| // | branch : BSF (Best So Far) | // +-----------------------------------------------------------------------+ // | file : $RCSfile$ // | last update : $Date$ // | last modifier : $Author$ // | revision : $Revision$ // +-----------------------------------------------------------------------+ // | This program is free software; you can redistribute it and/or modify | // | it under the terms of the GNU General Public License as published by | // | the Free Software Foundation | // | | // | This program is distributed in the hope that it will be useful, but | // | WITHOUT ANY WARRANTY; without even the implied warranty of | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | // | General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | // | USA. | // +-----------------------------------------------------------------------+ //----------------------------------------------------------- include define('PHPWG_ROOT_PATH','./'); include_once( PHPWG_ROOT_PATH.'include/common.inc.php' ); //-------------------------------------------------- access authorization check check_cat_id( $_GET['cat'] ); check_login_authorization(); if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) ) { check_restrictions( $page['cat'] ); } //---------------------------------------- incrementation of the number of hits $query = 'UPDATE '.IMAGES_TABLE.' SET hit=hit+1'; $query.= ' WHERE id='.$_GET['image_id']; $query.= ';'; @mysql_query( $query ); //-------------------------------------------------------------- initialization initialize_category( 'picture' ); // if this image_id doesn't correspond to this category, an error message is // displayed, and execution is stopped if ( 0 ) { echo '
'.$lang['access_forbiden'].'
'; echo ''; echo $lang['thumbnails'].'
'; exit(); } // retrieving the number of the picture in its category (in order) $query = 'SELECT DISTINCT(id)'; $query.= ' FROM '.IMAGES_TABLE; $query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic'; $query.= ' ON id = ic.image_id'; $query.= $page['where']; $query.= $conf['order_by']; $query.= ';'; $result = mysql_query( $query ); $page['num'] = 0; $row = mysql_fetch_array( $result ); while ( $row['id'] != $_GET['image_id'] ) { $page['num']++; $row = mysql_fetch_array( $result ); } //------------------------------------- prev, current & next picture management $picture = array(); $picture['prev']['name'] = ''; $picture['next']['name'] = ''; $picture['prev']['thumbnail'] = ''; $picture['next']['thumbnail'] = ''; $picture['prev']['url'] = ''; $picture['next']['url'] = ''; $next = $page['num'] + 1; $prev = $page['num'] - 1; if ( $page['num'] == $page['cat_nb_images'] - 1 ) { $next = 0; } $query = 'SELECT *'; $query.= ' FROM '.IMAGES_TABLE; $query.= ' INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic'; $query.= ' ON id=ic.image_id'; $query.= $page['where']; $query.= $conf['order_by']; if ( $prev < 0 ) { $query.= ' LIMIT 0,2'; } else { $query.= ' LIMIT '.$prev.',3'; } $query.= ';'; $result = mysql_query( $query ); $nb_row = mysql_num_rows( $result ); $index = array('prev','current','next'); for ( $i = 0; $i < $nb_row; $i++ ) { $j=($prev<0)?$index[$i+1]:$index[$i]; $row = mysql_fetch_array($result); $picture[$j] = $row; if ( !isset($array_cat_directories[$row['storage_category_id']])) { $array_cat_directories[$row['storage_category_id']] = get_complete_dir( $row['storage_category_id'] ); } $cat_directory = $array_cat_directories[$row['storage_category_id']]; $file = substr ( $row['file'], 0, strrpos ( $row['file'], ".") ); $picture[$j]['src'] = $cat_directory.$row['file']; $picture[$j]['thumbnail'] = $cat_directory.'thumbnail/'; $picture[$j]['thumbnail'].= $conf['prefix_thumbnail'].$file; $picture[$j]['thumbnail'].= '.'.$row['tn_ext']; if ( !empty( $row['name'] ) ) { $picture[$j]['name'] = $row['name']; } else { $picture[$j]['name'] = str_replace( '_', ' ', $file ); } $picture[$j]['url'] = PHPWG_ROOT_PATH.'picture.php?image_id='.$row['id']; $picture[$j]['url'].= '&cat='.$page['cat']; if ( $page['cat'] == 'search' ) { $picture[$j]['url'].= '&search='.$_GET['search']; $picture[$j]['url'].= '&mode='.$_GET['mode']; } } $url_home = PHPWG_ROOT_PATH.'category.php?cat='.$page['cat'].'&'; $url_home.= 'num='.$page['num']; if ( $page['cat'] == 'search' ) { $url_home.= "&search=".$_GET['search'].'&mode='.$_GET['mode']; } $url_admin = PHPWG_ROOT_PATH.'admin.php?page=picture_modify'; $url_admin.= '&cat_id='.$page['cat']; $url_admin.= '&image_id='.$_GET['image_id']; //--------------------------------------------------------- favorite management if ( isset( $_GET['add_fav'] ) ) { $query = 'DELETE FROM '.FAVORITES_TABLE; $query.= ' WHERE user_id = '.$user['id']; $query.= ' AND image_id = '.$picture['current']['id']; $query.= ';'; $result = mysql_query( $query ); if ( $_GET['add_fav'] == 1 ) { $query = 'INSERT INTO '.FAVORITES_TABLE; $query.= ' (image_id,user_id) VALUES'; $query.= ' ('.$picture['current']['id'].','.$user['id'].')'; $query.= ';'; $result = mysql_query( $query ); } if ( !$_GET['add_fav'] and $page['cat'] == 'fav' ) { if ( $prev < 0 and $nb_row == 1 ) { // there is no favorite picture anymore we redirect the user to the // category page $url = add_session_id( $url_home ); redirect( $url ); } else if ( $prev < 0 ) { $url = str_replace( '&', '&', $picture['next']['url'] ); $url = add_session_id( $url, true); } else { $url = str_replace('&', '&', $picture['prev']['url'] ); $url = add_session_id( $url, true); } redirect( $url ); } } //------------------------------------------------------ comment registeration if ( isset( $_POST['content'] ) && !empty($_POST['content']) ) { $register_comment = true; $author = !empty($_POST['author'])?$_POST['author']:$lang['guest']; // if a guest try to use the name of an already existing user, he must be // rejected if ( $author != $user['username'] ) { $query = 'SELECT COUNT(*) AS user_exists'; $query.= ' FROM '.USERS_TABLE; $query.= " WHERE username = '".$author."'"; $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); if ( $row['user_exists'] == 1 ) { $template->assign_block_vars( 'information', array('INFORMATION'=>$lang['comment_user_exists'])); $register_comment = false; } } if ( $register_comment ) { // anti-flood system $reference_date = time() - $conf['anti-flood_time']; $query = 'SELECT id FROM '.COMMENTS_TABLE; $query.= ' WHERE date > FROM_UNIXTIME('.$reference_date.')'; $query.= " AND author = '".$author."'"; $query.= ';'; if ( mysql_num_rows( mysql_query( $query ) ) == 0 or $conf['anti-flood_time'] == 0 ) { $query = 'INSERT INTO '.COMMENTS_TABLE; $query.= ' (author,date,image_id,content,validated) VALUES ('; $query.= "'".$author."'"; $query.= ',NOW(),'.$_GET['image_id']; $query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'"; if ( !$conf['comments_validation'] or $user['status'] == 'admin' ) { $query.= ",'true'"; } else { $query.= ",'false'"; } $query.= ');'; mysql_query( $query ); // information message $message = $lang['comment_added']; if ( $conf['comments_validation'] and $user['status'] != 'admin' ) { $message.= '
'.$lang['comment_to_validate']; } $template->assign_block_vars('information', array('INFORMATION'=>$message)); // notification to the administrators if ( $conf['mail_notification'] ) { $cat_name = get_cat_display_name( $page['cat_name'], ' > ', '' ); $cat_name = strip_tags( $cat_name ); notify( 'comment', $cat_name.' > '.$picture['current']['name']); } } else { // information message $template->assign_block_vars( 'information', array('INFORMATION'=>$lang['comment_anti-flood'])); } } } // comment deletion if ( isset( $_GET['del'] ) and is_numeric( $_GET['del'] ) and $user['status'] == 'admin' ) { $query = 'DELETE FROM '.COMMENTS_TABLE; $query.= ' WHERE id = '.$_GET['del']; $query.= ';'; mysql_query( $query ); } // // Start output of page // $title = $picture['current']['name']; $refresh = 0; if ( isset( $_GET['slideshow'] ) and $next ) { $refresh= $_GET['slideshow']; $url_link = $picture['next']['url'].'&slideshow='.$refresh; } $title_img = $picture['current']['name']; $title_nb = ''; if (is_numeric( $page['cat'] )) { $title_img = replace_space(get_cat_display_name( $page['cat_name'], " > ")); $n = $page['num'] + 1; $title_nb = "Photo".' '.$n.'/'; $title_nb.= $page['cat_nb_images']; //$title_img.= $picture['current']['name']; } else if ( $page['cat'] == 'search' ) { $title_img = replace_search( $title_img, $_GET['search'] ); } // calculation of width and height if ( empty($picture['current']['width'])) { $taille_image = @getimagesize( $lien_image ); $original_width = $taille_image[0]; $original_height = $taille_image[1]; } else { $original_width = $picture['current']['width']; $original_height = $picture['current']['height']; } $picture_size = get_picture_size( $original_width, $original_height, $user['maxwidth'], $user['maxheight'] ); include(PHPWG_ROOT_PATH.'include/page_header.php'); $template->set_filenames(array('picture'=>'picture.tpl')); $template->assign_vars(array( 'CATEGORY' => $title_img, 'PHOTO' => $title_nb, 'TITLE' => $picture['current']['name'], 'PREV_TITLE_IMG' => $picture['prev']['name'], 'NEXT_TITLE_IMG' => $picture['next']['name'], 'PREV_IMG' => $picture['prev']['thumbnail'], 'NEXT_IMG' => $picture['next']['thumbnail'], 'SRC_IMG' => $picture['current']['src'], 'ALT_IMG' => $picture['current']['file'], 'WIDTH_IMG' => $picture_size[0], 'HEIGHT_IMG' => $picture_size[1], 'COMMENT_IMG' => $picture['current']['comment'], 'L_SLIDESHOW' => $lang['slideshow'], 'L_TIME' => $lang['period_seconds'], 'L_STOP_SLIDESHOW' => $lang['slideshow_stop'], 'L_PREV_IMG' =>$lang['previous_image'].' : ', 'L_ADMIN' =>$lang['link_info_image'], 'L_BACK' =>$lang['back'], 'L_COMMENT_TITLE' =>$lang['comments_title'], 'L_ADD_COMMENT' =>$lang['comments_add'], 'L_DELETE_COMMENT' =>$lang['comments_del'], 'L_DELETE' =>$lang['delete'], 'L_SUBMIT' =>$lang['submit'], 'L_AUTHOR' =>$lang['author'], 'L_COMMENT' =>$lang['comment'], 'T_DEL_IMG' =>PHPWG_ROOT_PATH.'template/'.$user['template'].'/theme/delete.gif', 'U_PREV_IMG' => add_session_id($picture['prev']['url']), 'U_NEXT_IMG' => add_session_id($picture['next']['url']), 'U_HOME' => add_session_id($url_home), 'U_ADMIN' => add_session_id($url_admin), 'U_ADD_COMMENT' => add_session_id(str_replace( '&', '&', $_SERVER['REQUEST_URI'] )) ) ); //-------------------------------------------------------- slideshow management if ( isset( $_GET['slideshow'] ) ) { if ( !is_numeric( $_GET['slideshow'] ) ) $_GET['slideshow'] = $conf['slideshow_period'][0]; $template->assign_block_vars('stop_slideshow', array( 'U_SLIDESHOW'=>add_session_id( $picture['current']['url'] ) )); } else { $template->assign_block_vars('start_slideshow', array()); foreach ( $conf['slideshow_period'] as $option ) { $template->assign_block_vars('start_slideshow.second', array( 'SLIDESHOW_SPEED'=>$option, 'U_SLIDESHOW'=>add_session_id( $picture['current']['url'].'&slideshow='.$option) )); } } if ($prev>=0) $template->assign_block_vars('previous', array()); if ($next) $template->assign_block_vars('next', array()); //--------------------------------------------------------- picture information // legend if ( !empty($picture['current']['comment']) ) { $template->assign_block_vars('legend', array()); } // author if ( !empty($picture['current']['author']) ) { $template->assign_block_vars('info_line', array( 'INFO'=>$lang['author'], 'VALUE'=>$picture['current']['author'] )); } // creation date if ( !empty($picture['current']['date_creation']) ) { $template->assign_block_vars('info_line', array( 'INFO'=>$lang['creation_date'], 'VALUE'=>format_date( $picture['current']['date_creation'] ) )); } // date of availability $template->assign_block_vars('info_line', array( 'INFO'=>$lang['registration_date'], 'VALUE'=>format_date( $picture['current']['date_available'] ) )); // size in pixels if ( $original_width != $picture_size[0] or $original_height != $picture_size[1] ) { $content = '[ '; $content.= $original_width.'*'.$original_height.' ]'; } else { $content = $original_width.'*'.$original_height; } $template->assign_block_vars('info_line', array( 'INFO'=>$lang['size'], 'VALUE'=>$content )); // file $template->assign_block_vars('info_line', array( 'INFO'=>$lang['file'], 'VALUE'=>$picture['current']['file'] )); // filesize if ( empty($picture['current']['filesize'])) { $poids = floor ( filesize( $picture['current']['url'] ) / 1024 ); } else { $poids = $picture['current']['filesize']; } $template->assign_block_vars('info_line', array( 'INFO'=>$lang['filesize'], 'VALUE'=>$poids.' KB' )); // keywords if ( !empty($picture['current']['keywords'])) { $keywords = explode( ',', $picture['current']['keywords'] ); $content = ''; $url = PHPWG_ROOT_PATH.'category.php?cat=search'; $url.= '&mode=OR&search='; foreach ( $keywords as $i => $keyword ) { $local_url = add_session_id( $url.$keyword ); if ( $i > 0 ) $content.= ','; $content.= ''.$keyword.''; } $template->assign_block_vars('info_line', array( 'INFO'=>$lang['keywords'], 'VALUE'=>$content )); } // number of visits $template->assign_block_vars('info_line', array( 'INFO'=>$lang['visited'], 'VALUE'=>$picture['current']['hit'].' '.$lang['times'] )); //------------------------------------------------------- favorite manipulation if ( !$user['is_the_guest'] ) { // verify if the picture is already in the favorite of the user $query = 'SELECT COUNT(*) AS nb_fav'; $query.= ' FROM '.FAVORITES_TABLE.' WHERE image_id = '.$_GET['image_id']; $query.= ' AND user_id = '.$user['id'].';'; $result = mysql_query( $query ); $row = mysql_fetch_array( $result ); if (!$row['nb_fav']) { $url = PHPWG_ROOT_PATH.'picture.php?cat='.$page['cat'].'&image_id='.$_GET['image_id']; $url.='&add_fav=1'; if ( $page['cat'] == 'search' ) { $url.= '&search='.$_GET['search'].'&mode='.$_GET['mode']; } $template->assign_block_vars('favorite', array( 'FAVORITE_IMG' => PHPWG_ROOT_PATH.'template/'.$user['template'].'/theme/favorite.gif', 'FAVORITE_HINT' =>$lang['add_favorites_hint'], 'FAVORITE_ALT' =>'[ '.$lang['add_favorites_alt'].' ]', 'U_FAVORITE'=> add_session_id( $url ) )); } else { $url = PHPWG_ROOT_PATH.'picture.php?cat='.$page['cat'].'&image_id='.$_GET['image_id']; $url.= '&add_fav=0'; $template->assign_block_vars('favorite', array( 'FAVORITE_IMG' => PHPWG_ROOT_PATH.'template/'.$user['template'].'/theme/del_favorite.gif', 'FAVORITE_HINT' =>$lang['del_favorites_hint'], 'FAVORITE_ALT' =>'[ '.$lang['del_favorites_alt'].' ]', 'U_FAVORITE'=> add_session_id( $url ) )); } } //------------------------------------ admin link for information modifications if ( $user['status'] == 'admin' ) { $template->assign_block_vars('modification', array()); } //---------------------------------------------------- users's comments display if ( $conf['show_comments'] ) { // number of comment for this picture $query = 'SELECT COUNT(*) AS nb_comments'; $query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$_GET['image_id']; $query.= " AND validated = 'true'"; $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); // navigation bar creation $url = PHPWG_ROOT_PATH.'picture.php?cat='.$page['cat'].'&image_id='.$_GET['image_id']; if ( $page['cat'] == 'search' ) { $url.= '&search='.$_GET['search'].'&mode='.$_GET['mode']; } if( !isset( $_GET['start'] ) or !is_numeric( $_GET['start'] ) or ( is_numeric( $_GET['start'] ) and $_GET['start'] < 0 ) ) { $page['start'] = 0; } else { $page['start'] = $_GET['start']; } $page['navigation_bar'] = create_navigation_bar( $url, $row['nb_comments'], $page['start'], $conf['nb_comment_page'], '' ); $template->assign_block_vars('comments', array( 'NB_COMMENT'=>$row['nb_comments'], 'NAV_BAR'=>$page['navigation_bar'])); $query = 'SELECT id,author,date,image_id,content'; $query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$_GET['image_id']; $query.= " AND validated = 'true'"; $query.= ' ORDER BY date ASC'; $query.= ' LIMIT '.$page['start'].', '.$conf['nb_comment_page'].';'; $result = mysql_query( $query ); while ( $row = mysql_fetch_array( $result ) ) { $content = nl2br( $row['content'] ); // replace _word_ by an underlined word $pattern = '/_([^\s]*)_/'; $replacement = '\1'; $content = preg_replace( $pattern, $replacement, $content ); // replace *word* by a bolded word $pattern = '/\*([^\s]*)\*/'; $replacement = '\1'; $content = preg_replace( $pattern, $replacement, $content ); // replace /word/ by an italic word $pattern = '/\/([^\s]*)\//'; $replacement = '\1'; $content = preg_replace( $pattern, $replacement, $content ); $template->assign_block_vars('comments.comment', array( 'COMMENT_AUTHOR'=>empty($row['author'])?$lang['guest']:$row['author'], 'COMMENT_DATE'=>format_date( $row['date'], 'mysql_datetime', true ), 'COMMENT'=>$content )); if ( $user['status'] == 'admin' ) { $template->assign_block_vars('comments.comment.delete', array('U_COMMENT_DELETE'=>add_session_id( $url.'&del='.$row['id'] ))); } } if ( !$user['is_the_guest']||( $user['is_the_guest'] and $conf['comments_forall'] ) ) { $template->assign_block_vars('comments.add_comment', array()); // display author field if the user is not logged in if ( !$user['is_the_guest'] ) { $template->assign_block_vars('comments.add_comment.author_known', array('KNOWN_AUTHOR'=>$user['username'])); } else { $template->assign_block_vars('comments.add_comment.author_field', array()); } } } //------------------------------------------------------------ log informations pwg_log( 'picture', $title_img, $picture['current']['file'] ); mysql_close(); $template->pparse('picture'); include(PHPWG_ROOT_PATH.'include/page_tail.php'); ?>