aboutsummaryrefslogtreecommitdiffstats
path: root/picture.php
diff options
context:
space:
mode:
Diffstat (limited to 'picture.php')
-rw-r--r--picture.php184
1 files changed, 91 insertions, 93 deletions
diff --git a/picture.php b/picture.php
index 03d5300c3..d28dde037 100644
--- a/picture.php
+++ b/picture.php
@@ -47,7 +47,7 @@ initialize_category( 'picture' );
if ( 0 )
{
echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
- echo '<a href="'.add_session_id( './category.php' ).'">';
+ echo '<a href="'.add_session_id( PHPWG_ROOT_PATH.'category.php' ).'">';
echo $lang['thumbnails'].'</a></div>';
exit();
}
@@ -130,18 +130,14 @@ for ($i=0; $i<$nb_row;$i++)
$picture[$j]['url'] = PHPWG_ROOT_PATH.'picture.php?image_id='.$row['id'];
$picture[$j]['url'].= '&amp;cat='.$page['cat'];
- if ( isset( $_GET['expand'] ) )
- $picture[$j]['url'].= '&amp;expand='.$_GET['expand'];
if ( $page['cat'] == 'search' )
{
$picture[$j]['url'].= "&amp;search=".$_GET['search'].'&amp;mode='.$_GET['mode'];
}
}
-$url_home = './category.php?cat='.$page['cat'].'&amp;';
+$url_home = PHPWG_ROOT_PATH.'category.php?cat='.$page['cat'].'&amp;';
$url_home.= 'num='.$page['num'];
-if (isset($_GET['expand']))
- $url_home.='&amp;expand='.$_GET['expand'];
if ( $page['cat'] == 'search' )
{
$url_home.= "&amp;search=".$_GET['search'].'&amp;mode='.$_GET['mode'];
@@ -190,6 +186,80 @@ if ( isset( $_GET['add_fav'] ) )
}
}
+//--------------------------------------------------------- comment registeration
+ if ( isset( $_POST['content'] ) && !empty($_POST['content']) )
+ {
+ $register_comment = true;
+ $author = !empty($_POST['author'])?$_POST['author']:$lang['guest'];
+ // if a guest try to use the name of an already existing user, he must
+ // be rejected
+ if ( $author != $user['username'] )
+ {
+ $query = 'SELECT COUNT(*) AS user_exists';
+ $query.= ' FROM '.USERS_TABLE;
+ $query.= " WHERE username = '".$author."'";
+ $query.= ';';
+ $row = mysql_fetch_array( mysql_query( $query ) );
+ if ( $row['user_exists'] == 1 )
+ {
+ $template->assign_block_vars('information', array('INFORMATION'=>$lang['comment_user_exists']));
+ $register_comment = false;
+ }
+ }
+
+ if ( $register_comment )
+ {
+ // anti-flood system
+ $reference_date = time() - $conf['anti-flood_time'];
+ $query = 'SELECT id FROM '.COMMENTS_TABLE;
+ $query.= ' WHERE date > '.$reference_date;
+ $query.= " AND author = '".$author."'";
+ $query.= ';';
+ if ( mysql_num_rows( mysql_query( $query ) ) == 0
+ || $conf['anti-flood_time'] == 0 )
+ {
+ $query = 'INSERT INTO '.COMMENTS_TABLE;
+ $query.= ' (author,date,image_id,content,validated) VALUES (';
+ $query.= "'".$author."'";
+ $query.= ','.time().','.$_GET['image_id'];
+ $query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'";
+ if ( !$conf['comments_validation'] || $user['status'] == 'admin' )
+ $query.= ",'true'";
+ else
+ $query.= ",'false'";
+ $query.= ');';
+ mysql_query( $query );
+ // information message
+ $message = $lang['comment_added'];
+ if ( $conf['comments_validation'] and $user['status'] != 'admin' )
+ {
+ $message.= '<br />'.$lang['comment_to_validate'];
+ }
+ $template->assign_block_vars('information', array('INFORMATION'=>$message));
+ // notification to the administrators
+ if ( $conf['mail_notification'] )
+ {
+ $cat_name = get_cat_display_name( $page['cat_name'], ' > ', '' );
+ $cat_name = strip_tags( $cat_name );
+ notify( 'comment', $cat_name.' > '.$picture['current']['name']);
+ }
+ }
+ else
+ {
+ // information message
+ $template->assign_block_vars('information', array('INFORMATION'=>$lang['comment_anti-flood']));
+ }
+ }
+ }
+ // comment deletion
+ if ( isset( $_GET['del'] )
+ && is_numeric( $_GET['del'] )
+ && $user['status'] == 'admin' )
+ {
+ $query = 'DELETE FROM '.COMMENTS_TABLE.' WHERE id = '.$_GET['del'].';';
+ mysql_query( $query );
+ }
+
//
// Start output of page
//
@@ -235,7 +305,6 @@ $picture_size = get_picture_size( $original_width, $original_height,
include(PHPWG_ROOT_PATH.'include/page_header.php');
$template->set_filenames(array('picture'=>'picture.tpl'));
-initialize_template();
$template->assign_vars(array(
'CATEGORY' => $title_img,
@@ -263,8 +332,9 @@ $template->assign_vars(array(
'L_DELETE' =>$lang['delete'],
'L_SUBMIT' =>$lang['submit'],
'L_AUTHOR' =>$lang['author'],
+ 'L_COMMENT' =>$lang['comment'],
- 'T_DEL_IMG' =>'./template/'.$user['template'].'/theme/delete.gif',
+ 'T_DEL_IMG' =>PHPWG_ROOT_PATH.'template/'.$user['template'].'/theme/delete.gif',
'U_PREV_IMG' => add_session_id($picture['prev']['url']),
'U_NEXT_IMG' => add_session_id($picture['next']['url']),
@@ -299,6 +369,12 @@ if ($prev>=0) $template->assign_block_vars('previous', array());
if ($next) $template->assign_block_vars('next', array());
//--------------------------------------------------------- picture information
+// legend
+if ( !empty($picture['current']['comment']) )
+{
+ $template->assign_block_vars('legend', array());
+}
+
// author
if ( !empty($picture['current']['author']) )
{
@@ -358,8 +434,7 @@ if ( !empty($picture['current']['keywords']))
{
$keywords = explode( ',', $picture['current']['keywords'] );
$content = '';
- $url = './category.php?cat=search';
- if ( isset( $_GET['expand'] ) ) $url.= '&amp;expand='.$_GET['expand'];
+ $url = PHPWG_ROOT_PATH.'category.php?cat=search';
$url.= '&amp;mode=OR&amp;search=';
foreach ( $keywords as $i => $keyword ) {
$local_url = add_session_id( $url.$keyword );
@@ -388,16 +463,14 @@ if ( !$user['is_the_guest'] )
$row = mysql_fetch_array( $result );
if (!$row['nb_fav'])
{
- $url = './picture.php?cat='.$page['cat'].'&amp;image_id='.$_GET['image_id'];
- if (isset($_GET['expand']))
- $url.= '&amp;expand='.$_GET['expand'];
+ $url = PHPWG_ROOT_PATH.'picture.php?cat='.$page['cat'].'&amp;image_id='.$_GET['image_id'];
$url.='&amp;add_fav=1';
if ( $page['cat'] == 'search' )
{
$url.= '&amp;search='.$_GET['search'].'&amp;mode='.$_GET['mode'];
}
$template->assign_block_vars('favorite', array(
- 'FAVORITE_IMG' => './template/'.$user['template'].'/theme/favorite.gif',
+ 'FAVORITE_IMG' => PHPWG_ROOT_PATH.'template/'.$user['template'].'/theme/favorite.gif',
'FAVORITE_HINT' =>$lang['add_favorites_hint'],
'FAVORITE_ALT' =>'[ '.$lang['add_favorites_alt'].' ]',
'U_FAVORITE'=> add_session_id( $url )
@@ -405,10 +478,10 @@ if ( !$user['is_the_guest'] )
}
else
{
- $url = './picture.php?cat='.$page['cat'].'&amp;image_id='.$_GET['image_id'];
- $url.= '&amp;expand='.$_GET['expand'].'&amp;add_fav=0';
+ $url = PHPWG_ROOT_PATH.'picture.php?cat='.$page['cat'].'&amp;image_id='.$_GET['image_id'];
+ $url.= '&amp;add_fav=0';
$template->assign_block_vars('favorite', array(
- 'FAVORITE_IMG' => './template/'.$user['template'].'/theme/del_favorite.gif',
+ 'FAVORITE_IMG' => PHPWG_ROOT_PATH.'template/'.$user['template'].'/theme/del_favorite.gif',
'FAVORITE_HINT' =>$lang['del_favorites_hint'],
'FAVORITE_ALT' =>'[ '.$lang['del_favorites_alt'].' ]',
'U_FAVORITE'=> add_session_id( $url )
@@ -424,79 +497,6 @@ if ( $user['status'] == 'admin' )
//---------------------------------------------------- users's comments display
if ( $conf['show_comments'] )
{
- // comment registeration
- if ( isset( $_POST['content'] ) && !empty($_POST['content']) )
- {
- $register_comment = true;
- $author = !empty($_POST['author'])?$_POST['author']:$lang['guest'];
- // if a guest try to use the name of an already existing user, he must
- // be rejected
- if ( $author != $user['username'] )
- {
- $query = 'SELECT COUNT(*) AS user_exists';
- $query.= ' FROM '.USERS_TABLE;
- $query.= " WHERE username = '".$author."'";
- $query.= ';';
- $row = mysql_fetch_array( mysql_query( $query ) );
- if ( $row['user_exists'] == 1 )
- {
- $template->assign_block_vars('information', array('INFORMATION'=>$lang['comment_user_exists']));
- $register_comment = false;
- }
- }
-
- if ( $register_comment )
- {
- // anti-flood system
- $reference_date = time() - $conf['anti-flood_time'];
- $query = 'SELECT id FROM '.COMMENTS_TABLE;
- $query.= ' WHERE date > '.$reference_date;
- $query.= " AND author = '".$author."'";
- $query.= ';';
- if ( mysql_num_rows( mysql_query( $query ) ) == 0
- || $conf['anti-flood_time'] == 0 )
- {
- $query = 'INSERT INTO '.COMMENTS_TABLE;
- $query.= ' (author,date,image_id,content,validated) VALUES (';
- $query.= "'".$author."'";
- $query.= ','.time().','.$_GET['image_id'];
- $query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'";
- if ( !$conf['comments_validation'] || $user['status'] == 'admin' )
- $query.= ",'true'";
- else
- $query.= ",'false'";
- $query.= ');';
- mysql_query( $query );
- // information message
- $message = $lang['comment_added'];
- if ( $conf['comments_validation'] and $user['status'] != 'admin' )
- {
- $message.= '<br />'.$lang['comment_to_validate'];
- }
- $template->assign_block_vars('information', array('INFORMATION'=>$message));
- // notification to the administrators
- if ( $conf['mail_notification'] )
- {
- $cat_name = get_cat_display_name( $page['cat_name'], ' > ', '' );
- $cat_name = strip_tags( $cat_name );
- notify( 'comment', $cat_name.' > '.$picture['current']['name']);
- }
- }
- else
- {
- // information message
- $template->assign_block_vars('information', array('INFORMATION'=>$lang['comment_anti-flood']));
- }
- }
- }
- // comment deletion
- if ( isset( $_GET['del'] )
- && is_numeric( $_GET['del'] )
- && $user['status'] == 'admin' )
- {
- $query = 'DELETE FROM '.COMMENTS_TABLE.' WHERE id = '.$_GET['del'].';';
- mysql_query( $query );
- }
// number of comment for this picture
$query = 'SELECT COUNT(*) AS nb_comments';
$query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$_GET['image_id'];
@@ -505,9 +505,7 @@ if ( $conf['show_comments'] )
$row = mysql_fetch_array( mysql_query( $query ) );
// navigation bar creation
- $url = './picture.php?cat='.$page['cat'].'&amp;image_id='.$_GET['image_id'];
- if (isset($_GET['expand']))
- $url.= '&amp;expand='.$_GET['expand'];
+ $url = PHPWG_ROOT_PATH.'picture.php?cat='.$page['cat'].'&amp;image_id='.$_GET['image_id'];
if ( $page['cat'] == 'search' )
{
$url.= '&amp;search='.$_GET['search'].'&amp;mode='.$_GET['mode'];