aboutsummaryrefslogtreecommitdiffstats
path: root/comments.php (follow)
Commit message (Collapse)AuthorAgeFilesLines
* feature:2549 Allow to disable comments for everybody mistic1002012-01-141-0/+5
| | | | git-svn-id: http://piwigo.org/svn/trunk@12887 68402e56-0260-453c-a942-63ccdbb3a9ee
* feature 2541 multisizervelices2011-12-271-2/+2
| | | | | | | - core implementation + usage on most public/admin pages - still to do: sync process, upload, gui/persistence for size parameters, migration script, center of interest ... git-svn-id: http://piwigo.org/svn/trunk@12796 68402e56-0260-453c-a942-63ccdbb3a9ee
* bug:2539 we can't edit the same comment twice without change pagemistic1002011-12-191-2/+2
| | | | git-svn-id: http://piwigo.org/svn/trunk@12765 68402e56-0260-453c-a942-63ccdbb3a9ee
* bug:2328 wrong variable givenmistic1002011-06-071-1/+1
| | | | git-svn-id: http://piwigo.org/svn/trunk@11261 68402e56-0260-453c-a942-63ccdbb3a9ee
* transmit comment ID to template on comments and picture_commentmistic1002011-06-041-0/+1
| | | | git-svn-id: http://piwigo.org/svn/trunk@11236 68402e56-0260-453c-a942-63ccdbb3a9ee
* restore HOME links, change parameter name for remove menu on certain pagemistic1002011-05-091-1/+1
| | | | git-svn-id: http://piwigo.org/svn/trunk@10824 68402e56-0260-453c-a942-63ccdbb3a9ee
* merge spread_menus to the coremistic1002011-05-071-0/+8
| | | | git-svn-id: http://piwigo.org/svn/trunk@10812 68402e56-0260-453c-a942-63ccdbb3a9ee
* bug:2221flop252011-03-141-1/+1
| | | | git-svn-id: http://piwigo.org/svn/trunk@9679 68402e56-0260-453c-a942-63ccdbb3a9ee
* Happy new year 2011plegall2011-01-181-2/+2
| | | | | | | Change "Piwigo - a PHP based picture gallery" into "Piwigo - a PHP based photo gallery" git-svn-id: http://piwigo.org/svn/trunk@8728 68402e56-0260-453c-a942-63ccdbb3a9ee
* feature 2102 : rename item/image/picture to photo (public side)rvelices2011-01-161-1/+1
| | | | git-svn-id: http://piwigo.org/svn/trunk@8711 68402e56-0260-453c-a942-63ccdbb3a9ee
* feature 1915: add protection on user registration against robots rvelices2010-10-301-1/+1
| | | | git-svn-id: http://piwigo.org/svn/trunk@7495 68402e56-0260-453c-a942-63ccdbb3a9ee
* merge r7487 from branch 2.1 to trunkplegall2010-10-291-1/+7
| | | | | | | | | bug 1973 fixed: aboid SQL syntax error if the category id given in the URL is unknown. git-svn-id: http://piwigo.org/svn/trunk@7488 68402e56-0260-453c-a942-63ccdbb3a9ee
* merge r6909 from branch 2.1 to trunkplegall2010-09-131-0/+2
| | | | | | | | bug 1850 fixed: strong check of $_GET['cat'] git-svn-id: http://piwigo.org/svn/trunk@6910 68402e56-0260-453c-a942-63ccdbb3a9ee
* Bug 1735 fixed : amend commit 6596nikrou2010-06-241-1/+10
| | | | | | Need to add permissions filter to retrieve categories git-svn-id: http://piwigo.org/svn/trunk@6601 68402e56-0260-453c-a942-63ccdbb3a9ee
* Bug 1735 fixed : Comment page is not PostgreSQL compatiblenikrou2010-06-241-16/+23
| | | | | | | | | Fixed by adding all fields except category_id in group by clause category_id is retrieved later in an another query. Fixed also problem of FROM_UNIXTIME function not POstgreSQL compatible. git-svn-id: http://piwigo.org/svn/trunk@6596 68402e56-0260-453c-a942-63ccdbb3a9ee
* fix bug (a comment could be displayed several times in the comments liat)rvelices2010-03-201-15/+14
| | | | git-svn-id: http://piwigo.org/svn/trunk@5199 68402e56-0260-453c-a942-63ccdbb3a9ee
* increase copyright year to 2010plegall2010-03-191-1/+1
| | | | git-svn-id: http://piwigo.org/svn/trunk@5196 68402e56-0260-453c-a942-63ccdbb3a9ee
* bug 1328: backport the pwg_token on trunkplegall2010-03-191-62/+134
| | | | | | | | | bug 1329: backport the check_input_parameter on trunk feature 1026: add pwg_token feature for edit/delete comment. Heavy refactoring on this feature to make the code simpler and easier to maintain (I hope). git-svn-id: http://piwigo.org/svn/trunk@5195 68402e56-0260-453c-a942-63ccdbb3a9ee
* Feature_1255 :nikrou2009-11-291-1/+2
| | | | | | | - single quotes in queries - start using $conf['dblayer'] git-svn-id: http://piwigo.org/svn/trunk@4385 68402e56-0260-453c-a942-63ccdbb3a9ee
* Feature 1255: modification in sql queriesnikrou2009-11-251-4/+4
| | | | | | | | | - manage random function - manage regex syntax - manage quote (single instead of double) - manage interval git-svn-id: http://piwigo.org/svn/trunk@4367 68402e56-0260-453c-a942-63ccdbb3a9ee
* Feature 1255 : limit params in sql queries were in wrong order (LIMIT count ↵nikrou2009-11-211-1/+1
| | | | | | OFFSET offset) git-svn-id: http://piwigo.org/svn/trunk@4334 68402e56-0260-453c-a942-63ccdbb3a9ee
* Feature 1255 : improve sqlnikrou2009-11-211-1/+1
| | | | | | Replace in queries LIMIT N,M by LIMIT N OFFSET M git-svn-id: http://piwigo.org/svn/trunk@4331 68402e56-0260-453c-a942-63ccdbb3a9ee
* Feature 1244 resolvednikrou2009-11-201-3/+3
| | | | | | | | Replace all mysql functions in core code by ones independant of database engine Fix small php code synxtax : hash must be accessed with [ ] and not { }. git-svn-id: http://piwigo.org/svn/trunk@4325 68402e56-0260-453c-a942-63ccdbb3a9ee
* bug 1220 : fix regression in display when search by author or by keyword ↵nikrou2009-11-041-2/+2
| | | | | | contains quote. git-svn-id: http://piwigo.org/svn/trunk@4182 68402e56-0260-453c-a942-63ccdbb3a9ee
* bug 1220 : fix XSS vulnerability.nikrou2009-10-281-6/+17
| | | | | | | | | | filter on since parameter (is_numeric) use only htmlspecialchars to filter vars to display revert rev:3600 add left join on users table Todo : use only left join on users table when a search by author is made git-svn-id: http://piwigo.org/svn/trunk@4139 68402e56-0260-453c-a942-63ccdbb3a9ee
* - fix php warning from comment_list.tplrvelices2009-07-161-20/+2
| | | | | | | | - author name is saved always in #comments (even for registered users) so that - sql queries are simpler on the comments page (one less table in a big join) - when a user is deleted, we can keep the username in the #comments (there might be still a bug that author_id is not updated when a user is deleted) git-svn-id: http://piwigo.org/svn/trunk@3600 68402e56-0260-453c-a942-63ccdbb3a9ee
* merge r3519 from branch 2.0 to trunkvdigital2009-07-041-0/+4
| | | | | | | | | Minor: prevent for non numeric values (except all) git-svn-id: http://piwigo.org/svn/trunk@3520 68402e56-0260-453c-a942-63ccdbb3a9ee
* - remove unnecessary addslashes in comments.cpprvelices2009-07-011-14/+14
| | | | | | - in template use modifier |@default instead of |default (generated code is faster because we indicate that the input is scalar and not an array) git-svn-id: http://piwigo.org/svn/trunk@3487 68402e56-0260-453c-a942-63ccdbb3a9ee
* Fix two problem with Feature 1026 :nikrou2009-06-241-4/+4
| | | | | | | use of $conf['user_fields']['username'] and $conf['user_fields']['id'] instead of username and id escape comment content before editing it. git-svn-id: http://piwigo.org/svn/trunk@3452 68402e56-0260-453c-a942-63ccdbb3a9ee
* Feature 1026 step 2 :nikrou2009-06-231-8/+23
| | | | | | add author_id column so that guest cannot modify old users comments git-svn-id: http://piwigo.org/svn/trunk@3450 68402e56-0260-453c-a942-63ccdbb3a9ee
* Feature 1026 : Modify / delete comments for usersnikrou2009-06-231-17/+52
| | | | | | | | + update config table content + minor modification of Sylvia theme + need refactoring git-svn-id: http://piwigo.org/svn/trunk@3445 68402e56-0260-453c-a942-63ccdbb3a9ee
* remove duplicate retrieved fieldnikrou2009-06-101-1/+0
| | | | git-svn-id: http://piwigo.org/svn/trunk@3405 68402e56-0260-453c-a942-63ccdbb3a9ee
* Create navigation_bar.tpl file.patdenice2009-03-051-1/+1
| | | | | | Move create_navigation_bar function from functions_html.inc.php to functions.inc.php. git-svn-id: http://piwigo.org/svn/trunk@3172 68402e56-0260-453c-a942-63ccdbb3a9ee
* - removed second parameter $type from function format_datervelices2009-02-041-1/+1
| | | | git-svn-id: http://piwigo.org/svn/trunk@3122 68402e56-0260-453c-a942-63ccdbb3a9ee
* Administration: happy new year 2009, all PHP headers updated. plegall2009-01-041-1/+1
| | | | git-svn-id: http://piwigo.org/svn/trunk@3049 68402e56-0260-453c-a942-63ccdbb3a9ee
* merge 2755 and 2756 from branch 2.0 to trunkrvelices2008-10-161-2/+2
| | | | | | | | - 2755 fix vulnerability http://www.milw0rm.com/exploits/6755 - 2756 security paranoia: protect session/remember me cookies from XSS attacks (works only if php>=5.2 and with IE/FF maybe others) git-svn-id: http://piwigo.org/svn/trunk@2757 68402e56-0260-453c-a942-63ccdbb3a9ee
* Bug fixed: as rvelices notified me by email, my header replacement script wasplegall2008-04-051-24/+0
| | | | | | | | | | | | bugged (r2297 was repeating new and old header). By the way, I've also removed the replacement keywords. We were using them because it was a common usage with CVS but it is advised not to use them with Subversion. Personnaly, it is a problem when I search differences between 2 Piwigo installations outside Subversion. git-svn-id: http://piwigo.org/svn/trunk@2299 68402e56-0260-453c-a942-63ccdbb3a9ee
* Modification: new header on PHP files, PhpWebGallery renamed Piwigo.plegall2008-04-041-0/+21
| | | | git-svn-id: http://piwigo.org/svn/trunk@2297 68402e56-0260-453c-a942-63ccdbb3a9ee
* - security fix (profile)rvelices2008-03-081-1/+1
| | | | | | | - les langues a la hache - fix some copy/paste errors git-svn-id: http://piwigo.org/svn/trunk@2268 68402e56-0260-453c-a942-63ccdbb3a9ee
* - migrate many templates to smartyrvelices2008-02-281-81/+32
| | | | git-svn-id: http://piwigo.org/svn/trunk@2223 68402e56-0260-453c-a942-63ccdbb3a9ee
* - changed htmlentities to htmlspecialchars in comments.php (utf-8 issue)rvelices2007-10-111-2/+2
| | | | | | | | - web service explorer in utf-8 - removed warning in function load_language - feature: show_queries also shows number of selected rows or number of affected rows git-svn-id: http://piwigo.org/svn/trunk@2134 68402e56-0260-453c-a942-63ccdbb3a9ee
* - admin, comments and tags pages include page_header later in the code (as ↵rvelices2007-09-271-4/+2
| | | | | | | | | | in picture and index) allowing plugins to change the header until the very end - fix in admin.php : picture_modify requires cache invalidation - fix in site_update.php : some echo func calls changed to $template->output .= ... - upgraded prototype.js to latest version 1.5.1.1 git-svn-id: http://piwigo.org/svn/trunk@2107 68402e56-0260-453c-a942-63ccdbb3a9ee
* Resolved issue 0000702: Code Injection with picture commentrub2007-06-071-1/+1
| | | | git-svn-id: http://piwigo.org/svn/trunk@2030 68402e56-0260-453c-a942-63ccdbb3a9ee
* keyword search was not working comments.phprvelices2007-05-151-1/+1
| | | | git-svn-id: http://piwigo.org/svn/trunk@2012 68402e56-0260-453c-a942-63ccdbb3a9ee
* feature 657: permalinks for categoriesrvelices2007-02-281-7/+2
| | | | git-svn-id: http://piwigo.org/svn/trunk@1866 68402e56-0260-453c-a942-63ccdbb3a9ee
* - refactoring page['category'] before 1.7 releaservelices2007-02-271-3/+2
| | | | | | | | | page['category'] is not an id anymore, but an associative array of category info all of page['cat_xxx'] or page['uppercats'] merged into one simplifies calls to make_index_url give plugins a clean start for page variables for version 1.7 git-svn-id: http://piwigo.org/svn/trunk@1861 68402e56-0260-453c-a942-63ccdbb3a9ee
* - user comments are not saved in the database with htmlspecialchars anymorervelices2007-02-221-4/+0
| | | | | | | - web service: added the possibility to enter a user comment using the service... - new comment functions from picture_comment.inc.php git-svn-id: http://piwigo.org/svn/trunk@1849 68402e56-0260-453c-a942-63ccdbb3a9ee
* - thumbnails creation for all local sites (not only site id 1)rvelices2007-02-141-1/+1
| | | | | | | | | | | | - urls for images in notification (rss & mail) is now correct - removed "Recent pictures" from title in when the flat view is in effect - removed unnecessary class="" from comments.tpl - english language correction - removed unused web service files - set rating star button left & right margin to 0 (javascript) - admin menu - put site manager and synchronize together git-svn-id: http://piwigo.org/svn/trunk@1814 68402e56-0260-453c-a942-63ccdbb3a9ee
* plugins improvements: allow plugins to fail the installation/activationrvelices2007-01-111-63/+31
| | | | | | | | | | | | comments.php improvements: - no more double sql escaping on author & keyword (once in common.inc.php and once in comments.php) - now can search comment content on all special char ( ', ", <, >, & ) - author & keyword are correctly redisplayed in browser when they are MySql escaped git-svn-id: http://piwigo.org/svn/trunk@1716 68402e56-0260-453c-a942-63ccdbb3a9ee
* Fixed: HTML vulnerability (Cross Site Scripting)rub2007-01-031-2/+2
| | | | git-svn-id: http://piwigo.org/svn/trunk@1696 68402e56-0260-453c-a942-63ccdbb3a9ee