aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/functions.inc.php1
-rw-r--r--include/functions_cookie.inc.php114
-rw-r--r--include/functions_rate.inc.php71
-rw-r--r--include/functions_session.inc.php62
4 files changed, 145 insertions, 103 deletions
diff --git a/include/functions.inc.php b/include/functions.inc.php
index becace1a4..e80e3cb3a 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -25,6 +25,7 @@
// +-----------------------------------------------------------------------+
include_once( PHPWG_ROOT_PATH .'include/functions_user.inc.php' );
+include_once( PHPWG_ROOT_PATH .'include/functions_cookie.inc.php' );
include_once( PHPWG_ROOT_PATH .'include/functions_session.inc.php' );
include_once( PHPWG_ROOT_PATH .'include/functions_category.inc.php' );
include_once( PHPWG_ROOT_PATH .'include/functions_xml.inc.php' );
diff --git a/include/functions_cookie.inc.php b/include/functions_cookie.inc.php
new file mode 100644
index 000000000..28ef5ede9
--- /dev/null
+++ b/include/functions_cookie.inc.php
@@ -0,0 +1,114 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2007 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | file : $Id$
+// | last update : $Date$
+// | last modifier : $Author$
+// | revision : $Revision$
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify |
+// | it under the terms of the GNU General Public License as published by |
+// | the Free Software Foundation |
+// | |
+// | This program is distributed in the hope that it will be useful, but |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
+// | General Public License for more details. |
+// | |
+// | You should have received a copy of the GNU General Public License |
+// | along with this program; if not, write to the Free Software |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA. |
+// +-----------------------------------------------------------------------+
+
+// cookie_path returns the path to use for the PhpWebGallery cookie.
+// If PhpWebGallery is installed on :
+// http://domain.org/meeting/gallery/category.php
+// cookie_path will return : "/meeting/gallery"
+function cookie_path()
+{
+ if ( isset($_SERVER['REDIRECT_SCRIPT_NAME']) and
+ !empty($_SERVER['REDIRECT_SCRIPT_NAME']) )
+ {
+ $scr = $_SERVER['REDIRECT_SCRIPT_NAME'];
+ }
+ else if ( isset($_SERVER['REDIRECT_URL']) )
+ { // mod_rewrite is activated for upper level directories. we must set the
+ // cookie to the path shown in the browser otherwise it will be discarded.
+ if ( isset($_SERVER['PATH_INFO']) and !empty($_SERVER['PATH_INFO']) )
+ {
+ $idx = strpos( $_SERVER['REDIRECT_URL'], $_SERVER['PATH_INFO'] );
+ if ($idx !== false)
+ {
+ $scr = substr($_SERVER['REDIRECT_URL'], 0, $idx);
+ }
+ else
+ {//this should never happen
+ $scr='//';
+ }
+ }
+ else
+ {
+ $scr = $_SERVER['REDIRECT_URL'];
+ }
+ }
+ else
+ {
+ $scr = $_SERVER['SCRIPT_NAME'];
+ }
+ $scr = substr($scr,0,strrpos( $scr,'/'));
+
+ // add a trailing '/' if needed
+ $scr .= ($scr{strlen($scr)-1} == '/') ? '' : '/';
+
+ if ( substr(PHPWG_ROOT_PATH,0,3)=='../')
+ { // this is maybe a plugin inside pwg directory
+ // TODO - what if it is an external script outside PWG ?
+ $scr = $scr.PHPWG_ROOT_PATH;
+ while (1)
+ {
+ $new = preg_replace('#[^/]+/\.\.(/|$)#', '', $scr);
+ if ($new==$scr)
+ {
+ break;
+ }
+ $scr=$new;
+ }
+ }
+ return $scr;
+}
+
+/**
+ * persistently stores a variable in pwg cookie
+ * @return boolean true on success
+ * @see pwg_get_cookie_var
+ */
+function pwg_set_cookie_var($var, $value)
+{
+ $_COOKIE['pwg_'.$var] = $value;
+ return
+ setcookie('pwg_'.$var, $value,
+ strtotime('+10 years'), cookie_path());
+}
+
+/**
+ * retrieves the value of a persistent variable in pwg cookie
+ * @return mixed
+ * @see pwg_set_cookie_var
+ */
+function pwg_get_cookie_var($var, $default = null)
+{
+ if (isset($_COOKIE['pwg_'.$var]))
+ {
+ return $_COOKIE['pwg_'.$var];
+ }
+ else
+ {
+ return $default;
+ }
+}
+
+?>
diff --git a/include/functions_rate.inc.php b/include/functions_rate.inc.php
index 3fe1a668e..a0486bd55 100644
--- a/include/functions_rate.inc.php
+++ b/include/functions_rate.inc.php
@@ -4,8 +4,7 @@
// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
// | Copyright (C) 2003-2007 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
-// | branch : BSF (Best So Far)
-// | file : $RCSfile$
+// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
@@ -59,57 +58,43 @@ function rate_picture($image_id, $rate)
}
$anonymous_id = implode ('.', $ip_components);
- if (isset($_COOKIE['pwg_anonymous_rater']))
- {
- if ($anonymous_id != $_COOKIE['pwg_anonymous_rater'])
- { // client has changed his IP adress or he's trying to fool us
- $query = '
+ $save_anonymous_id = pwg_get_cookie_var('anonymous_rater', $anonymous_id);
+
+ if ($anonymous_id != $save_anonymous_id)
+ { // client has changed his IP adress or he's trying to fool us
+ $query = '
SELECT element_id
- FROM '.RATE_TABLE.'
- WHERE user_id = '.$user['id'].'
- AND anonymous_id = \''.$anonymous_id.'\'
+FROM '.RATE_TABLE.'
+WHERE user_id = '.$user['id'].'
+ AND anonymous_id = \''.$anonymous_id.'\'
;';
- $already_there = array_from_query($query, 'element_id');
+ $already_there = array_from_query($query, 'element_id');
- if (count($already_there) > 0)
- {
- $query = '
+ if (count($already_there) > 0)
+ {
+ $query = '
DELETE
- FROM '.RATE_TABLE.'
- WHERE user_id = '.$user['id'].'
- AND anonymous_id = \''.$_COOKIE['pwg_anonymous_rater'].'\'
- AND element_id NOT IN ('.implode(',', $already_there).')
+FROM '.RATE_TABLE.'
+WHERE user_id = '.$user['id'].'
+ AND anonymous_id = \''.$save_anonymous_id.'\'
+ AND element_id NOT IN ('.implode(',', $already_there).')
;';
- pwg_query($query);
- }
+ pwg_query($query);
+ }
- $query = '
+ $query = '
UPDATE
- '.RATE_TABLE.'
- SET anonymous_id = \'' .$anonymous_id.'\'
- WHERE user_id = '.$user['id'].'
- AND anonymous_id = \'' . $_COOKIE['pwg_anonymous_rater'].'\'
+'.RATE_TABLE.'
+SET anonymous_id = \'' .$anonymous_id.'\'
+WHERE user_id = '.$user['id'].'
+ AND anonymous_id = \'' . $save_anonymous_id.'\'
;';
- pwg_query($query);
+ pwg_query($query);
+ } // end client changed ip
- setcookie(
- 'pwg_anonymous_rater',
- $anonymous_id,
- strtotime('+10 years'),
- cookie_path()
- );
- } // end client changed ip
- } // end client has cookie
- else
- {
- setcookie(
- 'pwg_anonymous_rater',
- $anonymous_id,
- strtotime('+10 years'),
- cookie_path()
- );
- }
+ pwg_get_cookie_var('anonymous_rater', $anonymous_id);
} // end anonymous user
+
$query = '
DELETE
FROM '.RATE_TABLE.'
diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php
index d02fea3ae..8e49d9b0d 100644
--- a/include/functions_session.inc.php
+++ b/include/functions_session.inc.php
@@ -2,10 +2,9 @@
// +-----------------------------------------------------------------------+
// | PhpWebGallery - a PHP based picture gallery |
// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// | Copyright (C) 2003-2007 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
-// | branch : BSF (Best So Far)
-// | file : $RCSfile$
+// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
@@ -75,63 +74,6 @@ if (isset($conf['session_save_handler'])
session_set_cookie_params(0, cookie_path());
}
-// cookie_path returns the path to use for the PhpWebGallery cookie.
-// If PhpWebGallery is installed on :
-// http://domain.org/meeting/gallery/category.php
-// cookie_path will return : "/meeting/gallery"
-function cookie_path()
-{
- if ( isset($_SERVER['REDIRECT_SCRIPT_NAME']) and
- !empty($_SERVER['REDIRECT_SCRIPT_NAME']) )
- {
- $scr = $_SERVER['REDIRECT_SCRIPT_NAME'];
- }
- else if ( isset($_SERVER['REDIRECT_URL']) )
- { // mod_rewrite is activated for upper level directories. we must set the
- // cookie to the path shown in the browser otherwise it will be discarded.
- if ( isset($_SERVER['PATH_INFO']) and !empty($_SERVER['PATH_INFO']) )
- {
- $idx = strpos( $_SERVER['REDIRECT_URL'], $_SERVER['PATH_INFO'] );
- if ($idx !== false)
- {
- $scr = substr($_SERVER['REDIRECT_URL'], 0, $idx);
- }
- else
- {//this should never happen
- $scr='//';
- }
- }
- else
- {
- $scr = $_SERVER['REDIRECT_URL'];
- }
- }
- else
- {
- $scr = $_SERVER['SCRIPT_NAME'];
- }
- $scr = substr($scr,0,strrpos( $scr,'/'));
-
- // add a trailing '/' if needed
- $scr .= ($scr{strlen($scr)-1} == '/') ? '' : '/';
-
- if ( substr(PHPWG_ROOT_PATH,0,3)=='../')
- { // this is maybe a plugin inside pwg directory
- // TODO - what if it is an external script outside PWG ?
- $scr = $scr.PHPWG_ROOT_PATH;
- while (1)
- {
- $new = preg_replace('#[^/]+/\.\.(/|$)#', '', $scr);
- if ($new==$scr)
- {
- break;
- }
- $scr=$new;
- }
- }
- return $scr;
-}
-
/**
* returns true; used when the session_start() function is called
*