// +-----------------------------------------------------------------------+
if (!defined("PHPWG_ROOT_PATH")) {
die("Hacking attempt!");
}
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
include_once PHPWG_ROOT_PATH . 'include/functions_picture.inc.php';
load_language('plugin.lang', PFEMAIL_PATH);
// +-----------------------------------------------------------------------+
// | Check Access and exit when user status is not ok |
// +-----------------------------------------------------------------------+
check_status(ACCESS_ADMINISTRATOR);
// +-----------------------------------------------------------------------+
// | form submission |
// +-----------------------------------------------------------------------+
if (!empty($_POST)) {
check_input_parameter('groups', $_POST, true, PATTERN_ID);
// first we must reset all groups to false
$query = '
UPDATE ' . GROUPS_TABLE . '
SET pfemail_notify = \'false\'
;';
pwg_query($query);
// then we set submitted groups to true
if (isset($_POST['groups']) and count($_POST['groups']) > 0) {
$query = '
UPDATE ' . GROUPS_TABLE . '
SET pfemail_notify = \'true\'
WHERE id IN (' . implode(',', $_POST['groups']) . ')
;';
pwg_query($query);
}
}
}
break;
case 'delete_comment':
check_pwg_token();
include_once GUESTBOOK_PATH . 'include/functions_comment.inc.php';
check_input_parameter('comment_to_delete', $_GET, false, PATTERN_ID);
$author_id = get_comment_author_id_guestbook($_GET['comment_to_delete']);
if (can_manage_comment('delete', $author_id)) {
delete_user_comment_guestbook($_GET['comment_to_delete']);
}
redirect($url_self);
case 'validate_comment':
check_pwg_token();
include_once GUESTBOOK_PATH . 'include/functions_comment.inc.php';
check_input_parameter('comment_to_validate', $_GET, false, PATTERN_ID);
$author_id = get_comment_author_id_guestbook($_GET['comment_to_validate']);
if (can_manage_comment('validate', $author_id)) {
validate_user_comment_guestbook($_GET['comment_to_validate']);
}
redirect($url_self);
}
}
// +-----------------------------------------------------------------------+
// | add comment |
// +-----------------------------------------------------------------------+
if (isset($_POST['content']) && (!is_a_guest() || $conf['guestbook']['guest_can_add'])) {
$comm = array('author' => trim(@$_POST['author']), 'email' => trim(@$_POST['email']), 'content' => trim($_POST['content']), 'website' => trim($_POST['website']), 'rate' => @$_POST['score']);
include_once GUESTBOOK_PATH . 'include/functions_comment.inc.php';
$comment_action = insert_user_comment_guestbook($comm, @$_POST['key']);
switch ($comment_action) {
if (!empty($_POST['tags'])) {
$tag_ids = get_tag_ids($_POST['tags']);
}
set_tags($tag_ids, $_GET['image_id']);
// association to albums
if (!isset($_POST['associate'])) {
$_POST['associate'] = array();
}
check_input_parameter('associate', $_POST, true, PATTERN_ID);
move_images_to_categories(array($_GET['image_id']), $_POST['associate']);
invalidate_user_cache();
// thumbnail for albums
if (!isset($_POST['represent'])) {
$_POST['represent'] = array();
}
check_input_parameter('represent', $_POST, true, PATTERN_ID);
$no_longer_thumbnail_for = array_diff($represented_albums, $_POST['represent']);
if (count($no_longer_thumbnail_for) > 0) {
set_random_representant($no_longer_thumbnail_for);
}
$new_thumbnail_for = array_diff($_POST['represent'], $represented_albums);
if (count($new_thumbnail_for) > 0) {
$query = '
UPDATE ' . CATEGORIES_TABLE . '
SET representative_picture_id = ' . $_GET['image_id'] . '
WHERE id IN (' . implode(',', $new_thumbnail_for) . ')
;';
pwg_query($query);
}
$represented_albums = $_POST['represent'];
$page['infos'][] = l10n('Photo informations updated');
check_input_parameter('tag_mode', $_POST, false, '/^(OR|AND)$/');
$search['fields']['tags'] = array('words' => $_POST['tags'], 'mode' => $_POST['tag_mode']);
}
if (isset($_POST['authors']) and is_array($_POST['authors']) and count($_POST['authors']) > 0) {
$authors = array();
foreach ($_POST['authors'] as $author) {
$authors[] = strip_tags($author);
}
$search['fields']['author'] = array('words' => $authors, 'mode' => 'OR');
}
if (isset($_POST['cat'])) {
check_input_parameter('cat', $_POST, true, PATTERN_ID);
$search['fields']['cat'] = array('words' => $_POST['cat'], 'sub_inc' => $_POST['subcats-included'] == 1 ? true : false);
}
// dates
check_input_parameter('date_type', $_POST, false, '/^date_(creation|available)$/');
$type_date = $_POST['date_type'];
if (!empty($_POST['start_year'])) {
$search['fields'][$type_date . '-after'] = array('date' => sprintf('%d-%02d-%02d 00:00:00', $_POST['start_year'], $_POST['start_month'] != 0 ? $_POST['start_month'] : '01', $_POST['start_day'] != 0 ? $_POST['start_day'] : '01'), 'inc' => true);
}
if (!empty($_POST['end_year'])) {
$search['fields'][$type_date . '-before'] = array('date' => sprintf('%d-%02d-%02d 23:59:59', $_POST['end_year'], $_POST['end_month'] != 0 ? $_POST['end_month'] : '12', $_POST['end_day'] != 0 ? $_POST['end_day'] : '31'), 'inc' => true);
}
if (!empty($search)) {
// default search mode : each clause must be respected
$search['mode'] = 'AND';
// register search rules in database, then they will be available on
// thumbnails page and picture page.
$query = '
INSERT INTO ' . SEARCH_TABLE . '
(rules, last_seen)
function Stereo_tabsheet($tabs, $context)
{
global $prefixeTable;
if ($context != 'photo') {
return $tabs;
}
load_language('plugin.lang', STEREO_PATH);
check_input_parameter('image_id', $_GET, false, PATTERN_ID);
$id = $_GET['image_id'];
$query = '
SELECT file from ' . $prefixeTable . 'images
WHERE id = ' . $id;
$result = pwg_db_fetch_assoc(pwg_query($query));
if ($result && preg_match('/.*mpo$/i', $result['file'])) {
$tabs['stereo'] = array('caption' => l10n('STEREO_ADJUSTMENT'), 'url' => Stereo_get_admin_url($id));
}
return $tabs;
}
}
}
//----------------------------------------------------- variable initialization
define('DEFAULT_PREFIX_TABLE', 'piwigo_');
if (isset($_POST['install'])) {
$prefixeTable = $_POST['prefix'];
} else {
$prefixeTable = DEFAULT_PREFIX_TABLE;
}
include PHPWG_ROOT_PATH . 'include/config_default.inc.php';
@(include PHPWG_ROOT_PATH . 'local/config/config.inc.php');
defined('PWG_LOCAL_DIR') or define('PWG_LOCAL_DIR', 'local/');
include PHPWG_ROOT_PATH . 'include/functions.inc.php';
include PHPWG_ROOT_PATH . 'include/template.class.php';
// download database config file if exists
check_input_parameter('dl', $_GET, false, '/^[a-f0-9]{32}$/');
if (!empty($_GET['dl']) && file_exists(PHPWG_ROOT_PATH . $conf['data_location'] . 'pwg_' . $_GET['dl'])) {
$filename = PHPWG_ROOT_PATH . $conf['data_location'] . 'pwg_' . $_GET['dl'];
header('Cache-Control: no-cache, must-revalidate');
header('Pragma: no-cache');
header('Content-Disposition: attachment; filename="database.inc.php"');
header('Content-Transfer-Encoding: binary');
header('Content-Length: ' . filesize($filename));
echo file_get_contents($filename);
unlink($filename);
exit;
}
// Obtain various vars
$dbhost = !empty($_POST['dbhost']) ? $_POST['dbhost'] : 'localhost';
$dbuser = !empty($_POST['dbuser']) ? $_POST['dbuser'] : '';
$dbpasswd = !empty($_POST['dbpasswd']) ? $_POST['dbpasswd'] : '';
$page['where_clauses'][] = $since_options[$page['since']]['clause'];
// which status to filter on ?
if (!is_admin()) {
$page['where_clauses'][] = 'validated=\'true\'';
}
$page['where_clauses'][] = get_sql_condition_FandF(array('forbidden_categories' => 'category_id', 'visible_categories' => 'category_id', 'visible_images' => 'ic.image_id'), '', true);
// +-----------------------------------------------------------------------+
// | comments management |
// +-----------------------------------------------------------------------+
$comment_id = null;
$action = null;
$actions = array('delete', 'validate', 'edit');
foreach ($actions as $loop_action) {
if (isset($_GET[$loop_action])) {
$action = $loop_action;
check_input_parameter($action, $_GET, false, PATTERN_ID);
$comment_id = $_GET[$action];
break;
}
}
if (isset($action)) {
$comment_author_id = get_comment_author_id($comment_id);
if (can_manage_comment($action, $comment_author_id)) {
$perform_redirect = false;
if ('delete' == $action) {
check_pwg_token();
delete_user_comment($comment_id);
$perform_redirect = true;
}
if ('validate' == $action) {
check_pwg_token();
$user_tpl['assign']['IMG']['link'] = add_url_params($user_tpl['assign']['IMG']['link'], array('auth' => $authkey['auth_key']));
}
}
$user_args = $args;
if (isset($authkey)) {
$user_args['auth_key'] = $authkey['auth_key'];
}
switch_lang_to($u['language']);
pwg_mail($u['email'], $user_args, $user_tpl);
switch_lang_back();
}
$message = l10n_dec('%d mail was sent.', '%d mails were sent.', count($users));
$message .= ' (' . implode(', ', $usernames) . ')';
$page['infos'][] = $message;
} elseif ('group' == $_POST['who'] and !empty($_POST['group'])) {
check_input_parameter('group', $_POST, false, PATTERN_ID);
pwg_mail_group($_POST['group'], $args, $tpl);
$query = '
SELECT
name
FROM ' . GROUPS_TABLE . '
WHERE id = ' . $_POST['group'] . '
;';
list($group_name) = pwg_db_fetch_row(pwg_query($query));
$page['infos'][] = l10n('An information email was sent to group "%s"', $group_name);
}
unset_make_full_url();
}
// +-----------------------------------------------------------------------+
// | template initialization |
// +-----------------------------------------------------------------------+
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
include_once PHPWG_ROOT_PATH . 'include/functions_picture.inc.php';
load_language('plugin.lang', PFEMAIL_PATH);
$admin_base_url = get_root_url() . 'admin.php?page=plugin-community-config';
// +-----------------------------------------------------------------------+
// | Check Access and exit when user status is not ok |
// +-----------------------------------------------------------------------+
check_status(ACCESS_ADMINISTRATOR);
// +-----------------------------------------------------------------------+
// | form submission |
// +-----------------------------------------------------------------------+
if (isset($_POST['apply_to_albums']) and in_array($_POST['apply_to_albums'], array('all', 'list'))) {
$conf['polaroid']['apply_to_albums'] = $_POST['apply_to_albums'];
conf_update_param('polaroid', $conf['polaroid'], true);
if ($_POST['apply_to_albums'] == 'list') {
check_input_parameter('albums', $_POST, true, PATTERN_ID);
if (empty($_POST['albums'])) {
$_POST['albums'][] = -1;
}
$query = '
UPDATE ' . CATEGORIES_TABLE . '
SET polaroid_active = \'false\'
WHERE id NOT IN (' . implode(',', $_POST['albums']) . ')
;';
pwg_query($query);
$query = '
UPDATE ' . CATEGORIES_TABLE . '
SET polaroid_active = \'true\'
WHERE id IN (' . implode(',', $_POST['albums']) . ')
;';
pwg_query($query);
$search['fields']['types'] = $types;
} else {
check_input_parameter('types', $_POST, true, '/^(' . implode('|', $types) . ')$/');
$search['fields']['types'] = $_POST['types'];
}
$search['fields']['user'] = intval($_POST['user']);
if (!empty($_POST['image_id'])) {
$search['fields']['image_id'] = intval($_POST['image_id']);
}
if (!empty($_POST['filename'])) {
$search['fields']['filename'] = str_replace('*', '%', pwg_db_real_escape_string($_POST['filename']));
}
if (!empty($_POST['ip'])) {
$search['fields']['ip'] = str_replace('*', '%', pwg_db_real_escape_string($_POST['ip']));
}
check_input_parameter('display_thumbnail', $_POST, false, '/^(' . implode('|', array_keys($display_thumbnails)) . ')$/');
$search['fields']['display_thumbnail'] = $_POST['display_thumbnail'];
// Display choise are also save to one cookie
if (!empty($_POST['display_thumbnail']) and isset($display_thumbnails[$_POST['display_thumbnail']])) {
$cookie_val = $_POST['display_thumbnail'];
} else {
$cookie_val = null;
}
pwg_set_cookie_var('display_thumbnail', $cookie_val, strtotime('+1 month'));
// TODO manage inconsistency of having $_POST['image_id'] and
// $_POST['filename'] simultaneously
if (!empty($search)) {
// register search rules in database, then they will be available on
// thumbnails page and picture page.
$query = '
INSERT INTO ' . SEARCH_TABLE . '
} else {
$page['start'] = 0;
}
// +-----------------------------------------------------------------------+
// | Check Access and exit when user status is not ok |
// +-----------------------------------------------------------------------+
check_status(ACCESS_ADMINISTRATOR);
// +-----------------------------------------------------------------------+
// | actions |
// +-----------------------------------------------------------------------+
if (!empty($_POST)) {
if (empty($_POST['comments'])) {
$page['errors'][] = l10n('Select at least one comment');
} else {
include_once PHPWG_ROOT_PATH . 'include/functions_comment.inc.php';
check_input_parameter('comments', $_POST, true, PATTERN_ID);
if (isset($_POST['validate'])) {
validate_user_comment($_POST['comments']);
$page['infos'][] = l10n_dec('%d user comment validated', '%d user comments validated', count($_POST['comments']));
}
if (isset($_POST['reject'])) {
delete_user_comment($_POST['comments']);
$page['infos'][] = l10n_dec('%d user comment rejected', '%d user comments rejected', count($_POST['comments']));
}
}
}
// +-----------------------------------------------------------------------+
// | template init |
// +-----------------------------------------------------------------------+
$template->set_filenames(array('comments' => 'comments.tpl'));
$template->assign(array('F_ACTION' => get_root_url() . 'admin.php?page=comments'));
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
if (!defined('PHOTOS_ADD_BASE_URL')) {
die("Hacking attempt!");
}
// +-----------------------------------------------------------------------+
// | batch management request |
// +-----------------------------------------------------------------------+
if (isset($_GET['batch'])) {
check_input_parameter('batch', $_GET, false, '/^\\d+(,\\d+)*$/');
$query = '
DELETE FROM ' . CADDIE_TABLE . '
WHERE user_id = ' . $user['id'] . '
;';
pwg_query($query);
$inserts = array();
foreach (explode(',', $_GET['batch']) as $image_id) {
$inserts[] = array('user_id' => $user['id'], 'element_id' => $image_id);
}
mass_inserts(CADDIE_TABLE, array_keys($inserts[0]), $inserts);
redirect(get_root_url() . 'admin.php?page=batch_manager&filter=prefilter-caddie');
}
// +-----------------------------------------------------------------------+
// | prepare form |
// +-----------------------------------------------------------------------+
case "ogg":
$ctype = "application/ogg";
break;
default:
$ctype = "application/octet-stream";
}
return $ctype;
}
function do_error($code, $str)
{
set_status_header($code);
echo $str;
exit;
}
if ($conf['enable_formats'] and isset($_GET['format'])) {
check_input_parameter('format', $_GET, false, PATTERN_ID);
$query = '
SELECT
*
FROM ' . IMAGE_FORMAT_TABLE . '
WHERE format_id = ' . $_GET['format'] . '
;';
$formats = query2array($query);
if (count($formats) == 0) {
do_error(400, 'Invalid request - format');
}
$format = $formats[0];
$_GET['id'] = $format['image_id'];
$_GET['part'] = 'f';
// "f" for "format"
}
* user caddie.
*
*/
if (!defined('PHPWG_ROOT_PATH')) {
die('Hacking attempt!');
}
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
// +-----------------------------------------------------------------------+
// | Check Access and exit when user status is not ok |
// +-----------------------------------------------------------------------+
check_status(ACCESS_ADMINISTRATOR);
trigger_notify('loc_begin_element_set_global');
check_input_parameter('del_tags', $_POST, true, PATTERN_ID);
check_input_parameter('associate', $_POST, false, PATTERN_ID);
check_input_parameter('move', $_POST, false, PATTERN_ID);
check_input_parameter('dissociate', $_POST, false, PATTERN_ID);
// +-----------------------------------------------------------------------+
// | current selection |
// +-----------------------------------------------------------------------+
$collection = array();
if (isset($_POST['setSelected'])) {
$collection = $page['cat_elements_id'];
} else {
if (isset($_POST['selection'])) {
$collection = $_POST['selection'];
}
}
// +-----------------------------------------------------------------------+
// | global mode form submission |
// +-----------------------------------------------------------------------+
// $page['prefilter'] is a shortcut to test if the current filter contains a
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
if (!defined("PHPWG_ROOT_PATH")) {
die("Hacking attempt!");
}
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
include_once PHPWG_ROOT_PATH . 'admin/include/functions_upload.inc.php';
include_once PHPWG_ROOT_PATH . 'admin/include/tabsheet.class.php';
// +-----------------------------------------------------------------------+
// | Check Access and exit when user status is not ok |
// +-----------------------------------------------------------------------+
check_status(ACCESS_ADMINISTRATOR);
//-------------------------------------------------------- sections definitions
check_input_parameter('section', $_GET, false, '/^[a-z]+$/i');
if (!isset($_GET['section'])) {
$page['section'] = 'main';
} else {
$page['section'] = $_GET['section'];
}
$main_checkboxes = array('allow_user_registration', 'obligatory_user_mail_address', 'rate', 'rate_anonymous', 'email_admin_on_new_user', 'allow_user_customization', 'log', 'history_admin', 'history_guest');
$sizes_checkboxes = array('original_resize');
$comments_checkboxes = array('activate_comments', 'comments_forall', 'comments_validation', 'email_admin_on_comment', 'email_admin_on_comment_validation', 'user_can_delete_comment', 'user_can_edit_comment', 'email_admin_on_comment_edition', 'email_admin_on_comment_deletion', 'comments_author_mandatory', 'comments_email_mandatory', 'comments_enable_website');
$display_checkboxes = array('menubar_filter_icon', 'index_sort_order_input', 'index_flat_icon', 'index_posted_date_icon', 'index_created_date_icon', 'index_slideshow_icon', 'index_new_icon', 'picture_metadata_icon', 'picture_slideshow_icon', 'picture_favorite_icon', 'picture_download_icon', 'picture_navigation_icons', 'picture_navigation_thumb', 'picture_menu');
$display_info_checkboxes = array('author', 'created_on', 'posted_on', 'dimensions', 'file', 'filesize', 'tags', 'categories', 'visits', 'rating_score', 'privacy_level');
// image order management
$sort_fields = array('' => '', 'file ASC' => l10n('File name, A → Z'), 'file DESC' => l10n('File name, Z → A'), 'name ASC' => l10n('Photo title, A → Z'), 'name DESC' => l10n('Photo title, Z → A'), 'date_creation DESC' => l10n('Date created, new → old'), 'date_creation ASC' => l10n('Date created, old → new'), 'date_available DESC' => l10n('Date posted, new → old'), 'date_available ASC' => l10n('Date posted, old → new'), 'rating_score DESC' => l10n('Rating score, high → low'), 'rating_score ASC' => l10n('Rating score, low → high'), 'hit DESC' => l10n('Visits, high → low'), 'hit ASC' => l10n('Visits, low → high'), 'id ASC' => l10n('Numeric identifier, 1 → 9'), 'id DESC' => l10n('Numeric identifier, 9 → 1'), 'rank ASC' => l10n('Manual sort order'));
$comments_order = array('ASC' => l10n('Show oldest comments first'), 'DESC' => l10n('Show latest comments first'));
$mail_themes = array('clear' => 'Clear', 'dark' => 'Dark');
//------------------------------ verification and registration of modifications
}
}
if (isset($_POST['filter_category_use'])) {
$_SESSION['bulk_manager_filter']['category'] = $_POST['filter_category'];
if (isset($_POST['filter_category_recursive'])) {
$_SESSION['bulk_manager_filter']['category_recursive'] = true;
}
}
if (isset($_POST['filter_tags_use'])) {
$_SESSION['bulk_manager_filter']['tags'] = get_tag_ids($_POST['filter_tags'], false);
if (isset($_POST['tag_mode']) and in_array($_POST['tag_mode'], array('AND', 'OR'))) {
$_SESSION['bulk_manager_filter']['tag_mode'] = $_POST['tag_mode'];
}
}
if (isset($_POST['filter_level_use'])) {
check_input_parameter('filter_level', $_POST, false, '/^\\d+$/');
if (in_array($_POST['filter_level'], $conf['available_permission_levels'])) {
$_SESSION['bulk_manager_filter']['level'] = $_POST['filter_level'];
if (isset($_POST['filter_level_include_lower'])) {
$_SESSION['bulk_manager_filter']['level_include_lower'] = true;
}
}
}
if (isset($_POST['filter_dimension_use'])) {
foreach (array('min_width', 'max_width', 'min_height', 'max_height') as $type) {
if (filter_var($_POST['filter_dimension_' . $type], FILTER_VALIDATE_INT) !== false) {
$_SESSION['bulk_manager_filter']['dimension'][$type] = $_POST['filter_dimension_' . $type];
}
}
foreach (array('min_ratio', 'max_ratio') as $type) {
if (filter_var($_POST['filter_dimension_' . $type], FILTER_VALIDATE_FLOAT) !== false) {
<?php
/**********************************
* REQUIRED PATH TO THE TPL FILE */
$TOUR_PATH = PHPWG_PLUGINS_PATH . 'TakeATour/tours/2_7_0/tour.tpl';
/*********************************/
/**********************
* Preparse part *
**********************/
$template->assign('TAT_index', make_index_url(array('section' => 'categories')));
$template->assign('TAT_search', get_root_url() . 'search.php');
//picture id
if (isset($_GET['page']) and preg_match('/^photo-(\\d+)(?:-(.*))?$/', $_GET['page'], $matches)) {
$_GET['image_id'] = $matches[1];
}
check_input_parameter('image_id', $_GET, false, PATTERN_ID);
if (isset($_GET['image_id']) and pwg_get_session_var('TAT_image_id') == null) {
$template->assign('TAT_image_id', $_GET['image_id']);
pwg_set_session_var('TAT_image_id', $_GET['image_id']);
} elseif (is_numeric(pwg_get_session_var('TAT_image_id'))) {
$template->assign('TAT_image_id', pwg_get_session_var('TAT_image_id'));
} else {
$query = '
SELECT id
FROM ' . IMAGES_TABLE . '
ORDER BY RAND()
LIMIT 1
;';
$row = pwg_db_fetch_assoc(pwg_query($query));
$template->assign('TAT_image_id', $row['id']);
}
}
//warn the user if the picture will be resized after upload
if ($conf['original_resize']) {
$template->assign(array('original_resize_maxwidth' => $conf['original_resize_maxwidth'], 'original_resize_maxheight' => $conf['original_resize_maxheight']));
}
$template->assign(array('form_action' => PHOTOS_ADD_BASE_URL, 'pwg_token' => get_pwg_token()));
$unique_exts = array_unique(array_map('strtolower', $conf['upload_form_all_types'] ? $conf['file_ext'] : $conf['picture_ext']));
$template->assign(array('upload_file_types' => implode(', ', $unique_exts), 'file_exts' => implode(',', $unique_exts)));
// +-----------------------------------------------------------------------+
// | Categories |
// +-----------------------------------------------------------------------+
// we need to know the category in which the last photo was added
$selected_category = array();
if (isset($_GET['album'])) {
// set the category from get url or ...
check_input_parameter('album', $_GET, false, PATTERN_ID);
// test if album really exists
$query = '
SELECT id
FROM ' . CATEGORIES_TABLE . '
WHERE id = ' . $_GET['album'] . '
;';
$result = pwg_query($query);
if (pwg_db_num_rows($result) == 1) {
$selected_category = array($_GET['album']);
// lets put in the session to persist in case of upload method switch
$_SESSION['selected_category'] = $selected_category;
} else {
fatal_error('[Hacking attempt] the album id = "' . $_GET['album'] . '" is not valid');
}
} else {
$ref_dates[$cat_id] = 'max' == $minmax ? max($to_compare) : min($to_compare);
} else {
$ref_dates[$cat_id] = null;
}
}
// only return the list of $ids, not the sub-categories
$return = array();
foreach ($ids as $id) {
$return[$id] = $ref_dates[$id];
}
return $return;
}
// +-----------------------------------------------------------------------+
// | initialization |
// +-----------------------------------------------------------------------+
check_input_parameter('parent_id', $_GET, false, PATTERN_ID);
$categories = array();
$base_url = get_root_url() . 'admin.php?page=cat_list';
$navigation = '<a href="' . $base_url . '">';
$navigation .= l10n('Home');
$navigation .= '</a>';
// +-----------------------------------------------------------------------+
// | tabs |
// +-----------------------------------------------------------------------+
$page['tab'] = 'list';
include PHPWG_ROOT_PATH . 'admin/include/albums_tab.inc.php';
// +-----------------------------------------------------------------------+
// | virtual categories management |
// +-----------------------------------------------------------------------+
// request to delete a virtual category
if (isset($_GET['delete']) and is_numeric($_GET['delete'])) {
*
* function copied from Dotclear project http://dotclear.net
*
* @param int timestamp
* @return string ISO 8601 date format
*/
function ts_to_iso8601($ts)
{
$tz = date('O', $ts);
$tz = substr($tz, 0, -2) . ':' . substr($tz, -2);
return date('Y-m-d\\TH:i:s', $ts) . $tz;
}
// +-----------------------------------------------------------------------+
// | initialization |
// +-----------------------------------------------------------------------+
check_input_parameter('feed', $_GET, false, '/^[0-9a-z]{50}$/i');
$feed_id = isset($_GET['feed']) ? $_GET['feed'] : '';
$image_only = isset($_GET['image_only']);
// echo '<pre>'.generate_key(50).'</pre>';
if (!empty($feed_id)) {
$query = '
SELECT user_id,
last_check
FROM ' . USER_FEED_TABLE . '
WHERE id = \'' . $feed_id . '\'
;';
$feed_row = pwg_db_fetch_assoc(pwg_query($query));
if (empty($feed_row)) {
page_not_found(l10n('Unknown feed identifier'));
}
if ($feed_row['user_id'] != $user['id']) {
