function format_message($message) { if (!function_exists('process_smilies')) { include BASE_DIR . 'include' . DS . 'smilies.inc.php'; } return make_clickable(process_smilies(bb_decode($message))); }
$redirect = "displayimage.php?pos=" . -$pid; if ($CONFIG['email_comment_notification']) { $mail_body = "<p>" . bb_decode(process_smilies($msg_body, $CONFIG['ecards_more_pic_target'])) . "</p>\n\r " . $lang_db_input_php['email_comment_body'] . " " . $CONFIG['ecards_more_pic_target'] . (substr($CONFIG["ecards_more_pic_target"], -1) == '/' ? '' : '/') . $redirect; cpg_mail('admin', $lang_db_input_php['email_comment_subject'], make_clickable($mail_body)); } pageheader($lang_db_input_php['com_added'], "<meta http-equiv=\"refresh\" content=\"1;url={$redirect}\" />"); msg_box($lang_db_input_php['info'], $lang_db_input_php['com_added'], $lang_continue, $redirect); pagefooter(); ob_end_flush(); exit; } else { // Registered users, we can use Location to redirect $insert = cpg_db_query("INSERT INTO {$CONFIG['TABLE_COMMENTS']} (pid, msg_author, msg_body, msg_date, author_md5_id, author_id, msg_raw_ip, msg_hdr_ip) VALUES ('{$pid}', '" . addslashes(USER_NAME) . "', '{$msg_body}', NOW(), '', '" . USER_ID . "', '{$raw_ip}', '{$hdr_ip}')"); $redirect = "displayimage.php?pos=" . -$pid; if ($CONFIG['email_comment_notification'] && !USER_IS_ADMIN) { $mail_body = "<p>" . bb_decode(process_smilies($msg_body, $CONFIG['ecards_more_pic_target'])) . "</p>\n\r " . $lang_db_input_php['email_comment_body'] . " " . $CONFIG['ecards_more_pic_target'] . (substr($CONFIG["ecards_more_pic_target"], -1) == '/' ? '' : '/') . $redirect; cpg_mail('admin', $lang_db_input_php['email_comment_subject'], make_clickable($mail_body)); } $header_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? 'Refresh: 0; URL=' : 'Location: '; header($header_location . $redirect); pageheader($lang_db_input_php['com_added'], "<meta http-equiv=\"refresh\" content=\"1;url={$redirect}\" />"); msg_box($lang_db_input_php['info'], $lang_db_input_php['com_added'], $lang_continue, $redirect); pagefooter(); ob_end_flush(); exit; } break; // Update album // Update album case 'album_update': if (!(USER_ADMIN_MODE || GALLERY_ADMIN_MODE)) {
$Date: 2008-04-12 12:00:19 +0200 (Sa, 12 Apr 2008) $ **********************************************/ define('IN_COPPERMINE', true); define('DISPLAYECARD_PHP', true); require 'include/init.inc.php'; require 'include/smilies.inc.php'; if (!isset($_GET['data'])) { cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'], __FILE__, __LINE__); } $data = array(); $data = @unserialize(@base64_decode($_GET['data'])); // attempt to obtain full link from db if ecard logging enabled and min 12 chars of data is provided and only 1 match if (!is_array($data) && $CONFIG['log_ecards'] && strlen($_GET['data']) > 12) { $result = cpg_db_query("SELECT link FROM {$CONFIG['TABLE_ECARDS']} WHERE link LIKE '{$_GET['data']}%'"); if (mysql_num_rows($result) === 1) { $row = mysql_fetch_assoc($result); $data = @unserialize(@base64_decode($row['link'])); } } if (is_array($data)) { // Remove HTML tags as we can't trust what we receive foreach ($data as $key => $value) { $data[$key] = strtr($value, $HTML_SUBST); } // Load template parameters $params = array('{LANG_DIR}' => $lang_text_dir, '{TITLE}' => sprintf($lang_ecard_php['ecard_title'], $data['sn']), '{CHARSET}' => $CONFIG['charset'] == 'language file' ? $lang_charset : $CONFIG['charset'], '{VIEW_ECARD_TGT}' => '', '{VIEW_ECARD_LNK}' => '', '{PIC_URL}' => $data['p'], '{URL_PREFIX}' => '', '{GREETINGS}' => $data['g'], '{MESSAGE}' => bb_decode(process_smilies($data['m'])), '{SENDER_EMAIL}' => $data['se'], '{SENDER_NAME}' => $data['sn'], '{VIEW_MORE_TGT}' => $CONFIG['ecards_more_pic_target'], '{VIEW_MORE_LNK}' => $lang_ecard_php['view_more_pics'], '{PID}' => $data['pid'], '{PIC_TITLE}' => $data['pt'], '{PIC_CAPTION}' => $data['pc']); // Parse template echo template_eval($template_ecard, $params); } else { cpg_die(CRITICAL_ERROR, $lang_displayecard_php['invalid_data'], __FILE__, __LINE__); }
function theme_html_comments($pid) { global $CONFIG, $USER, $CURRENT_ALBUM_DATA, $comment_date_fmt, $HTML_SUBST; global $template_image_comments, $template_add_your_comment, $lang_display_comments, $lang_common, $REFERER; $html = ''; //report to moderator buttons if (!($CONFIG['report_post'] == 1 && USER_CAN_SEND_ECARDS)) { template_extract_block($template_image_comments, 'report_comment_button'); } if (!$CONFIG['enable_smilies']) { $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_no_smilies', '{EDIT}'); template_extract_block($template_image_comments, 'edit_box_smilies'); template_extract_block($template_add_your_comment, 'input_box_smilies'); } else { $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_smilies', '{EDIT}'); template_extract_block($template_image_comments, 'edit_box_no_smilies'); template_extract_block($template_add_your_comment, 'input_box_no_smilies'); } $tmpl_comments_buttons = template_extract_block($template_image_comments, 'buttons', '{BUTTONS}'); $tmpl_comments_ipinfo = template_extract_block($template_image_comments, 'ipinfo', '{IPINFO}'); if ($CONFIG['comments_sort_descending'] == 1) { $comment_sort_order = 'DESC'; } else { $comment_sort_order = 'ASC'; } $result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid, approval FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}' ORDER BY msg_id {$comment_sort_order}"); while ($row = mysql_fetch_array($result)) { // while-loop start $user_can_edit = GALLERY_ADMIN_MODE || USER_ID && USER_ID == $row['author_id'] && USER_CAN_POST_COMMENTS || !USER_ID && USER_CAN_POST_COMMENTS && $USER['ID'] == $row['author_md5_id']; if ($user_can_edit != '' && $CONFIG['comment_user_edit'] != 0 || GALLERY_ADMIN_MODE) { $comment_buttons = $tmpl_comments_buttons; $comment_edit_box = $tmpl_comment_edit_box; } else { $comment_buttons = ''; $comment_edit_box = ''; } $comment_ipinfo = $row['msg_raw_ip'] && GALLERY_ADMIN_MODE ? $tmpl_comments_ipinfo : ''; $hide_comment = 0; // comment approval $pending_approval = ''; if (USER_IS_ADMIN) { //display the selector approve/disapprove if ($row['approval'] == 'NO') { $pending_approval = '<a href="reviewcom.php?pos=-{PID}&msg_id={MSG_ID}&what=approve" title="' . $lang_display_comments['approve'] . '"><img src="images/approve.gif" border="0" alt="" align="middle" /></a>'; } else { $pending_approval = '<a href="reviewcom.php?pos=-{PID}&msg_id={MSG_ID}&what=disapprove" title="' . $lang_display_comments['disapprove'] . '"><img src="images/disapprove.gif" border="0" alt="" align="middle" /></a>'; } } else { // user or guest is logged in - start if ($row['approval'] == 'NO') { // the comment is not approved - start if ($user_can_edit) { // the comment comes from the current visitor, display it with a warning that it needs admin approval $pending_approval = '<img src="images/approve.gif" border="0" alt="" title="' . $lang_display_comments['pending_approval'] . '" align="middle" />'; } else { // the comment comes from someone else - don't display it at all if ($CONFIG['comment_placeholder'] == 0) { $hide_comment = 1; } else { $row['msg_author'] = $lang_display_comments['unapproved_comment']; $row['msg_body'] = $lang_display_comments['pending_approval_message']; $row['author_id'] = 0; } } } // the comment is not approved - end } // user or guest is logged in - end if ($CONFIG['enable_smilies']) { $comment_body = process_smilies(make_clickable($row['msg_body'])); $smilies = generate_smilies("f{$row['msg_id']}", 'msg_body'); } else { $comment_body = make_clickable($row['msg_body']); $smilies = ''; } // wrap the comment into italics if it isn't approved if ($row['approval'] == 'NO') { $comment_body = '<em>' . $comment_body . '</em>'; $row['msg_author'] = $row['msg_author']; } $ip = $row['msg_hdr_ip']; if ($row['msg_hdr_ip'] != $row['msg_raw_ip']) { $ip .= ' [' . $row['msg_raw_ip'] . ']'; } $params = array('{EDIT}' => &$comment_edit_box, '{BUTTONS}' => &$comment_buttons, '{IPINFO}' => &$comment_ipinfo, '{PENDING_APPROVAL}' => &$pending_approval); $template = template_eval($template_image_comments, $params); if ($row['author_id'] == 0) { $profile_lnk = stripslashes($row['msg_author']); } else { $profile_lnk = '<a href="profile.php?uid=' . $row['author_id'] . '">' . stripslashes($row['msg_author']) . '</a>'; } $params = array('{MSG_AUTHOR_LNK}' => $profile_lnk, '{MSG_AUTHOR}' => $row['msg_author'], '{MSG_ID}' => $row['msg_id'], '{PID}' => $row['pid'], '{EDIT_TITLE}' => &$lang_display_comments['edit_title'], '{DELETE_TITLE}' => &$lang_display_comments['delete_title'], '{CONFIRM_DELETE}' => &$lang_display_comments['confirm_delete'], '{MSG_DATE}' => localised_date($row['msg_date'], $comment_date_fmt), '{MSG_BODY}' => bb_decode($comment_body), '{MSG_BODY_RAW}' => $row['msg_body'], '{OK}' => &$lang_display_comments['OK'], '{SMILIES}' => $smilies, '{IP}' => $ip, '{REPORT_COMMENT_TITLE}' => &$lang_display_comments['report_comment_title'], '{WIDTH}' => $CONFIG['picture_table_width']); if ($hide_comment != 1) { $html .= template_eval($template, $params); } } // while-loop end if (USER_CAN_POST_COMMENTS && $CURRENT_ALBUM_DATA['comments'] == 'YES') { if (USER_ID) { $user_name_input = '<tr><td><input type="hidden" name="msg_author" value="' . stripslashes(USER_NAME) . '" /></td>'; template_extract_block($template_add_your_comment, 'user_name_input', $user_name_input); $user_name = ''; } else { $user_name = isset($USER['name']) ? '"' . strtr($USER['name'], $HTML_SUBST) . '"' : $lang_display_comments['your_name'] . '" onclick="javascript:this.value=\'\';'; } if ($CONFIG['comment_captcha'] == 0 || $CONFIG['comment_captcha'] == 1 && USER_ID) { template_extract_block($template_add_your_comment, 'comment_captcha'); } $params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'], '{NAME}' => $lang_display_comments['name'], '{COMMENT}' => $lang_display_comments['comment'], '{CONFIRM}' => $lang_common['confirm'] . ' ' . cpg_display_help('f=empty.htm&base=64&h=' . urlencode(base64_encode(serialize($lang_common['captcha_help_title']))) . '&t=' . urlencode(base64_encode(serialize($lang_common['captcha_help']))), 470, 245), '{PIC_ID}' => $pid, '{USER_NAME}' => $user_name, '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'], '{OK}' => $lang_display_comments['OK'], '{SMILIES}' => '', '{WIDTH}' => $CONFIG['picture_table_width']); if ($CONFIG['enable_smilies']) { $params['{SMILIES}'] = generate_smilies(); } else { template_extract_block($template_add_your_comment, 'smilies'); } template_extract_block($template_add_your_comment, 'login_to_comment'); $html .= template_eval($template_add_your_comment, $params); } else { // user can not post comments if ($CONFIG['comment_promote_registration'] == 1 && $CURRENT_ALBUM_DATA['comments'] == 'YES') { template_extract_block($template_add_your_comment, 'user_name_input'); template_extract_block($template_add_your_comment, 'input_box_smilies'); template_extract_block($template_add_your_comment, 'comment_captcha'); template_extract_block($template_add_your_comment, 'smilies'); template_extract_block($template_add_your_comment, 'submit'); $params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'], '{WIDTH}' => $CONFIG['picture_table_width'], '{LOGIN_TO_COMMENT}' => sprintf($lang_display_comments['log_in_to_comment'], '<a href="login.php?referer=' . $REFERER . '">', '</a>')); $html .= template_eval($template_add_your_comment, $params); } } return $html; }
function theme_html_comments($pid) { global $CONFIG, $USER, $CURRENT_ALBUM_DATA, $comment_date_fmt, $HTML_SUBST; global $template_image_comments, $template_add_your_comment, $lang_display_comments; $html = ''; //report to moderator buttons if (!($CONFIG['report_post'] == 1 && USER_CAN_SEND_ECARDS)) { template_extract_block($template_image_comments, 'report_comment_button'); } if (!$CONFIG['enable_smilies']) { $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_no_smilies', '{EDIT}'); template_extract_block($template_image_comments, 'edit_box_smilies'); template_extract_block($template_add_your_comment, 'input_box_smilies'); } else { $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_smilies', '{EDIT}'); template_extract_block($template_image_comments, 'edit_box_no_smilies'); template_extract_block($template_add_your_comment, 'input_box_no_smilies'); } $tmpl_comments_buttons = template_extract_block($template_image_comments, 'buttons', '{BUTTONS}'); $tmpl_comments_ipinfo = template_extract_block($template_image_comments, 'ipinfo', '{IPINFO}'); if ($CONFIG['comments_sort_descending'] == 1) { $comment_sort_order = 'DESC'; } else { $comment_sort_order = 'ASC'; } $result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}' ORDER BY msg_id {$comment_sort_order}"); while ($row = mysql_fetch_array($result)) { $user_can_edit = GALLERY_ADMIN_MODE || USER_ID && USER_ID == $row['author_id'] && USER_CAN_POST_COMMENTS || !USER_ID && USER_CAN_POST_COMMENTS && $USER['ID'] == $row['author_md5_id']; $comment_buttons = $user_can_edit ? $tmpl_comments_buttons : ''; $comment_edit_box = $user_can_edit ? $tmpl_comment_edit_box : ''; $comment_ipinfo = $row['msg_raw_ip'] && GALLERY_ADMIN_MODE ? $tmpl_comments_ipinfo : ''; if ($CONFIG['enable_smilies']) { $comment_body = process_smilies(make_clickable($row['msg_body'])); $smilies = generate_smilies("f{$row['msg_id']}", 'msg_body'); } else { $comment_body = make_clickable($row['msg_body']); $smilies = ''; } $ip = $row['msg_hdr_ip']; if ($row['msg_hdr_ip'] != $row['msg_raw_ip']) { $ip .= ' [' . $row['msg_raw_ip'] . ']'; } $params = array('{EDIT}' => &$comment_edit_box, '{BUTTONS}' => &$comment_buttons, '{IPINFO}' => &$comment_ipinfo); $template = template_eval($template_image_comments, $params); $params = array('{MSG_AUTHOR}' => stripslashes($row['msg_author']), '{MSG_ID}' => $row['msg_id'], '{PID}' => $row['pid'], '{EDIT_TITLE}' => &$lang_display_comments['edit_title'], '{CONFIRM_DELETE}' => &$lang_display_comments['confirm_delete'], '{MSG_DATE}' => localised_date($row['msg_date'], $comment_date_fmt), '{MSG_BODY}' => bb_decode($comment_body), '{MSG_BODY_RAW}' => $row['msg_body'], '{OK}' => &$lang_display_comments['OK'], '{SMILIES}' => $smilies, '{IP}' => $ip, '{REPORT_COMMENT_TITLE}' => &$lang_display_comments['report_comment_title'], '{WIDTH}' => $CONFIG['picture_table_width']); $html .= template_eval($template, $params); } if (USER_CAN_POST_COMMENTS && $CURRENT_ALBUM_DATA['comments'] == 'YES') { if (USER_ID) { $user_name_input = '<tr><td><input type="hidden" name="msg_author" value="' . stripslashes(USER_NAME) . '" /></td>'; template_extract_block($template_add_your_comment, 'user_name_input', $user_name_input); $user_name = ''; } else { if (isset($USER['name'])) { $user_name = strtr($USER['name'], $HTML_SUBST); } else { $user_name = $lang_display_comments['your_name']; } } $params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'], '{NAME}' => $lang_display_comments['name'], '{COMMENT}' => $lang_display_comments['comment'], '{PIC_ID}' => $pid, '{USER_NAME}' => $user_name, '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'], '{OK}' => $lang_display_comments['OK'], '{SMILIES}' => '', '{WIDTH}' => $CONFIG['picture_table_width']); if ($CONFIG['enable_smilies']) { $params['{SMILIES}'] = generate_smilies(); } else { template_extract_block($template_add_your_comment, 'smilies'); } $html .= template_eval($template_add_your_comment, $params); } return $html; }
function theme_html_comments($pid) { global $CONFIG, $USER, $CURRENT_ALBUM_DATA, $lang_date, $HTML_SUBST, $THEME_DIR; global $template_image_comments, $template_add_your_comment, $lang_display_comments, $lang_common, $REFERER, $lang_bbcode_help_title, $lang_bbcode_help; $superCage = Inspekt::makeSuperCage(); $template_add_your_comment = CPGPluginAPI::filter('theme_add_comment', $template_add_your_comment); $template_image_comments = CPGPluginAPI::filter('theme_edit_comment', $template_image_comments); list($timestamp, $form_token) = getFormToken(); $html = ''; //report to moderator buttons if (!($CONFIG['report_post'] == 1 && USER_CAN_SEND_ECARDS)) { template_extract_block($template_image_comments, 'report_comment_button'); } if (!$CONFIG['enable_smilies']) { $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_no_smilies', '{EDIT}'); template_extract_block($template_image_comments, 'edit_box_smilies'); template_extract_block($template_add_your_comment, 'input_box_smilies'); } else { $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_smilies', '{EDIT}'); template_extract_block($template_image_comments, 'edit_box_no_smilies'); template_extract_block($template_add_your_comment, 'input_box_no_smilies'); } $tmpl_comments_buttons = template_extract_block($template_image_comments, 'buttons', '{BUTTONS}'); $tmpl_comments_ipinfo = template_extract_block($template_image_comments, 'ipinfo', '{IPINFO}'); if ($CONFIG['comments_sort_descending'] == 1) { $comment_sort_order = 'DESC'; } else { $comment_sort_order = 'ASC'; } $result = cpg_db_query("SELECT COUNT(msg_id) FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'"); list($num) = mysql_fetch_row($result); if ($num) { $limit = $CONFIG['comments_per_page']; $max = ceil($num / $limit); if ($superCage->get->keyExists('page')) { $page = $superCage->get->getInt('page'); $page = min($page, $max); $page = max(0, $page); } else { if ($CONFIG['comments_sort_descending'] == 1) { $page = 1; } else { $page = $max; } } $start = max(0, $num - ($max - ($page - 1)) * $limit); $location = defined('THEME_HAS_COMMENT_GRAPHICS') ? $THEME_DIR : ''; ob_start(); echo '<br />'; starttable(); echo '<tr><td class="tableh2"><div style="float: left">' . $lang_display_comments['comment'] . ' ' . sprintf($lang_display_comments['comment_x_to_y_of_z'], $start + 1, min($num, $start + $limit), $num) . '</div>'; echo '<div style="float: right">' . $lang_display_comments['page'] . ': '; $links = array(); for ($i = 1; $i <= $max; $i++) { if ($i < 5 || $i > $max - 5 || $i > $page - 5 && $i < $page + 5) { $links[$i] = '<a href="displayimage.php?pid=' . $pid . '&page=' . $i . '#comments_top">' . $i . '</a>'; } } $links[$page] = "<b>{$page}</b>"; echo implode(' - ', $links); echo '</div></td></tr>'; endtable(); echo '<br />'; $html .= $tabs = ob_get_clean(); $result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid, approval FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}' ORDER BY msg_id {$comment_sort_order} LIMIT {$start}, {$limit}"); while ($row = mysql_fetch_assoc($result)) { // while-loop start $user_can_edit = GALLERY_ADMIN_MODE || USER_ID && USER_ID == $row['author_id'] && USER_CAN_POST_COMMENTS || !USER_ID && USER_CAN_POST_COMMENTS && $USER['ID'] == $row['author_md5_id']; if ($user_can_edit != '' && $CONFIG['comment_user_edit'] != 0 || GALLERY_ADMIN_MODE) { $comment_buttons = $tmpl_comments_buttons; $comment_edit_box = $tmpl_comment_edit_box; } else { $comment_buttons = ''; $comment_edit_box = ''; } $comment_ipinfo = $row['msg_raw_ip'] && GALLERY_ADMIN_MODE ? $tmpl_comments_ipinfo : ''; $hide_comment = 0; // comment approval $pending_approval = ''; if (USER_IS_ADMIN) { //display the selector approve/disapprove if ($row['approval'] == 'NO') { $pending_approval = '<img src="' . $location . 'images/icons/comment_disapprove_disabled.png" border="0" alt="" width="16" height="16" class="icon" /><a href="reviewcom.php?pos=-{PID}&msg_id={MSG_ID}&form_token={FORM_TOKEN}&timestamp={TIMESTAMP}&what=approve" title="' . $lang_display_comments['approve'] . '"><img src="' . $location . 'images/icons/comment_approve.png" border="0" alt="" width="16" height="16" class="icon" /></a>'; } else { $pending_approval = '<a href="reviewcom.php?pos=-{PID}&msg_id={MSG_ID}&form_token={FORM_TOKEN}&timestamp={TIMESTAMP}&what=disapprove" title="' . $lang_display_comments['disapprove'] . '"><img src="' . $location . 'images/icons/comment_disapprove.png" border="0" alt="" width="16" height="16" class="icon" /></a><img src="' . $location . 'images/icons/comment_approve_disabled.png" border="0" alt="" width="16" height="16" class="icon" />'; } } else { // user or guest is logged in - start if ($row['approval'] == 'NO') { // the comment is not approved - start if ($user_can_edit) { // the comment comes from the current visitor, display it with a warning that it needs admin approval $pending_approval = '<img src="' . $location . 'images/icons/comment_approval.png" border="0" alt="" width="16" height="16" title="' . $lang_display_comments['pending_approval'] . '" class="icon" />'; } else { // the comment comes from someone else - don't display it at all if ($CONFIG['comment_placeholder'] == 0) { $hide_comment = 1; } else { $row['msg_author'] = $lang_display_comments['unapproved_comment']; $row['msg_body'] = $lang_display_comments['pending_approval_message']; $row['author_id'] = 0; } } } // the comment is not approved - end } // user or guest is logged in - end if ($CONFIG['enable_smilies']) { $comment_body = process_smilies(make_clickable($row['msg_body'])); $smilies = generate_smilies("f{$row['msg_id']}", 'msg_body'); } else { $comment_body = make_clickable($row['msg_body']); $smilies = ''; } // wrap the comment into italics if it isn't approved if ($row['approval'] == 'NO') { $comment_body = '<em>' . $comment_body . '</em>'; $row['msg_author'] = $row['msg_author']; } list($row['ip_detail']) = CPGPluginAPI::filter('ip_information', array('', $row['msg_hdr_ip'])); $ip = $row['msg_hdr_ip'] . $row['ip_detail']; if ($row['msg_hdr_ip'] != $row['msg_raw_ip']) { list($row['ip_detail']) = CPGPluginAPI::filter('ip_information', array('', $row['msg_raw_ip'])); $ip .= ' [' . $row['msg_raw_ip'] . $row['ip_detail'] . ']'; } list($timestamp, $form_token) = getFormToken(); $params = array('{EDIT}' => &$comment_edit_box, '{BUTTONS}' => &$comment_buttons, '{IPINFO}' => &$comment_ipinfo, '{PENDING_APPROVAL}' => &$pending_approval, '{FORM_TOKEN}' => $form_token, '{TIMESTAMP}' => $timestamp); $template = template_eval($template_image_comments, $params); if ($row['author_id'] == 0) { $profile_lnk = stripslashes($row['msg_author']); } else { $profile_lnk = '<a href="profile.php?uid=' . $row['author_id'] . '">' . stripslashes($row['msg_author']) . '</a>'; } $params = array('{MSG_AUTHOR_LNK}' => $profile_lnk, '{MSG_AUTHOR}' => $row['msg_author'], '{MSG_ID}' => $row['msg_id'], '{PID}' => $row['pid'], '{EDIT_TITLE}' => &$lang_display_comments['edit_title'], '{DELETE_TITLE}' => &$lang_display_comments['delete_title'], '{DELETE_ICON}' => '<img src="' . $location . 'images/icons/delete.png" border="0" alt="" width="16" height="16" class="icon" />', '{EDIT_ICON}' => '<img src="' . $location . 'images/icons/edit.png" border="0" alt="" width="16" height="16" class="icon" />', '{CONFIRM_DELETE}' => &$lang_display_comments['confirm_delete'], '{MSG_DATE}' => localised_date($row['msg_date'], $lang_date['comment']), '{MSG_BODY}' => bb_decode($comment_body), '{MSG_BODY_RAW}' => $row['msg_body'], '{OK}' => &$lang_common['ok'], '{SMILIES}' => $smilies, '{IP}' => $ip, '{REPORT_COMMENT_TITLE}' => &$lang_display_comments['report_comment_title'], '{REPORT_COMMENT_ICON}' => '<img src="' . $location . 'images/icons/report.png" border="0" alt="" width="16" height="16" class="icon" />', '{WIDTH}' => $CONFIG['picture_table_width'] == "100%" ? $CONFIG['main_table_width'] : $CONFIG['picture_table_width'], '{FORM_TOKEN}' => $form_token, '{TIMESTAMP}' => $timestamp); if ($hide_comment != 1) { $html .= template_eval($template, $params); } } // while-loop end $html .= $tabs; } if (USER_CAN_POST_COMMENTS && $CURRENT_ALBUM_DATA['comments'] == 'YES') { if (USER_ID) { $user_name_input = '<tr><td colspan="2"><input type="hidden" name="msg_author" value="' . stripslashes(USER_NAME) . '" /></td>'; template_extract_block($template_add_your_comment, 'user_name_input', $user_name_input); $user_name = ''; } else { if (isset($USER['name'])) { $user_name = strtr($USER['name'], $HTML_SUBST); } else { $user_name = $lang_display_comments['your_name']; } } if ($CONFIG['comment_captcha'] == 0 || $CONFIG['comment_captcha'] == 2 && USER_ID) { template_extract_block($template_add_your_comment, 'comment_captcha'); } else { $template_add_your_comment = CPGPluginAPI::filter('captcha_comment_print', $template_add_your_comment); } if ($CONFIG['show_bbcode_help']) { $captionLabel = ' ' . cpg_display_help('f=empty.htm&h=lang_bbcode_help_title&t=lang_bbcode_help', 470, 245); } list($timestamp, $form_token) = getFormToken(); $params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'], '{NAME}' => $lang_display_comments['name'], '{COMMENT}' => $lang_display_comments['comment'], '{CONFIRM}' => $lang_common['confirm'] . ' ' . cpg_display_help('f=empty.htm&h=lang_common[captcha_help_title]&t=lang_common[captcha_help]', 470, 245), '{PIC_ID}' => $pid, '{USER_NAME}' => $user_name, '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'], '{OK}' => $lang_common['ok'], '{OK_ICON}' => cpg_fetch_icon('ok', 1), '{DEFAULT_USERNAME}' => $lang_display_comments['your_name'], '{DEFAULT_USERNAME_MESSAGE}' => $lang_display_comments['default_username_message'], '{SMILIES}' => '', '{WIDTH}' => $CONFIG['picture_table_width'] == "100%" ? $CONFIG['main_table_width'] : $CONFIG['picture_table_width'], '{HELP_ICON}' => $captionLabel, '{FORM_TOKEN}' => $form_token, '{TIMESTAMP}' => $timestamp); if ($CONFIG['enable_smilies']) { $params['{SMILIES}'] = generate_smilies(); } else { template_extract_block($template_add_your_comment, 'smilies'); } template_extract_block($template_add_your_comment, 'login_to_comment'); if ($CONFIG['comments_sort_descending'] == 1) { $html = '<br />' . template_eval($template_add_your_comment, $params) . $html; } else { $html .= template_eval($template_add_your_comment, $params); } } else { // user can not post comments if ($CONFIG['comment_promote_registration'] == 1 && $CURRENT_ALBUM_DATA['comments'] == 'YES') { template_extract_block($template_add_your_comment, 'user_name_input'); if ($CONFIG['enable_smilies'] == 1) { template_extract_block($template_add_your_comment, 'input_box_smilies'); } else { template_extract_block($template_add_your_comment, 'input_box_no_smilies'); } template_extract_block($template_add_your_comment, 'comment_captcha'); template_extract_block($template_add_your_comment, 'smilies'); template_extract_block($template_add_your_comment, 'submit'); $params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'], '{WIDTH}' => $CONFIG['picture_table_width'] == "100%" ? $CONFIG['main_table_width'] : $CONFIG['picture_table_width'], '{LOGIN_TO_COMMENT}' => sprintf($lang_display_comments['log_in_to_comment'], '<a href="login.php?referer=' . $REFERER . '">', '</a>'), '{HELP_ICON}' => ''); if ($CONFIG['comments_sort_descending'] == 1) { $html = '<br />' . template_eval($template_add_your_comment, $params) . $html; } else { $html .= template_eval($template_add_your_comment, $params); } } } return $html; }
function get_pic_data($album, &$count, &$album_name, $limit1 = -1, $limit2 = -1, $set_caption = true) { global $USER, $CONFIG, $ALBUM_SET, $CURRENT_CAT_NAME, $CURRENT_ALBUM_KEYWORD, $HTTP_GET_VARS, $HTML_SUBST, $THEME_DIR, $FAVPICS; global $album_date_fmt, $lastcom_date_fmt, $lastup_date_fmt, $lasthit_date_fmt; global $lang_get_pic_data, $lang_meta_album_names, $lang_errors; $sort_array = array('na' => 'filename ASC', 'nd' => 'filename DESC', 'ta' => 'title ASC', 'td' => 'title DESC', 'da' => 'pid ASC', 'dd' => 'pid DESC'); $sort_code = isset($USER['sort']) ? $USER['sort'] : $CONFIG['default_sort_order']; $sort_order = isset($sort_array[$sort_code]) ? $sort_array[$sort_code] : $sort_array[$CONFIG['default_sort_order']]; $limit = $limit1 != -1 ? ' LIMIT ' . $limit1 : ''; $limit .= $limit2 != -1 ? ' ,' . $limit2 : ''; if ($limit2 == 1) { $select_columns = '*'; } else { $select_columns = 'pid, filepath, filename, url_prefix, filesize, pwidth, pheight, ctime, aid'; } // Keyword if (!empty($CURRENT_ALBUM_KEYWORD)) { $keyword = "OR keywords like '%{$CURRENT_ALBUM_KEYWORD}%'"; } else { $keyword = ''; } // Regular albums if (is_numeric($album)) { $album_name_keyword = get_album_name($album); $album_name = $album_name_keyword['title']; $album_keyword = $album_name_keyword['keyword']; if (!empty($album_keyword)) { $keyword = "OR keywords like '%{$album_keyword}%'"; } $approved = GALLERY_ADMIN_MODE ? '' : 'AND approved=\'YES\''; $result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE aid='{$album}' {$keyword} {$approved} {$ALBUM_SET}"); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); if ($select_columns != '*') { $select_columns .= ', title, caption,hits,owner_id,owner_name'; } $result = db_query("SELECT {$select_columns} from {$CONFIG['TABLE_PICTURES']} WHERE aid='{$album}' {$keyword} {$approved} {$ALBUM_SET} ORDER BY {$sort_order} {$limit}"); $rowset = db_fetch_rowset($result); mysql_free_result($result); // Set picture caption if ($set_caption) { foreach ($rowset as $key => $row) { $caption = "<span class=\"thumb_title\">"; $caption .= $rowset[$key]['title'] || $rowset[$key]['hits'] ? $rowset[$key]['title'] : ''; if ($CONFIG['views_in_thumbview']) { if ($rowset[$key]['title']) { $caption .= " – "; } $caption .= sprintf($lang_get_pic_data['n_views'], $rowset[$key]['hits']); } $caption .= "</span>"; if ($CONFIG['caption_in_thumbview']) { $caption .= $rowset[$key]['caption'] ? "<span class=\"thumb_caption\">" . bb_decode($rowset[$key]['caption']) . "</span>" : ''; } if ($CONFIG['display_comment_count']) { $comments_nr = count_pic_comments($row['pid']); if ($comments_nr > 0) { $caption .= "<span class=\"thumb_num_comments\">" . sprintf($lang_get_pic_data['n_comments'], $comments_nr) . "</span>"; } } if ($CONFIG['display_uploader']) { $caption .= '<span class="thumb_title"><a href ="profile.php?uid=' . $rowset[$key]['owner_id'] . '">' . $rowset[$key]['owner_name'] . '</a></span>'; } $rowset[$key]['caption_text'] = $caption; } } return $rowset; } // Meta albums switch ($album) { case 'lastcom': // Last comments if ($ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $album_name = $lang_meta_album_names['lastcom'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['lastcom']; } $query = "SELECT COUNT(*) from {$CONFIG['TABLE_COMMENTS']}, {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND {$CONFIG['TABLE_COMMENTS']}.pid = {$CONFIG['TABLE_PICTURES']}.pid {$keyword} {$ALBUM_SET}"; $result = db_query($query); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); if ($select_columns == '*') { $select_columns = 'p.*'; } else { $select_columns = str_replace('pid', 'c.pid', $select_columns) . ', msg_id, author_id, msg_author, UNIX_TIMESTAMP(msg_date) as msg_date, msg_body, aid'; } $TMP_SET = str_replace($CONFIG['TABLE_PICTURES'], 'p', $ALBUM_SET); $result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_COMMENTS']} as c, {$CONFIG['TABLE_PICTURES']} as p WHERE approved = 'YES' AND c.pid = p.pid {$keyword} {$TMP_SET} ORDER by msg_id DESC {$limit}"); $rowset = db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { foreach ($rowset as $key => $row) { if ($row['author_id']) { $user_link = '<a href ="profile.php?uid=' . $row['author_id'] . '">' . $row['msg_author'] . '</a>'; } else { $user_link = $row['msg_author']; } $msg_body = strlen($row['msg_body']) > 50 ? @substr($row['msg_body'], 0, 50) . "..." : $row['msg_body']; if ($CONFIG['enable_smilies']) { $msg_body = process_smilies($msg_body); } $caption = '<span class="thumb_title">' . $user_link . '</span>' . '<span class="thumb_caption">' . localised_date($row['msg_date'], $lastcom_date_fmt) . '</span>' . '<span class="thumb_caption">' . $msg_body . '</span>'; $rowset[$key]['caption_text'] = $caption; } } return $rowset; break; case 'lastcomby': // Last comments by a specific user if (isset($USER['uid'])) { $uid = (int) $USER['uid']; } else { $uid = -1; } $user_name = get_username($uid); if ($ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $album_name = $lang_meta_album_names['lastcom'] . ' - ' . $CURRENT_CAT_NAME . ' - ' . $user_name; } else { $album_name = $lang_meta_album_names['lastcom'] . ' - ' . $user_name; } $result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_COMMENTS']}, {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND author_id = '{$uid}' AND {$CONFIG['TABLE_COMMENTS']}.pid = {$CONFIG['TABLE_PICTURES']}.pid {$ALBUM_SET}"); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); if ($select_columns == '*') { $select_columns = 'p.*'; } else { $select_columns = str_replace('pid', 'c.pid', $select_columns) . ', msg_id, author_id, msg_author, UNIX_TIMESTAMP(msg_date) as msg_date, msg_body, aid'; } $result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_COMMENTS']} as c, {$CONFIG['TABLE_PICTURES']} as p WHERE approved = 'YES' AND author_id = '{$uid}' AND c.pid = p.pid {$ALBUM_SET} ORDER by msg_id DESC {$limit}"); $rowset = db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { foreach ($rowset as $key => $row) { if ($row['author_id']) { $user_link = '<a href ="profile.php?uid=' . $row['author_id'] . '">' . $row['msg_author'] . '</a>'; } else { $user_link = $row['msg_author']; } $caption = '<span class="thumb_title">' . $user_link . '</span>' . '<span class="thumb_caption">' . localised_date($row['msg_date'], $lastcom_date_fmt) . '</span>' . '<span class="thumb_caption">' . $row['msg_body'] . '</span>'; $rowset[$key]['caption_text'] = $caption; } } return $rowset; break; case 'lastup': // Last uploads if ($ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['lastup'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['lastup']; } $result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$ALBUM_SET}"); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); if ($select_columns != '*') { $select_columns .= ',title, caption, owner_id, owner_name, aid'; } $result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$ALBUM_SET} ORDER BY pid DESC {$limit}"); $rowset = db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { foreach ($rowset as $key => $row) { $user_link = $CONFIG['display_uploader'] && $row['owner_id'] && $row['owner_name'] ? '<span class="thumb_title"><a href ="profile.php?uid=' . $row['owner_id'] . '">' . $row['owner_name'] . '</a></span>' : ''; $caption = $user_link . '<span class="thumb_caption">' . localised_date($row['ctime'], $lastup_date_fmt) . '</span>'; $rowset[$key]['caption_text'] = $caption; } } return $rowset; break; case 'lastupby': // Last uploads by a specific user if (isset($USER['uid'])) { $uid = (int) $USER['uid']; } else { $uid = -1; } $user_name = get_username($uid); if ($ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['lastup'] . ' - ' . $CURRENT_CAT_NAME . ' - ' . $user_name; } else { $album_name = $lang_meta_album_names['lastup'] . ' - ' . $user_name; } $result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND owner_id = '{$uid}' {$ALBUM_SET}"); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); if ($select_columns != '*') { $select_columns .= ', owner_id, owner_name, aid'; } $result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND owner_id = '{$uid}' {$ALBUM_SET} ORDER BY pid DESC {$limit}"); $rowset = db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { foreach ($rowset as $key => $row) { if ($row['owner_id'] && $row['owner_name']) { $user_link = '<span class="thumb_title"><a href ="profile.php?uid=' . $row['owner_id'] . '">' . $row['owner_name'] . '</a></span>'; } else { $user_link = ''; } $caption = $user_link . '<span class="thumb_caption">' . localised_date($row['ctime'], $lastup_date_fmt) . '</span>'; $rowset[$key]['caption_text'] = $caption; } } return $rowset; break; case 'topn': // Most viewed pictures if ($ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['topn'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['topn']; } $query = "SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND hits > 0 {$ALBUM_SET} {$keyword}"; $result = db_query($query); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); if ($select_columns != '*') { $select_columns .= ', hits, aid, filename'; } $result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES'AND hits > 0 {$ALBUM_SET} {$keyword} ORDER BY hits DESC, filename {$limit}"); $rowset = db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { foreach ($rowset as $key => $row) { $caption = "<span class=\"thumb_caption\">" . sprintf($lang_get_pic_data['n_views'], $row['hits']) . '</span>'; $rowset[$key]['caption_text'] = $caption; } } return $rowset; break; case 'toprated': // Top rated pictures if ($ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['toprated'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['toprated']; } $result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND votes >= '{$CONFIG['min_votes_for_rating']}' {$ALBUM_SET}"); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); if ($select_columns != '*') { $select_columns .= ', pic_rating, votes, aid'; } $result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND votes >= '{$CONFIG['min_votes_for_rating']}' {$ALBUM_SET} ORDER BY ROUND((pic_rating+1)/2000) DESC, votes DESC {$limit}"); $rowset = db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { foreach ($rowset as $key => $row) { if (defined('THEME_HAS_RATING_GRAPHICS')) { $prefix = $THEME_DIR; } else { $prefix = ''; } $caption = "<span class=\"thumb_caption\">" . '<img src="' . $prefix . 'images/rating' . round($row['pic_rating'] / 2000) . '.gif" align="absmiddle"/>' . '<br />' . sprintf($lang_get_pic_data['n_votes'], $row['votes']) . '</span>'; $rowset[$key]['caption_text'] = $caption; } } return $rowset; break; case 'lasthits': // Last viewed pictures if ($ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['lasthits'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['lasthits']; } $result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$ALBUM_SET}"); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); if ($select_columns != '*') { $select_columns .= ', UNIX_TIMESTAMP(mtime) as mtime, aid'; } $result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$ALBUM_SET} ORDER BY mtime DESC {$limit}"); $rowset = db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { foreach ($rowset as $key => $row) { $caption = "<span class=\"thumb_caption\">" . localised_date($row['mtime'], $lasthit_date_fmt) . '</span>'; $rowset[$key]['caption_text'] = $caption; } } return $rowset; break; case 'random': // Random pictures if ($ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['random'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['random']; } $result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$ALBUM_SET}"); $nbEnr = mysql_fetch_array($result); $pic_count = $nbEnr[0]; mysql_free_result($result); if ($select_columns != '*') { $select_columns .= ', aid'; } // if we have more than 1000 pictures, we limit the number of picture returned // by the SELECT statement as ORDER BY RAND() is time consuming /* Commented out due to image not found bug if ($pic_count > 1000) { $result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES'"); $nbEnr = mysql_fetch_array($result); $total_count = $nbEnr[0]; mysql_free_result($result); $granularity = floor($total_count / RANDPOS_MAX_PIC); $cor_gran = ceil($total_count / $pic_count); srand(time()); for ($i=1; $i<= $cor_gran; $i++) $random_num_set =rand(0, $granularity).', '; $random_num_set = substr($random_num_set,0, -2); $result = db_query("SELECT $select_columns FROM {$CONFIG['TABLE_PICTURES']} WHERE randpos IN ($random_num_set) AND approved = 'YES' $ALBUM_SET ORDER BY RAND() LIMIT $limit2"); } else { */ $sql = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$ALBUM_SET} ORDER BY RAND() LIMIT {$limit2}"; $result = db_query($sql); $rowset = array(); while ($row = mysql_fetch_array($result)) { $row['caption_text'] = ''; $rowset[-$row['pid']] = $row; } mysql_free_result($result); return $rowset; break; case 'search': // Search results if (isset($USER['search'])) { $search_string = $USER['search']; } else { $search_string = ''; } if (substr($search_string, 0, 3) == '###') { $query_all = 1; $search_string = substr($search_string, 3); } else { $query_all = 0; } if ($ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['search'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['search'] . ' - "' . strtr($search_string, $HTML_SUBST) . '"'; } include 'include/search.inc.php'; return $rowset; break; case 'lastalb': // Last albums to which uploads if ($ALBUM_SET && $CURRENT_CAT_NAME) { $album_name = $lang_meta_album_names['lastalb'] . ' - ' . $CURRENT_CAT_NAME; } else { $album_name = $lang_meta_album_names['lastalb']; } $ALBUM_SET = str_replace("aid", $CONFIG['TABLE_PICTURES'] . ".aid", $ALBUM_SET); $result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$ALBUM_SET}"); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); $result = db_query("SELECT *,{$CONFIG['TABLE_ALBUMS']}.title AS title,{$CONFIG['TABLE_ALBUMS']}.aid AS aid FROM {$CONFIG['TABLE_PICTURES']},{$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND approved = 'YES' {$ALBUM_SET} GROUP BY {$CONFIG['TABLE_PICTURES']}.aid ORDER BY {$CONFIG['TABLE_PICTURES']}.ctime DESC {$limit}"); $rowset = db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { foreach ($rowset as $key => $row) { $caption = "<span class=\"thumb_caption\">" . $row['title'] . " - " . localised_date($row['ctime'], $lastup_date_fmt) . '</span>'; $rowset[$key]['caption_text'] = $caption; } } return $rowset; break; case 'favpics': // Favourite Pictures $album_name = $lang_meta_album_names['favpics']; $rowset = array(); if (count($FAVPICS) > 0) { $favs = implode(",", $FAVPICS); $result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND pid IN ({$favs})"); $nbEnr = mysql_fetch_array($result); $count = $nbEnr[0]; mysql_free_result($result); $select_columns = '*'; $result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES'AND pid IN ({$favs}) {$limit}"); $rowset = db_fetch_rowset($result); mysql_free_result($result); if ($set_caption) { foreach ($rowset as $key => $row) { $caption = $rowset[$key]['title'] ? "<span class=\"thumb_caption\">" . $rowset[$key]['title'] . "</span>" : ''; $rowset[$key]['caption_text'] = $caption; } } } return $rowset; break; default: // Invalid meta album cpg_die(ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } }
function html_comments($pid) { global $CONFIG, $USER, $CURRENT_ALBUM_DATA, $comment_date_fmt, $HTML_SUBST; global $template_image_comments, $template_add_your_comment, $lang_display_comments; $html = ''; if (!$CONFIG['enable_smilies']) { $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_no_smilies', '{EDIT}'); template_extract_block($template_image_comments, 'edit_box_smilies'); template_extract_block($template_add_your_comment, 'input_box_smilies'); } else { $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_smilies', '{EDIT}'); template_extract_block($template_image_comments, 'edit_box_no_smilies'); template_extract_block($template_add_your_comment, 'input_box_no_smilies'); } $tmpl_comments_buttons = template_extract_block($template_image_comments, 'buttons', '{BUTTONS}'); $tmpl_comments_ipinfo = template_extract_block($template_image_comments, 'ipinfo', '{IPINFO}'); $result = db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}' ORDER BY msg_id ASC"); while ($row = mysql_fetch_array($result)) { $user_can_edit = GALLERY_ADMIN_MODE || USER_ID && USER_ID == $row['author_id'] && USER_CAN_POST_COMMENTS || !USER_ID && USER_CAN_POST_COMMENTS && $USER['ID'] == $row['author_md5_id']; $comment_buttons = $user_can_edit ? $tmpl_comments_buttons : ''; $comment_edit_box = $user_can_edit ? $tmpl_comment_edit_box : ''; $comment_ipinfo = $row['msg_raw_ip'] && GALLERY_ADMIN_MODE ? $tmpl_comments_ipinfo : ''; if ($CONFIG['enable_smilies']) { $comment_body = process_smilies(make_clickable($row['msg_body'])); $smilies = generate_smilies("f{$row['msg_id']}", 'msg_body'); } else { $comment_body = make_clickable($row['msg_body']); $smilies = ''; } $params = array('{EDIT}' => &$comment_edit_box, '{BUTTONS}' => &$comment_buttons, '{IPINFO}' => &$comment_ipinfo); $template = template_eval($template_image_comments, $params); $params = array('{MSG_AUTHOR}' => $row['msg_author'], '{MSG_ID}' => $row['msg_id'], '{EDIT_TITLE}' => &$lang_display_comments['edit_title'], '{CONFIRM_DELETE}' => &$lang_display_comments['confirm_delete'], '{MSG_DATE}' => localised_date($row['msg_date'], $comment_date_fmt), '{MSG_BODY}' => &$comment_body, '{MSG_BODY_RAW}' => $row['msg_body'], '{OK}' => &$lang_display_comments['OK'], '{SMILIES}' => $smilies, '{HDR_IP}' => $row['msg_hdr_ip'], '{RAW_IP}' => $row['msg_raw_ip']); $html .= template_eval($template, $params); } if (USER_CAN_POST_COMMENTS && $CURRENT_ALBUM_DATA['comments'] == 'YES') { if (USER_ID) { $user_name_input = '<input type="hidden" name="msg_author" value="' . USER_NAME . '">'; template_extract_block($template_add_your_comment, 'user_name_input', $user_name_input); $user_name = ''; } else { $user_name = isset($USER['name']) ? '"' . strtr($USER['name'], $HTML_SUBST) . '"' : '"' . $lang_display_comments['your_name'] . '" onClick="javascript:this.value=\'\';"'; } $params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'], '{NAME}' => $lang_display_comments['name'], '{COMMENT}' => $lang_display_comments['comment'], '{PIC_ID}' => $pid, '{USER_NAME}' => $user_name, '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'], '{OK}' => $lang_display_comments['OK'], '{SMILIES}' => ''); if ($CONFIG['enable_smilies']) { $params['{SMILIES}'] = generate_smilies(); } $html .= template_eval($template_add_your_comment, $params); } return $html; }
if (mysql_num_rows($result)) { $user_status = $lang_register_php['banned']; } elseif (isset($user_data['user_active']) && $user_data['user_active'] == 'YES') { $user_status = $lang_usermgr_php['status_active']; } elseif (isset($user_data['user_active']) && $user_data['user_active'] == 'NO') { $user_status = $lang_usermgr_php['status_inactive']; } else { $user_status = ''; } if ($user_thumb != '') { $user_thumb = '<td width="50%" valign="top" align="center">' . '<a href="thumbnails.php?album=lastupby&uid=' . $uid . '">' . '<span class="thumb_title">' . $lang_register_php['last_uploads'] . '<br />' . sprintf($lang_register_php['last_uploads_detail'], $user_data['user_name']) . '<br /></span>' . $user_thumb . '</a></td>'; } $lastComArray = cpgUserLastComment($uid); if ($lastComArray['count'] != 0) { $lastcom = '<td width="50%" valign="top" align="center">' . '<a href="thumbnails.php?album=lastcomby&uid=' . $uid . '">' . '<span class="thumb_title">' . $lang_register_php['last_comments'] . '<br />' . sprintf($lang_register_php['last_comments_detail'], $user_data['user_name']) . '<br /></span>' . $lastComArray['thumb'] . '</a><br />'; $lastcom .= "<span class=\"thumb_caption\">" . localised_date($lastComArray['msg_date'], $lang_date['lastcom']) . '</span>' . "<span class=\"thumb_caption\">" . bb_decode(process_smilies($lastComArray['comment'])) . '</span></td>'; } $quick_jump = $user_thumb . $lastcom ? '<table width="100%" border="0" cellspacing="5"><tr>' . $user_thumb . $lastcom . '</tr></table>' : ''; list($timestamp, $form_token) = getFormToken(); if ($uid == USER_ID) { $adminLink = '<a href="profile.php?op=edit_profile" class="admin_menu">' . $lang_register_php['edit_my_profile'] . '</a>'; } elseif (GALLERY_ADMIN_MODE) { $adminLink = '<a href="usermgr.php?op=edit&user_id=' . $uid . '&form_token=' . $form_token . '×tamp=' . $timestamp . '" class="admin_menu">' . $icon_array['edit'] . sprintf($lang_register_php['edit_xs_profile'], $user_data['user_name']) . '</a>'; } else { $adminLink = ''; } $form_data = array('username' => $user_data['user_name'], 'status' => $user_status, 'reg_date' => localised_date($user_data['user_regdate'], $lang_date['register']), 'group' => $user_data['group_name'], 'user_profile1' => $user_data['user_profile1'], 'user_profile2' => $user_data['user_profile2'], 'user_profile3' => $user_data['user_profile3'], 'user_profile4' => $user_data['user_profile4'], 'user_profile5' => $user_data['user_profile5'], 'user_profile6' => bb_decode($user_data['user_profile6']), 'user_thumb' => $quick_jump, 'pic_count' => cpgUserPicCount($uid), 'admin_link' => $adminLink); $title = sprintf($lang_register_php['x_s_profile'], $user_data['user_name']); pageheader($title); // Displays the profile of any user starttable(-1, cpg_fetch_icon('my_profile', 2) . $title, 2);
// Get picture thumbnail url $result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} p WHERE pid='{$pid}' {$FORBIDDEN_SET}"); if (!$result->numRows()) { cpg_die(ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $row = $result->fetchArray(true); $thumb_pic_url = get_pic_url($row, 'thumb'); if ($what == 'comment') { $result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, approval FROM {$CONFIG['TABLE_COMMENTS']} WHERE msg_id='{$cid}' AND approval = 'YES' AND pid='{$pid}'"); if (!$result->numRows()) { cpg_die(ERROR, $lang_errors['non_exist_comment'], __FILE__, __LINE__); } $row = $result->fetchArray(true); $comment = bb_decode($row['msg_body']); if ($CONFIG['enable_smilies']) { $comment = process_smilies($comment); } $msg_author = $row['msg_author']; $comment_field_name = sprintf($lang_report_php['comment_field_name'], $msg_author); $type = $lang_report_php['type_comment']; $template = $template_report_comment_email; $form_action = "{$CPG_PHP_SELF}?pid={$pid}&msg_id={$cid}&what=comment"; //template_extract_block($template_report_form, 'reason_missing'); //need help to toggle off reason(missing) since doesn't apply to comments } else { //template_extract_block($template_report_form, 'display_comment'); //need help remove comment preview when reporting picture } // Check supplied email address $valid_sender_email = Inspekt::isEmail($sender_email); $invalid_email = '<div class="cpg_message_error">' . $lang_report_php['invalid_email'] . '</div>'; if (!$valid_sender_email && $superCage->post->keyExists('subject')) { $sender_email_warning = $invalid_email;
define('IN_COPPERMINE', true); define('DISPLAYREPORT_PHP', true); require 'include/init.inc.php'; require 'include/smilies.inc.php'; if (!GALLERY_ADMIN_MODE) { cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } if ($superCage->get->keyExists('data')) { $get_data = $superCage->get->getEscaped('data'); } else { cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'], __FILE__, __LINE__); } $data = array(); //$data = @unserialize(@base64_decode($_GET['data'])); $data = @unserialize(@base64_decode($get_data)); if (is_array($data)) { // Remove HTML tags as we can't trust what we receive //foreach($data as $key => $value) $data[$key] = strtr($value, $HTML_SUBST); // Load template parameters if ($data['t'] == 'comment') { $params = array('{LANG_DIR}' => $lang_text_dir, '{TITLE}' => sprintf($lang_report_php['report_subject'], $data['sn'], $data['t']), '{CHARSET}' => $CONFIG['charset'] == 'language file' ? $lang_charset : $CONFIG['charset'], '{VIEW_REPORT_TGT}' => '', '{VIEW_REPORT_LNK}' => '', '{URL_PREFIX}' => '', '{SUBJECT}' => $data['su'], '{MESSAGE}' => nl2br(process_smilies($data['m'])), '{SENDER_EMAIL}' => $data['se'], '{SENDER_NAME}' => $data['sn'], '{VIEW_MORE_TGT}' => $CONFIG['ecards_more_pic_target'], '{VIEW_MORE_LNK}' => $lang_report_php['view_more_pics'], '{REASON}' => $data['r'], '{COMMENT}' => $data['c'], '{COMMENT_ID}' => $data['cid'], '{VIEW_COMMENT_LNK}' => $lang_report_php['view_comment'], '{COMMENT_LNK}' => $lang_report_php['go_comment'], '{COMMENT_TGT}' => "{$CONFIG['ecards_more_pic_target']}displayimage.php?pid=" . $data['pid'] . "#comment" . $data['cid'], '{PID}' => $data['pid']); // Parse template if report is on a comment echo template_eval($template_report_comment, $params); } else { $params = array('{LANG_DIR}' => $lang_text_dir, '{TITLE}' => sprintf($lang_report_php['report_subject'], $data['sn'], $data['t']), '{CHARSET}' => $CONFIG['charset'] == 'language file' ? $lang_charset : $CONFIG['charset'], '{VIEW_REPORT_TGT}' => '', '{VIEW_REPORT_LNK}' => '', '{PIC_URL}' => $data['p'], '{PIC_TGT}' => "{$CONFIG['ecards_more_pic_target']}displayimage.php?pid=" . $data['pid'], '{URL_PREFIX}' => '', '{SUBJECT}' => $data['su'], '{MESSAGE}' => nl2br(process_smilies($data['m'])), '{SENDER_EMAIL}' => $data['se'], '{SENDER_NAME}' => $data['sn'], '{VIEW_MORE_TGT}' => $CONFIG['ecards_more_pic_target'], '{VIEW_MORE_LNK}' => $lang_report_php['view_more_pics'], '{REASON}' => $data['r'], '{PID}' => $data['pid']); // Parse template echo template_eval($template_report, $params); } } else { cpg_die(CRITICAL_ERROR, $lang_report_php['invalid_data'], __FILE__, __LINE__); }
/** * build_caption() * * @param array $rowset by reference * @param array $must_have **/ function build_caption(&$rowset, $must_have = array()) { global $CONFIG, $THEME_DIR; global $album_date_fmt, $lastcom_date_fmt, $lastup_date_fmt, $lasthit_date_fmt, $cat; global $lang_get_pic_data, $lang_meta_album_names, $lang_errors; foreach ($rowset as $key => $row) { $caption = ''; if ($CONFIG['display_filename']) { $caption .= '<span class="thumb_filename">' . $row['filename'] . '</span>'; } $caption .= $row['title'] ? '<span class="thumb_title">' . $row['title'] . '</span>' : ''; if ($CONFIG['views_in_thumbview'] || in_array('hits', $must_have)) { $caption .= '<span class="thumb_title">' . sprintf($lang_get_pic_data['n_views'], $row['hits']) . '</span>'; } if ($CONFIG['caption_in_thumbview']) { $caption .= $row['caption'] ? "<span class=\"thumb_caption\">" . strip_tags(bb_decode($row['caption'])) . "</span>" : ''; } if ($CONFIG['display_comment_count']) { $comments_nr = count_pic_comments($row['pid']); if ($comments_nr > 0) { $caption .= "<span class=\"thumb_num_comments\">" . sprintf($lang_get_pic_data['n_comments'], $comments_nr) . "</span>"; } } if ($CONFIG['display_uploader']) { $caption .= $row['owner_id'] && $row['owner_name'] ? '<span class="thumb_title"><a href ="profile.php?uid=' . $row['owner_id'] . '">' . $row['owner_name'] . '</a></span>' : ''; } if (in_array('msg_date', $must_have)) { $caption .= '<span class="thumb_caption">' . localised_date($row['msg_date'], $lastcom_date_fmt) . '</span>'; } if (in_array('msg_body', $must_have)) { $msg_body = strip_tags(bb_decode($row['msg_body'])); // I didn't want to fully bb_decode the message where report to admin isn't available. -donnoman $msg_body = utf_strlen($msg_body) > 50 ? utf_substr($msg_body, 0, 50) . '...' : $msg_body; if ($CONFIG['enable_smilies']) { $msg_body = process_smilies($msg_body); } if ($row['author_id']) { $caption .= '<span class="thumb_caption"><a href ="profile.php?uid=' . $row['author_id'] . '">' . $row['msg_author'] . '</a>: ' . $msg_body . '</span>'; } else { $caption .= '<span class="thumb_caption">' . $row['msg_author'] . ': ' . $msg_body . '</span>'; } } if (in_array('ctime', $must_have)) { $caption .= '<span class="thumb_caption">' . localised_date($row['ctime'], $lastup_date_fmt) . '</span>'; } if (in_array('pic_rating', $must_have)) { if (defined('THEME_HAS_RATING_GRAPHICS')) { $prefix = $THEME_DIR; } else { $prefix = ''; } $caption .= "<span class=\"thumb_caption\">" . '<img src="' . $prefix . 'images/rating' . round($row['pic_rating'] / 2000) . '.gif" alt=""/>' . '<br />' . sprintf($lang_get_pic_data['n_votes'], $row['votes']) . '</span>'; } if (in_array('mtime', $must_have)) { $caption .= "<span class=\"thumb_caption\">" . localised_date($row['mtime'], $lasthit_date_fmt); if (GALLERY_ADMIN_MODE) { $caption .= "<br/>" . $row['lasthit_ip']; } $caption .= '</span>'; } $rowset[$key]['caption_text'] = $caption; } $rowset = CPGPluginAPI::filter('thumb_caption', $rowset); }
/** * build_caption() * * @param array $rowset by reference * @param array $must_have **/ function build_caption(&$rowset, $must_have = array(), $mode = 'files') { global $CONFIG, $THEME_DIR, $lang_date, $lang_get_pic_data, $cpg_udb; foreach ($rowset as $key => $row) { $caption = ''; if ($CONFIG['display_filename']) { $caption .= '<span class="thumb_filename">' . $row['filename'] . '</span>'; } if (!empty($row['title'])) { $caption .= '<span class="thumb_title thumb_title_title">' . $row['title'] . '</span>'; } if ($CONFIG['views_in_thumbview'] || in_array('hits', $must_have)) { $views = $mode == 'albums' ? $row['alb_hits'] : $row['hits']; $caption .= '<span class="thumb_title thumb_title_views">' . sprintf($lang_get_pic_data['n_views'], $views) . '</span>'; } if ($CONFIG['caption_in_thumbview'] && !empty($row['caption'])) { $caption .= '<span class="thumb_caption thumb_caption_caption">' . strip_tags(bb_decode($row['caption'])) . '</span>'; } if ($CONFIG['display_comment_count'] && $row['pid']) { $comments_nr = count_pic_comments($row['pid']); if ($comments_nr > 0) { $caption .= '<span class="thumb_num_comments">' . sprintf($lang_get_pic_data['n_comments'], $comments_nr) . '</span>'; } } if ($CONFIG['display_uploader']) { if ($row['owner_id']) { $caption .= '<span class="thumb_title thumb_title_owner"><a href="profile.php?uid=' . $row['owner_id'] . '">' . $cpg_udb->get_user_name($row['owner_id']) . '</a></span>'; } } if (in_array('msg_date', $must_have)) { $caption .= '<span class="thumb_caption thumb_caption_msg_date">' . localised_date($row['msg_date'], $lang_date['lastcom']) . '</span>'; } if (in_array('msg_body', $must_have)) { $msg_body = strip_tags(bb_decode($row['msg_body'])); // I didn't want to fully bb_decode the message where report to admin isn't available. -donnoman $msg_body = utf_strlen($msg_body) > 50 ? utf_substr($msg_body, 0, 50) . '...' : $msg_body; if ($CONFIG['enable_smilies']) { $msg_body = process_smilies($msg_body); } if ($row['author_id']) { $caption .= '<span class="thumb_caption thumb_caption_author"><a href="profile.php?uid=' . $row['author_id'] . '">' . $row['msg_author'] . '</a>: ' . $msg_body . '</span>'; } else { $caption .= '<span class="thumb_caption thumb_caption_author">' . $row['msg_author'] . ': ' . $msg_body . '</span>'; } } if (in_array('ctime', $must_have)) { $caption .= '<span class="thumb_caption thumb_caption_ctime">' . localised_date($row['ctime'], $lang_date['lastup']) . '</span>'; } if (in_array('pic_rating', $must_have)) { if (defined('THEME_HAS_RATING_GRAPHICS')) { $prefix = $THEME_DIR; } else { $prefix = ''; } //calculate required amount of stars in picinfo $rating = round($row['pic_rating'] / 2000 / (5 / $CONFIG['rating_stars_amount'])); $rating_images = ''; for ($i = 1; $i <= $CONFIG['rating_stars_amount']; $i++) { if ($i <= $rating) { $rating_images .= '<img src="' . $prefix . 'images/rate_full.png" alt="' . $rating . '"/>'; } else { $rating_images .= '<img src="' . $prefix . 'images/rate_empty.png" alt="' . $rating . '"/>'; } } $caption .= '<span class="thumb_caption thumb_caption_rating">' . $rating_images . '<br />' . sprintf($lang_get_pic_data['n_votes'], $row['votes']) . '</span>'; } if (in_array('mtime', $must_have)) { $caption .= '<span class="thumb_caption thumb_caption_mtime">' . localised_date($row['mtime'], $lang_date['lasthit']); if (GALLERY_ADMIN_MODE) { $caption .= '<br />' . $row['lasthit_ip']; } $caption .= '</span>'; } $rowset[$key]['caption_text'] = $caption; } $rowset = CPGPluginAPI::filter('thumb_caption', $rowset); }
function atom10() { global $CONFIG, $result, $base, $gallery_name, $CURRENT_CAT_NAME, $album, $album_name, $pic_data; $superCage = Inspekt::makeSuperCage(); // Decide what kind of title to be shown if ((int) $album) { $title = " | Album: {$album_name}"; } elseif ($superCage->get->testInt('cat')) { $title = " | Category: {$CURRENT_CAT_NAME}"; } elseif ($album) { $title = ' | ' . strip_tags($album_name); } print "<?xml version=\"1.0\" encoding=\"{$CONFIG['charset']}\"?>\n"; print "<feed xmlns=\"http://www.w3.org/2005/Atom\">\n"; print "<title>{$gallery_name}{$title}</title>\n"; print "<link href=\"{$base}\" />\n"; print "<updated>" . rfc3339date(time()) . "</updated>\n"; print "<author><name>Admin</name></author>\n"; print "<id>{$base}/</id>\n"; print "<generator uri=\"http://coppermine-gallery.net/\" version=\"1.0\">Coppermine Atom Aggregator</generator>\n"; print "<link rel=\"self\" type=\"application/atom+xml\" href=\"{$base}" . $_SERVER["PHP_SELF"] . "?type=atom\" />\n\n"; foreach ($pic_data as $row) { print "\t<entry>\n"; print "\t\t<title> {$row['title']} </title>\n"; print "\t\t<link href=\"{$base}/displayimage.php?pid={$row['pid']}\" />\n"; print "\t\t<id>{$base}/displayimage.php?pid={$row['pid']}</id>\n"; print "\t\t<updated>" . rfc3339date($row['ctime']) . "</updated>\n"; print "\t\t<content type=\"html\">\n"; echo htmlspecialchars("<p><a href=\"{$base}/displayimage.php?pid={$row['pid']}\"><img src=\"{$base}/" . get_pic_url($row, 'thumb') . "\" alt=\"{$row['filename']}\" /></a></p>", ENT_COMPAT, $CONFIG['charset']); echo htmlspecialchars("<p>" . bb_decode($row['caption']) . " </p>", ENT_COMPAT, $CONFIG['charset']); echo htmlspecialchars("<p>" . bb_decode($row['keywords']) . "</p>", ENT_COMPAT, $CONFIG['charset']); if (isset($row['msg_body']) && !empty($row['msg_body'])) { // We have comment for the photo. Must be lastcom metaalbum feed. Display the comment echo htmlspecialchars("<p><b>Comment:</b> (<i>" . date('Y-m-d H:m:s', $row['msg_date']) . "</i>) - {$row['msg_author']}</p>", ENT_COMPAT, $CONFIG['charset']); if ($CONFIG['enable_smilies']) { include_once "include/smilies.inc.php"; $row['msg_body'] = process_smilies($row['msg_body']); } echo htmlspecialchars("<p>" . bb_decode($row['msg_body']) . " </p>", ENT_COMPAT, $CONFIG['charset']); } print "\n\t\t</content>\n"; print "\t</entry>\n"; print "\n"; } print "</feed>"; }
function fix_displayimage() { // no specifics for Thumbnail page today. if (!defined("DISPLAYIMAGE_PHP")) { return; } global $CONFIG, $film_strip; global $CURRENT_PIC_DATA, $CURRENT_ALBUM_DATA, $comments, $picture, $votes, $pic_info, $template_display_media, $THEME_DIR; global $saved_template_image_comments, $saved_template_add_your_comment, $lang_display_comments, $lang_contest, $template_image_rating; if (!array_key_exists('aid', $CURRENT_ALBUM_DATA)) { return; } //checks if current album is a contest - not extracted in displayimage.php $result = cpg_db_query("SELECT contest FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$CURRENT_ALBUM_DATA['aid']}'"); if ($row = mysql_fetch_row($result)) { $CURRENT_ALBUM_DATA['contest'] = $row[0]; } else { return; } // display the votes as a voting page. if ($CURRENT_ALBUM_DATA['votes'] != 'YES' && $CURRENT_ALBUM_DATA['contest'] == 'YES') { if (!defined('MAX_RATING')) { define('MAX_RATING', 5); } $title = $lang_contest['result']; $votetext = $CURRENT_PIC_DATA['votes'] ? sprintf($lang_contest['evaluation'], round($CURRENT_PIC_DATA['pic_rating'] / 2000, 1), MAX_RATING, $CURRENT_PIC_DATA['votes']) : $lang_rate_pic['no_votes']; $votes = $template_image_rating; $pattern = "#(<a href)(.*?)(</a>)#s"; if (preg_match_all($pattern, $votes, $matches)) { foreach ($matches[0] as $key => $match) { if (preg_match("rating", $match)) { $votes = ereg_replace(preg_quote($match), "", $votes); } } } $votes = ereg_replace("{VOTES}", $votetext, $votes); $votes = ereg_replace("{TITLE}", $title, $votes); $votes = ereg_replace("{LOCATION}", $THEME_DIR, $votes); if (preg_match("<!-- BEGIN rating_boxes -->", $votes)) { template_extract_block($votes, 'rating_boxes', ''); } } //to be used only for contests in progress if ($CURRENT_ALBUM_DATA['votes'] == 'YES' && $CURRENT_ALBUM_DATA['contest'] == 'YES') { // do not display pic infos,owner names, captions $pic_info = ""; $pattern = "#(<!-- BEGIN img_desc -->)(.*?)(<!-- END img_desc -->)#s"; if (preg_match($pattern, $picture, $matches)) { $picture = str_replace($matches[0], $matches[1] . $matches[3], $picture); } //findout which image has already been noted by user in the contest and show them with a square in the film strip $myvotes = array(); $query = "SELECT concat(filepath,'{$CONFIG['thumb_pfx']}',filename) FROM `{$CONFIG['TABLE_PREFIX']}user_votes` AS T1, `{$CONFIG['TABLE_PREFIX']}pictures` AS T2 WHERE T1.pid=T2.pid AND user_id = " . USER_ID; $result = cpg_db_query($query); while ($row = mysql_fetch_row($result)) { $myvotes[] = $row[0]; } $pattern = "#(<img )(.*?albums.*?)(\" border=\"0\")(.*?)(/>)#s"; if (preg_match_all($pattern, $film_strip, $matches)) { foreach ($matches[0] as $key => $match) { foreach ($myvotes as $v) { if (strpos($match, $v) !== FALSE) { $matches[3][$key] = " style=\"border:1pix;border-color:grey;\""; break; } } $film_strip = ereg_replace(preg_quote($match), $matches[1][$key] . $matches[2][$key] . $matches[3][$key] . $matches[4][$key] . $matches[5][$key], $film_strip); } $film_strip = ereg_replace("class=\"image\"", "", $film_strip); } //removes alt and title from film_strip $pattern = "#(alt=\")(.*?)(\")#s"; if (preg_match_all($pattern, $film_strip, $matches)) { foreach ($matches[0] as $key => $match) { $film_strip = ereg_replace(preg_quote($match), "", $film_strip); } } $pattern = "#(title=\")(.*?)(\")#s"; if (preg_match_all($pattern, $film_strip, $matches)) { foreach ($matches[0] as $key => $match) { $film_strip = ereg_replace(preg_quote($match), "", $film_strip); } } //and try to set a border on current vote $result = cpg_db_query("SELECT rating FROM `{$CONFIG['TABLE_PREFIX']}user_votes` WHERE pid = {$CURRENT_PIC_DATA['pid']} AND user_id = " . USER_ID); if ($row = mysql_fetch_row($result)) { $pattern = "#(<img.*?rating{$row[0]}.*?)(border=\"0\")(.*?/>)#s"; if (preg_match($pattern, $votes, $matches)) { $votes = ereg_replace(preg_quote($matches[0]), $matches[1] . "border=\"2\"" . $matches[3], $votes); } } // find if user can vote (not own image) and if can vote verifies that the voting block is not hidden if ($CURRENT_PIC_DATA['owner_id'] == USER_ID || !USER_CAN_RATE_PICTURES) { //<a href="javascript:location.href='./ratepic.php?pic=22&rate=1'" title="Beurk"><img src="themes/alphadxd/images/rating1.gif" border="0" alt="Beurk" /></a> $pattern = "#(<a href.*?ratepic.*?\\>)(.*?)(</a>)#s"; if (preg_match_all($pattern, $votes, $matches)) { foreach ($matches[0] as $key => $match) { $votes = ereg_replace(preg_quote($match), $matches[2][$key], $votes); } } } else { $votes = ereg_replace(preg_quote("display: none;"), "", $votes); } // only display current user's comments in a contest if ($CURRENT_ALBUM_DATA['comments'] != 'YES') { return; } $comments = ''; $pid = $CURRENT_PIC_DATA['pid']; if (!$CONFIG['enable_smilies']) { $tmpl_comment_edit_box = template_extract_block($saved_template_image_comments, 'edit_box_no_smilies', '{EDIT}'); template_extract_block($saved_template_image_comments, 'edit_box_smilies'); template_extract_block($saved_template_add_your_comment, 'input_box_smilies'); } else { $tmpl_comment_edit_box = template_extract_block($saved_template_image_comments, 'edit_box_smilies', '{EDIT}'); template_extract_block($saved_template_image_comments, 'edit_box_no_smilies'); template_extract_block($saved_template_add_your_comment, 'input_box_no_smilies'); } $tmpl_comments_buttons = template_extract_block($saved_template_image_comments, 'buttons', '{BUTTONS}'); template_extract_block($saved_template_image_comments, 'ipinfo', ''); //suppressed by PL template_extract_block($saved_template_image_comments, 'report_comment_button'); // won't report on own comment, would we? $newpostok = true; $query = "SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}' AND msg_author='" . USER_NAME . "' ORDER BY msg_id DESC LIMIT 1"; $result = cpg_db_query($query); if ($row = mysql_fetch_array($result)) { $user_can_edit = true; $comment_buttons = $tmpl_comments_buttons; $comment_edit_box = $tmpl_comment_edit_box; if ($CONFIG['enable_smilies']) { $comment_body = process_smilies(make_clickable($row['msg_body'])); $smilies = generate_smilies("f{$row['msg_id']}", 'msg_body'); } else { $comment_body = make_clickable($row['msg_body']); $smilies = ''; } $params = array('{EDIT}' => &$tmpl_comment_edit_box, '{BUTTONS}' => &$tmpl_comments_buttons); $template = template_eval($saved_template_image_comments, $params); $params = array('{MSG_AUTHOR}' => stripslashes($row['msg_author']), '{MSG_ID}' => $row['msg_id'], '{PID}' => $row['pid'], '{EDIT_TITLE}' => &$lang_display_comments['edit_title'], '{CONFIRM_DELETE}' => &$lang_display_comments['confirm_delete'], '{MSG_DATE}' => localised_date($row['msg_date'], '%d %B %Y'), '{MSG_BODY}' => bb_decode($comment_body), '{MSG_BODY_RAW}' => $row['msg_body'], '{OK}' => &$lang_display_comments['OK'], '{SMILIES}' => $smilies, '{REPORT_COMMENT_TITLE}' => &$lang_display_comments['report_comment_title'], '{WIDTH}' => $CONFIG['picture_table_width']); $comments .= template_eval($template, $params); $newpostok = false; // only 1 comment per author } if (USER_ID == $CURRENT_PIC_DATA['owner_id'] || USER_ID == 0) { $newpostok = false; } if ($newpostok) { $user_name_input = '<tr><td><input type="hidden" name="msg_author" value="' . stripslashes(USER_NAME) . '" /></td>'; template_extract_block($saved_template_add_your_comment, 'user_name_input', $user_name_input); $user_name = ''; $params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'], '{NAME}' => $lang_display_comments['name'], '{COMMENT}' => "", '{PIC_ID}' => $pid, '{USER_NAME}' => $user_name, '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'], '{OK}' => $lang_display_comments['OK'], '{SMILIES}' => '', '{WIDTH}' => $CONFIG['picture_table_width']); if ($CONFIG['enable_smilies']) { $params['{SMILIES}'] = generate_smilies(); } else { template_extract_block($saved_template_add_your_comment, 'smilies'); } $comments .= template_eval($saved_template_add_your_comment, $params); } } }
if ($CONFIG['log_mode'] != 0) { log_write("Sending an ecard failed (sender name: {$sender_name}, sender email address: {$sender_email}, recipient name: {$recipient_name}, recipient email address: {$recipient_email}, IP: {$raw_ip}", CPG_MAIL_LOG); } cpg_die(ERROR, $lang_ecard_php['send_failed'], __FILE__, __LINE__); } } } elseif ($superCage->post->keyExists('preview')) { if ($CONFIG['make_intermediate'] && max($row['pwidth'], $row['pheight']) > $CONFIG['picture_width']) { $n_picname = get_pic_url($row, 'normal'); } else { $n_picname = get_pic_url($row, 'fullsize'); } if (!stristr($n_picname, 'http:')) { $n_picname = $gallery_url_prefix . $n_picname; } $msg_content = process_smilies($message, $gallery_url_prefix); $data = array('sn' => $superCage->post->noTags('sender_name'), 'se' => $sender_email, 'p' => $n_picname, 'g' => $greetings, 'm' => $message, 'pid' => $pid, 'pt' => $pic_title, 'pc' => $pic_caption); $encoded_data = urlencode(base64_encode(serialize($data))); $params = array('{LANG_DIR}' => $lang_text_dir, '{TITLE}' => sprintf($lang_ecard_php['ecard_title'], $sender_name), '{CHARSET}' => $CONFIG['charset'] == 'language file' ? $lang_charset : $CONFIG['charset'], '{VIEW_ECARD_TGT}' => "{$gallery_url_prefix}displayecard.php?data={$encoded_data}", '{VIEW_ECARD_LNK}' => $lang_ecard_php['preview_view_ecard'], '{PIC_URL}' => $n_picname, '{URL_PREFIX}' => $gallery_url_prefix, '{GREETINGS}' => $greetings, '{MESSAGE}' => bb_decode($msg_content), '{SENDER_EMAIL}' => $sender_email, '{SENDER_NAME}' => $sender_name, '{VIEW_MORE_TGT}' => $CONFIG['ecards_more_pic_target'], '{VIEW_MORE_LNK}' => $lang_ecard_php['view_more_pics'], '{PID}' => $pid, '{PIC_TITLE}' => $pic_title, '{PIC_CAPTION}' => bb_decode($pic_caption), '{PIC_MARKUP}' => $pic_markup); $eccontent = template_eval($template_ecard, $params); if (preg_match('#<body[^>]*>(.*)</body>#s', $eccontent, $matches)) { $eccontent = $matches[1]; } starttable('100%', $icon_array['preview_table'] . $lang_ecard_php['preview']); echo '<tr><td>'; echo $eccontent; echo '</td></tr>'; endtable(); echo '<br />'; } if ($CONFIG['show_bbcode_help']) {
EOT; $sort_codes = array('name_a' => 'msg_author ASC', 'name_d' => 'msg_author DESC', 'date_a' => 'msg_id ASC', 'date_d' => 'msg_id DESC', 'comment_a' => 'msg_body ASC', 'comment_d' => 'msg_body DESC', 'file_a' => 'pid ASC', 'file_d' => 'pid DESC'); $sort = !isset($_GET['sort']) || !isset($sort_codes[$_GET['sort']]) ? 'date_d' : $_GET['sort']; $result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, {$CONFIG['TABLE_COMMENTS']}.pid as pid, aid, filepath, filename, url_prefix, pwidth, pheight FROM {$CONFIG['TABLE_COMMENTS']}, {$CONFIG['TABLE_PICTURES']} WHERE {$CONFIG['TABLE_COMMENTS']}.pid = {$CONFIG['TABLE_PICTURES']}.pid ORDER BY {$sort_codes[$sort]} LIMIT {$start}, {$count}"); $rowcounter = 0; while ($row = mysql_fetch_array($result)) { $thumb_url = get_pic_url($row, 'thumb'); if (!is_image($row['filename'])) { $image_info = getimagesize($thumb_url); $row['pwidth'] = $image_info[0]; $row['pheight'] = $image_info[1]; } $image_size = compute_img_size($row['pwidth'], $row['pheight'], $CONFIG['alb_list_thumb_size']); $thumb_link = 'displayimage.php?pos=' . -$row['pid']; $msg_date = localised_date($row['msg_date'], $comment_date_fmt); $msg_body = bb_decode(process_smilies($row['msg_body'])); $rowcounter++; if ($rowcounter >= 2) { //let the row colors alternate, for now they are the same $rowcounter = 0; $tableclass = 'tableb'; // change to "tableh2_compact" or similar for alternation } else { $tableclass = 'tableb'; } // build a link to the author's profile if applicable if ($row['author_id'] != 0) { $profile_link_start = '<a href="profile.php?uid=' . $row['author_id'] . '">'; $profile_link_end = '</a>'; } else { $profile_link_start = '';
$sql = "SELECT filepath, filename, url_prefix, pwidth, pheight, msg_author, UNIX_TIMESTAMP(msg_date) as msg_date, msg_body " . "FROM {$CONFIG['TABLE_COMMENTS']} AS c, {$CONFIG['TABLE_PICTURES']} AS p " . "WHERE msg_id='" . $lastcom_id . "' AND c.pid = p.pid"; $result = cpg_db_query($sql); if (mysql_num_rows($result)) { $row = mysql_fetch_array($result); mysql_free_result($result); $pic_url = get_pic_url($row, 'thumb'); if (!is_image($row['filename'])) { $image_info = getimagesize(urldecode($pic_url)); $row['pwidth'] = $image_info[0]; $row['pheight'] = $image_info[1]; } $image_size = compute_img_size($row['pwidth'], $row['pheight'], $CONFIG['thumb_width']); $mime_content = cpg_get_type($row['filename']); $lastcom = '<img src="' . $pic_url . '" class="image"' . $image_size['geom'] . ' border="0" alt="" />'; $lastcom = '<td width="50%" valign="top" align="center">' . '<a href="thumbnails.php?album=lastcomby&uid=' . $uid . '">' . '<span class="thumb_title">' . $lang_register_php['last_comments'] . ' ' . $user_data['user_name'] . '<br /></span>' . $lastcom . '</a><br />'; $lastcom .= "<span class=\"thumb_caption\">" . localised_date($row['msg_date'], $lastcom_date_fmt) . '</span>' . "<span class=\"thumb_caption\">" . bb_decode(process_smilies($row['msg_body'])) . '</span></td>'; } } $user_thumb = ''; if ($picture_count) { $sql = "SELECT filepath, filename, url_prefix, pwidth, pheight " . "FROM {$CONFIG['TABLE_PICTURES']} " . "WHERE pid='" . $thumb_pid . "'"; $result = cpg_db_query($sql); if (mysql_num_rows($result)) { $picture = mysql_fetch_array($result); mysql_free_result($result); $pic_url = get_pic_url($picture, 'thumb'); if (!is_image($picture['filename'])) { $image_info = getimagesize(urldecode($pic_url)); $picture['pwidth'] = $image_info[0]; $picture['pheight'] = $image_info[1]; }