diff options
Diffstat (limited to '')
-rw-r--r-- | picture.php | 320 |
1 files changed, 203 insertions, 117 deletions
diff --git a/picture.php b/picture.php index 22f66b038..772428e71 100644 --- a/picture.php +++ b/picture.php @@ -69,7 +69,7 @@ if ($page['current_rank'] != $page['first_rank']) 'U_IMG' => PHPWG_ROOT_PATH.'picture.php'. get_query_string_diff( - array('image_id', 'add_fav', 'slideshow', 'rate') + array('image_id', 'add_fav', 'slideshow') ). '&image_id='.$page['items'][ $page['first_rank'] ], ) @@ -89,7 +89,7 @@ if ($page['current_rank'] != $page['last_rank']) 'U_IMG' => PHPWG_ROOT_PATH.'picture.php'. get_query_string_diff( - array('image_id', 'add_fav', 'slideshow', 'rate') + array('image_id', 'add_fav', 'slideshow') ). '&image_id='.$page['items'][ $page['last_rank'] ], ) @@ -143,6 +143,105 @@ if (isset($_GET['caddie'])) redirect($url); } + +//----------------------------------------------------------- rate registration +if (isset($_GET['rate']) + and $conf['rate'] + and ( !$user['is_the_guest'] or $conf['rate_anonymous'] ) + and in_array($_GET['rate'], $rate_items)) +{ + if ($user['is_the_guest']) + { + $ip_components = explode('.', $_SERVER["REMOTE_ADDR"]); + if ( count($ip_components)>3 ) + { + array_pop($ip_components); + } + $anonymous_id = implode ('.', $ip_components); + + if ( isset($_COOKIE['pwg_anonymous_rater']) ) + { + if ($anonymous_id != $_COOKIE['pwg_anonymous_rater'] ) + { // client has changed his IP adress or he's trying to fool us + $query = ' +SELECT element_id FROM '. RATE_TABLE . ' + WHERE user_id=' . $user['id'] . ' + AND anonymous_id=\'' . $anonymous_id . '\''; + $result = pwg_query($query); + $already_there = array(); + while ( $row = mysql_fetch_array($result) ) + { + array_push( $already_there, $row['element_id'] ); + } + + if ( count($already_there)>0 ) + { + $query = ' +DELETE FROM '. RATE_TABLE . ' + WHERE user_id=' . $user['id'] . ' + AND anonymous_id=\'' . $_COOKIE['pwg_anonymous_rater'] . '\' + AND element_id NOT IN (' . implode(',',$already_there) . ')'; + pwg_query($query); + } + + $query = ' +UPDATE '. RATE_TABLE . ' + SET anonymous_id=\'' . $anonymous_id . '\' + WHERE user_id=' . $user['id'] . ' + AND anonymous_id=\'' . $_COOKIE['pwg_anonymous_rater'] . '\''; + pwg_query($query); + + setcookie('pwg_anonymous_rater', $anonymous_id, + strtotime('+10 years'), cookie_path() ); + } + } + else + { + setcookie('pwg_anonymous_rater', $anonymous_id, + strtotime('+10 years'), cookie_path() ); + } + } + + $query = ' +DELETE FROM '.RATE_TABLE.' + WHERE element_id = '.$_GET['image_id'] . ' + AND user_id = '.$user['id'] +; + if (isset($anonymous_id)) + { + $query.= ' AND anonymous_id=\'' . $anonymous_id .'\''; + } + pwg_query($query); + $query = ' +INSERT INTO '.RATE_TABLE.' + (user_id,anonymous_id,element_id,rate,date) + VALUES + ('.$user['id'].','.(isset($anonymous_id)?'\''.$anonymous_id.'\'':"''").','. + $_GET['image_id'].','.$_GET['rate'].',NOW()) +;'; + pwg_query($query); + + // update of images.average_rate field + $query = ' +SELECT ROUND(AVG(rate),2) AS average_rate + FROM '.RATE_TABLE.' + WHERE element_id = '.$_GET['image_id'].' +;'; + $row = mysql_fetch_array(pwg_query($query)); + $query = ' +UPDATE '.IMAGES_TABLE.' + SET average_rate = '.$row['average_rate'].' + WHERE id = '.$_GET['image_id'].' +;'; + pwg_query($query); + $url = + PHPWG_ROOT_PATH + .'picture.php' + .get_query_string_diff(array('rate')); + redirect($url); +} + + //---------------------------------------------------------- related categories $query = ' SELECT category_id,uppercats,commentable,global_rank @@ -259,7 +358,7 @@ while ($row = mysql_fetch_array($result)) $picture[$i]['url'] = PHPWG_ROOT_PATH.'picture.php' - .get_query_string_diff(array('image_id', 'add_fav', 'slideshow', 'rate')) + .get_query_string_diff(array('image_id', 'add_fav', 'slideshow')) .'&image_id='.$row['id']; } @@ -289,41 +388,6 @@ $url_admin = $url_slide = $picture['current']['url'].'&slideshow='.$conf['slideshow_period']; -//----------------------------------------------------------- rate registration -if (isset($_GET['rate']) - and $conf['rate'] - and !$user['is_the_guest'] - and in_array($_GET['rate'], $rate_items)) -{ - $query = ' -DELETE - FROM '.RATE_TABLE.' - WHERE user_id = '.$user['id'].' - AND element_id = '.$_GET['image_id'].' -;'; - pwg_query($query); - $query = ' -INSERT INTO '.RATE_TABLE.' - (user_id,element_id,rate) - VALUES - ('.$user['id'].','.$_GET['image_id'].','.$_GET['rate'].') -;'; - pwg_query($query); - - // update of images.average_rate field - $query = ' -SELECT ROUND(AVG(rate),2) AS average_rate - FROM '.RATE_TABLE.' - WHERE element_id = '.$_GET['image_id'].' -;'; - $row = mysql_fetch_array(pwg_query($query)); - $query = ' -UPDATE '.IMAGES_TABLE.' - SET average_rate = '.$row['average_rate'].' - WHERE id = '.$_GET['image_id'].' -;'; - pwg_query($query); -} //--------------------------------------------------------- favorite management if ( isset( $_GET['add_fav'] ) ) { @@ -343,13 +407,13 @@ if ( isset( $_GET['add_fav'] ) ) } if ( !$_GET['add_fav'] and $page['cat'] == 'fav' ) { - if (!$has_prev and !$has_next) + if (!isset($page['previous_item']) and !isset($page['next_item'])) { // there is no favorite picture anymore we redirect the user to the // category page redirect($url_up); } - else if (!$has_prev) + else if (!isset($page['previous_item'])) { $url = str_replace( '&', '&', $picture['next']['url'] ); redirect( $url ); @@ -458,7 +522,7 @@ if ( isset( $_GET['del'] ) $title = $picture['current']['name']; $refresh = 0; -if ( isset( $_GET['slideshow'] ) and $has_next ) +if ( isset( $_GET['slideshow'] ) and isset($page['next_item']) ) { $refresh= $_GET['slideshow']; $url_link = $picture['next']['url'].'&slideshow='.$refresh; @@ -600,8 +664,8 @@ if (isset($picture['current']['high'])) $uuid = uniqid(rand()); $template->assign_block_vars('high', array( 'U_HIGH' => $picture['current']['high'], - 'UUID'=>$uuid - )); + 'UUID'=>$uuid + )); $template->assign_block_vars( 'download', array('U_DOWNLOAD' => PHPWG_ROOT_PATH.'action.php?dwn=' @@ -617,7 +681,7 @@ if ('admin' == $user['status'] and is_numeric($page['cat'])) array( 'URL' => PHPWG_ROOT_PATH.'picture.php' - .get_query_string_diff(array()) + .get_query_string_diff(array('add_fav')) .'&representative=1' ) ); @@ -630,7 +694,7 @@ if ('admin' == $user['status']) array( 'URL' => PHPWG_ROOT_PATH.'picture.php' - .get_query_string_diff(array('caddie')).'&caddie=1') + .get_query_string_diff(array('add_fav')).'&caddie=1') ); } @@ -646,7 +710,7 @@ if ( !$user['is_the_guest'] ) if (!$row['nb_fav']) { $url = PHPWG_ROOT_PATH.'picture.php'; - $url.= get_query_string_diff(array('rate','add_fav')); + $url.= get_query_string_diff(array('add_fav')); $url.= '&add_fav=1'; $template->assign_block_vars( @@ -661,7 +725,7 @@ if ( !$user['is_the_guest'] ) else { $url = PHPWG_ROOT_PATH.'picture.php'; - $url.= get_query_string_diff(array('rate','add_fav')); + $url.= get_query_string_diff(array('add_fav')); $url.= '&add_fav=0'; $template->assign_block_vars( @@ -917,7 +981,7 @@ if ($metadata_showable and isset($_GET['show_metadata'])) if ( isset( $_GET['slideshow'] ) ) { if ( !is_numeric( $_GET['slideshow'] ) ) $_GET['slideshow'] = $conf['slideshow_period']; - + $template->assign_block_vars('stop_slideshow', array( 'U_SLIDESHOW'=>$picture['current']['url'] )); @@ -947,62 +1011,81 @@ SELECT COUNT(rate) AS count $row['STD'] ); } - - if (!$user['is_the_guest']) - { - $query = 'SELECT rate - FROM '.RATE_TABLE.' - WHERE user_id = '.$user['id'].' - AND element_id = '.$_GET['image_id'].';'; - $result = pwg_query($query); - if (mysql_num_rows($result) > 0) - { - $row = mysql_fetch_array($result); - $sentence = $lang['already_rated']; - $sentence.= ' ('.$row['rate'].'). '; - $sentence.= $lang['update_rate']; - } - else - { - $sentence = $lang['never_rated'].'. '.$lang['to_rate']; - } - $template->assign_block_vars( - 'rate', - array( - 'CONTENT' => $value, - 'SENTENCE' => $sentence - )); - $template->assign_block_vars('info_rate', array('CONTENT' => $value)); - - $template->assign_vars( - array( - 'INFO_RATE' => $value - ) - ); - - foreach ($rate_items as $num => $mark) + if ($conf['rate_anonymous'] or !$user['is_the_guest']) { - if ($num > 0) + if ($row['count']>0) { - $separator = '|'; + $query = 'SELECT rate + FROM '.RATE_TABLE.' + WHERE element_id = '.$_GET['image_id'] . ' + AND user_id = '.$user['id'] ; + + if ($user['is_the_guest']) + { + $ip_components = explode('.', $_SERVER['REMOTE_ADDR']); + if ( count($ip_components)>3 ) + { + array_pop($ip_components); + } + $anonymous_id = implode ('.', $ip_components); + $query .= ' AND anonymous_id = \''.$anonymous_id . '\''; + } + + $result = pwg_query($query); + if (mysql_num_rows($result) > 0) + { + $row = mysql_fetch_array($result); + $sentence = $lang['already_rated']; + $sentence.= ' ('.$row['rate'].'). '; + $sentence.= $lang['update_rate']; + } + else + { + $sentence = $lang['never_rated'].'. '.$lang['to_rate']; + } } - else + else { - $separator = ''; + $sentence = $lang['never_rated'].'. '.$lang['to_rate']; } - - $url = PHPWG_ROOT_PATH.'picture.php'; - $url.= get_query_string_diff(array('rate','add_fav')); - $url.= '&rate='.$mark; - $template->assign_block_vars( - 'rate.rate_option', + 'rate', array( - 'OPTION' => $mark, - 'URL' => $url, - 'SEPARATOR' => $separator + 'CONTENT' => $value, + 'SENTENCE' => $sentence )); + + $template->assign_block_vars('info_rate', array('CONTENT' => $value)); + + $template->assign_vars( + array( + 'INFO_RATE' => $value + ) + ); + + foreach ($rate_items as $num => $mark) + { + if ($num > 0) + { + $separator = '|'; + } + else + { + $separator = ''; + } + + $url = PHPWG_ROOT_PATH.'picture.php'; + $url.= get_query_string_diff(array('add_fav')); + $url.= '&rate='.$mark; + + $template->assign_block_vars( + 'rate.rate_option', + array( + 'OPTION' => $mark, + 'URL' => $url, + 'SEPARATOR' => $separator + )); } } } @@ -1031,7 +1114,7 @@ if ($page['show_comments']) // navigation bar creation $url = PHPWG_ROOT_PATH.'picture.php'; - $url.= get_query_string_diff(array('rate','add_fav','start')); + $url.= get_query_string_diff(array('add_fav','start')); if (!isset( $_GET['start'] ) or !is_numeric( $_GET['start'] ) @@ -1051,32 +1134,35 @@ if ($page['show_comments']) 'NB_COMMENT'=>$row['nb_comments'], 'NAV_BAR'=>$page['navigation_bar'])); - $query = 'SELECT id,author,date,image_id,content'; - $query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$_GET['image_id']; - $query.= " AND validated = 'true'"; - $query.= ' ORDER BY date ASC'; - $query.= ' LIMIT '.$page['start'].', '.$conf['nb_comment_page'].';'; - $result = pwg_query( $query ); - - while ( $row = mysql_fetch_array( $result ) ) + if ($row['nb_comments']>0) { - $template->assign_block_vars( - 'comments.comment', - array( - 'COMMENT_AUTHOR'=>empty($row['author'])?$lang['guest']:$row['author'], - 'COMMENT_DATE'=>format_date($row['date'], 'mysql_datetime', true), - 'COMMENT'=>parse_comment_content($row['content']) - )); - - if ( $user['status'] == 'admin' ) + $query = 'SELECT id,author,date,image_id,content'; + $query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$_GET['image_id']; + $query.= " AND validated = 'true'"; + $query.= ' ORDER BY date ASC'; + $query.= ' LIMIT '.$page['start'].', '.$conf['nb_comment_page'].';'; + $result = pwg_query( $query ); + + while ( $row = mysql_fetch_array( $result ) ) { $template->assign_block_vars( - 'comments.comment.delete', - array('U_COMMENT_DELETE'=> $url.'&del='.$row['id'] - )); + 'comments.comment', + array( + 'COMMENT_AUTHOR'=>empty($row['author'])?$lang['guest']:$row['author'], + 'COMMENT_DATE'=>format_date($row['date'], 'mysql_datetime', true), + 'COMMENT'=>parse_comment_content($row['content']) + )); + + if ( $user['status'] == 'admin' ) + { + $template->assign_block_vars( + 'comments.comment.delete', + array('U_COMMENT_DELETE'=> $url.'&del='.$row['id'] + )); + } } } - + if (!$user['is_the_guest'] or ($user['is_the_guest'] and $conf['comments_forall'])) { |