$_POST: // '; print_r($_POST); echo ''; // echo '
$_GET:
// '; print_r($_GET); echo '
'; // +-----------------------------------------------------------------------+ // | functions | // +-----------------------------------------------------------------------+ // +-----------------------------------------------------------------------+ // | initialization | // +-----------------------------------------------------------------------+ if (!defined('PHPWG_ROOT_PATH')) { die('Hacking attempt!'); } include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); include_once(PHPWG_ROOT_PATH.'admin/include/functions_history.inc.php'); if (isset($_GET['start']) and is_numeric($_GET['start'])) { $page['start'] = $_GET['start']; } else { $page['start'] = 0; } $types = array('none', 'picture', 'high', 'other'); // +-----------------------------------------------------------------------+ // | Check Access and exit when user status is not ok | // +-----------------------------------------------------------------------+ check_status(ACCESS_ADMINISTRATOR); // +-----------------------------------------------------------------------+ // | Build search criteria and redirect to results | // +-----------------------------------------------------------------------+ $page['errors'] = array(); $search = array(); if (isset($_POST['submit'])) { // dates if (!empty($_POST['start_year'])) { $search['fields']['date-after'] = sprintf( '%d-%02d-%02d', $_POST['start_year'], $_POST['start_month'], $_POST['start_day'] ); } if (!empty($_POST['end_year'])) { $search['fields']['date-before'] = sprintf( '%d-%02d-%02d', $_POST['end_year'], $_POST['end_month'], $_POST['end_day'] ); } $search['fields']['types'] = $_POST['types']; $search['fields']['user'] = $_POST['user']; if (!empty($_POST['image_id'])) { $search['fields']['image_id'] = intval($_POST['image_id']); } if (!empty($_POST['filename'])) { $search['fields']['filename'] = str_replace( '*', '%', mysql_escape_string($_POST['filename']) ); } // TODO manage inconsistency of having $_POST['image_id'] and // $_POST['filename'] simultaneously // echo '
'; print_r($search); echo '
'; if (!empty($search)) { // register search rules in database, then they will be available on // thumbnails page and picture page. $query =' INSERT INTO '.SEARCH_TABLE.' (rules) VALUES (\''.serialize($search).'\') ;'; pwg_query($query); $search_id = mysql_insert_id(); redirect( PHPWG_ROOT_PATH.'admin.php?page=history&search_id='.$search_id ); } else { array_push($page['errors'], $lang['search_one_clause_at_least']); } } // +-----------------------------------------------------------------------+ // | template init | // +-----------------------------------------------------------------------+ $template->set_filename('history', 'admin/history.tpl'); // TabSheet initialization history_tabsheet(); $base_url = PHPWG_ROOT_PATH.'admin.php?page=history'; $template->assign_vars( array( 'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=history', 'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=history' ) ); $template->assign_vars( array( 'TODAY_DAY' => date('d', time()), 'TODAY_MONTH' => date('m', time()), 'TODAY_YEAR' => date('Y', time()), ) ); // +-----------------------------------------------------------------------+ // | history lines | // +-----------------------------------------------------------------------+ if (isset($_GET['search_id']) and $page['search_id'] = (int)$_GET['search_id']) { // what are the lines to display in reality ? $query = ' SELECT rules FROM '.SEARCH_TABLE.' WHERE id = '.$page['search_id'].' ;'; list($serialized_rules) = mysql_fetch_row(pwg_query($query)); $page['search'] = unserialize($serialized_rules); if (isset($_GET['user_id'])) { if (!is_numeric($_GET['user_id'])) { die('user_id GET parameter must be an integer value'); } $page['search']['fields']['user'] = $_GET['user_id']; $query =' INSERT INTO '.SEARCH_TABLE.' (rules) VALUES (\''.serialize($page['search']).'\') ;'; pwg_query($query); $search_id = mysql_insert_id(); redirect( PHPWG_ROOT_PATH.'admin.php?page=history&search_id='.$search_id ); } if (isset($page['search']['fields']['filename'])) { $query = ' SELECT id FROM '.IMAGES_TABLE.' WHERE file LIKE \''.$page['search']['fields']['filename'].'\' ;'; $page['search']['image_ids'] = array_from_query($query, 'id'); } // echo '
'; print_r($page['search']); echo '
'; $clauses = array(); if (isset($page['search']['fields']['date-after'])) { array_push( $clauses, "date >= '".$page['search']['fields']['date-after']."'" ); } if (isset($page['search']['fields']['date-before'])) { array_push( $clauses, "date <= '".$page['search']['fields']['date-before']."'" ); } if (isset($page['search']['fields']['types'])) { $local_clauses = array(); foreach ($types as $type) { if (in_array($type, $page['search']['fields']['types'])) { $clause = 'image_type '; if ($type == 'none') { $clause.= 'IS NULL'; } else { $clause.= "= '".$type."'"; } array_push($local_clauses, $clause); } } if (count($local_clauses) > 0) { array_push( $clauses, implode(' OR ', $local_clauses) ); } } if (isset($page['search']['fields']['user']) and $page['search']['fields']['user'] != -1) { array_push( $clauses, 'user_id = '.$page['search']['fields']['user'] ); } if (isset($page['search']['fields']['image_id'])) { array_push( $clauses, 'image_id = '.$page['search']['fields']['image_id'] ); } if (isset($page['search']['fields']['filename'])) { if (count($page['search']['image_ids']) == 0) { // a clause that is always false array_push($clauses, '1 = 2 '); } else { array_push( $clauses, 'image_id IN ('.implode(', ', $page['search']['image_ids']).')' ); } } $clauses = prepend_append_array_items($clauses, '(', ')'); $where_separator = implode( "\n AND ", $clauses ); $query = ' SELECT date, time, user_id, IP, section, category_id, tag_ids, image_id, image_type FROM '.HISTORY_TABLE.' WHERE '.$where_separator.' ;'; // LIMIT '.$page['start'].', '.$conf['nb_logs_page'].' $result = pwg_query($query); $page['nb_lines'] = mysql_num_rows($result); $history_lines = array(); $user_ids = array(); $category_ids = array(); $image_ids = array(); $tag_ids = array(); while ($row = mysql_fetch_assoc($result)) { $user_ids[$row['user_id']] = 1; if (isset($row['category_id'])) { $category_ids[$row['category_id']] = 1; } if (isset($row['image_id'])) { $image_ids[$row['image_id']] = 1; } if (isset($row['tag_ids'])) { foreach (explode(',', $row['tag_ids']) as $tag_id) { array_push($tag_ids, $tag_id); } } array_push( $history_lines, $row ); } // prepare reference data (users, tags, categories...) if (count($user_ids) > 0) { $query = ' SELECT '.$conf['user_fields']['id'].' AS id , '.$conf['user_fields']['username'].' AS username FROM '.USERS_TABLE.' WHERE id IN ('.implode(',', array_keys($user_ids)).') ;'; $result = pwg_query($query); $username_of = array(); while ($row = mysql_fetch_array($result)) { $username_of[$row['id']] = $row['username']; } } if (count($category_ids) > 0) { $query = ' SELECT id, uppercats FROM '.CATEGORIES_TABLE.' WHERE id IN ('.implode(',', array_keys($category_ids)).') ;'; $uppercats_of = simple_hash_from_query($query, 'id', 'uppercats'); $name_of_category = array(); foreach ($uppercats_of as $category_id => $uppercats) { $name_of_category[$category_id] = get_cat_display_name_cache( $uppercats ); } } if (count($image_ids) > 0) { $query = ' SELECT id, IF(name IS NULL, file, name) AS label, filesize, high_filesize FROM '.IMAGES_TABLE.' WHERE id IN ('.implode(',', array_keys($image_ids)).') ;'; // $label_of_image = simple_hash_from_query($query, 'id', 'label'); $label_of_image = array(); $filesize_of_image = array(); $high_filesize_of_image = array(); $result = pwg_query($query); while ($row = mysql_fetch_array($result)) { $label_of_image[ $row['id'] ] = $row['label']; if (isset($row['filesize'])) { $filesize_of_image[ $row['id'] ] = $row['filesize']; } if (isset($row['high_filesize'])) { $high_filesize_of_image[ $row['id'] ] = $row['high_filesize']; } } // echo '
'; print_r($high_filesize_of_image); echo '
'; } if (count($tag_ids) > 0) { $tag_ids = array_unique($tag_ids); $query = ' SELECT id, name FROM '.TAGS_TABLE.' WHERE id IN ('.implode(', ', $tag_ids).') ;'; $name_of_tag = array(); $result = pwg_query($query); while ($row = mysql_fetch_array($result)) { $name_of_tag[ $row['id'] ] = $row['name']; } } $i = 0; $first_line = $page['start'] + 1; $last_line = $page['start'] + $conf['nb_logs_page']; $total_filesize = 0; foreach ($history_lines as $line) { if (isset($line['image_type'])) { if ($line['image_type'] == 'high') { if (isset($high_filesize_of_image[$line['image_id']])) { $total_filesize+= $high_filesize_of_image[$line['image_id']]; } } else { if (isset($filesize_of_image[$line['image_id']])) { $total_filesize+= $filesize_of_image[$line['image_id']]; } } } $i++; if ($i < $first_line or $i > $last_line) { continue; } $user_string = ''; if (isset($username_of[$line['user_id']])) { $user_string.= $username_of[$line['user_id']]; } else { $user_string.= $line['user_id']; } $user_string.= ' +'; $tags_string = ''; if (isset($line['tag_ids'])) { $tags_string = preg_replace( '/(\d+)/e', '$name_of_tag["$1"]', str_replace( ',', ', ', $line['tag_ids'] ) ); } $template->assign_block_vars( 'detail', array( 'DATE' => $line['date'], 'TIME' => $line['time'], 'USER' => $user_string, 'IP' => $line['IP'], 'IMAGE' => isset($line['image_id']) ? ( isset($label_of_image[$line['image_id']]) ? sprintf( '(%u) %s', $line['image_id'], $label_of_image[$line['image_id']] ) : sprintf( '(%u) deleted ', $line['image_id'] ) ) : '', 'TYPE' => $line['image_type'], 'SECTION' => $line['section'], 'CATEGORY' => isset($line['category_id']) ? ( isset($name_of_category[$line['category_id']]) ? $name_of_category[$line['category_id']] : 'deleted '.$line['category_id'] ) : '', 'TAGS' => $tags_string, 'T_CLASS' => ($i % 2) ? 'row1' : 'row2', ) ); } $template->assign_block_vars( 'summary', array( 'FILESIZE' => $total_filesize.' KB', ) ); } // +-----------------------------------------------------------------------+ // | navigation bar | // +-----------------------------------------------------------------------+ if (isset($page['search_id'])) { $navbar = create_navigation_bar( PHPWG_ROOT_PATH.'admin.php'.get_query_string_diff(array('start')), $page['nb_lines'], $page['start'], $conf['nb_logs_page'] ); $template->assign_block_vars( 'navigation', array( 'NAVBAR' => $navbar ) ); } // +-----------------------------------------------------------------------+ // | filter form | // +-----------------------------------------------------------------------+ $form = array(); if (isset($page['search'])) { if (isset($page['search']['fields']['date-after'])) { $tokens = explode('-', $page['search']['fields']['date-after']); $form['start_year'] = (int)$tokens[0]; $form['start_month'] = (int)$tokens[1]; $form['start_day'] = (int)$tokens[2]; } if (isset($page['search']['fields']['date-before'])) { $tokens = explode('-', $page['search']['fields']['date-before']); $form['end_year'] = (int)$tokens[0]; $form['end_month'] = (int)$tokens[1]; $form['end_day'] = (int)$tokens[2]; } $form['types'] = $page['search']['fields']['types']; if (isset($page['search']['fields']['user'])) { $form['user'] = $page['search']['fields']['user']; } else { $form['user'] = null; } $form['image_id'] = @$page['search']['fields']['image_id']; $form['filename'] = @$page['search']['fields']['filename']; } else { // by default, at page load, we want the selected date to be the current // date $form['start_year'] = $form['end_year'] = date('Y'); $form['start_month'] = $form['end_month'] = date('n'); $form['start_day'] = $form['end_day'] = date('j'); $form['types'] = $types; } // start date get_day_list('start_day', @$form['start_day']); get_month_list('start_month', @$form['start_month']); // end date get_day_list('end_day', @$form['end_day']); get_month_list('end_month', @$form['end_month']); $template->assign_vars( array( 'START_YEAR' => @$form['start_year'], 'END_YEAR' => @$form['end_year'], 'IMAGE_ID' => @$form['image_id'], 'FILENAME' => @$form['filename'], ) ); foreach ($types as $option) { $selected = ''; if (in_array($option, $form['types'])) { $selected = 'selected="selected"'; } $template->assign_block_vars( 'types_option', array( 'VALUE' => $option, 'CONTENT' => l10n($option), 'SELECTED' => $selected, ) ); } $template->assign_block_vars( 'user_option', array( 'VALUE'=> -1, 'CONTENT' => '------------', 'SELECTED' => '' ) ); $query = ' SELECT '.$conf['user_fields']['id'].' AS id, '.$conf['user_fields']['username'].' AS username FROM '.USERS_TABLE.' ORDER BY username ASC ;'; $result = pwg_query($query); while ($row = mysql_fetch_array($result)) { $selected = ''; if (isset($form['user']) and $row['id'] == $form['user']) { $selected = 'selected="selected"'; } $template->assign_block_vars( 'user_option', array( 'VALUE' => $row['id'], 'CONTENT' => $row['username'], 'SELECTED' => $selected, ) ); } // +-----------------------------------------------------------------------+ // | html code display | // +-----------------------------------------------------------------------+ $template->assign_var_from_handle('ADMIN_CONTENT', 'history'); ?>