From 4d322701de488c66916d15955099c3ed1ad061ab Mon Sep 17 00:00:00 2001 From: rvelices Date: Thu, 30 Mar 2006 00:37:07 +0000 Subject: fix: image_order cookie path fixed for url rewriting improve: add function access_denied called when check_status or check_restrictions fail fix: french language correction fix: remove php warnings in clean_iptc_value split search functions into include/functions_search.inc.php git-svn-id: http://piwigo.org/svn/trunk@1113 68402e56-0260-453c-a942-63ccdbb3a9ee --- include/functions.inc.php | 194 +------------------------------- include/functions_category.inc.php | 19 +--- include/functions_html.inc.php | 30 ++++- include/functions_metadata.inc.php | 14 +-- include/functions_search.inc.php | 219 +++++++++++++++++++++++++++++++++++++ include/functions_user.inc.php | 9 +- include/section_init.inc.php | 3 +- 7 files changed, 264 insertions(+), 224 deletions(-) create mode 100644 include/functions_search.inc.php (limited to 'include') diff --git a/include/functions.inc.php b/include/functions.inc.php index 520f8d52a..981da55c4 100644 --- a/include/functions.inc.php +++ b/include/functions.inc.php @@ -5,7 +5,7 @@ // | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) -// | file : $RCSfile$ +// | file : $Id$ // | last update : $Date$ // | last modifier : $Author$ // | revision : $Revision$ @@ -784,196 +784,6 @@ function get_themeconf($key) return $themeconf[$key]; } -/** - * Prepends and appends a string at each value of the given array. - * - * @param array - * @param string prefix to each array values - * @param string suffix to each array values - */ -function prepend_append_array_items($array, $prepend_str, $append_str) -{ - array_walk( - $array, - create_function('&$s', '$s = "'.$prepend_str.'".$s."'.$append_str.'";') - ); - - return $array; -} - -/** - * returns search rules stored into a serialized array in "search" - * table. Each search rules set is numericaly identified. - * - * @param int search_id - * @return array - */ -function get_search_array($search_id) -{ - if (!is_numeric($search_id)) - { - die('Search id must be an integer'); - } - - $query = ' -SELECT rules - FROM '.SEARCH_TABLE.' - WHERE id = '.$search_id.' -;'; - list($serialized_rules) = mysql_fetch_row(pwg_query($query)); - - return unserialize($serialized_rules); -} - -/** - * returns the SQL clause from a search identifier - * - * Search rules are stored in search table as a serialized array. This array - * need to be transformed into an SQL clause to be used in queries. - * - * @param int search_id - * @return string - */ -function get_sql_search_clause($search_id) -{ - $search = get_search_array($search_id); - - // SQL where clauses are stored in $clauses array during query - // construction - $clauses = array(); - - foreach (array('file','name','comment','keywords','author') as $textfield) - { - if (isset($search['fields'][$textfield])) - { - $local_clauses = array(); - foreach ($search['fields'][$textfield]['words'] as $word) - { - array_push($local_clauses, $textfield." LIKE '%".$word."%'"); - } - - // adds brackets around where clauses - $local_clauses = prepend_append_array_items($local_clauses, '(', ')'); - - array_push( - $clauses, - implode( - ' '.$search['fields'][$textfield]['mode'].' ', - $local_clauses - ) - ); - } - } - - if (isset($search['fields']['allwords'])) - { - $fields = array('file', 'name', 'comment', 'keywords', 'author'); - // in the OR mode, request bust be : - // ((field1 LIKE '%word1%' OR field2 LIKE '%word1%') - // OR (field1 LIKE '%word2%' OR field2 LIKE '%word2%')) - // - // in the AND mode : - // ((field1 LIKE '%word1%' OR field2 LIKE '%word1%') - // AND (field1 LIKE '%word2%' OR field2 LIKE '%word2%')) - $word_clauses = array(); - foreach ($search['fields']['allwords']['words'] as $word) - { - $field_clauses = array(); - foreach ($fields as $field) - { - array_push($field_clauses, $field." LIKE '%".$word."%'"); - } - // adds brackets around where clauses - array_push( - $word_clauses, - implode( - "\n OR ", - $field_clauses - ) - ); - } - - array_walk( - $word_clauses, - create_function('&$s','$s="(".$s.")";') - ); - - array_push( - $clauses, - "\n ". - implode( - "\n ". - $search['fields']['allwords']['mode']. - "\n ", - $word_clauses - ) - ); - } - - foreach (array('date_available', 'date_creation') as $datefield) - { - if (isset($search['fields'][$datefield])) - { - array_push( - $clauses, - $datefield." = '".$search['fields'][$datefield]['date']."'" - ); - } - - foreach (array('after','before') as $suffix) - { - $key = $datefield.'-'.$suffix; - - if (isset($search['fields'][$key])) - { - array_push( - $clauses, - - $datefield. - ($suffix == 'after' ? ' >' : ' <'). - ($search['fields'][$key]['inc'] ? '=' : ''). - " '".$search['fields'][$key]['date']."'" - - ); - } - } - } - - if (isset($search['fields']['cat'])) - { - if ($search['fields']['cat']['sub_inc']) - { - // searching all the categories id of sub-categories - $cat_ids = get_subcat_ids($search['fields']['cat']['words']); - } - else - { - $cat_ids = $search['fields']['cat']['words']; - } - - $local_clause = 'category_id IN ('.implode(',', $cat_ids).')'; - array_push($clauses, $local_clause); - } - - // adds brackets around where clauses - $clauses = prepend_append_array_items($clauses, '(', ')'); - - $where_separator = - implode( - "\n ".$search['mode'].' ', - $clauses - ); - - $search_clause = $where_separator; - - if (isset($forbidden)) - { - $search_clause.= "\n AND ".$forbidden; - } - - return $search_clause; -} - /** * Returns webmaster mail address depending on $conf['webmaster_id'] * @@ -1020,4 +830,4 @@ function get_available_upgrade_ids() return $available_upgrade_ids; } -?> +?> \ No newline at end of file diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php index 601ec1b64..a671474ef 100644 --- a/include/functions_category.inc.php +++ b/include/functions_category.inc.php @@ -5,7 +5,7 @@ // | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) -// | file : $RCSfile$ +// | file : $Id$ // | last update : $Date$ // | last modifier : $Author$ // | revision : $Revision$ @@ -42,22 +42,11 @@ */ function check_restrictions($category_id) { - global $user, $lang; + global $user; if (in_array($category_id, explode(',', $user['forbidden_categories']))) { - $login_url = - get_root_url().'identification.php?redirect=' - .urlencode(urlencode($_SERVER['REQUEST_URI'])); - - if (!$user['is_the_guest']) - { - die('Fatal: you are trying to reach a forbidden category'); - } - else - { - redirect($login_url); - } + access_denied(); } } @@ -360,4 +349,4 @@ function rank_compare($a, $b) return ($a['rank'] < $b['rank']) ? -1 : 1; } -?> +?> \ No newline at end of file diff --git a/include/functions_html.inc.php b/include/functions_html.inc.php index 37f4d8a59..7e7df7c41 100644 --- a/include/functions_html.inc.php +++ b/include/functions_html.inc.php @@ -5,7 +5,7 @@ // | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) -// | file : $RCSfile$ +// | file : $Id$ // | last update : $Date$ // | last modifier : $Author$ // | revision : $Revision$ @@ -493,4 +493,30 @@ function get_cat_display_name_from_id($cat_id, $cat_info = get_cat_info($cat_id); return get_cat_display_name($cat_info['name'], $url, $replace_space); } -?> + +/** + * exits the current script (either exit or redirect) + */ +function access_denied() +{ + global $user, $lang; + + $login_url = + get_root_url().'identification.php?redirect=' + .urlencode(urlencode($_SERVER['REQUEST_URI'])); + + if ( isset($user['is_the_guest']) and !$user['is_the_guest'] ) + { + echo '
'.$lang['access_forbiden'].'
'; + echo ''.$lang['identification'].' '; + echo ''.$lang['home'].'
'; + exit(); + } + else + { + header('HTTP/1.1 401 Authorization required'); + header('Status: 401 Authorization required'); + redirect($login_url); + } +} +?> \ No newline at end of file diff --git a/include/functions_metadata.inc.php b/include/functions_metadata.inc.php index d03327f60..4a655c37c 100644 --- a/include/functions_metadata.inc.php +++ b/include/functions_metadata.inc.php @@ -5,7 +5,7 @@ // | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) -// | file : $RCSfile$ +// | file : $Id$ // | last update : $Date$ // | last modifier : $Author$ // | revision : $Revision$ @@ -35,13 +35,13 @@ function get_iptc_data($filename, $map) { $result = array(); - + // Read IPTC data $iptc = array(); - + $imginfo = array(); getimagesize($filename, $imginfo); - + if (isset($imginfo['APP13'])) { $iptc = iptcparse($imginfo['APP13']); @@ -82,13 +82,13 @@ function get_iptc_data($filename, $map) function clean_iptc_value($value) { // strip leading zeros (weird Kodak Scanner software) - while ($value[0] == chr(0)) + while ( isset($value[0]) and $value[0] == chr(0)) { $value = substr($value, 1); } // remove binary nulls $value = str_replace(chr(0x00), ' ', $value); - + return $value; } @@ -107,7 +107,7 @@ function get_exif_data($filename, $map) { die('Exif extension not available, admin should disable exif use'); } - + // Read EXIF data if ($exif = @read_exif_data($filename)) { diff --git a/include/functions_search.inc.php b/include/functions_search.inc.php new file mode 100644 index 000000000..2ca87969e --- /dev/null +++ b/include/functions_search.inc.php @@ -0,0 +1,219 @@ +' : ' <'). + ($search['fields'][$key]['inc'] ? '=' : ''). + " '".$search['fields'][$key]['date']."'" + + ); + } + } + } + + if (isset($search['fields']['cat'])) + { + if ($search['fields']['cat']['sub_inc']) + { + // searching all the categories id of sub-categories + $cat_ids = get_subcat_ids($search['fields']['cat']['words']); + } + else + { + $cat_ids = $search['fields']['cat']['words']; + } + + $local_clause = 'category_id IN ('.implode(',', $cat_ids).')'; + array_push($clauses, $local_clause); + } + + // adds brackets around where clauses + $clauses = prepend_append_array_items($clauses, '(', ')'); + + $where_separator = + implode( + "\n ".$search['mode'].' ', + $clauses + ); + + $search_clause = $where_separator; + + if (isset($forbidden)) + { + $search_clause.= "\n AND ".$forbidden; + } + + return $search_clause; +} + +?> \ No newline at end of file diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index 7af517980..c1e601aeb 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -5,11 +5,10 @@ // | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) -// | file : $RCSfile$ +// | file : $Id$ // | last update : $Date$ // | last modifier : $Author$ // | revision : $Revision$ -// | revision : $Revision$ // +-----------------------------------------------------------------------+ // | This program is free software; you can redistribute it and/or modify | // | it under the terms of the GNU General Public License as published by | @@ -608,13 +607,9 @@ function is_autorize_status($access_type, $user_status = '') */ function check_status($access_type, $user_status = '') { - global $lang; - if (!is_autorize_status($access_type, $user_status)) { - echo '
'.$lang['access_forbiden'].'
'; - echo ''.$lang['identification'].'
'; - exit(); + access_denied(); } } diff --git a/include/section_init.inc.php b/include/section_init.inc.php index 12e720d2d..cc7c074c2 100644 --- a/include/section_init.inc.php +++ b/include/section_init.inc.php @@ -5,7 +5,7 @@ // | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) -// | file : $RCSfile$ +// | file : $Id$ // | last update : $Date$ // | last modifier : $Author$ // | revision : $Revision$ @@ -342,6 +342,7 @@ else // +-----------------------------------------------------------------------+ if ($page['section'] == 'search') { + include_once( PHPWG_ROOT_PATH .'include/functions_search.inc.php' ); $query = ' SELECT DISTINCT(id) FROM '.IMAGES_TABLE.' -- cgit v1.2.3