$_POST: // '; print_r($_POST); echo ''; // echo '
$_GET: // '; print_r($_GET); echo ''; // +-----------------------------------------------------------------------+ // | functions | // +-----------------------------------------------------------------------+ // +-----------------------------------------------------------------------+ // | initialization | // +-----------------------------------------------------------------------+ if (!defined('PHPWG_ROOT_PATH')) { die('Hacking attempt!'); } include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); include_once(PHPWG_ROOT_PATH.'admin/include/functions_history.inc.php'); if (isset($_GET['start']) and is_numeric($_GET['start'])) { $page['start'] = $_GET['start']; } else { $page['start'] = 0; } $types = array('none', 'picture', 'high', 'other'); // +-----------------------------------------------------------------------+ // | Check Access and exit when user status is not ok | // +-----------------------------------------------------------------------+ check_status(ACCESS_ADMINISTRATOR); // +-----------------------------------------------------------------------+ // | Build search criteria and redirect to results | // +-----------------------------------------------------------------------+ $page['errors'] = array(); $search = array(); if (isset($_POST['submit'])) { // dates if (!empty($_POST['start_year'])) { $search['fields']['date-after'] = sprintf( '%d-%02d-%02d', $_POST['start_year'], $_POST['start_month'], $_POST['start_day'] ); } if (!empty($_POST['end_year'])) { $search['fields']['date-before'] = sprintf( '%d-%02d-%02d', $_POST['end_year'], $_POST['end_month'], $_POST['end_day'] ); } $search['fields']['types'] = $_POST['types']; $search['fields']['user'] = $_POST['user']; if (!empty($_POST['image_id'])) { $search['fields']['image_id'] = intval($_POST['image_id']); } if (!empty($_POST['filename'])) { $search['fields']['filename'] = str_replace( '*', '%', mysql_escape_string($_POST['filename']) ); } // TODO manage inconsistency of having $_POST['image_id'] and // $_POST['filename'] simultaneously // echo '
'; print_r($search); echo ''; if (!empty($search)) { // register search rules in database, then they will be available on // thumbnails page and picture page. $query =' INSERT INTO '.SEARCH_TABLE.' (rules) VALUES (\''.serialize($search).'\') ;'; pwg_query($query); $search_id = mysql_insert_id(); redirect( PHPWG_ROOT_PATH.'admin.php?page=history&search_id='.$search_id ); } else { array_push($page['errors'], $lang['search_one_clause_at_least']); } } // +-----------------------------------------------------------------------+ // | template init | // +-----------------------------------------------------------------------+ $template->set_filename('history', 'admin/history.tpl'); // TabSheet initialization history_tabsheet(); $base_url = PHPWG_ROOT_PATH.'admin.php?page=history'; $template->assign_vars( array( 'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=history', 'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=history' ) ); $template->assign_vars( array( 'TODAY_DAY' => date('d', time()), 'TODAY_MONTH' => date('m', time()), 'TODAY_YEAR' => date('Y', time()), ) ); // +-----------------------------------------------------------------------+ // | history lines | // +-----------------------------------------------------------------------+ if (isset($_GET['search_id']) and $page['search_id'] = (int)$_GET['search_id']) { // what are the lines to display in reality ? $query = ' SELECT rules FROM '.SEARCH_TABLE.' WHERE id = '.$page['search_id'].' ;'; list($serialized_rules) = mysql_fetch_row(pwg_query($query)); $page['search'] = unserialize($serialized_rules); if (isset($_GET['user_id'])) { if (!is_numeric($_GET['user_id'])) { die('user_id GET parameter must be an integer value'); } $page['search']['fields']['user'] = $_GET['user_id']; $query =' INSERT INTO '.SEARCH_TABLE.' (rules) VALUES (\''.serialize($page['search']).'\') ;'; pwg_query($query); $search_id = mysql_insert_id(); redirect( PHPWG_ROOT_PATH.'admin.php?page=history&search_id='.$search_id ); } if (isset($page['search']['fields']['filename'])) { $query = ' SELECT id FROM '.IMAGES_TABLE.' WHERE file LIKE \''.$page['search']['fields']['filename'].'\' ;'; $page['search']['image_ids'] = array_from_query($query, 'id'); } // echo '
'; print_r($page['search']); echo ''; $clauses = array(); if (isset($page['search']['fields']['date-after'])) { array_push( $clauses, "date >= '".$page['search']['fields']['date-after']."'" ); } if (isset($page['search']['fields']['date-before'])) { array_push( $clauses, "date <= '".$page['search']['fields']['date-before']."'" ); } if (isset($page['search']['fields']['types'])) { $local_clauses = array(); foreach ($types as $type) { if (in_array($type, $page['search']['fields']['types'])) { $clause = 'image_type '; if ($type == 'none') { $clause.= 'IS NULL'; } else { $clause.= "= '".$type."'"; } array_push($local_clauses, $clause); } } if (count($local_clauses) > 0) { array_push( $clauses, implode(' OR ', $local_clauses) ); } } if (isset($page['search']['fields']['user']) and $page['search']['fields']['user'] != -1) { array_push( $clauses, 'user_id = '.$page['search']['fields']['user'] ); } if (isset($page['search']['fields']['image_id'])) { array_push( $clauses, 'image_id = '.$page['search']['fields']['image_id'] ); } if (isset($page['search']['fields']['filename'])) { if (count($page['search']['image_ids']) == 0) { // a clause that is always false array_push($clauses, '1 = 2 '); } else { array_push( $clauses, 'image_id IN ('.implode(', ', $page['search']['image_ids']).')' ); } } $clauses = prepend_append_array_items($clauses, '(', ')'); $where_separator = implode( "\n AND ", $clauses ); $query = ' SELECT date, time, user_id, IP, section, category_id, tag_ids, image_id, image_type FROM '.HISTORY_TABLE.' WHERE '.$where_separator.' ;'; // LIMIT '.$page['start'].', '.$conf['nb_logs_page'].' $result = pwg_query($query); $page['nb_lines'] = mysql_num_rows($result); $history_lines = array(); $user_ids = array(); $username_of = array(); $category_ids = array(); $image_ids = array(); $tag_ids = array(); while ($row = mysql_fetch_assoc($result)) { $user_ids[$row['user_id']] = 1; if (isset($row['category_id'])) { $category_ids[$row['category_id']] = 1; } if (isset($row['image_id'])) { $image_ids[$row['image_id']] = 1; } if (isset($row['tag_ids'])) { foreach (explode(',', $row['tag_ids']) as $tag_id) { array_push($tag_ids, $tag_id); } } array_push( $history_lines, $row ); } // prepare reference data (users, tags, categories...) if (count($user_ids) > 0) { $query = ' SELECT '.$conf['user_fields']['id'].' AS id , '.$conf['user_fields']['username'].' AS username FROM '.USERS_TABLE.' WHERE id IN ('.implode(',', array_keys($user_ids)).') ;'; $result = pwg_query($query); $username_of = array(); while ($row = mysql_fetch_array($result)) { $username_of[$row['id']] = $row['username']; } } if (count($category_ids) > 0) { $query = ' SELECT id, uppercats FROM '.CATEGORIES_TABLE.' WHERE id IN ('.implode(',', array_keys($category_ids)).') ;'; $uppercats_of = simple_hash_from_query($query, 'id', 'uppercats'); $name_of_category = array(); foreach ($uppercats_of as $category_id => $uppercats) { $name_of_category[$category_id] = get_cat_display_name_cache( $uppercats ); } } if (count($image_ids) > 0) { $query = ' SELECT id, IF(name IS NULL, file, name) AS label, filesize, high_filesize, file, path, tn_ext FROM '.IMAGES_TABLE.' WHERE id IN ('.implode(',', array_keys($image_ids)).') ;'; // $label_of_image = simple_hash_from_query($query, 'id', 'label'); $label_of_image = array(); $filesize_of_image = array(); $high_filesize_of_image = array(); $file_of_image = array(); $path_of_image = array(); $tn_ext_of_image = array(); $result = pwg_query($query); while ($row = mysql_fetch_array($result)) { $label_of_image[ $row['id'] ] = $row['label']; if (isset($row['filesize'])) { $filesize_of_image[ $row['id'] ] = $row['filesize']; } if (isset($row['high_filesize'])) { $high_filesize_of_image[ $row['id'] ] = $row['high_filesize']; } $file_of_image[ $row['id'] ] = $row['file']; $path_of_image[ $row['id'] ] = $row['path']; $tn_ext_of_image[ $row['id'] ] = $row['tn_ext']; } // echo '
'; print_r($high_filesize_of_image); echo ''; } if (count($tag_ids) > 0) { $tag_ids = array_unique($tag_ids); $query = ' SELECT id, name FROM '.TAGS_TABLE.' WHERE id IN ('.implode(', ', $tag_ids).') ;'; $name_of_tag = array(); $result = pwg_query($query); while ($row = mysql_fetch_array($result)) { $name_of_tag[ $row['id'] ] = $row['name']; } } $i = 0; $first_line = $page['start'] + 1; $last_line = $page['start'] + $conf['nb_logs_page']; $summary['total_filesize'] = 0; $summary['guests_IP'] = array(); foreach ($history_lines as $line) { // FIXME when we watch the representative of a non image element, it is // the not the representative filesize that is counted (as it is // unknown) but the non image element filesize. Proposed solution: add // #images.representative_filesize and add 'representative' in the // choices of #history.image_type. if (isset($line['image_type'])) { if ($line['image_type'] == 'high') { if (isset($high_filesize_of_image[$line['image_id']])) { $summary['total_filesize']+= $high_filesize_of_image[$line['image_id']]; } } else { if (isset($filesize_of_image[$line['image_id']])) { $summary['total_filesize']+= $filesize_of_image[$line['image_id']]; } } } if ($line['user_id'] == $conf['guest_id']) { if (!isset($summary['guests_IP'][ $line['IP'] ])) { $summary['guests_IP'][ $line['IP'] ] = 0; } $summary['guests_IP'][ $line['IP'] ]++; } $i++; if ($i < $first_line or $i > $last_line) { continue; } $user_string = ''; if (isset($username_of[$line['user_id']])) { $user_string.= $username_of[$line['user_id']]; } else { $user_string.= $line['user_id']; } $user_string.= ' +'; $tags_string = ''; if (isset($line['tag_ids'])) { $tags_string = preg_replace( '/(\d+)/e', '$name_of_tag["$1"]', str_replace( ',', ', ', $line['tag_ids'] ) ); } $image_string = ''; if (isset($line['image_id'])) { $picture_url = make_picture_url( array( 'image_id' => $line['image_id'], ) ); // (1258)