diff options
Diffstat (limited to '')
-rw-r--r-- | include/config.inc.php | 4 | ||||
-rw-r--r-- | include/functions_category.inc.php | 2 | ||||
-rw-r--r-- | include/functions_html.inc.php | 3 | ||||
-rw-r--r-- | include/functions_session.inc.php | 8 | ||||
-rw-r--r-- | include/functions_user.inc.php | 39 | ||||
-rw-r--r-- | include/user.inc.php | 25 |
6 files changed, 58 insertions, 23 deletions
diff --git a/include/config.inc.php b/include/config.inc.php index e5926578d..22d205fad 100644 --- a/include/config.inc.php +++ b/include/config.inc.php @@ -190,7 +190,7 @@ $conf['newcat_default_status'] = 'public'; // to the sub level $conf['level_separator'] = ' / '; -// paginate_pages_around : on paginate navigation bar, on many pages display -// before and after the current page ? +// paginate_pages_around : on paginate navigation bar, how many pages +// display before and after the current page ? $conf['paginate_pages_around'] = 2; ?> diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php index 2fd502120..f08a2fa27 100644 --- a/include/functions_category.inc.php +++ b/include/functions_category.inc.php @@ -561,6 +561,8 @@ SELECT COUNT(DISTINCT(id)) AS nb_total_images // favorites displaying else if ( $page['cat'] == 'fav' ) { + check_user_favorites(); + $page['title'] = $lang['favorites']; $page['where'] = ', '.FAVORITES_TABLE.' AS fav'; diff --git a/include/functions_html.inc.php b/include/functions_html.inc.php index f1b76169f..c60abc778 100644 --- a/include/functions_html.inc.php +++ b/include/functions_html.inc.php @@ -158,11 +158,12 @@ function create_navigation_bar($url, $nb_element, $start, { $navbar.= $lang['next_page']; } + + $navbar.= ' | '; // link to last page ? if ($cur_page != $maximum) { $temp_start = ($maximum - 1) * $nb_element_page; - $navbar.= ' | '; $navbar.= '<a href="'; $navbar.= add_session_id($url.'&start='.$temp_start); $navbar.= '" class="'.$link_class.'">'.$lang['last_page']; diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php index aa454d3ea..bbbb739cd 100644 --- a/include/functions_session.inc.php +++ b/include/functions_session.inc.php @@ -86,16 +86,16 @@ SELECT id } } // 3. inserting session in database - $expiration = $session_length + time(); $query = ' INSERT INTO '.SESSIONS_TABLE.' - (id,user_id,expiration,ip) + (id,user_id,expiration) VALUES - (\''.$generated_id.'\','.$userid.','.$expiration.', - \''.$_SERVER['REMOTE_ADDR'].'\') + (\''.$generated_id.'\','.$userid.', + ADDDATE(NOW(), INTERVAL '.$session_length.' SECOND)) ;'; pwg_query($query); + $expiration = $session_length + time(); setcookie('id', $generated_id, $expiration, cookie_path()); return $generated_id; diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index 1581ff28f..c00ba2f4a 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -237,4 +237,43 @@ function getuserdata($user) $result = pwg_query($sql); return ( $row = mysql_fetch_array($result) ) ? $row : false; } + +/* + * deletes favorites of the current user if he's not allowed to see them + * + * @return void + */ +function check_user_favorites() +{ + global $user; + + if ($user['forbidden_categories'] == '') + { + return; + } + + $query = ' +SELECT f.image_id + FROM '.FAVORITES_TABLE.' AS f INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic + ON f.image_id = ic.image_id + WHERE f.user_id = '.$user['id'].' + AND ic.category_id IN ('.$user['forbidden_categories'].') +;'; + $result = pwg_query($query); + $elements = array(); + while ($row = mysql_fetch_array($result)) + { + array_push($elements, $row['image_id']); + } + + if (count($elements) > 0) + { + $query = ' +DELETE FROM '.FAVORITES_TABLE.' + WHERE image_id IN ('.implode(',', $elements).') + AND user_id = '.$user['id'].' +;'; + pwg_query($query); + } +} ?> diff --git a/include/user.inc.php b/include/user.inc.php index 3500ff186..eb5540f8b 100644 --- a/include/user.inc.php +++ b/include/user.inc.php @@ -59,7 +59,7 @@ if (isset($session_id) { $page['session_id'] = $session_id; $query = ' -SELECT user_id,expiration,ip +SELECT user_id,expiration,NOW() AS now FROM '.SESSIONS_TABLE.' WHERE id = \''.$page['session_id'].'\' ;'; @@ -67,22 +67,15 @@ SELECT user_id,expiration,ip if (mysql_num_rows($result) > 0) { $row = mysql_fetch_array($result); - if (!$user['has_cookie']) + if (strnatcmp($row['expiration'], $row['now']) < 0) { - if ($row['expiration'] < time()) - { - // deletion of the session from the database, - // because it is out-of-date - $delete_query = 'DELETE FROM '.SESSIONS_TABLE; - $delete_query.= " WHERE id = '".$page['session_id']."'"; - $delete_query.= ';'; - pwg_query($delete_query); - } - else if ($_SERVER['REMOTE_ADDR'] == $row['ip']) - { - $query_user .= ' WHERE id = '.$row['user_id']; - $query_done = true; - } + // deletion of the session from the database, because it is + // out-of-date + $delete_query = ' +DELETE FROM '.SESSIONS_TABLE.' + WHERE id = \''.$page['session_id'].'\' +;'; + pwg_query($delete_query); } else { |