/**
* Function to get the category data
*/
function get_subcat_data($parent, $ident = '')
{
global $CONFIG, $CAT_LIST;
if ($CONFIG['categories_alpha_sort'] == 1) {
$sort_query = 'name';
} else {
$sort_query = 'pos';
}
$sql = "SELECT cid, name, description " . "FROM {$CONFIG['TABLE_CATEGORIES']} " . "WHERE parent = '{$parent}' " . "ORDER BY {$sort_query}";
$result = cpg_db_query($sql);
if (($cat_count = mysql_num_rows($result)) > 0) {
$rowset = cpg_db_fetch_rowset($result);
$pos = 0;
foreach ($rowset as $subcat) {
if ($pos > 0) {
$CAT_LIST[] = array('cid' => $subcat['cid'], 'parent' => $parent, 'pos' => $pos++, 'prev' => $prev_cid, 'cat_count' => $cat_count, 'name' => $ident . $subcat['name']);
$CAT_LIST[$last_index]['next'] = $subcat['cid'];
} else {
$CAT_LIST[] = array('cid' => $subcat['cid'], 'parent' => $parent, 'pos' => $pos++, 'cat_count' => $cat_count, 'name' => $ident . $subcat['name']);
}
$prev_cid = $subcat['cid'];
$last_index = count($CAT_LIST) - 1;
get_subcat_data($subcat['cid'], $ident . ' ');
}
}
}
/**
* alb_get_subcat_data()
*
* @param integer $parent
* @param string $ident
**/
function alb_get_subcat_data($parent, $ident = '')
{
global $CONFIG, $CAT_LIST, $USER_DATA;
// select cats where the users can change the albums
$groups = '';
foreach ($USER_DATA['groups'] as $group) {
$groups .= "group_id = '{$group}' OR ";
}
$groups .= "0";
$result = cpg_db_query("SELECT cid, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '{$parent}' AND cid != 1 ORDER BY pos");
if ($result->numRows() > 0) {
$rowset = cpg_db_fetch_rowset($result);
foreach ($rowset as $subcat) {
if (!GALLERY_ADMIN_MODE) {
$check_group = cpg_db_query("SELECT group_id FROM {$CONFIG['TABLE_CATMAP']} WHERE ({$groups}) AND cid = " . $subcat['cid']);
$check_group_rowset = cpg_db_fetch_rowset($check_group);
if ($check_group_rowset) {
$CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']);
}
} else {
$CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']);
}
alb_get_subcat_data($subcat['cid'], $ident . ' ');
}
}
}
function minicms($content = '')
{
global $MINICMS, $CONFIG, $cat, $album, $REFERER, $lang_minicms, $HTML_SUBST_DECODE, $cms_array;
if ($MINICMS['dbver'] != MINICMS_DBVER) {
echo "<h2>{$lang_minicms['minicms_full']} {$MINICMS['dbver']}</h2><br />{$lang_minicms['dbver_nomatch']}: " . MINICMS_DBVER . "<br />";
minicms_configure(false);
//auto-updater and dont print the "go" button
}
$where = isset($MINICMS['ID']) ? "ID='{$MINICMS['ID']}'" : "conid='{$MINICMS['conid']}' AND type='{$MINICMS['type']}'";
$query = "SELECT * FROM {$CONFIG['TABLE_CMS']} WHERE {$where} ORDER BY cpos";
$result = cpg_db_query($query);
$cms_array = cpg_db_fetch_rowset($result);
$counter = 0;
foreach ($cms_array as $key => $cms) {
$cms_array[$key]['next_ID'] = $counter < count($cms_array) - 1 && $cms['type'] == $cms_array[$counter + 1]['type'] && $cms['conid'] == $cms_array[$counter + 1]['conid'] ? '&id2=' . $cms_array[$counter + 1]['ID'] : '';
$cms_array[$key]['prev_ID'] = $counter > 0 && $cms['type'] == $cms_array[$counter - 1]['type'] && $cms['conid'] == $cms_array[$counter - 1]['conid'] ? '&id2=' . $cms_array[$counter - 1]['ID'] : '';
$cms_array[$key]['content'] = html_entity_decode(stripslashes($cms['content']));
$counter++;
}
ob_start();
theme_minicms($cms_array);
//$content.=ob_get_clean();
$content = ob_get_clean();
return $content;
}
function get_album_data()
{
global $CONFIG, $ALBUM_LIST;
$result = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} ORDER BY title");
if (mysql_num_rows($result) > 0) {
$rowset = cpg_db_fetch_rowset($result);
foreach ($rowset as $alb) {
$ALBUM_LIST[] = array($alb['aid'], $alb['title']);
}
}
}
/**
* alb_get_subcat_data()
*
* @param integer $parent
* @param string $ident
**/
function alb_get_subcat_data($parent, $ident = '')
{
global $CONFIG, $CAT_LIST;
$result = cpg_db_query("SELECT cid, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '{$parent}' AND cid != 1 ORDER BY pos");
if (mysql_num_rows($result) > 0) {
$rowset = cpg_db_fetch_rowset($result);
foreach ($rowset as $subcat) {
$CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']);
alb_get_subcat_data($subcat['cid'], $ident . ' ');
}
}
}
function get_album_data($category, $ident)
{
global $CONFIG, $catStr, $ALBUM_SET;
$sql = "SELECT aid,title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = {$category} " . $ALBUM_SET;
$result = cpg_db_query($sql);
if (($cat_count = mysql_num_rows($result)) > 0) {
$rowset = cpg_db_fetch_rowset($result);
foreach ($rowset as $subcat) {
$catStr .= "\n {$ident}<album>\n {$ident}<id>{$subcat['aid']}</id>\n {$ident}<name>{$subcat['title']}</name>\n {$ident}</album>";
}
}
}
function h5u_config_groupSel($grpn = 0)
{
global $CONFIG, $superCage;
$sql = "SELECT group_id, group_name FROM {$CONFIG['TABLE_USERGROUPS']} ORDER BY group_name";
$rslt = cpg_db_query($sql);
$group_list = cpg_db_fetch_rowset($rslt, true);
$htm = '<select name="h5u_gSel" onchange="selectConfigGroup(event,this)" style="margin-left:3em">';
$htm .= '<option value="0"' . ($grpn == 0 ? ' selected' : '') . '>< default ></option>';
foreach ($group_list as $group) {
$htm .= '<option value="' . $group['group_id'] . '"' . ($grpn == $group['group_id'] ? ' selected' : '') . '>' . $group['group_name'] . '</option>';
}
return $htm . '</select><div id="h5u_busy"></div>';
}
function thumb_get_subcat_data($parent, &$album_set_array)
{
global $CONFIG;
$result = cpg_db_query("SELECT cid, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '{$parent}'");
if (mysql_num_rows($result) > 0) {
$rowset = cpg_db_fetch_rowset($result);
foreach ($rowset as $subcat) {
$result = cpg_db_query("SELECT aid FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = {$subcat['cid']}");
$album_count = mysql_num_rows($result);
while ($row = mysql_fetch_array($result)) {
$album_set_array[] = $row['aid'];
}
// while
thumb_get_subcat_data($subcat['cid'], $album_set_array);
}
}
}
/**
* get_subcat_data()
*
* @param integer $parent
* @param string $ident
**/
function get_subcat_data($parent, $ident = '')
{
global $CONFIG, $CAT_LIST, $USER_DATA;
//select cats where the users can change the albums
$group_id = $USER_DATA['group_id'];
$result = cpg_db_query("SELECT cid, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '{$parent}' AND cid != 1 ORDER BY pos");
if (mysql_num_rows($result) > 0) {
$rowset = cpg_db_fetch_rowset($result);
foreach ($rowset as $subcat) {
$check_group = cpg_db_query("SELECT group_id FROM {$CONFIG['TABLE_CATMAP']} WHERE group_id = '{$group_id}' AND cid=" . $subcat['cid']);
$check_group_rowset = cpg_db_fetch_rowset($check_group);
if ($check_group_rowset) {
$CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']);
}
get_subcat_data($subcat['cid'], $ident . ' ');
}
}
}
function secondary_user_groups_page_start()
{
global $CONFIG, $cpg_udb, $secondary_user_groups_user_groups;
if (!$cpg_udb->can_join_tables) {
return;
} else {
define('CAN_JOIN_TABLES', '1');
}
$group_id_add = $CONFIG['bridge_enable'] ? 100 : 0;
$result = cpg_db_query("SELECT {$cpg_udb->field['grouptbl_group_id']} AS group_id, {$cpg_udb->field['grouptbl_group_name']} AS group_name FROM {$cpg_udb->groupstable}");
while ($row = mysql_fetch_assoc($result)) {
$group_names[$row['group_id'] + $group_id_add] = $row['group_name'];
}
mysql_free_result($result);
$users = cpg_db_fetch_rowset(cpg_db_query("SELECT {$cpg_udb->field['user_id']} AS user_id FROM {$cpg_udb->usertable}"));
foreach ($users as $user) {
$group_ids = cpg_get_groups($user['user_id']);
foreach ($group_ids as $group_id) {
if ($group_names[$group_id]) {
$secondary_user_groups_user_groups[$user['user_id']][] = $group_names[$group_id];
}
}
}
}
/**
* usergroup_list_box()
*
* @param integer $cid
*
* @return string $usergroup_listbox
**/
function usergroup_list_box($cid)
{
global $CONFIG, $LINEBREAK, $cpg_udb;
$add = $cpg_udb->use_post_based_groups ? 100 : 0;
$exclude_groups = array($cpg_udb->guestgroup + $add);
foreach ($cpg_udb->admingroups as $id) {
$exclude_groups[] = $id + $add;
}
//get the category info from the db
$sql = "SELECT ug.group_name AS name, ug.group_id AS id, catm.group_id AS catm_gid FROM {$CONFIG['TABLE_USERGROUPS']} AS ug LEFT JOIN {$CONFIG['TABLE_CATMAP']} AS catm ON catm.group_id = ug.group_id AND catm.cid = {$cid}";
$sql .= " HAVING id NOT IN (" . implode(', ', $exclude_groups) . ")";
// don't list administrator and guest groups
$result = cpg_db_query($sql);
$rowset = cpg_db_fetch_rowset($result, true);
//put the values in an array for ease of use and clean code for now
foreach ($rowset as $row) {
$groups[$row['id']]['name'] = $row['name'];
if ($row['catm_gid'] != null) {
$groups[$row['id']]['selected'] = 'true';
} else {
$groups[$row['id']]['selected'] = 'false';
}
}
//create listbox
$usergroup_listbox = '<select name="user_groups[]" class="listbox" multiple="multiple">' . $LINEBREAK;
//loop through all groups
foreach ($groups as $id => $values) {
$usergroup_listbox .= ' <option value="' . $id . '"' . ($values['selected'] == 'true' ? 'selected="selected"' : '') . ' >' . $values['name'] . '</option>' . $LINEBREAK;
}
$usergroup_listbox .= '</select>' . $LINEBREAK;
//return listbox
return $usergroup_listbox;
}
function get_user_albums($user_id = '')
{
global $CONFIG, $USER_ALBUMS_ARRAY, $user_albums_list;
if ($user_id != '') {
$or = " OR category='" . (FIRST_USER_CAT + $user_id) . "'";
}
if (!isset($USER_ALBUMS_ARRAY[USER_ID])) {
$user_albums = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category='" . (FIRST_USER_CAT + USER_ID) . "' {$or} ORDER BY title");
if (mysql_num_rows($user_albums)) {
$user_albums_list = cpg_db_fetch_rowset($user_albums);
} else {
$user_albums_list = array();
}
mysql_free_result($user_albums);
$USER_ALBUMS_ARRAY[USER_ID] = $user_albums_list;
} else {
$user_albums_list =& $USER_ALBUMS_ARRAY[USER_ID];
}
}
$public_albums_list = cpg_db_fetch_rowset($public_albums);
} else {
$public_albums_list = array();
}
//do the same for non-categorized albums
if ($public_albums_no_cat->numRows()) {
$public_albums_list_no_cat = cpg_db_fetch_rowset($public_albums_no_cat);
} else {
$public_albums_list_no_cat = array();
}
//merge the 2 album arrays
$public_albums_list = array_merge($public_albums_list, $public_albums_list_no_cat);
if (USER_ID) {
$user_albums = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category='" . (FIRST_USER_CAT + USER_ID) . "' ORDER BY title");
if ($user_albums->numRows()) {
$user_albums_list = cpg_db_fetch_rowset($user_albums);
} else {
$user_albums_list = array();
}
} else {
$user_albums_list = array();
}
if (!count($public_albums_list) && !count($user_albums_list)) {
// there's no album where the user is allowed to upload to
if (USER_CAN_CREATE_ALBUMS) {
cpg_die(ERROR, $lang_upload_php['err_no_alb_uploadables'] . '<br /> <br /><a href="albmgr.php" title="' . $lang_user_admin_menu['albmgr_title'] . '" class="admin_menu">' . $lang_user_admin_menu['albmgr_lnk'] . '</a>', __FILE__, __LINE__);
} else {
cpg_die(ERROR, $lang_upload_php['err_no_alb_uploadables'], __FILE__, __LINE__);
}
}
// Assign maximum file size for browser controls.
function get_pic_comments($pid)
{
global $CONFIG;
$comment_query = "SELECT msg_author, msg_date, msg_body FROM " . $CONFIG['TABLE_COMMENTS'] . " WHERE pid=" . $pid . " LIMIT 5";
logg($comment_query);
$result = cpg_db_query($comment_query);
$rows = cpg_db_fetch_rowset($result);
return $rows;
}
function xfd_head()
{
global $CONFIG, $thisplugin, $XFDSET, $album, $cat;
$xfd_feed = "index.php?file=xfeed/xfeed";
$superCage = Inspekt::makeSuperCage();
switch ($XFDSET['xfd_theme']) {
case 0:
$color = "orange";
break;
case 1:
$color = "azure";
break;
case 2:
$color = "red";
break;
case 3:
$color = "blue";
break;
case 4:
$color = "trans_dark";
break;
case 5:
$color = "trans_light";
break;
}
$header = "\r\n <!-- Begin CPG XFeed Headcode -->\r\n ";
if ($XFDSET['xfd_feedroute'] == 1) {
$xfeed_loc = "feeds.feedburner.com/" . $XFDSET['xfd_feedburnuname'];
$header .= "<link rel=\"alternate\" type=\"application/rss+xml\" title=\"" . $CONFIG['gallery_name'] . " - Feedburner\" href=\"http://" . $xfeed_loc . "\" />\n";
}
$extra_header = $header_str = '';
if ($superCage->get->keyExists('album')) {
$album = $superCage->get->getRaw('album');
$header_str .= "&album={$album}";
}
if ($superCage->get->keyExists('cat')) {
$cat = $superCage->get->getRaw('cat');
$header_str .= "&cat={$cat}";
}
// Code to show the proper title for various RSS and ATOM
$extraTitle = '';
if ($album) {
if ((int) $album) {
$albumDetails = get_album_name((int) $album);
$album = $albumDetails['title'];
} else {
$album = ucwords($album);
}
$extraTitle .= " | {$album}";
}
if (!is_null($cat) && (int) $cat !== FALSE) {
if ($cat < 0) {
$album = -$cat;
$query = "SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid = '{$album}'";
$result = cpg_db_query($query);
$row = cpg_db_fetch_rowset($result);
$cat = $row[0]['category'];
}
$cat_name = populate_category_name($cat);
$extraTitle .= " | {$cat_name}";
}
if ($header_str) {
$extra_header = "<link rel=\"alternate\" type=\"application/rss+xml\" title=\"{$CONFIG['gallery_name']}{$extraTitle} - RSS\" href=\"{$CONFIG['ecards_more_pic_target']}{$xfd_feed}{$header_str}\" />\r\n <link rel=\"alternate\" type=\"application/atom+xml\" title=\"" . $CONFIG['gallery_name'] . "{$extraTitle} - Atom\" href=\"{$CONFIG['ecards_more_pic_target']}{$xfd_feed}&type=atom{$header_str}\" />";
}
$header .= " <link rel=\"alternate\" type=\"application/rss+xml\" title=\"" . $CONFIG['gallery_name'] . " - RSS\" href=\"" . $CONFIG['ecards_more_pic_target'] . $xfd_feed . "\" />\r\n <link rel=\"alternate\" type=\"application/atom+xml\" title=\"" . $CONFIG['gallery_name'] . " - Atom\" href=\"" . $CONFIG['ecards_more_pic_target'] . $xfd_feed . "&type=atom\" />\r\n {$extra_header}\r\n <style type=\"text/css\">\r\n .xfeeds{background-image: url(./plugins/xfeed/images/xfeeds_" . $color . ".png);}\r\n </style>\r\n <link rel=\"stylesheet\" href=\"plugins/xfeed/css/xfeeds.css\" type=\"text/css\" />\r\n <!-- END CPG XFeed Headcode -->\r\n ";
return $header;
}
/**
* list_cat_albums()
*
* This has been added to list the albums in a category, used for showing first level albumslargely a repetition of code elsewhere
* Redone for a cleaner approach
* @param integer $cat Category id for which albums are needed
*/
function list_cat_albums($cat = 0)
{
global $CONFIG, $USER, $lastup_date_fmt, $USER_DATA, $FORBIDDEN_SET, $FORBIDDEN_SET_DATA, $cpg_show_private_album;
global $lang_list_albums, $lang_errors;
$PAGE = 1;
if ($cat == 0) {
return '';
}
$cat_owner_id = $cat > 10000 ? 10000 - $cat : 10001;
$cpg_nopic_data = cpg_get_system_thumb('nopic.jpg', $cat_owner_id);
$cpg_privatepic_data = cpg_get_system_thumb('private.jpg', $cat_owner_id);
$alb_per_page = $CONFIG['albums_per_page'];
$maxTab = $CONFIG['max_tabs'];
$album_filter = '';
$pic_filter = '';
if (!empty($FORBIDDEN_SET) && !$cpg_show_private_album) {
$album_filter = ' and ' . str_replace('p.', 'a.', $FORBIDDEN_SET);
$pic_filter = ' and ' . $FORBIDDEN_SET;
}
$sql = "SELECT count(aid) FROM {$CONFIG['TABLE_ALBUMS']} as a WHERE category = '{$cat}'" . $album_filter;
$result = cpg_db_query($sql);
$nbEnr = mysql_fetch_array($result);
$nbAlb = $nbEnr[0];
mysql_free_result($result);
if ($nbAlb == 0) {
return;
}
$totalPages = ceil($nbAlb / $alb_per_page);
if ($PAGE > $totalPages) {
$PAGE = 1;
}
$lower_limit = ($PAGE - 1) * $alb_per_page;
$upper_limit = min($nbAlb, $PAGE * $alb_per_page);
$limit = "LIMIT " . $lower_limit . "," . ($upper_limit - $lower_limit);
$sql = 'SELECT a.aid, a.title, a.description, a.thumb, visibility, filepath, ' . 'filename, url_prefix, pwidth, pheight ' . 'FROM ' . $CONFIG['TABLE_ALBUMS'] . ' as a ' . 'LEFT JOIN ' . $CONFIG['TABLE_PICTURES'] . ' as p ' . 'ON a.thumb=p.pid ' . 'WHERE category=' . $cat . $album_filter . ' ORDER BY a.pos ' . $limit;
$alb_thumbs_q = cpg_db_query($sql);
$alb_thumbs = cpg_db_fetch_rowset($alb_thumbs_q);
mysql_free_result($alb_thumbs_q);
$disp_album_count = count($alb_thumbs);
$album_set = '';
foreach ($alb_thumbs as $value) {
$album_set .= $value['aid'] . ', ';
}
$album_set = '(' . substr($album_set, 0, -2) . ')';
/*$sql = "SELECT aid, count(pid) as pic_count, max(pid) as last_pid, max(ctime) as last_upload " . "FROM {$CONFIG['TABLE_PICTURES']} " . "WHERE aid IN $album_set AND approved = 'YES' " . "GROUP BY aid";
$alb_stats_q = cpg_db_query($sql);
$alb_stats = cpg_db_fetch_rowset($alb_stats_q);
mysql_free_result($alb_stats_q);*/
//This query will fetch album stats and keyword for the albums
$sql = "SELECT a.aid, count( p.pid ) AS pic_count, max( p.pid ) AS last_pid, max( p.ctime ) AS last_upload, a.keyword, a.alb_hits" . " FROM {$CONFIG['TABLE_ALBUMS']} AS a " . " LEFT JOIN {$CONFIG['TABLE_PICTURES']} AS p ON a.aid = p.aid AND p.approved = 'YES' " . "WHERE a.aid IN {$album_set}" . "GROUP BY a.aid";
$alb_stats_q = cpg_db_query($sql);
$alb_stats = cpg_db_fetch_rowset($alb_stats_q);
mysql_free_result($alb_stats_q);
foreach ($alb_stats as $key => $value) {
$cross_ref[$value['aid']] =& $alb_stats[$key];
if ($CONFIG['link_pic_count'] == 1) {
if (!empty($value['keyword'])) {
$query = "SELECT count(pid) AS link_pic_count\n FROM {$CONFIG['TABLE_PICTURES']}\n WHERE aid != {$value['aid']} AND\n keywords LIKE '%{$value['keyword']}%' AND\n approved = 'YES'";
$result = cpg_db_query($query);
$link_stat = mysql_fetch_array($result);
mysql_free_result($result);
$alb_stats[$key]['link_pic_count'] = $link_stat['link_pic_count'];
}
}
}
for ($alb_idx = 0; $alb_idx < $disp_album_count; $alb_idx++) {
$alb_thumb =& $alb_thumbs[$alb_idx];
$aid = $alb_thumb['aid'];
if (isset($cross_ref[$aid])) {
$alb_stat = $cross_ref[$aid];
$count = $alb_stat['pic_count'];
$alb_hits = $alb_stat['alb_hits'];
} else {
$alb_stat = array();
$count = 0;
$alb_hits = 0;
}
// Inserts a thumbnail if the album contains 1 or more images
$visibility = $alb_thumb['visibility'];
if (!in_array($aid, $FORBIDDEN_SET_DATA) || $CONFIG['allow_private_albums'] == 0) {
//test for visibility
if ($count > 0) {
// Inserts a thumbnail if the album contains 1 or more images
if ($alb_thumb['filename']) {
$picture =& $alb_thumb;
} elseif ($alb_thumb['thumb'] < 0) {
$sql = "SELECT filepath, filename, url_prefix, pwidth, pheight " . "FROM {$CONFIG['TABLE_PICTURES']} WHERE aid = '{$alb_thumb['aid']}' ORDER BY RAND() LIMIT 0,1";
$result = cpg_db_query($sql);
$picture = mysql_fetch_array($result);
mysql_free_result($result);
} else {
$sql = "SELECT filepath, filename, url_prefix, pwidth, pheight " . "FROM {$CONFIG['TABLE_PICTURES']} " . "WHERE pid='{$alb_stat['last_pid']}'";
$result = cpg_db_query($sql);
$picture = mysql_fetch_array($result);
mysql_free_result($result);
}
$pic_url = get_pic_url($picture, 'thumb');
if (!is_image($picture['filename'])) {
$image_info = cpg_getimagesize(urldecode($pic_url));
$picture['pwidth'] = $image_info[0];
$picture['pheight'] = $image_info[1];
}
//thumb cropping
if ($picture['system_icon'] == 'true') {
$image_size = compute_img_size($picture['pwidth'], $picture['pheight'], $CONFIG['alb_list_thumb_size'], true, 'cat_thumb');
} else {
$image_size = compute_img_size($picture['pwidth'], $picture['pheight'], $CONFIG['alb_list_thumb_size'], false, 'cat_thumb');
}
$alb_list[$alb_idx]['thumb_pic'] = "<img src=\"" . $pic_url . "\" class=\"image\" {$image_size['geom']} border=\"0\" alt=\"{$picture['filename']}\" />";
} else {
// Inserts an empty thumbnail if the album contains 0 images
// $image_size = compute_img_size(100, 75, $CONFIG['alb_list_thumb_size']);
$alb_list[$alb_idx]['thumb_pic'] = '<img src="' . $cpg_nopic_data['thumb'] . '" ' . $cpg_nopic_data['whole'] . ' class="image" border="0" alt="" />';
}
} elseif ($CONFIG['show_private']) {
// $image_size = compute_img_size(100, 75, $CONFIG['alb_list_thumb_size']);
$alb_list[$alb_idx]['thumb_pic'] = '<img src="' . $cpg_privatepic_data['thumb'] . '" ' . $cpg_privatepic_data['whole'] . ' class="image" border="0" alt="" />';
}
// Prepare everything
if (!in_array($aid, $FORBIDDEN_SET_DATA) || $CONFIG['allow_private_albums'] == 0) {
$last_upload_date = $count ? localised_date($alb_stat['last_upload'], $lastup_date_fmt) : '';
$link_pic_count = !empty($alb_stat['link_pic_count']) ? $alb_stat['link_pic_count'] : 0;
$alb_list[$alb_idx]['aid'] = $alb_thumb['aid'];
$alb_list[$alb_idx]['album_title'] = $alb_thumb['title'];
$alb_list[$alb_idx]['album_desc'] = bb_decode($alb_thumb['description']);
$alb_list[$alb_idx]['pic_count'] = $count;
$alb_list[$alb_idx]['last_upl'] = $last_upload_date;
$alb_list[$alb_idx]['alb_hits'] = sprintf($lang_list_albums['alb_hits'], $alb_hits);
$alb_list[$alb_idx]['album_info'] = sprintf($lang_list_albums['n_pictures'], $count) . ($count ? sprintf($lang_list_albums['last_added'], $last_upload_date) : "") . ($CONFIG['link_pic_count'] && $link_pic_count > 0 ? sprintf(", {$lang_list_albums['n_link_pictures']}, {$lang_list_albums['total_pictures']}", $link_pic_count, $count + $link_pic_count) : "");
$alb_list[$alb_idx]['album_adm_menu'] = album_adm_menu($alb_thumb['aid'], $cat);
} elseif ($CONFIG['show_private']) {
// uncomment this else block to show private album description
$last_upload_date = $count ? localised_date($alb_stat['last_upload'], $lastup_date_fmt) : '';
$link_pic_count = !empty($alb_stat['link_pic_count']) ? $alb_stat['link_pic_count'] : 0;
$alb_list[$alb_idx]['aid'] = $alb_thumb['aid'];
$alb_list[$alb_idx]['album_title'] = $alb_thumb['title'];
$alb_list[$alb_idx]['album_desc'] = bb_decode($alb_thumb['description']);
$alb_list[$alb_idx]['pic_count'] = $count;
$alb_list[$alb_idx]['last_upl'] = $last_upload_date;
$alb_list[$alb_idx]['alb_hits'] = sprintf($lang_list_albums['alb_hits'], $alb_hits);
$alb_list[$alb_idx]['album_info'] = sprintf($lang_list_albums['n_pictures'], $count) . ($count ? sprintf($lang_list_albums['last_added'], $last_upload_date) : "") . ($CONFIG['link_pic_count'] && $link_pic_count > 0 ? sprintf(", {$lang_list_albums['n_link_pictures']}, {$lang_list_albums['total_pictures']}", $link_pic_count, $count + $link_pic_count) : "");
$alb_list[$alb_idx]['album_adm_menu'] = album_adm_menu($alb_thumb['aid'], $cat);
}
}
ob_start();
theme_display_album_list_cat($alb_list, $nbAlb, $cat, $PAGE, $totalPages);
$cat_albums = ob_get_contents();
ob_end_clean();
return $cat_albums;
}
$returnOutput = '<table border="0" cellspacing="0" cellpadding="0" width="100%">';
$sort_list_matched = $superCage->post->getMatched('sort_order', '/^[0-9@,]+$/');
$orig_sort_order = parse_pic_list($sort_list_matched[0]);
foreach ($orig_sort_order as $picture) {
$pic = parse_pic_orig_sort_order($picture);
$sort_array[$i] = $pic['aid'];
if (count($pic) == 2) {
$query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET position = '{$pic['pos']}' WHERE pid = '{$pic['pid']}' {$restrict} LIMIT 1";
cpg_db_query($query);
} else {
cpg_die(CRITICAL_ERROR, sprintf($lang_delete_php['err_invalid_data'], $sort_list_matched[0]), __FILE__, __LINE__);
}
}
$album_id = $superCage->post->getInt('album_id');
$result = cpg_db_query("SELECT aid, pid, filename, title, position FROM {$CONFIG['TABLE_PICTURES']} WHERE aid = '{$album_id}' ORDER BY position ASC, pid");
$rowset = cpg_db_fetch_rowset($result, true);
if ($superCage->post->keyExists('picture_order')) {
//Check if the form token is valid
if (!checkFormToken()) {
cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__);
}
//get the sorted order - cast to int below
$get_rows = $superCage->post->getEscaped('picture_order');
$sort_rows = parse_pic_list($get_rows);
$returnOutput .= '<tr><td colspan="6"><ul>';
$update_count = 0;
foreach ($sort_rows as $key => $option_value) {
$option_value = (int) $option_value;
if ($option_value == $rowset[$key]['pid']) {
continue;
}
function annotate_meta_album($meta)
{
global $CONFIG, $CURRENT_CAT_NAME, $RESTRICTEDWHERE, $lang_plugin_annotate;
require_once './plugins/annotate/init.inc.php';
$annotate_init_array = annotate_initialize();
$lang_plugin_annotate = $annotate_init_array['language'];
$annotate_icon_array = $annotate_init_array['icon'];
switch ($meta['album']) {
case 'lastnotes':
$album_name = $annotate_icon_array['annotate'] . ' ' . $lang_plugin_annotate['lastnotes'];
if ($CURRENT_CAT_NAME) {
$album_name .= " - {$CURRENT_CAT_NAME}";
}
$query = "SELECT DISTINCT n.pid \n FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate AS n \n INNER JOIN {$CONFIG['TABLE_PICTURES']} AS p ON n.pid = p.pid \n INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS r ON r.aid = p.aid \n {$RESTRICTEDWHERE}";
$result = cpg_db_query($query);
$count = mysql_num_rows($result);
mysql_free_result($result);
$query = "SELECT MAX(nid) AS nid\n FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate AS n \n INNER JOIN {$CONFIG['TABLE_PICTURES']} AS p ON n.pid = p.pid \n INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS r ON r.aid = p.aid \n {$RESTRICTEDWHERE}\n GROUP BY n.pid \n ORDER BY n.nid DESC {$meta['limit']}";
$result = cpg_db_query($query);
$latest_nids_array = array();
while ($row = mysql_fetch_assoc($result)) {
$latest_nids_array[] = $row['nid'];
}
mysql_free_result($result);
$query = "SELECT *, user_time AS msg_date\n FROM {$CONFIG['TABLE_PICTURES']} AS p\n INNER JOIN {$CONFIG['TABLE_PREFIX']}plugin_annotate AS n ON p.pid = n.pid \n INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS r ON r.aid = p.aid \n {$RESTRICTEDWHERE} \n AND approved = 'YES'\n AND n.nid IN (" . implode(', ', $latest_nids_array) . ")\n ORDER BY n.nid DESC";
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
build_caption($rowset, array('msg_date'));
break;
case 'shownotes':
if (annotate_get_level('permissions') < 1) {
global $lang_errors;
cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
}
$superCage = Inspekt::makeSuperCage();
$note = $superCage->get->keyExists('note') ? $superCage->get->getRaw('note') : $superCage->cookie->getRaw($CONFIG['cookie_name'] . 'note');
setcookie($CONFIG['cookie_name'] . 'note', $note);
$album_name = cpg_fetch_icon('search', 2) . ' ' . $lang_plugin_annotate['shownotes'] . " '{$note}'";
if ($CURRENT_CAT_NAME) {
$album_name .= " - {$CURRENT_CAT_NAME}";
}
$note = addslashes(addslashes($note));
$query = "SELECT p.pid FROM {$CONFIG['TABLE_PICTURES']} AS p INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS r ON p.aid = r.aid INNER JOIN {$CONFIG['TABLE_PREFIX']}plugin_annotate n ON p.pid = n.pid {$RESTRICTEDWHERE} AND approved = 'YES' AND n.note = '{$note}' GROUP BY p.pid";
$result = cpg_db_query($query);
$count = mysql_num_rows($result);
mysql_free_result($result);
$query = "SELECT p.*, r.title FROM {$CONFIG['TABLE_PICTURES']} AS p INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS r ON p.aid = r.aid INNER JOIN {$CONFIG['TABLE_PREFIX']}plugin_annotate n ON p.pid = n.pid {$RESTRICTEDWHERE} AND approved = 'YES' AND n.note = '{$note}' GROUP BY p.pid ORDER BY p.pid DESC {$meta['limit']}";
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
build_caption($rowset);
break;
default:
return $meta;
}
$meta['album_name'] = $album_name;
$meta['count'] = $count;
$meta['rowset'] = $rowset;
return $meta;
}
$query = "SELECT {$criteria} FROM {$CONFIG['TABLE_PICTURES']} WHERE pid = {$pid}";
$result = cpg_db_query($query);
$criteria_pid = mysql_result($result, 0);
mysql_free_result($result);
if ($direction == "ASC") {
$direction = "<";
} elseif ($direction == "DESC") {
$direction = ">";
} else {
$direction = "";
}
$sort_order = "{$criteria} {$direction} '{$criteria_pid}' OR {$criteria} = '{$criteria_pid}' AND pid < {$pid}";
$query = "SELECT COUNT(*) FROM {$CONFIG['TABLE_PICTURES']} AS p\n {$join_user_table}\n WHERE {$sql}\n AND ({$sort_order})";
$result = cpg_db_query($query);
list($pos) = mysql_fetch_row($result);
mysql_free_result($result);
} else {
$query = "SELECT p.*{$user_column} FROM {$CONFIG['TABLE_PICTURES']} AS p\n {$join_user_table}\n WHERE " . $sql;
$temp = str_replace("SELECT p.*{$user_column}", 'SELECT COUNT(*)', $query);
$result = cpg_db_query($temp);
$row = mysql_fetch_row($result);
$count = $row[0];
$query .= " ORDER BY {$sort_order} {$limit}";
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
build_caption($rowset);
}
}
}
function verifyKey($key)
{
global $CONFIG;
cpg_db_connect();
$query = "SELECT COUNT(*) from {$CONFIG['TABLE_CONFIG']} where name='" . $USERID . "_flash' and value='" . $key . "'";
//echo "<br> " . $query ;
$result = cpg_db_fetch_rowset(cpg_db_query($query));
//echo "result " . $result[0][0];
if ($result[0][0] != 0) {
return true;
} else {
return false;
}
}
function usergroup_list_box($cid)
{
global $CONFIG;
//get the category info from the db
$sql = "SELECT ug.group_name AS name, ug.group_id AS id, catm.group_id AS catm_gid FROM {$CONFIG['TABLE_USERGROUPS']} AS ug LEFT JOIN {$CONFIG['TABLE_CATMAP']} AS catm ON catm.group_id=ug.group_id AND catm.cid=" . $cid;
$result = cpg_db_query($sql);
$rowset = cpg_db_fetch_rowset($result);
//put the values in an array for ease of use and clean code for now
foreach ($rowset as $row) {
$groups[$row['id']]['name'] = $row['name'];
if ($row['catm_gid'] != null) {
$groups[$row['id']]['selected'] = 'true';
} else {
$groups[$row['id']]['selected'] = 'false';
}
}
//create listbox
$ug_lb = '<select name="user_groups[]" class="listbox" multiple>';
//loop through all groups
foreach ($groups as $id => $values) {
$ug_lb .= ' <option value="' . $id . '"' . ($values['selected'] == 'true' ? 'selected="selected"' : '') . ' >' . $values['name'] . '</option>\\n';
}
$ug_lb .= '</select>';
//return listbox
return $ug_lb;
}
/**
* get_pic_data()
*
* @param $album
* @param $count
* @param $album_name
* @param integer $limit1
* @param integer $limit2
* @param boolean $set_caption
* @return
**/
function get_pic_data($album, &$count, &$album_name, $limit1 = -1, $limit2 = -1, $set_caption = true)
{
global $USER, $CONFIG, $ALBUM_SET, $META_ALBUM_SET, $CURRENT_CAT_NAME, $CURRENT_ALBUM_KEYWORD, $HTML_SUBST, $THEME_DIR, $FAVPICS, $FORBIDDEN_SET_DATA, $USER_DATA, $lang_common;
global $album_date_fmt, $lastcom_date_fmt, $lastup_date_fmt, $lasthit_date_fmt, $cat;
global $lang_get_pic_data, $lang_meta_album_names, $lang_errors;
$sort_array = array('na' => 'filename ASC', 'nd' => 'filename DESC', 'ta' => 'title ASC', 'td' => 'title DESC', 'da' => 'pid ASC', 'dd' => 'pid DESC', 'pa' => 'position ASC', 'pd' => 'position DESC');
$sort_code = isset($USER['sort']) ? $USER['sort'] : $CONFIG['default_sort_order'];
$sort_order = isset($sort_array[$sort_code]) ? $sort_array[$sort_code] : $sort_array[$CONFIG['default_sort_order']];
$limit = $limit1 != -1 ? ' LIMIT ' . $limit1 : '';
$limit .= $limit2 != -1 ? ' ,' . $limit2 : '';
if ($limit2 == 1) {
$select_columns = '*';
} else {
$select_columns = 'pid, filepath, filename, url_prefix, filesize, pwidth, pheight, ctime, aid, keywords, title';
}
if (count($FORBIDDEN_SET_DATA) > 0) {
$forbidden_set_string = " AND aid NOT IN (" . implode(",", $FORBIDDEN_SET_DATA) . ")";
} else {
$forbidden_set_string = '';
}
// Keyword
if (!empty($CURRENT_ALBUM_KEYWORD)) {
$keyword = "OR (keywords like '%{$CURRENT_ALBUM_KEYWORD}%' {$forbidden_set_string} )";
} else {
$keyword = '';
}
// Regular albums
if (is_numeric($album)) {
$album_name_keyword = get_album_name($album);
$album_name = $album_name_keyword['title'];
$album_keyword = addslashes($album_name_keyword['keyword']);
if (!empty($album_keyword)) {
$keyword = "OR (keywords like '%{$album_keyword}%' {$forbidden_set_string} )";
} else {
$keyword = '';
}
if (is_array($USER_DATA['allowed_albums']) && in_array($album, $USER_DATA['allowed_albums'])) {
$approved = '';
} else {
$approved = GALLERY_ADMIN_MODE ? '' : 'AND approved=\'YES\'';
}
$approved = GALLERY_ADMIN_MODE ? '' : 'AND approved=\'YES\'';
$query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE ((aid='{$album}' {$forbidden_set_string} ) {$keyword}) {$approved} {$ALBUM_SET}";
$result = cpg_db_query($query);
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
if ($select_columns != '*') {
$select_columns .= ', title, caption,hits,owner_id,owner_name,pic_rating,votes';
}
$query = "SELECT {$select_columns} from {$CONFIG['TABLE_PICTURES']} WHERE ((aid='{$album}' {$forbidden_set_string} ) {$keyword}) {$approved} {$ALBUM_SET} ORDER BY {$sort_order} {$limit}";
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
// Set picture caption
if ($CONFIG['display_thumbnail_rating'] == 1) {
if ($set_caption) {
build_caption($rowset, array('pic_rating'));
}
} else {
if ($set_caption) {
build_caption($rowset);
}
}
$rowset = CPGPluginAPI::filter('thumb_caption_regular', $rowset);
return $rowset;
}
// Meta albums
switch ($album) {
case 'lastcom':
// Last comments
if ($META_ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $album_name = $lang_meta_album_names['lastcom'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['lastcom'];
}
// Replacing the AND in ALBUM_SET with AND (
if ($META_ALBUM_SET) {
$TMP_SET = "AND (" . substr($META_ALBUM_SET, 3);
} else {
$TMP_SET = "AND (1";
}
$query = "SELECT COUNT({$CONFIG['TABLE_PICTURES']}.pid) from {$CONFIG['TABLE_COMMENTS']}, {$CONFIG['TABLE_PICTURES']} WHERE {$CONFIG['TABLE_PICTURES']}.approved = 'YES' AND {$CONFIG['TABLE_COMMENTS']}.pid = {$CONFIG['TABLE_PICTURES']}.pid AND {$CONFIG['TABLE_COMMENTS']}.approval = 'YES' {$TMP_SET} {$keyword})";
$result = cpg_db_query($query);
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
$select_columns = '*';
//allows building any data into any thumbnail caption
if ($select_columns == '*') {
$select_columns = 'p.*, msg_id, author_id, msg_author, UNIX_TIMESTAMP(msg_date) as msg_date, msg_body, aid';
} else {
$select_columns = str_replace('pid', 'c.pid', $select_columns) . ', msg_id, author_id, msg_author, UNIX_TIMESTAMP(msg_date) as msg_date, msg_body, aid';
}
$TMP_SET = str_replace($CONFIG['TABLE_PICTURES'], 'p', $TMP_SET);
$query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_COMMENTS']} as c, {$CONFIG['TABLE_PICTURES']} as p WHERE approved = 'YES' AND c.pid = p.pid AND c.approval = 'YES' {$TMP_SET} {$keyword}) ORDER by msg_id DESC {$limit}";
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
build_caption($rowset, array('msg_body', 'msg_date'));
}
$rowset = CPGPluginAPI::filter('thumb_caption_lastcom', $rowset);
return $rowset;
break;
case 'lastcomby':
// Last comments by a specific user
if (isset($USER['uid'])) {
$uid = (int) $USER['uid'];
} else {
$uid = -1;
}
$user_name = get_username($uid);
if ($META_ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $album_name = $lang_meta_album_names['lastcom'] . ' - ' . $CURRENT_CAT_NAME . ' - ' . $user_name;
} else {
$album_name = $lang_meta_album_names['lastcom'] . ' - ' . $user_name;
}
$query = "SELECT COUNT({$CONFIG['TABLE_PICTURES']}.pid) from {$CONFIG['TABLE_COMMENTS']}, {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND author_id = '{$uid}' AND {$CONFIG['TABLE_COMMENTS']}.pid = {$CONFIG['TABLE_PICTURES']}.pid {$META_ALBUM_SET}";
$result = cpg_db_query($query);
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
$select_columns = '*, UNIX_TIMESTAMP(msg_date) AS msg_date';
//allows building any data into any thumbnail caption
$query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_COMMENTS']} as c, {$CONFIG['TABLE_PICTURES']} as p WHERE approved = 'YES' AND author_id = '{$uid}' AND c.pid = p.pid {$META_ALBUM_SET} ORDER by msg_id DESC {$limit}";
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
build_caption($rowset, array('msg_body', 'msg_date'));
}
$rowset = CPGPluginAPI::filter('thumb_caption_lastcomby', $rowset);
return $rowset;
break;
case 'lastup':
// Last uploads
if ($META_ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['lastup'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['lastup'];
}
$query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$META_ALBUM_SET}";
$result = cpg_db_query($query);
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
//if($select_columns != '*' ) $select_columns .= ',title, caption, owner_id, owner_name, aid';
$select_columns = '*';
//allows building any data into any thumbnail caption
$query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$META_ALBUM_SET} ORDER BY pid DESC {$limit}";
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
build_caption($rowset, array('ctime'));
}
$rowset = CPGPluginAPI::filter('thumb_caption_lastup', $rowset);
return $rowset;
break;
case 'lastupby':
// Last uploads by a specific user
if (isset($USER['uid'])) {
$uid = (int) $USER['uid'];
} else {
$uid = -1;
}
$user_name = get_username($uid);
if ($META_ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['lastup'] . ' - ' . $CURRENT_CAT_NAME . ' - ' . $user_name;
} else {
$album_name = $lang_meta_album_names['lastup'] . ' - ' . $user_name;
}
$query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND owner_id = '{$uid}' {$META_ALBUM_SET}";
$result = cpg_db_query($query);
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
//if($select_columns != '*' ) $select_columns .= ', owner_id, owner_name, aid';
$select_columns = '*';
//allows building any data into any thumbnail caption
$query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND owner_id = '{$uid}' {$META_ALBUM_SET} ORDER BY pid DESC {$limit}";
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
build_caption($rowset, array('ctime'));
}
$rowset = CPGPluginAPI::filter('thumb_caption_lastupby', $rowset);
return $rowset;
break;
case 'topn':
// Most viewed pictures
if ($META_ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['topn'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['topn'];
}
$query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND hits > 0 {$META_ALBUM_SET} {$keyword}";
$result = cpg_db_query($query);
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
//if($select_columns != '*') $select_columns .= ', hits, aid, filename, owner_id, owner_name';
$select_columns = '*';
//allows building any data into any thumbnail caption
$query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES'AND hits > 0 {$META_ALBUM_SET} {$keyword} ORDER BY hits DESC, filename {$limit}";
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
build_caption($rowset, array('hits'));
}
$rowset = CPGPluginAPI::filter('thumb_caption_topn', $rowset);
return $rowset;
break;
case 'toprated':
// Top rated pictures
if ($META_ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['toprated'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['toprated'];
}
$query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND votes >= '{$CONFIG['min_votes_for_rating']}' {$META_ALBUM_SET}";
$result = cpg_db_query($query);
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
//if($select_columns != '*') $select_columns .= ', pic_rating, votes, aid, owner_id, owner_name';
$select_columns = '*';
//allows building any data into any thumbnail caption
$query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND votes >= '{$CONFIG['min_votes_for_rating']}' {$META_ALBUM_SET} ORDER BY pic_rating DESC, votes DESC, pid DESC {$limit}";
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
build_caption($rowset, array('pic_rating'));
}
$rowset = CPGPluginAPI::filter('thumb_caption_toprated', $rowset);
return $rowset;
break;
case 'lasthits':
// Last viewed pictures
if ($META_ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['lasthits'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['lasthits'];
}
$query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' and hits > 0 {$META_ALBUM_SET}";
$result = cpg_db_query($query);
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
//if($select_columns != '*') $select_columns .= ', UNIX_TIMESTAMP(mtime) as mtime, aid, hits, lasthit_ip, owner_id, owner_name';
$select_columns = '*, UNIX_TIMESTAMP(mtime) as mtime';
//allows building any data into any thumbnail caption
$query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' and hits > 0 {$META_ALBUM_SET} ORDER BY mtime DESC {$limit}";
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
build_caption($rowset, array('mtime', 'hits'));
}
$rowset = CPGPluginAPI::filter('thumb_caption_lasthits', $rowset);
return $rowset;
break;
case 'random':
// Random pictures
if ($META_ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['random'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['random'];
}
$query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$META_ALBUM_SET}";
$result = cpg_db_query($query);
$nbEnr = mysql_fetch_array($result);
$pic_count = $nbEnr[0];
mysql_free_result($result);
//if($select_columns != '*') $select_columns .= ', aid, owner_id, owner_name';
$select_columns = '*';
//allows building any data into any thumbnail caption
// if we have more than 1000 pictures, we limit the number of picture returned
// by the SELECT statement as ORDER BY RAND() is time consuming
/* Commented out due to image not found bug
if ($pic_count > 1000) {
$result = cpg_db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES'");
$nbEnr = mysql_fetch_array($result);
$total_count = $nbEnr[0];
mysql_free_result($result);
$granularity = floor($total_count / RANDPOS_MAX_PIC);
$cor_gran = ceil($total_count / $pic_count);
srand(time());
for ($i=1; $i<= $cor_gran; $i++) $random_num_set =rand(0, $granularity).', ';
$random_num_set = substr($random_num_set,0, -2);
$result = cpg_db_query("SELECT $select_columns FROM {$CONFIG['TABLE_PICTURES']} WHERE randpos IN ($random_num_set) AND approved = 'YES' $ALBUM_SET ORDER BY RAND() LIMIT $limit2");
} else {
*/
$query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$META_ALBUM_SET} ORDER BY RAND() LIMIT {$limit2}";
$result = cpg_db_query($query);
$rowset = array();
while ($row = mysql_fetch_array($result)) {
$rowset[-$row['pid']] = $row;
}
mysql_free_result($result);
if ($set_caption) {
build_caption($rowset);
}
$rowset = CPGPluginAPI::filter('thumb_caption_random', $rowset);
return $rowset;
break;
case 'search':
// Search results
if (isset($USER['search']['search'])) {
$search_string = $USER['search']['search'];
} else {
$search_string = '';
}
if ($META_ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['search'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['search'] . ' - "' . strtr($search_string, $HTML_SUBST) . '"';
}
include 'include/search.inc.php';
$rowset = CPGPluginAPI::filter('thumb_caption_search', $rowset);
return $rowset;
break;
case 'lastalb':
// Last albums to which uploads
if ($META_ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['lastalb'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['lastalb'];
}
$META_ALBUM_SET = str_replace("aid", $CONFIG['TABLE_PICTURES'] . ".aid", $META_ALBUM_SET);
$query = "SELECT count({$CONFIG['TABLE_ALBUMS']}.aid) FROM {$CONFIG['TABLE_PICTURES']},{$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND approved = 'YES' {$META_ALBUM_SET} GROUP BY {$CONFIG['TABLE_PICTURES']}.aid";
$result = cpg_db_query($query);
$count = mysql_num_rows($result);
mysql_free_result($result);
$query = "SELECT *,{$CONFIG['TABLE_ALBUMS']}.title AS title,{$CONFIG['TABLE_ALBUMS']}.aid AS aid FROM {$CONFIG['TABLE_PICTURES']},{$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND approved = 'YES' {$META_ALBUM_SET} GROUP BY {$CONFIG['TABLE_PICTURES']}.aid ORDER BY {$CONFIG['TABLE_PICTURES']}.ctime DESC {$limit}";
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
build_caption($rowset, array('ctime'));
}
$rowset = CPGPluginAPI::filter('thumb_caption_lastalb', $rowset);
return $rowset;
break;
case 'favpics':
// Favourite Pictures
$album_name = $lang_meta_album_names['favpics'];
$rowset = array();
if (count($FAVPICS) > 0) {
$favs = implode(",", $FAVPICS);
$query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND pid IN ({$favs}) {$META_ALBUM_SET}";
$result = cpg_db_query($query);
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
$select_columns = '*';
$query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND pid IN ({$favs}) {$META_ALBUM_SET} {$limit}";
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
build_caption($rowset, array('ctime'));
}
}
$rowset = CPGPluginAPI::filter('thumb_caption_favpics', $rowset);
return $rowset;
break;
case 'datebrowse':
// Browsing by uploading date
$date = isset($_GET['date']) ? cpgValidateDate($_GET['date']) : null;
$album_name = $lang_common['date'] . ': ' . $date;
$rowset = array();
$query = "SELECT COUNT(pid) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND substring(from_unixtime(ctime),1,10) = '" . substr($date, 0, 10) . "' {$META_ALBUM_SET}";
$result = cpg_db_query($query);
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
$select_columns = '*';
$query = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND substring(from_unixtime(ctime),1,10) = '" . substr($date, 0, 10) . "' {$META_ALBUM_SET} {$limit}";
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
build_caption($rowset, array('ctime'));
}
return $rowset;
break;
default:
// Invalid meta album
cpg_die(ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
}
}
function potd_meta_album($meta_album_passto)
{
global $CONFIG, $ALBUM_SET, $CURRENT_CAT_NAME, $lang_meta_album_names;
$album = $meta_album_passto['album'];
$limit = $meta_album_passto['limit'];
$set_caption = $meta_album_passto['set_caption'];
$thumb_per_page = $CONFIG['thumbcols'] * $CONFIG['thumbrows'];
if ($thumb_per_page == 1) {
$select_columns = '*';
} else {
$select_columns = 'p.pid, filepath, filename, url_prefix, filesize, pwidth, pheight, ctime, aid, keywords';
}
switch ($album) {
case 'potdarch':
// Archive of the picture of the day
if ($ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['potdarch'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['potdarch'];
}
$query = <<<EOT
SELECT COUNT(*)
FROM {$CONFIG['TABLE_PLUGIN_POTD']} AS pp LEFT JOIN {$CONFIG['TABLE_PICTURES']} AS p
ON p.pid=pp.pid
WHERE (approved = 'YES' && pp.potd = '2')
{$ALBUM_SET}
EOT;
$result = cpg_db_query($query);
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
if ($select_columns != '*') {
$select_columns .= ',title, caption, owner_id, owner_name, pp.potd_date';
}
$query = <<<EOT
SELECT {$select_columns}
FROM {$CONFIG['TABLE_PLUGIN_POTD']} AS pp LEFT JOIN {$CONFIG['TABLE_PICTURES']} AS p
ON p.pid=pp.pid
WHERE (approved = 'YES' && pp.potd = '2')
{$ALBUM_SET}
ORDER BY pp.potd_date DESC
{$limit}
EOT;
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
foreach ($rowset as $key => $row) {
$user_link = $CONFIG['display_uploader'] && $row['owner_id'] && $row['owner_name'] ? '<span class="thumb_title"><a href ="profile.php?uid=' . $row['owner_id'] . '">' . $row['owner_name'] . '</a></span>' : '';
$caption = $user_link . '<span class="thumb_caption">' . localised_date($row['potd_date'], $lastup_date_fmt) . '</span>';
$rowset[$key]['caption_text'] = $caption;
}
}
break;
case 'potwarch':
// Archive of the picture of the week
if ($ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['potwarch'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['potwarch'];
}
$query = <<<EOT
SELECT COUNT(*)
FROM {$CONFIG['TABLE_PLUGIN_POTD']} AS pp LEFT JOIN {$CONFIG['TABLE_PICTURES']} AS p
ON p.pid=pp.pid
WHERE (approved = 'YES' && pp.potw = '2')
{$ALBUM_SET}
EOT;
$result = cpg_db_query($query);
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
if ($select_columns != '*') {
$select_columns .= ',title, caption, owner_id, owner_name, pp.potw_date';
}
$query = <<<EOT
SELECT {$select_columns}
FROM {$CONFIG['TABLE_PLUGIN_POTD']} AS pp LEFT JOIN {$CONFIG['TABLE_PICTURES']} AS p
ON p.pid=pp.pid
WHERE (approved = 'YES' && pp.potw = '2')
{$ALBUM_SET}
ORDER BY pp.potw_date DESC
{$limit}
EOT;
$result = cpg_db_query($query);
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
foreach ($rowset as $key => $row) {
$user_link = $CONFIG['display_uploader'] && $row['owner_id'] && $row['owner_name'] ? '<span class="thumb_title"><a href ="profile.php?uid=' . $row['owner_id'] . '">' . $row['owner_name'] . '</a></span>' : '';
$caption = $user_link . '<span class="thumb_caption">' . localised_date($row['potw_date'], $lastup_date_fmt) . '</span>';
$rowset[$key]['caption_text'] = $caption;
}
}
break;
default:
return false;
// no meta-albums were processed here
}
$meta_album_params = array('album_name' => $album_name, 'count' => $count, 'rowset' => $rowset);
return $meta_album_params;
}
function get_tree_album_data($category, $dtree_parent)
{
global $catStr, $ALBUM_SET, $dtree_counter, $LINEBREAK;
global $CONFIG, $HIDE_USER_CAT, $FORBIDDEN_SET, $cpg_show_private_album;
$album_filter = '';
$pic_filter = '';
if (!empty($FORBIDDEN_SET) && !$cpg_show_private_album) {
$album_filter = ' ' . str_replace('p.', 'a.', $FORBIDDEN_SET);
$pic_filter = ' ' . str_replace('p.', $CONFIG['TABLE_PICTURES'] . '.', $FORBIDDEN_SET);
}
if ($category == USER_GAL_CAT) {
$sql = "SELECT DISTINCT user_id, user_name FROM {$CONFIG['TABLE_USERS']}, {$CONFIG['TABLE_ALBUMS']} WHERE 10000 + {$CONFIG['TABLE_USERS']}.user_id = {$CONFIG['TABLE_ALBUMS']}.category ORDER BY user_name ASC";
$result = cpg_db_query($sql);
if (($cat_count = mysql_num_rows($result)) > 0) {
$rowset = cpg_db_fetch_rowset($result);
$catStr .= '<ul>' . $LINEBREAK;
foreach ($rowset as $subcat) {
$dtree_counter++;
// User gallery
$catStr .= '<li><a href="index.php?cat=' . (FIRST_USER_CAT + (int) $subcat['user_id']) . '">' . $subcat['user_name'] . '</a>' . $LINEBREAK;
get_tree_album_data(FIRST_USER_CAT + (int) $subcat['user_id'], $dtree_counter);
$catStr .= '</li>' . $LINEBREAK;
}
$catStr .= '</ul>' . $LINEBREAK;
}
} else {
if ($category == USER_GAL_CAT) {
$sql = "SELECT aid,title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = {$category} " . $ALBUM_SET . $album_filter . " ORDER BY pos";
} else {
$unaliased_album_filter = str_replace('a.', '', $album_filter);
$sql = "SELECT aid,title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = {$category} " . $ALBUM_SET . $unaliased_album_filter . " ORDER BY pos";
}
$result = cpg_db_query($sql);
if (($cat_count = mysql_num_rows($result)) > 0) {
$rowset = cpg_db_fetch_rowset($result);
$catStr .= '<ul>' . $LINEBREAK;
foreach ($rowset as $subcat) {
$dtree_counter++;
// Album
$catStr .= '<li><a href="thumbnails.php?album=' . $subcat['aid'] . '">' . $subcat['title'] . '</a></li>' . $LINEBREAK;
}
$catStr .= '</ul>' . $LINEBREAK;
}
}
}
function alb_list_box()
{
global $CONFIG, $CLEAN, $cpg_udb;
//, $PHP_SELF;
if (GALLERY_ADMIN_MODE) {
$result = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category < '" . FIRST_USER_CAT . "' ORDER BY title");
$rowset = cpg_db_fetch_rowset($result);
mysql_free_result($result);
//if (defined('UDB_INTEGRATION')) {
$sql = $cpg_udb->get_admin_album_list();
/*} else {
$sql = "SELECT aid, CONCAT('(', user_name, ') ', title) AS title " . "FROM {$CONFIG['TABLE_ALBUMS']} AS a " . "INNER JOIN {$CONFIG['TABLE_USERS']} AS u ON category = (" . FIRST_USER_CAT . " + user_id) " . "ORDER BY title";
}*/
$result = cpg_db_query($sql);
while ($row = mysql_fetch_array($result)) {
$rowset[] = $row;
}
mysql_free_result($result);
} else {
//Only list the albums owned by the user
$cat = USER_ID + FIRST_USER_CAT;
$user_id = USER_ID;
//get albums in "my albums"
$result1 = cpg_db_query("SELECT aid , title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = {$cat}");
$rowset1 = cpg_db_fetch_rowset($result1);
mysql_free_result($result1);
//get public albums
$result2 = cpg_db_query("SELECT alb.aid AS aid, CONCAT_WS('', '(', cat.name, ') ', alb.title) AS title FROM {$CONFIG['TABLE_ALBUMS']} AS alb INNER JOIN {$CONFIG['TABLE_CATEGORIES']} AS cat ON alb.owner = '{$user_id}' AND alb.category = cat.cid ORDER BY alb.category DESC, alb.pos ASC");
$rowset2 = cpg_db_fetch_rowset($result2);
mysql_free_result($result2);
//merge rowsets
$rowset = array_merge($rowset1, $rowset2);
}
if (count($rowset)) {
$lb = "<select name=\"album_listbox\" class=\"listbox\" onChange=\"if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?album='+this.options[this.selectedIndex].value;\">\n";
foreach ($rowset as $row) {
$selected = $row['aid'] == $CLEAN['album'] ? "SELECTED" : "";
$lb .= " <option value=\"" . $row['aid'] . "\" {$selected}>" . $row['title'] . "</option>\n";
}
$lb .= "</select>\n";
return $lb;
}
}
function album_selection_options($selected = 0)
{
global $CONFIG, $lang_common, $cpg_udb, $LINEBREAK;
$superCage = Inspekt::makeSuperCage();
// html string of options to be returned
$options = '';
$albums = array();
// load all albums
$uploads_yes = (defined('EDITPICS_PHP') || defined('UPLOAD_PHP')) && USER_CAN_UPLOAD_PICTURES ? 'OR uploads = "YES"' : '';
if ($superCage->get->keyExists('only_empty_albums')) {
// don't check for permissions, as it's not security related
$only_empty_albums = "AND aid NOT IN (SELECT aid FROM {$CONFIG['TABLE_PICTURES']})";
} else {
$only_empty_albums = '';
}
if (GALLERY_ADMIN_MODE) {
$result = cpg_db_query("SELECT aid, title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE 1 {$only_empty_albums} ORDER BY pos");
} elseif (USER_ID) {
$result = cpg_db_query("SELECT aid, title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE (category = " . (FIRST_USER_CAT + USER_ID) . " OR owner = " . USER_ID . " {$uploads_yes}) {$only_empty_albums} ORDER BY pos");
} else {
$result = cpg_db_query("SELECT aid, title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE (0 {$uploads_yes}) {$only_empty_albums} ORDER BY pos");
}
while ($row = mysql_fetch_assoc($result)) {
$albums[$row['category']][$row['aid']] = $row['title'];
}
if (!empty($albums[0])) {
// Albums in no category
$options .= '<optgroup label="' . $lang_common['albums_no_category'] . '">';
foreach ($albums[0] as $aid => $title) {
$options .= sprintf('<option value="%d"%s>%s</option>' . $LINEBREAK, $aid, $aid == $selected ? ' selected="selected"' : '', $title);
}
$options .= '</optgroup>';
}
// Load all categories
if (GALLERY_ADMIN_MODE) {
$result = cpg_db_query("SELECT cid, rgt, name FROM {$CONFIG['TABLE_CATEGORIES']} ORDER BY lft");
} elseif (USER_ID) {
$result = cpg_db_query("SELECT DISTINCT c.cid, c.rgt, c.name FROM {$CONFIG['TABLE_ALBUMS']} AS a RIGHT JOIN {$CONFIG['TABLE_CATEGORIES']} AS c ON a.category = c.cid WHERE c.cid = " . USER_GAL_CAT . " OR a.owner = " . USER_ID . " {$uploads_yes} ORDER BY lft");
} else {
$result = cpg_db_query("SELECT DISTINCT c.cid, c.rgt, c.name FROM {$CONFIG['TABLE_ALBUMS']} AS a RIGHT JOIN {$CONFIG['TABLE_CATEGORIES']} AS c ON a.category = c.cid WHERE 0 {$uploads_yes} ORDER BY lft");
}
$cats = array();
// Loop through all categories
while ($row = mysql_fetch_assoc($result)) {
// Determine category hierarchy
if (count($cats)) {
while ($cats && $cats[count($cats) - 1]['rgt'] < $row['rgt']) {
array_pop($cats);
}
}
$cats[] = $row;
// Add this category to the hierarchy
if ($row['cid'] == USER_GAL_CAT) {
// User galleries
$options .= '<optgroup label="' . $lang_common['personal_albums'] . '">' . $LINEBREAK;
if (GALLERY_ADMIN_MODE) {
$result2 = cpg_db_query("SELECT {$cpg_udb->field['user_id']} AS user_id, {$cpg_udb->field['username']} AS user_name " . "FROM {$cpg_udb->usertable} ORDER BY {$cpg_udb->field['username']}", $cpg_udb->link_id);
$users = cpg_db_fetch_rowset($result2);
mysql_free_result($result2);
} else {
$users = array(array('user_id' => USER_ID, 'user_name' => USER_NAME));
}
foreach ($users as $user) {
if (!empty($albums[$user['user_id'] + FIRST_USER_CAT])) {
$options .= '<optgroup label=" ' . $user['user_name'] . '">' . $LINEBREAK;
foreach ($albums[$user['user_id'] + FIRST_USER_CAT] as $aid => $title) {
$options .= sprintf('<option value="%d"%s>%s</option>' . $LINEBREAK, $aid, $aid == $selected ? ' selected="selected"' : '', ' ' . $title);
}
$options .= '</optgroup>';
}
}
$options .= '</optgroup>';
unset($users);
continue;
}
// calculate indent for this level
$indent = str_repeat(' ', count($cats) - 1);
// albums in the category
if (!empty($albums[$row['cid']])) {
// category header
$options .= '<optgroup label="' . $indent . $row['name'] . '">' . $LINEBREAK;
foreach ($albums[$row['cid']] as $aid => $title) {
$options .= sprintf('<option value="%d"%s>%s</option>' . $LINEBREAK, $aid, $aid == $selected ? ' selected="selected"' : '', $indent . $title);
}
$options .= '</optgroup>';
}
}
mysql_free_result($result);
return $options;
}
/**
* album_adm_menu()
*
* This has been added to keep the list_albums() function clean.
*
* @param integer $aid Album id
* @param integer $cat Category id
*
* @return html_albummenu($aid) Administration menu
*/
function album_adm_menu($aid, $cat, $owner)
{
global $CONFIG, $USER_DATA, $lang_album_admin_menu;
if (GALLERY_ADMIN_MODE) {
return html_albummenu($aid);
}
static $public_album_uploads = null;
if ($public_album_uploads === null) {
$public_album_uploads = array();
$result = cpg_db_query("SELECT a.aid FROM {$CONFIG['TABLE_ALBUMS']} AS a INNER JOIN {$CONFIG['TABLE_PICTURES']} as p ON p.aid = a.aid WHERE uploads = 'YES' AND category < " . FIRST_USER_CAT . " AND (visibility = '0' OR visibility IN " . USER_GROUP_SET . " OR alb_password != '') AND owner_id = " . USER_ID);
while ($row = $result->fetchAssoc()) {
$public_album_uploads[] = $row['aid'];
}
$result->free();
}
if (USER_ADMIN_MODE) {
if ($cat == USER_ID + FIRST_USER_CAT) {
return html_albummenu($aid);
}
if ($owner == USER_ID) {
if ($CONFIG['allow_user_edit_after_cat_close'] == 0) {
$result = cpg_db_query("SELECT DISTINCT alb.category FROM {$CONFIG['TABLE_ALBUMS']} AS alb INNER JOIN {$CONFIG['TABLE_CATMAP']} AS catm ON alb.category=catm.cid WHERE alb.owner = '" . $USER_DATA['user_id'] . "' AND alb.aid='{$aid}' AND catm.group_id IN (" . implode(', ', $USER_DATA['groups']) . ")");
$allowed_albums = cpg_db_fetch_rowset($result, true);
if (!$allowed_albums || $allowed_albums[0]['category'] == '') {
if ($CONFIG['users_can_edit_pics'] && in_array($aid, $public_album_uploads)) {
return html_albummenu2($aid);
} else {
return "<strong>" . $lang_album_admin_menu['cat_locked'] . "</strong>";
}
}
}
if (!$CONFIG['users_can_edit_pics']) {
return html_albummenu3($aid);
} else {
return html_albummenu($aid);
}
}
}
if (MODERATOR_MODE && in_array($aid, $USER_DATA['allowed_albums'])) {
return html_albummenu2($aid);
}
if (USER_CAN_UPLOAD_PICTURES && $CONFIG['users_can_edit_pics'] && in_array($aid, $public_album_uploads)) {
return html_albummenu2($aid);
}
return '';
}
function get_user_albums($user_id = '')
{
global $CONFIG, $user_albums_list, $albStr;
$USER_ALBUMS_ARRAY = array(0 => array());
$or = '';
if ($user_id != '') {
$or = " OR category='" . (FIRST_USER_CAT + $user_id) . "'";
}
if (!isset($USER_ALBUMS_ARRAY[USER_ID])) {
if (MODERATOR_MODE && UPLOAD_APPROVAL_MODE || MODERATOR_EDIT_MODE) {
$user_albums = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid IN {$albStr} AND category > '" . FIRST_USER_CAT . "' OR category='" . (FIRST_USER_CAT + USER_ID) . "' ORDER BY title");
if (mysql_num_rows($user_albums)) {
$user_albums_list = cpg_db_fetch_rowset($user_albums);
} else {
$user_albums_list = array();
}
mysql_free_result($user_albums);
} else {
//Only list the albums owned by the user
$cat = USER_ID + FIRST_USER_CAT;
$user_id = USER_ID;
//get albums in "my albums"
$result1 = cpg_db_query("SELECT aid , title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = {$cat}");
$rowset1 = cpg_db_fetch_rowset($result1);
mysql_free_result($result1);
//get public albums
$result2 = cpg_db_query("SELECT alb.aid AS aid, CONCAT_WS('', '(', cat.name, ') ', alb.title) AS title FROM {$CONFIG['TABLE_ALBUMS']} AS alb INNER JOIN {$CONFIG['TABLE_CATEGORIES']} AS cat ON alb.owner = '{$user_id}' AND alb.category = cat.cid ORDER BY alb.category DESC, alb.pos ASC");
$rowset2 = cpg_db_fetch_rowset($result2);
mysql_free_result($result2);
//merge rowsets
$user_albums_list = array_merge($rowset1, $rowset2);
}
$USER_ALBUMS_ARRAY[USER_ID] = $user_albums_list;
} else {
$user_albums_list =& $USER_ALBUMS_ARRAY[USER_ID];
}
}
function edit_user($user_id)
{
global $CONFIG, $CPG_PHP_SELF, $LINEBREAK;
//, $PHP_SELF;
global $lang_usermgr_php, $lang_common, $icon_array, $op;
$form_data = array(array('input', 'user_name', cpg_fetch_icon('my_profile', 2) . $lang_usermgr_php['name'], 25), array('password', 'user_password', cpg_fetch_icon('key_enter', 2) . $lang_usermgr_php['password'], 25), array('yesno', 'user_active', cpg_fetch_icon('online', 2) . $lang_usermgr_php['user_active']), array('group_list', 'user_group', cpg_fetch_icon('groups_mgr', 2) . $lang_usermgr_php['user_group']), array('input', 'user_email', cpg_fetch_icon('mail', 2) . $lang_usermgr_php['user_email'], 255));
if ($CONFIG['user_profile1_name'] != '') {
$form_data[] = array('input', 'user_profile1', cpg_fetch_icon('blank', 2) . $CONFIG['user_profile1_name'], 255);
}
if ($CONFIG['user_profile2_name'] != '') {
$form_data[] = array('input', 'user_profile2', cpg_fetch_icon('blank', 2) . $CONFIG['user_profile2_name'], 255);
}
if ($CONFIG['user_profile3_name'] != '') {
$form_data[] = array('input', 'user_profile3', cpg_fetch_icon('blank', 2) . $CONFIG['user_profile3_name'], 255);
}
if ($CONFIG['user_profile4_name'] != '') {
$form_data[] = array('input', 'user_profile4', cpg_fetch_icon('blank', 2) . $CONFIG['user_profile4_name'], 255);
}
if ($CONFIG['user_profile5_name'] != '') {
$form_data[] = array('input', 'user_profile5', cpg_fetch_icon('blank', 2) . $CONFIG['user_profile5_name'], 255);
}
if ($CONFIG['user_profile6_name'] != '') {
$form_data[] = array('textarea', 'user_profile6', cpg_fetch_icon('blank', 2) . $CONFIG['user_profile6_name'], 255);
}
//$form_data = CPGPluginAPI::filter('usermgr_form_list', array(0 => $form_data, 1 => $user_id);
list($timestamp, $form_token) = getFormToken();
if ($user_id != 'new_user') {
$sql = "SELECT * FROM {$CONFIG['TABLE_USERS']} WHERE user_id = '{$user_id}'";
$result = cpg_db_query($sql);
if (!mysql_num_rows($result)) {
cpg_die(CRITICAL_ERROR, $lang_usermgr_php['err_unknown_user'], __FILE__, __LINE__);
}
$user_data = mysql_fetch_array($result);
mysql_free_result($result);
if (mysql_num_rows(cpg_db_query("SELECT user_name FROM {$CONFIG['TABLE_BANNED']} WHERE user_name = '" . addslashes($user_data['user_name']) . "' AND brute_force=0 LIMIT 1"))) {
$user_status = $lang_usermgr_php['user_is_banned'];
} elseif ($user_data['user_active'] == 'YES') {
$user_status = $lang_usermgr_php['status_active'];
} else {
$user_status = $lang_usermgr_php['status_inactive'];
}
} else {
// If this is a new user then add a checkbox for 'send login data to user' option
$form_data[] = array('checkbox', 'send_login_data', $lang_usermgr_php['send_login_data']);
$user_data = array('user_name' => '', 'user_active' => '', 'user_group' => '', 'user_group_list' => '', 'user_email' => '', 'user_profile1' => '', 'user_profile2' => '', 'user_profile3' => '', 'user_profile4' => '', 'user_profile6' => '');
}
$status_icon = cpg_fetch_icon('online', 2);
echo <<<EOT
<form name="cpgform3" id="cpgform3" method="post" action="{$CPG_PHP_SELF}?op=update&user_id={$user_id}">
EOT;
if ($op == 'new_user') {
starttable(500, $icon_array['add_user'] . $lang_usermgr_php['create_new_user'], 2);
} else {
starttable(500, $icon_array['edit'] . $lang_usermgr_php['modify_user'], 2);
echo <<<EOT
<tr>
<td class="tableb">
{$status_icon}{$lang_usermgr_php['status']}
</td>
<td class="tableb">
{$user_status}
</td>
</tr>
EOT;
}
$loopCounter = 0;
foreach ($form_data as $element) {
if ($loopCounter / 2 == floor($loopCounter / 2)) {
$row_style_class = 'tableb tableb_alternate';
} else {
$row_style_class = 'tableb';
}
$loopCounter++;
switch ($element[0]) {
case 'input':
$value = $user_data[$element[1]];
if ($element[2]) {
echo <<<EOT
<tr>
<td width="40%" class="{$row_style_class}" valign="top">
{$element[2]}
</td>
<td width="60%" class="{$row_style_class}" valign="top">
<input type="text" style="width: 100%" name="{$element[1]}" maxlength="{$element[3]}" value="{$value}" class="textinput" />
</td>
</tr>
EOT;
}
break;
case 'textarea':
$value = $user_data[$element[1]];
if ($element[2]) {
echo <<<EOT
<tr>
<td width="40%" class="{$row_style_class}" height="25" valign="top">
{$element[2]}
</td>
<td width="60%" class="{$row_style_class}" valign="top">
<textarea name="{$element[1]}" rows="7" cols="40" class="textinput" style="width: 100%">{$value}</textarea>
</td>
</tr>
EOT;
}
break;
case 'password':
echo <<<EOT
<tr>
<td width="40%" class="{$row_style_class}" valign="top">
{$element[2]}
</td>
<td width="60%" class="{$row_style_class}" valign="top">
<input type="password" style="width: 100%" name="{$element[1]}" maxlength="{$element[3]}" value="" class="textinput" />
</td>
</tr>
EOT;
break;
case 'yesno':
$value = $user_data[$element[1]];
$yes_selected = $value == 'YES' || $op == 'new_user' ? 'checked="checked"' : '';
$no_selected = $value == 'NO' ? 'checked="checked"' : '';
echo <<<EOT
<tr>
<td class="{$row_style_class}" valign="top">
{$element[2]}
</td>
<td class="{$row_style_class}" valign="top">
<input type="radio" id="yes" name="{$element[1]}" value="YES" {$yes_selected} /><label for="yes" class="clickable_option">{$lang_common['yes']}</label>
<input type="radio" id="no" name="{$element[1]}" value="NO" {$no_selected} /><label for="no" class="clickable_option">{$lang_common['no']}</label>
</td>
</tr>
EOT;
break;
case 'group_list':
$sql = "SELECT group_id, group_name FROM {$CONFIG['TABLE_USERGROUPS']} ORDER BY group_name";
$result = cpg_db_query($sql);
$group_list = cpg_db_fetch_rowset($result);
mysql_free_result($result);
$sel_group = $user_data[$element[1]];
$user_group_list = $user_data['user_group_list'] == '' ? ',' . $sel_group . ',' : ',' . $user_data['user_group_list'] . ',' . $sel_group . ',';
echo <<<EOT
<tr>
<td class="{$row_style_class}" valign="top">
{$element[2]}
</td>
<td class="{$row_style_class}" valign="top">
<select name="{$element[1]}" class="listbox">
EOT;
$group_cb = '';
foreach ($group_list as $group) {
echo ' <option value="' . $group['group_id'] . '"' . ($group['group_id'] == $sel_group || $op == 'new_user' && $group['group_id'] == 2 ? ' selected="selected"' : '') . '>' . $group['group_name'] . '</option>' . $LINEBREAK;
if ($group['group_id'] != 3) {
$checked = strpos(' ' . $user_group_list, ',' . $group['group_id'] . ',') ? 'checked="checked"' : '';
$group_cb .= '<input name="group_list[]" type="checkbox" value="' . $group['group_id'] . '" ' . $checked . ' />' . $group['group_name'] . '<br />' . $LINEBREAK;
}
}
$assignedGroupsHelp = cpg_display_help('f=users.htm&as=user_cp_edit_permission_by_group&ae=user_cp_edit_permission_by_group_end', '450', '300');
echo <<<EOT
</select><br />
{$group_cb}
<br />
<a href="usermgr.php?op=groups_alb_access&form_token={$form_token}&timestamp={$timestamp}" class="admin_menu">{$lang_usermgr_php['groups_alb_access']}</a>
{$assignedGroupsHelp}
</td>
</tr>
EOT;
break;
case 'checkbox':
echo <<<EOT
<tr>
<td class="{$row_style_class}" valign="top">
<label for="send_login_data">{$element[2]}</label>
</td>
<td class="{$row_style_class} valign="top"">
<input type="checkbox" id="send_login_data" name="{$element[1]}" value="YES" />
</td>
</tr>
EOT;
break;
default:
cpg_die(CRITICAL_ERROR, 'Invalid action for form creation ' . $element[0], __FILE__, __LINE__);
}
}
if ($op == 'new_user') {
echo <<<EOT
<tr>
<td colspan="2" align="center" class="tablef">
<button type="submit" class="button" name="usermgr_edit_submit" value="{$lang_usermgr_php['submit']}">{$icon_array['ok']}{$lang_usermgr_php['submit']}</button>
<input type="hidden" name="form_token" value="{$form_token}" />
<input type="hidden" name="timestamp" value="{$timestamp}" />
</td>
</tr>
EOT;
} else {
echo <<<EOT
<tr>
<td colspan="2" class="tableh2">
{$lang_usermgr_php['notes']}
</td>
</tr>
<tr>
<td colspan="2" class="tableb">
<ul>
<li>{$lang_usermgr_php['note_list']}</li>
</ul>
</td>
</tr>
<tr>
<td colspan="2" align="center" class="tablef">
<button type="submit" class="button" name="usermgr_edit_submit" value="{$lang_usermgr_php['modify_user']}">{$icon_array['ok']}{$lang_usermgr_php['modify_user']}</button>
<input type="hidden" name="form_token" value="{$form_token}" />
<input type="hidden" name="timestamp" value="{$timestamp}" />
</td>
</tr>
EOT;
}
endtable();
echo '</form>';
}
function edit_user($user_id)
{
global $CONFIG;
//, $PHP_SELF;
global $lang_usermgr_php, $lang_common;
$form_data = array(array('input', 'user_name', $lang_usermgr_php['name'], 25), array('password', 'user_password', $lang_usermgr_php['password'], 25), array('yesno', 'user_active', $lang_usermgr_php['user_active']), array('group_list', 'user_group', $lang_usermgr_php['user_group']), array('input', 'user_email', $lang_usermgr_php['user_email'], 255), array('input', 'user_profile1', $CONFIG['user_profile1_name'], 255), array('input', 'user_profile2', $CONFIG['user_profile2_name'], 255), array('input', 'user_profile3', $CONFIG['user_profile3_name'], 255), array('input', 'user_profile4', $CONFIG['user_profile4_name'], 255), array('input', 'user_profile5', $CONFIG['user_profile5_name'], 255), array('textarea', 'user_profile6', $CONFIG['user_profile6_name'], 255));
$sql = "SELECT * FROM {$CONFIG['TABLE_USERS']} WHERE user_id = '{$user_id}'";
$result = cpg_db_query($sql);
if (!mysql_num_rows($result)) {
cpg_die(CRITICAL_ERROR, $lang_usermgr_php['err_unknown_user'], __FILE__, __LINE__);
}
$user_data = mysql_fetch_array($result);
mysql_free_result($result);
// If this is a new user then add a checkbox for 'send login data to user' option
if ($user_data['user_name'] == '') {
$form_data[] = array('checkbox', 'send_login_data', $lang_usermgr_php['send_login_data']);
}
starttable(500, $lang_usermgr_php['modify_user'], 2);
echo <<<EOT
<form name="cpgform3" id="cpgform3" method="post" action="{$_SERVER['PHP_SELF']}?op=update&user_id={$user_id}">
EOT;
foreach ($form_data as $element) {
switch ($element[0]) {
case 'input':
$user_data[$element[1]] = $user_data[$element[1]];
if ($element[2]) {
echo <<<EOT
<tr>
<td width="40%" class="tableb">
{$element[2]}
</td>
<td width="60%" class="tableb" valign="top">
<input type="text" style="width: 100%" name="{$element[1]}" maxlength="{$element[3]}" value="{$user_data[$element[1]]}" class="textinput" />
</td>
</tr>
EOT;
}
break;
case 'textarea':
$value = $user_data[$element[1]];
if ($element[2]) {
echo <<<EOT
<tr>
<td width="40%" class="tableb" height="25">
{$element[2]}
</td>
<td width="60%" class="tableb" valign="top">
<textarea name="{$element[1]}" rows="7" class="textinput" style="width: 100%">{$value}</textarea>
</td>
</tr>
EOT;
}
break;
case 'password':
echo <<<EOT
<tr>
<td width="40%" class="tableb">
{$element[2]}
</td>
<td width="60%" class="tableb" valign="top">
<input type="input" style="width: 100%" name="{$element[1]}" maxlength="{$element[3]}" value="" class="textinput" />
</td>
</tr>
EOT;
break;
case 'yesno':
$value = $user_data[$element[1]];
$yes_selected = $value == 'YES' ? 'checked="checked"' : '';
$no_selected = $value == 'NO' ? 'checked="checked"' : '';
//$yes_selected = ($value == 'YES') ? 'selected' : '';
//$no_selected = ($value == 'NO') ? 'selected' : '';
echo <<<EOT
<tr>
<td class="tableb">
{$element[2]}
</td>
<td class="tableb">
<input type="radio" id="yes" name="{$element[1]}" value="YES" {$yes_selected} /><label for="yes" class="clickable_option">{$lang_common['yes']}</label>
<input type="radio" id="no" name="{$element[1]}" value="NO" {$no_selected} /><label for="no" class="clickable_option">{$lang_common['no']}</label>
</td>
</tr>
EOT;
break;
case 'group_list':
$sql = "SELECT group_id, group_name FROM {$CONFIG['TABLE_USERGROUPS']} ORDER BY group_name";
$result = cpg_db_query($sql);
$group_list = cpg_db_fetch_rowset($result);
mysql_free_result($result);
$sel_group = $user_data[$element[1]];
$user_group_list = $user_data['user_group_list'] == '' ? ',' . $sel_group . ',' : ',' . $user_data['user_group_list'] . ',' . $sel_group . ',';
echo <<<EOT
<tr>
<td class="tableb">
{$element[2]}
</td>
<td class="tableb" valign="top">
<select name="{$element[1]}" class="listbox">
EOT;
$group_cb = '';
foreach ($group_list as $group) {
echo ' <option value="' . $group['group_id'] . '"' . ($group['group_id'] == $sel_group ? ' selected' : '') . '>' . $group['group_name'] . "</option>\n";
/**
* If the group is registered, don't show it here as all the users must be a member of this group
* Also there is no point in displaying the 'Banned' group as checking banned here does not ban the user.
* Also remove Administrators group from secondary list as it won't give a user admin access.
*/
if ($group['group_id'] != 1 && $group['group_id'] != 2 && $group['group_id'] != 4) {
$checked = strpos(' ' . $user_group_list, ',' . $group['group_id'] . ',') ? 'checked' : '';
$group_cb .= '<input name="group_list[]" type="checkbox" value="' . $group['group_id'] . '" ' . $checked . ' />' . $group['group_name'] . "<br />\n";
}
}
echo <<<EOT
</select><br />
{$group_cb}
<br />
<a href="usermgr.php?op=groups_alb_access" class="admin_menu">{$lang_usermgr_php['groups_alb_access']}</a>
</td>
</tr>
EOT;
break;
case 'checkbox':
echo <<<EOT
<tr>
<td class="tableb">
<label for="send_login_data">{$element[2]}</label>
</td>
<td class="tableb">
<input type="checkbox" id="send_login_data" name="{$element[1]}" value="YES" />
</td>
</tr>
EOT;
break;
default:
cpg_die(CRITICAL_ERROR, 'Invalid action for form creation ' . $element[0], __FILE__, __LINE__);
}
}
echo <<<EOT
<tr>
<td colspan="2" class="tableh2">
<b>{$lang_usermgr_php['notes']}</b>
</td>
</tr>
<tr>
<td colspan="2" class="tableb">
<ul>
{$lang_usermgr_php['note_list']}
</ul>
</td>
</tr>
<tr>
<td colspan="2" align="center" class="tablef">
<input type="submit" value="{$lang_usermgr_php['modify_user']}" class="button" />
</td>
</form>
</tr>
EOT;
endtable();
}
