aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--include/config.inc.php4
-rw-r--r--include/functions_category.inc.php2
-rw-r--r--include/functions_html.inc.php3
-rw-r--r--include/functions_session.inc.php8
-rw-r--r--include/functions_user.inc.php39
-rw-r--r--include/user.inc.php25
6 files changed, 58 insertions, 23 deletions
diff --git a/include/config.inc.php b/include/config.inc.php
index e5926578d..22d205fad 100644
--- a/include/config.inc.php
+++ b/include/config.inc.php
@@ -190,7 +190,7 @@ $conf['newcat_default_status'] = 'public';
// to the sub level
$conf['level_separator'] = ' / ';
-// paginate_pages_around : on paginate navigation bar, on many pages display
-// before and after the current page ?
+// paginate_pages_around : on paginate navigation bar, how many pages
+// display before and after the current page ?
$conf['paginate_pages_around'] = 2;
?>
diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php
index 2fd502120..f08a2fa27 100644
--- a/include/functions_category.inc.php
+++ b/include/functions_category.inc.php
@@ -561,6 +561,8 @@ SELECT COUNT(DISTINCT(id)) AS nb_total_images
// favorites displaying
else if ( $page['cat'] == 'fav' )
{
+ check_user_favorites();
+
$page['title'] = $lang['favorites'];
$page['where'] = ', '.FAVORITES_TABLE.' AS fav';
diff --git a/include/functions_html.inc.php b/include/functions_html.inc.php
index f1b76169f..c60abc778 100644
--- a/include/functions_html.inc.php
+++ b/include/functions_html.inc.php
@@ -158,11 +158,12 @@ function create_navigation_bar($url, $nb_element, $start,
{
$navbar.= $lang['next_page'];
}
+
+ $navbar.= ' | ';
// link to last page ?
if ($cur_page != $maximum)
{
$temp_start = ($maximum - 1) * $nb_element_page;
- $navbar.= ' | ';
$navbar.= '<a href="';
$navbar.= add_session_id($url.'&amp;start='.$temp_start);
$navbar.= '" class="'.$link_class.'">'.$lang['last_page'];
diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php
index aa454d3ea..bbbb739cd 100644
--- a/include/functions_session.inc.php
+++ b/include/functions_session.inc.php
@@ -86,16 +86,16 @@ SELECT id
}
}
// 3. inserting session in database
- $expiration = $session_length + time();
$query = '
INSERT INTO '.SESSIONS_TABLE.'
- (id,user_id,expiration,ip)
+ (id,user_id,expiration)
VALUES
- (\''.$generated_id.'\','.$userid.','.$expiration.',
- \''.$_SERVER['REMOTE_ADDR'].'\')
+ (\''.$generated_id.'\','.$userid.',
+ ADDDATE(NOW(), INTERVAL '.$session_length.' SECOND))
;';
pwg_query($query);
+ $expiration = $session_length + time();
setcookie('id', $generated_id, $expiration, cookie_path());
return $generated_id;
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index 1581ff28f..c00ba2f4a 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -237,4 +237,43 @@ function getuserdata($user)
$result = pwg_query($sql);
return ( $row = mysql_fetch_array($result) ) ? $row : false;
}
+
+/*
+ * deletes favorites of the current user if he's not allowed to see them
+ *
+ * @return void
+ */
+function check_user_favorites()
+{
+ global $user;
+
+ if ($user['forbidden_categories'] == '')
+ {
+ return;
+ }
+
+ $query = '
+SELECT f.image_id
+ FROM '.FAVORITES_TABLE.' AS f INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic
+ ON f.image_id = ic.image_id
+ WHERE f.user_id = '.$user['id'].'
+ AND ic.category_id IN ('.$user['forbidden_categories'].')
+;';
+ $result = pwg_query($query);
+ $elements = array();
+ while ($row = mysql_fetch_array($result))
+ {
+ array_push($elements, $row['image_id']);
+ }
+
+ if (count($elements) > 0)
+ {
+ $query = '
+DELETE FROM '.FAVORITES_TABLE.'
+ WHERE image_id IN ('.implode(',', $elements).')
+ AND user_id = '.$user['id'].'
+;';
+ pwg_query($query);
+ }
+}
?>
diff --git a/include/user.inc.php b/include/user.inc.php
index 3500ff186..eb5540f8b 100644
--- a/include/user.inc.php
+++ b/include/user.inc.php
@@ -59,7 +59,7 @@ if (isset($session_id)
{
$page['session_id'] = $session_id;
$query = '
-SELECT user_id,expiration,ip
+SELECT user_id,expiration,NOW() AS now
FROM '.SESSIONS_TABLE.'
WHERE id = \''.$page['session_id'].'\'
;';
@@ -67,22 +67,15 @@ SELECT user_id,expiration,ip
if (mysql_num_rows($result) > 0)
{
$row = mysql_fetch_array($result);
- if (!$user['has_cookie'])
+ if (strnatcmp($row['expiration'], $row['now']) < 0)
{
- if ($row['expiration'] < time())
- {
- // deletion of the session from the database,
- // because it is out-of-date
- $delete_query = 'DELETE FROM '.SESSIONS_TABLE;
- $delete_query.= " WHERE id = '".$page['session_id']."'";
- $delete_query.= ';';
- pwg_query($delete_query);
- }
- else if ($_SERVER['REMOTE_ADDR'] == $row['ip'])
- {
- $query_user .= ' WHERE id = '.$row['user_id'];
- $query_done = true;
- }
+ // deletion of the session from the database, because it is
+ // out-of-date
+ $delete_query = '
+DELETE FROM '.SESSIONS_TABLE.'
+ WHERE id = \''.$page['session_id'].'\'
+;';
+ pwg_query($delete_query);
}
else
{