Beispiel #1
 * checks the validity of input parameters, fills $page['errors'] and
 * $page['infos'] and send an email with confirmation link
 * @return bool (true if email was sent, false otherwise)
function process_password_request()
    global $page, $conf;
    if (empty($_POST['username_or_email'])) {
        $page['errors'][] = l10n('Invalid username or email');
        return false;
    $user_id = get_userid_by_email($_POST['username_or_email']);
    if (!is_numeric($user_id)) {
        $user_id = get_userid($_POST['username_or_email']);
    if (!is_numeric($user_id)) {
        $page['errors'][] = l10n('Invalid username or email');
        return false;
    $userdata = getuserdata($user_id, false);
    // password request is not possible for guest/generic users
    $status = $userdata['status'];
    if (is_a_guest($status) or is_generic($status)) {
        $page['errors'][] = l10n('Password reset is not allowed for this user');
        return false;
    if (empty($userdata['email'])) {
        $page['errors'][] = l10n('User "%s" has no email address, password reset is not possible', $userdata['username']);
        return false;
    $activation_key = generate_key(20);
    list($expire) = pwg_db_fetch_row(pwg_query('SELECT ADDDATE(NOW(), INTERVAL 1 HOUR)'));
    single_update(USER_INFOS_TABLE, array('activation_key' => pwg_password_hash($activation_key), 'activation_key_expire' => $expire), array('user_id' => $user_id));
    $userdata['activation_key'] = $activation_key;
    $message = l10n('Someone requested that the password be reset for the following user account:') . "\r\n\r\n";
    $message .= l10n('Username "%s" on gallery %s', $userdata['username'], get_gallery_home_url());
    $message .= "\r\n\r\n";
    $message .= l10n('To reset your password, visit the following address:') . "\r\n";
    $message .= get_gallery_home_url() . '/password.php?key=' . $activation_key . '-' . urlencode($userdata['email']);
    $message .= "\r\n\r\n";
    $message .= l10n('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n";
    $message = trigger_change('render_lost_password_mail_content', $message);
    $email_params = array('subject' => '[' . $conf['gallery_title'] . '] ' . l10n('Password Reset'), 'content' => $message, 'email_format' => 'text/plain');
    if (pwg_mail($userdata['email'], $email_params)) {
        $page['infos'][] = l10n('Check your email for the confirmation link');
        return true;
    } else {
        $page['errors'][] = l10n('Error sending email');
        return false;
 * Sends an email, using Piwigo specific informations.
 * @param string|array $to
 * @param array $args
 *       o from: sender [default value webmaster email]
 *       o Cc: array of carbon copy receivers of the mail. [default value empty]
 *       o Bcc: array of blind carbon copy receivers of the mail. [default value empty]
 *       o subject [default value 'Piwigo']
 *       o content: content of mail [default value '']
 *       o content_format: format of mail content [default value 'text/plain']
 *       o email_format: global mail format [default value $conf_mail['default_email_format']]
 *       o theme: theme to use [default value $conf_mail['mail_theme']]
 *       o mail_title: main title of the mail [default value $conf['gallery_title']]
 *       o mail_subtitle: subtitle of the mail [default value subject]
 * @param array $tpl - use these options to define a custom content template file
 *       o filename
 *       o dirname (optional)
 *       o assign (optional)
 * @return boolean
function pwg_mail($to, $args = array(), $tpl = array())
    global $conf, $conf_mail, $lang_info, $page;
    if (empty($to) and empty($args['Cc']) and empty($args['Bcc'])) {
        return true;
    if (!isset($conf_mail)) {
        $conf_mail = get_mail_configuration();
    include_once PHPWG_ROOT_PATH . 'include/phpmailer/class.phpmailer.php';
    $mail = new PHPMailer();
    foreach (get_clean_recipients_list($to) as $recipient) {
        $mail->addAddress($recipient['email'], $recipient['name']);
    $mail->WordWrap = 76;
    $mail->CharSet = 'UTF-8';
    // Compute root_path in order have complete path
    if (empty($args['from'])) {
        $from = array('email' => $conf_mail['email_webmaster'], 'name' => $conf_mail['name_webmaster']);
    } else {
        $from = unformat_email($args['from']);
    $mail->setFrom($from['email'], $from['name']);
    $mail->addReplyTo($from['email'], $from['name']);
    // Subject
    if (empty($args['subject'])) {
        $args['subject'] = 'Piwigo';
    $args['subject'] = trim(preg_replace('#[\\n\\r]+#s', '', $args['subject']));
    $mail->Subject = $args['subject'];
    // Cc
    if (!empty($args['Cc'])) {
        foreach (get_clean_recipients_list($args['Cc']) as $recipient) {
            $mail->addCC($recipient['email'], $recipient['name']);
    // Bcc
    $Bcc = get_clean_recipients_list(@$args['Bcc']);
    if ($conf_mail['send_bcc_mail_webmaster']) {
        $Bcc[] = array('email' => get_webmaster_mail_address(), 'name' => '');
    if (!empty($Bcc)) {
        foreach ($Bcc as $recipient) {
            $mail->addBCC($recipient['email'], $recipient['name']);
    // theme
    if (empty($args['theme']) or !in_array($args['theme'], array('clear', 'dark'))) {
        $args['theme'] = $conf_mail['mail_theme'];
    // content
    if (!isset($args['content'])) {
        $args['content'] = '';
    // try to decompose subject like "[....] ...."
    if (!isset($args['mail_title']) and !isset($args['mail_subtitle'])) {
        if (preg_match('#^\\[(.*)\\](.*)$#', $args['subject'], $matches)) {
            $args['mail_title'] = $matches[1];
            $args['mail_subtitle'] = $matches[2];
    if (!isset($args['mail_title'])) {
        $args['mail_title'] = $conf['gallery_title'];
    if (!isset($args['mail_subtitle'])) {
        $args['mail_subtitle'] = $args['subject'];
    // content type
    if (empty($args['content_format'])) {
        $args['content_format'] = 'text/plain';
    $content_type_list = array();
    if ($conf_mail['mail_allow_html'] and @$args['email_format'] != 'text/plain') {
        $content_type_list[] = 'text/html';
    $content_type_list[] = 'text/plain';
    $contents = array();
    foreach ($content_type_list as $content_type) {
        // key compose of indexes witch allow to cache mail data
        $cache_key = $content_type . '-' . $lang_info['code'];
        if (!isset($conf_mail[$cache_key])) {
            // instanciate a new Template
            if (!isset($conf_mail[$cache_key]['theme'])) {
                $conf_mail[$cache_key]['theme'] = get_mail_template($content_type);
                trigger_notify('before_parse_mail_template', $cache_key, $content_type);
            $template =& $conf_mail[$cache_key]['theme'];
            $template->set_filename('mail_header', 'header.tpl');
            $template->set_filename('mail_footer', 'footer.tpl');
            $template->assign(array('GALLERY_URL' => get_gallery_home_url(), 'GALLERY_TITLE' => isset($page['gallery_title']) ? $page['gallery_title'] : $conf['gallery_title'], 'VERSION' => $conf['show_version'] ? PHPWG_VERSION : '', 'PHPWG_URL' => defined('PHPWG_URL') ? PHPWG_URL : '', 'CONTENT_ENCODING' => get_pwg_charset(), 'CONTACT_MAIL' => $conf_mail['email_webmaster']));
            if ($content_type == 'text/html') {
                if ($template->smarty->templateExists('global-mail-css.tpl')) {
                    $template->set_filename('global-css', 'global-mail-css.tpl');
                    $template->assign_var_from_handle('GLOBAL_MAIL_CSS', 'global-css');
                if ($template->smarty->templateExists('mail-css-' . $args['theme'] . '.tpl')) {
                    $template->set_filename('css', 'mail-css-' . $args['theme'] . '.tpl');
                    $template->assign_var_from_handle('MAIL_CSS', 'css');
        $template =& $conf_mail[$cache_key]['theme'];
        $template->assign(array('MAIL_TITLE' => $args['mail_title'], 'MAIL_SUBTITLE' => $args['mail_subtitle']));
        // Header
        $contents[$content_type] = $template->parse('mail_header', true);
        // Content
        // Stored in a temp variable, if a content template is used it will be assigned
        // to the $CONTENT template variable, otherwise it will be appened to the mail
        if ($args['content_format'] == 'text/plain' and $content_type == 'text/html') {
            // convert plain text to html
            $mail_content = '<p>' . nl2br(preg_replace('/(https?:\\/\\/([-\\w\\.]+[-\\w])+(:\\d+)?(\\/([\\w\\/_\\.\\#-]*(\\?\\S+)?[^\\.\\s])?)?)/i', '<a href="$1">$1</a>', htmlspecialchars($args['content']))) . '</p>';
        } else {
            if ($args['content_format'] == 'text/html' and $content_type == 'text/plain') {
                // convert html text to plain text
                $mail_content = strip_tags($args['content']);
            } else {
                $mail_content = $args['content'];
        // Runtime template
        if (isset($tpl['filename'])) {
            if (isset($tpl['dirname'])) {
                $template->set_template_dir($tpl['dirname'] . '/' . $content_type);
            if ($template->smarty->templateExists($tpl['filename'] . '.tpl')) {
                $template->set_filename($tpl['filename'], $tpl['filename'] . '.tpl');
                if (!empty($tpl['assign'])) {
                $template->assign('CONTENT', $mail_content);
                $contents[$content_type] .= $template->parse($tpl['filename'], true);
            } else {
                $contents[$content_type] .= $mail_content;
        } else {
            $contents[$content_type] .= $mail_content;
        // Footer
        $contents[$content_type] .= $template->parse('mail_footer', true);
    // Undo Compute root_path in order have complete path
    // Send content to PHPMailer
    if (isset($contents['text/html'])) {
        $mail->Body = move_css_to_body($contents['text/html']);
        if (isset($contents['text/plain'])) {
            $mail->AltBody = $contents['text/plain'];
    } else {
        $mail->Body = $contents['text/plain'];
    if ($conf_mail['use_smtp']) {
        // now we need to split port number
        if (strpos($conf_mail['smtp_host'], ':') !== false) {
            list($smtp_host, $smtp_port) = explode(':', $conf_mail['smtp_host']);
        } else {
            $smtp_host = $conf_mail['smtp_host'];
            $smtp_port = 25;
        // enables SMTP debug information (for testing) 2 - debug, 0 - no message
        $mail->SMTPDebug = 0;
        $mail->Host = $smtp_host;
        $mail->Port = $smtp_port;
        if (!empty($conf_mail['smtp_secure']) and in_array($conf_mail['smtp_secure'], array('ssl', 'tls'))) {
            $mail->SMTPSecure = $conf_mail['smtp_secure'];
        if (!empty($conf_mail['smtp_user'])) {
            $mail->SMTPAuth = true;
            $mail->Username = $conf_mail['smtp_user'];
            $mail->Password = $conf_mail['smtp_password'];
    $ret = true;
    $pre_result = trigger_change('before_send_mail', true, $to, $args, $mail);
    if ($pre_result) {
        $ret = $mail->send();
        if (!$ret and (!ini_get('display_errors') or is_admin())) {
            trigger_error('Mailer Error: ' . $mail->ErrorInfo, E_USER_WARNING);
        if ($conf['debug_mail']) {
            pwg_send_mail_test($ret, $mail, $args);
    return $ret;
Beispiel #3
        case 'php':
            include_once PHPWG_ROOT_PATH . 'include/ws_protocols/php_encoder.php';
            $encoder = new PwgSerialPhpEncoder();
        case 'json':
            include_once PHPWG_ROOT_PATH . 'include/ws_protocols/json_encoder.php';
            $encoder = new PwgJsonEncoder();
        case 'xmlrpc':
            include_once PHPWG_ROOT_PATH . 'include/ws_protocols/xmlrpc_encoder.php';
            $encoder = new PwgXmlRpcEncoder();
    $service->setEncoder($responseFormat, $encoder);
 * event handler that registers standard methods with the web service
function ws_addDefaultMethods($arr)
    global $conf, $user;
    $service =& $arr[0];
    include_once PHPWG_ROOT_PATH . 'include/';
    $ws_functions_root = PHPWG_ROOT_PATH . 'include/ws_functions/';
    $f_params = array('f_min_rate' => array('default' => null, 'type' => WS_TYPE_FLOAT), 'f_max_rate' => array('default' => null, 'type' => WS_TYPE_FLOAT), 'f_min_hit' => array('default' => null, 'type' => WS_TYPE_INT | WS_TYPE_POSITIVE), 'f_max_hit' => array('default' => null, 'type' => WS_TYPE_INT | WS_TYPE_POSITIVE), 'f_min_ratio' => array('default' => null, 'type' => WS_TYPE_FLOAT | WS_TYPE_POSITIVE), 'f_max_ratio' => array('default' => null, 'type' => WS_TYPE_FLOAT | WS_TYPE_POSITIVE), 'f_max_level' => array('default' => null, 'type' => WS_TYPE_INT | WS_TYPE_POSITIVE), 'f_min_date_available' => array('default' => null), 'f_max_date_available' => array('default' => null), 'f_min_date_created' => array('default' => null), 'f_max_date_created' => array('default' => null));
    $service->addMethod('pwg.getVersion', 'ws_getVersion', null, 'Returns the Piwigo version.', $ws_functions_root . 'pwg.php');
    $service->addMethod('pwg.getInfos', 'ws_getInfos', null, 'Returns general informations.', $ws_functions_root . 'pwg.php', array('admin_only' => true));
    $service->addMethod('pwg.caddie.add', 'ws_caddie_add', array('image_id' => array('flags' => WS_PARAM_FORCE_ARRAY, 'type' => WS_TYPE_ID)), 'Adds elements to the caddie. Returns the number of elements added.', $ws_functions_root . 'pwg.php', array('admin_only' => true));
    $service->addMethod('pwg.categories.getImages', 'ws_categories_getImages', array_merge(array('cat_id' => array('default' => null, 'flags' => WS_PARAM_FORCE_ARRAY, 'type' => WS_TYPE_INT | WS_TYPE_POSITIVE), 'recursive' => array('default' => false, 'type' => WS_TYPE_BOOL), 'per_page' => array('default' => 100, 'maxValue' => $conf['ws_max_images_per_page'], 'type' => WS_TYPE_INT | WS_TYPE_POSITIVE), 'page' => array('default' => 0, 'type' => WS_TYPE_INT | WS_TYPE_POSITIVE), 'order' => array('default' => null, 'info' => 'id, file, name, hit, rating_score, date_creation, date_available, random')), $f_params), 'Returns elements for the corresponding categories.
function do_subscribe_unsubscribe_notification_by_mail($is_admin_request, $is_subscribe = false, $check_key_list = array())
    global $conf, $page, $env_nbm, $conf;
    $check_key_treated = array();
    $updated_data_count = 0;
    $error_on_updated_data_count = 0;
    if ($is_subscribe) {
        $msg_info = l10n('User %s [%s] was added to the subscription list.');
        $msg_error = l10n('User %s [%s] was not added to the subscription list.');
    } else {
        $msg_info = l10n('User %s [%s] was removed from the subscription list.');
        $msg_error = l10n('User %s [%s] was not removed from the subscription list.');
    if (count($check_key_list) != 0) {
        $updates = array();
        $enabled_value = boolean_to_string($is_subscribe);
        $data_users = get_user_notifications('subscribe', $check_key_list, !$is_subscribe);
        // Prepare message after change language
        $msg_break_timeout = l10n('Time to send mail is limited. Others mails are skipped.');
        // Begin nbm users environment
        foreach ($data_users as $nbm_user) {
            if (check_sendmail_timeout()) {
                // Stop fill list on 'send', if the quota is override
                $page['errors'][] = $msg_break_timeout;
            // Fill return list
            $check_key_treated[] = $nbm_user['check_key'];
            $do_update = true;
            if ($nbm_user['mail_address'] != '') {
                // set env nbm user
                set_user_on_env_nbm($nbm_user, true);
                $subject = '[' . $conf['gallery_title'] . '] ' . ($is_subscribe ? l10n('Subscribe to notification by mail') : l10n('Unsubscribe from notification by mail'));
                // Assign current var for nbm mail
                $section_action_by = $is_subscribe ? 'subscribe_by_' : 'unsubscribe_by_';
                $section_action_by .= $is_admin_request ? 'admin' : 'himself';
                $env_nbm['mail_template']->assign(array($section_action_by => true, 'GOTO_GALLERY_TITLE' => $conf['gallery_title'], 'GOTO_GALLERY_URL' => get_gallery_home_url()));
                $ret = pwg_mail(array('name' => stripslashes($nbm_user['username']), 'email' => $nbm_user['mail_address']), array('from' => $env_nbm['send_as_mail_formated'], 'subject' => $subject, 'email_format' => $env_nbm['email_format'], 'content' => $env_nbm['mail_template']->parse('notification_by_mail', true), 'content_format' => $env_nbm['email_format']));
                if ($ret) {
                } else {
                    $do_update = false;
                // unset env nbm user
            if ($do_update) {
                $updates[] = array('check_key' => $nbm_user['check_key'], 'enabled' => $enabled_value);
                $updated_data_count += 1;
                $page['infos'][] = sprintf($msg_info, stripslashes($nbm_user['username']), $nbm_user['mail_address']);
            } else {
                $error_on_updated_data_count += 1;
                $page['errors'][] = sprintf($msg_error, stripslashes($nbm_user['username']), $nbm_user['mail_address']);
        // Restore nbm environment
        mass_updates(USER_MAIL_NOTIFICATION_TABLE, array('primary' => array('check_key'), 'update' => array('enabled')), $updates);
    $page['infos'][] = l10n_dec('%d user was updated.', '%d users were updated.', $updated_data_count);
    if ($error_on_updated_data_count != 0) {
        $page['errors'][] = l10n_dec('%d user was not updated.', '%d users were not updated.', $error_on_updated_data_count);
    return $check_key_treated;
function do_action_send_mail_notification($action = 'list_to_send', $check_key_list = array(), $customize_mail_content = '')
    global $conf, $page, $user, $lang_info, $lang, $env_nbm;
    $return_list = array();
    if (in_array($action, array('list_to_send', 'send'))) {
        list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
        $is_action_send = $action == 'send';
        // disabled and null mail_address are not selected in the list
        $data_users = get_user_notifications('send', $check_key_list);
        // List all if it's define on options or on timeout
        $is_list_all_without_test = ($env_nbm['is_sendmail_timeout'] or $conf['nbm_list_all_enabled_users_to_send']);
        // Check if exist news to list user or send mails
        if (!$is_list_all_without_test or $is_action_send) {
            if (count($data_users) > 0) {
                $datas = array();
                if (!isset($customize_mail_content)) {
                    $customize_mail_content = $conf['nbm_complementary_mail_content'];
                $customize_mail_content = trigger_change('nbm_render_global_customize_mail_content', $customize_mail_content);
                // Prepare message after change language
                if ($is_action_send) {
                    $msg_break_timeout = l10n('Time to send mail is limited. Others mails are skipped.');
                } else {
                    $msg_break_timeout = l10n('Prepared time for list of users to send mail is limited. Others users are not listed.');
                // Begin nbm users environment
                foreach ($data_users as $nbm_user) {
                    if (!$is_action_send and check_sendmail_timeout()) {
                        // Stop fill list on 'list_to_send', if the quota is override
                        $page['infos'][] = $msg_break_timeout;
                    if ($is_action_send and check_sendmail_timeout()) {
                        // Stop fill list on 'send', if the quota is override
                        $page['errors'][] = $msg_break_timeout;
                    // set env nbm user
                    set_user_on_env_nbm($nbm_user, $is_action_send);
                    if ($is_action_send) {
                        $auth = null;
                        $add_url_params = array();
                        $auth_key = create_user_auth_key($nbm_user['user_id'], $nbm_user['status']);
                        if ($auth_key !== false) {
                            $auth = $auth_key['auth_key'];
                            $add_url_params['auth'] = $auth;
                        // Fill return list of "treated" check_key for 'send'
                        $return_list[] = $nbm_user['check_key'];
                        if ($conf['nbm_send_detailed_content']) {
                            $news = news($nbm_user['last_send'], $dbnow, false, $conf['nbm_send_html_mail'], $auth);
                            $exist_data = count($news) > 0;
                        } else {
                            $exist_data = news_exists($nbm_user['last_send'], $dbnow);
                        if ($exist_data) {
                            $subject = '[' . $conf['gallery_title'] . '] ' . l10n('New photos added');
                            // Assign current var for nbm mail
                            if (!is_null($nbm_user['last_send'])) {
                                $env_nbm['mail_template']->assign('content_new_elements_between', array('DATE_BETWEEN_1' => $nbm_user['last_send'], 'DATE_BETWEEN_2' => $dbnow));
                            } else {
                                $env_nbm['mail_template']->assign('content_new_elements_single', array('DATE_SINGLE' => $dbnow));
                            if ($conf['nbm_send_detailed_content']) {
                                $env_nbm['mail_template']->assign('global_new_lines', $news);
                            $nbm_user_customize_mail_content = trigger_change('nbm_render_user_customize_mail_content', $customize_mail_content, $nbm_user);
                            if (!empty($nbm_user_customize_mail_content)) {
                                $env_nbm['mail_template']->assign('custom_mail_content', $nbm_user_customize_mail_content);
                            if ($conf['nbm_send_html_mail'] and $conf['nbm_send_recent_post_dates']) {
                                $recent_post_dates = get_recent_post_dates_array($conf['recent_post_dates']['NBM']);
                                foreach ($recent_post_dates as $date_detail) {
                                    $env_nbm['mail_template']->append('recent_posts', array('TITLE' => get_title_recent_post_date($date_detail), 'HTML_DATA' => get_html_description_recent_post_date($date_detail, $auth)));
                            $env_nbm['mail_template']->assign(array('GOTO_GALLERY_TITLE' => $conf['gallery_title'], 'GOTO_GALLERY_URL' => add_url_params(get_gallery_home_url(), $add_url_params), 'SEND_AS_NAME' => $env_nbm['send_as_name']));
                            $ret = pwg_mail(array('name' => stripslashes($nbm_user['username']), 'email' => $nbm_user['mail_address']), array('from' => $env_nbm['send_as_mail_formated'], 'subject' => $subject, 'email_format' => $env_nbm['email_format'], 'content' => $env_nbm['mail_template']->parse('notification_by_mail', true), 'content_format' => $env_nbm['email_format'], 'auth_key' => $auth));
                            if ($ret) {
                                $datas[] = array('user_id' => $nbm_user['user_id'], 'last_send' => $dbnow);
                            } else {
                    } else {
                        if (news_exists($nbm_user['last_send'], $dbnow)) {
                            // Fill return list of "selected" users for 'list_to_send'
                            $return_list[] = $nbm_user;
                    // unset env nbm user
                // Restore nbm environment
                if ($is_action_send) {
                    mass_updates(USER_MAIL_NOTIFICATION_TABLE, array('primary' => array('user_id'), 'update' => array('last_send')), $datas);
            } else {
                if ($is_action_send) {
                    $page['errors'][] = l10n('No user to send notifications by mail.');
        } else {
            // Quick List, don't check news
            // Fill return list of "selected" users for 'list_to_send'
            $return_list = $data_users;
    // Return list of "selected" users for 'list_to_send'
    // Return list of "treated" check_key for 'send'
    return $return_list;
function add_uploaded_file($source_filepath, $original_filename = null, $categories = null, $level = null, $image_id = null, $original_md5sum = null)
    // 1) move uploaded file to upload/2010/01/22/20100122003814-449ada00.jpg
    // 2) keep/resize original
    // 3) register in database
    // TODO
    // * check md5sum (already exists?)
    global $conf, $user;
    if (isset($original_md5sum)) {
        $md5sum = $original_md5sum;
    } else {
        $md5sum = md5_file($source_filepath);
    $file_path = null;
    $is_tiff = false;
    if (isset($image_id)) {
        // this photo already exists, we update it
        $query = '
  WHERE id = ' . $image_id . '
        $result = pwg_query($query);
        while ($row = pwg_db_fetch_assoc($result)) {
            $file_path = $row['path'];
        if (!isset($file_path)) {
            die('[' . __FUNCTION__ . '] this photo does not exist in the database');
        // delete all physical files related to the photo (thumbnail, web site, HD)
    } else {
        // this photo is new
        // current date
        list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
        list($year, $month, $day) = preg_split('/[^\\d]/', $dbnow, 4);
        // upload directory hierarchy
        $upload_dir = sprintf(PHPWG_ROOT_PATH . $conf['upload_dir'] . '/%s/%s/%s', $year, $month, $day);
        // compute file path
        $date_string = preg_replace('/[^\\d]/', '', $dbnow);
        $random_string = substr($md5sum, 0, 8);
        $filename_wo_ext = $date_string . '-' . $random_string;
        $file_path = $upload_dir . '/' . $filename_wo_ext . '.';
        list($width, $height, $type) = getimagesize($source_filepath);
        if (IMAGETYPE_PNG == $type) {
            $file_path .= 'png';
        } elseif (IMAGETYPE_GIF == $type) {
            $file_path .= 'gif';
        } elseif (IMAGETYPE_TIFF_MM == $type or IMAGETYPE_TIFF_II == $type) {
            $is_tiff = true;
            $file_path .= 'tif';
        } elseif (IMAGETYPE_JPEG == $type) {
            $file_path .= 'jpg';
        } elseif (isset($conf['upload_form_all_types']) and $conf['upload_form_all_types']) {
            $original_extension = strtolower(get_extension($original_filename));
            if (in_array($original_extension, $conf['file_ext'])) {
                $file_path .= $original_extension;
            } else {
                die('unexpected file type');
        } else {
            die('forbidden file type');
    if (is_uploaded_file($source_filepath)) {
        move_uploaded_file($source_filepath, $file_path);
    } else {
        rename($source_filepath, $file_path);
    @chmod($file_path, 0644);
    // handle the uploaded file type by potentially making a
    // pwg_representative file.
    $representative_ext = trigger_change('upload_file', null, $file_path);
    global $logger;
    $logger->info("Handling " . (string) $file_path . " got " . (string) $representative_ext);
    // If it is set to either true (the file didn't need a
    // representative generated) or false (the generation of the
    // representative failed), set it to null because we have no
    // representative file.
    if (is_bool($representative_ext)) {
        $representative_ext = null;
    if (pwg_image::get_library() != 'gd') {
        if ($conf['original_resize']) {
            $need_resize = need_resize($file_path, $conf['original_resize_maxwidth'], $conf['original_resize_maxheight']);
            if ($need_resize) {
                $img = new pwg_image($file_path);
                $img->pwg_resize($file_path, $conf['original_resize_maxwidth'], $conf['original_resize_maxheight'], $conf['original_resize_quality'], $conf['upload_form_automatic_rotation'], false);
    // we need to save the rotation angle in the database to compute
    // width/height of "multisizes"
    $rotation_angle = pwg_image::get_rotation_angle($file_path);
    $rotation = pwg_image::get_rotation_code_from_angle($rotation_angle);
    $file_infos = pwg_image_infos($file_path);
    if (isset($image_id)) {
        $update = array('file' => pwg_db_real_escape_string(isset($original_filename) ? $original_filename : basename($file_path)), 'filesize' => $file_infos['filesize'], 'width' => $file_infos['width'], 'height' => $file_infos['height'], 'md5sum' => $md5sum, 'added_by' => $user['id'], 'rotation' => $rotation);
        if (isset($level)) {
            $update['level'] = $level;
        single_update(IMAGES_TABLE, $update, array('id' => $image_id));
    } else {
        // database registration
        $file = pwg_db_real_escape_string(isset($original_filename) ? $original_filename : basename($file_path));
        $insert = array('file' => $file, 'name' => get_name_from_file($file), 'date_available' => $dbnow, 'path' => preg_replace('#^' . preg_quote(PHPWG_ROOT_PATH) . '#', '', $file_path), 'filesize' => $file_infos['filesize'], 'width' => $file_infos['width'], 'height' => $file_infos['height'], 'md5sum' => $md5sum, 'added_by' => $user['id'], 'rotation' => $rotation);
        if (isset($level)) {
            $insert['level'] = $level;
        if (isset($representative_ext)) {
            $insert['representative_ext'] = $representative_ext;
        single_insert(IMAGES_TABLE, $insert);
        $image_id = pwg_db_insert_id(IMAGES_TABLE);
    if (isset($categories) and count($categories) > 0) {
        associate_images_to_categories(array($image_id), $categories);
    // update metadata from the uploaded file (exif/iptc)
    if ($conf['use_exif'] and !function_exists('read_exif_data')) {
        $conf['use_exif'] = false;
    // cache thumbnail
    $query = '
  WHERE id = ' . $image_id . '
    $image_infos = pwg_db_fetch_assoc(pwg_query($query));
    // in case we are on uploadify.php, we have to replace the false path
    $thumb_url = preg_replace('#admin/include/i#', 'i', DerivativeImage::thumb_url($image_infos));
    fetchRemote($thumb_url, $dest);
    return $image_id;