mirrors/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2025-04-29 04:39:56 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

*** empty log message ***

Browse source 
git-svn-id: http://piwigo.org/svn/trunk@13 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
z0rglub 2003-05-17 11:42:03 +00:00
parent f96563b9e8
commit 2c2af65b6a
10 changed files with 234 additions and 85 deletions
Download patch file Download diff file Expand all files Collapse all files

10
admin/include/functions.php
View file

@ -19,9 +19,7 @@ $tab_ext_create_TN = array ( 'jpg', 'png' );
function is_image( $filename, $create_thumbnail = false ) function is_image( $filename, $create_thumbnail = false )
{ {
global $tab_ext_create_TN, $conf; global $conf;
$is_image = false;
if ( is_file ( $filename ) ) if ( is_file ( $filename ) )
{ {
@ -34,7 +32,7 @@ function is_image( $filename, $create_thumbnail = false )
if ( in_array( get_extension( $filename ), $conf['picture_ext'] ) if ( in_array( get_extension( $filename ), $conf['picture_ext'] )
and ( $size[2] == 1 or $size[2] == 2 or $size[2] == 3 ) ) and ( $size[2] == 1 or $size[2] == 2 or $size[2] == 3 ) )
{ {
$is_image = true; return true;
} }
} }
else else
@ -42,11 +40,11 @@ function is_image( $filename, $create_thumbnail = false )
if ( in_array( get_extension( $filename ), $tab_ext_create_TN ) if ( in_array( get_extension( $filename ), $tab_ext_create_TN )
and ( $size[2] == 2 or $size[2] == 3 ) ) and ( $size[2] == 2 or $size[2] == 3 ) )
{ {
$is_image = true; return true;
} }
} }
} }
return $is_image; return false;
} }
function TN_exists( $dir, $file ) function TN_exists( $dir, $file )

7
include/config.inc.php
View file

@ -20,10 +20,9 @@ $page = array();
$user = array(); $user = array();
$lang = array(); $lang = array();
include_once( PREFIXE_INCLUDE.'./include/mysql.inc.php' );
include_once( PREFIXE_INCLUDE.'./include/functions.inc.php' ); include_once( PREFIXE_INCLUDE.'./include/functions.inc.php' );
include_once( PREFIXE_INCLUDE.'./include/vtemplate.class.php' ); include_once( PREFIXE_INCLUDE.'./include/vtemplate.class.php' );
//
// How to change the order of display for images in a category ? // How to change the order of display for images in a category ?
// //
// You have to modify $conf['order_by']. // You have to modify $conf['order_by'].
@ -46,6 +45,8 @@ $conf['nb_row_page'] = array ('2','3','4','5','6','7','10','20','1000');
$conf['version'] = '1.3'; $conf['version'] = '1.3';
$conf['site_url'] = 'http://www.phpwebgallery.net'; $conf['site_url'] = 'http://www.phpwebgallery.net';
$conf['forum_url'] = 'http://forum.phpwebgallery.net'; $conf['forum_url'] = 'http://forum.phpwebgallery.net';
$conf['picture_ext'] = array ( 'jpg','JPG','gif','GIF','png','PNG' );
$conf['document_ext'] = array( 'doc','pdf','zip' );
database_connection(); database_connection();
// rertieving the configuration informations for site // rertieving the configuration informations for site
@ -73,7 +74,7 @@ for ( $i = 0; $i < sizeof( $infos ); $i++ )
} }
$query.= $infos[$i]; $query.= $infos[$i];
} }
$query .= ' from '.$prefixeTable.'config;'; $query .= ' from '.PREFIX_TABLE.'config;';
$row = mysql_fetch_array( mysql_query( $query ) ); $row = mysql_fetch_array( mysql_query( $query ) );

33
include/functions.inc.php
View file

@ -17,6 +17,7 @@
include( 'functions_user.inc.php' ); include( 'functions_user.inc.php' );
include( 'functions_session.inc.php' ); include( 'functions_session.inc.php' );
include( 'functions_category.inc.php' ); include( 'functions_category.inc.php' );
include( 'functions_xml.inc.php' );
//----------------------------------------------------------- generic functions //----------------------------------------------------------- generic functions
@ -128,6 +129,20 @@ function replace_space( $string )
return $return_string; return $return_string;
} }
// get_extension returns the part of the string after the last "."
function get_extension( $filename )
{
return substr( strrchr( $filename, '.' ), 1, strlen ( $filename ) );
}
// get_filename_wo_extension returns the part of the string before the last
// ".".
// get_filename_wo_extension( 'test.tar.gz' ) -> 'test.tar'
function get_filename_wo_extension( $filename )
{
return substr( $filename, 0, strrpos( $filename, '.' ) );
}
// get_dirs retourne un tableau contenant tous les sous-répertoires d'un // get_dirs retourne un tableau contenant tous les sous-répertoires d'un
// répertoire // répertoire
function get_dirs( $rep ) function get_dirs( $rep )
@ -202,7 +217,6 @@ function get_picture_size( $original_width, $original_height,
$picture_size[1] = $height; $picture_size[1] = $height;
return $picture_size; return $picture_size;
} }
//-------------------------------------------- PhpWebGallery specific functions //-------------------------------------------- PhpWebGallery specific functions
// get_languages retourne un tableau contenant tous les languages // get_languages retourne un tableau contenant tous les languages
@ -278,20 +292,31 @@ function replace_search( $string, $search )
function database_connection() function database_connection()
{ {
global $cfgHote,$cfgUser,$cfgPassword,$cfgBase; // $cfgHote,$cfgUser,$cfgPassword,$cfgBase;
$xml_content = getXmlCode( PREFIXE_INCLUDE.'./include/database_config.xml' );
$mysql_conf = getChild( $xml_content, 'mysql' );
$cfgHote = getAttribute( $mysql_conf, 'host' );
$cfgUser = getAttribute( $mysql_conf, 'user' );
$cfgPassword = getAttribute( $mysql_conf, 'password' );
$cfgBase = getAttribute( $mysql_conf, 'base' );
@mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) @mysql_connect( $cfgHote, $cfgUser, $cfgPassword )
or die ( "Could not connect to server" ); or die ( "Could not connect to server" );
@mysql_select_db( $cfgBase ) @mysql_select_db( $cfgBase )
or die ( "Could not connect to database" ); or die ( "Could not connect to database" );
define( PREFIX_TABLE, getAttribute( $mysql_conf, 'tablePrefix' ) );
} }
function pwg_log( $file, $category, $picture = '' ) function pwg_log( $file, $category, $picture = '' )
{ {
global $conf, $user, $prefixeTable; global $conf, $user;
if ( $conf['log'] ) if ( $conf['log'] )
{ {
$query = 'insert into '.$prefixeTable.'history'; $query = 'insert into '.PREFIX_TABLE.'history';
$query.= ' (date,login,IP,file,category,picture) values'; $query.= ' (date,login,IP,file,category,picture) values';
$query.= " (".time().", '".$user['pseudo']."'"; $query.= " (".time().", '".$user['pseudo']."'";
$query.= ",'".$_SERVER['REMOTE_ADDR']."'"; $query.= ",'".$_SERVER['REMOTE_ADDR']."'";

49
include/functions_category.inc.php
View file

@ -16,14 +16,13 @@
***************************************************************************/ ***************************************************************************/
function get_subcats_id( $cat_id ) function get_subcats_id( $cat_id )
{ {
global $prefixeTable;
$restricted_cat = array(); $restricted_cat = array();
$i = 0; $i = 0;
$query = "select id"; $query = 'select id';
$query.= " from $prefixeTable"."categories"; $query.= ' from '.PREFIX_TABLE.'categories';
$query.= " where id_uppercat = $cat_id;"; $query.= ' where id_uppercat = '.$cat_id;
$query.= ';';
$result = mysql_query( $query ); $result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) ) while ( $row = mysql_fetch_array( $result ) )
{ {
@ -40,7 +39,7 @@ function get_subcats_id( $cat_id )
function check_restrictions( $category_id ) function check_restrictions( $category_id )
{ {
global $user,$lang,$prefixeTable; global $user,$lang;
if ( is_user_allowed( $category_id, $user['restrictions'] ) > 0 ) if ( is_user_allowed( $category_id, $user['restrictions'] ) > 0 )
{ {
@ -57,13 +56,17 @@ function check_restrictions( $category_id )
// - $cat equals 'search' (when the result of a search is displayed) // - $cat equals 'search' (when the result of a search is displayed)
function check_cat_id( $cat ) function check_cat_id( $cat )
{ {
global $page,$prefixeTable; global $page;
unset( $page['cat'] ); unset( $page['cat'] );
if ( isset( $cat ) ) if ( isset( $cat ) )
{ {
if ( is_numeric( $cat ) ) if ( is_numeric( $cat ) )
{ {
$query = "select id from $prefixeTable"."categories where id = $cat;"; $query = 'select id';
$query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where id = '.$cat;
$query. ';';
$result = mysql_query( $query ); $result = mysql_query( $query );
if ( mysql_num_rows( $result ) != 0 ) if ( mysql_num_rows( $result ) != 0 )
{ {
@ -80,10 +83,10 @@ function check_cat_id( $cat )
function display_cat( $id_uppercat, $indent, $restriction, $tab_expand ) function display_cat( $id_uppercat, $indent, $restriction, $tab_expand )
{ {
global $prefixeTable,$user,$lang,$conf,$page,$vtp,$handle; global $user,$lang,$conf,$page,$vtp,$handle;
$query = 'select name,id,date_dernier,nb_images,dir'; $query = 'select name,id,date_dernier,nb_images,dir';
$query.= ' from '.$prefixeTable.'categories'; $query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where id_uppercat'; $query.= ' where id_uppercat';
if ( $id_uppercat == "" ) if ( $id_uppercat == "" )
{ {
@ -201,10 +204,10 @@ function display_cat( $id_uppercat, $indent, $restriction, $tab_expand )
function get_nb_subcats( $id ) function get_nb_subcats( $id )
{ {
global $prefixeTable,$user; global $user;
$query = 'select count(*) as count'; $query = 'select count(*) as count';
$query.= ' from '.$prefixeTable.'categories'; $query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where id_uppercat = '.$id; $query.= ' where id_uppercat = '.$id;
for ( $i = 0; $i < sizeof( $user['restrictions'] ); $i++ ) for ( $i = 0; $i < sizeof( $user['restrictions'] ); $i++ )
{ {
@ -218,12 +221,10 @@ function get_nb_subcats( $id )
function get_total_image( $id, $restriction ) function get_total_image( $id, $restriction )
{ {
global $prefixeTable;
$total = 0; $total = 0;
$query = 'select id,nb_images'; $query = 'select id,nb_images';
$query.= ' from '.$prefixeTable.'categories'; $query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where id_uppercat'; $query.= ' where id_uppercat';
if ( !is_numeric( $id ) ) if ( !is_numeric( $id ) )
{ {
@ -259,14 +260,12 @@ function get_total_image( $id, $restriction )
// $cat['site_id'] // $cat['site_id']
function get_cat_info( $id ) function get_cat_info( $id )
{ {
global $prefixeTable;
$cat = array(); $cat = array();
$cat['name'] = array(); $cat['name'] = array();
$query = 'select nb_images,id_uppercat,comment,site_id,galleries_url,dir'; $query = 'select nb_images,id_uppercat,comment,site_id,galleries_url,dir';
$query.= ' from '.$prefixeTable.'categories as a'; $query.= ' from '.PREFIX_TABLE.'categories as a';
$query.= ', '.$prefixeTable.'sites as b'; $query.= ', '.PREFIX_TABLE.'sites as b';
$query.= ' where a.id = '.$id; $query.= ' where a.id = '.$id;
$query.= ' and a.site_id = b.id;'; $query.= ' and a.site_id = b.id;';
$row = mysql_fetch_array( mysql_query( $query ) ); $row = mysql_fetch_array( mysql_query( $query ) );
@ -284,7 +283,7 @@ function get_cat_info( $id )
while ( !$is_root ) while ( !$is_root )
{ {
$query = 'select name,dir,id_uppercat'; $query = 'select name,dir,id_uppercat';
$query.= ' from '.$prefixeTable.'categories'; $query.= ' from '.PREFIX_TABLE.'categories';
$query.= ' where id = '.$row['id_uppercat'].';'; $query.= ' where id = '.$row['id_uppercat'].';';
$row = mysql_fetch_array( mysql_query( $query ) ); $row = mysql_fetch_array( mysql_query( $query ) );
$cat['dir'] = $row['dir']."/".$cat['dir']; $cat['dir'] = $row['dir']."/".$cat['dir'];
@ -359,7 +358,7 @@ function get_cat_display_name( $array_cat_names, $separation, $style )
// 4. creation of the navigation bar // 4. creation of the navigation bar
function initialize_category( $calling_page = 'category' ) function initialize_category( $calling_page = 'category' )
{ {
global $prefixeTable,$page,$lang,$user,$conf; global $page,$lang,$user,$conf;
if ( isset( $page['cat'] ) ) if ( isset( $page['cat'] ) )
{ {
@ -397,7 +396,7 @@ function initialize_category( $calling_page = 'category' )
$page['where'].= " or comment like '%".$_GET['search']."%' )"; $page['where'].= " or comment like '%".$_GET['search']."%' )";
$query = 'select count(*) as nb_total_images'; $query = 'select count(*) as nb_total_images';
$query.= ' from '.$prefixeTable.'images'; $query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where']; $query.= $page['where'];
$query.= ';'; $query.= ';';
@ -408,12 +407,12 @@ function initialize_category( $calling_page = 'category' )
{ {
$page['title'] = $lang['favorites']; $page['title'] = $lang['favorites'];
$page['where'] = ', '.$prefixeTable.'favorites'; $page['where'] = ', '.PREFIX_TABLE.'favorites';
$page['where'].= ' where user_id = '.$user['id']; $page['where'].= ' where user_id = '.$user['id'];
$page['where'].= ' and image_id = id'; $page['where'].= ' and image_id = id';
$query = 'select count(*) as nb_total_images'; $query = 'select count(*) as nb_total_images';
$query.= ' from '.$prefixeTable.'favorites'; $query.= ' from '.PREFIX_TABLE.'favorites';
$query.= ' where user_id = '.$user['id']; $query.= ' where user_id = '.$user['id'];
$query.= ';'; $query.= ';';
} }
@ -428,7 +427,7 @@ function initialize_category( $calling_page = 'category' )
$page['where'].= date( 'Y-m-d', $date )."'"; $page['where'].= date( 'Y-m-d', $date )."'";
$query = 'select count(*) as nb_total_images'; $query = 'select count(*) as nb_total_images';
$query.= ' from '.$prefixeTable.'images'; $query.= ' from '.PREFIX_TABLE.'images';
$query.= $page['where']; $query.= $page['where'];
$query.= ';'; $query.= ';';
} }

20
include/functions_session.inc.php
View file

@ -36,10 +36,10 @@ function generate_key()
{ {
$key .= chr( mt_rand( 65, 90 ) ); $key .= chr( mt_rand( 65, 90 ) );
} }
elseif ( $c == 1 ) else if ( $c == 1 )
{ {
$key .= chr( mt_rand( 97, 122 ) ); $key .= chr( mt_rand( 97, 122 ) );
} }
else else
{ {
$key .= mt_rand( 0, 9 ); $key .= mt_rand( 0, 9 );
@ -50,14 +50,14 @@ function generate_key()
function session_create( $username ) function session_create( $username )
{ {
global $conf,$prefixeTable,$REMOTE_ADDR; global $conf;
// 1. searching an unused sesison key // 1. searching an unused sesison key
$id_found = false; $id_found = false;
while ( !$id_found ) while ( !$id_found )
{ {
$generated_id = generate_key(); $generated_id = generate_key();
$query = 'select id'; $query = 'select id';
$query.= ' from '.$prefixeTable.'sessions'; $query.= ' from '.PREFIX_TABLE.'sessions';
$query.= " where id = '".$generated_id."';"; $query.= " where id = '".$generated_id."';";
$result = mysql_query( $query ); $result = mysql_query( $query );
if ( mysql_num_rows( $result ) == 0 ) if ( mysql_num_rows( $result ) == 0 )
@ -67,16 +67,16 @@ function session_create( $username )
} }
// 2. retrieving id of the username given in parameter // 2. retrieving id of the username given in parameter
$query = 'select id'; $query = 'select id';
$query.= ' from '.$prefixeTable.'users'; $query.= ' from '.PREFIX_TABLE.'users';
$query.= " where username = '".$username."';"; $query.= " where username = '".$username."';";
$row = mysql_fetch_array( mysql_query( $query ) ); $row = mysql_fetch_array( mysql_query( $query ) );
$user_id = $row['id']; $user_id = $row['id'];
// 3. inserting session in database // 3. inserting session in database
$expiration = $conf['session_time']*60+time(); $expiration = $conf['session_time'] * 60 + time();
$query = 'insert into '.$prefixeTable.'sessions'; $query = 'insert into '.PREFIX_TABLE.'sessions';
$query.= ' (id,user_id,expiration,ip) values'; $query.= ' (id,user_id,expiration,ip) values';
$query.= "('".$generated_id."','".$user_id; $query.= "('".$generated_id."','".$user_id;
$query.= "','".$expiration."','".$REMOTE_ADDR."');"; $query.= "','".$expiration."','".$_SERVER['REMOTE_ADDR']."');";
mysql_query( $query ); mysql_query( $query );
return $generated_id; return $generated_id;

42
include/functions_user.inc.php
View file

@ -38,7 +38,7 @@ function validate_mail_address( $mail_address )
function register_user( function register_user(
$login, $password, $password_conf, $mail_address, $status = 'guest' ) $login, $password, $password_conf, $mail_address, $status = 'guest' )
{ {
global $prefixeTable, $lang; global $lang;
$error = array(); $error = array();
$i = 0; $i = 0;
@ -66,7 +66,7 @@ function register_user(
else else
{ {
$query = 'select id'; $query = 'select id';
$query.= ' from '.$prefixeTable.'users'; $query.= ' from '.PREFIX_TABLE.'users';
$query.= " where username = '".$login."';"; $query.= " where username = '".$login."';";
$result = mysql_query( $query ); $result = mysql_query( $query );
if ( mysql_num_rows( $result ) > 0 ) if ( mysql_num_rows( $result ) > 0 )
@ -106,11 +106,11 @@ function register_user(
} }
$query.= $infos[$i]; $query.= $infos[$i];
} }
$query.= ' from '.$prefixeTable.'users'; $query.= ' from '.PREFIX_TABLE.'users';
$query.= " where username = 'guest';"; $query.= " where username = 'guest';";
$row = mysql_fetch_array( mysql_query( $query ) ); $row = mysql_fetch_array( mysql_query( $query ) );
// 2. adding new user // 2. adding new user
$query = 'insert into '.$prefixeTable.'users'; $query = 'insert into '.PREFIX_TABLE.'users';
$query.= ' ('; $query.= ' (';
$query.= ' username,password,mail_address,status'; $query.= ' username,password,mail_address,status';
for ( $i = 0; $i < sizeof( $infos ); $i++ ) for ( $i = 0; $i < sizeof( $infos ); $i++ )
@ -145,20 +145,20 @@ function register_user(
mysql_query( $query ); mysql_query( $query );
// 3. retrieving the id of the newly created user // 3. retrieving the id of the newly created user
$query = 'select id'; $query = 'select id';
$query.= ' from '.$prefixeTable.'users'; $query.= ' from '.PREFIX_TABLE.'users';
$query.= " where username = '".$login."';"; $query.= " where username = '".$login."';";
$row = mysql_fetch_array( mysql_query( $query ) ); $row = mysql_fetch_array( mysql_query( $query ) );
$user_id = $row['id']; $user_id = $row['id'];
// 4. adding restrictions to the new user, the same as the user "guest" // 4. adding restrictions to the new user, the same as the user "guest"
$query = 'select cat_id'; $query = 'select cat_id';
$query.= ' from '.$prefixeTable.'restrictions as r'; $query.= ' from '.PREFIX_TABLE.'restrictions as r';
$query.= ','.$prefixeTable.'users as u '; $query.= ','.PREFIX_TABLE.'users as u ';
$query.= ' where u.id = r.user_id'; $query.= ' where u.id = r.user_id';
$query.= " and u.username = 'guest';"; $query.= " and u.username = 'guest';";
$result = mysql_query( $query ); $result = mysql_query( $query );
while( $row = mysql_fetch_array( $result ) ) while( $row = mysql_fetch_array( $result ) )
{ {
$query = 'insert into '.$prefixeTable.'restrictions'; $query = 'insert into '.PREFIX_TABLE.'restrictions';
$query.= ' (user_id,cat_id) values'; $query.= ' (user_id,cat_id) values';
$query.= ' ('.$user_id.','.$row['cat_id'].');'; $query.= ' ('.$user_id.','.$row['cat_id'].');';
mysql_query ( $query ); mysql_query ( $query );
@ -170,8 +170,6 @@ function register_user(
function update_user( $user_id, $mail_address, $status, function update_user( $user_id, $mail_address, $status,
$use_new_password = false, $password = '' ) $use_new_password = false, $password = '' )
{ {
global $prefixeTable;
$error = array(); $error = array();
$i = 0; $i = 0;
@ -183,7 +181,7 @@ function update_user( $user_id, $mail_address, $status,
if ( sizeof( $error ) == 0 ) if ( sizeof( $error ) == 0 )
{ {
$query = 'update '.$prefixeTable.'users'; $query = 'update '.PREFIX_TABLE.'users';
$query.= " set status = '".$status."'"; $query.= " set status = '".$status."'";
if ( $use_new_password ) if ( $use_new_password )
{ {
@ -224,12 +222,11 @@ function check_login_authorization()
// are added to the restricted one in the array. // are added to the restricted one in the array.
function get_restrictions( $user_id, $user_status, $check_invisible ) function get_restrictions( $user_id, $user_status, $check_invisible )
{ {
global $prefixeTable;
// 1. getting the ids of the restricted categories // 1. getting the ids of the restricted categories
$query = "select cat_id"; $query = 'select cat_id';
$query.= " from $prefixeTable"."restrictions"; $query.= ' from '.PREFIX_TABLE.'restrictions';
$query.= " where user_id = $user_id;"; $query.= ' where user_id = '.$user_id;
$query.= ';';
$result = mysql_query( $query ); $result = mysql_query( $query );
$i = 0; $i = 0;
$restriction = array(); $restriction = array();
@ -243,7 +240,7 @@ function get_restrictions( $user_id, $user_status, $check_invisible )
if ( $user_status != "admin" ) if ( $user_status != "admin" )
{ {
$query = 'select id'; $query = 'select id';
$query.= ' from '.$prefixeTable.'categories'; $query.= ' from '.PREFIX_TABLE.'categories';
$query.= " where status='invisible';"; $query.= " where status='invisible';";
$result = mysql_query( $query ); $result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) ) while ( $row = mysql_fetch_array( $result ) )
@ -260,8 +257,6 @@ function get_restrictions( $user_id, $user_status, $check_invisible )
// sub-categories and invisible categories // sub-categories and invisible categories
function get_all_restrictions( $user_id, $user_status ) function get_all_restrictions( $user_id, $user_status )
{ {
global $prefixeTable;
$restricted_cat = get_restrictions( $user_id, $user_status, true ); $restricted_cat = get_restrictions( $user_id, $user_status, true );
$i = sizeof( $restricted_cat ); $i = sizeof( $restricted_cat );
for ( $k = 0; $k < sizeof( $restricted_cat ); $k++ ) for ( $k = 0; $k < sizeof( $restricted_cat ); $k++ )
@ -281,16 +276,17 @@ function get_all_restrictions( $user_id, $user_status )
// - 2 : if an uppercat category is not allowed // - 2 : if an uppercat category is not allowed
function is_user_allowed( $category_id, $restrictions ) function is_user_allowed( $category_id, $restrictions )
{ {
global $user,$prefixeTable; global $user;
$lowest_category_id = $category_id; $lowest_category_id = $category_id;
$is_root = false; $is_root = false;
while ( !$is_root and !in_array( $category_id, $restrictions ) ) while ( !$is_root and !in_array( $category_id, $restrictions ) )
{ {
$query = "select id_uppercat"; $query = 'select id_uppercat';
$query.= " from $prefixeTable"."categories"; $query.= ' from '.PREFIX_TABLE.'categories';
$query.= " where id = $category_id;"; $query.= ' where id = '.$category_id;
$query.= ';';
$row = mysql_fetch_array( mysql_query( $query ) ); $row = mysql_fetch_array( mysql_query( $query ) );
if ( $row['id_uppercat'] == "" ) if ( $row['id_uppercat'] == "" )
{ {

119
include/functions_xml.inc.php Normal file
View file

@ -0,0 +1,119 @@
<?php
/***************************************************************************
* functions_xml.inc.php *
* ------------------- *
* application : PhpWebGallery 1.3 *
* author : Pierrick LE GALL <pierrick@z0rglub.com> *
* *
***************************************************************************
***************************************************************************
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; *
* *
***************************************************************************/
//------------------------------------------------------------------ constantes
define( ATT_REG, '\w+' );
define( VAL_REG, '[^"]*' );
//------------------------------------------------------------------- functions
// getContent returns the content of a tag
//
// example : getContent( "<name>Joe</name>" ) returns "Joe"
//
// It also works with strings containing themself sub-tags :
// <perso><name>Jean</name><firstname>Billie</fisrtname></perso> ->
// <name>Jean</name><firstname>Billie</firstname>
function getContent( $element )
{
// deleting start of the tag
$content = preg_replace( '/^<[^>]+>/', '', $element );
// deleting end of the tag
$content = preg_replace( '/<\/\w+>$/', '', $content );
// replacing multiple instance of space character
$content = preg_replace( '/\s+/', ' ', $content );
return $content;
}
// The function get Attribute returns the value corresponding to the attribute
// $attribute for the tag $element.
function getAttribute( $element, $attribute )
{
$regex = '/^<\w+[^>]*'.$attribute.'\s*=\s*"('.VAL_REG.')"/i';
if ( preg_match( $regex, $element, $out ) ) return $out[1];
else return '';
}
function deprecated_getAttribute( $element, $attribute )
{
// Retrieving string with tag name and all attributes
$regex = '/^<\w+( '.ATT_REG.'="'.VAL_REG.'")*/';
preg_match( $regex, $element, $out );
// Splitting string for retrieving separately attributes
// and corresponding values
$regex = '/('.ATT_REG.')="('.VAL_REG.')"/';
preg_match_all( $regex, $out[0], $out );
// Searching and returning the value of the requested attribute
for ( $i = 0; $i < sizeof( $out[0] ); $i++ )
{
if ( $out[1][$i] == $attribute )
{
return $out[2][$i];
}
}
return '';
}
// The function getChild returns the first child
// exemple : getChild( "<table><tr>XXX</tr><tr>YYY</tr></table>", "tr" )
// returns "<tr>XXX</tr>"
function getChild( $document, $node )
{
$regex = '/<'.$node.'(\s+'.ATT_REG.'="'.VAL_REG.'")*';
$regex.= '(\s*\/>|>.*<\/'.$node.'>)/U';
preg_match( $regex, $document, $out );
return $out[0];
}
// getChildren returns a list of the children identified by the $node
// example :
// getChild( "<table><tr>XXX</tr><tr>YYY</tr></table>", "tr" )
// returns an array with :
// $array[0] equals "<tr>XXX</tr>"
// $array[1] equals "<tr>YYY</tr>"
function getChildren( $document, $node )
{
$regex = '/<'.$node.'(\s+'.ATT_REG.'="'.VAL_REG.'")*';
$regex.= '(\s*\/>|>.*<\/'.$node.'>)/U';
preg_match_all( $regex, $document, $out );
return $out[0];
}
// get_CodeXML places the content of a text file in a PHP variable and
// return it. If the file can't be opened, returns false.
function getXmlCode( $filename )
{
$file = fopen( $filename, 'r' );
if ( !$file )
{
return false;
}
while ( !feof( $file ) )
{
$xml_content .= fgets( $file, 1024 );
}
fclose( $file );
$xml_content = str_replace( "\n", '', $xml_content );
$xml_content = str_replace( "\t", '', $xml_content );
return $xml_content;
}
?>

20
include/user.inc.php
View file

@ -37,16 +37,17 @@ for ( $i = 0; $i < sizeof( $infos ); $i++ )
} }
$query_user.= $infos[$i]; $query_user.= $infos[$i];
} }
$query_user.= ' from '.$prefixeTable.'users'; $query_user.= ' from '.PREFIX_TABLE.'users';
$query_done = false; $query_done = false;
$user['is_the_guest'] = false; $user['is_the_guest'] = false;
if ( isset( $_GET['id'] ) if ( isset( $_GET['id'] )
&& ereg( "^[0-9a-zA-Z]{".$conf['session_id_size']."}$", $_GET['id'] ) ) && ereg( "^[0-9a-zA-Z]{".$conf['session_id_size']."}$", $_GET['id'] ) )
{ {
$page['session_id'] = $_GET['id']; $page['session_id'] = $_GET['id'];
$query = "select user_id, expiration, ip "; $query = 'select user_id,expiration,ip';
$query.= "from $prefixeTable"."sessions "; $query.= ' from '.PREFIX_TABLE.'sessions';
$query.= "where id = '".$_GET['id']."';"; $query.= " where id = '".$_GET['id']."'";
$query.= ';';
$result = mysql_query( $query ); $result = mysql_query( $query );
if ( mysql_num_rows( $result ) > 0 ) if ( mysql_num_rows( $result ) > 0 )
{ {
@ -55,13 +56,14 @@ if ( isset( $_GET['id'] )
{ {
// deletion of the session from the database, // deletion of the session from the database,
// because it is out-of-date // because it is out-of-date
$delete_query = "delete from ".$prefixeTable."sessions"; $delete_query = 'delete from '.PREFIX_TABLE.'sessions';
$delete_query.= " where id = ".$page['session_id'].";"; $delete_query.= " where id = '".$page['session_id']."'";
$delete_query.= ';';
mysql_query( $delete_query ); mysql_query( $delete_query );
} }
else else
{ {
if ( $REMOTE_ADDR == $row['ip'] ) if ( $_SERVER['REMOTE_ADDR'] == $row['ip'] )
{ {
$query_user .= ' where id = '.$row['user_id']; $query_user .= ' where id = '.$row['user_id'];
$query_done = true; $query_done = true;
@ -83,8 +85,8 @@ $row = mysql_fetch_array( mysql_query( $query_user ) );
for ( $i = 0; $i < sizeof( $infos ); $i++ ) for ( $i = 0; $i < sizeof( $infos ); $i++ )
{ {
$user[$infos[$i]] = $row[$infos[$i]]; $user[$infos[$i]] = $row[$infos[$i]];
// If the field is true or false, the variable is transformed into a boolean // If the field is true or false, the variable is transformed into a
// value. // boolean value.
if ( $row[$infos[$i]] == 'true' || $row[$infos[$i]] == 'false' ) if ( $row[$infos[$i]] == 'true' || $row[$infos[$i]] == 'false' )
{ {
$user[$infos[$i]] = get_boolean( $row[$infos[$i]] ); $user[$infos[$i]] = get_boolean( $row[$infos[$i]] );

13
language/francais.php
View file

@ -203,6 +203,11 @@ $lang['upload_successful'] = 'Image upload
//----------------------------------administration //----------------------------------administration
if ( $isadmin ) if ( $isadmin )
{ {
// start version 1.3
// general for admin section
$lang['remote_site'] = 'Site distant';
// end version 1.3
// page admin // page admin
// start version 1.3 // start version 1.3
// $lang['title_add'] = 'Ajouter/Modifier un utilisateur'; // $lang['title_add'] = 'Ajouter/Modifier un utilisateur';
@ -291,7 +296,9 @@ if ( $isadmin )
$lang['conf_comments_comments_number'] = 'nombre de commentaires par page'; $lang['conf_comments_comments_number'] = 'nombre de commentaires par page';
$lang['conf_comments_comments_number_info'] = 'nombre de commentaire à afficher sur chaque page. Le nombre de commentaires pour une image reste illimité. Entrer un nombre entre 5 et 50.'; $lang['conf_comments_comments_number_info'] = 'nombre de commentaire à afficher sur chaque page. Le nombre de commentaires pour une image reste illimité. Entrer un nombre entre 5 et 50.';
$lang['conf_err_comment_number'] = 'le nombre de commentaires par page doit être compris entre 5 et 50 inclus.'; $lang['conf_err_comment_number'] = 'le nombre de commentaires par page doit être compris entre 5 et 50 inclus.';
$lang['conf_remote_site_title'] = 'Site distant'; // start version 1.3
// $lang['conf_remote_site_title'] = 'Site distant';
// end version 1.3
$lang['conf_remote_site_delete_info'] = 'Supprimer un site revient à supprimer toutes les images et les catégories en relation avec ce site.'; $lang['conf_remote_site_delete_info'] = 'Supprimer un site revient à supprimer toutes les images et les catégories en relation avec ce site.';
$lang['conf_upload_title'] = 'Configurer l\'upload des utilisateurs'; $lang['conf_upload_title'] = 'Configurer l\'upload des utilisateurs';
$lang['conf_upload_available'] = 'autoriser l\'ajout d\'images'; $lang['conf_upload_available'] = 'autoriser l\'ajout d\'images';
@ -505,7 +512,9 @@ if ( $isadmin )
$lang['help_database_title'] = 'Remplissage de la base de données'; $lang['help_database_title'] = 'Remplissage de la base de données';
$lang['help_database'][0] = 'Une fois les fichiers placés correctement et les miniatures placées ou créées, cliquez sur "MaJ base d\'images" dans le menu de la zone d\'administration.'; $lang['help_database'][0] = 'Une fois les fichiers placés correctement et les miniatures placées ou créées, cliquez sur "MaJ base d\'images" dans le menu de la zone d\'administration.';
$lang['help_remote_title'] = 'Site distant'; // start version 1.3
// $lang['help_remote_title'] = 'Site distant';
// end version 1.3
$lang['help_remote'][0] = 'PhpWebGallery offre la possibilité d\'utiliser plusieurs serveurs pour stocker les images qui composeront votre galerie. Cela peut être utile si votre galerie est installée sur une espace limité et que vous avez une grande quantité d\'images à montrer. Suivez la procédure suivante :'; $lang['help_remote'][0] = 'PhpWebGallery offre la possibilité d\'utiliser plusieurs serveurs pour stocker les images qui composeront votre galerie. Cela peut être utile si votre galerie est installée sur une espace limité et que vous avez une grande quantité d\'images à montrer. Suivez la procédure suivante :';
$lang['help_remote'][1] = '1. éditez le fichier "create_listing_file.php" (vous le trouverez dans le répertoire "admin"), en modifiant la ligne "$prefixe_thumbnail = "TN-";" si le préfixe pour vos miniatures n\'est pas "TN-".'; $lang['help_remote'][1] = '1. éditez le fichier "create_listing_file.php" (vous le trouverez dans le répertoire "admin"), en modifiant la ligne "$prefixe_thumbnail = "TN-";" si le préfixe pour vos miniatures n\'est pas "TN-".';
$lang['help_remote'][2] = '2. placez le fichier "create_listing_file.php" modifié sur votre site distant, dans le répertoire racine de vos répertoires d\'images (comme le répertoire "galleries" du présent site) par ftp.'; $lang['help_remote'][2] = '2. placez le fichier "create_listing_file.php" modifié sur votre site distant, dans le répertoire racine de vos répertoires d\'images (comme le répertoire "galleries" du présent site) par ftp.';

6
template/default/upload.vtp
View file

@ -1,7 +1,7 @@
<html> <html>
<head> <head>
{#page_style} {#style}
<title>{#upload_page_title}</title> <title>{#upload_title}</title>
</head> </head>
<body> <body>
<table style="width:100%;height:100%"> <table style="width:100%;height:100%">
@ -51,7 +51,7 @@
</td> </td>
</tr> </tr>
<tr> <tr>
<td class="menu">{#reg_mail_address}</td> <td class="menu">{#mail_address}</td>
<td align="center" style="padding:10px;"> <td align="center" style="padding:10px;">
<input name="mail_address" type="text" value="{#user_mail_address}" /> <input name="mail_address" type="text" value="{#user_mail_address}" />
</td> </td>