/** * Function to get the category data */ function get_subcat_data($parent, $ident = '') { global $CONFIG, $CAT_LIST; if ($CONFIG['categories_alpha_sort'] == 1) { $sort_query = 'name'; } else { $sort_query = 'pos'; } $sql = "SELECT cid, name, description " . "FROM {$CONFIG['TABLE_CATEGORIES']} " . "WHERE parent = '{$parent}' " . "ORDER BY {$sort_query}"; $result = cpg_db_query($sql); if (($cat_count = mysql_num_rows($result)) > 0) { $rowset = cpg_db_fetch_rowset($result); $pos = 0; foreach ($rowset as $subcat) { if ($pos > 0) { $CAT_LIST[] = array('cid' => $subcat['cid'], 'parent' => $parent, 'pos' => $pos++, 'prev' => $prev_cid, 'cat_count' => $cat_count, 'name' => $ident . $subcat['name']); $CAT_LIST[$last_index]['next'] = $subcat['cid']; } else { $CAT_LIST[] = array('cid' => $subcat['cid'], 'parent' => $parent, 'pos' => $pos++, 'cat_count' => $cat_count, 'name' => $ident . $subcat['name']); } $prev_cid = $subcat['cid']; $last_index = count($CAT_LIST) - 1; get_subcat_data($subcat['cid'], $ident . ' '); } } }
/** * alb_get_subcat_data() * * @param integer $parent * @param string $ident **/ function alb_get_subcat_data($parent, $ident = '') { global $CONFIG, $CAT_LIST, $USER_DATA; // select cats where the users can change the albums $groups = ''; foreach ($USER_DATA['groups'] as $group) { $groups .= "group_id = '{$group}' OR "; } $groups .= "0"; $result = cpg_db_query("SELECT cid, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '{$parent}' AND cid != 1 ORDER BY pos"); if ($result->numRows() > 0) { $rowset = cpg_db_fetch_rowset($result); foreach ($rowset as $subcat) { if (!GALLERY_ADMIN_MODE) { $check_group = cpg_db_query("SELECT group_id FROM {$CONFIG['TABLE_CATMAP']} WHERE ({$groups}) AND cid = " . $subcat['cid']); $check_group_rowset = cpg_db_fetch_rowset($check_group); if ($check_group_rowset) { $CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']); } } else { $CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']); } alb_get_subcat_data($subcat['cid'], $ident . ' '); } } }
function minicms($content = '') { global $MINICMS, $CONFIG, $cat, $album, $REFERER, $lang_minicms, $HTML_SUBST_DECODE, $cms_array; if ($MINICMS['dbver'] != MINICMS_DBVER) { echo "<h2>{$lang_minicms['minicms_full']} {$MINICMS['dbver']}</h2><br />{$lang_minicms['dbver_nomatch']}: " . MINICMS_DBVER . "<br />"; minicms_configure(false); //auto-updater and dont print the "go" button } $where = isset($MINICMS['ID']) ? "ID='{$MINICMS['ID']}'" : "conid='{$MINICMS['conid']}' AND type='{$MINICMS['type']}'"; $query = "SELECT * FROM {$CONFIG['TABLE_CMS']} WHERE {$where} ORDER BY cpos"; $result = cpg_db_query($query); $cms_array = cpg_db_fetch_rowset($result); $counter = 0; foreach ($cms_array as $key => $cms) { $cms_array[$key]['next_ID'] = $counter < count($cms_array) - 1 && $cms['type'] == $cms_array[$counter + 1]['type'] && $cms['conid'] == $cms_array[$counter + 1]['conid'] ? '&id2=' . $cms_array[$counter + 1]['ID'] : ''; $cms_array[$key]['prev_ID'] = $counter > 0 && $cms['type'] == $cms_array[$counter - 1]['type'] && $cms['conid'] == $cms_array[$counter - 1]['conid'] ? '&id2=' . $cms_array[$counter - 1]['ID'] : ''; $cms_array[$key]['content'] = html_entity_decode(stripslashes($cms['content'])); $counter++; } ob_start(); theme_minicms($cms_array); //$content.=ob_get_clean(); $content = ob_get_clean(); return $content; }
function get_album_data() { global $CONFIG, $ALBUM_LIST; $result = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} ORDER BY title"); if (mysql_num_rows($result) > 0) { $rowset = cpg_db_fetch_rowset($result); foreach ($rowset as $alb) { $ALBUM_LIST[] = array($alb['aid'], $alb['title']); } } }
/** * alb_get_subcat_data() * * @param integer $parent * @param string $ident **/ function alb_get_subcat_data($parent, $ident = '') { global $CONFIG, $CAT_LIST; $result = cpg_db_query("SELECT cid, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '{$parent}' AND cid != 1 ORDER BY pos"); if (mysql_num_rows($result) > 0) { $rowset = cpg_db_fetch_rowset($result); foreach ($rowset as $subcat) { $CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']); alb_get_subcat_data($subcat['cid'], $ident . ' '); } } }
function get_album_data($category, $ident) { global $CONFIG, $catStr, $ALBUM_SET; $sql = "SELECT aid,title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = {$category} " . $ALBUM_SET; $result = cpg_db_query($sql); if (($cat_count = mysql_num_rows($result)) > 0) { $rowset = cpg_db_fetch_rowset($result); foreach ($rowset as $subcat) { $catStr .= "\n {$ident}<album>\n {$ident}<id>{$subcat['aid']}</id>\n {$ident}<name>{$subcat['title']}</name>\n {$ident}</album>"; } } }
function h5u_config_groupSel($grpn = 0) { global $CONFIG, $superCage; $sql = "SELECT group_id, group_name FROM {$CONFIG['TABLE_USERGROUPS']} ORDER BY group_name"; $rslt = cpg_db_query($sql); $group_list = cpg_db_fetch_rowset($rslt, true); $htm = '<select name="h5u_gSel" onchange="selectConfigGroup(event,this)" style="margin-left:3em">'; $htm .= '<option value="0"' . ($grpn == 0 ? ' selected' : '') . '>< default ></option>'; foreach ($group_list as $group) { $htm .= '<option value="' . $group['group_id'] . '"' . ($grpn == $group['group_id'] ? ' selected' : '') . '>' . $group['group_name'] . '</option>'; } return $htm . '</select><div id="h5u_busy"></div>'; }
function thumb_get_subcat_data($parent, &$album_set_array) { global $CONFIG; $result = cpg_db_query("SELECT cid, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '{$parent}'"); if (mysql_num_rows($result) > 0) { $rowset = cpg_db_fetch_rowset($result); foreach ($rowset as $subcat) { $result = cpg_db_query("SELECT aid FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = {$subcat['cid']}"); $album_count = mysql_num_rows($result); while ($row = mysql_fetch_array($result)) { $album_set_array[] = $row['aid']; } // while thumb_get_subcat_data($subcat['cid'], $album_set_array); } } }
/** * get_subcat_data() * * @param integer $parent * @param string $ident **/ function get_subcat_data($parent, $ident = '') { global $CONFIG, $CAT_LIST, $USER_DATA; //select cats where the users can change the albums $group_id = $USER_DATA['group_id']; $result = cpg_db_query("SELECT cid, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '{$parent}' AND cid != 1 ORDER BY pos"); if (mysql_num_rows($result) > 0) { $rowset = cpg_db_fetch_rowset($result); foreach ($rowset as $subcat) { $check_group = cpg_db_query("SELECT group_id FROM {$CONFIG['TABLE_CATMAP']} WHERE group_id = '{$group_id}' AND cid=" . $subcat['cid']); $check_group_rowset = cpg_db_fetch_rowset($check_group); if ($check_group_rowset) { $CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']); } get_subcat_data($subcat['cid'], $ident . ' '); } } }
function secondary_user_groups_page_start() { global $CONFIG, $cpg_udb, $secondary_user_groups_user_groups; if (!$cpg_udb->can_join_tables) { return; } else { define('CAN_JOIN_TABLES', '1'); } $group_id_add = $CONFIG['bridge_enable'] ? 100 : 0; $result = cpg_db_query("SELECT {$cpg_udb->field['grouptbl_group_id']} AS group_id, {$cpg_udb->field['grouptbl_group_name']} AS group_name FROM {$cpg_udb->groupstable}"); while ($row = mysql_fetch_assoc($result)) { $group_names[$row['group_id'] + $group_id_add] = $row['group_name']; } mysql_free_result($result); $users = cpg_db_fetch_rowset(cpg_db_query("SELECT {$cpg_udb->field['user_id']} AS user_id FROM {$cpg_udb->usertable}")); foreach ($users as $user) { $group_ids = cpg_get_groups($user['user_id']); foreach ($group_ids as $group_id) { if ($group_names[$group_id]) { $secondary_user_groups_user_groups[$user['user_id']][] = $group_names[$group_id]; } } } }
/** * usergroup_list_box() * * @param integer $cid * * @return string $usergroup_listbox **/ function usergroup_list_box($cid) { global $CONFIG, $LINEBREAK, $cpg_udb; $add = $cpg_udb->use_post_based_groups ? 100 : 0; $exclude_groups = array($cpg_udb->guestgroup + $add); foreach ($cpg_udb->admingroups as $id) { $exclude_groups[] = $id + $add; } //get the category info from the db $sql = "SELECT ug.group_name AS name, ug.group_id AS id, catm.group_id AS catm_gid FROM {$CONFIG['TABLE_USERGROUPS']} AS ug LEFT JOIN {$CONFIG['TABLE_CATMAP']} AS catm ON catm.group_id = ug.group_id AND catm.cid = {$cid}"; $sql .= " HAVING id NOT IN (" . implode(', ', $exclude_groups) . ")"; // don't list administrator and guest groups $result = cpg_db_query($sql); $rowset = cpg_db_fetch_rowset($result, true); //put the values in an array for ease of use and clean code for now foreach ($rowset as $row) { $groups[$row['id']]['name'] = $row['name']; if ($row['catm_gid'] != null) { $groups[$row['id']]['selected'] = 'true'; } else { $groups[$row['id']]['selected'] = 'false'; } } //create listbox $usergroup_listbox = '<select name="user_groups[]" class="listbox" multiple="multiple">' . $LINEBREAK; //loop through all groups foreach ($groups as $id => $values) { $usergroup_listbox .= ' <option value="' . $id . '"' . ($values['selected'] == 'true' ? 'selected="selected"' : '') . ' >' . $values['name'] . '</option>' . $LINEBREAK; } $usergroup_listbox .= '</select>' . $LINEBREAK; //return listbox return $usergroup_listbox; }
function get_user_albums($user_id = '') { global $CONFIG, $USER_ALBUMS_ARRAY, $user_albums_list; if ($user_id != '') { $or = " OR category='" . (FIRST_USER_CAT + $user_id) . "'"; } if (!isset($USER_ALBUMS_ARRAY[USER_ID])) { $user_albums = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category='" . (FIRST_USER_CAT + USER_ID) . "' {$or} ORDER BY title"); if (mysql_num_rows($user_albums)) { $user_albums_list = cpg_db_fetch_rowset($user_albums); } else { $user_albums_list = array(); } mysql_free_result($user_albums); $USER_ALBUMS_ARRAY[USER_ID] = $user_albums_list; } else { $user_albums_list =& $USER_ALBUMS_ARRAY[USER_ID]; } }
$public_albums_list = cpg_db_fetch_rowset($public_albums); } else { $public_albums_list = array(); } //do the same for non-categorized albums if ($public_albums_no_cat->numRows()) { $public_albums_list_no_cat = cpg_db_fetch_rowset($public_albums_no_cat); } else { $public_albums_list_no_cat = array(); } //merge the 2 album arrays $public_albums_list = array_merge($public_albums_list, $public_albums_list_no_cat); if (USER_ID) { $user_albums = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category='" . (FIRST_USER_CAT + USER_ID) . "' ORDER BY title"); if ($user_albums->numRows()) { $user_albums_list = cpg_db_fetch_rowset($user_albums); } else { $user_albums_list = array(); } } else { $user_albums_list = array(); } if (!count($public_albums_list) && !count($user_albums_list)) { // there's no album where the user is allowed to upload to if (USER_CAN_CREATE_ALBUMS) { cpg_die(ERROR, $lang_upload_php['err_no_alb_uploadables'] . '<br /> <br /><a href="albmgr.php" title="' . $lang_user_admin_menu['albmgr_title'] . '" class="admin_menu">' . $lang_user_admin_menu['albmgr_lnk'] . '</a>', __FILE__, __LINE__); } else { cpg_die(ERROR, $lang_upload_php['err_no_alb_uploadables'], __FILE__, __LINE__); } } // Assign maximum file size for browser controls.
function get_pic_comments($pid) { global $CONFIG; $comment_query = "SELECT msg_author, msg_date, msg_body FROM " . $CONFIG['TABLE_COMMENTS'] . " WHERE pid=" . $pid . " LIMIT 5"; logg($comment_query); $result = cpg_db_query($comment_query); $rows = cpg_db_fetch_rowset($result); return $rows; }
function xfd_head() { global $CONFIG, $thisplugin, $XFDSET, $album, $cat; $xfd_feed = "index.php?file=xfeed/xfeed"; $superCage = Inspekt::makeSuperCage(); switch ($XFDSET['xfd_theme']) { case 0: $color = "orange"; break; case 1: $color = "azure"; break; case 2: $color = "red"; break; case 3: $color = "blue"; break; case 4: $color = "trans_dark"; break; case 5: $color = "trans_light"; break; } $header = "\r\n <!-- Begin CPG XFeed Headcode -->\r\n "; if ($XFDSET['xfd_feedroute'] == 1) { $xfeed_loc = "feeds.feedburner.com/" . $XFDSET['xfd_feedburnuname']; $header .= "<link rel=\"alternate\" type=\"application/rss+xml\" title=\"" . $CONFIG['gallery_name'] . " - Feedburner\" href=\"http://" . $xfeed_loc . "\" />\n"; } $extra_header = $header_str = ''; if ($superCage->get->keyExists('album')) { $album = $superCage->get->getRaw('album'); $header_str .= "&album={$album}"; } if ($superCage->get->keyExists('cat')) { $cat = $superCage->get->getRaw('cat'); $header_str .= "&cat={$cat}"; } // Code to show the proper title for various RSS and ATOM $extraTitle = ''; if ($album) { if ((int) $album) { $albumDetails = get_album_name((int) $album); $album = $albumDetails['title']; } else { $album = ucwords($album); } $extraTitle .= " | {$album}"; } if (!is_null($cat) && (int) $cat !== FALSE) { if ($cat < 0) { $album = -$cat; $query = "SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid = '{$album}'"; $result = cpg_db_query($query); $row = cpg_db_fetch_rowset($result); $cat = $row[0]['category']; } $cat_name = populate_category_name($cat); $extraTitle .= " | {$cat_name}"; } if ($header_str) { $extra_header = "<link rel=\"alternate\" type=\"application/rss+xml\" title=\"{$CONFIG['gallery_name']}{$extraTitle} - RSS\" href=\"{$CONFIG['ecards_more_pic_target']}{$xfd_feed}{$header_str}\" />\r\n <link rel=\"alternate\" type=\"application/atom+xml\" title=\"" . $CONFIG['gallery_name'] . "{$extraTitle} - Atom\" href=\"{$CONFIG['ecards_more_pic_target']}{$xfd_feed}&type=atom{$header_str}\" />"; } $header .= " <link rel=\"alternate\" type=\"application/rss+xml\" title=\"" . $CONFIG['gallery_name'] . " - RSS\" href=\"" . $CONFIG['ecards_more_pic_target'] . $xfd_feed . "\" />\r\n <link rel=\"alternate\" type=\"application/atom+xml\" title=\"" . $CONFIG['gallery_name'] . " - Atom\" href=\"" . $CONFIG['ecards_more_pic_target'] . $xfd_feed . "&type=atom\" />\r\n {$extra_header}\r\n <style type=\"text/css\">\r\n .xfeeds{background-image: url(./plugins/xfeed/images/xfeeds_" . $color . ".png);}\r\n </style>\r\n <link rel=\"stylesheet\" href=\"plugins/xfeed/css/xfeeds.css\" type=\"text/css\" />\r\n <!-- END CPG XFeed Headcode -->\r\n "; return $header; }
/** * list_cat_albums() * * This has been added to list the albums in a category, used for showing first level albumslargely a repetition of code elsewhere * Redone for a cleaner approach * @param integer $cat Category id for which albums are needed */ function list_cat_albums($cat = 0) { global $CONFIG, $USER, $lastup_date_fmt, $USER_DATA, $FORBIDDEN_SET, $FORBIDDEN_SET_DATA, $cpg_show_private_album; global $lang_list_albums, $lang_errors; $PAGE = 1; if ($cat == 0) { return ''; } $cat_owner_id = $cat > 10000 ? 10000 - $cat : 10001; $cpg_nopic_data = cpg_get_system_thumb('nopic.jpg', $cat_owner_id); $cpg_privatepic_data = cpg_get_system_thumb('private.jpg', $cat_owner_id); $alb_per_page = $CONFIG['albums_per_page']; $maxTab = $CONFIG['max_tabs']; $album_filter = ''; $pic_filter = ''; if (!empty($FORBIDDEN_SET) && !$cpg_show_private_album) { $album_filter = ' and ' . str_replace('p.', 'a.', $FORBIDDEN_SET); $pic_filter = ' and ' . $FORBIDDEN_SET; } $sql = "SELECT count(aid) FROM {$CONFIG['TABLE_ALBUMS']} as a WHERE category = '{$cat}'" . $album_filter; $result = cpg_db_query($sql); $nbEnr = mysql_fetch_array($result); $nbAlb = $nbEnr[0]; mysql_free_result($result); if ($nbAlb == 0) { return; } $totalPages = ceil($nbAlb / $alb_per_page); if ($PAGE > $totalPages) { $PAGE = 1; } $lower_limit = ($PAGE - 1) * $alb_per_page; $upper_limit = min($nbAlb, $PAGE * $alb_per_page); $limit = "LIMIT " . $lower_limit . "," . ($upper_limit - $lower_limit); $sql = 'SELECT a.aid, a.title, a.description, a.thumb, visibility, filepath, ' . 'filename, url_prefix, pwidth, pheight ' . 'FROM ' . $CONFIG['TABLE_ALBUMS'] . ' as a ' . 'LEFT JOIN ' . $CONFIG['TABLE_PICTURES'] . ' as p ' . 'ON a.thumb=p.pid ' . 'WHERE category=' . $cat . $album_filter . ' ORDER BY a.pos ' . $limit; $alb_thumbs_q = cpg_db_query($sql); $alb_thumbs = cpg_db_fetch_rowset($alb_thumbs_q); mysql_free_result($alb_thumbs_q); $disp_album_count = count($alb_thumbs); $album_set = ''; foreach ($alb_thumbs as $value) { $album_set .= $value['aid'] . ', '; } $album_set = '(' . substr($album_set, 0, -2) . ')'; /*$sql = "SELECT aid, count(pid) as pic_count, max(pid) as last_pid, max(ctime) as last_upload " . "FROM {$CONFIG['TABLE_PICTURES']} " . "WHERE aid IN $album_set AND approved = 'YES' " . "GROUP BY aid"; $alb_stats_q = cpg_db_query($sql); $alb_stats = cpg_db_fetch_rowset($alb_stats_q); mysql_free_result($alb_stats_q);*/ //This query will fetch album stats and keyword for the albums $sql = "SELECT a.aid, count( p.pid ) AS pic_count, max( p.pid ) AS last_pid, max( p.ctime ) AS last_upload, a.keyword, a.alb_hits" . " FROM {$CONFIG['TABLE_ALBUMS']} AS a " . " LEFT JOIN {$CONFIG['TABLE_PICTURES']} AS p ON a.aid = p.aid AND p.approved = 'YES' " . "WHERE a.aid IN {$album_set}" . "GROUP BY a.aid"; $alb_stats_q = cpg_db_query($sql); $alb_stats = cpg_db_fetch_rowset($alb_stats_q); mysql_free_result($alb_stats_q); foreach ($alb_stats as $key => $value) { $cross_ref[$value['aid']] =& $alb_stats[$key]; if ($CONFIG['link_pic_count'] == 1) { if (!empty($value['keyword'])) { $query = "SELECT count(pid) AS link_pic_count\n FROM {$CONFIG['TABLE_PICTURES']}\n WHERE aid != {$value['aid']} AND\n keywords LIKE '%{$value['keyword']}%' AND\n approved = 'YES'"; $result = cpg_db_query($query); $link_stat = mysql_fetch_array($result); mysql_free_result($result); $alb_stats[$key]['link_pic_count'] = $link_stat['link_pic_count']; } } } for ($alb_idx = 0; $alb_idx < $disp_album_count; $alb_idx++) { $alb_thumb =& $alb_thumbs[$alb_idx]; $aid = $alb_thumb['aid']; if (isset($cross_ref[$aid])) { $alb_stat = $cross_ref[$aid]; $count = $alb_stat['pic_count']; $alb_hits = $alb_stat['alb_hits']; } else { $alb_stat = array(); $count = 0; $alb_hits = 0; } // Inserts a thumbnail if the album contains 1 or more images $visibility = $alb_thumb['visibility']; if (!in_array($aid, $FORBIDDEN_SET_DATA) || $CONFIG['allow_private_albums'] == 0) { //test for visibility if ($count > 0) { // Inserts a thumbnail if the album contains 1 or more images if ($alb_thumb['filename']) { $picture =& $alb_thumb; } elseif ($alb_thumb['thumb'] < 0) { $sql = "SELECT filepath, filename, url_prefix, pwidth, pheight " . "FROM {$CONFIG['TABLE_PICTURES']} WHERE aid = '{$alb_thumb['aid']}' ORDER BY RAND() LIMIT 0,1"; $result = cpg_db_query($sql); $picture = mysql_fetch_array($result); mysql_free_result($result); } else { $sql = "SELECT filepath, filename, url_prefix, pwidth, pheight " . "FROM {$CONFIG['TABLE_PICTURES']} " . "WHERE pid='{$alb_stat['last_pid']}'"; $result = cpg_db_query($sql); $picture = mysql_fetch_array($result); mysql_free_result($result); } $pic_url = get_pic_url($picture, 'thumb'); if (!is_image($picture['filename'])) { $image_info = cpg_getimagesize(urldecode($pic_url)); $picture['pwidth'] = $image_info[0]; $picture['pheight'] = $image_info[1]; } //thumb cropping if ($picture['system_icon'] == 'true') { $image_size = compute_img_size($picture['pwidth'], $picture['pheight'], $CONFIG['alb_list_thumb_size'], true, 'cat_thumb'); } else { $image_size = compute_img_size($picture['pwidth'], $picture['pheight'], $CONFIG['alb_list_thumb_size'], false, 'cat_thumb'); } $alb_list[$alb_idx]['thumb_pic'] = "<img src=\"" . $pic_url . "\" class=\"image\" {$image_size['geom']} border=\"0\" alt=\"{$picture['filename']}\" />"; } else { // Inserts an empty thumbnail if the album contains 0 images // $image_size = compute_img_size(100, 75, $CONFIG['alb_list_thumb_size']); $alb_list[$alb_idx]['thumb_pic'] = '<img src="' . $cpg_nopic_data['thumb'] . '" ' . $cpg_nopic_data['whole'] . ' class="image" border="0" alt="" />'; } } elseif ($CONFIG['show_private']) { // $image_size = compute_img_size(100, 75, $CONFIG['alb_list_thumb_size']); $alb_list[$alb_idx]['thumb_pic'] = '<img src="' . $cpg_privatepic_data['thumb'] . '" ' . $cpg_privatepic_data['whole'] . ' class="image" border="0" alt="" />'; } // Prepare everything if (!in_array($aid, $FORBIDDEN_SET_DATA) || $CONFIG['allow_private_albums'] == 0) { $last_upload_date = $count ? localised_date($alb_stat['last_upload'], $lastup_date_fmt) : ''; $link_pic_count = !empty($alb_stat['link_pic_count']) ? $alb_stat['link_pic_count'] : 0; $alb_list[$alb_idx]['aid'] = $alb_thumb['aid']; $alb_list[$alb_idx]['album_title'] = $alb_thumb['title']; $alb_list[$alb_idx]['album_desc'] = bb_decode($alb_thumb['description']); $alb_list[$alb_idx]['pic_count'] = $count; $alb_list[$alb_idx]['last_upl'] = $last_upload_date; $alb_list[$alb_idx]['alb_hits'] = sprintf($lang_list_albums['alb_hits'], $alb_hits); $alb_list[$alb_idx]['album_info'] = sprintf($lang_list_albums['n_pictures'], $count) . ($count ? sprintf($lang_list_albums['last_added'], $last_upload_date) : "") . ($CONFIG['link_pic_count'] && $link_pic_count > 0 ? sprintf(", {$lang_list_albums['n_link_pictures']}, {$lang_list_albums['total_pictures']}", $link_pic_count, $count + $link_pic_count) : ""); $alb_list[$alb_idx]['album_adm_menu'] = album_adm_menu($alb_thumb['aid'], $cat); } elseif ($CONFIG['show_private']) { // uncomment this else block to show private album description $last_upload_date = $count ? localised_date($alb_stat['last_upload'], $lastup_date_fmt) : ''; $link_pic_count = !empty($alb_stat['link_pic_count']) ? $alb_stat['link_pic_count'] : 0; $alb_list[$alb_idx]['aid'] = $alb_thumb['aid']; $alb_list[$alb_idx]['album_title'] = $alb_thumb['title']; $alb_list[$alb_idx]['album_desc'] = bb_decode($alb_thumb['description']); $alb_list[$alb_idx]['pic_count'] = $count; $alb_list[$alb_idx]['last_upl'] = $last_upload_date; $alb_list[$alb_idx]['alb_hits'] = sprintf($lang_list_albums['alb_hits'], $alb_hits); $alb_list[$alb_idx]['album_info'] = sprintf($lang_list_albums['n_pictures'], $count) . ($count ? sprintf($lang_list_albums['last_added'], $last_upload_date) : "") . ($CONFIG['link_pic_count'] && $link_pic_count > 0 ? sprintf(", {$lang_list_albums['n_link_pictures']}, {$lang_list_albums['total_pictures']}", $link_pic_count, $count + $link_pic_count) : ""); $alb_list[$alb_idx]['album_adm_menu'] = album_adm_menu($alb_thumb['aid'], $cat); } } ob_start(); theme_display_album_list_cat($alb_list, $nbAlb, $cat, $PAGE, $totalPages); $cat_albums = ob_get_contents(); ob_end_clean(); return $cat_albums; }
$returnOutput = '<table border="0" cellspacing="0" cellpadding="0" width="100%">'; $sort_list_matched = $superCage->post->getMatched('sort_order', '/^[0-9@,]+$/'); $orig_sort_order = parse_pic_list($sort_list_matched[0]); foreach ($orig_sort_order as $picture) { $pic = parse_pic_orig_sort_order($picture); $sort_array[$i] = $pic['aid']; if (count($pic) == 2) { $query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET position = '{$pic['pos']}' WHERE pid = '{$pic['pid']}' {$restrict} LIMIT 1"; cpg_db_query($query); } else { cpg_die(CRITICAL_ERROR, sprintf($lang_delete_php['err_invalid_data'], $sort_list_matched[0]), __FILE__, __LINE__); } } $album_id = $superCage->post->getInt('album_id'); $result = cpg_db_query("SELECT aid, pid, filename, title, position FROM {$CONFIG['TABLE_PICTURES']} WHERE aid = '{$album_id}' ORDER BY position ASC, pid"); $rowset = cpg_db_fetch_rowset($result, true); if ($superCage->post->keyExists('picture_order')) { //Check if the form token is valid if (!checkFormToken()) { cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__); } //get the sorted order - cast to int below $get_rows = $superCage->post->getEscaped('picture_order'); $sort_rows = parse_pic_list($get_rows); $returnOutput .= '<tr><td colspan="6"><ul>'; $update_count = 0; foreach ($sort_rows as $key => $option_value) { $option_value = (int) $option_value; if ($option_value == $rowset[$key]['pid']) { continue; }
function annotate_meta_album($meta) { global $CONFIG, $CURRENT_CAT_NAME, $RESTRICTEDWHERE, $lang_plugin_annotate; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; switch ($meta['album']) { case 'lastnotes': $album_name = $annotate_icon_array['annotate'] . ' ' . $lang_plugin_annotate['lastnotes']; if ($CURRENT_CAT_NAME) { $album_name .= " - {$CURRENT_CAT_NAME}"; } $query = "SELECT DISTINCT n.pid \n FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate AS n \n INNER JOIN {$CONFIG['TABLE_PICTURES']} AS p ON n.pid = p.pid \n INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS r ON r.aid = p.aid \n {$RESTRICTEDWHERE}"; $result = cpg_db_query($query); $count = mysql_num_rows($result); mysql_free_result($result); $query = "SELECT MAX(nid) AS nid\n FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate AS n \n INNER JOIN {$CONFIG['TABLE_PICTURES']} AS p ON n.pid = p.pid \n INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS r ON r.aid = p.aid \n {$RESTRICTEDWHERE}\n GROUP BY n.pid \n ORDER BY n.nid DESC {$meta['limit']}"; $result = cpg_db_query($query); $latest_nids_array = array(); while ($row = mysql_fetch_assoc($result)) { $latest_nids_array[] = $row['nid']; } mysql_free_result($result); $query = "SELECT *, user_time AS msg_date\n FROM {$CONFIG['TABLE_PICTURES']} AS p\n INNER JOIN {$CONFIG['TABLE_PREFIX']}plugin_annotate AS n ON p.pid = n.pid \n INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS r ON r.aid = p.aid \n {$RESTRICTEDWHERE} \n AND approved = 'YES'\n AND n.nid IN (" . implode(', ', $latest_nids_array) . ")\n ORDER BY n.nid DESC"; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); build_caption($rowset, array('msg_date')); break; case 'shownotes': if (annotate_get_level('permissions') < 1) { global $lang_errors; cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } $superCage = Inspekt::makeSuperCage(); $note = $superCage->get->keyExists('note') ? $superCage->get->getRaw('note') : $superCage->cookie->getRaw($CONFIG['cookie_name'] . 'note'); setcookie($CONFIG['cookie_name'] . 'note', $note); $album_name = cpg_fetch_icon('search', 2) . ' ' . $lang_plugin_annotate['shownotes'] . " '{$note}'"; if ($CURRENT_CAT_NAME) { $album_name .= " - {$CURRENT_CAT_NAME}"; } $note = addslashes(addslashes($note)); $query = "SELECT p.pid FROM {$CONFIG['TABLE_PICTURES']} AS p INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS r ON p.aid = r.aid INNER JOIN {$CONFIG['TABLE_PREFIX']}plugin_annotate n ON p.pid = n.pid {$RESTRICTEDWHERE} AND approved = 'YES' AND n.note = '{$note}' GROUP BY p.pid"; $result = cpg_db_query($query); $count = mysql_num_rows($result); mysql_free_result($result); $query = "SELECT p.*, r.title FROM {$CONFIG['TABLE_PICTURES']} AS p INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS r ON p.aid = r.aid INNER JOIN {$CONFIG['TABLE_PREFIX']}plugin_annotate n ON p.pid = n.pid {$RESTRICTEDWHERE} AND approved = 'YES' AND n.note = '{$note}' GROUP BY p.pid ORDER BY p.pid DESC {$meta['limit']}"; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); build_caption($rowset); break; default: return $meta; } $meta['album_name'] = $album_name; $meta['count'] = $count; $meta['rowset'] = $rowset; return $meta; }
$query = "SELECT {$criteria} FROM {$CONFIG['TABLE_PICTURES']} WHERE pid = {$pid}"; $result = cpg_db_query($query); $criteria_pid = mysql_result($result, 0); mysql_free_result($result); if ($direction == "ASC") { $direction = "<"; } elseif ($direction == "DESC") { $direction = ">"; } else { $direction = ""; } $sort_order = "{$criteria} {$direction} '{$criteria_pid}' OR {$criteria} = '{$criteria_pid}' AND pid < {$pid}"; $query = "SELECT COUNT(*) FROM {$CONFIG['TABLE_PICTURES']} AS p\n {$join_user_table}\n WHERE {$sql}\n AND ({$sort_order})"; $result = cpg_db_query($query); list($pos) = mysql_fetch_row($result); mysql_free_result($result); } else { $query = "SELECT p.*{$user_column} FROM {$CONFIG['TABLE_PICTURES']} AS p\n {$join_user_table}\n WHERE " . $sql; $temp = str_replace("SELECT p.*{$user_column}", 'SELECT COUNT(*)', $query); $result = cpg_db_query($temp); $row = mysql_fetch_row($result); $count = $row[0]; $query .= " ORDER BY {$sort_order} {$limit}"; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { build_caption($rowset); } } }
function verifyKey($key) { global $CONFIG; cpg_db_connect(); $query = "SELECT COUNT(*) from {$CONFIG['TABLE_CONFIG']} where name='" . $USERID . "_flash' and value='" . $key . "'"; //echo "<br> " . $query ; $result = cpg_db_fetch_rowset(cpg_db_query($query)); //echo "result " . $result[0][0]; if ($result[0][0] != 0) { return true; } else { return false; } }
function usergroup_list_box($cid) { global $CONFIG; //get the category info from the db $sql = "SELECT ug.group_name AS name, ug.group_id AS id, catm.group_id AS catm_gid FROM {$CONFIG['TABLE_USERGROUPS']} AS ug LEFT JOIN {$CONFIG['TABLE_CATMAP']} AS catm ON catm.group_id=ug.group_id AND catm.cid=" . $cid; $result = cpg_db_query($sql); $rowset = cpg_db_fetch_rowset($result); //put the values in an array for ease of use and clean code for now foreach ($rowset as $row) { $groups[$row['id']]['name'] = $row['name']; if ($row['catm_gid'] != null) { $groups[$row['id']]['selected'] = 'true'; } else { $groups[$row['id']]['selected'] = 'false'; } } //create listbox $ug_lb = '<select name="user_groups[]" class="listbox" multiple>'; //loop through all groups foreach ($groups as $id => $values) { $ug_lb .= ' <option value="' . $id . '"' . ($values['selected'] == 'true' ? 'selected="selected"' : '') . ' >' . $values['name'] . '</option>\\n'; } $ug_lb .= '</select>'; //return listbox return $ug_lb; }
/** * get_pic_data() * * @param $album * @param $count * @param $album_name * @param integer $limit1 * @param integer $limit2 * @param boolean $set_caption * @return **/ function get_pic_data($album, &$count, &$album_name, $limit1 = -1, $limit2 = -1, $set_caption = true) { global $USER, $CONFIG, $ALBUM_SET, $META_ALBUM_SET, $CURRENT_CAT_NAME, $CURRENT_ALBUM_KEYWORD, $HTML_SUBST, $THEME_DIR, $FAVPICS, $FORBIDDEN_SET_DATA, $USER_DATA, $lang_common; global $album_date_fmt, $lastcom_date_fmt, $lastup_date_fmt, $lasthit_date_fmt, $cat; global $lang_get_pic_data, $lang_meta_album_names, $lang_errors; $sort_array = array('na' => 'filename ASC', 'nd' => 'filename DESC', 'ta' => 'title ASC', 'td' => 'title DESC', 'da' => 'pid ASC', 'dd' => 'pid DESC', 'pa' => 'position ASC', 'pd' => 'position DESC'); $sort_code = isset($USER['sort']) ? $USER['sort'] : $CONFIG['default_sort_order']; $sort_order = isset($sort_array[$sort_code]) ? $sort_array[$sort_code] : $sort_array[$CONFIG['default_sort_order']]; $limit = $limit1 != -1 ? ' LIMIT ' . $limit1 : ''; $limit .= $limit2 != -1 ? ' ,' . $limit2 : ''; if ($limit2 == 1) { $select_columns = '*'; } else { $select_columns = 'pid, filepath, filename, url_prefix, filesize, pwidth, pheight, ctime, aid, keywords, title'; } if (count($FORBIDDEN_SET_DATA) > 0) { $forbidden_set_string = " AND aid NOT IN (" . implode(",", $FORBIDDEN_SET_DATA) . ")"; } else { $forbidden_set_string = ''; } // Keyword if (!empty($CURRENT_ALBUM_KEYWORD)) { $keyword = "OR (keywords like '%{$CURRENT_ALBUM_KEYWORD}%' {$forbidden_set_string} )"; } else { $keyword = ''; } // Regular albums if (is_numeric($album)) { $album_name_keyword = get_album_name($album); $album_name = $album_name_keyword['title']; $album_keyword = addslashes($album_name_keyword['keyword']); if (!empty($album_keyword)) { $keyword = "OR (keywords like '%{$album_keyword}%' {$forbidden_set_string} )"; } else { $keyword = ''; } if (is_array($USER_DATA['allowed_albums']) && in_array($album, $USER_DATA['allowed_albums'])) { $approved = ''; } else { $approved = GALLERY_ADMIN_MODE ? '' : 'AND approved=\'YES\''; } $approved = GALLERY_ADMIN_MODE ? '' : 'AND approved=\'YES\''; $query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE ((aid='{$album}' {$forbidden_set_string} ) {$keyword}) {$approved} {$ALBUM_SET}"; $result = cpg_db_query($query); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); if ($select_columns != '*') { $select_columns .= ', title, caption,hits,owner_id,owner_name,pic_rating,votes'; } $query = "SELECT {$select_columns} from {$CONFIG['TABLE_PICTURES']} WHERE ((aid='{$album}' {$forbidden_set_string} ) {$keyword}) {$approved} {$ALBUM_SET} ORDER BY {$sort_order} {$limit}"; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); // Set picture caption if ($CONFIG['display_thumbnail_rating'] == 1) { if ($set_caption) { build_caption($rowset, array('pic_rating')); } } else { if ($set_caption) { build_caption($rowset); } } $rowset = CPGPluginAPI::filter('thumb_caption_regular', $rowset); return $rowset; } // Meta albums switch ($album) { case 'lastcom': // Last comments if ($META_ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $album_name = $lang_meta_album_names['lastcom'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['lastcom']; } // Replacing the AND in ALBUM_SET with AND ( if ($META_ALBUM_SET) { $TMP_SET = "AND (" . substr($META_ALBUM_SET, 3); } else { $TMP_SET = "AND (1"; } $query = "SELECT COUNT({$CONFIG['TABLE_PICTURES']}.pid) from {$CONFIG['TABLE_COMMENTS']}, {$CONFIG['TABLE_PICTURES']} WHERE {$CONFIG['TABLE_PICTURES']}.approved = 'YES' AND {$CONFIG['TABLE_COMMENTS']}.pid = {$CONFIG['TABLE_PICTURES']}.pid AND {$CONFIG['TABLE_COMMENTS']}.approval = 'YES' {$TMP_SET} {$keyword})"; $result = cpg_db_query($query); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); $select_columns = '*'; //allows building any data into any thumbnail caption if ($select_columns == '*') { $select_columns = 'p.*, msg_id, author_id, msg_author, UNIX_TIMESTAMP(msg_date) as msg_date, msg_body, aid'; } else { $select_columns = str_replace('pid', 'c.pid', $select_columns) . ', msg_id, author_id, msg_author, UNIX_TIMESTAMP(msg_date) as msg_date, msg_body, aid'; } $TMP_SET = str_replace($CONFIG['TABLE_PICTURES'], 'p', $TMP_SET); $query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_COMMENTS']} as c, {$CONFIG['TABLE_PICTURES']} as p WHERE approved = 'YES' AND c.pid = p.pid AND c.approval = 'YES' {$TMP_SET} {$keyword}) ORDER by msg_id DESC {$limit}"; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { build_caption($rowset, array('msg_body', 'msg_date')); } $rowset = CPGPluginAPI::filter('thumb_caption_lastcom', $rowset); return $rowset; break; case 'lastcomby': // Last comments by a specific user if (isset($USER['uid'])) { $uid = (int) $USER['uid']; } else { $uid = -1; } $user_name = get_username($uid); if ($META_ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $album_name = $lang_meta_album_names['lastcom'] . ' - ' . $CURRENT_CAT_NAME . ' - ' . $user_name; } else { $album_name = $lang_meta_album_names['lastcom'] . ' - ' . $user_name; } $query = "SELECT COUNT({$CONFIG['TABLE_PICTURES']}.pid) from {$CONFIG['TABLE_COMMENTS']}, {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND author_id = '{$uid}' AND {$CONFIG['TABLE_COMMENTS']}.pid = {$CONFIG['TABLE_PICTURES']}.pid {$META_ALBUM_SET}"; $result = cpg_db_query($query); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); $select_columns = '*, UNIX_TIMESTAMP(msg_date) AS msg_date'; //allows building any data into any thumbnail caption $query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_COMMENTS']} as c, {$CONFIG['TABLE_PICTURES']} as p WHERE approved = 'YES' AND author_id = '{$uid}' AND c.pid = p.pid {$META_ALBUM_SET} ORDER by msg_id DESC {$limit}"; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { build_caption($rowset, array('msg_body', 'msg_date')); } $rowset = CPGPluginAPI::filter('thumb_caption_lastcomby', $rowset); return $rowset; break; case 'lastup': // Last uploads if ($META_ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['lastup'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['lastup']; } $query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$META_ALBUM_SET}"; $result = cpg_db_query($query); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); //if($select_columns != '*' ) $select_columns .= ',title, caption, owner_id, owner_name, aid'; $select_columns = '*'; //allows building any data into any thumbnail caption $query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$META_ALBUM_SET} ORDER BY pid DESC {$limit}"; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { build_caption($rowset, array('ctime')); } $rowset = CPGPluginAPI::filter('thumb_caption_lastup', $rowset); return $rowset; break; case 'lastupby': // Last uploads by a specific user if (isset($USER['uid'])) { $uid = (int) $USER['uid']; } else { $uid = -1; } $user_name = get_username($uid); if ($META_ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['lastup'] . ' - ' . $CURRENT_CAT_NAME . ' - ' . $user_name; } else { $album_name = $lang_meta_album_names['lastup'] . ' - ' . $user_name; } $query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND owner_id = '{$uid}' {$META_ALBUM_SET}"; $result = cpg_db_query($query); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); //if($select_columns != '*' ) $select_columns .= ', owner_id, owner_name, aid'; $select_columns = '*'; //allows building any data into any thumbnail caption $query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND owner_id = '{$uid}' {$META_ALBUM_SET} ORDER BY pid DESC {$limit}"; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { build_caption($rowset, array('ctime')); } $rowset = CPGPluginAPI::filter('thumb_caption_lastupby', $rowset); return $rowset; break; case 'topn': // Most viewed pictures if ($META_ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['topn'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['topn']; } $query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND hits > 0 {$META_ALBUM_SET} {$keyword}"; $result = cpg_db_query($query); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); //if($select_columns != '*') $select_columns .= ', hits, aid, filename, owner_id, owner_name'; $select_columns = '*'; //allows building any data into any thumbnail caption $query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES'AND hits > 0 {$META_ALBUM_SET} {$keyword} ORDER BY hits DESC, filename {$limit}"; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { build_caption($rowset, array('hits')); } $rowset = CPGPluginAPI::filter('thumb_caption_topn', $rowset); return $rowset; break; case 'toprated': // Top rated pictures if ($META_ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['toprated'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['toprated']; } $query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND votes >= '{$CONFIG['min_votes_for_rating']}' {$META_ALBUM_SET}"; $result = cpg_db_query($query); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); //if($select_columns != '*') $select_columns .= ', pic_rating, votes, aid, owner_id, owner_name'; $select_columns = '*'; //allows building any data into any thumbnail caption $query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND votes >= '{$CONFIG['min_votes_for_rating']}' {$META_ALBUM_SET} ORDER BY pic_rating DESC, votes DESC, pid DESC {$limit}"; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { build_caption($rowset, array('pic_rating')); } $rowset = CPGPluginAPI::filter('thumb_caption_toprated', $rowset); return $rowset; break; case 'lasthits': // Last viewed pictures if ($META_ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['lasthits'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['lasthits']; } $query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' and hits > 0 {$META_ALBUM_SET}"; $result = cpg_db_query($query); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); //if($select_columns != '*') $select_columns .= ', UNIX_TIMESTAMP(mtime) as mtime, aid, hits, lasthit_ip, owner_id, owner_name'; $select_columns = '*, UNIX_TIMESTAMP(mtime) as mtime'; //allows building any data into any thumbnail caption $query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' and hits > 0 {$META_ALBUM_SET} ORDER BY mtime DESC {$limit}"; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { build_caption($rowset, array('mtime', 'hits')); } $rowset = CPGPluginAPI::filter('thumb_caption_lasthits', $rowset); return $rowset; break; case 'random': // Random pictures if ($META_ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['random'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['random']; } $query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$META_ALBUM_SET}"; $result = cpg_db_query($query); $nbEnr = mysql_fetch_array($result); $pic_count = $nbEnr[0]; mysql_free_result($result); //if($select_columns != '*') $select_columns .= ', aid, owner_id, owner_name'; $select_columns = '*'; //allows building any data into any thumbnail caption // if we have more than 1000 pictures, we limit the number of picture returned // by the SELECT statement as ORDER BY RAND() is time consuming /* Commented out due to image not found bug if ($pic_count > 1000) { $result = cpg_db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES'"); $nbEnr = mysql_fetch_array($result); $total_count = $nbEnr[0]; mysql_free_result($result); $granularity = floor($total_count / RANDPOS_MAX_PIC); $cor_gran = ceil($total_count / $pic_count); srand(time()); for ($i=1; $i<= $cor_gran; $i++) $random_num_set =rand(0, $granularity).', '; $random_num_set = substr($random_num_set,0, -2); $result = cpg_db_query("SELECT $select_columns FROM {$CONFIG['TABLE_PICTURES']} WHERE randpos IN ($random_num_set) AND approved = 'YES' $ALBUM_SET ORDER BY RAND() LIMIT $limit2"); } else { */ $query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$META_ALBUM_SET} ORDER BY RAND() LIMIT {$limit2}"; $result = cpg_db_query($query); $rowset = array(); while ($row = mysql_fetch_array($result)) { $rowset[-$row['pid']] = $row; } mysql_free_result($result); if ($set_caption) { build_caption($rowset); } $rowset = CPGPluginAPI::filter('thumb_caption_random', $rowset); return $rowset; break; case 'search': // Search results if (isset($USER['search']['search'])) { $search_string = $USER['search']['search']; } else { $search_string = ''; } if ($META_ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['search'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['search'] . ' - "' . strtr($search_string, $HTML_SUBST) . '"'; } include 'include/search.inc.php'; $rowset = CPGPluginAPI::filter('thumb_caption_search', $rowset); return $rowset; break; case 'lastalb': // Last albums to which uploads if ($META_ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['lastalb'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['lastalb']; } $META_ALBUM_SET = str_replace("aid", $CONFIG['TABLE_PICTURES'] . ".aid", $META_ALBUM_SET); $query = "SELECT count({$CONFIG['TABLE_ALBUMS']}.aid) FROM {$CONFIG['TABLE_PICTURES']},{$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND approved = 'YES' {$META_ALBUM_SET} GROUP BY {$CONFIG['TABLE_PICTURES']}.aid"; $result = cpg_db_query($query); $count = mysql_num_rows($result); mysql_free_result($result); $query = "SELECT *,{$CONFIG['TABLE_ALBUMS']}.title AS title,{$CONFIG['TABLE_ALBUMS']}.aid AS aid FROM {$CONFIG['TABLE_PICTURES']},{$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND approved = 'YES' {$META_ALBUM_SET} GROUP BY {$CONFIG['TABLE_PICTURES']}.aid ORDER BY {$CONFIG['TABLE_PICTURES']}.ctime DESC {$limit}"; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { build_caption($rowset, array('ctime')); } $rowset = CPGPluginAPI::filter('thumb_caption_lastalb', $rowset); return $rowset; break; case 'favpics': // Favourite Pictures $album_name = $lang_meta_album_names['favpics']; $rowset = array(); if (count($FAVPICS) > 0) { $favs = implode(",", $FAVPICS); $query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND pid IN ({$favs}) {$META_ALBUM_SET}"; $result = cpg_db_query($query); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); $select_columns = '*'; $query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND pid IN ({$favs}) {$META_ALBUM_SET} {$limit}"; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { build_caption($rowset, array('ctime')); } } $rowset = CPGPluginAPI::filter('thumb_caption_favpics', $rowset); return $rowset; break; case 'datebrowse': // Browsing by uploading date $date = isset($_GET['date']) ? cpgValidateDate($_GET['date']) : null; $album_name = $lang_common['date'] . ': ' . $date; $rowset = array(); $query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND substring(from_unixtime(ctime),1,10) = '" . substr($date, 0, 10) . "' {$META_ALBUM_SET}"; $result = cpg_db_query($query); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); $select_columns = '*'; $query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND substring(from_unixtime(ctime),1,10) = '" . substr($date, 0, 10) . "' {$META_ALBUM_SET} {$limit}"; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { build_caption($rowset, array('ctime')); } return $rowset; break; default: // Invalid meta album cpg_die(ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } }
function potd_meta_album($meta_album_passto) { global $CONFIG, $ALBUM_SET, $CURRENT_CAT_NAME, $lang_meta_album_names; $album = $meta_album_passto['album']; $limit = $meta_album_passto['limit']; $set_caption = $meta_album_passto['set_caption']; $thumb_per_page = $CONFIG['thumbcols'] * $CONFIG['thumbrows']; if ($thumb_per_page == 1) { $select_columns = '*'; } else { $select_columns = 'p.pid, filepath, filename, url_prefix, filesize, pwidth, pheight, ctime, aid, keywords'; } switch ($album) { case 'potdarch': // Archive of the picture of the day if ($ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['potdarch'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['potdarch']; } $query = <<<EOT SELECT COUNT(*) FROM {$CONFIG['TABLE_PLUGIN_POTD']} AS pp LEFT JOIN {$CONFIG['TABLE_PICTURES']} AS p ON p.pid=pp.pid WHERE (approved = 'YES' && pp.potd = '2') {$ALBUM_SET} EOT; $result = cpg_db_query($query); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); if ($select_columns != '*') { $select_columns .= ',title, caption, owner_id, owner_name, pp.potd_date'; } $query = <<<EOT SELECT {$select_columns} FROM {$CONFIG['TABLE_PLUGIN_POTD']} AS pp LEFT JOIN {$CONFIG['TABLE_PICTURES']} AS p ON p.pid=pp.pid WHERE (approved = 'YES' && pp.potd = '2') {$ALBUM_SET} ORDER BY pp.potd_date DESC {$limit} EOT; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { foreach ($rowset as $key => $row) { $user_link = $CONFIG['display_uploader'] && $row['owner_id'] && $row['owner_name'] ? '<span class="thumb_title"><a href ="profile.php?uid=' . $row['owner_id'] . '">' . $row['owner_name'] . '</a></span>' : ''; $caption = $user_link . '<span class="thumb_caption">' . localised_date($row['potd_date'], $lastup_date_fmt) . '</span>'; $rowset[$key]['caption_text'] = $caption; } } break; case 'potwarch': // Archive of the picture of the week if ($ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['potwarch'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['potwarch']; } $query = <<<EOT SELECT COUNT(*) FROM {$CONFIG['TABLE_PLUGIN_POTD']} AS pp LEFT JOIN {$CONFIG['TABLE_PICTURES']} AS p ON p.pid=pp.pid WHERE (approved = 'YES' && pp.potw = '2') {$ALBUM_SET} EOT; $result = cpg_db_query($query); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); if ($select_columns != '*') { $select_columns .= ',title, caption, owner_id, owner_name, pp.potw_date'; } $query = <<<EOT SELECT {$select_columns} FROM {$CONFIG['TABLE_PLUGIN_POTD']} AS pp LEFT JOIN {$CONFIG['TABLE_PICTURES']} AS p ON p.pid=pp.pid WHERE (approved = 'YES' && pp.potw = '2') {$ALBUM_SET} ORDER BY pp.potw_date DESC {$limit} EOT; $result = cpg_db_query($query); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { foreach ($rowset as $key => $row) { $user_link = $CONFIG['display_uploader'] && $row['owner_id'] && $row['owner_name'] ? '<span class="thumb_title"><a href ="profile.php?uid=' . $row['owner_id'] . '">' . $row['owner_name'] . '</a></span>' : ''; $caption = $user_link . '<span class="thumb_caption">' . localised_date($row['potw_date'], $lastup_date_fmt) . '</span>'; $rowset[$key]['caption_text'] = $caption; } } break; default: return false; // no meta-albums were processed here } $meta_album_params = array('album_name' => $album_name, 'count' => $count, 'rowset' => $rowset); return $meta_album_params; }
function get_tree_album_data($category, $dtree_parent) { global $catStr, $ALBUM_SET, $dtree_counter, $LINEBREAK; global $CONFIG, $HIDE_USER_CAT, $FORBIDDEN_SET, $cpg_show_private_album; $album_filter = ''; $pic_filter = ''; if (!empty($FORBIDDEN_SET) && !$cpg_show_private_album) { $album_filter = ' ' . str_replace('p.', 'a.', $FORBIDDEN_SET); $pic_filter = ' ' . str_replace('p.', $CONFIG['TABLE_PICTURES'] . '.', $FORBIDDEN_SET); } if ($category == USER_GAL_CAT) { $sql = "SELECT DISTINCT user_id, user_name FROM {$CONFIG['TABLE_USERS']}, {$CONFIG['TABLE_ALBUMS']} WHERE 10000 + {$CONFIG['TABLE_USERS']}.user_id = {$CONFIG['TABLE_ALBUMS']}.category ORDER BY user_name ASC"; $result = cpg_db_query($sql); if (($cat_count = mysql_num_rows($result)) > 0) { $rowset = cpg_db_fetch_rowset($result); $catStr .= '<ul>' . $LINEBREAK; foreach ($rowset as $subcat) { $dtree_counter++; // User gallery $catStr .= '<li><a href="index.php?cat=' . (FIRST_USER_CAT + (int) $subcat['user_id']) . '">' . $subcat['user_name'] . '</a>' . $LINEBREAK; get_tree_album_data(FIRST_USER_CAT + (int) $subcat['user_id'], $dtree_counter); $catStr .= '</li>' . $LINEBREAK; } $catStr .= '</ul>' . $LINEBREAK; } } else { if ($category == USER_GAL_CAT) { $sql = "SELECT aid,title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = {$category} " . $ALBUM_SET . $album_filter . " ORDER BY pos"; } else { $unaliased_album_filter = str_replace('a.', '', $album_filter); $sql = "SELECT aid,title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = {$category} " . $ALBUM_SET . $unaliased_album_filter . " ORDER BY pos"; } $result = cpg_db_query($sql); if (($cat_count = mysql_num_rows($result)) > 0) { $rowset = cpg_db_fetch_rowset($result); $catStr .= '<ul>' . $LINEBREAK; foreach ($rowset as $subcat) { $dtree_counter++; // Album $catStr .= '<li><a href="thumbnails.php?album=' . $subcat['aid'] . '">' . $subcat['title'] . '</a></li>' . $LINEBREAK; } $catStr .= '</ul>' . $LINEBREAK; } } }
function alb_list_box() { global $CONFIG, $CLEAN, $cpg_udb; //, $PHP_SELF; if (GALLERY_ADMIN_MODE) { $result = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category < '" . FIRST_USER_CAT . "' ORDER BY title"); $rowset = cpg_db_fetch_rowset($result); mysql_free_result($result); //if (defined('UDB_INTEGRATION')) { $sql = $cpg_udb->get_admin_album_list(); /*} else { $sql = "SELECT aid, CONCAT('(', user_name, ') ', title) AS title " . "FROM {$CONFIG['TABLE_ALBUMS']} AS a " . "INNER JOIN {$CONFIG['TABLE_USERS']} AS u ON category = (" . FIRST_USER_CAT . " + user_id) " . "ORDER BY title"; }*/ $result = cpg_db_query($sql); while ($row = mysql_fetch_array($result)) { $rowset[] = $row; } mysql_free_result($result); } else { //Only list the albums owned by the user $cat = USER_ID + FIRST_USER_CAT; $user_id = USER_ID; //get albums in "my albums" $result1 = cpg_db_query("SELECT aid , title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = {$cat}"); $rowset1 = cpg_db_fetch_rowset($result1); mysql_free_result($result1); //get public albums $result2 = cpg_db_query("SELECT alb.aid AS aid, CONCAT_WS('', '(', cat.name, ') ', alb.title) AS title FROM {$CONFIG['TABLE_ALBUMS']} AS alb INNER JOIN {$CONFIG['TABLE_CATEGORIES']} AS cat ON alb.owner = '{$user_id}' AND alb.category = cat.cid ORDER BY alb.category DESC, alb.pos ASC"); $rowset2 = cpg_db_fetch_rowset($result2); mysql_free_result($result2); //merge rowsets $rowset = array_merge($rowset1, $rowset2); } if (count($rowset)) { $lb = "<select name=\"album_listbox\" class=\"listbox\" onChange=\"if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?album='+this.options[this.selectedIndex].value;\">\n"; foreach ($rowset as $row) { $selected = $row['aid'] == $CLEAN['album'] ? "SELECTED" : ""; $lb .= " <option value=\"" . $row['aid'] . "\" {$selected}>" . $row['title'] . "</option>\n"; } $lb .= "</select>\n"; return $lb; } }
function album_selection_options($selected = 0) { global $CONFIG, $lang_common, $cpg_udb, $LINEBREAK; $superCage = Inspekt::makeSuperCage(); // html string of options to be returned $options = ''; $albums = array(); // load all albums $uploads_yes = (defined('EDITPICS_PHP') || defined('UPLOAD_PHP')) && USER_CAN_UPLOAD_PICTURES ? 'OR uploads = "YES"' : ''; if ($superCage->get->keyExists('only_empty_albums')) { // don't check for permissions, as it's not security related $only_empty_albums = "AND aid NOT IN (SELECT aid FROM {$CONFIG['TABLE_PICTURES']})"; } else { $only_empty_albums = ''; } if (GALLERY_ADMIN_MODE) { $result = cpg_db_query("SELECT aid, title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE 1 {$only_empty_albums} ORDER BY pos"); } elseif (USER_ID) { $result = cpg_db_query("SELECT aid, title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE (category = " . (FIRST_USER_CAT + USER_ID) . " OR owner = " . USER_ID . " {$uploads_yes}) {$only_empty_albums} ORDER BY pos"); } else { $result = cpg_db_query("SELECT aid, title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE (0 {$uploads_yes}) {$only_empty_albums} ORDER BY pos"); } while ($row = mysql_fetch_assoc($result)) { $albums[$row['category']][$row['aid']] = $row['title']; } if (!empty($albums[0])) { // Albums in no category $options .= '<optgroup label="' . $lang_common['albums_no_category'] . '">'; foreach ($albums[0] as $aid => $title) { $options .= sprintf('<option value="%d"%s>%s</option>' . $LINEBREAK, $aid, $aid == $selected ? ' selected="selected"' : '', $title); } $options .= '</optgroup>'; } // Load all categories if (GALLERY_ADMIN_MODE) { $result = cpg_db_query("SELECT cid, rgt, name FROM {$CONFIG['TABLE_CATEGORIES']} ORDER BY lft"); } elseif (USER_ID) { $result = cpg_db_query("SELECT DISTINCT c.cid, c.rgt, c.name FROM {$CONFIG['TABLE_ALBUMS']} AS a RIGHT JOIN {$CONFIG['TABLE_CATEGORIES']} AS c ON a.category = c.cid WHERE c.cid = " . USER_GAL_CAT . " OR a.owner = " . USER_ID . " {$uploads_yes} ORDER BY lft"); } else { $result = cpg_db_query("SELECT DISTINCT c.cid, c.rgt, c.name FROM {$CONFIG['TABLE_ALBUMS']} AS a RIGHT JOIN {$CONFIG['TABLE_CATEGORIES']} AS c ON a.category = c.cid WHERE 0 {$uploads_yes} ORDER BY lft"); } $cats = array(); // Loop through all categories while ($row = mysql_fetch_assoc($result)) { // Determine category hierarchy if (count($cats)) { while ($cats && $cats[count($cats) - 1]['rgt'] < $row['rgt']) { array_pop($cats); } } $cats[] = $row; // Add this category to the hierarchy if ($row['cid'] == USER_GAL_CAT) { // User galleries $options .= '<optgroup label="' . $lang_common['personal_albums'] . '">' . $LINEBREAK; if (GALLERY_ADMIN_MODE) { $result2 = cpg_db_query("SELECT {$cpg_udb->field['user_id']} AS user_id, {$cpg_udb->field['username']} AS user_name " . "FROM {$cpg_udb->usertable} ORDER BY {$cpg_udb->field['username']}", $cpg_udb->link_id); $users = cpg_db_fetch_rowset($result2); mysql_free_result($result2); } else { $users = array(array('user_id' => USER_ID, 'user_name' => USER_NAME)); } foreach ($users as $user) { if (!empty($albums[$user['user_id'] + FIRST_USER_CAT])) { $options .= '<optgroup label=" ' . $user['user_name'] . '">' . $LINEBREAK; foreach ($albums[$user['user_id'] + FIRST_USER_CAT] as $aid => $title) { $options .= sprintf('<option value="%d"%s>%s</option>' . $LINEBREAK, $aid, $aid == $selected ? ' selected="selected"' : '', ' ' . $title); } $options .= '</optgroup>'; } } $options .= '</optgroup>'; unset($users); continue; } // calculate indent for this level $indent = str_repeat(' ', count($cats) - 1); // albums in the category if (!empty($albums[$row['cid']])) { // category header $options .= '<optgroup label="' . $indent . $row['name'] . '">' . $LINEBREAK; foreach ($albums[$row['cid']] as $aid => $title) { $options .= sprintf('<option value="%d"%s>%s</option>' . $LINEBREAK, $aid, $aid == $selected ? ' selected="selected"' : '', $indent . $title); } $options .= '</optgroup>'; } } mysql_free_result($result); return $options; }
/** * album_adm_menu() * * This has been added to keep the list_albums() function clean. * * @param integer $aid Album id * @param integer $cat Category id * * @return html_albummenu($aid) Administration menu */ function album_adm_menu($aid, $cat, $owner) { global $CONFIG, $USER_DATA, $lang_album_admin_menu; if (GALLERY_ADMIN_MODE) { return html_albummenu($aid); } static $public_album_uploads = null; if ($public_album_uploads === null) { $public_album_uploads = array(); $result = cpg_db_query("SELECT a.aid FROM {$CONFIG['TABLE_ALBUMS']} AS a INNER JOIN {$CONFIG['TABLE_PICTURES']} as p ON p.aid = a.aid WHERE uploads = 'YES' AND category < " . FIRST_USER_CAT . " AND (visibility = '0' OR visibility IN " . USER_GROUP_SET . " OR alb_password != '') AND owner_id = " . USER_ID); while ($row = $result->fetchAssoc()) { $public_album_uploads[] = $row['aid']; } $result->free(); } if (USER_ADMIN_MODE) { if ($cat == USER_ID + FIRST_USER_CAT) { return html_albummenu($aid); } if ($owner == USER_ID) { if ($CONFIG['allow_user_edit_after_cat_close'] == 0) { $result = cpg_db_query("SELECT DISTINCT alb.category FROM {$CONFIG['TABLE_ALBUMS']} AS alb INNER JOIN {$CONFIG['TABLE_CATMAP']} AS catm ON alb.category=catm.cid WHERE alb.owner = '" . $USER_DATA['user_id'] . "' AND alb.aid='{$aid}' AND catm.group_id IN (" . implode(', ', $USER_DATA['groups']) . ")"); $allowed_albums = cpg_db_fetch_rowset($result, true); if (!$allowed_albums || $allowed_albums[0]['category'] == '') { if ($CONFIG['users_can_edit_pics'] && in_array($aid, $public_album_uploads)) { return html_albummenu2($aid); } else { return "<strong>" . $lang_album_admin_menu['cat_locked'] . "</strong>"; } } } if (!$CONFIG['users_can_edit_pics']) { return html_albummenu3($aid); } else { return html_albummenu($aid); } } } if (MODERATOR_MODE && in_array($aid, $USER_DATA['allowed_albums'])) { return html_albummenu2($aid); } if (USER_CAN_UPLOAD_PICTURES && $CONFIG['users_can_edit_pics'] && in_array($aid, $public_album_uploads)) { return html_albummenu2($aid); } return ''; }
function get_user_albums($user_id = '') { global $CONFIG, $user_albums_list, $albStr; $USER_ALBUMS_ARRAY = array(0 => array()); $or = ''; if ($user_id != '') { $or = " OR category='" . (FIRST_USER_CAT + $user_id) . "'"; } if (!isset($USER_ALBUMS_ARRAY[USER_ID])) { if (MODERATOR_MODE && UPLOAD_APPROVAL_MODE || MODERATOR_EDIT_MODE) { $user_albums = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid IN {$albStr} AND category > '" . FIRST_USER_CAT . "' OR category='" . (FIRST_USER_CAT + USER_ID) . "' ORDER BY title"); if (mysql_num_rows($user_albums)) { $user_albums_list = cpg_db_fetch_rowset($user_albums); } else { $user_albums_list = array(); } mysql_free_result($user_albums); } else { //Only list the albums owned by the user $cat = USER_ID + FIRST_USER_CAT; $user_id = USER_ID; //get albums in "my albums" $result1 = cpg_db_query("SELECT aid , title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = {$cat}"); $rowset1 = cpg_db_fetch_rowset($result1); mysql_free_result($result1); //get public albums $result2 = cpg_db_query("SELECT alb.aid AS aid, CONCAT_WS('', '(', cat.name, ') ', alb.title) AS title FROM {$CONFIG['TABLE_ALBUMS']} AS alb INNER JOIN {$CONFIG['TABLE_CATEGORIES']} AS cat ON alb.owner = '{$user_id}' AND alb.category = cat.cid ORDER BY alb.category DESC, alb.pos ASC"); $rowset2 = cpg_db_fetch_rowset($result2); mysql_free_result($result2); //merge rowsets $user_albums_list = array_merge($rowset1, $rowset2); } $USER_ALBUMS_ARRAY[USER_ID] = $user_albums_list; } else { $user_albums_list =& $USER_ALBUMS_ARRAY[USER_ID]; } }
function edit_user($user_id) { global $CONFIG, $CPG_PHP_SELF, $LINEBREAK; //, $PHP_SELF; global $lang_usermgr_php, $lang_common, $icon_array, $op; $form_data = array(array('input', 'user_name', cpg_fetch_icon('my_profile', 2) . $lang_usermgr_php['name'], 25), array('password', 'user_password', cpg_fetch_icon('key_enter', 2) . $lang_usermgr_php['password'], 25), array('yesno', 'user_active', cpg_fetch_icon('online', 2) . $lang_usermgr_php['user_active']), array('group_list', 'user_group', cpg_fetch_icon('groups_mgr', 2) . $lang_usermgr_php['user_group']), array('input', 'user_email', cpg_fetch_icon('mail', 2) . $lang_usermgr_php['user_email'], 255)); if ($CONFIG['user_profile1_name'] != '') { $form_data[] = array('input', 'user_profile1', cpg_fetch_icon('blank', 2) . $CONFIG['user_profile1_name'], 255); } if ($CONFIG['user_profile2_name'] != '') { $form_data[] = array('input', 'user_profile2', cpg_fetch_icon('blank', 2) . $CONFIG['user_profile2_name'], 255); } if ($CONFIG['user_profile3_name'] != '') { $form_data[] = array('input', 'user_profile3', cpg_fetch_icon('blank', 2) . $CONFIG['user_profile3_name'], 255); } if ($CONFIG['user_profile4_name'] != '') { $form_data[] = array('input', 'user_profile4', cpg_fetch_icon('blank', 2) . $CONFIG['user_profile4_name'], 255); } if ($CONFIG['user_profile5_name'] != '') { $form_data[] = array('input', 'user_profile5', cpg_fetch_icon('blank', 2) . $CONFIG['user_profile5_name'], 255); } if ($CONFIG['user_profile6_name'] != '') { $form_data[] = array('textarea', 'user_profile6', cpg_fetch_icon('blank', 2) . $CONFIG['user_profile6_name'], 255); } //$form_data = CPGPluginAPI::filter('usermgr_form_list', array(0 => $form_data, 1 => $user_id); list($timestamp, $form_token) = getFormToken(); if ($user_id != 'new_user') { $sql = "SELECT * FROM {$CONFIG['TABLE_USERS']} WHERE user_id = '{$user_id}'"; $result = cpg_db_query($sql); if (!mysql_num_rows($result)) { cpg_die(CRITICAL_ERROR, $lang_usermgr_php['err_unknown_user'], __FILE__, __LINE__); } $user_data = mysql_fetch_array($result); mysql_free_result($result); if (mysql_num_rows(cpg_db_query("SELECT user_name FROM {$CONFIG['TABLE_BANNED']} WHERE user_name = '" . addslashes($user_data['user_name']) . "' AND brute_force=0 LIMIT 1"))) { $user_status = $lang_usermgr_php['user_is_banned']; } elseif ($user_data['user_active'] == 'YES') { $user_status = $lang_usermgr_php['status_active']; } else { $user_status = $lang_usermgr_php['status_inactive']; } } else { // If this is a new user then add a checkbox for 'send login data to user' option $form_data[] = array('checkbox', 'send_login_data', $lang_usermgr_php['send_login_data']); $user_data = array('user_name' => '', 'user_active' => '', 'user_group' => '', 'user_group_list' => '', 'user_email' => '', 'user_profile1' => '', 'user_profile2' => '', 'user_profile3' => '', 'user_profile4' => '', 'user_profile6' => ''); } $status_icon = cpg_fetch_icon('online', 2); echo <<<EOT <form name="cpgform3" id="cpgform3" method="post" action="{$CPG_PHP_SELF}?op=update&user_id={$user_id}"> EOT; if ($op == 'new_user') { starttable(500, $icon_array['add_user'] . $lang_usermgr_php['create_new_user'], 2); } else { starttable(500, $icon_array['edit'] . $lang_usermgr_php['modify_user'], 2); echo <<<EOT <tr> <td class="tableb"> {$status_icon}{$lang_usermgr_php['status']} </td> <td class="tableb"> {$user_status} </td> </tr> EOT; } $loopCounter = 0; foreach ($form_data as $element) { if ($loopCounter / 2 == floor($loopCounter / 2)) { $row_style_class = 'tableb tableb_alternate'; } else { $row_style_class = 'tableb'; } $loopCounter++; switch ($element[0]) { case 'input': $value = $user_data[$element[1]]; if ($element[2]) { echo <<<EOT <tr> <td width="40%" class="{$row_style_class}" valign="top"> {$element[2]} </td> <td width="60%" class="{$row_style_class}" valign="top"> <input type="text" style="width: 100%" name="{$element[1]}" maxlength="{$element[3]}" value="{$value}" class="textinput" /> </td> </tr> EOT; } break; case 'textarea': $value = $user_data[$element[1]]; if ($element[2]) { echo <<<EOT <tr> <td width="40%" class="{$row_style_class}" height="25" valign="top"> {$element[2]} </td> <td width="60%" class="{$row_style_class}" valign="top"> <textarea name="{$element[1]}" rows="7" cols="40" class="textinput" style="width: 100%">{$value}</textarea> </td> </tr> EOT; } break; case 'password': echo <<<EOT <tr> <td width="40%" class="{$row_style_class}" valign="top"> {$element[2]} </td> <td width="60%" class="{$row_style_class}" valign="top"> <input type="password" style="width: 100%" name="{$element[1]}" maxlength="{$element[3]}" value="" class="textinput" /> </td> </tr> EOT; break; case 'yesno': $value = $user_data[$element[1]]; $yes_selected = $value == 'YES' || $op == 'new_user' ? 'checked="checked"' : ''; $no_selected = $value == 'NO' ? 'checked="checked"' : ''; echo <<<EOT <tr> <td class="{$row_style_class}" valign="top"> {$element[2]} </td> <td class="{$row_style_class}" valign="top"> <input type="radio" id="yes" name="{$element[1]}" value="YES" {$yes_selected} /><label for="yes" class="clickable_option">{$lang_common['yes']}</label> <input type="radio" id="no" name="{$element[1]}" value="NO" {$no_selected} /><label for="no" class="clickable_option">{$lang_common['no']}</label> </td> </tr> EOT; break; case 'group_list': $sql = "SELECT group_id, group_name FROM {$CONFIG['TABLE_USERGROUPS']} ORDER BY group_name"; $result = cpg_db_query($sql); $group_list = cpg_db_fetch_rowset($result); mysql_free_result($result); $sel_group = $user_data[$element[1]]; $user_group_list = $user_data['user_group_list'] == '' ? ',' . $sel_group . ',' : ',' . $user_data['user_group_list'] . ',' . $sel_group . ','; echo <<<EOT <tr> <td class="{$row_style_class}" valign="top"> {$element[2]} </td> <td class="{$row_style_class}" valign="top"> <select name="{$element[1]}" class="listbox"> EOT; $group_cb = ''; foreach ($group_list as $group) { echo ' <option value="' . $group['group_id'] . '"' . ($group['group_id'] == $sel_group || $op == 'new_user' && $group['group_id'] == 2 ? ' selected="selected"' : '') . '>' . $group['group_name'] . '</option>' . $LINEBREAK; if ($group['group_id'] != 3) { $checked = strpos(' ' . $user_group_list, ',' . $group['group_id'] . ',') ? 'checked="checked"' : ''; $group_cb .= '<input name="group_list[]" type="checkbox" value="' . $group['group_id'] . '" ' . $checked . ' />' . $group['group_name'] . '<br />' . $LINEBREAK; } } $assignedGroupsHelp = cpg_display_help('f=users.htm&as=user_cp_edit_permission_by_group&ae=user_cp_edit_permission_by_group_end', '450', '300'); echo <<<EOT </select><br /> {$group_cb} <br /> <a href="usermgr.php?op=groups_alb_access&form_token={$form_token}&timestamp={$timestamp}" class="admin_menu">{$lang_usermgr_php['groups_alb_access']}</a> {$assignedGroupsHelp} </td> </tr> EOT; break; case 'checkbox': echo <<<EOT <tr> <td class="{$row_style_class}" valign="top"> <label for="send_login_data">{$element[2]}</label> </td> <td class="{$row_style_class} valign="top""> <input type="checkbox" id="send_login_data" name="{$element[1]}" value="YES" /> </td> </tr> EOT; break; default: cpg_die(CRITICAL_ERROR, 'Invalid action for form creation ' . $element[0], __FILE__, __LINE__); } } if ($op == 'new_user') { echo <<<EOT <tr> <td colspan="2" align="center" class="tablef"> <button type="submit" class="button" name="usermgr_edit_submit" value="{$lang_usermgr_php['submit']}">{$icon_array['ok']}{$lang_usermgr_php['submit']}</button> <input type="hidden" name="form_token" value="{$form_token}" /> <input type="hidden" name="timestamp" value="{$timestamp}" /> </td> </tr> EOT; } else { echo <<<EOT <tr> <td colspan="2" class="tableh2"> {$lang_usermgr_php['notes']} </td> </tr> <tr> <td colspan="2" class="tableb"> <ul> <li>{$lang_usermgr_php['note_list']}</li> </ul> </td> </tr> <tr> <td colspan="2" align="center" class="tablef"> <button type="submit" class="button" name="usermgr_edit_submit" value="{$lang_usermgr_php['modify_user']}">{$icon_array['ok']}{$lang_usermgr_php['modify_user']}</button> <input type="hidden" name="form_token" value="{$form_token}" /> <input type="hidden" name="timestamp" value="{$timestamp}" /> </td> </tr> EOT; } endtable(); echo '</form>'; }
function edit_user($user_id) { global $CONFIG; //, $PHP_SELF; global $lang_usermgr_php, $lang_common; $form_data = array(array('input', 'user_name', $lang_usermgr_php['name'], 25), array('password', 'user_password', $lang_usermgr_php['password'], 25), array('yesno', 'user_active', $lang_usermgr_php['user_active']), array('group_list', 'user_group', $lang_usermgr_php['user_group']), array('input', 'user_email', $lang_usermgr_php['user_email'], 255), array('input', 'user_profile1', $CONFIG['user_profile1_name'], 255), array('input', 'user_profile2', $CONFIG['user_profile2_name'], 255), array('input', 'user_profile3', $CONFIG['user_profile3_name'], 255), array('input', 'user_profile4', $CONFIG['user_profile4_name'], 255), array('input', 'user_profile5', $CONFIG['user_profile5_name'], 255), array('textarea', 'user_profile6', $CONFIG['user_profile6_name'], 255)); $sql = "SELECT * FROM {$CONFIG['TABLE_USERS']} WHERE user_id = '{$user_id}'"; $result = cpg_db_query($sql); if (!mysql_num_rows($result)) { cpg_die(CRITICAL_ERROR, $lang_usermgr_php['err_unknown_user'], __FILE__, __LINE__); } $user_data = mysql_fetch_array($result); mysql_free_result($result); // If this is a new user then add a checkbox for 'send login data to user' option if ($user_data['user_name'] == '') { $form_data[] = array('checkbox', 'send_login_data', $lang_usermgr_php['send_login_data']); } starttable(500, $lang_usermgr_php['modify_user'], 2); echo <<<EOT <form name="cpgform3" id="cpgform3" method="post" action="{$_SERVER['PHP_SELF']}?op=update&user_id={$user_id}"> EOT; foreach ($form_data as $element) { switch ($element[0]) { case 'input': $user_data[$element[1]] = $user_data[$element[1]]; if ($element[2]) { echo <<<EOT <tr> <td width="40%" class="tableb"> {$element[2]} </td> <td width="60%" class="tableb" valign="top"> <input type="text" style="width: 100%" name="{$element[1]}" maxlength="{$element[3]}" value="{$user_data[$element[1]]}" class="textinput" /> </td> </tr> EOT; } break; case 'textarea': $value = $user_data[$element[1]]; if ($element[2]) { echo <<<EOT <tr> <td width="40%" class="tableb" height="25"> {$element[2]} </td> <td width="60%" class="tableb" valign="top"> <textarea name="{$element[1]}" rows="7" class="textinput" style="width: 100%">{$value}</textarea> </td> </tr> EOT; } break; case 'password': echo <<<EOT <tr> <td width="40%" class="tableb"> {$element[2]} </td> <td width="60%" class="tableb" valign="top"> <input type="input" style="width: 100%" name="{$element[1]}" maxlength="{$element[3]}" value="" class="textinput" /> </td> </tr> EOT; break; case 'yesno': $value = $user_data[$element[1]]; $yes_selected = $value == 'YES' ? 'checked="checked"' : ''; $no_selected = $value == 'NO' ? 'checked="checked"' : ''; //$yes_selected = ($value == 'YES') ? 'selected' : ''; //$no_selected = ($value == 'NO') ? 'selected' : ''; echo <<<EOT <tr> <td class="tableb"> {$element[2]} </td> <td class="tableb"> <input type="radio" id="yes" name="{$element[1]}" value="YES" {$yes_selected} /><label for="yes" class="clickable_option">{$lang_common['yes']}</label> <input type="radio" id="no" name="{$element[1]}" value="NO" {$no_selected} /><label for="no" class="clickable_option">{$lang_common['no']}</label> </td> </tr> EOT; break; case 'group_list': $sql = "SELECT group_id, group_name FROM {$CONFIG['TABLE_USERGROUPS']} ORDER BY group_name"; $result = cpg_db_query($sql); $group_list = cpg_db_fetch_rowset($result); mysql_free_result($result); $sel_group = $user_data[$element[1]]; $user_group_list = $user_data['user_group_list'] == '' ? ',' . $sel_group . ',' : ',' . $user_data['user_group_list'] . ',' . $sel_group . ','; echo <<<EOT <tr> <td class="tableb"> {$element[2]} </td> <td class="tableb" valign="top"> <select name="{$element[1]}" class="listbox"> EOT; $group_cb = ''; foreach ($group_list as $group) { echo ' <option value="' . $group['group_id'] . '"' . ($group['group_id'] == $sel_group ? ' selected' : '') . '>' . $group['group_name'] . "</option>\n"; /** * If the group is registered, don't show it here as all the users must be a member of this group * Also there is no point in displaying the 'Banned' group as checking banned here does not ban the user. * Also remove Administrators group from secondary list as it won't give a user admin access. */ if ($group['group_id'] != 1 && $group['group_id'] != 2 && $group['group_id'] != 4) { $checked = strpos(' ' . $user_group_list, ',' . $group['group_id'] . ',') ? 'checked' : ''; $group_cb .= '<input name="group_list[]" type="checkbox" value="' . $group['group_id'] . '" ' . $checked . ' />' . $group['group_name'] . "<br />\n"; } } echo <<<EOT </select><br /> {$group_cb} <br /> <a href="usermgr.php?op=groups_alb_access" class="admin_menu">{$lang_usermgr_php['groups_alb_access']}</a> </td> </tr> EOT; break; case 'checkbox': echo <<<EOT <tr> <td class="tableb"> <label for="send_login_data">{$element[2]}</label> </td> <td class="tableb"> <input type="checkbox" id="send_login_data" name="{$element[1]}" value="YES" /> </td> </tr> EOT; break; default: cpg_die(CRITICAL_ERROR, 'Invalid action for form creation ' . $element[0], __FILE__, __LINE__); } } echo <<<EOT <tr> <td colspan="2" class="tableh2"> <b>{$lang_usermgr_php['notes']}</b> </td> </tr> <tr> <td colspan="2" class="tableb"> <ul> {$lang_usermgr_php['note_list']} </ul> </td> </tr> <tr> <td colspan="2" align="center" class="tablef"> <input type="submit" value="{$lang_usermgr_php['modify_user']}" class="button" /> </td> </form> </tr> EOT; endtable(); }