if (!empty($search_id['search_cat']) && $search_id['search_cat'] != 0) {
$cat_id_sql = 0;
if (check_permission("auth_viewcat", $search_id['search_cat'])) {
$sub_cat_ids = get_subcat_ids($search_id['search_cat'], $search_id['search_cat'], $cat_parent_cache);
$cat_id_sql .= ", " . $search_id['search_cat'];
if (!empty($sub_cat_ids[$search_id['search_cat']])) {
foreach ($sub_cat_ids[$search_id['search_cat']] as $val) {
if (check_permission("auth_viewcat", $val)) {
$cat_id_sql .= ", " . $val;
}
}
}
}
$cat_id_sql = $cat_id_sql !== 0 ? "AND cat_id IN ({$cat_id_sql})" : "";
} else {
$cat_id_sql = get_auth_cat_sql("auth_viewcat", "NOTIN");
$cat_id_sql = $cat_id_sql !== 0 ? "AND cat_id NOT IN (" . $cat_id_sql . ")" : "";
}
if (!empty($sql_where_query)) {
$sql = "SELECT image_id, cat_id, image_name, image_media_file, image_thumb_file\n FROM " . IMAGES_TABLE . "\n WHERE image_active = 1\n {$sql_where_query}\n {$cat_id_sql}\n ORDER BY " . $config['image_order'] . " " . $config['image_sort'] . ", image_id " . $config['image_sort'];
$in_mode = 1;
}
}
if (!$in_mode || empty($sql)) {
$sql = "SELECT image_id, cat_id, image_name, image_media_file, image_thumb_file\n FROM " . IMAGES_TABLE . "\n WHERE image_active = 1 AND cat_id = {$cat_id}\n ORDER BY " . $config['image_order'] . " " . $config['image_sort'] . ", image_id " . $config['image_sort'];
}
$result = $site_db->query($sql);
$image_id_cache = array();
$next_prev_cache = array();
$break = 0;
$prev_id = 0;
$user_email = $row[$user_table_fields['user_email']];
}
}
$rss_items[] = array('title' => format_rss_text($row['comment_headline']), 'link' => $site_sess->url($script_url . "/details.php?" . URL_IMAGE_ID . "=" . $image_id . "#comment" . $row['comment_id']), 'pubDate' => $row['comment_date'], 'desc' => format_rss_text($row['comment_text']), 'category' => array('name' => $rss_title, 'domain' => $rss_link), 'author' => array('name' => $user_name, 'email' => $user_email));
}
break;
case 'images':
default:
$cat_sql = "";
if ($cat_id && isset($cat_cache[$cat_id])) {
$rss_title .= " - " . format_rss_text($cat_cache[$cat_id]['cat_name']);
$rss_link = $site_sess->url($script_url . "/categories.php?" . URL_CAT_ID . "=" . $cat_id);
$rss_desc = format_rss_html($cat_cache[$cat_id]['cat_description']);
$cat_sql = "AND i.cat_id = {$cat_id}";
}
$sql = "SELECT i.image_id, i.cat_id, i.user_id, i.image_name, i.image_description, i.image_keywords, i.image_date, i.image_active, i.image_media_file, i.image_thumb_file, i.image_download_url, i.image_allow_comments, i.image_comments, i.image_downloads, i.image_votes, i.image_rating, i.image_hits, c.cat_name" . get_user_table_field(", u.", "user_name") . "\n FROM (" . IMAGES_TABLE . " i, " . CATEGORIES_TABLE . " c)\n LEFT JOIN " . USERS_TABLE . " u ON (" . get_user_table_field("u.", "user_id") . " = i.user_id)\n WHERE i.image_active = 1\n {$cat_sql}\n AND c.cat_id = i.cat_id\n AND i.cat_id NOT IN (" . get_auth_cat_sql("auth_viewcat", "NOTIN") . ")\n ORDER BY i.image_date DESC, i.image_id DESC\n LIMIT {$num_items}";
$result = $site_db->query($sql);
while ($row = $site_db->fetch_array($result)) {
$user_name = format_rss_text($lang['userlevel_guest']);
$user_email = "*****@*****.**";
if (isset($row[$user_table_fields['user_name']]) && $row['user_id'] != GUEST) {
$user_name = format_rss_text($row[$user_table_fields['user_name']]);
if (!empty($row[$user_table_fields['user_email']]) && (!isset($row[$user_table_fields['user_showemail']]) || isset($row[$user_table_fields['user_showemail']]) && $row[$user_table_fields['user_showemail']] == 1)) {
$user_email = $row[$user_table_fields['user_email']];
}
}
$rss_items[] = array('title' => format_rss_text($row['image_name']), 'link' => $site_sess->url($script_url . "/details.php?" . URL_IMAGE_ID . "=" . $row['image_id']), 'pubDate' => $row['image_date'], 'desc' => format_rss_html($row['image_description']), 'category' => array('name' => format_rss_text($cat_cache[$row['cat_id']]['cat_name']), 'domain' => $site_sess->url($script_url . "/categories.php?" . URL_CAT_ID . "=" . $row['cat_id'])), 'enclosure' => get_rss_enclosure($row['image_thumb_file'], "thumb", $row['cat_id']), 'author' => array('name' => $user_name, 'email' => $user_email), 'comments' => $site_sess->url($script_url . "/details.php?" . URL_IMAGE_ID . "=" . $row['image_id'] . "#comments"));
}
break;
}
$items = '';
}
@readfile($file_path);
}
$file = array();
$file_path = null;
$file_name = null;
if ($action == "lightbox") {
if (empty($user_info['lightbox_image_ids']) || !function_exists("gzcompress") || !function_exists("crc32")) {
redirect("lightbox.php");
}
if (!check_download_token($user_info['lightbox_image_ids'])) {
redirect("lightbox.php");
}
$image_id_sql = str_replace(" ", ", ", trim($user_info['lightbox_image_ids']));
$image_ids = array();
$sql = "SELECT image_id, cat_id, image_media_file, image_download_url\n FROM " . IMAGES_TABLE . "\n WHERE image_active = 1 AND image_id IN ({$image_id_sql}) AND cat_id NOT IN (" . get_auth_cat_sql("auth_viewimage", "NOTIN") . ", " . get_auth_cat_sql("auth_viewcat", "NOTIN") . ", " . get_auth_cat_sql("auth_download", "NOTIN") . ")";
$result = $site_db->query($sql);
if ($result) {
include ROOT_PATH . "includes/zip.php";
$zipfile = new zipfile();
$file_added = 0;
while ($image_row = $site_db->fetch_array($result)) {
$file_path = null;
$file_name = null;
if (!empty($image_row['image_download_url'])) {
if (is_remote_file($image_row['image_download_url']) || is_local_file($image_row['image_download_url'])) {
$file_path = $image_row['image_download_url'];
$file_name = basename($image_row['image_download_url']);
}
} elseif (is_remote($image_row['image_media_file'])) {
$file_path = $image_row['image_media_file'];
$link_arg = $site_sess->url(ROOT_PATH . "lightbox.php");
include ROOT_PATH . 'includes/paging.php';
$getpaging = new Paging($page, $perpage, $num_rows_all, $link_arg);
$offset = $getpaging->get_offset();
$site_template->register_vars(array("paging" => $getpaging->get_paging(), "paging_stats" => $getpaging->get_paging_stats()));
if ($num_rows_all) {
$sql = "SELECT COUNT(image_id) AS images\n FROM " . IMAGES_TABLE . "\n WHERE image_active = 1 AND image_id IN ({$image_id_sql}) AND cat_id NOT IN (" . get_auth_cat_sql("auth_download", "NOTIN") . ")";
$result = $site_db->query_firstrow($sql);
$download_allowed = intval($result['images']) > 0;
$additional_sql = "";
if (!empty($additional_image_fields)) {
foreach ($additional_image_fields as $key => $val) {
$additional_sql .= ", i." . $key;
}
}
$sql = "SELECT i.image_id, i.cat_id, i.user_id, i.image_name, i.image_description, i.image_keywords, i.image_date, i.image_active, i.image_media_file, i.image_thumb_file, i.image_download_url, i.image_allow_comments, i.image_comments, i.image_downloads, i.image_votes, i.image_rating, i.image_hits" . $additional_sql . ", c.cat_name" . get_user_table_field(", u.", "user_name") . "\n FROM (" . IMAGES_TABLE . " i, " . CATEGORIES_TABLE . " c)\n LEFT JOIN " . USERS_TABLE . " u ON (" . get_user_table_field("u.", "user_id") . " = i.user_id)\n WHERE i.image_active = 1 AND i.image_id IN ({$image_id_sql}) AND c.cat_id = i.cat_id AND i.cat_id NOT IN (" . get_auth_cat_sql("auth_viewcat", "NOTIN") . ")\n ORDER BY i." . $config['image_order'] . " " . $config['image_sort'] . ", i.image_id " . $config['image_sort'] . "\n LIMIT {$offset}, {$perpage}";
$result = $site_db->query($sql);
$num_rows = $site_db->get_numrows($result);
}
if (!$num_rows) {
$thumbnails = "";
$msg .= $msg != "" ? "<p>" . $lang['lightbox_no_images'] : $lang['lightbox_no_images'];
} else {
set_download_token($user_info['lightbox_image_ids']);
$thumbnails = "<table width=\"" . $config['image_table_width'] . "\" border=\"0\" cellpadding=\"" . $config['image_table_cellpadding'] . "\" cellspacing=\"" . $config['image_table_cellspacing'] . "\">\n";
$count = 0;
$bgcounter = 0;
while ($image_row = $site_db->fetch_array($result)) {
if (!$download_allowed && check_permission("auth_download", $image_row['cat_id'])) {
$download_allowed = true;
}
function get_random_image_cache()
{
global $site_db, $cat_cache, $total_images;
$random_image_cache = array();
$cat_id_sql = get_auth_cat_sql("auth_viewcat", "NOTIN");
if (SHOW_RANDOM_CAT_IMAGE) {
$sql = "SELECT DISTINCT i.image_id, i.cat_id, i.user_id, i.image_name, i.image_description, i.image_keywords, i.image_date, i.image_active, i.image_media_file, i.image_thumb_file, i.image_download_url, i.image_allow_comments, i.image_comments, i.image_downloads, i.image_votes, i.image_rating, i.image_hits, c.cat_name" . get_user_table_field(", u.", "user_name") . "\n FROM (" . IMAGES_TABLE . " i, " . CATEGORIES_TABLE . " c)\n LEFT JOIN " . USERS_TABLE . " u ON (" . get_user_table_field("u.", "user_id") . " = i.user_id)\n WHERE i.image_active = 1 AND i.cat_id NOT IN ({$cat_id_sql}) AND c.cat_id = i.cat_id\n ORDER BY RAND()";
$result = $site_db->query($sql);
while ($row = $site_db->fetch_array($result)) {
$random_image_cache[$row['cat_id']] = $row;
}
} else {
if (empty($total_images)) {
$sql = "SELECT COUNT(*) as total_images\n FROM " . IMAGES_TABLE . "\n WHERE image_active = 1 AND cat_id NOT IN ({$cat_id_sql})";
$row = $site_db->query_firstrow($sql);
$total_images = $row['total_images'];
}
if (empty($total_images)) {
return $random_image_cache;
}
mt_srand((double) microtime() * 1000000);
$number = $total_images > 1 ? mt_rand(0, $total_images - 1) : 0;
$sql = "SELECT i.image_id, i.cat_id, i.user_id, i.image_name, i.image_description, i.image_keywords, i.image_date, i.image_active, i.image_media_file, i.image_thumb_file, i.image_download_url, i.image_allow_comments, i.image_comments, i.image_downloads, i.image_votes, i.image_rating, i.image_hits, c.cat_name" . get_user_table_field(", u.", "user_name") . "\n FROM (" . IMAGES_TABLE . " i, " . CATEGORIES_TABLE . " c)\n LEFT JOIN " . USERS_TABLE . " u ON (" . get_user_table_field("u.", "user_id") . " = i.user_id)\n WHERE i.image_active = 1 AND i.cat_id NOT IN ({$cat_id_sql}) AND c.cat_id = i.cat_id\n LIMIT {$number}, 1";
$random_image_cache[0] = $site_db->query_firstrow($sql);
}
return $random_image_cache;
}