aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/functions.inc.php37
-rw-r--r--include/functions_category.inc.php4
-rw-r--r--include/functions_session.inc.php50
-rw-r--r--include/functions_user.inc.php77
-rw-r--r--include/init.inc.php4
-rw-r--r--include/user.inc.php12
6 files changed, 101 insertions, 83 deletions
diff --git a/include/functions.inc.php b/include/functions.inc.php
index 76c95e326..85db1eb76 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -20,6 +20,33 @@ include( 'functions_category.inc.php' );
//----------------------------------------------------------- generic functions
+// get_enums returns an array containing the possible values of a enum field
+// in a table of the database.
+function get_enums( $table, $field )
+{
+ // retrieving the properties of the table. Each line represents a field :
+ // columns are 'Field', 'Type'
+ $result=mysql_query("desc $table");
+ while ( $row = mysql_fetch_array( $result ) )
+ {
+ // we are only interested in the the field given in parameter for the
+ // function
+ if ( $row['Field']==$field )
+ {
+ // retrieving possible values of the enum field
+ // enum('blue','green','black')
+ $option = explode( ',', substr($row['Type'], 5, -1 ) );
+ for ( $i = 0; $i < sizeof( $option ); $i++ )
+ {
+ // deletion of quotation marks
+ $option[$i] = str_replace( "'", '',$option[$i] );
+ }
+ }
+ }
+ mysql_free_result( $result );
+ return $option;
+}
+
// get_boolean transforms a string to a boolean value. If the string is
// "false" (case insensitive), then the boolean value false is returned. In
// any other case, true is returned.
@@ -54,9 +81,9 @@ function array_remove( $array, $value )
// are precised : e.g. 1052343429.89276600
function get_moment()
{
- $t1 = explode( " ", microtime() );
- $t2 = explode( ".", $t1[0] );
- $t2 = $t1[1].".".$t2[1];
+ $t1 = explode( ' ', microtime() );
+ $t2 = explode( '.', $t1[0] );
+ $t2 = $t1[1].'.'.$t2[1];
return $t2;
}
@@ -273,9 +300,9 @@ function pwg_log( $file, $category, $picture = '' )
}
}
-function templatize_array( $array, $global_array_name )
+function templatize_array( $array, $global_array_name, $handle )
{
- global $vtp, $handle, $lang, $page, $user, $conf;
+ global $vtp, $lang, $page, $user, $conf;
for( $i = 0; $i < sizeof( $array ); $i++ )
{
diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php
index 051e89f56..115ee434e 100644
--- a/include/functions_category.inc.php
+++ b/include/functions_category.inc.php
@@ -1,6 +1,6 @@
<?php
/***************************************************************************
- * functions_category.inc.php *
+ * functions_category.inc.php *
* -------------------- *
* application : PhpWebGallery 1.3 *
* author : Pierrick LE GALL <pierrick@z0rglub.com> *
@@ -131,7 +131,7 @@ function display_cat( $id_uppercat, $indent, $restriction, $tab_expand )
{
$url.= "&amp;search=".$_GET['search'];
}
- $lien_cat = add_session_id_to_url( $url );
+ $lien_cat = add_session_id( $url );
if ( $row['name'] == "" )
{
$name = str_replace( "_", " ", $row['dir'] );
diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php
index e85447221..722627dc7 100644
--- a/include/functions_session.inc.php
+++ b/include/functions_session.inc.php
@@ -48,10 +48,10 @@ function generate_key()
return $key;
}
-function session_create( $pseudo )
+function session_create( $username )
{
global $conf,$prefixeTable,$REMOTE_ADDR;
- // 1. trouver une clé de session inexistante
+ // 1. searching an unused sesison key
$id_found = false;
while ( !$id_found )
{
@@ -65,14 +65,13 @@ function session_create( $pseudo )
$id_found = true;
}
}
- // 2. récupération de l'id de l'utilisateur dont le pseudo
- // est passé en paramètre
+ // 2. retrieving id of the username given in parameter
$query = 'select id';
$query.= ' from '.$prefixeTable.'users';
- $query.= " where pseudo = '".$pseudo."';";
+ $query.= " where username = '".$username."';";
$row = mysql_fetch_array( mysql_query( $query ) );
$user_id = $row['id'];
- // 3. insertion de la session dans la base de donnée
+ // 3. inserting session in database
$expiration = $conf['session_time']*60+time();
$query = 'insert into '.$prefixeTable.'sessions';
$query.= ' (id,user_id,expiration,ip) values';
@@ -82,49 +81,28 @@ function session_create( $pseudo )
return $generated_id;
}
-
-function add_session_id_to_url( $url, $redirect = false )
-{
- global $page, $user;
- $amp = "&amp;";
- if ( $redirect )
- {
- $amp = "&";
- }
- if ( !$user['is_the_guest'] )
- {
- if ( ereg( "\.php\?",$url ) )
- {
- return $url.$amp."id=".$page['session_id'];
- }
- else
- {
- return $url."?id=".$page['session_id'];
- }
- }
- else
- {
- return $url;
- }
-}
+// add_session_id adds the id of the session to the string given in
+// parameter as $url. If the session id is the first parameter to the url,
+// it is preceded by a '?', else it is preceded by a '&amp;'. If the
+// parameter $redirect is set to true, '&' is used instead of '&'.
function add_session_id( $url, $redirect = false )
{
global $page, $user;
- $amp = "&amp;";
+ $amp = '&amp;';
if ( $redirect )
{
- $amp = "&";
+ $amp = '&';
}
if ( !$user['is_the_guest'] )
{
- if ( ereg( "\.php\?",$url ) )
+ if ( preg_match( '/\.php\?/',$url ) )
{
- return $url.$amp."id=".$page['session_id'];
+ return $url.$amp.'id='.$page['session_id'];
}
else
{
- return $url."?id=".$page['session_id'];
+ return $url.'?id='.$page['session_id'];
}
}
else
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index 48160f113..03be22b1a 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -14,34 +14,39 @@
* the Free Software Foundation; *
* *
***************************************************************************/
+
+// validate_mail_address verifies whether the given mail address has the
+// right format. ie someone@domain.com "someone" can contain ".", "-" or
+// even "_". Exactly as "domain". The extension doesn't have to be
+// "com". The mail address can also be empty.
+// If the mail address doesn't correspond, an error message is returned.
function validate_mail_address( $mail_address )
{
global $lang;
- $output = '';
- // le mail doit être conforme à qqch du type : nom@serveur.com
- if ( $mail_address != ''
- and !ereg( "([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+)",
- $mail_address ) )
+ if ( $mail_address == '' )
{
- $output = $lang['reg_err_mail_address'];
+ return '';
+ }
+ $regex = '/^[\w-]+(\.[\w-]+)*@[\w-]+(\.[\w-]+)*\.[a-z]+$/';
+ if ( !preg_match( $regex, $mail_address ) )
+ {
+ return $lang['reg_err_mail_address'];
}
-
- return $output;
}
-function register_user( $login, $password, $password_conf,
- $mail_address, $status = 'visiteur' )
+function register_user(
+ $login, $password, $password_conf, $mail_address, $status = 'guest' )
{
- global $prefixeTable;
+ global $prefixeTable, $lang;
$error = array();
$i = 0;
- // le login ne doit pas
- // 1. être vide
- // 2. commencer ou se terminer par un espace
- // 3. comporter les caractères ' ou "
- // 4. être déjà utilisé
+ // login must not
+ // 1. be empty
+ // 2. start ou end with space character
+ // 3. include ' or " characters
+ // 4. be already used
if ( $login == '' )
{
$error[$i++] = $lang['reg_err_login1'];
@@ -62,15 +67,14 @@ function register_user( $login, $password, $password_conf,
{
$query = 'select id';
$query.= ' from '.$prefixeTable.'users';
- $query.= " where pseudo = '".$login."';";
+ $query.= " where username = '".$login."';";
$result = mysql_query( $query );
if ( mysql_num_rows( $result ) > 0 )
{
$error[$i++] = $lang['reg_err_login5'];
}
}
- // on vérifie que le password rentré correspond bien
- // à la confirmation faite par l'utilisateur
+ // given password must be the same as the confirmation
if ( $password != $password_conf )
{
$error[$i++] = $lang['reg_err_pass'];
@@ -81,12 +85,11 @@ function register_user( $login, $password, $password_conf,
{
$error[$i++] = $error_mail_address;
}
-
- // on enregistre le nouvel utilisateur si aucune
- //erreur détectée dans les paramètres
+
+ // if no error until here, registration of the user
if ( sizeof( $error ) == 0 )
{
- // 1.récupération des valeurs par défaut de l'application
+ // 1. retrieving default values, the ones of the user "guest"
$infos = array( 'nb_image_line', 'nb_line_page', 'theme', 'language',
'maxwidth', 'maxheight', 'expand', 'show_nb_comments',
'short_period', 'long_period', 'template' );
@@ -104,17 +107,17 @@ function register_user( $login, $password, $password_conf,
$query.= $infos[$i];
}
$query.= ' from '.$prefixeTable.'users';
- $query.= " where pseudo = 'visiteur';";
+ $query.= " where username = 'guest';";
$row = mysql_fetch_array( mysql_query( $query ) );
- // 2.ajout du nouvel utilisateur
+ // 2. adding new user
$query = 'insert into '.$prefixeTable.'users';
$query.= ' (';
- $query.= ' pseudo,password,mail_address,status';
+ $query.= ' username,password,mail_address,status';
for ( $i = 0; $i < sizeof( $infos ); $i++ )
{
$query.= ','.$infos[$i];
}
- $query.= ' values (';
+ $query.= ') values (';
$query.= " '".$login."'";
$query.= ",'".md5( $password )."'";
if ( $mail_address != '' )
@@ -128,23 +131,30 @@ function register_user( $login, $password, $password_conf,
$query.= ",'".$status."'";
for ( $i = 0; $i < sizeof( $infos ); $i++ )
{
- $query.= ','.$row[$infos[$i]];
+ $query.= ',';
+ if ( $row[$infos[$i]] == '' )
+ {
+ $query.= 'NULL';
+ }
+ else
+ {
+ $query.= "'".$row[$infos[$i]]."'";
+ }
}
$query.= ');';
mysql_query( $query );
- // 3. récupérer l'identifiant de l'utilisateur nouvellement créé
+ // 3. retrieving the id of the newly created user
$query = 'select id';
$query.= ' from '.$prefixeTable.'users';
- $query.= " where pseudo = '".$login."';";
+ $query.= " where username = '".$login."';";
$row = mysql_fetch_array( mysql_query( $query ) );
$user_id = $row['id'];
- // 4.ajouter les restrictions au nouvel utilisateur,
- // les mêmes que celles de l'utilisateur par défaut
+ // 4. adding restrictions to the new user, the same as the user "guest"
$query = 'select cat_id';
$query.= ' from '.$prefixeTable.'restrictions as r';
$query.= ','.$prefixeTable.'users as u ';
$query.= ' where u.id = r.user_id';
- $query.= " and u.pseudo = 'visiteur';";
+ $query.= " and u.username = 'guest';";
$result = mysql_query( $query );
while( $row = mysql_fetch_array( $result ) )
{
@@ -190,6 +200,7 @@ function update_user( $user_id, $mail_address, $status,
}
$query.= ' where id = '.$user_id;
$query.= ';';
+ echo $query;
mysql_query( $query );
}
return $error;
diff --git a/include/init.inc.php b/include/init.inc.php
index 041545b3f..21a3ac8b0 100644
--- a/include/init.inc.php
+++ b/include/init.inc.php
@@ -29,9 +29,11 @@ $user['restrictions'] = get_restrictions( $user['id'], $user['status'], true );
$isadmin = false;
include_once( './language/'.$user['language'].'.php' );
+// displaying the username in the language of the connected user, instead of
+// "guest" as you can find in the database
if ( $user['is_the_guest'] )
{
- $user['pseudo'] = $lang['guest'];
+ $user['username'] = $lang['guest'];
}
include_once( './template/'.$user['template'].'/style.inc.php' );
include_once( './template/'.$user['template'].'/htmlfunctions.inc.php' );
diff --git a/include/user.inc.php b/include/user.inc.php
index b323385e7..3a95e08ab 100644
--- a/include/user.inc.php
+++ b/include/user.inc.php
@@ -1,9 +1,9 @@
<?php
/***************************************************************************
- * user.inc.php is a part of PhpWebGallery *
- * ------------------- *
- * last update : Saturday, October 26, 2002 *
- * email : pierrick@z0rglub.com *
+ * user.inc.php *
+ * ------------------ *
+ * application : PhpWebGallery 1.3 *
+ * author : Pierrick LE GALL <pierrick@z0rglub.com> *
* *
***************************************************************************
@@ -19,7 +19,7 @@
// Each field becomes an information of the array $user.
// Example :
// status --> $user['status']
-$infos = array( 'id', 'pseudo', 'mail_address', 'nb_image_line',
+$infos = array( 'id', 'username', 'mail_address', 'nb_image_line',
'nb_line_page', 'status', 'theme', 'language', 'maxwidth',
'maxheight', 'expand', 'show_nb_comments', 'short_period',
'long_period', 'template' );
@@ -71,7 +71,7 @@ if ( isset( $_GET['id'] )
}
if ( !$query_done )
{
- $query_user .= " where pseudo = 'visiteur'";
+ $query_user .= ' where id = 2';
$user['is_the_guest'] = true;
}
$query_user .= ';';