r-- | admin/group_perm.php | 2 | ||||
| -rw-r--r-- | admin/include/functions.php | 622 | ||||
| -rw-r--r-- | admin/include/isadmin.inc.php | 3 | ||||
| -rw-r--r-- | admin/infos_images.php | 340 | ||||
| -rw-r--r-- | admin/phpwebgallery_structure.sql | 25 | ||||
| -rw-r--r-- | admin/picture_modify.php | 83 | ||||
| -rw-r--r-- | admin/stats.php | 26 | ||||
| -rw-r--r-- | admin/thumbnail.php | 11 | ||||
| -rw-r--r-- | admin/update.php | 878 | ||||
| -rw-r--r-- | admin/user_list.php | 9 | ||||
| -rw-r--r-- | admin/user_modify.php | 12 | ||||
| -rw-r--r-- | admin/user_perm.php | 3 | ||||
| -rw-r--r-- | admin/waiting.php | 2 |
20 files changed, 1717 insertions, 774 deletions
diff --git a/admin/cat_list.php b/admin/cat_list.php index 706dce2ac..9c6af62dd 100644 --- a/admin/cat_list.php +++ b/admin/cat_list.php @@ -18,18 +18,41 @@ * * ***************************************************************************/ include_once( './admin/include/isadmin.inc.php' ); + //----------------------------------------------------- template initialization $sub = $vtp->Open( './template/'.$user['template'].'/admin/cat_list.vtp' ); $tpl = array( 'cat_edit','cat_up','cat_down','cat_image_info', 'cat_permission','cat_update','cat_add','cat_parent','submit', - 'cat_virtual','delete','cat_first','cat_last' ); + 'cat_virtual','delete','cat_first','cat_last','errors_title' ); templatize_array( $tpl, 'lang', $sub ); $vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); //--------------------------------------------------- adding a virtual category $errors = array(); if ( isset( $_POST['submit'] ) ) { - if ( !preg_match( '/^\s*$/', $_POST['virtual_name'] ) ) + // is the given category name only containing blank spaces ? + if ( preg_match( '/^\s*$/', $_POST['virtual_name'] ) ) + array_push( $errors, $lang['cat_error_name'] ); + // does the uppercat id exists in the database ? + if ( $_POST['associate'] == '' ) + { + $_POST['associate'] = -1; + } + else if ( !is_numeric( $_POST['associate'] ) ) + { + array_push( $errors, $lang['cat_unknown_id'] ); + } + else + { + $query = 'SELECT id'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ' WHERE id = '.$_POST['associate']; + $query.= ';'; + if ( mysql_num_rows( mysql_query( $query ) ) == 0 ) + array_push( $errors, $lang['cat_unknown_id'] ); + } + + if ( count( $errors ) == 0 ) { // we have then to add the virtual category $query = 'INSERT INTO '.PREFIX_TABLE.'categories'; @@ -41,10 +64,7 @@ if ( isset( $_POST['submit'] ) ) $query.= " ('".$_POST['virtual_name']."',".$_POST['associate'].")"; $query.= ';'; mysql_query( $query ); - } - else - { - array_push( $errors, $lang['cat_error_name'] ); + synchronize_all_users(); } } //--------------------------------------------------------------- rank updates @@ -171,6 +191,7 @@ if ( isset( $_GET['first'] ) and is_numeric( $_GET['first'] ) ) if ( isset( $_GET['delete'] ) and is_numeric( $_GET['delete'] ) ) { delete_category( $_GET['delete'] ); + synchronize_all_users(); } //------------------------------------------------------------------ reordering function ordering( $id_uppercat ) @@ -233,6 +254,8 @@ function display_cat_manager( $id_uppercat, $indent, $query.= ';'; $result = mysql_query( $query ); $row = mysql_fetch_array( $result ); + if ( !isset( $row['min'] ) ) $row['min'] = 0; + if ( !isset( $row['max'] ) ) $row['max'] = 0; $min_rank = $row['min']; $max_rank = $row['max']; @@ -258,13 +281,39 @@ function display_cat_manager( $id_uppercat, $indent, while ( $row = mysql_fetch_array( $result ) ) { $subcat_visible = true; + if ( !isset( $row['dir'] ) ) $row['dir'] = ''; $vtp->addSession( $sub, 'cat' ); + // is the category expanded or not ? + if ( isset($page['expand']) && $page['expand'] == 'all' ) + { + $vtp->addSession( $sub, 'bullet_wo_link' ); + $vtp->closeSession( $sub, 'bullet_wo_link' ); + } + else if ( isset($page['tab_expand']) && in_array( $row['id'], $page['tab_expand'] ) ) + { + $vtp->addSession( $sub, 'bullet_expanded' ); + $tab_expand = array_diff( $page['tab_expand'], array( $row['id'] ) ); + $expand = implode( ',', $tab_expand ); + $url = './admin.php?page=cat_list&expand='.$expand; + $vtp->setVar( $sub, 'bullet_expanded.link', add_session_id( $url ) ); + $vtp->closeSession( $sub, 'bullet_expanded' ); + } + else + { + $vtp->addSession( $sub, 'bullet_collapsed' ); + $tab_expand = array_merge( $page['tab_expand'], array( $row['id'] ) ); + $expand = implode( ',', $tab_expand ); + $url = './admin.php?page=cat_list&expand='.$expand; + $vtp->setVar( $sub, 'bullet_collapsed.link', add_session_id( $url ) ); + $vtp->closeSession( $sub, 'bullet_collapsed' ); + } + $vtp->setVar( $sub, 'cat.td', $td ); $vtp->setVar( $sub, 'cat.class', $class ); $vtp->setVar( $sub, 'cat.indent', $indent ); $vtp->setVar( $sub, 'cat.name', $row['name'] ); - $vtp->setVar( $sub, 'cat.id', $row['id'] ); + if ( $row['dir'] != '' ) { $vtp->addSession( $sub, 'storage' ); @@ -280,7 +329,8 @@ function display_cat_manager( $id_uppercat, $indent, $vtp->closeSession( $sub, 'virtual' ); // category can be deleted $vtp->addSession( $sub, 'delete' ); - $url = './admin.php?page=cat_list&delete='.$row['id']; + $url = './admin.php?page=cat_list&expand='.$page['expand']; + $url.= '&delete='.$row['id']; $vtp->setVar( $sub, 'delete.delete_url', add_session_id( $url ) ); $vtp->closeSession( $sub, 'delete' ); } @@ -299,41 +349,40 @@ function display_cat_manager( $id_uppercat, $indent, if ( $row['rank'] != $min_rank ) { $vtp->addSession( $sub, 'up' ); - $vtp->setVar( $sub, 'up.id', $row['id'] ); - $url = add_session_id( './admin.php?page=cat_list&up='.$row['id'] ); - $vtp->setVar( $sub, 'up.up_url', $url ); + $url = './admin.php?page=cat_list&expand='.$page['expand']; + $url.= '&up='.$row['id']; + $vtp->setVar( $sub, 'up.up_url', add_session_id( $url ) ); $vtp->closeSession( $sub, 'up' ); } else if ( $min_rank != $max_rank ) { $vtp->addSession( $sub, 'no_up' ); - $vtp->setVar( $sub, 'no_up.id', $row['id'] ); - $url = add_session_id( './admin.php?page=cat_list&last='.$row['id']); - $vtp->setVar( $sub, 'no_up.last_url', $url ); + $url = './admin.php?page=cat_list&expand='.$page['expand']; + $url.= '&last='.$row['id']; + $vtp->setVar( $sub, 'no_up.last_url', add_session_id( $url ) ); $vtp->closeSession( $sub, 'no_up' ); } if ( $row['rank'] != $max_rank ) { $vtp->addSession( $sub, 'down' ); - $vtp->setVar( $sub, 'down.id', $row['id'] ); - $url = add_session_id( './admin.php?page=cat_list&down='.$row['id']); - $vtp->setVar( $sub, 'down.down_url', $url ); + $url = './admin.php?page=cat_list&expand='.$page['expand']; + $url.= '&down='.$row['id']; + $vtp->setVar( $sub, 'down.down_url', add_session_id( $url ) ); $vtp->closeSession( $sub, 'down' ); } else if ( $min_rank != $max_rank ) { $vtp->addSession( $sub, 'no_down' ); - $vtp->setVar( $sub, 'no_down.id', $row['id'] ); - $url = add_session_id('./admin.php?page=cat_list&first='.$row['id']); - $vtp->setVar( $sub, 'no_down.first_url', $url ); + $url = './admin.php?page=cat_list&expand='.$page['expand']; + $url.= '&first='.$row['id']; + $vtp->setVar( $sub, 'no_down.first_url', add_session_id( $url ) ); $vtp->closeSession( $sub, 'no_down' ); } if ( $row['nb_images'] > 0 ) { $vtp->addSession( $sub, 'image_info' ); - $url = add_session_id( './admin.php?page=infos_images&cat_id=' - .$row['id'] ); - $vtp->setVar( $sub, 'image_info.image_info_url', $url ); + $url = './admin.php?page=infos_images&cat_id='.$row['id']; + $vtp->setVar( $sub, 'image_info.image_info_url', add_session_id($url) ); $vtp->closeSession( $sub, 'image_info' ); } else @@ -371,19 +420,39 @@ function display_cat_manager( $id_uppercat, $indent, $vtp->closeSession( $sub, 'cat' ); - display_cat_manager( $row['id'], $indent.str_repeat( ' ', 4 ), - $subcat_visible, $level + 1 ); + if ( in_array( $row['id'], $page['tab_expand'] ) + or $page['expand'] == 'all') + display_cat_manager( $row['id'], $indent.str_repeat( ' ', 4 ), + $subcat_visible, $level + 1 ); } } display_cat_manager( 'NULL', str_repeat( ' ', 4 ), true, 0 ); // add a virtual category ? -$vtp->addSession( $sub, 'associate_cat' ); -$vtp->setVar( $sub, 'associate_cat.value', '-1' ); -$vtp->setVar( $sub, 'associate_cat.content', '' ); -$vtp->closeSession( $sub, 'associate_cat' ); -$page['plain_structure'] = get_plain_structure(); -$structure = create_structure( '', array() ); -display_categories( $structure, ' ' ); +// We only show a List Of Values if the number of categories is less than +// $conf['max_LOV_categories'] +$query = 'SELECT COUNT(id) AS nb_total_categories'; +$query.= ' FROM '.PREFIX_TABLE.'categories'; +$query.= ';'; +$row = mysql_fetch_array( mysql_query( $query ) ); +if ( $row['nb_total_categories'] < $conf['max_LOV_categories'] ) +{ + $vtp->addSession( $sub, 'associate_LOV' ); + $vtp->addSession( $sub, 'associate_cat' ); + $vtp->setVar( $sub, 'associate_cat.value', '-1' ); + $vtp->setVar( $sub, 'associate_cat.content', '' ); + $vtp->closeSession( $sub, 'associate_cat' ); + $page['plain_structure'] = get_plain_structure( true ); + $structure = create_structure( '', array() ); + display_categories( $structure, ' ' ); + $vtp->closeSession( $sub, 'associate_LOV' ); +} +// else, we only display a small text field, we suppose the administrator +// knows the id of its category +else +{ + $vtp->addSession( $sub, 'associate_text' ); + $vtp->closeSession( $sub, 'associate_text' ); +} //----------------------------------------------------------- sending html code $vtp->Parse( $handle , 'sub', $sub ); ?>
\ No newline at end of file diff --git a/admin/cat_modify.php b/admin/cat_modify.php index ad0911a0c..50741feea 100644 --- a/admin/cat_modify.php +++ b/admin/cat_modify.php @@ -40,20 +40,6 @@ if ( isset( $_POST['submit'] ) ) $query.= ' WHERE id = '.$_GET['cat']; $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); - - if ( $_POST['status'] != $row['status'] ) - { - // deletion of all access for groups concerning this category - $query = 'DELETE'; - $query.= ' FROM '.PREFIX_TABLE.'group_access'; - $query.= ' WHERE cat_id = '.$_GET['cat']; - mysql_query( $query ); - // deletion of all access for users concerning this category - $query = 'DELETE'; - $query.= ' FROM '.PREFIX_TABLE.'user_access'; - $query.= ' WHERE cat_id = '.$_GET['cat']; - mysql_query( $query ); - } $query = 'UPDATE '.PREFIX_TABLE.'categories'; @@ -78,13 +64,31 @@ if ( isset( $_POST['submit'] ) ) if ( isset( $_POST['associate'] ) ) { $query.= ', id_uppercat = '; - if ( $_POST['associate'] == -1 ) $query.= 'NULL'; - else $query.= $_POST['associate']; + if ( $_POST['associate'] == -1 or $_POST['associate'] == '' ) + $query.= 'NULL'; + else + $query.= $_POST['associate']; } $query.= ' WHERE id = '.$_GET['cat']; $query.= ';'; mysql_query( $query ); + if ( $_POST['status'] != $row['status'] ) + { + // deletion of all access for groups concerning this category + $query = 'DELETE'; + $query.= ' FROM '.PREFIX_TABLE.'group_access'; + $query.= ' WHERE cat_id = '.$_GET['cat']; + mysql_query( $query ); + // deletion of all access for users concerning this category + $query = 'DELETE'; + $query.= ' FROM '.PREFIX_TABLE.'user_access'; + $query.= ' WHERE cat_id = '.$_GET['cat']; + mysql_query( $query ); + // resynchronize all users + synchronize_all_users(); + } + // checking users favorites $query = 'SELECT id'; $query.= ' FROM '.PREFIX_TABLE.'users'; @@ -111,6 +115,10 @@ $query.= ' WHERE a.id = '.$_GET['cat']; $query.= ' AND a.site_id = b.id'; $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); + +if ( !isset( $row['dir'] ) ) $row['dir'] = ''; +if ( !isset( $row['id_uppercat'] ) ) $row['id_uppercat'] = ''; + $result = get_cat_info( $row['id'] ); // cat name $cat_name = get_cat_display_name( $result['name'], ' - ', '' ); @@ -135,6 +143,7 @@ if ( $row['site_id'] != 1 ) $vtp->closeSession( $sub, 'server' ); } $vtp->setVar( $sub, 'name', $row['name'] ); +if ( !isset( $row['comment'] ) ) $row['comment'] = ''; $vtp->setVar( $sub, 'comment', $row['comment'] ); // status : public, private... $options = get_enums( PREFIX_TABLE.'categories', 'status' ); @@ -203,12 +212,32 @@ if ( $conf['upload_available'] and $row['dir'] != '' and $row['site_id'] == 1 ) if ( $row['dir'] == '' ) { $vtp->addSession( $sub, 'parent' ); - $vtp->addSession( $sub, 'associate_cat' ); - $vtp->setVar( $sub, 'associate_cat.value', '-1' ); - $vtp->setVar( $sub, 'associate_cat.content', '' ); - $vtp->closeSession( $sub, 'associate_cat' ); - $structure = create_structure( '', array() ); - display_categories( $structure, ' ', $row['id_uppercat'], $row['id'] ); + // We only show a List Of Values if the number of categories is less than + // $conf['max_LOV_categories'] + $query = 'SELECT COUNT(id) AS nb_total_categories'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ';'; + $countrow = mysql_fetch_array( mysql_query( $query ) ); + if ( $countrow['nb_total_categories'] < $conf['max_LOV_categories'] ) + { + $vtp->addSession( $sub, 'associate_LOV' ); + $vtp->addSession( $sub, 'associate_cat' ); + $vtp->setVar( $sub, 'associate_cat.value', '-1' ); + $vtp->setVar( $sub, 'associate_cat.content', '' ); + $vtp->closeSession( $sub, 'associate_cat' ); + $page['plain_structure'] = get_plain_structure( true ); + $structure = create_structure( '', array() ); + display_categories( $structure, ' ', $row['id_uppercat'],$row['id'] ); + $vtp->closeSession( $sub, 'associate_LOV' ); + } + // else, we only display a small text field, we suppose the administrator + // knows the id of its category + else + { + $vtp->addSession( $sub, 'associate_text' ); + $vtp->setVar( $sub, 'associate_text.value', $row['id_uppercat'] ); + $vtp->closeSession( $sub, 'associate_text' ); + } $vtp->closeSession( $sub, 'parent' ); } //----------------------------------------------------------- sending html code diff --git a/admin/cat_perm.php b/admin/cat_perm.php index 81d9f9945..09767c19b 100644 --- a/admin/cat_perm.php +++ b/admin/cat_perm.php @@ -83,6 +83,8 @@ if ( isset( $_POST['submit'] ) ) } check_favorites( $row['id'] ); } + // resynchronize all users + synchronize_all_users(); } //---------------------------------------------------------------------- groups $query = 'SELECT id,name'; @@ -149,7 +151,7 @@ while ( $row = mysql_fetch_array( $result ) ) // for color of user : (red means access forbidden, green authorized) we // ask all forbidden categories, including the groups rights - $restrictions = get_restrictions( $row['id'], $row['status'], false ); + $restrictions = get_user_restrictions( $row['id'], $row['status'], false ); $is_user_allowed = is_user_allowed( $page['cat'], $restrictions ); if ( $is_user_allowed == 0 ) { @@ -161,7 +163,7 @@ while ( $row = mysql_fetch_array( $result ) ) } // for permission update button, we only ask forbidden categories for the // user, not taking into account the groups the user belongs to - $restrictions = get_restrictions( $row['id'], $row['status'], false, false ); + $restrictions = get_user_restrictions($row['id'],$row['status'],false,false); $is_user_allowed = is_user_allowed( $page['cat'], $restrictions ); if ( $is_user_allowed == 2 ) { diff --git a/admin/comments.php b/admin/comments.php index 1b23fbbff..8d7c3122e 100644 --- a/admin/comments.php +++ b/admin/comments.php @@ -36,7 +36,7 @@ function display_pictures( $mysql_result, $maxtime, $validation_box = false ) $subresult = mysql_query( $query ); $subrow = mysql_fetch_array( $subresult ); - if ( $array_cat_directories[$subrow['cat_id']] == '' ) + if ( !isset( $array_cat_directories[$subrow['cat_id']] ) ) { $array_cat_directories[$subrow['cat_id']] = get_complete_dir( $subrow['cat_id'] ); @@ -49,7 +49,7 @@ function display_pictures( $mysql_result, $maxtime, $validation_box = false ) $file = get_filename_wo_extension( $subrow['file'] ); // name of the picture $name = $array_cat_names[$subrow['cat_id']].' > '; - if ( $subrow['name'] != '' ) + if ( isset( $subrow['name'] ) and $subrow['name'] != '' ) { $name.= $subrow['name']; } @@ -159,8 +159,8 @@ $tpl = array( 'stats_last_days','delete','close','submit','open' ); templatize_array( $tpl, 'lang', $sub ); $vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); //--------------------------------------------------- number of days to display -if ( isset( $_GET['last_days'] ) ) define( "MAX_DAYS", $_GET['last_days'] ); -else define( "MAX_DAYS", 0 ); +if ( isset( $_GET['last_days'] ) ) define( 'MAX_DAYS', $_GET['last_days'] ); +else define( 'MAX_DAYS', 0 ); //----------------------------------------- non specific section initialization $array_cat_directories = array(); $array_cat_names = array(); diff --git a/admin/configuration.php b/admin/configuration.php index bced7704f..9f4bbca97 100644 --- a/admin/configuration.php +++ b/admin/configuration.php @@ -60,6 +60,7 @@ if ( isset( $_POST['submit'] ) ) mysql_query( $query ); } // deletion of site as asked + $site_deleted = false; $query = 'SELECT id'; $query.= ' FROM '.PREFIX_TABLE.'sites'; $query.= " WHERE galleries_url <> './galleries/';"; @@ -70,12 +71,17 @@ if ( isset( $_POST['submit'] ) ) if ( $_POST[$site] == 1 ) { delete_site( $row['id'] ); - // if any picture of this site were linked to another categories, we - // have to update the informations of those categories. To make it - // simple, we just update all the categories - update_category( 'all' ); + $site_deleted = true; } } + // if any picture of this site were linked to another categories, we have + // to update the informations of those categories. To make it simple, we + // just update all the categories + if ( $site_deleted ) + { + update_category( 'all' ); + synchronize_all_users(); + } // thumbnail prefix must not contain accentuated characters $old_prefix = $_POST['prefix_thumbnail']; $prefix = strtr( $_POST['prefix_thumbnail'], $Caracs ); @@ -234,30 +240,22 @@ if ( isset( $_POST['submit'] ) ) else { //--------------------------------------------------------- data initialization - $query = 'SELECT'; - foreach ( $conf_infos as $i => $conf_info ) { - if ( $i > 0 ) $query.= ','; - else $query.= ' '; - $query.= $conf_info; - } + $query = 'SELECT '.implode( ',', $conf_infos ); $query .= ' FROM '.PREFIX_TABLE.'config;'; $row = mysql_fetch_array( mysql_query( $query ) ); - foreach ( $conf_infos as $conf_info ) { - $$conf_info = $row[$conf_info]; + foreach ( $conf_infos as $info ) { + if ( isset( $row[$info] ) ) $$info = $row[$info]; + else $$info = ''; } - $query = 'SELECT'; - foreach ( $default_user_infos as $i => $default_user_info ) { - if ( $i > 0 ) $query.= ','; - else $query.= ' '; - $query.= $default_user_info; - } + $query = 'SELECT '.implode( ',', $default_user_infos ); $query.= ' FROM '.PREFIX_TABLE.'users'; $query.= " WHERE username = 'guest'"; $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); - foreach ( $default_user_infos as $default_user_info ) { - $$default_user_info = $row[$default_user_info]; + foreach ( $default_user_infos as $info ) { + if ( isset( $row[$info] ) ) $$info = $row[$info]; + else $$info = ''; } } //----------------------------------------------------- template initialization @@ -653,6 +651,7 @@ $vtp->setVar( $sub, 'param_line.name', $lang['customize_theme'] ); $vtp->addSession( $sub, 'select' ); $vtp->setVar( $sub, 'select.name', 'template' ); $option = get_dirs( './template/' ); + for ( $i = 0; $i < sizeof( $option ); $i++ ) { $vtp->addSession( $sub, 'option' ); diff --git a/admin/create_listing_file.php b/admin/create_listing_file.php index 507a4862f..c4f880424 100644 --- a/admin/create_listing_file.php +++ b/admin/create_listing_file.php @@ -9,8 +9,7 @@ * * ***************************************************************************/ -$prefix_thumbnail = 'TN-'; - +$conf['prefix_thumbnail'] = 'TN-'; $conf['picture_ext'] = array ( 'jpg', 'gif', 'png', 'JPG', 'GIF', 'PNG' ); $listing = ''; @@ -20,24 +19,76 @@ $local_folder = substr( $_SERVER['PHP_SELF'], 0, $end ); $url = 'http://'.$_SERVER['HTTP_HOST'].$local_folder; $listing.= '<url>'.$url.'</url>'; - + +/** + * returns an array with all picture files according to $conf['picture_ext'] + * + * @param string $dir + * @return array + */ +function get_picture_files( $dir ) +{ + global $conf; + + $pictures = array(); + if ( $opendir = opendir( $dir ) ) + { + while ( $file = readdir( $opendir ) ) + { + if ( in_array( get_extension( $file ), $conf['picture_ext'] ) ) + { + array_push( $pictures, $file ); + } + } + } + return $pictures; +} + +/** + * returns an array with all thumbnails according to $conf['picture_ext'] + * and $conf['prefix_thumbnail'] + * + * @param string $dir + * @return array + */ +function get_thumb_files( $dir ) +{ + global $conf; + + $prefix_length = strlen( $conf['prefix_thumbnail'] ); + + $thumbnails = array(); + if ( $opendir = @opendir( $dir ) ) + { + while ( $file = readdir( $opendir ) ) + { + if ( in_array( get_extension( $file ), $conf['picture_ext'] ) + and substr($file,0,$prefix_length) == $conf['prefix_thumbnail'] ) + { + array_push( $thumbnails, $file ); + } + } + } + return $thumbnails; +} + // get_dirs retourne un tableau contenant tous les sous-répertoires d'un // répertoire -function get_dirs( $rep, $indent, $level ) +function get_dirs( $basedir, $indent, $level ) { - $sub_rep = array(); - $i = 0; + $fs_dirs = array(); $dirs = ""; - if ( $opendir = opendir ( $rep ) ) + + if ( $opendir = opendir( $basedir ) ) { - while ( $file = readdir ( $opendir ) ) + while ( $file = readdir( $opendir ) ) { - if ( $file != "." - and $file != ".." - and is_dir ( $rep."/".$file ) - and $file != "thumbnail" ) + if ( $file != '.' + and $file != '..' + and is_dir ( $basedir.'/'.$file ) + and $file != 'thumbnail' ) { - $sub_rep[$i++] = $file; + array_push( $fs_dirs, $file ); if ( !preg_match( '/^[a-zA-Z0-9-_.]+$/', $file ) ) { echo '<span style="color:red;">"'.$file.'" : '; @@ -49,11 +100,10 @@ function get_dirs( $rep, $indent, $level ) } } // write of the dirs - for ( $i = 0; $i < sizeof( $sub_rep ); $i++ ) - { - $dirs.= "\n".$indent.'<dir'.$level.' name="'.$sub_rep[$i].'">'; - $dirs.= get_pictures( $rep.'/'.$sub_rep[$i], $indent.' ' ); - $dirs.= get_dirs( $rep.'/'.$sub_rep[$i], $indent.' ', $level + 1 ); + foreach ( $fs_dirs as $fs_dir ) { + $dirs.= "\n".$indent.'<dir'.$level.' name="'.$fs_dir.'">'; + $dirs.= get_pictures( $basedir.'/'.$fs_dir, $indent.' ' ); + $dirs.= get_dirs( $basedir.'/'.$fs_dir, $indent.' ', $level + 1 ); $dirs.= "\n".$indent.'</dir'.$level.'>'; } return $dirs; @@ -73,101 +123,60 @@ function get_filename_wo_extension( $filename ) return substr( $filename, 0, strrpos( $filename, '.' ) ); } -function is_image( $filename ) +function get_pictures( $dir, $indent ) { global $conf; - - if ( !is_dir( $filename ) - and in_array( get_extension( $filename ), $conf['picture_ext'] ) ) - { - return true; - } - return false; -} - -function TN_exists( $dir, $file ) -{ - global $conf, $prefix_thumbnail; - - $titre = get_filename_wo_extension( $file ); - - for ( $i = 0; $i < sizeof ( $conf['picture_ext'] ); $i++ ) - { - $base_tn_name = $dir.'/thumbnail/'.$prefix_thumbnail.$titre.'.'; - $ext = $conf['picture_ext'][$i]; - if ( is_file( $base_tn_name.$ext ) ) - { - return $ext; + + // fs means filesystem : $fs_pictures contains pictures in the filesystem + // found in $dir, $fs_thumbnails contains thumbnails... + $fs_pictures = get_picture_files( $dir ); + $fs_thumbnails = get_thumb_files( $dir.'/thumbnail' ); + + $root = "\n".$indent.'<root>'; + + foreach ( $fs_pictures as $fs_picture ) { + $file_wo_ext = get_filename_wo_extension( $fs_picture ); + $tn_ext = ''; + foreach ( $conf['picture_ext'] as $ext ) { + $test = $conf['prefix_thumbnail'].$file_wo_ext.'.'.$ext; + if ( !in_array( $test, $fs_thumbnails ) ) continue; + else { $tn_ext = $ext; break; } } - } - echo 'The thumbnail is missing for '.$dir.'/'.$file; - echo '-> '.$dir.'/thumbnail/'.$prefix_thumbnail.$titre.'.xxx'; - echo ' ("xxx" can be : '; - for ( $i = 0; $i < sizeof ( $conf['picture_ext'] ); $i++ ) - { - if ( $i > 0 ) + // if we found a thumnbnail corresponding to our picture... + if ( $tn_ext != '' ) { - echo ', '; - } - echo '"'.$conf['picture_ext'][$i].'"'; - } - echo ')<br />'; - return false; -} + list( $width,$height ) = @getimagesize( $dir.'/'.$fs_picture ); -function get_pictures( $rep, $indent ) -{ - $pictures = array(); - - $tn_ext = ''; - $root = ''; - if ( $opendir = opendir ( $rep ) ) - { - while ( $file = readdir ( $opendir ) ) - { - if ( is_image( $file ) and $tn_ext = TN_exists( $rep, $file ) ) + $root.= "\n".$indent.' '; + $root.= '<picture'; + $root.= ' file="'. $fs_picture.'"'; + $root.= ' tn_ext="'. $tn_ext.'"'; + $root.= ' filesize="'.floor(filesize($dir.'/'.$fs_picture)/1024).'"'; + $root.= ' width="'. $width.'"'; + $root.= ' height="'. $height.'"'; + $root.= ' />'; + + if ( !preg_match( '/^[a-zA-Z0-9-_.]+$/', $fs_picture ) ) { - $picture = array(); - - $picture['file'] = $file; - $picture['tn_ext'] = $tn_ext; - $picture['date'] = date('Y-m-d',filemtime( $rep.'/'.$file ) ); - $picture['filesize'] = floor( filesize( $rep."/".$file ) / 1024 ); - $image_size = @getimagesize( $rep."/".$file ); - $picture['width'] = $image_size[0]; - $picture['height'] = $image_size[1]; - - array_push( $pictures, $picture ); - - if ( !preg_match( '/^[a-zA-Z0-9-_.]+$/', $file ) ) - { - echo '<span style="color:red;">"'.$file.'" : '; - echo 'The name of the picture should be composed of '; - echo 'letters, figures, "-", "_" or "." ONLY'; - echo '</span><br />'; - } + echo '<span style="color:red;">"'.$fs_picture.'" : '; + echo 'The name of the picture should be composed of '; + echo 'letters, figures, "-", "_" or "." ONLY'; + echo '</span><br />'; } } - } - // write of the node <root> with all the pictures at the root of the - // directory - $root.= "\n".$indent."<root>"; - if ( sizeof( $pictures ) > 0 ) - { - for( $i = 0; $i < sizeof( $pictures ); $i++ ) + else { - $root.= "\n".$indent.' '; - $root.= '<picture'; - $root.= ' file="'. $pictures[$i]['file']. '"'; - $root.= ' tn_ext="'. $pictures[$i]['tn_ext']. '"'; - $root.= ' date="'. $pictures[$i]['date']. '"'; - $root.= ' filesize="'. $pictures[$i]['filesize']. '"'; - $root.= ' width="'. $pictures[$i]['width']. '"'; - $root.= ' height="'. $pictures[$i]['height']. '"'; - $root.= ' />'; + echo 'The thumbnail is missing for '.$dir.'/'.$fs_picture; + echo '-> '.$dir.'/thumbnail/'; + echo $conf['prefix_thumbnail'].$file_wo_ext.'.xxx'; + echo ' ("xxx" can be : '; + echo implode( ', ', $conf['picture_ext'] ); + echo ')<br />'; } } + $root.= "\n".$indent.'</root>'; + return $root; } @@ -177,11 +186,10 @@ if ( $fp = @fopen("./listing.xml","w") ) { fwrite( $fp, $listing ); fclose( $fp ); + echo "listing.xml created"; } else { echo "I can't write the file listing.xml"; } - -echo "listing.xml created"; ?>
\ No newline at end of file diff --git a/admin/group_list.php b/admin/group_list.php index 871df6a6a..aac5b41bc 100644 --- a/admin/group_list.php +++ b/admin/group_list.php @@ -33,7 +33,7 @@ if ( isset ( $_GET['delete'] ) and is_numeric( $_GET['delete'] ) ) $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); // confirm group deletion ? - if ( $_GET['confirm'] != 1 ) + if ( !isset( $_GET['confirm'] ) or $_GET['confirm'] != 1 ) { $vtp->addSession( $sub, 'deletion' ); $vtp->setVar( $sub, 'deletion.name', $row['name'] ); diff --git a/admin/group_perm.php b/admin/group_perm.php index 85d92a65b..53ed7fd81 100644 --- a/admin/group_perm.php +++ b/admin/group_perm.php @@ -60,6 +60,8 @@ if ( isset( $_POST['submit'] ) ) { check_favorites( $row['id'] ); } + // synchronization of calculated data + synchronize_group( $_GET['group_id'] ); // confirmation display $vtp->addSession( $sub, 'confirmation' ); $url = './admin.php?page=group_list'; diff --git a/admin/include/functions.php b/admin/include/functions.php index f29b469d6..ce7fa076f 100644 --- a/admin/include/functions.php +++ b/admin/include/functions.php @@ -53,7 +53,59 @@ function is_image( $filename, $create_thumbnail = false ) } return false; } - + +/** + * returns an array with all picture files according to $conf['picture_ext'] + * + * @param string $dir + * @return array + */ +function get_picture_files( $dir ) +{ + global $conf; + + $pictures = array(); + if ( $opendir = opendir( $dir ) ) + { + while ( $file = readdir( $opendir ) ) + { + if ( in_array( get_extension( $file ), $conf['picture_ext'] ) ) + { + array_push( $pictures, $file ); + } + } + } + return $pictures; +} + +/** + * returns an array with all thumbnails according to $conf['picture_ext'] + * and $conf['prefix_thumbnail'] + * + * @param string $dir + * @return array + */ +function get_thumb_files( $dir ) +{ + global $conf; + + $prefix_length = strlen( $conf['prefix_thumbnail'] ); + + $thumbnails = array(); + if ( $opendir = @opendir( $dir ) ) + { + while ( $file = readdir( $opendir ) ) + { + if ( in_array( get_extension( $file ), $conf['picture_ext'] ) + and substr($file,0,$prefix_length) == $conf['prefix_thumbnail'] ) + { + array_push( $thumbnails, $file ); + } + } + } + return $thumbnails; +} + function TN_exists( $dir, $file ) { global $conf; @@ -67,8 +119,9 @@ function TN_exists( $dir, $file ) } } return false; -} +} + // The function delete_site deletes a site // and call the function delete_category for each primary category of the site function delete_site( $id ) @@ -91,6 +144,7 @@ function delete_site( $id ) mysql_query( $query ); } + // The function delete_category deletes the category identified by the $id // It also deletes (in the database) : // - all the images of the images (thanks to delete_image, see further) @@ -144,6 +198,7 @@ function delete_category( $id ) mysql_query( $query ); } + // The function delete_image deletes the image identified by the $id // It also deletes (in the database) : // - all the comments related to the image @@ -178,13 +233,14 @@ function delete_image( $id ) mysql_query( $query ); $count_deleted++; } - + // The delete_user function delete a user identified by the $user_id // It also deletes : // - all the access linked to this user // - all the links to any group // - all the favorites linked to this user // - all sessions linked to this user +// - all categories informations linked to this user function delete_user( $user_id ) { // destruction of the access linked to the user @@ -210,7 +266,13 @@ function delete_user( $user_id ) $query.= ' WHERE user_id = '.$user_id; $query.= ';'; mysql_query( $query ); - + + // destruction of the categories informations linked with the user + $query = 'DELETE FROM '.PREFIX_TABLE.'user_category'; + $query.= ' WHERE user_id = '.$user_id; + $query.= ';'; + mysql_query( $query ); + // destruction of the user $query = 'DELETE FROM '.PREFIX_TABLE.'users'; $query.= ' WHERE id = '.$user_id; @@ -230,7 +292,10 @@ function delete_group( $group_id ) $query.= ';'; mysql_query( $query ); - // destruction of the group links for this group + // synchronize all users linked to the group + synchronize_group( $group_id ); + + // destruction of the users links for this group $query = 'DELETE FROM '.PREFIX_TABLE.'user_group'; $query.= ' WHERE group_id = '.$group_id; $query.= ';'; @@ -248,14 +313,17 @@ function delete_group( $group_id ) // or invisible) function check_favorites( $user_id ) { - $query = 'SELECT status'; + $query = 'SELECT status,forbidden_categories'; $query.= ' FROM '.PREFIX_TABLE.'users'; $query.= ' WHERE id = '.$user_id; $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); $status = $row['status']; // retrieving all the restricted categories for this user - $restricted_cat = get_all_restrictions( $user_id, $status ); + if ( isset( $row['forbidden_categories'] ) ) + $restricted_cat = explode( ',', $row['forbidden_categories'] ); + else + $restricted_cat = array(); // retrieving all the favorites for this user and comparing their // categories to the restricted categories $query = 'SELECT image_id'; @@ -314,26 +382,22 @@ function update_category( $id = 'all' ) $query.= ' FROM '.PREFIX_TABLE.'image_category'; $query.= ' WHERE category_id = '.$id; $query.= ';'; - $row = mysql_fetch_array( mysql_query( $query ) ); - $query = 'UPDATE '.PREFIX_TABLE.'categories'; - $query.= ' SET nb_images = '.$row['nb_images']; - $query.= ' WHERE id = '.$id; - $query.= ';'; - mysql_query( $query ); + list( $nb_images ) = mysql_fetch_array( mysql_query( $query ) ); // updating the date_last - $query = 'SELECT date_available'; + $query = 'SELECT MAX(date_available) AS date_available'; $query.= ' FROM '.PREFIX_TABLE.'images'; - $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; + $query.= ' INNER JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; $query.= ' WHERE category_id = '.$id; - $query.= ' ORDER BY date_available DESC'; - $query.= ' LIMIT 0,1'; $query.= ';'; - $row = mysql_fetch_array( mysql_query( $query ) ); + list( $date_available ) = mysql_fetch_array( mysql_query( $query ) ); + $query = 'UPDATE '.PREFIX_TABLE.'categories'; - $query.= " SET date_last = '".$row['date_available']."'"; + $query.= " SET date_last = '".$date_available."'"; + $query.= ', nb_images = '.$nb_images; $query.= ' WHERE id = '.$id; $query.= ';'; mysql_query( $query ); + // updating the representative_picture_id : if the representative // picture of the category is not any more linked to the category, we // have to set representative_picture_id to NULL @@ -343,7 +407,7 @@ function update_category( $id = 'all' ) $row = mysql_fetch_array( mysql_query( $query ) ); // if the category has no representative picture (ie // representative_picture_id == NULL) we don't update anything - if ( $row['representative_picture_id'] != '' ) + if ( isset( $row['representative_picture_id'] ) ) { $query = 'SELECT image_id'; $query.= ' FROM '.PREFIX_TABLE.'image_category'; @@ -366,7 +430,7 @@ function update_category( $id = 'all' ) function check_date_format( $date ) { // date arrives at this format : DD/MM/YYYY - list($day,$month,$year) = explode( '/', $date ); + @list($day,$month,$year) = explode( '/', $date ); return @checkdate( $month, $day, $year ); } @@ -432,4 +496,518 @@ function display_categories( $categories, $indent, } } } -?>
\ No newline at end of file + +/** + * Complete plain structure of the gallery + * + * Returns the plain structure (one level array) of the gallery. In the + * returned array, each element is an array with jeys 'id' and + * 'id_uppercat'. The function also fills the array $page['subcats'] which + * associate (category_id => array of sub-categories id). + * + * @param bool $use_name + * @return array + */ +function get_plain_structure( $use_name = false ) +{ + global $page; + + $plain_structure = array(); + + $query = 'SELECT id,id_uppercat'; + if ( $use_name ) $query.= ',name'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ' ORDER BY id_uppercat ASC, rank ASC'; + $query.= ';'; + + $subcats = array(); + $id_uppercat = 'NULL'; + + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + $plain_structure[$row['id']]['id'] = $row['id']; + if ( !isset( $row['id_uppercat'] ) ) $row['id_uppercat'] = 'NULL'; + $plain_structure[$row['id']]['id_uppercat'] = $row['id_uppercat']; + if ( $use_name ) $plain_structure[$row['id']]['name'] = $row['name']; + // subcats list + if ( $row['id_uppercat'] != $id_uppercat ) + { + $page['subcats'][$id_uppercat] = $subcats; + + $subcats = array(); + $id_uppercat = $row['id_uppercat']; + } + array_push( $subcats, $row['id'] ); + } + mysql_free_result( $result ); + + $page['subcats'][$id_uppercat] = $subcats; + + return $plain_structure; +} + +/** + * get N levels array representing structure under the given category + * + * create_structure returns the N levels array representing structure under + * the given gategory id. It also updates the + * $page['plain_structure'][id]['all_subcats_id'] and + * $page['plain_structure'][id]['direct_subcats_ids'] for each sub category. + * + * @param int $id_uppercat + * @return array + */ +function create_structure( $id_uppercat ) +{ + global $page; + + $structure = array(); + $ids = get_subcats_ids( $id_uppercat ); + foreach ( $ids as $id ) { + $category = $page['plain_structure'][$id]; + + $category['subcats'] = create_structure( $id ); + + $page['plain_structure'][$id]['all_subcats_ids'] = + get_all_subcats_ids( $id ); + + $page['plain_structure'][$id]['direct_subcats_ids'] = + get_subcats_ids( $id ); + + array_push( $structure, $category ); + } + return $structure; +} + +/** + * returns direct sub-categories ids + * + * Returns an array containing all the direct sub-categories ids of the + * given category. It uses the $page['subcats'] global array. + * + * @param int $id_uppercat + * @return array + */ +function get_subcats_ids( $id_uppercat ) +{ + global $page; + + if ( $id_uppercat == '' ) $id_uppercat = 'NULL'; + + if ( isset( $page['subcats'][$id_uppercat] ) ) + return $page['subcats'][$id_uppercat]; + else + return array(); +} + +/** + * returns all sub-categories ids, not only direct ones + * + * Returns an array containing all the sub-categories ids of the given + * category, not only direct ones. This function is recursive. + * + * @param int $category_id + * @return array + */ +function get_all_subcats_ids( $category_id ) +{ + $ids = array(); + + $subcats = get_subcats_ids( $category_id ); + $ids = array_merge( $ids, $subcats ); + foreach ( $subcats as $subcat ) { + // recursive call + $sub_subcats = get_all_subcats_ids( $subcat ); + $ids = array_merge( $ids, $sub_subcats ); + } + return array_unique( $ids ); +} + +/** + * prepares the query to update the table user_category + * + * Prepares the query (global variable $values) to update table + * user_category : for a couple (user,category) the number of sub-categories + * and the last date of the category (all sub-categories taken into + * account). It also calls function update_uppercats for each category. The + * function is recursive. + * + * @param array $categories + * @return void + */ +function update_user_category( $categories ) +{ + global $page,$user_restrictions,$value_num,$values; + + foreach ( $categories as $category ) { + // recursive call + update_user_category( $category['subcats'] ); + // 1. update the table user_category + foreach ( $user_restrictions as $user_id => $restrictions ) { + // if the category is forbidden to this user, go to next user + if ( in_array( $category['id'], $restrictions ) ) continue; + + // how many sub_categories for this user ? + $user_subcats = array_diff( + $page['plain_structure'][$category['id']]['direct_subcats_ids'], + $restrictions ); + $user_nb_subcats = count( array_unique( $user_subcats ) ); + // last date of the category + $user_all_subcats = array_unique( array_diff( + $page['plain_structure'][$category['id']]['all_subcats_ids'], + $restrictions ) ); + + $query = 'SELECT MAX(date_last) AS last_date'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ' WHERE id IN ('.$category['id']; + if ( count( $user_all_subcats ) > 0 ) + $query.= ','.implode( ',', $user_all_subcats ); + $query.= ')'; + $query.= ';'; + $row = mysql_fetch_array( mysql_query( $query ) ); + + // insert a new line in database + if ( $value_num++ > 0 ) $values.= ', '; + else $values.= ' '; + $values.= '('.$user_id.",".$category['id']; + if ( isset( $row['last_date'] ) ) $values.= ",'".$row['last_date']."'"; + else $values.= ',NULL'; + $values.= ','.$user_nb_subcats.')'; + } + update_uppercats( $category['id'] ); + } +} + +/** + * updates the column categories.uppercats + * + * @param int $category_id + * @return void + */ +function update_uppercats( $category_id ) +{ + global $page; + + $final_id = $category_id; + $uppercats = array(); + + array_push( $uppercats, $category_id ); + $uppercat = $page['plain_structure'][$category_id]['id_uppercat']; + + while ( $uppercat != 'NULL' ) + { + array_push( $uppercats, $uppercat ); + $category_id = $page['plain_structure'][$category_id]['id_uppercat']; + $uppercat = $page['plain_structure'][$category_id]['id_uppercat']; + } + + $string_uppercats = implode( ',', array_reverse( $uppercats ) ); + $query = 'UPDATE '.PREFIX_TABLE.'categories'; + $query.= ' SET uppercats = '."'".$string_uppercats."'"; + $query.= ' WHERE id = '.$final_id; + $query.= ';'; + mysql_query( $query ); +} + +/** + * returns an array with the ids of the restricted categories for the user + * + * Returns an array with the ids of the restricted categories for the + * user. If the $check_invisible parameter is set to true, invisible + * categorie are added to the restricted one in the array. + * + * @param int $user_id + * @param string $user_status + * @param bool $check_invisible + * @param bool $use_groups + * @return array + */ +function get_user_restrictions( $user_id, $user_status, + $check_invisible, $use_groups = true ) +{ + // 1. retrieving ids of private categories + $query = 'SELECT id'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= " WHERE status = 'private'"; + $query.= ';'; + $result = mysql_query( $query ); + $privates = array(); + while ( $row = mysql_fetch_array( $result ) ) + { + array_push( $privates, $row['id'] ); + } + // 2. retrieving all authorized categories for the user + $authorized = array(); + // 2.1. retrieving authorized categories thanks to personnal user + // authorization + $query = 'SELECT cat_id'; + $query.= ' FROM '.PREFIX_TABLE.'user_access'; + $query.= ' WHERE user_id = '.$user_id; + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + array_push( $authorized, $row['cat_id'] ); + } + // 2.2. retrieving authorized categories thanks to group authorization to + // which the user is a member + if ( $use_groups ) + { + $query = 'SELECT ga.cat_id'; + $query.= ' FROM '.PREFIX_TABLE.'user_group as ug'; + $query.= ', '.PREFIX_TABLE.'group_access as ga'; + $query.= ' WHERE ug.group_id = ga.group_id'; + $query.= ' AND ug.user_id = '.$user_id; + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + array_push( $authorized, $row['cat_id'] ); + } + $authorized = array_unique( $authorized ); + } + + $forbidden = array(); + foreach ( $privates as $private ) { + if ( !in_array( $private, $authorized ) ) + { + array_push( $forbidden, $private ); + } + } + + if ( $check_invisible ) + { + // 3. adding to the restricted categories, the invisible ones + if ( $user_status != 'admin' ) + { + $query = 'SELECT id'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= " WHERE visible = 'false';"; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + array_push( $forbidden, $row['id'] ); + } + } + } + return array_unique( $forbidden ); +} + +/** + * finalizes operation for user_category table update + * + * This function is called by synchronization_*. It creates the + * $page['plain_structure'] and $page['structure'], get the SQL query to + * update user_category, clean user_category, and finally update the + * table. The users updates depends on the global array $user_restrictions. + * + * @return void + */ +function synchronize() +{ + global $user_restrictions,$page,$values; + + update_user_category( $page['structure'] ); + + // cleaning user_category table for users to update + foreach( $user_restrictions as $user_id => $restrictions ) { + $query = 'DELETE'; + $query.= ' FROM '.PREFIX_TABLE.'user_category'; + $query.= ' WHERE user_id = '.$user_id; + $query.= ';'; + mysql_query( $query ); + } + + $query = 'INSERT INTO '.PREFIX_TABLE.'user_category'; + $query.= ' (user_id,category_id,date_last,nb_sub_categories) VALUES '; + $query.= $values; + $query.= ';'; + mysql_query( $query ); +} + +/** + * synchronizes all users calculated informations + * + * fills global array $user_restrictions with all users and related + * restrictions before calling synchronize. + * + * @return void + */ +function synchronize_all_users() +{ + global $user_restrictions,$page; + + $page['plain_structure'] = get_plain_structure(); + $page['structure'] = create_structure( '' ); + + $user_restrictions = array(); + + $query = 'SELECT id'; + $query.= ' FROM '.PREFIX_TABLE.'users'; + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + $user_restrictions[$row['id']] = update_user_restrictions( $row['id'] ); + } + synchronize(); +} + +/** + * synchronizes 1 user calculated informations + * + * fills global array $user_restrictions with the user id and its related + * restrictions before calling synchronize. + * + * @param int $user_id + * @return void + */ +function synchronize_user( $user_id ) +{ + global $user_restrictions,$page; + + $page['plain_structure'] = get_plain_structure(); + $page['structure'] = create_structure( '' ); + + $user_restrictions = array(); + $user_restrictions[$user_id] = update_user_restrictions( $user_id ); + synchronize(); +} + +/** + * synchronizes all users (belonging to the group) calculated informations + * + * fills global array $user_restrictions with all users and related + * restrictions before calling synchronize. + * + * @return void + */ +function synchronize_group( $group_id ) +{ + global $user_restrictions,$page; + + $page['plain_structure'] = get_plain_structure(); + $page['structure'] = create_structure( '' ); + + $user_restrictions = array(); + + $query = 'SELECT id'; + $query.= ' FROM '.PREFIX_TABLE.'users'; + $query.= ', '.PREFIX_TABLE.'user_group'; + $query.= ' WHERE group_id = '.$group_id; + $query.= ' AND id = user_id'; + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + $user_restrictions[$row['id']] = update_user_restrictions( $row['id'] ); + } + synchronize(); +} + +/** + * updates the calculated data users.forbidden_categories, it includes + * sub-categories of the direct forbidden categories + * + * @param nt $user_id + * @return array + */ +function update_user_restrictions( $user_id ) +{ + $restrictions = get_user_all_restrictions( $user_id ); + + // update the users.forbidden_categories in database + $query = 'UPDATE '.PREFIX_TABLE.'users'; + $query.= ' SET forbidden_categories = '; + if ( count( $restrictions ) > 0 ) + $query.= "'".implode( ',', $restrictions )."'"; + else + $query.= 'NULL'; + $query .= ' WHERE id = '.$user_id; + $query.= ';'; + mysql_query( $query ); + + return $restrictions; +} + +/** + * returns all the restricted categories ids including sub-categories + * + * @param int $user_id + * @return array + */ +function get_user_all_restrictions( $user_id ) +{ + global $page; + + $query = 'SELECT status'; + $query.= ' FROM '.PREFIX_TABLE.'users'; + $query.= ' WHERE id = '.$user_id; + $query.= ';'; + $row = mysql_fetch_array( mysql_query( $query ) ); + + $base_restrictions=get_user_restrictions($user_id,$row['status'],true,true); + + $restrictions = $base_restrictions; + foreach ( $base_restrictions as $category_id ) { + echo $category_id.' is forbidden to user '.$user_id.'<br />'; + $restrictions = + array_merge( $restrictions, + $page['plain_structure'][$category_id]['all_subcats_ids'] ); + } + + return array_unique( $restrictions ); +} + +// The function is_user_allowed returns : +// - 0 : if the category is allowed with this $restrictions array +// - 1 : if this category is not allowed +// - 2 : if an uppercat category is not allowed +// Note : the restrictions array must represent ONLY direct forbidden +// categories, not all forbidden categories +function is_user_allowed( $category_id, $restrictions ) +{ + if ( in_array( $category_id, $restrictions ) ) return 1; + + $query = 'SELECT uppercats'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ' WHERE id = '.$category_id; + $query.= ';'; + $row = mysql_fetch_array( mysql_query( $query ) ); + $uppercats = explode( ',', $row['uppercats'] ); + foreach ( $uppercats as $category_id ) { + if ( in_array( $category_id, $restrictions ) ) return 2; + } + + // no restriction found : the user is allowed to access this category + return 0; +} + +/** + * returns an array containing sub-directories which can be a category + * + * directories nammed "thumbnail" are omitted + * + * @param string $basedir + * @return array + */ +function get_category_directories( $basedir ) +{ + $sub_dirs = array(); + + if ( $opendir = opendir( $basedir ) ) + { + while ( $file = readdir( $opendir ) ) + { + if ( $file != '.' and $file != '..' + and is_dir( $basedir.'/'.$file ) + and $file != 'thumbnail' ) + { + array_push( $sub_dirs, $file ); + } + } + } + return $sub_dirs; +} +?> diff --git a/admin/include/isadmin.inc.php b/admin/include/isadmin.inc.php index 341fc65ba..14032c566 100644 --- a/admin/include/isadmin.inc.php +++ b/admin/include/isadmin.inc.php @@ -16,10 +16,7 @@ * the Free Software Foundation; * * * ***************************************************************************/ -define( "PREFIX_INCLUDE", '' ); -include_once( './include/config.inc.php' ); -include_once( './include/user.inc.php' ); include( './admin/include/functions.php' ); $isadmin = true; diff --git a/admin/infos_images.php b/admin/infos_images.php index 344573eac..f0ab9a39f 100644 --- a/admin/infos_images.php +++ b/admin/infos_images.php @@ -20,110 +20,104 @@ include_once( './admin/include/isadmin.inc.php' ); include_once( './template/'.$user['template'].'/htmlfunctions.inc.php' ); //-------------------------------------------------------------- initialization +$page['nb_image_page'] = 5; + check_cat_id( $_GET['cat_id'] ); + +$errors = array(); + if ( isset( $page['cat'] ) ) { //--------------------------------------------------- update individual options - $query = 'SELECT id,file'; - $query.= ' FROM '.PREFIX_TABLE.'images'; - $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; - $query.= ' WHERE category_id = '.$page['cat']; - $query.= ';'; - $result = mysql_query( $query ); - $i = 1; - while ( $row = mysql_fetch_array( $result ) ) + if ( isset( $_POST['submit'] ) ) { - $name = 'name-'.$row['id']; - $author = 'author-'.$row['id']; - $comment = 'comment-'.$row['id']; - $date_creation = 'date_creation-'.$row['id']; - $keywords = 'keywords-'.$row['id']; - if ( isset( $_POST[$name] ) ) + if ( isset( $_POST['associate'] ) and $_POST['associate'] != '' ) { - $query = 'UPDATE '.PREFIX_TABLE.'images'; - - $query.= ' SET name = '; - if ( $_POST[$name] == '' ) - $query.= 'NULL'; - else - $query.= "'".htmlentities( $_POST[$name], ENT_QUOTES )."'"; - - $query.= ', author = '; - if ( $_POST[$author] == '' ) - $query.= 'NULL'; - else - $query.= "'".htmlentities($_POST[$author],ENT_QUOTES)."'"; - - $query.= ', comment = '; - if ( $_POST[$comment] == '' ) - $query.= 'NULL'; - else - $query.= "'".htmlentities($_POST[$comment],ENT_QUOTES)."'"; - - $query.= ', date_creation = '; - if ( check_date_format( $_POST[$date_creation] ) ) - $query.= "'".date_convert( $_POST[$date_creation] )."'"; - else if ( $_POST[$date_creation] == '' ) - $query.= 'NULL'; - - $query.= ', keywords = '; - $keywords_array = get_keywords( $_POST[$keywords] ); - if ( count( $keywords_array ) == 0 ) - $query.= 'NULL'; + // does the uppercat id exists in the database ? + if ( !is_numeric( $_POST['associate'] ) ) + { + array_push( $errors, $lang['cat_unknown_id'] ); + } else { - $query.= "'"; - foreach ( $keywords_array as $i => $keyword ) { - if ( $i > 0 ) $query.= ','; - $query.= $keyword; - } - $query.= "'"; + $query = 'SELECT id'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ' WHERE id = '.$_POST['associate']; + $query.= ';'; + if ( mysql_num_rows( mysql_query( $query ) ) == 0 ) + array_push( $errors, $lang['cat_unknown_id'] ); } - - $query.= ' WHERE id = '.$row['id']; - $query.= ';'; - mysql_query( $query ); } - // add link to another category - if ( $_POST['check-'.$row['id']] == 1 ) - { - $query = 'INSERT INTO '.PREFIX_TABLE.'image_category'; - $query.= ' (image_id,category_id) VALUES'; - $query.= ' ('.$row['id'].','.$_POST['associate'].')'; - $query.= ';'; - mysql_query( $query ); - } - } - update_category( $_POST['associate'] ); -//------------------------------------------------------ update general options - if ( $_POST['use_common_author'] == 1 ) - { - $query = 'SELECT image_id'; - $query.= ' FROM '.PREFIX_TABLE.'image_category'; + + $associate = false; + + $query = 'SELECT id,file'; + $query.= ' FROM '.PREFIX_TABLE.'images'; + $query.= ' INNER JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; $query.= ' WHERE category_id = '.$page['cat']; + $query.= ';'; $result = mysql_query( $query ); while ( $row = mysql_fetch_array( $result ) ) { - $query = 'UPDATE '.PREFIX_TABLE.'images'; - if ( $_POST['author_cat'] == '' ) + $name = 'name-'.$row['id']; + $author = 'author-'.$row['id']; + $comment = 'comment-'.$row['id']; + $date_creation = 'date_creation-'.$row['id']; + $keywords = 'keywords-'.$row['id']; + if ( isset( $_POST[$name] ) ) { - $query.= ' SET author = NULL'; + $query = 'UPDATE '.PREFIX_TABLE.'images'; + + $query.= ' SET name = '; + if ( $_POST[$name] == '' ) + $query.= 'NULL'; + else + $query.= "'".htmlentities( $_POST[$name], ENT_QUOTES )."'"; + + $query.= ', author = '; + if ( $_POST[$author] == '' ) + $query.= 'NULL'; + else + $query.= "'".htmlentities($_POST[$author],ENT_QUOTES)."'"; + + $query.= ', comment = '; + if ( $_POST[$comment] == '' ) + $query.= 'NULL'; + else + $query.= "'".htmlentities($_POST[$comment],ENT_QUOTES)."'"; + + $query.= ', date_creation = '; + if ( check_date_format( $_POST[$date_creation] ) ) + $query.= "'".date_convert( $_POST[$date_creation] )."'"; + else if ( $_POST[$date_creation] == '' ) + $query.= 'NULL'; + + $query.= ', keywords = '; + + $keywords_array = get_keywords( $_POST[$keywords] ); + if ( count( $keywords_array ) == 0 ) $query.= 'NULL'; + else $query.= "'".implode( ',', $keywords_array )."'"; + + $query.= ' WHERE id = '.$row['id']; + $query.= ';'; + mysql_query( $query ); } - else + // add link to another category + if ( isset( $_POST['check-'.$row['id']] ) and count( $errors ) == 0 ) { - $query.= ' SET author = '; - $query.= "'".htmlentities( $_POST['author_cat'], ENT_QUOTES )."'"; + $query = 'INSERT INTO '.PREFIX_TABLE.'image_category'; + $query.= ' (image_id,category_id) VALUES'; + $query.= ' ('.$row['id'].','.$_POST['associate'].')'; + $query.= ';'; + mysql_query( $query ); + $associate = true; } - $query.= ' WHERE id = '.$row['image_id']; - $query.= ';'; - mysql_query( $query ); } - } - if ( $_POST['use_common_date_creation'] == 1 ) - { - if ( check_date_format( $_POST['date_creation_cat'] ) ) + update_category( $_POST['associate'] ); + if ( $associate ) synchronize_all_users(); +//------------------------------------------------------ update general options + if ( isset( $_POST['use_common_author'] ) ) { - $date = date_convert( $_POST['date_creation_cat'] ); $query = 'SELECT image_id'; $query.= ' FROM '.PREFIX_TABLE.'image_category'; $query.= ' WHERE category_id = '.$page['cat']; @@ -131,75 +125,102 @@ if ( isset( $page['cat'] ) ) while ( $row = mysql_fetch_array( $result ) ) { $query = 'UPDATE '.PREFIX_TABLE.'images'; - if ( $_POST['date_creation_cat'] == '' ) + if ( $_POST['author_cat'] == '' ) { - $query.= ' SET date_creation = NULL'; + $query.= ' SET author = NULL'; } else { - $query.= " SET date_creation = '".$date."'"; + $query.= ' SET author = '; + $query.= "'".htmlentities( $_POST['author_cat'], ENT_QUOTES )."'"; } $query.= ' WHERE id = '.$row['image_id']; $query.= ';'; mysql_query( $query ); } } - else - { - echo $lang['err_date']; - } - } - if ( isset( $_POST['common_keywords'] ) and $_POST['keywords_cat'] != '' ) - { - $query = 'SELECT id,keywords'; - $query.= ' FROM '.PREFIX_TABLE.'images'; - $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; - $query.= ' WHERE category_id = '.$page['cat']; - $query.= ';'; - $result = mysql_query( $query ); - while ( $row = mysql_fetch_array( $result ) ) + if ( isset( $_POST['use_common_date_creation'] ) ) { - $specific_keywords = explode( ',', $row['keywords'] ); - $common_keywords = get_keywords( $_POST['keywords_cat'] ); - // first possiblity : adding the given keywords to all the pictures - if ( $_POST['common_keywords'] == 'add' ) - { - $keywords = array_merge( $specific_keywords, $common_keywords ); - $keywords = array_unique( $keywords ); - } - // second possiblity : removing the given keywords from all pictures - // (without deleting the other specific keywords - if ( $_POST['common_keywords'] == 'remove' ) + if ( check_date_format( $_POST['date_creation_cat'] ) ) { - $keywords = array_diff( $specific_keywords, $common_keywords ); + $date = date_convert( $_POST['date_creation_cat'] ); + $query = 'SELECT image_id'; + $query.= ' FROM '.PREFIX_TABLE.'image_category'; + $query.= ' WHERE category_id = '.$page['cat']; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + $query = 'UPDATE '.PREFIX_TABLE.'images'; + if ( $_POST['date_creation_cat'] == '' ) + { + $query.= ' SET date_creation = NULL'; + } + else + { + $query.= " SET date_creation = '".$date."'"; + } + $query.= ' WHERE id = '.$row['image_id']; + $query.= ';'; + mysql_query( $query ); + } } - // cleaning the keywords array, sometimes, an empty value still remain - $keywords = array_remove( $keywords, '' ); - // updating the picture with new keywords array - $query = 'UPDATE '.PREFIX_TABLE.'images'; - $query.= ' SET keywords = '; - if ( count( $keywords ) == 0 ) + else { - $query.= 'NULL'; + array_push( $errors, $lang['err_date'] ); } - else + } + if ( isset( $_POST['common_keywords'] ) and $_POST['keywords_cat'] != '' ) + { + $query = 'SELECT id,keywords'; + $query.= ' FROM '.PREFIX_TABLE.'images'; + $query.= ' INNER JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; + $query.= ' WHERE category_id = '.$page['cat']; + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) { - $query.= '"'; - $i = 0; - foreach ( $keywords as $keyword ) { - if ( $i++ > 0 ) $query.= ','; - $query.= $keyword; + if ( !isset( $row['keywords'] ) ) $specific_keywords = array(); + else $specific_keywords = explode( ',', $row['keywords'] ); + + $common_keywords = get_keywords( $_POST['keywords_cat'] ); + // first possiblity : adding the given keywords to all the pictures + if ( $_POST['common_keywords'] == 'add' ) + { + $keywords = array_merge( $specific_keywords, $common_keywords ); + $keywords = array_unique( $keywords ); + } + // second possiblity : removing the given keywords from all pictures + // (without deleting the other specific keywords + if ( $_POST['common_keywords'] == 'remove' ) + { + $keywords = array_diff( $specific_keywords, $common_keywords ); + } + // cleaning the keywords array, sometimes, an empty value still remain + $keywords = array_remove( $keywords, '' ); + // updating the picture with new keywords array + $query = 'UPDATE '.PREFIX_TABLE.'images'; + $query.= ' SET keywords = '; + if ( count( $keywords ) == 0 ) + { + $query.= 'NULL'; + } + else + { + $query.= '"'; + $i = 0; + foreach ( $keywords as $keyword ) { + if ( $i++ > 0 ) $query.= ','; + $query.= $keyword; + } + $query.= '"'; } - $query.= '"'; + $query.= ' WHERE id = '.$row['id']; + $query.= ';'; + mysql_query( $query ); } - $query.= ' WHERE id = '.$row['id']; - $query.= ';'; - mysql_query( $query ); } } //--------------------------------------------------------- form initialization - $page['nb_image_page'] = 5; - if( !isset( $_GET['start'] ) or !is_numeric( $_GET['start'] ) or ( is_numeric( $_GET['start'] ) and $_GET['start'] < 0 ) ) @@ -211,13 +232,12 @@ if ( isset( $page['cat'] ) ) $page['start'] = $_GET['start']; } - if ( is_numeric( $_GET['num'] ) and $_GET['num'] >= 0 ) + if ( isset($_GET['num']) and is_numeric($_GET['num']) and $_GET['num'] >= 0 ) { $page['start'] = floor( $_GET['num'] / $page['nb_image_page'] ) * $page['nb_image_page']; } // retrieving category information - $page['plain_structure'] = get_plain_structure(); $result = get_cat_info( $page['cat'] ); $cat['name'] = $result['name']; $cat['nb_images'] = $result['nb_images']; @@ -228,9 +248,21 @@ if ( isset( $page['cat'] ) ) 'infoimage_title','infoimage_comment', 'infoimage_creation_date','keywords', 'infoimage_addtoall','infoimage_removefromall', - 'infoimage_keyword_separation','infoimage_associate' ); + 'infoimage_keyword_separation','infoimage_associate', + 'errors_title' ); templatize_array( $tpl, 'lang', $sub ); $vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); +//-------------------------------------------------------------- errors display +if ( count( $errors ) != 0 ) +{ + $vtp->addSession( $sub, 'errors' ); + foreach ( $errors as $error ) { + $vtp->addSession( $sub, 'li' ); + $vtp->setVar( $sub, 'li.content', $error ); + $vtp->closeSession( $sub, 'li' ); + } + $vtp->closeSession( $sub, 'errors' ); +} //------------------------------------------------------------------------ form $url = './admin.php?page=infos_images&cat_id='.$page['cat']; $url.= '&start='.$page['start']; @@ -243,10 +275,13 @@ if ( isset( $page['cat'] ) ) $array_cat_directories = array(); - $query = 'SELECT id,file,comment,author,tn_ext,name,date_creation,keywords'; - $query.= ',storage_category_id,category_id'; + $infos = array( 'id','file','comment','author','tn_ext','name' + ,'date_creation','keywords','storage_category_id' + ,'category_id' ); + + $query = 'SELECT '.implode( ',', $infos ); $query.= ' FROM '.PREFIX_TABLE.'images'; - $query.= ' LEFT JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; + $query.= ' INNER JOIN '.PREFIX_TABLE.'image_category ON id = image_id'; $query.= ' WHERE category_id = '.$page['cat']; $query.= $conf['order_by']; $query.= ' LIMIT '.$page['start'].','.$page['nb_image_page']; @@ -254,6 +289,8 @@ if ( isset( $page['cat'] ) ) $result = mysql_query( $query ); while ( $row = mysql_fetch_array( $result ) ) { + foreach ($infos as $info) { if (!isset($row[$info])) $row[$info] = ''; } + $vtp->addSession( $sub, 'picture' ); $vtp->setVar( $sub, 'picture.id', $row['id'] ); $vtp->setVar( $sub, 'picture.filename', $row['file'] ); @@ -266,7 +303,7 @@ if ( isset( $page['cat'] ) ) $file = get_filename_wo_extension( $row['file'] ); $vtp->setVar( $sub, 'picture.default_name', $file ); // creating url to thumbnail - if ( $array_cat_directories[$row['storage_category_id']] == '' ) + if ( !isset( $array_cat_directories[$row['storage_category_id']] ) ) { $array_cat_directories[$row['storage_category_id']] = get_complete_dir( $row['storage_category_id'] ); @@ -279,8 +316,29 @@ if ( isset( $page['cat'] ) ) $vtp->setVar( $sub, 'picture.url', add_session_id( $url ) ); $vtp->closeSession( $sub, 'picture' ); } - $structure = create_structure( '', array() ); - display_categories( $structure, ' ' ); + // Virtualy associate a picture to a category + // + // We only show a List Of Values if the number of categories is less than + // $conf['max_LOV_categories'] + $query = 'SELECT COUNT(id) AS nb_total_categories'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ';'; + $row = mysql_fetch_array( mysql_query( $query ) ); + if ( $row['nb_total_categories'] < $conf['max_LOV_categories'] ) + { + $vtp->addSession( $sub, 'associate_LOV' ); + $page['plain_structure'] = get_plain_structure( true ); + $structure = create_structure( '', array() ); + display_categories( $structure, ' ' ); + $vtp->closeSession( $sub, 'associate_LOV' ); + } + // else, we only display a small text field, we suppose the administrator + // knows the id of its category + else + { + $vtp->addSession( $sub, 'associate_text' ); + $vtp->closeSession( $sub, 'associate_text' ); + } } //----------------------------------------------------------- sending html code $vtp->Parse( $handle , 'sub', $sub ); diff --git a/admin/phpwebgallery_structure.sql b/admin/phpwebgallery_structure.sql index d6797c162..d1c5343a6 100644 --- a/admin/phpwebgallery_structure.sql +++ b/admin/phpwebgallery_structure.sql @@ -1,6 +1,6 @@ -- MySQL dump 8.21 -- --- Host: localhost Database: devel +-- Host: localhost Database: perfs_test --------------------------------------------------------- -- Server version 3.23.49-log @@ -23,7 +23,10 @@ CREATE TABLE phpwebgallery_categories ( visible enum('true','false') NOT NULL default 'true', uploadable enum('true','false') NOT NULL default 'false', representative_picture_id mediumint(8) unsigned default NULL, - PRIMARY KEY (id) + uppercats varchar(255) NOT NULL default '', + PRIMARY KEY (id), + KEY id (id), + KEY id_uppercat (id_uppercat) ) TYPE=MyISAM; -- @@ -125,7 +128,9 @@ DROP TABLE IF EXISTS phpwebgallery_image_category; CREATE TABLE phpwebgallery_image_category ( image_id mediumint(8) unsigned NOT NULL default '0', category_id smallint(5) unsigned NOT NULL default '0', - PRIMARY KEY (image_id,category_id) + PRIMARY KEY (image_id,category_id), + KEY category_id (category_id), + KEY image_id (image_id) ) TYPE=MyISAM; -- @@ -189,6 +194,19 @@ CREATE TABLE phpwebgallery_user_access ( ) TYPE=MyISAM; -- +-- Table structure for table 'phpwebgallery_user_category' +-- + +DROP TABLE IF EXISTS phpwebgallery_user_category; +CREATE TABLE phpwebgallery_user_category ( + user_id smallint(5) unsigned NOT NULL default '0', + category_id smallint(5) unsigned NOT NULL default '0', + date_last date default NULL, + nb_sub_categories smallint(5) unsigned NOT NULL default '0', + PRIMARY KEY (user_id,category_id) +) TYPE=MyISAM; + +-- -- Table structure for table 'phpwebgallery_user_group' -- @@ -220,6 +238,7 @@ CREATE TABLE phpwebgallery_users ( short_period tinyint(3) unsigned NOT NULL default '7', long_period tinyint(3) unsigned NOT NULL default '14', template varchar(255) NOT NULL default 'default', + forbidden_categories text, PRIMARY KEY (id), UNIQUE KEY username (username) ) TYPE=MyISAM; diff --git a/admin/picture_modify.php b/admin/picture_modify.php index b6bfadc19..be9ffd7bc 100644 --- a/admin/picture_modify.php +++ b/admin/picture_modify.php @@ -18,8 +18,6 @@ ***************************************************************************/ include_once( './admin/include/isadmin.inc.php' ); -//----------------------------------------- categories structure initialization -$page['plain_structure'] = get_plain_structure(); //--------------------------------------------------------- update informations $errors = array(); // first, we verify whether there is a mistake on the given creation date @@ -87,7 +85,7 @@ if ( isset( $_POST['submit'] ) ) // if the user ask the picture to be the representative picture of its // category, the category is updated in the database (without wondering // if this picture was already the representative one) - if ( $_POST['representative-'.$row['category_id']] == 1 ) + if ( isset($_POST['representative-'.$row['category_id']]) ) { $query = 'UPDATE '.PREFIX_TABLE.'categories'; $query.= ' SET representative_picture_id = '.$_GET['image_id']; @@ -97,7 +95,8 @@ if ( isset( $_POST['submit'] ) ) } // if the user ask this picture to be not any more the representative, // we have to set the representative_picture_id of this category to NULL - else if ( $row['representative_picture_id'] == $_GET['image_id'] ) + else if ( isset( $row['representative_picture_id'] ) + and $row['representative_picture_id'] == $_GET['image_id'] ) { $query = 'UPDATE '.PREFIX_TABLE.'categories'; $query.= ' SET representative_picture_id = NULL'; @@ -106,14 +105,35 @@ if ( isset( $_POST['submit'] ) ) mysql_query( $query ); } } + $associate_or_dissociate = false; // associate with a new category ? - if ( $_POST['associate'] != '-1' ) + if ( $_POST['associate'] != '-1' and $_POST['associate'] != '' ) + { + // does the uppercat id exists in the database ? + if ( !is_numeric( $_POST['associate'] ) ) + { + array_push( $errors, $lang['cat_unknown_id'] ); + } + else + { + $query = 'SELECT id'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ' WHERE id = '.$_POST['associate']; + $query.= ';'; + if ( mysql_num_rows( mysql_query( $query ) ) == 0 ) + array_push( $errors, $lang['cat_unknown_id'] ); + } + } + if ( $_POST['associate'] != '-1' + and $_POST['associate'] != '' + and count( $errors ) == 0 ) { $query = 'INSERT INTO '.PREFIX_TABLE.'image_category'; $query.= ' (category_id,image_id) VALUES '; $query.= '('.$_POST['associate'].','.$_GET['image_id'].')'; $query.= ';'; mysql_query( $query); + $associate_or_dissociate = true; update_category( $_POST['associate'] ); } // dissociate any category ? @@ -125,16 +145,21 @@ if ( isset( $_POST['submit'] ) ) $result = mysql_query( $query ); while ( $row = mysql_fetch_array( $result ) ) { - if ( $_POST['dissociate-'.$row['category_id']] == 1 ) + if ( isset($_POST['dissociate-'.$row['category_id']]) ) { $query = 'DELETE FROM '.PREFIX_TABLE.'image_category'; $query.= ' WHERE image_id = '.$_GET['image_id']; $query.= ' AND category_id = '.$row['category_id']; $query.= ';'; mysql_query( $query ); + $associate_or_dissociate = true; update_category( $row['category_id'] ); } } + if ( $associate_or_dissociate ) + { + synchronize_all_users(); + } } //----------------------------------------------------- template initialization $sub = $vtp->Open( @@ -162,12 +187,19 @@ if ( count( $errors ) != 0 ) $action = './admin.php?'.$_SERVER['QUERY_STRING']; $vtp->setVar( $sub, 'form_action', $action ); // retrieving direct information about picture -$query = 'SELECT file,date_available,date_creation,tn_ext,name,filesize'; -$query.= ',width,height,author,comment,keywords,storage_category_id'; +$infos = array( 'file','date_available','date_creation','tn_ext','name' + ,'filesize','width','height','author','comment','keywords' + ,'storage_category_id' ); +$query = 'SELECT '. implode( ',', $infos ); $query.= ' FROM '.PREFIX_TABLE.'images'; $query.= ' WHERE id = '.$_GET['image_id']; $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); + +foreach ( $infos as $info ) { + if ( !isset( $row[$info] ) ) $row[$info] = ''; +} + // picture title if ( $row['name'] == '' ) { @@ -290,7 +322,8 @@ while ( $row = mysql_fetch_array( $result ) ) $vtp->setVar( $sub, 'linked_category.invisible', $invisible_string ); } - if ( $row['representative_picture_id'] == $_GET['image_id'] ) + if ( isset( $row['representative_picture_id'] ) + and $row['representative_picture_id'] == $_GET['image_id'] ) { $vtp->setVar( $sub, 'linked_category.representative_checked', ' checked="checked"' ); @@ -306,12 +339,32 @@ if ( mysql_num_rows( $result ) > 0 ) $vtp->closeSession( $sub, 'dissociate' ); } // associate to another category ? -$vtp->addSession( $sub, 'associate_cat' ); -$vtp->setVar( $sub, 'associate_cat.value', '-1' ); -$vtp->setVar( $sub, 'associate_cat.content', '' ); -$vtp->closeSession( $sub, 'associate_cat' ); -$structure = create_structure( '', array() ); -display_categories( $structure, ' ' ); +// +// We only show a List Of Values if the number of categories is less than +// $conf['max_LOV_categories'] +$query = 'SELECT COUNT(id) AS nb_total_categories'; +$query.= ' FROM '.PREFIX_TABLE.'categories'; +$query.= ';'; +$row = mysql_fetch_array( mysql_query( $query ) ); +if ( $row['nb_total_categories'] < $conf['max_LOV_categories'] ) +{ + $vtp->addSession( $sub, 'associate_LOV' ); + $vtp->addSession( $sub, 'associate_cat' ); + $vtp->setVar( $sub, 'associate_cat.value', '-1' ); + $vtp->setVar( $sub, 'associate_cat.content', '' ); + $vtp->closeSession( $sub, 'associate_cat' ); + $page['plain_structure'] = get_plain_structure( true ); + $structure = create_structure( '', array() ); + display_categories( $structure, ' ' ); + $vtp->closeSession( $sub, 'associate_LOV' ); +} +// else, we only display a small text field, we suppose the administrator +// knows the id of its category +else +{ + $vtp->addSession( $sub, 'associate_text' ); + $vtp->closeSession( $sub, 'associate_text' ); +} //----------------------------------------------------------- sending html code $vtp->Parse( $handle , 'sub', $sub ); ?>
\ No newline at end of file diff --git a/admin/stats.php b/admin/stats.php index 01780a95e..ba33a1582 100644 --- a/admin/stats.php +++ b/admin/stats.php @@ -42,13 +42,15 @@ $tpl = array( 'stats_last_days','date','login', templatize_array( $tpl, 'lang', $sub ); $vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); //--------------------------------------------------- number of days to display -if ( isset( $_GET['last_days'] ) ) define( "MAX_DAYS", $_GET['last_days'] ); -else define( "MAX_DAYS", 0 ); +if ( isset( $_GET['last_days'] ) ) define( 'MAX_DAYS', $_GET['last_days'] ); +else define( 'MAX_DAYS', 0 ); foreach ( $conf['last_days'] as $option ) { $vtp->addSession( $sub, 'last_day_option' ); $vtp->setVar( $sub, 'last_day_option.option', $option ); - $url = './admin.php?page=stats&expand='.$_GET['expand']; + $url = './admin.php?page=stats'; + if (isset($_GET['expand'])) + $url .='&expand='.$_GET['expand']; $url.= '&last_days='.($option - 1); $vtp->setVar( $sub, 'last_day_option.link', add_session_id( $url ) ); if ( $option == MAX_DAYS + 1 ) @@ -59,12 +61,18 @@ foreach ( $conf['last_days'] as $option ) { } //---------------------------------------------------------------- log history // empty link -$url = './admin.php?page=stats&last_days='.$_GET['last_days']; -$url.= '&expand='.$_GET['expand']; +$url = './admin.php?page=stats'; +if (isset($_GET['last_days'])) + $url .='&last_days='.$_GET['last_days']; +// expand array management +$expand_days = array(); +if (isset($_GET['expand'])) +{ + $url.= '&expand='.$_GET['expand']; + $expand_days = explode( ',', $_GET['expand'] ); +} $url.= '&act=empty'; $vtp->setVar( $sub, 'emply_url', add_session_id( $url ) ); -// expand array management -$expand_days = explode( ',', $_GET['expand'] ); $page['expand_days'] = array(); foreach ( $expand_days as $expand_day ) { if ( is_numeric( $expand_day ) ) @@ -99,7 +107,9 @@ for ( $i = 0; $i <= MAX_DAYS; $i++ ) $vtp->setVar( $sub, 'day.open_or_close', $lang['open'] ); array_push( $local_expand, $i ); } - $url = './admin.php?page=stats&last_days='.$_GET['last_days']; + $url = './admin.php?page=stats'; + if (isset($_GET['last_days'])) + $url.= '&last_days='.$_GET['last_days']; $url.= '&expand='.implode( ',', $local_expand ); $vtp->setVar( $sub, 'day.url', add_session_id( $url ) ); // date displayed like this (in English ) : diff --git a/admin/thumbnail.php b/admin/thumbnail.php index 0abbae506..ae44b311c 100644 --- a/admin/thumbnail.php +++ b/admin/thumbnail.php @@ -253,9 +253,8 @@ function get_displayed_dirs( $dir, $indent ) } $vtp->closeSession( $sub, 'dir' ); // recursive call - $dirs.= get_displayed_dirs( $dir.'/'.$sub_dir, - $indent+30 ); - + get_displayed_dirs( $dir.'/'.$sub_dir, + $indent+30 ); } } //----------------------------------------------------- template initialization @@ -359,7 +358,7 @@ if ( isset( $_GET['dir'] ) ) $url = './admin.php?page=thumbnail&dir='.$_GET['dir']; $vtp->setVar( $sub, 'params.action', add_session_id( $url ) ); // GD version selected... - if ( $_POST['gd'] == 1 ) + if ( isset( $_POST['gd'] ) and $_POST['gd'] == 1 ) { $vtp->setVar( $sub, 'params.gd1_checked', ' checked="checked"' ); } @@ -387,10 +386,12 @@ if ( isset( $_GET['dir'] ) ) } // options for the number of picture to miniaturize : "n" $options = array( 5,10,20,40 ); + if ( isset( $_POST['n'] ) ) $n = $_POST['n']; + else $n = 5; foreach ( $options as $option ) { $vtp->addSession( $sub, 'n_option' ); $vtp->setVar( $sub, 'n_option.option', $option ); - if ( $option == $_POST['n'] ) + if ( $option == $n ) { $vtp->setVar( $sub, 'n_option.selected', ' selected="selected"' ); } diff --git a/admin/update.php b/admin/update.php index df1c6ebff..4e13e466d 100644 --- a/admin/update.php +++ b/admin/update.php @@ -2,7 +2,7 @@ /*************************************************************************** * update.php * * ------------------ * - * application : PhpWebGallery 1.3 <http://phpwebgallery.net> * + * application : PhpWebGallery 1.4 <http://phpwebgallery.net> * * author : Pierrick LE GALL <pierrick@z0rglub.com> * * * * $Id$ @@ -19,142 +19,162 @@ include_once( './admin/include/isadmin.inc.php' ); //------------------------------------------------------------------- functions -function insert_local_category( $cat_id ) +function insert_local_category( $id_uppercat ) { global $conf, $page, $user, $lang; - - $site_id = 1; + + $uppercats = ''; + $output = ''; // 0. retrieving informations on the category to display $cat_directory = './galleries'; - - if ( is_numeric( $cat_id ) ) + if ( is_numeric( $id_uppercat ) ) { - $cat_directory.= '/'.get_local_dir( $cat_id ); - $result = get_cat_info( $cat_id ); + $query = 'SELECT name,uppercats,dir'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ' WHERE id = '.$id_uppercat; + $query.= ';'; + $row = mysql_fetch_array( mysql_query( $query ) ); + $uppercats = $row['uppercats']; + $name = $row['name']; + $dir = $row['dir']; + + $upper_array = explode( ',', $uppercats ); + + $local_dir = ''; + + $database_dirs = array(); + $query = 'SELECT id,dir'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ' WHERE id IN ('.$uppercats.')'; + $query.= ';'; + $result = mysql_query( $query ); + while( $row = mysql_fetch_array( $result ) ) + { + $database_dirs[$row['id']] = $row['dir']; + } + foreach ( $upper_array as $id ) { + $local_dir.= $database_dirs[$id].'/'; + } + + $cat_directory.= '/'.$local_dir; + // 1. display the category name to update $src = './template/'.$user['template'].'/admin/images/puce.gif'; $output = '<img src="'.$src.'" alt=">" />'; - $output.= '<span style="font-weight:bold;">'.$result['name'][0].'</span>'; - $output.= ' [ '.$result['dir'].' ]'; + $output.= '<span style="font-weight:bold;">'.$name.'</span>'; + $output.= ' [ '.$dir.' ]'; $output.= '<div class="retrait">'; // 2. we search pictures of the category only if the update is for all // or a cat_id is specified if ( isset( $page['cat'] ) or $_GET['update'] == 'all' ) { - $output.= insert_local_image( $cat_directory, $cat_id ); + $output.= insert_local_image( $cat_directory, $id_uppercat ); } } - // 3. we have to remove the categories of the database not present anymore - $query = 'SELECT id'; + $sub_dirs = get_category_directories( $cat_directory ); + + $sub_category_dirs = array(); + $query = 'SELECT id,dir'; $query.= ' FROM '.PREFIX_TABLE.'categories'; - $query.= ' WHERE site_id = '.$site_id; - if ( !is_numeric( $cat_id ) ) - { - $query.= ' AND id_uppercat IS NULL'; - } - else - { - $query.= ' AND id_uppercat = '.$cat_id; - } + $query.= ' WHERE site_id = 1'; + if (!is_numeric($id_uppercat)) $query.= ' AND id_uppercat IS NULL'; + else $query.= ' AND id_uppercat = '.$id_uppercat; + $query.= ' AND dir IS NOT NULL'; // virtual categories not taken $query.= ';'; $result = mysql_query( $query ); while ( $row = mysql_fetch_array( $result ) ) { - // retrieving the directory - $rep = './galleries/'.get_local_dir( $row['id'] ); - // is the directory present ? - if ( !is_dir( $rep ) ) delete_category( $row['id'] ); + $sub_category_dirs[$row['id']] = $row['dir']; } - // 4. retrieving the sub-directories - $subdirs = array(); - $dirs = ''; - if ( $opendir = opendir( $cat_directory ) ) - { - while ( $file = readdir( $opendir ) ) + + // 3. we have to remove the categories of the database not present anymore + foreach ( $sub_category_dirs as $id => $dir ) { + if ( !in_array( $dir, $sub_dirs ) ) delete_category( $id ); + } + + // array of new categories to insert + $inserts = array(); + + foreach ( $sub_dirs as $sub_dir ) { + // 5. Is the category already existing ? we create a subcat if not + // existing + $category_id = array_search( $sub_dir, $sub_category_dirs ); + if ( !is_numeric( $category_id ) ) { - if ( $file != '.' - and $file != '..' - and is_dir ( $cat_directory.'/'.$file ) - and $file != 'thumbnail' ) + if ( preg_match( '/^[a-zA-Z0-9-_.]+$/', $sub_dir ) ) { - if ( preg_match( '/^[a-zA-Z0-9-_.]+$/', $file ) ) - array_push( $subdirs, $file ); - else - { - $output.= '<span style="color:red;">"'.$file.'" : '; - $output.= $lang['update_wrong_dirname'].'</span><br />'; - // if the category even exists (from a previous release of - // PhpWebGallery), we keep it in our $subdirs array - $query = 'SELECT id'; - $query.= ' FROM '.PREFIX_TABLE.'categories'; - $query.= ' WHERE site_id = '.$site_id; - $query.= " AND dir = '".$file."'"; - $query.= ' AND id_uppercat'; - if ( !is_numeric( $cat_id ) ) $query.= ' IS NULL'; - else $query.= ' = '.$cat_id; - $query.= ';'; - $result = mysql_query( $query ); - if ( mysql_num_rows( $result ) != 0 ) - { - array_push( $subdirs, $file ); - } - } + $name = str_replace( '_', ' ', $sub_dir ); + + $value = "('".$sub_dir."','".$name."',1"; + if ( !is_numeric( $id_uppercat ) ) $value.= ',NULL'; + else $value.= ','.$id_uppercat; + $value.= ",'undef'"; + $value.= ')'; + array_push( $inserts, $value ); + } + else + { + $output.= '<span style="color:red;">"'.$sub_dir.'" : '; + $output.= $lang['update_wrong_dirname'].'</span><br />'; } } } - foreach ( $subdirs as $subdir ) { - // 5. Is the category already existing ? we create a subcat if not - // existing - $category_id = ''; - $query = 'SELECT id'; - $query.= ' FROM '.PREFIX_TABLE.'categories'; - $query.= ' WHERE site_id = '.$site_id; - $query.= " AND dir = '".$subdir."'"; - $query.= ' AND id_uppercat'; - if ( !is_numeric( $cat_id ) ) $query.= ' IS NULL'; - else $query.= ' = '.$cat_id; + + // we have to create the category + if ( count( $inserts ) > 0 ) + { + $query = 'INSERT INTO '.PREFIX_TABLE.'categories'; + $query.= ' (dir,name,site_id,id_uppercat,uppercats) VALUES '; + $query.= implode( ',', $inserts ); $query.= ';'; - $result = mysql_query( $query ); - if ( mysql_num_rows( $result ) == 0 ) - { - $name = str_replace( '_', ' ', $subdir ); - // we have to create the category - $query = 'INSERT INTO '.PREFIX_TABLE.'categories'; - $query.= ' (dir,name,site_id,id_uppercat) VALUES'; - $query.= " ('".$subdir."','".$name."','".$site_id."'"; - if ( !is_numeric( $cat_id ) ) $query.= ',NULL'; - else $query.= ",'".$cat_id."'"; - $query.= ');'; - mysql_query( $query ); - $category_id = mysql_insert_id(); - // regeneration of the plain_structure to integrate the new category - $page['plain_structure'] = get_plain_structure(); - } - else - { - // we get the already registered id - $row = mysql_fetch_array( $result ); - $category_id = $row['id']; - } - // 6. recursive call - $output.= insert_local_category( $category_id ); + mysql_query( $query ); + // updating uppercats field + $query = 'UPDATE '.PREFIX_TABLE.'categories'; + $query.= ' SET uppercats = '; + if ( $uppercats != '' ) $query.= "CONCAT('".$uppercats."',',',id)"; + else $query.= 'id'; + $query.= ' WHERE id_uppercat '; + if (!is_numeric($id_uppercat)) $query.= 'IS NULL'; + else $query.= '= '.$id_uppercat; + $query.= ';'; + mysql_query( $query ); } - - if ( is_numeric( $cat_id ) ) + + // Recursive call on the sub-categories (not virtual ones) + $query = 'SELECT id'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ' WHERE site_id = 1'; + if (!is_numeric($id_uppercat)) $query.= ' AND id_uppercat IS NULL'; + else $query.= ' AND id_uppercat = '.$id_uppercat; + $query.= ' AND dir IS NOT NULL'; // virtual categories not taken + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + $output.= insert_local_category( $row['id'] ); + } + + if ( is_numeric( $id_uppercat ) ) { $output.= '</div>'; } return $output; } - -function insert_local_image( $rep, $category_id ) + +function insert_local_image( $dir, $category_id ) { global $lang,$conf,$count_new; $output = ''; + + // fs means filesystem : $fs_pictures contains pictures in the filesystem + // found in $dir, $fs_thumbnails contains thumbnails... + $fs_pictures = get_picture_files( $dir ); + $fs_thumbnails = get_thumb_files( $dir.'thumbnail' ); + // we have to delete all the images from the database that : // - are not in the directory anymore // - don't have the associated thumbnail available anymore @@ -165,157 +185,187 @@ function insert_local_image( $rep, $category_id ) $result = mysql_query( $query ); while ( $row = mysql_fetch_array( $result ) ) { - $lien_image = $rep.'/'.$row['file']; - $lien_thumbnail = $rep.'/thumbnail/'.$conf['prefix_thumbnail']; - $lien_thumbnail.= get_filename_wo_extension( $row['file'] ); - $lien_thumbnail.= '.'.$row['tn_ext']; - - if ( !is_file ( $lien_image ) or !is_file ( $lien_thumbnail ) ) + $pic_to_delete = false; + if ( !in_array( $row['file'], $fs_pictures ) ) { - if ( !is_file ( $lien_image ) ) - { - $output.= $row['file']; - $output.= ' <span style="font-weight:bold;">'; - $output.= $lang['update_disappeared'].'</span><br />'; - } - if ( !is_file ( $lien_thumbnail ) ) - { - $output.= $row['file']; - $output.= ' : <span style="font-weight:bold;">'; - $output.= $lang['update_disappeared_tn'].'</span><br />'; - } - // suppression de la base : - delete_image( $row['id'] ); + $output.= $row['file']; + $output.= ' <span style="font-weight:bold;">'; + $output.= $lang['update_disappeared'].'</span><br />'; + $pic_to_delete = true; + } + + $thumbnail = $conf['prefix_thumbnail']; + $thumbnail.= get_filename_wo_extension( $row['file'] ); + $thumbnail.= '.'.$row['tn_ext']; + if ( !in_array( $thumbnail, $fs_thumbnails ) ) + { + $output.= $row['file']; + $output.= ' : <span style="font-weight:bold;">'; + $output.= $lang['update_disappeared_tn'].'</span><br />'; + $pic_to_delete = true; } + + if ( $pic_to_delete ) delete_image( $row['id'] ); } - - // searching the new images in the directory - $pictures = array(); - $tn_ext = ''; - if ( $opendir = opendir( $rep ) ) + + $registered_pictures = array(); + $query = 'SELECT file'; + $query.= ' FROM '.PREFIX_TABLE.'images'; + $query.= ' WHERE storage_category_id = '.$category_id; + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + array_push( $registered_pictures, $row['file'] ); + } + + // validated pictures are picture uploaded by users, validated by an admin + // and not registered (visible) yet + $validated_pictures = array(); + $unvalidated_pictures = array(); + + $query = 'SELECT file,infos,validated'; + $query.= ' FROM '.PREFIX_TABLE.'waiting'; + $query.= ' WHERE storage_category_id = '.$category_id; + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) { - while ( $file = readdir( $opendir ) ) + if ( $row['validated'] == 'true' ) + $validated_pictures[$row['file']] = $row['infos']; + else + array_push( $unvalidated_pictures, $row['file'] ); + } + + // we only search among the picture present in the filesystem and not + // present in the database yet. If we know that this picture is known as + // an uploaded one but not validated, it's not tested neither + $unregistered_pictures = array_diff( $fs_pictures + ,$registered_pictures + ,$unvalidated_pictures ); + + $inserts = array(); + + foreach ( $unregistered_pictures as $unregistered_picture ) { + if ( preg_match( '/^[a-zA-Z0-9-_.]+$/', $unregistered_picture ) ) { - if ( is_file( $rep.'/'.$file ) and is_image( $rep.'/'.$file ) ) + $file_wo_ext = get_filename_wo_extension( $unregistered_picture ); + $tn_ext = ''; + foreach ( $conf['picture_ext'] as $ext ) { + $test = $conf['prefix_thumbnail'].$file_wo_ext.'.'.$ext; + if ( !in_array( $test, $fs_thumbnails ) ) continue; + else { $tn_ext = $ext; break; } + } + // if we found a thumnbnail corresponding to our picture... + if ( $tn_ext != '' ) { - // is the picture waiting for validation by an administrator ? - $query = 'SELECT id,validated,infos'; - $query.= ' FROM '.PREFIX_TABLE.'waiting'; - $query.= ' WHERE storage_category_id = '.$category_id; - $query.= " AND file = '".$file."'"; - $query.= ';'; - $result = mysql_query( $query ); - $waiting = mysql_fetch_array( $result ); - if (mysql_num_rows( $result ) == 0 or $waiting['validated'] == 'true') + $image_size = @getimagesize( $dir.$unregistered_picture ); + // (file, storage_category_id, date_available, tn_ext, filesize, + // width, height, name, author, comment, date_creation)' + $value = '('; + $value.= "'".$unregistered_picture."'"; + $value.= ','.$category_id; + $value.= ",'".date( 'Y-m-d' )."'"; + $value.= ",'".$tn_ext."'"; + $value.= ','.floor( filesize( $dir.$unregistered_picture) / 1024 ); + $value.= ','.$image_size[0]; + $value.= ','.$image_size[1]; + if ( isset( $validated_pictures[$unregistered_picture] ) ) + { + // retrieving infos from the XML description from waiting table + $infos = nl2br( $validated_pictures[$unregistered_picture] ); + + $unixtime = getAttribute( $infos, 'date_creation' ); + if ($unixtime != '') $date_creation ="'".date('Y-m-d',$unixtime)."'"; + else $date_creation = 'NULL'; + + $value.= ",'".getAttribute( $infos, 'name' )."'"; + $value.= ",'".getAttribute( $infos, 'author' )."'"; + $value.= ",'".getAttribute( $infos, 'comment')."'"; + $value.= ','.$date_creation; + + // deleting the waiting element + $query = 'DELETE FROM '.PREFIX_TABLE.'waiting'; + $query.= " WHERE file = '".$unregistered_picture."'"; + $query.= ' AND storage_category_id = '.$category_id; + $query.= ';'; + mysql_query( $query ); + } + else { - if ( $tn_ext = TN_exists( $rep, $file ) ) - { - // is the picture already in the database ? - $query = 'SELECT id'; - $query.= ' FROM '.PREFIX_TABLE.'images'; - $query.= ' WHERE storage_category_id = '.$category_id; - $query.= " AND file = '".$file."'"; - $query.= ';'; - $result = mysql_query( $query ); - if ( mysql_num_rows( $result ) == 0 ) - { - // the name of the file must not use acentuated characters or - // blank space.. - if ( preg_match( '/^[a-zA-Z0-9-_.]+$/', $file ) ) - { - $picture = array(); - $picture['file'] = $file; - $picture['tn_ext'] = $tn_ext; - $picture['date'] = date( 'Y-m-d', filemtime($rep.'/'.$file) ); - $picture['filesize'] = floor( filesize($rep.'/'.$file) / 1024); - $image_size = @getimagesize( $rep.'/'.$file ); - $picture['width'] = $image_size[0]; - $picture['height'] = $image_size[1]; - if ( $waiting['validated'] == 'true' ) - { - // retrieving infos from the XML description of - // $waiting['infos'] - $infos = nl2br( $waiting['infos'] ); - $picture['author'] = getAttribute( $infos, 'author' ); - $picture['comment'] = getAttribute( $infos, 'comment'); - $unixtime = getAttribute( $infos, 'date_creation' ); - $picture['date_creation'] = ''; - if ( $unixtime != '' ) - $picture['date_creation'] = date( 'Y-m-d', $unixtime ); - $picture['name'] = getAttribute( $infos, 'name' ); - // deleting the waiting element - $query = 'DELETE FROM '.PREFIX_TABLE.'waiting'; - $query.= ' WHERE id = '.$waiting['id']; - $query.= ';'; - mysql_query( $query ); - } - array_push( $pictures, $picture ); - } - else - { - $output.= '<span style="color:red;">"'.$file.'" : '; - $output.= $lang['update_wrong_dirname'].'</span><br />'; - } - - } - } - else - { - $output.= '<span style="color:red;">'; - $output.= $lang['update_missing_tn'].' : '.$file; - $output.= ' (<span style="font-weight:bold;">'; - $output.= $conf['prefix_thumbnail']; - $output.= get_filename_wo_extension( $file ).'.XXX</span>'; - $output.= ', XXX = '; - $output.= implode( ', ', $conf['picture_ext'] ); - $output.= ')</span><br />'; - } + $value.= ",'','','',NULL"; } + $value.= ')'; + + $count_new++; + $output.= $unregistered_picture; + $output.= ' <span style="font-weight:bold;">'; + $output.= $lang['update_research_added'].'</span>'; + $output.= ' ('.$lang['update_research_tn_ext'].' '.$tn_ext.')'; + $output.= '<br />'; + array_push( $inserts, $value ); } + else + { + $output.= '<span style="color:red;">'; + $output.= $lang['update_missing_tn'].' : '.$unregistered_picture; + $output.= ' (<span style="font-weight:bold;">'; + $output.= $conf['prefix_thumbnail']; + $output.= get_filename_wo_extension( $unregistered_picture ); + $output.= '.XXX</span>'; + $output.= ', XXX = '; + $output.= implode( ', ', $conf['picture_ext'] ); + $output.= ')</span><br />'; + } + } + else + { + $output.= '<span style="color:red;">"'.$unregistered_picture.'" : '; + $output.= $lang['update_wrong_dirname'].'</span><br />'; } } - // inserting the pictures found in the directory - foreach ( $pictures as $picture ) { + + if ( count( $inserts ) > 0 ) + { + // inserts all found pictures $query = 'INSERT INTO '.PREFIX_TABLE.'images'; $query.= ' (file,storage_category_id,date_available,tn_ext'; $query.= ',filesize,width,height'; $query.= ',name,author,comment,date_creation)'; $query.= ' VALUES '; - $query.= "('".$picture['file']."','".$category_id."'"; - $query.= ",'".$picture['date']."','".$picture['tn_ext']."'"; - $query.= ",'".$picture['filesize']."','".$picture['width']."'"; - $query.= ",'".$picture['height']."','".$picture['name']."'"; - $query.= ",'".$picture['author']."','".$picture['comment']."'"; - if ( $picture['date_creation'] != '' ) - { - $query.= ",'".$picture['date_creation']."'"; - } - else - { - $query.= ',NULL'; - } - $query.= ');'; + $query.= implode( ',', $inserts ); + $query.= ';'; mysql_query( $query ); - $count_new++; - // retrieving the id of newly inserted picture + + // what are the ids of the pictures in the $category_id ? + $ids = array(); + $query = 'SELECT id'; $query.= ' FROM '.PREFIX_TABLE.'images'; $query.= ' WHERE storage_category_id = '.$category_id; - $query.= " AND file = '".$picture['file']."'"; $query.= ';'; - list( $image_id ) = mysql_fetch_array( mysql_query( $query ) ); - // adding the link between this picture and its storage category - $query = 'INSERT INTO '.PREFIX_TABLE.'image_category'; - $query.= ' (image_id,category_id) VALUES '; - $query.= ' ('.$image_id.','.$category_id.')'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + array_push( $ids, $row['id'] ); + } + + // recreation of the links between this storage category pictures and + // its storage category + $query = 'DELETE FROM '.PREFIX_TABLE.'image_category'; + $query.= ' WHERE category_id = '.$category_id; + $query.= ' AND image_id IN ('.implode( ',', $ids ).')'; $query.= ';'; mysql_query( $query ); - $output.= $picture['file']; - $output.= ' <span style="font-weight:bold;">'; - $output.= $lang['update_research_added'].'</span>'; - $output.= ' ('.$lang['update_research_tn_ext'].' '.$picture['tn_ext'].')'; - $output.= '<br />'; + $query = 'INSERT INTO '.PREFIX_TABLE.'image_category'; + $query.= '(category_id,image_id) VALUES '; + foreach ( $ids as $num => $image_id ) { + if ( $num > 0 ) $query.= ','; + $query.= '('.$category_id.','.$image_id.')'; + } + $query.= ';'; + mysql_query( $query ); } return $output; } @@ -367,96 +417,131 @@ function remote_images() // insert the contained categories if the are not in the database yet. The // function also deletes the categories that are in the database and not in // the xml_file. -function insert_remote_category( $xml_dir, $site_id, $id_uppercat, $level ) +function insert_remote_category( $xml_content, $site_id, $id_uppercat, $level ) { - global $conf,$user; - + global $conf, $page, $user, $lang; + + $uppercats = ''; $output = ''; - $categories = array(); - $list_dirs = getChildren( $xml_dir, 'dir'.$level ); - for ( $i = 0; $i < sizeof( $list_dirs ); $i++ ) + // 0. retrieving informations on the category to display + $cat_directory = '../galleries'; + + if ( is_numeric( $id_uppercat ) ) { - // is the category already existing ? - $category_id = ''; - $dir = getAttribute( $list_dirs[$i], 'name' ); - $categories[$i] = $dir; + $query = 'SELECT name,uppercats,dir'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ' WHERE id = '.$id_uppercat; + $query.= ';'; + $row = mysql_fetch_array( mysql_query( $query ) ); + $uppercats = $row['uppercats']; + $name = $row['name']; + // 1. display the category name to update $src = './template/'.$user['template'].'/admin/images/puce.gif'; - $output.= '<img src="'.$src.'" alt=">" />'; - $output.= '<span style="font-weight:bold;">'.$dir.'</span>'; + $output = '<img src="'.$src.'" alt=">" />'; + $output.= '<span style="font-weight:bold;">'.$name.'</span>'; + $output.= ' [ '.$row['dir'].' ]'; $output.= '<div class="retrait">'; - $query = 'SELECT id'; - $query.= ' FROM '.PREFIX_TABLE.'categories'; - $query.= ' WHERE site_id = '.$site_id; - $query.= " AND dir = '".$dir."'"; - if ( $id_uppercat == 'NULL' ) - { - $query.= ' AND id_uppercat IS NULL'; - } - else - { - $query.= ' AND id_uppercat = '.$id_uppercat; - } - $query.= ';'; - $result = mysql_query( $query ); - if ( mysql_num_rows( $result ) == 0 ) - { - $name = str_replace( '_', ' ', $dir ); - // we have to create the category - $query = 'INSERT INTO '.PREFIX_TABLE.'categories'; - $query.= ' (name,dir,site_id,id_uppercat) VALUES '; - $query.= "('".$name."','".$dir."',".$site_id; - if ( !is_numeric( $id_uppercat ) ) - { - $query.= ',NULL'; - } - else - { - $query.= ','.$id_uppercat; - } - $query.= ');'; - mysql_query( $query ); - $category_id = mysql_insert_id(); - } - else - { - // we get the already registered id - $row = mysql_fetch_array( $result ); - $category_id = $row['id']; - } - $output.= insert_remote_image( $list_dirs[$i], $category_id ); - $output.= insert_remote_category( $list_dirs[$i], $site_id, - $category_id, $level+1 ); - $output.= '</div>'; + // 2. we search pictures of the category only if the update is for all + // or a cat_id is specified + $output.= insert_remote_image( $xml_content, $id_uppercat ); + } + + // $xml_dirs contains dir names contained in the xml file for this + // id_uppercat + $xml_dirs = array(); + $temp_dirs = getChildren( $xml_content, 'dir'.$level ); + foreach ( $temp_dirs as $temp_dir ) { + array_push( $xml_dirs, getAttribute( $temp_dir, 'name' ) ); } - // we have to remove the categories of the database not present in the xml - // file (ie deleted from the picture storage server) - $query = 'SELECT dir,id'; + + // $database_dirs contains dir names contained in the database for this + // id_uppercat and site_id + $database_dirs = array(); + $query = 'SELECT id,dir'; $query.= ' FROM '.PREFIX_TABLE.'categories'; $query.= ' WHERE site_id = '.$site_id; - if ( !is_numeric( $id_uppercat ) ) + if (!is_numeric($id_uppercat)) $query.= ' AND id_uppercat IS NULL'; + else $query.= ' AND id_uppercat = '.$id_uppercat; + $query.= ' AND dir IS NOT NULL'; // virtual categories not taken + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) { - $query.= ' AND id_uppercat IS NULL'; + $database_dirs[$row['id']] = $row['dir']; } - else + + // 3. we have to remove the categories of the database not present anymore + foreach ( $database_dirs as $id => $dir ) { + if ( !in_array( $dir, $xml_dirs ) ) delete_category( $id ); + } + + // array of new categories to insert + $inserts = array(); + + foreach ( $xml_dirs as $xml_dir ) { + // 5. Is the category already existing ? we create a subcat if not + // existing + $category_id = array_search( $xml_dir, $database_dirs ); + if ( !is_numeric( $category_id ) ) + { + $name = str_replace( '_', ' ', $xml_dir ); + + $value = "('".$xml_dir."','".$name."',".$site_id; + if ( !is_numeric( $id_uppercat ) ) $value.= ',NULL'; + else $value.= ','.$id_uppercat; + $value.= ",'undef'"; + $value.= ')'; + array_push( $inserts, $value ); + } + } + + // we have to create the category + if ( count( $inserts ) > 0 ) { - $query.= ' AND id_uppercat = '.$id_uppercat; + $query = 'INSERT INTO '.PREFIX_TABLE.'categories'; + $query.= ' (dir,name,site_id,id_uppercat,uppercats) VALUES '; + $query.= implode( ',', $inserts ); + $query.= ';'; + mysql_query( $query ); + // updating uppercats field + $query = 'UPDATE '.PREFIX_TABLE.'categories'; + $query.= ' SET uppercats = '; + if ( $uppercats != '' ) $query.= "CONCAT('".$uppercats."',',',id)"; + else $query.= 'id'; + $query.= ' WHERE id_uppercat '; + if (!is_numeric($id_uppercat)) $query.= 'IS NULL'; + else $query.= '= '.$id_uppercat; + $query.= ';'; + mysql_query( $query ); } + + // Recursive call on the sub-categories (not virtual ones) + $query = 'SELECT id,dir'; + $query.= ' FROM '.PREFIX_TABLE.'categories'; + $query.= ' WHERE site_id = '.$site_id; + if (!is_numeric($id_uppercat)) $query.= ' AND id_uppercat IS NULL'; + else $query.= ' AND id_uppercat = '.$id_uppercat; + $query.= ' AND dir IS NOT NULL'; // virtual categories not taken $query.= ';'; $result = mysql_query( $query ); while ( $row = mysql_fetch_array( $result ) ) { - // is the category in the xml file ? - if ( !in_array( $row['dir'], $categories ) ) - { - delete_category( $row['id'] ); - } + $database_dirs[$row['dir']] = $row['id']; } + foreach ( $temp_dirs as $temp_dir ) { + $dir = getAttribute( $temp_dir, 'name' ); + $id_uppercat = $database_dirs[$dir]; + $output.= insert_remote_category( $temp_dir, $site_id, + $id_uppercat,$level+1 ); + } + + if ( is_numeric( $id_uppercat ) ) $output.= '</div>'; return $output; } - + // insert_remote_image searchs the "root" node of the xml_dir given and // insert the contained pictures if the are not in the database yet. function insert_remote_image( $xml_dir, $category_id ) @@ -465,101 +550,117 @@ function insert_remote_image( $xml_dir, $category_id ) $output = ''; $root = getChild( $xml_dir, 'root' ); - $pictures = array(); + + $fs_pictures = array(); $xml_pictures = getChildren( $root, 'picture' ); - for ( $j = 0; $j < sizeof( $xml_pictures ); $j++ ) + foreach ( $xml_pictures as $xml_picture ) { + array_push( $fs_pictures, getAttribute( $xml_picture, 'file' ) ); + } + + // we have to delete all the images from the database that are not in the + // directory anymore (not in the XML anymore) + $query = 'SELECT id,file'; + $query.= ' FROM '.PREFIX_TABLE.'images'; + $query.= ' WHERE storage_category_id = '.$category_id; + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) { - //<picture file="albatros.jpg" tn_ext="png" date="2002-04-14" - // filesize="35" width="640" height="480" /> - $file = getAttribute( $xml_pictures[$j], 'file' ); - $tn_ext = getAttribute( $xml_pictures[$j], 'tn_ext' ); - $date = getAttribute( $xml_pictures[$j], 'date' ); - $filesize = getAttribute( $xml_pictures[$j], 'filesize' ); - $width = getAttribute( $xml_pictures[$j], 'width' ); - $height = getAttribute( $xml_pictures[$j], 'height' ); - - $pictures[$j] = $file; - - // is the picture already existing in the database ? - $query = 'SELECT id,tn_ext'; - $query.= ' FROM '.PREFIX_TABLE.'images'; - $query.= ' WHERE storage_category_id = '.$category_id; - $query.= " AND file = '".$file."'"; - $query.= ';'; - $result = mysql_query( $query ); - $query = ''; - if ( mysql_num_rows( $result ) == 0 ) + if ( !in_array( $row['file'], $fs_pictures ) ) { - $query = 'INSERT INTO '.PREFIX_TABLE.'images'; - $query.= ' (file,storage_category_id,date_available,tn_ext'; - $query.= ',filesize,width,height)'; - $query.= ' VALUES ('; - $query.= "'".$file."'"; - $query.= ",'".$category_id."'"; - $query.= ",'".$date."'"; - $query.= ",'".$tn_ext."'"; - $query.= ",'".$filesize."'"; - $query.= ",'".$width."'"; - $query.= ",'".$height."'"; - $query.= ')'; - $query.= ';'; - mysql_query( $query ); - // retrieving the id of newly inserted picture - $query = 'SELECT id'; - $query.= ' FROM '.PREFIX_TABLE.'images'; - $query.= ' WHERE storage_category_id = '.$category_id; - $query.= " AND file = '".$file."'"; - $query.= ';'; - list( $image_id ) = mysql_fetch_array( mysql_query( $query ) ); - // adding the link between this picture and its storage category - $query = 'INSERT INTO '.PREFIX_TABLE.'image_category'; - $query.= ' (image_id,category_id) VALUES '; - $query.= ' ('.$image_id.','.$category_id.')'; - $query.= ';'; - mysql_query( $query ); - - $output.= $file; + $output.= $row['file']; $output.= ' <span style="font-weight:bold;">'; - $output.= $lang['update_research_added'].'</span>'; - $output.= ' ('.$lang['update_research_tn_ext'].' '.$tn_ext.')<br />'; - - $count_new++; - } - else - { - // is the tn_ext the same in the xml file and in the database ? - $row = mysql_fetch_array( $result ); - if ( $row['tn_ext'] != $tn_ext ) - { - $query = 'UPDATE '.PREFIX_TABLE.'images'; - $query.= ' SET'; - $query.= " tn_ext = '".$tn_ext."'"; - $query.= ' WHERE storage_category_id = '.$category_id; - $query.= " AND file = '".$file."'"; - $query.= ';'; - } - } - // execution of the query - if ( $query != '' ) - { - mysql_query( $query ); + $output.= $lang['update_disappeared'].'</span><br />'; + delete_image( $row['id'] ); } } - // we have to remove the pictures of the database not present in the xml file - // (ie deleted from the picture storage server) - $query = 'SELECT id,file'; + + $database_pictures = array(); + $query = 'SELECT file'; $query.= ' FROM '.PREFIX_TABLE.'images'; $query.= ' WHERE storage_category_id = '.$category_id; $query.= ';'; $result = mysql_query( $query ); while ( $row = mysql_fetch_array( $result ) ) { - // is the file in the xml file ? - if ( !in_array( $row['file'], $pictures ) ) + array_push( $database_pictures, $row['file'] ); + } + + $inserts = array(); + $xml_pictures = getChildren( $root, 'picture' ); + foreach ( $xml_pictures as $xml_picture ) { + // <picture file="albatros.jpg" tn_ext="png" filesize="35" width="640" + // height="480" /> + $file = getAttribute( $xml_picture, 'file' ); + + // is the picture already existing in the database ? + if ( !in_array( $file, $database_pictures ) ) { - delete_image( $row['id'] ); + $tn_ext = getAttribute( $xml_picture, 'tn_ext' ); + // (file, storage_category_id, date_available, tn_ext, filesize, + // width, height) + $value = '('; + $value.= "'".$file."'"; + $value.= ','.$category_id; + $value.= ",'".date( 'Y-m-d' )."'"; + $value.= ",'".$tn_ext."'"; + $value.= ','.getAttribute( $xml_picture, 'filesize' ); + $value.= ','.getAttribute( $xml_picture, 'width' ); + $value.= ','.getAttribute( $xml_picture, 'height' ); + $value.= ')'; + + $count_new++; + $output.= $file; + $output.= ' <span style="font-weight:bold;">'; + $output.= $lang['update_research_added'].'</span>'; + $output.= ' ('.$lang['update_research_tn_ext'].' '.$tn_ext.')'; + $output.= '<br />'; + array_push( $inserts, $value ); + } + } + + if ( count( $inserts ) > 0 ) + { + // inserts all found pictures + $query = 'INSERT INTO '.PREFIX_TABLE.'images'; + $query.= ' (file,storage_category_id,date_available,tn_ext'; + $query.= ',filesize,width,height)'; + $query.= ' VALUES '; + $query.= implode( ',', $inserts ); + $query.= ';'; + mysql_query( $query ); + + // what are the ids of the pictures in the $category_id ? + $ids = array(); + + $query = 'SELECT id'; + $query.= ' FROM '.PREFIX_TABLE.'images'; + $query.= ' WHERE storage_category_id = '.$category_id; + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + array_push( $ids, $row['id'] ); + } + + // recreation of the links between this storage category pictures and + // its storage category + $query = 'DELETE FROM '.PREFIX_TABLE.'image_category'; + $query.= ' WHERE category_id = '.$category_id; + $query.= ' AND image_id IN ('.implode( ',', $ids ).')'; + $query.= ';'; + mysql_query( $query ); + + $query = 'INSERT INTO '.PREFIX_TABLE.'image_category'; + $query.= '(category_id,image_id) VALUES '; + foreach ( $ids as $num => $image_id ) { + if ( $num > 0 ) $query.= ','; + $query.= '('.$category_id.','.$image_id.')'; } + $query.= ';'; + mysql_query( $query ); } + return $output; } //----------------------------------------------------- template initialization @@ -569,15 +670,9 @@ $tpl = array( 'update_default_title', 'update_only_cat', 'update_all', 'remote_site', 'update_part_research' ); templatize_array( $tpl, 'lang', $sub ); $vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); -//-------------------------------------------------------- categories structure -$page['plain_structure'] = get_plain_structure(); //-------------------------------------------- introduction : choices of update // Display choice if "update" var is not specified -check_cat_id( $_GET['update'] ); -if ( !isset( $_GET['update'] ) - and !( isset( $page['cat'] ) - or $_GET['update'] == 'cats' - or $_GET['update'] == 'all' ) ) +if (!isset( $_GET['update'] )) { $vtp->addSession( $sub, 'introduction' ); // only update the categories, not the pictures. @@ -591,6 +686,8 @@ if ( !isset( $_GET['update'] ) //-------------------------------------------------- local update : ./galleries else { + check_cat_id( $_GET['update'] ); + $start = get_moment(); $count_new = 0; $count_deleted = 0; $vtp->addSession( $sub, 'local_update' ); @@ -602,6 +699,8 @@ else { $categories = insert_local_category( 'NULL' ); } + $end = get_moment(); + echo get_elapsed_time( $start, $end ).' for update <br />'; $vtp->setVar( $sub, 'local_update.categories', $categories ); $vtp->setVar( $sub, 'local_update.count_new', $count_new ); $vtp->setVar( $sub, 'local_update.count_deleted', $count_deleted ); @@ -613,15 +712,32 @@ if ( @is_file( './listing.xml' ) ) $count_new = 0; $count_deleted = 0; $vtp->addSession( $sub, 'remote_update' ); - + + $start = get_moment(); remote_images(); + $end = get_moment(); + echo get_elapsed_time( $start, $end ).' for remote_images<br />'; + $vtp->setVar( $sub, 'remote_update.count_new', $count_new ); $vtp->setVar( $sub, 'remote_update.count_deleted', $count_deleted ); $vtp->closeSession( $sub, 'remote_update' ); } //---------------------------------------- update informations about categories -update_category( 'all' ); +if ( isset( $_GET['update'] ) + or isset( $page['cat'] ) + or @is_file( './listing.xml' ) ) +{ + $start = get_moment(); + update_category( 'all' ); + $end = get_moment(); + echo get_elapsed_time( $start, $end ).' for update_category( all )<br />'; + + $start = get_moment(); + synchronize_all_users(); + $end = get_moment(); + echo get_elapsed_time( $start, $end ).' for synchronize_all_users<br />'; +} //----------------------------------------------------------- sending html code $vtp->Parse( $handle , 'sub', $sub ); ?>
\ No newline at end of file diff --git a/admin/user_list.php b/admin/user_list.php index e8b6bb34b..a80d73c3e 100644 --- a/admin/user_list.php +++ b/admin/user_list.php @@ -58,7 +58,7 @@ if ( isset ( $_GET['delete'] ) and is_numeric( $_GET['delete'] ) ) $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); // confirm user deletion ? - if ( $_GET['confirm'] != 1 ) + if ( !isset( $_GET['confirm'] ) ) { $vtp->addSession( $sub, 'deletion' ); $vtp->setVar( $sub, 'deletion.login', $row['username'] ); @@ -109,7 +109,8 @@ else $vtp->addSession( $sub, 'add_user' ); $action = './admin.php?'.$_SERVER['QUERY_STRING']; $vtp->setVar( $sub, 'add_user.form_action', $action ); - $vtp->setVar( $sub, 'add_user.f_username', $_POST['username'] ); + if (isset( $_POST['username'])) + $vtp->setVar( $sub, 'add_user.f_username', $_POST['username'] ); $vtp->closeSession( $sub, 'add_user' ); $vtp->addSession( $sub, 'users' ); @@ -149,7 +150,7 @@ else } $vtp->addSession( $sub, 'user' ); // checkbox for mail management if the user has a mail address - if ( $row['mail_address'] != '' and $row['username'] != 'guest' ) + if ( isset( $row['mail_address'] ) and $row['username'] != 'guest' ) { $vtp->addSession( $sub, 'checkbox' ); $vtp->setVar( $sub, 'checkbox.name', 'mail-'.$row['id'] ); @@ -229,7 +230,7 @@ else $result = mysql_query( $query ); while ( $row = mysql_fetch_array( $result ) ) { - if ( $_POST['mail-'.$row['id']] == 1 ) + if ( isset( $_POST['mail-'.$row['id']] ) ) array_push( $mails, $row['mail_address'] ); } $mail_destination = ''; diff --git a/admin/user_modify.php b/admin/user_modify.php index e49d3b3b0..cc6486c7a 100644 --- a/admin/user_modify.php +++ b/admin/user_modify.php @@ -39,6 +39,7 @@ $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); $page['username'] = $row['username']; $page['status'] = $row['status']; +if ( !isset( $row['mail_address'] ) ) $row['mail_address'] = ''; $page['mail_address'] = $row['mail_address']; // user is not modifiable if : // 1. the selected user is the user "guest" @@ -62,10 +63,7 @@ if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) ) { // shall we use a new password and overwrite the old one ? $use_new_password = false; - if ( $_POST['use_new_pwd'] == 1) - { - $use_new_password = true; - } + if ( isset( $_POST['use_new_pwd'] ) ) $use_new_password = true; // if we try to update the webmaster infos, we have to set the status to // 'admin' if ( $row['username'] == $conf['webmaster'] ) @@ -88,7 +86,7 @@ if ( isset( $_POST['submit'] ) ) while ( $row = mysql_fetch_array( $result ) ) { $dissociate = 'dissociate-'.$row['id']; - if ( $_POST[$dissociate] == 1 ) + if ( isset( $_POST[$dissociate] ) ) { $query = 'DELETE FROM '.PREFIX_TABLE.'user_group'; $query.= ' WHERE user_id = '.$_GET['user_id']; @@ -103,6 +101,8 @@ if ( isset( $_POST['submit'] ) ) $query.= ' ('.$_GET['user_id'].','.$_POST['associate'].')'; $query.= ';'; mysql_query( $query ); + // synchronize category informations for this user + synchronize_user( $_GET['user_id'] ); } //-------------------------------------------------------------- errors display if ( sizeof( $error ) != 0 ) @@ -124,7 +124,7 @@ if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) ) $url = add_session_id( './admin.php?page=user_list' ); $vtp->setVar( $sub, 'confirmation.url', $url ); $vtp->closeSession( $sub, 'confirmation' ); - if ( $use_new_pwd ) + if ( $use_new_password ) { $vtp->addSession( $sub, 'password_updated' ); $vtp->closeSession( $sub, 'password_updated' ); diff --git a/admin/user_perm.php b/admin/user_perm.php index d272552ae..19f7e4b6f 100644 --- a/admin/user_perm.php +++ b/admin/user_perm.php @@ -52,13 +52,14 @@ if ( isset( $_POST['submit'] ) ) } } check_favorites( $_GET['user_id'] ); + synchronize_user( $_GET['user_id'] ); $vtp->addSession( $sub, 'confirmation' ); $url = './admin.php?page=user_list'; $vtp->setVar( $sub, 'confirmation.back_url', add_session_id( $url ) ); $vtp->closeSession( $sub, 'confirmation' ); } //---------------------------------------------------------------- form display -$restrictions = get_restrictions( $_GET['user_id'], $page['user_status'], +$restrictions = get_user_restrictions( $_GET['user_id'], $page['user_status'], false, false ); $action = './admin.php?page=user_perm&user_id='.$_GET['user_id']; $vtp->setVar( $sub, 'action', add_session_id( $action ) ); diff --git a/admin/waiting.php b/admin/waiting.php index aefb6e9d8..5fc79303e 100644 --- a/admin/waiting.php +++ b/admin/waiting.php @@ -116,7 +116,7 @@ while ( $row = mysql_fetch_array( $result ) ) // file name $vtp->setVar( $sub, 'picture.file', $row['file'] ); // is there an existing associated thumnail ? - if ( $row['tn_ext'] != '' ) + if ( isset( $row['tn_ext'] ) and $row['tn_ext'] != '' ) { $vtp->addSession( $sub, 'thumbnail' ); $thumbnail = $conf['prefix_thumbnail']; |