function apply_category_theme($category_id)
{
if (defined('AT_ENABLE_CATEGORY_THEMES') && AT_ENABLE_CATEGORY_THEMES) {
global $db;
if ($category_id) {
// apply the theme for this category:
$sql = "SELECT theme FROM %scourse_cats WHERE cat_id=%d";
$row = queryDB($sql, array(TABLE_PREFIX, $category_id), TRUE);
if ($row['theme'] != '') {
$_SESSION['prefs']['PREF_THEME'] = $row['theme'];
} else {
$_SESSION['prefs']['PREF_THEME'] = get_default_theme();
}
} else {
$_SESSION['prefs']['PREF_THEME'] = get_default_theme();
}
}
}
function apply_category_theme($category_id)
{
if (defined('AT_ENABLE_CATEGORY_THEMES') && AT_ENABLE_CATEGORY_THEMES) {
global $db;
if ($category_id) {
// apply the theme for this category:
$sql = "SELECT theme FROM " . TABLE_PREFIX . "course_cats WHERE cat_id={$category_id}";
$result = mysql_query($sql, $db);
if (($cat_row = mysql_fetch_assoc($result)) && $cat_row['theme']) {
$_SESSION['prefs']['PREF_THEME'] = $cat_row['theme'];
} else {
$_SESSION['prefs']['PREF_THEME'] = get_default_theme();
}
} else {
$_SESSION['prefs']['PREF_THEME'] = get_default_theme();
}
}
}
/**
* Fetches user data from database.
* Same that getuserdata() but with additional tests for guest.
*
* @param int $user_id
* @param boolean $user_cache
* @return array
*/
function build_user($user_id, $use_cache = true)
{
global $conf;
$user['id'] = $user_id;
$user = array_merge($user, getuserdata($user_id, $use_cache));
if ($user['id'] == $conf['guest_id'] and $user['status'] != 'guest') {
$user['status'] = 'guest';
$user['internal_status']['guest_must_be_guest'] = true;
}
// Check user theme
if (!isset($user['theme_name'])) {
$user['theme'] = get_default_theme();
}
return $user;
}
// 2. The request is from the mobile device but PREF_THEME is not a mobile theme
if (!isset($_SESSION['prefs']['PREF_THEME']) || $_SESSION['prefs']['PREF_THEME'] == "" || is_mobile_device() && !is_mobile_theme($_SESSION['prefs']['PREF_THEME'])) {
// get default
$_SESSION['prefs']['PREF_THEME'] = get_default_theme();
}
if (!is_dir(AT_SYSTEM_THEME_DIR . $_SESSION['prefs']['PREF_THEME']) && !is_dir(AT_SUBSITE_THEME_DIR . $_SESSION['prefs']['PREF_THEME']) || $_SESSION['prefs']['PREF_THEME'] == '') {
$_SESSION['prefs']['PREF_THEME'] = get_system_default_theme();
}
// use "mobile" theme for mobile devices. For now, there's only one mobile theme and it's hardcoded.
// When more mobile themes come in, this should be changed.
if (isset($_SESSION['prefs']['PREF_THEME']) && isset($_SESSION['valid_user']) && $_SESSION['valid_user'] === true) {
//check if the theme is enabled
$row = queryDB("SELECT status FROM %sthemes WHERE dir_name='%s'", array(TABLE_PREFIX, $_SESSION['prefs']['PREF_THEME']), true);
if ($row['status'] == 0) {
// get user defined default theme if the preference theme is disabled
$default_theme = get_default_theme();
if (!is_dir(AT_SYSTEM_THEME_DIR . $default_theme) && !is_dir(AT_SUBSITE_THEME_DIR . $default_theme)) {
$default_theme = get_system_default_theme();
}
$_SESSION['prefs']['PREF_THEME'] = $default_theme;
$msg->addError('THEME_PREVIEW_DISABLED');
}
}
// find out where PREF_THEME is located
$main_theme_folder = get_main_theme_dir(is_customized_theme($_SESSION['prefs']['PREF_THEME']));
$savant->addPath('template', $main_theme_folder . $_SESSION['prefs']['PREF_THEME'] . '/');
require $main_theme_folder . '../themes/' . $_SESSION['prefs']['PREF_THEME'] . '/theme.cfg.php';
// Define the directory where the customized data lives (used by multi sites):
// Main site: [ATutor-root]
// Subsites: [ATutor-root]/sites/[Subsite-URL]/
$theme_path = "";
/**
* Redirects to the given URL (HTML method).
* once this function called, the execution doesn't go further
* (presence of an exit() instruction.
*
* @param string $url
* @param string $msg
* @param integer $refresh_time
* @return void
*/
function redirect_html($url, $msg = '', $refresh_time = 0)
{
global $user, $template, $lang_info, $conf, $lang, $t2, $page, $debug;
if (!isset($lang_info) || !isset($template)) {
$user = build_user($conf['guest_id'], true);
load_language('common.lang');
trigger_notify('loading_lang');
load_language('lang', PHPWG_ROOT_PATH . PWG_LOCAL_DIR, array('no_fallback' => true, 'local' => true));
$template = new Template(PHPWG_ROOT_PATH . 'themes', get_default_theme());
} elseif (defined('IN_ADMIN') and IN_ADMIN) {
$template = new Template(PHPWG_ROOT_PATH . 'themes', get_default_theme());
}
if (empty($msg)) {
$msg = nl2br(l10n('Redirection...'));
}
$refresh = $refresh_time;
$url_link = $url;
$title = 'redirection';
$template->set_filenames(array('redirect' => 'redirect.tpl'));
include PHPWG_ROOT_PATH . 'include/page_header.php';
$template->set_filenames(array('redirect' => 'redirect.tpl'));
$template->assign('REDIRECT_MSG', $msg);
$template->parse('redirect');
include PHPWG_ROOT_PATH . 'include/page_tail.php';
exit;
}
$user_ids[] = $row['id'];
}
$template->assign(array('users' => $users, 'all_users' => join(',', $user_ids), 'ACTIVATE_COMMENTS' => $conf['activate_comments'], 'Double_Password' => $conf['double_password_type_in_admin']));
$default_user = get_default_user_info(true);
$protected_users = array($user['id'], $conf['guest_id'], $conf['default_user_id'], $conf['webmaster_id']);
// an admin can't delete other admin/webmaster
if ('admin' == $user['status']) {
$query = '
SELECT
user_id
FROM ' . USER_INFOS_TABLE . '
WHERE status IN (\'webmaster\', \'admin\')
;';
$protected_users = array_merge($protected_users, query2array($query, null, 'user_id'));
}
$template->assign(array('PWG_TOKEN' => get_pwg_token(), 'NB_IMAGE_PAGE' => $default_user['nb_image_page'], 'RECENT_PERIOD' => $default_user['recent_period'], 'theme_options' => get_pwg_themes(), 'theme_selected' => get_default_theme(), 'language_options' => get_languages(), 'language_selected' => get_default_language(), 'association_options' => $groups, 'protected_users' => implode(',', array_unique($protected_users)), 'guest_user' => $conf['guest_id']));
// Status options
foreach (get_enums(USER_INFOS_TABLE, 'status') as $status) {
$label_of_status[$status] = l10n('user_status_' . $status);
}
$pref_status_options = $label_of_status;
// a simple "admin" can set/remove statuses webmaster/admin
if ('admin' == $user['status']) {
unset($pref_status_options['webmaster']);
unset($pref_status_options['admin']);
}
$template->assign('label_of_status', $label_of_status);
$template->assign('pref_status_options', $pref_status_options);
$template->assign('pref_status_selected', 'normal');
// user level options
foreach ($conf['available_permission_levels'] as $level) {
function save_profile_from_post($userdata, &$errors)
{
global $conf, $page;
$errors = array();
if (!isset($_POST['validate'])) {
return false;
}
$special_user = in_array($userdata['id'], array($conf['guest_id'], $conf['default_user_id']));
if ($special_user) {
unset($_POST['username'], $_POST['mail_address'], $_POST['password'], $_POST['use_new_pwd'], $_POST['passwordConf'], $_POST['theme'], $_POST['language']);
$_POST['theme'] = get_default_theme();
$_POST['language'] = get_default_language();
}
if (!defined('IN_ADMIN')) {
unset($_POST['username']);
}
if ($conf['allow_user_customization'] or defined('IN_ADMIN')) {
$int_pattern = '/^\\d+$/';
if (empty($_POST['nb_image_page']) or !preg_match($int_pattern, $_POST['nb_image_page'])) {
$errors[] = l10n('The number of photos per page must be a not null scalar');
}
// periods must be integer values, they represents number of days
if (!preg_match($int_pattern, $_POST['recent_period']) or $_POST['recent_period'] < 0) {
$errors[] = l10n('Recent period must be a positive integer value');
}
if (!in_array($_POST['language'], array_keys(get_languages()))) {
die('Hacking attempt, incorrect language value');
}
if (!in_array($_POST['theme'], array_keys(get_pwg_themes()))) {
die('Hacking attempt, incorrect theme value');
}
}
if (isset($_POST['mail_address'])) {
// if $_POST and $userdata have are same email
// validate_mail_address allows, however, to check email
$mail_error = validate_mail_address($userdata['id'], $_POST['mail_address']);
if (!empty($mail_error)) {
$errors[] = $mail_error;
}
}
if (!empty($_POST['use_new_pwd'])) {
// password must be the same as its confirmation
if ($_POST['use_new_pwd'] != $_POST['passwordConf']) {
$errors[] = l10n('The passwords do not match');
}
if (!defined('IN_ADMIN')) {
// changing password requires old password
$query = '
SELECT ' . $conf['user_fields']['password'] . ' AS password
FROM ' . USERS_TABLE . '
WHERE ' . $conf['user_fields']['id'] . ' = \'' . $userdata['id'] . '\'
;';
list($current_password) = pwg_db_fetch_row(pwg_query($query));
if (!$conf['password_verify']($_POST['password'], $current_password)) {
$errors[] = l10n('Current password is wrong');
}
}
}
if (count($errors) == 0) {
// mass_updates function
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
if (isset($_POST['mail_address'])) {
// update common user informations
$fields = array($conf['user_fields']['email']);
$data = array();
$data[$conf['user_fields']['id']] = $userdata['id'];
$data[$conf['user_fields']['email']] = $_POST['mail_address'];
// password is updated only if filled
if (!empty($_POST['use_new_pwd'])) {
$fields[] = $conf['user_fields']['password'];
// password is hashed with function $conf['password_hash']
$data[$conf['user_fields']['password']] = $conf['password_hash']($_POST['use_new_pwd']);
}
// username is updated only if allowed
if (!empty($_POST['username'])) {
if ($_POST['username'] != $userdata['username'] and get_userid($_POST['username'])) {
$page['errors'][] = l10n('this login is already used');
unset($_POST['redirect']);
} else {
$fields[] = $conf['user_fields']['username'];
$data[$conf['user_fields']['username']] = $_POST['username'];
// send email to the user
if ($_POST['username'] != $userdata['username']) {
include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php';
switch_lang_to($userdata['language']);
$keyargs_content = array(get_l10n_args('Hello', ''), get_l10n_args('Your username has been successfully changed to : %s', $_POST['username']));
pwg_mail($_POST['mail_address'], array('subject' => '[' . $conf['gallery_title'] . '] ' . l10n('Username modification'), 'content' => l10n_args($keyargs_content), 'content_format' => 'text/plain'));
switch_lang_back();
}
}
}
mass_updates(USERS_TABLE, array('primary' => array($conf['user_fields']['id']), 'update' => $fields), array($data));
}
if ($conf['allow_user_customization'] or defined('IN_ADMIN')) {
// update user "additional" informations (specific to Piwigo)
$fields = array('nb_image_page', 'language', 'expand', 'show_nb_hits', 'recent_period', 'theme');
if ($conf['activate_comments']) {
$fields[] = 'show_nb_comments';
}
$data = array();
$data['user_id'] = $userdata['id'];
foreach ($fields as $field) {
if (isset($_POST[$field])) {
$data[$field] = $_POST[$field];
}
}
mass_updates(USER_INFOS_TABLE, array('primary' => array('user_id'), 'update' => $fields), array($data));
}
trigger_notify('save_profile_from_post', $userdata['id']);
if (!empty($_POST['redirect'])) {
redirect($_POST['redirect']);
}
}
return true;
}
function set_theme($theme)
{
$CI = get_instance();
$themes = get_themes();
$default_theme = get_default_theme();
if (!is_array($themes)) {
return FALSE;
}
if (in_array($theme, $themes)) {
$result = TRUE;
} else {
$theme = $default_theme;
$result = FALSE;
}
//set theme
$userid = $CI->session->userdata('id');
$data = array('theme' => $theme);
$CI->db->where('id', $userid);
$CI->db->update('users', $data);
$CI->session->set_userdata($data);
return $theme;
}
function set_default_theme($theme_id)
{
global $conf;
// first we need to know which users are using the current default theme
$default_theme = get_default_theme();
$query = '
SELECT
user_id
FROM ' . USER_INFOS_TABLE . '
WHERE theme = \'' . $default_theme . '\'
;';
$user_ids = array_unique(array_merge(array_from_query($query, 'user_id'), array($conf['guest_id'], $conf['default_user_id'])));
// $user_ids can't be empty, at least the default user has the default
// theme
$query = '
UPDATE ' . USER_INFOS_TABLE . '
SET theme = \'' . $theme_id . '\'
WHERE user_id IN (' . implode(',', $user_ids) . ')
;';
pwg_query($query);
}
if (file_exists("themes/" . $theme_path . "/name")) {
$name = file_get_contents("themes/" . $theme_path . "/name");
} else {
$name = $theme_path;
}
} else {
$_SESSION['message'] = $lang['error_not_found'];
header("Location: adminthemes.php" . $sid);
exit;
}
$insert = "INSERT INTO maia_themes (name, path) VALUES (?, ?)";
$dbh->query($insert, array($name, $theme_path));
header("Location: adminthemes.php" . $sid);
} elseif (isset($_POST["uninstall"])) {
$theme_ids = $_POST['themes'];
$default_theme_id = get_default_theme();
if ($default_theme_id == false) {
#ack! no default?
$_SESSION['message'] = $lang['error_database'];
header("Location: adminthemes.php" . $sid);
exit;
}
if (!in_array($default_theme_id, $theme_ids)) {
$update = "UPDATE maia_users SET theme_id=? WHERE theme_id=?";
$delete = "DELETE FROM maia_themes WHERE id=?";
foreach ($theme_ids as $id) {
$dbh->query($update, array($default_theme_id, $id));
$dbh->query($delete, array($id));
}
header("Location: adminthemes.php" . $sid);
} else {
// set default template paths:
$savant = new Savant2();
if (isset($_SESSION['prefs']['PREF_THEME']) && file_exists(TR_INCLUDE_PATH . '../themes/' . $_SESSION['prefs']['PREF_THEME']) && $_SESSION['user_id'] > 0) {
if (!is_dir(TR_INCLUDE_PATH . '../themes/' . $_SESSION['prefs']['PREF_THEME'])) {
$_SESSION['prefs']['PREF_THEME'] = 'default';
} else {
//check if enabled
$themesDAO = new ThemesDAO();
$row = $themesDAO->getByID($_SESSION['prefs']['PREF_THEME']);
if ($row['status'] == 0) {
// get default
$_SESSION['prefs']['PREF_THEME'] = get_default_theme();
}
}
} else {
$_SESSION['prefs']['PREF_THEME'] = get_default_theme();
}
$savant->addPath('template', TR_INCLUDE_PATH . '../themes/' . $_SESSION['prefs']['PREF_THEME'] . '/');
require TR_INCLUDE_PATH . '../themes/' . $_SESSION['prefs']['PREF_THEME'] . '/theme.cfg.php';
require TR_INCLUDE_PATH . 'classes/Message/Message.class.php';
$msg = new Message($savant);
/***** end of initialize theme and template management *****/
/***** 8. initialize user instance *****/
// used as global var
if (isset($_SESSION['user_id']) && $_SESSION['user_id'] > 0) {
// check if $_SESSION['user_id'] is valid
include_once TR_INCLUDE_PATH . 'classes/DAO/UsersDAO.class.php';
$usersDAO = new UsersDAO();
$user = $usersDAO->getUserByID($_SESSION['user_id']);
if (!$user) {
// invalid user
