'.$lang['access_forbiden'].'
';
echo '';
echo $lang['thumbnails'].'';
exit();
}
}
/**
* Checks whether the argument is a right parameter category id
*
* The argument is a right parameter if corresponds to one of these :
*
* - is numeric and corresponds to a category in the database
* - equals 'fav' (for favorites)
* - equals 'search' (when the result of a search is displayed)
* - equals 'most_visited'
* - equals 'best_rated'
* - equals 'recent_pics'
* - equals 'recent_cats'
* - equals 'calendar'
* - equals 'list'
*
* The function fills the global var $page['cat'] and returns nothing
*
* @param mixed category id or special category name
* @return void
*/
function check_cat_id( $cat )
{
global $page;
unset( $page['cat'] );
if ( isset( $cat ) )
{
if ( isset( $page['plain_structure'][$cat] ) )
{
$page['cat'] = $cat;
}
else if ( is_numeric( $cat ) )
{
$query = 'SELECT id';
$query.= ' FROM '.CATEGORIES_TABLE.' WHERE id = '.$cat.';';
$result = pwg_query( $query );
if ( mysql_num_rows( $result ) != 0 )
{
$page['cat'] = $cat;
}
}
if ( $cat == 'fav'
or $cat == 'most_visited'
or $cat == 'best_rated'
or $cat == 'recent_pics'
or $cat == 'recent_cats'
or $cat == 'calendar' )
{
$page['cat'] = $cat;
}
if ($cat == 'search' and isset($_GET['search']))
{
$page['cat'] = $cat;
}
if ($cat == 'list'
and isset($_GET['list'])
and preg_match('/^\d+(,\d+)*$/', $_GET['list']))
{
$page['cat'] = 'list';
}
}
}
function get_categories_menu()
{
global $page,$user;
$infos = array('');
$query = '
SELECT name,id,date_last,nb_images,global_rank
FROM '.CATEGORIES_TABLE.'
WHERE 1 = 1'; // stupid but permit using AND after it !
if (!$user['expand'])
{
$query.= '
AND (id_uppercat is NULL';
if (isset ($page['tab_expand']) and count($page['tab_expand']) > 0)
{
$query.= ' OR id_uppercat IN ('.implode(',',$page['tab_expand']).')';
}
$query.= ')';
}
if ($user['forbidden_categories'] != '')
{
$query.= '
AND id NOT IN ('.$user['forbidden_categories'].')';
}
$query.= '
;';
$result = pwg_query($query);
$cats = array();
while ($row = mysql_fetch_array($result))
{
array_push($cats, $row);
}
usort($cats, 'global_rank_compare');
return get_html_menu_category($cats);
}
/**
* returns the total number of elements viewable in the gallery by the
* connected user
*
* @return int
*/
function count_user_total_images()
{
global $user;
$query = '
SELECT COUNT(DISTINCT(image_id)) as total
FROM '.IMAGE_CATEGORY_TABLE.'
WHERE category_id NOT IN ('.$user['forbidden_categories'].')
;';
list($total) = mysql_fetch_array(pwg_query($query));
return $total;
}
/**
* Retrieve informations about a category in the database
*
* Returns an array with following keys :
*
* - comment
* - dir : directory, might be empty for virtual categories
* - name : an array with indexes from 0 (lowest cat name) to n (most
* uppercat name findable)
* - nb_images
* - id_uppercat
* - site_id
* -
*
* @param int category id
* @return array
*/
function get_cat_info( $id )
{
$infos = array('nb_images','id_uppercat','comment','site_id'
,'dir','date_last','uploadable','status','visible'
,'representative_picture_id','uppercats','commentable');
$query = '
SELECT '.implode(',', $infos).'
FROM '.CATEGORIES_TABLE.'
WHERE id = '.$id.'
;';
$row = mysql_fetch_array(pwg_query($query));
$cat = array();
foreach ($infos as $info)
{
if (isset($row[$info]))
{
$cat[$info] = $row[$info];
}
else
{
$cat[$info] = '';
}
// If the field is true or false, the variable is transformed into a
// boolean value.
if ($cat[$info] == 'true' or $cat[$info] == 'false')
{
$cat[$info] = get_boolean( $cat[$info] );
}
}
$cat['comment'] = nl2br($cat['comment']);
$names = array();
$query = '
SELECT name,id
FROM '.CATEGORIES_TABLE.'
WHERE id IN ('.$cat['uppercats'].')
;';
$result = pwg_query($query);
while($row = mysql_fetch_array($result))
{
$names[$row['id']] = $row['name'];
}
// category names must be in the same order than uppercats list
$cat['name'] = array();
foreach (explode(',', $cat['uppercats']) as $cat_id)
{
$cat['name'][$cat_id] = $names[$cat_id];
}
return $cat;
}
// get_complete_dir returns the concatenation of get_site_url and
// get_local_dir
// Example : "pets > rex > 1_year_old" is on the the same site as the
// PhpWebGallery files and this category has 22 for identifier
// get_complete_dir(22) returns "./galleries/pets/rex/1_year_old/"
function get_complete_dir( $category_id )
{
return get_site_url($category_id).get_local_dir($category_id);
}
// get_local_dir returns an array with complete path without the site url
// Example : "pets > rex > 1_year_old" is on the the same site as the
// PhpWebGallery files and this category has 22 for identifier
// get_local_dir(22) returns "pets/rex/1_year_old/"
function get_local_dir( $category_id )
{
global $page;
$uppercats = '';
$local_dir = '';
if ( isset( $page['plain_structure'][$category_id]['uppercats'] ) )
{
$uppercats = $page['plain_structure'][$category_id]['uppercats'];
}
else
{
$query = 'SELECT uppercats';
$query.= ' FROM '.CATEGORIES_TABLE.' WHERE id = '.$category_id;
$query.= ';';
$row = mysql_fetch_array( pwg_query( $query ) );
$uppercats = $row['uppercats'];
}
$upper_array = explode( ',', $uppercats );
$database_dirs = array();
$query = 'SELECT id,dir';
$query.= ' FROM '.CATEGORIES_TABLE.' WHERE id IN ('.$uppercats.')';
$query.= ';';
$result = pwg_query( $query );
while( $row = mysql_fetch_array( $result ) )
{
$database_dirs[$row['id']] = $row['dir'];
}
foreach ($upper_array as $id)
{
$local_dir.= $database_dirs[$id].'/';
}
return $local_dir;
}
// retrieving the site url : "http://domain.com/gallery/" or
// simply "./galleries/"
function get_site_url($category_id)
{
global $page;
$query = '
SELECT galleries_url
FROM '.SITES_TABLE.' AS s,'.CATEGORIES_TABLE.' AS c
WHERE s.id = c.site_id
AND c.id = '.$category_id.'
;';
$row = mysql_fetch_array(pwg_query($query));
return $row['galleries_url'];
}
// initialize_category initializes ;-) the variables in relation
// with category :
// 1. calculation of the number of pictures in the category
// 2. determination of the SQL query part to ask to find the right category
// $page['where'] is not the same if we are in
// - simple category
// - search result
// - favorites displaying
// - most visited pictures
// - best rated pictures
// - recent pictures
// - defined list (used for random)
// 3. determination of the title of the page
// 4. creation of the navigation bar
function initialize_category( $calling_page = 'category' )
{
pwg_debug( 'start initialize_category' );
global $page,$lang,$user,$conf;
if ( isset( $page['cat'] ) )
{
// $page['nb_image_page'] is the number of picture to display on this page
// By default, it is the same as the $user['nb_image_page']
$page['nb_image_page'] = $user['nb_image_page'];
// $url is used to create the navigation bar
$url = PHPWG_ROOT_PATH.'category.php?cat='.$page['cat'];
if ( isset($page['expand']) ) $url.= '&expand='.$page['expand'];
// simple category
if ( is_numeric( $page['cat'] ) )
{
$result = get_cat_info( $page['cat'] );
$page['comment'] = $result['comment'];
$page['cat_dir'] = $result['dir'];
$page['cat_name'] = $result['name'];
$page['cat_nb_images'] = $result['nb_images'];
$page['cat_site_id'] = $result['site_id'];
$page['cat_uploadable'] = $result['uploadable'];
$page['cat_commentable'] = $result['commentable'];
$page['uppercats'] = $result['uppercats'];
$page['title'] =
get_cat_display_name($page['cat_name'],
'',
false);
$page['where'] = ' WHERE category_id = '.$page['cat'];
}
else
{
if ($page['cat'] == 'search'
or $page['cat'] == 'most_visited'
or $page['cat'] == 'recent_pics'
or $page['cat'] == 'recent_cats'
or $page['cat'] == 'best_rated'
or $page['cat'] == 'calendar'
or $page['cat'] == 'list')
{
// we must not show pictures of a forbidden category
if ( $user['forbidden_categories'] != '' )
{
$forbidden = ' category_id NOT IN ';
$forbidden.= '('.$user['forbidden_categories'].')';
}
}
// search result
if ( $page['cat'] == 'search' )
{
// SQL injection hacking attempt?
if (strpos($_GET['search'], ';') !== false)
{
die('Hacking attempt on "search" GET parameter');
}
// analyze search string given in URL (created in search.php)
$tokens = explode('|', $_GET['search']);
if (isset($tokens[1]) and $tokens[1] == 'AND')
{
$search['mode'] = 'AND';
}
else
{
$search['mode'] = 'OR';
}
$search_tokens = explode('--', $tokens[0]);
foreach ($search_tokens as $search_token)
{
$tokens = explode(':', $search_token);
$field_name = $tokens[0];
$field_content = $tokens[1];
$tokens = explode('~', $tokens[1]);
if (isset($tokens[1]))
{
$search['fields'][$field_name]['mode'] = $tokens[1];
}
else
{
$search['fields'][$field_name]['mode'] = '';
}
$search['fields'][$field_name]['words'] = array();
$tokens = explode(',', $tokens[0]);
foreach ($tokens as $token)
{
array_push($search['fields'][$field_name]['words'],
htmlentities($token));
}
}
$page['title'] = $lang['search_result'];
if ( $calling_page == 'picture' )
{
$page['title'].= ' : ';
$page['title'].= $_GET['search']."";
}
// SQL where clauses are stored in $clauses array during query
// construction
$clauses = array();
$textfields = array('file', 'name', 'comment', 'keywords', 'author');
foreach ($textfields as $textfield)
{
if (isset($search['fields'][$textfield]))
{
$local_clauses = array();
foreach ($search['fields'][$textfield]['words'] as $word)
{
array_push($local_clauses, $textfield." LIKE '%".$word."%'");
}
// adds brackets around where clauses
array_walk($local_clauses,create_function('&$s','$s="(".$s.")";'));
array_push($clauses,
implode(' '.$search['fields'][$textfield]['mode'].' ',
$local_clauses));
}
}
if (isset($search['fields']['allwords']))
{
$fields = array('file', 'name', 'comment', 'keywords', 'author');
// in the OR mode, request bust be :
// ((field1 LIKE '%word1%' OR field2 LIKE '%word1%')
// OR (field1 LIKE '%word2%' OR field2 LIKE '%word2%'))
//
// in the AND mode :
// ((field1 LIKE '%word1%' OR field2 LIKE '%word1%')
// AND (field1 LIKE '%word2%' OR field2 LIKE '%word2%'))
$word_clauses = array();
foreach ($search['fields']['allwords']['words'] as $word)
{
$field_clauses = array();
foreach ($fields as $field)
{
array_push($field_clauses, $field." LIKE '%".$word."%'");
}
// adds brackets around where clauses
array_push($word_clauses, implode(' OR ', $field_clauses));
}
array_walk($word_clauses, create_function('&$s','$s="(".$s.")";'));
array_push($clauses,
implode(' '.$search['fields']['allwords']['mode'].' ',
$word_clauses));
}
$datefields = array('date_available', 'date_creation');
foreach ($datefields as $datefield)
{
$key = $datefield;
if (isset($search['fields'][$key]))
{
$local_clause = $datefield." = '";
$local_clause.= str_replace('.', '-',
$search['fields'][$key]['words'][0]);
$local_clause.= "'";
array_push($clauses, $local_clause);
}
foreach (array('after','before') as $suffix)
{
$key = $datefield.'-'.$suffix;
if (isset($search['fields'][$key]))
{
$local_clause = $datefield;
if ($suffix == 'after')
{
$local_clause.= ' >';
}
else
{
$local_clause.= ' <';
}
if (isset($search['fields'][$key]['mode'])
and $search['fields'][$key]['mode'] == 'inc')
{
$local_clause.= '=';
}
$local_clause.= " '";
$local_clause.= str_replace('.', '-',
$search['fields'][$key]['words'][0]);
$local_clause.= "'";
array_push($clauses, $local_clause);
}
}
}
if (isset($search['fields']['cat']))
{
if ($search['fields']['cat']['mode'] == 'sub_inc')
{
// searching all the categories id of sub-categories
$cat_ids = get_subcat_ids($search['fields']['cat']['words']);
}
else
{
$cat_ids = $search['fields']['cat']['words'];
}
$local_clause = 'category_id IN ('.implode(',', $cat_ids).')';
array_push($clauses, $local_clause);
}
// adds brackets around where clauses
array_walk($clauses, create_function('&$s', '$s = "(".$s.")";'));
$page['where'] = 'WHERE '.implode(' '.$search['mode'].' ', $clauses);
if ( isset( $forbidden ) ) $page['where'].= ' AND '.$forbidden;
$query = '
SELECT COUNT(DISTINCT(id)) AS nb_total_images
FROM '.IMAGES_TABLE.'
INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id
'.$page['where'].'
;';
$url.= '&search='.$_GET['search'];
}
// favorites displaying
else if ( $page['cat'] == 'fav' )
{
check_user_favorites();
$page['title'] = $lang['favorites'];
$page['where'] = ', '.FAVORITES_TABLE.' AS fav';
$page['where'].= ' WHERE user_id = '.$user['id'];
$page['where'].= ' AND fav.image_id = id';
$query = 'SELECT COUNT(*) AS nb_total_images';
$query.= ' FROM '.FAVORITES_TABLE;
$query.= ' WHERE user_id = '.$user['id'];
$query.= ';';
}
// pictures within the short period
else if ( $page['cat'] == 'recent_pics' )
{
$page['title'] = $lang['recent_pics_cat'];
// We must find the date corresponding to :
// today - $conf['periode_courte']
$date = time() - 60*60*24*$user['recent_period'];
$page['where'] = " WHERE date_available > '";
$page['where'].= date( 'Y-m-d', $date )."'";
if ( isset( $forbidden ) ) $page['where'].= ' AND '.$forbidden;
$query = '
SELECT COUNT(DISTINCT(id)) AS nb_total_images
FROM '.IMAGES_TABLE.' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic
ON id = ic.image_id
'.$page['where'].'
;';
}
// categories containing recent pictures
else if ( $page['cat'] == 'recent_cats' )
{
$page['title'] = $lang['recent_cats_cat'];
$page['cat_nb_images'] = 0;
}
// most visited pictures
else if ( $page['cat'] == 'most_visited' )
{
$page['title'] = $conf['top_number'].' '.$lang['most_visited_cat'];
$page['where'] = 'WHERE hit > 0';
if (isset($forbidden))
{
$page['where'] = "\n".' AND '.$forbidden;
}
$conf['order_by'] = ' ORDER BY hit DESC, file ASC';
// $page['cat_nb_images'] equals $conf['top_number'] unless there
// are less visited items
$query ='
SELECT COUNT(DISTINCT(id)) AS count
FROM '.IMAGES_TABLE.'
INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id
'.$page['where'].'
;';
$row = mysql_fetch_array(pwg_query($query));
if ($row['count'] < $conf['top_number'])
{
$page['cat_nb_images'] = $row['count'];
}
else
{
$page['cat_nb_images'] = $conf['top_number'];
}
unset($query);
if ( isset( $page['start'] )
and ($page['start']+$user['nb_image_page']>=$conf['top_number']))
{
$page['nb_image_page'] = $conf['top_number'] - $page['start'];
}
}
else if ( $page['cat'] == 'calendar' )
{
$page['cat_nb_images'] = 0;
$page['title'] = $lang['calendar'];
if (isset($_GET['year'])
and preg_match('/^\d+$/', $_GET['year']))
{
$page['calendar_year'] = (int)$_GET['year'];
}
if (isset($_GET['month'])
and preg_match('/^(\d+)\.(\d{2})$/', $_GET['month'], $matches))
{
$page['calendar_year'] = (int)$matches[1];
$page['calendar_month'] = (int)$matches[2];
}
if (isset($_GET['day'])
and preg_match('/^(\d+)\.(\d{2})\.(\d{2})$/',
$_GET['day'],
$matches))
{
$page['calendar_year'] = (int)$matches[1];
$page['calendar_month'] = (int)$matches[2];
$page['calendar_day'] = (int)$matches[3];
}
if (isset($page['calendar_year']))
{
$page['title'] .= ' (';
if (isset($page['calendar_day']))
{
if ($page['calendar_year'] >= 1970)
{
$unixdate = mktime(0,0,0,
$page['calendar_month'],
$page['calendar_day'],
$page['calendar_year']);
$page['title'].= $lang['day'][date("w", $unixdate)];
}
$page['title'].= ' '.$page['calendar_day'].', ';
}
if (isset($page['calendar_month']))
{
$page['title'] .= $lang['month'][$page['calendar_month']].' ';
}
$page['title'] .= $page['calendar_year'];
$page['title'] .= ')';
}
$page['where'] = 'WHERE '.$conf['calendar_datefield'].' IS NOT NULL';
if (isset($forbidden))
{
$page['where'].= ' AND '.$forbidden;
}
}
else if ($page['cat'] == 'best_rated')
{
$page['title'] = $conf['top_number'].' '.$lang['best_rated_cat'];
$page['where'] = ' WHERE average_rate IS NOT NULL';
if (isset($forbidden))
{
$page['where'].= ' AND '.$forbidden;
}
$conf['order_by'] = ' ORDER BY average_rate DESC, id ASC';
// $page['cat_nb_images'] equals $conf['top_number'] unless there
// are less rated items
$query ='
SELECT COUNT(DISTINCT(id)) AS count
FROM '.IMAGES_TABLE.'
INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id
'.$page['where'].'
;';
$row = mysql_fetch_array(pwg_query($query));
if ($row['count'] < $conf['top_number'])
{
$page['cat_nb_images'] = $row['count'];
}
else
{
$page['cat_nb_images'] = $conf['top_number'];
}
unset($query);
if (isset($page['start'])
and ($page['start']+$user['nb_image_page']>=$conf['top_number']))
{
$page['nb_image_page'] = $conf['top_number'] - $page['start'];
}
}
else if ($page['cat'] == 'list')
{
$page['title'] = $lang['random_cat'];
$page['where'] = 'WHERE 1=1';
if (isset($forbidden))
{
$page['where'].= ' AND '.$forbidden;
}
$page['where'].= ' AND image_id IN ('.$_GET['list'].')';
$page['cat_nb_images'] = count(explode(',', $_GET['list']));
$url.= '&list='.$_GET['list'];
}
if (isset($query))
{
$result = pwg_query( $query );
$row = mysql_fetch_array( $result );
$page['cat_nb_images'] = $row['nb_total_images'];
}
}
if ( $calling_page == 'category' )
{
$page['navigation_bar'] =
create_navigation_bar( $url, $page['cat_nb_images'], $page['start'],
$user['nb_image_page'], 'back' );
}
}
else
{
$page['title'] = $lang['no_category'];
}
pwg_debug( 'end initialize_category' );
}
function display_select_categories($categories,
$selecteds,
$blockname,
$fullname = true)
{
global $template;
foreach ($categories as $category)
{
$selected = '';
if (in_array($category['id'], $selecteds))
{
$selected = ' selected="selected"';
}
if ($fullname)
{
$option = get_cat_display_name_cache($category['uppercats'],
'',
false);
}
else
{
$option = str_repeat(' ',
(3 * substr_count($category['global_rank'], '.')));
$option.= '- '.$category['name'];
}
$template->assign_block_vars(
$blockname,
array('SELECTED'=>$selected,
'VALUE'=>$category['id'],
'OPTION'=>$option
));
}
}
function display_select_cat_wrapper($query, $selecteds, $blockname,
$fullname = true)
{
$result = pwg_query($query);
$categories = array();
if (!empty($result))
{
while ($row = mysql_fetch_array($result))
{
array_push($categories, $row);
}
}
usort($categories, 'global_rank_compare');
display_select_categories($categories, $selecteds, $blockname, $fullname);
}
/**
* returns all subcategory identifiers of given category ids
*
* @param array ids
* @return array
*/
function get_subcat_ids($ids)
{
$query = '
SELECT DISTINCT(id)
FROM '.CATEGORIES_TABLE.'
WHERE ';
foreach ($ids as $num => $category_id)
{
if ($num > 0)
{
$query.= '
OR ';
}
$query.= 'uppercats REGEXP \'(^|,)'.$category_id.'(,|$)\'';
}
$query.= '
;';
$result = pwg_query($query);
$subcats = array();
while ($row = mysql_fetch_array($result))
{
array_push($subcats, $row['id']);
}
return $subcats;
}
function global_rank_compare($a, $b)
{
return strnatcasecmp($a['global_rank'], $b['global_rank']);
}
?>