function format_message($message)
{
if (!function_exists('process_smilies')) {
include BASE_DIR . 'include' . DS . 'smilies.inc.php';
}
return make_clickable(process_smilies(bb_decode($message)));
}
$redirect = "displayimage.php?pos=" . -$pid;
if ($CONFIG['email_comment_notification']) {
$mail_body = "<p>" . bb_decode(process_smilies($msg_body, $CONFIG['ecards_more_pic_target'])) . "</p>\n\r " . $lang_db_input_php['email_comment_body'] . " " . $CONFIG['ecards_more_pic_target'] . (substr($CONFIG["ecards_more_pic_target"], -1) == '/' ? '' : '/') . $redirect;
cpg_mail('admin', $lang_db_input_php['email_comment_subject'], make_clickable($mail_body));
}
pageheader($lang_db_input_php['com_added'], "<meta http-equiv=\"refresh\" content=\"1;url={$redirect}\" />");
msg_box($lang_db_input_php['info'], $lang_db_input_php['com_added'], $lang_continue, $redirect);
pagefooter();
ob_end_flush();
exit;
} else {
// Registered users, we can use Location to redirect
$insert = cpg_db_query("INSERT INTO {$CONFIG['TABLE_COMMENTS']} (pid, msg_author, msg_body, msg_date, author_md5_id, author_id, msg_raw_ip, msg_hdr_ip) VALUES ('{$pid}', '" . addslashes(USER_NAME) . "', '{$msg_body}', NOW(), '', '" . USER_ID . "', '{$raw_ip}', '{$hdr_ip}')");
$redirect = "displayimage.php?pos=" . -$pid;
if ($CONFIG['email_comment_notification'] && !USER_IS_ADMIN) {
$mail_body = "<p>" . bb_decode(process_smilies($msg_body, $CONFIG['ecards_more_pic_target'])) . "</p>\n\r " . $lang_db_input_php['email_comment_body'] . " " . $CONFIG['ecards_more_pic_target'] . (substr($CONFIG["ecards_more_pic_target"], -1) == '/' ? '' : '/') . $redirect;
cpg_mail('admin', $lang_db_input_php['email_comment_subject'], make_clickable($mail_body));
}
$header_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . $redirect);
pageheader($lang_db_input_php['com_added'], "<meta http-equiv=\"refresh\" content=\"1;url={$redirect}\" />");
msg_box($lang_db_input_php['info'], $lang_db_input_php['com_added'], $lang_continue, $redirect);
pagefooter();
ob_end_flush();
exit;
}
break;
// Update album
// Update album
case 'album_update':
if (!(USER_ADMIN_MODE || GALLERY_ADMIN_MODE)) {
$Date: 2008-04-12 12:00:19 +0200 (Sa, 12 Apr 2008) $
**********************************************/
define('IN_COPPERMINE', true);
define('DISPLAYECARD_PHP', true);
require 'include/init.inc.php';
require 'include/smilies.inc.php';
if (!isset($_GET['data'])) {
cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'], __FILE__, __LINE__);
}
$data = array();
$data = @unserialize(@base64_decode($_GET['data']));
// attempt to obtain full link from db if ecard logging enabled and min 12 chars of data is provided and only 1 match
if (!is_array($data) && $CONFIG['log_ecards'] && strlen($_GET['data']) > 12) {
$result = cpg_db_query("SELECT link FROM {$CONFIG['TABLE_ECARDS']} WHERE link LIKE '{$_GET['data']}%'");
if (mysql_num_rows($result) === 1) {
$row = mysql_fetch_assoc($result);
$data = @unserialize(@base64_decode($row['link']));
}
}
if (is_array($data)) {
// Remove HTML tags as we can't trust what we receive
foreach ($data as $key => $value) {
$data[$key] = strtr($value, $HTML_SUBST);
}
// Load template parameters
$params = array('{LANG_DIR}' => $lang_text_dir, '{TITLE}' => sprintf($lang_ecard_php['ecard_title'], $data['sn']), '{CHARSET}' => $CONFIG['charset'] == 'language file' ? $lang_charset : $CONFIG['charset'], '{VIEW_ECARD_TGT}' => '', '{VIEW_ECARD_LNK}' => '', '{PIC_URL}' => $data['p'], '{URL_PREFIX}' => '', '{GREETINGS}' => $data['g'], '{MESSAGE}' => bb_decode(process_smilies($data['m'])), '{SENDER_EMAIL}' => $data['se'], '{SENDER_NAME}' => $data['sn'], '{VIEW_MORE_TGT}' => $CONFIG['ecards_more_pic_target'], '{VIEW_MORE_LNK}' => $lang_ecard_php['view_more_pics'], '{PID}' => $data['pid'], '{PIC_TITLE}' => $data['pt'], '{PIC_CAPTION}' => $data['pc']);
// Parse template
echo template_eval($template_ecard, $params);
} else {
cpg_die(CRITICAL_ERROR, $lang_displayecard_php['invalid_data'], __FILE__, __LINE__);
}
function theme_html_comments($pid)
{
global $CONFIG, $USER, $CURRENT_ALBUM_DATA, $comment_date_fmt, $HTML_SUBST;
global $template_image_comments, $template_add_your_comment, $lang_display_comments, $lang_common, $REFERER;
$html = '';
//report to moderator buttons
if (!($CONFIG['report_post'] == 1 && USER_CAN_SEND_ECARDS)) {
template_extract_block($template_image_comments, 'report_comment_button');
}
if (!$CONFIG['enable_smilies']) {
$tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_no_smilies', '{EDIT}');
template_extract_block($template_image_comments, 'edit_box_smilies');
template_extract_block($template_add_your_comment, 'input_box_smilies');
} else {
$tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_smilies', '{EDIT}');
template_extract_block($template_image_comments, 'edit_box_no_smilies');
template_extract_block($template_add_your_comment, 'input_box_no_smilies');
}
$tmpl_comments_buttons = template_extract_block($template_image_comments, 'buttons', '{BUTTONS}');
$tmpl_comments_ipinfo = template_extract_block($template_image_comments, 'ipinfo', '{IPINFO}');
if ($CONFIG['comments_sort_descending'] == 1) {
$comment_sort_order = 'DESC';
} else {
$comment_sort_order = 'ASC';
}
$result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid, approval FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}' ORDER BY msg_id {$comment_sort_order}");
while ($row = mysql_fetch_array($result)) {
// while-loop start
$user_can_edit = GALLERY_ADMIN_MODE || USER_ID && USER_ID == $row['author_id'] && USER_CAN_POST_COMMENTS || !USER_ID && USER_CAN_POST_COMMENTS && $USER['ID'] == $row['author_md5_id'];
if ($user_can_edit != '' && $CONFIG['comment_user_edit'] != 0 || GALLERY_ADMIN_MODE) {
$comment_buttons = $tmpl_comments_buttons;
$comment_edit_box = $tmpl_comment_edit_box;
} else {
$comment_buttons = '';
$comment_edit_box = '';
}
$comment_ipinfo = $row['msg_raw_ip'] && GALLERY_ADMIN_MODE ? $tmpl_comments_ipinfo : '';
$hide_comment = 0;
// comment approval
$pending_approval = '';
if (USER_IS_ADMIN) {
//display the selector approve/disapprove
if ($row['approval'] == 'NO') {
$pending_approval = '<a href="reviewcom.php?pos=-{PID}&msg_id={MSG_ID}&what=approve" title="' . $lang_display_comments['approve'] . '"><img src="images/approve.gif" border="0" alt="" align="middle" /></a>';
} else {
$pending_approval = '<a href="reviewcom.php?pos=-{PID}&msg_id={MSG_ID}&what=disapprove" title="' . $lang_display_comments['disapprove'] . '"><img src="images/disapprove.gif" border="0" alt="" align="middle" /></a>';
}
} else {
// user or guest is logged in - start
if ($row['approval'] == 'NO') {
// the comment is not approved - start
if ($user_can_edit) {
// the comment comes from the current visitor, display it with a warning that it needs admin approval
$pending_approval = '<img src="images/approve.gif" border="0" alt="" title="' . $lang_display_comments['pending_approval'] . '" align="middle" />';
} else {
// the comment comes from someone else - don't display it at all
if ($CONFIG['comment_placeholder'] == 0) {
$hide_comment = 1;
} else {
$row['msg_author'] = $lang_display_comments['unapproved_comment'];
$row['msg_body'] = $lang_display_comments['pending_approval_message'];
$row['author_id'] = 0;
}
}
}
// the comment is not approved - end
}
// user or guest is logged in - end
if ($CONFIG['enable_smilies']) {
$comment_body = process_smilies(make_clickable($row['msg_body']));
$smilies = generate_smilies("f{$row['msg_id']}", 'msg_body');
} else {
$comment_body = make_clickable($row['msg_body']);
$smilies = '';
}
// wrap the comment into italics if it isn't approved
if ($row['approval'] == 'NO') {
$comment_body = '<em>' . $comment_body . '</em>';
$row['msg_author'] = $row['msg_author'];
}
$ip = $row['msg_hdr_ip'];
if ($row['msg_hdr_ip'] != $row['msg_raw_ip']) {
$ip .= ' [' . $row['msg_raw_ip'] . ']';
}
$params = array('{EDIT}' => &$comment_edit_box, '{BUTTONS}' => &$comment_buttons, '{IPINFO}' => &$comment_ipinfo, '{PENDING_APPROVAL}' => &$pending_approval);
$template = template_eval($template_image_comments, $params);
if ($row['author_id'] == 0) {
$profile_lnk = stripslashes($row['msg_author']);
} else {
$profile_lnk = '<a href="profile.php?uid=' . $row['author_id'] . '">' . stripslashes($row['msg_author']) . '</a>';
}
$params = array('{MSG_AUTHOR_LNK}' => $profile_lnk, '{MSG_AUTHOR}' => $row['msg_author'], '{MSG_ID}' => $row['msg_id'], '{PID}' => $row['pid'], '{EDIT_TITLE}' => &$lang_display_comments['edit_title'], '{DELETE_TITLE}' => &$lang_display_comments['delete_title'], '{CONFIRM_DELETE}' => &$lang_display_comments['confirm_delete'], '{MSG_DATE}' => localised_date($row['msg_date'], $comment_date_fmt), '{MSG_BODY}' => bb_decode($comment_body), '{MSG_BODY_RAW}' => $row['msg_body'], '{OK}' => &$lang_display_comments['OK'], '{SMILIES}' => $smilies, '{IP}' => $ip, '{REPORT_COMMENT_TITLE}' => &$lang_display_comments['report_comment_title'], '{WIDTH}' => $CONFIG['picture_table_width']);
if ($hide_comment != 1) {
$html .= template_eval($template, $params);
}
}
// while-loop end
if (USER_CAN_POST_COMMENTS && $CURRENT_ALBUM_DATA['comments'] == 'YES') {
if (USER_ID) {
$user_name_input = '<tr><td><input type="hidden" name="msg_author" value="' . stripslashes(USER_NAME) . '" /></td>';
template_extract_block($template_add_your_comment, 'user_name_input', $user_name_input);
$user_name = '';
} else {
$user_name = isset($USER['name']) ? '"' . strtr($USER['name'], $HTML_SUBST) . '"' : $lang_display_comments['your_name'] . '" onclick="javascript:this.value=\'\';';
}
if ($CONFIG['comment_captcha'] == 0 || $CONFIG['comment_captcha'] == 1 && USER_ID) {
template_extract_block($template_add_your_comment, 'comment_captcha');
}
$params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'], '{NAME}' => $lang_display_comments['name'], '{COMMENT}' => $lang_display_comments['comment'], '{CONFIRM}' => $lang_common['confirm'] . ' ' . cpg_display_help('f=empty.htm&base=64&h=' . urlencode(base64_encode(serialize($lang_common['captcha_help_title']))) . '&t=' . urlencode(base64_encode(serialize($lang_common['captcha_help']))), 470, 245), '{PIC_ID}' => $pid, '{USER_NAME}' => $user_name, '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'], '{OK}' => $lang_display_comments['OK'], '{SMILIES}' => '', '{WIDTH}' => $CONFIG['picture_table_width']);
if ($CONFIG['enable_smilies']) {
$params['{SMILIES}'] = generate_smilies();
} else {
template_extract_block($template_add_your_comment, 'smilies');
}
template_extract_block($template_add_your_comment, 'login_to_comment');
$html .= template_eval($template_add_your_comment, $params);
} else {
// user can not post comments
if ($CONFIG['comment_promote_registration'] == 1 && $CURRENT_ALBUM_DATA['comments'] == 'YES') {
template_extract_block($template_add_your_comment, 'user_name_input');
template_extract_block($template_add_your_comment, 'input_box_smilies');
template_extract_block($template_add_your_comment, 'comment_captcha');
template_extract_block($template_add_your_comment, 'smilies');
template_extract_block($template_add_your_comment, 'submit');
$params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'], '{WIDTH}' => $CONFIG['picture_table_width'], '{LOGIN_TO_COMMENT}' => sprintf($lang_display_comments['log_in_to_comment'], '<a href="login.php?referer=' . $REFERER . '">', '</a>'));
$html .= template_eval($template_add_your_comment, $params);
}
}
return $html;
}
function theme_html_comments($pid)
{
global $CONFIG, $USER, $CURRENT_ALBUM_DATA, $comment_date_fmt, $HTML_SUBST;
global $template_image_comments, $template_add_your_comment, $lang_display_comments;
$html = '';
//report to moderator buttons
if (!($CONFIG['report_post'] == 1 && USER_CAN_SEND_ECARDS)) {
template_extract_block($template_image_comments, 'report_comment_button');
}
if (!$CONFIG['enable_smilies']) {
$tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_no_smilies', '{EDIT}');
template_extract_block($template_image_comments, 'edit_box_smilies');
template_extract_block($template_add_your_comment, 'input_box_smilies');
} else {
$tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_smilies', '{EDIT}');
template_extract_block($template_image_comments, 'edit_box_no_smilies');
template_extract_block($template_add_your_comment, 'input_box_no_smilies');
}
$tmpl_comments_buttons = template_extract_block($template_image_comments, 'buttons', '{BUTTONS}');
$tmpl_comments_ipinfo = template_extract_block($template_image_comments, 'ipinfo', '{IPINFO}');
if ($CONFIG['comments_sort_descending'] == 1) {
$comment_sort_order = 'DESC';
} else {
$comment_sort_order = 'ASC';
}
$result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}' ORDER BY msg_id {$comment_sort_order}");
while ($row = mysql_fetch_array($result)) {
$user_can_edit = GALLERY_ADMIN_MODE || USER_ID && USER_ID == $row['author_id'] && USER_CAN_POST_COMMENTS || !USER_ID && USER_CAN_POST_COMMENTS && $USER['ID'] == $row['author_md5_id'];
$comment_buttons = $user_can_edit ? $tmpl_comments_buttons : '';
$comment_edit_box = $user_can_edit ? $tmpl_comment_edit_box : '';
$comment_ipinfo = $row['msg_raw_ip'] && GALLERY_ADMIN_MODE ? $tmpl_comments_ipinfo : '';
if ($CONFIG['enable_smilies']) {
$comment_body = process_smilies(make_clickable($row['msg_body']));
$smilies = generate_smilies("f{$row['msg_id']}", 'msg_body');
} else {
$comment_body = make_clickable($row['msg_body']);
$smilies = '';
}
$ip = $row['msg_hdr_ip'];
if ($row['msg_hdr_ip'] != $row['msg_raw_ip']) {
$ip .= ' [' . $row['msg_raw_ip'] . ']';
}
$params = array('{EDIT}' => &$comment_edit_box, '{BUTTONS}' => &$comment_buttons, '{IPINFO}' => &$comment_ipinfo);
$template = template_eval($template_image_comments, $params);
$params = array('{MSG_AUTHOR}' => stripslashes($row['msg_author']), '{MSG_ID}' => $row['msg_id'], '{PID}' => $row['pid'], '{EDIT_TITLE}' => &$lang_display_comments['edit_title'], '{CONFIRM_DELETE}' => &$lang_display_comments['confirm_delete'], '{MSG_DATE}' => localised_date($row['msg_date'], $comment_date_fmt), '{MSG_BODY}' => bb_decode($comment_body), '{MSG_BODY_RAW}' => $row['msg_body'], '{OK}' => &$lang_display_comments['OK'], '{SMILIES}' => $smilies, '{IP}' => $ip, '{REPORT_COMMENT_TITLE}' => &$lang_display_comments['report_comment_title'], '{WIDTH}' => $CONFIG['picture_table_width']);
$html .= template_eval($template, $params);
}
if (USER_CAN_POST_COMMENTS && $CURRENT_ALBUM_DATA['comments'] == 'YES') {
if (USER_ID) {
$user_name_input = '<tr><td><input type="hidden" name="msg_author" value="' . stripslashes(USER_NAME) . '" /></td>';
template_extract_block($template_add_your_comment, 'user_name_input', $user_name_input);
$user_name = '';
} else {
if (isset($USER['name'])) {
$user_name = strtr($USER['name'], $HTML_SUBST);
} else {
$user_name = $lang_display_comments['your_name'];
}
}
$params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'], '{NAME}' => $lang_display_comments['name'], '{COMMENT}' => $lang_display_comments['comment'], '{PIC_ID}' => $pid, '{USER_NAME}' => $user_name, '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'], '{OK}' => $lang_display_comments['OK'], '{SMILIES}' => '', '{WIDTH}' => $CONFIG['picture_table_width']);
if ($CONFIG['enable_smilies']) {
$params['{SMILIES}'] = generate_smilies();
} else {
template_extract_block($template_add_your_comment, 'smilies');
}
$html .= template_eval($template_add_your_comment, $params);
}
return $html;
}
function theme_html_comments($pid)
{
global $CONFIG, $USER, $CURRENT_ALBUM_DATA, $lang_date, $HTML_SUBST, $THEME_DIR;
global $template_image_comments, $template_add_your_comment, $lang_display_comments, $lang_common, $REFERER, $lang_bbcode_help_title, $lang_bbcode_help;
$superCage = Inspekt::makeSuperCage();
$template_add_your_comment = CPGPluginAPI::filter('theme_add_comment', $template_add_your_comment);
$template_image_comments = CPGPluginAPI::filter('theme_edit_comment', $template_image_comments);
list($timestamp, $form_token) = getFormToken();
$html = '';
//report to moderator buttons
if (!($CONFIG['report_post'] == 1 && USER_CAN_SEND_ECARDS)) {
template_extract_block($template_image_comments, 'report_comment_button');
}
if (!$CONFIG['enable_smilies']) {
$tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_no_smilies', '{EDIT}');
template_extract_block($template_image_comments, 'edit_box_smilies');
template_extract_block($template_add_your_comment, 'input_box_smilies');
} else {
$tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_smilies', '{EDIT}');
template_extract_block($template_image_comments, 'edit_box_no_smilies');
template_extract_block($template_add_your_comment, 'input_box_no_smilies');
}
$tmpl_comments_buttons = template_extract_block($template_image_comments, 'buttons', '{BUTTONS}');
$tmpl_comments_ipinfo = template_extract_block($template_image_comments, 'ipinfo', '{IPINFO}');
if ($CONFIG['comments_sort_descending'] == 1) {
$comment_sort_order = 'DESC';
} else {
$comment_sort_order = 'ASC';
}
$result = cpg_db_query("SELECT COUNT(msg_id) FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'");
list($num) = mysql_fetch_row($result);
if ($num) {
$limit = $CONFIG['comments_per_page'];
$max = ceil($num / $limit);
if ($superCage->get->keyExists('page')) {
$page = $superCage->get->getInt('page');
$page = min($page, $max);
$page = max(0, $page);
} else {
if ($CONFIG['comments_sort_descending'] == 1) {
$page = 1;
} else {
$page = $max;
}
}
$start = max(0, $num - ($max - ($page - 1)) * $limit);
$location = defined('THEME_HAS_COMMENT_GRAPHICS') ? $THEME_DIR : '';
ob_start();
echo '<br />';
starttable();
echo '<tr><td class="tableh2"><div style="float: left">' . $lang_display_comments['comment'] . ' ' . sprintf($lang_display_comments['comment_x_to_y_of_z'], $start + 1, min($num, $start + $limit), $num) . '</div>';
echo '<div style="float: right">' . $lang_display_comments['page'] . ': ';
$links = array();
for ($i = 1; $i <= $max; $i++) {
if ($i < 5 || $i > $max - 5 || $i > $page - 5 && $i < $page + 5) {
$links[$i] = '<a href="displayimage.php?pid=' . $pid . '&page=' . $i . '#comments_top">' . $i . '</a>';
}
}
$links[$page] = "<b>{$page}</b>";
echo implode(' - ', $links);
echo '</div></td></tr>';
endtable();
echo '<br />';
$html .= $tabs = ob_get_clean();
$result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid, approval FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}' ORDER BY msg_id {$comment_sort_order} LIMIT {$start}, {$limit}");
while ($row = mysql_fetch_assoc($result)) {
// while-loop start
$user_can_edit = GALLERY_ADMIN_MODE || USER_ID && USER_ID == $row['author_id'] && USER_CAN_POST_COMMENTS || !USER_ID && USER_CAN_POST_COMMENTS && $USER['ID'] == $row['author_md5_id'];
if ($user_can_edit != '' && $CONFIG['comment_user_edit'] != 0 || GALLERY_ADMIN_MODE) {
$comment_buttons = $tmpl_comments_buttons;
$comment_edit_box = $tmpl_comment_edit_box;
} else {
$comment_buttons = '';
$comment_edit_box = '';
}
$comment_ipinfo = $row['msg_raw_ip'] && GALLERY_ADMIN_MODE ? $tmpl_comments_ipinfo : '';
$hide_comment = 0;
// comment approval
$pending_approval = '';
if (USER_IS_ADMIN) {
//display the selector approve/disapprove
if ($row['approval'] == 'NO') {
$pending_approval = '<img src="' . $location . 'images/icons/comment_disapprove_disabled.png" border="0" alt="" width="16" height="16" class="icon" /><a href="reviewcom.php?pos=-{PID}&msg_id={MSG_ID}&form_token={FORM_TOKEN}&timestamp={TIMESTAMP}&what=approve" title="' . $lang_display_comments['approve'] . '"><img src="' . $location . 'images/icons/comment_approve.png" border="0" alt="" width="16" height="16" class="icon" /></a>';
} else {
$pending_approval = '<a href="reviewcom.php?pos=-{PID}&msg_id={MSG_ID}&form_token={FORM_TOKEN}&timestamp={TIMESTAMP}&what=disapprove" title="' . $lang_display_comments['disapprove'] . '"><img src="' . $location . 'images/icons/comment_disapprove.png" border="0" alt="" width="16" height="16" class="icon" /></a><img src="' . $location . 'images/icons/comment_approve_disabled.png" border="0" alt="" width="16" height="16" class="icon" />';
}
} else {
// user or guest is logged in - start
if ($row['approval'] == 'NO') {
// the comment is not approved - start
if ($user_can_edit) {
// the comment comes from the current visitor, display it with a warning that it needs admin approval
$pending_approval = '<img src="' . $location . 'images/icons/comment_approval.png" border="0" alt="" width="16" height="16" title="' . $lang_display_comments['pending_approval'] . '" class="icon" />';
} else {
// the comment comes from someone else - don't display it at all
if ($CONFIG['comment_placeholder'] == 0) {
$hide_comment = 1;
} else {
$row['msg_author'] = $lang_display_comments['unapproved_comment'];
$row['msg_body'] = $lang_display_comments['pending_approval_message'];
$row['author_id'] = 0;
}
}
}
// the comment is not approved - end
}
// user or guest is logged in - end
if ($CONFIG['enable_smilies']) {
$comment_body = process_smilies(make_clickable($row['msg_body']));
$smilies = generate_smilies("f{$row['msg_id']}", 'msg_body');
} else {
$comment_body = make_clickable($row['msg_body']);
$smilies = '';
}
// wrap the comment into italics if it isn't approved
if ($row['approval'] == 'NO') {
$comment_body = '<em>' . $comment_body . '</em>';
$row['msg_author'] = $row['msg_author'];
}
list($row['ip_detail']) = CPGPluginAPI::filter('ip_information', array('', $row['msg_hdr_ip']));
$ip = $row['msg_hdr_ip'] . $row['ip_detail'];
if ($row['msg_hdr_ip'] != $row['msg_raw_ip']) {
list($row['ip_detail']) = CPGPluginAPI::filter('ip_information', array('', $row['msg_raw_ip']));
$ip .= ' [' . $row['msg_raw_ip'] . $row['ip_detail'] . ']';
}
list($timestamp, $form_token) = getFormToken();
$params = array('{EDIT}' => &$comment_edit_box, '{BUTTONS}' => &$comment_buttons, '{IPINFO}' => &$comment_ipinfo, '{PENDING_APPROVAL}' => &$pending_approval, '{FORM_TOKEN}' => $form_token, '{TIMESTAMP}' => $timestamp);
$template = template_eval($template_image_comments, $params);
if ($row['author_id'] == 0) {
$profile_lnk = stripslashes($row['msg_author']);
} else {
$profile_lnk = '<a href="profile.php?uid=' . $row['author_id'] . '">' . stripslashes($row['msg_author']) . '</a>';
}
$params = array('{MSG_AUTHOR_LNK}' => $profile_lnk, '{MSG_AUTHOR}' => $row['msg_author'], '{MSG_ID}' => $row['msg_id'], '{PID}' => $row['pid'], '{EDIT_TITLE}' => &$lang_display_comments['edit_title'], '{DELETE_TITLE}' => &$lang_display_comments['delete_title'], '{DELETE_ICON}' => '<img src="' . $location . 'images/icons/delete.png" border="0" alt="" width="16" height="16" class="icon" />', '{EDIT_ICON}' => '<img src="' . $location . 'images/icons/edit.png" border="0" alt="" width="16" height="16" class="icon" />', '{CONFIRM_DELETE}' => &$lang_display_comments['confirm_delete'], '{MSG_DATE}' => localised_date($row['msg_date'], $lang_date['comment']), '{MSG_BODY}' => bb_decode($comment_body), '{MSG_BODY_RAW}' => $row['msg_body'], '{OK}' => &$lang_common['ok'], '{SMILIES}' => $smilies, '{IP}' => $ip, '{REPORT_COMMENT_TITLE}' => &$lang_display_comments['report_comment_title'], '{REPORT_COMMENT_ICON}' => '<img src="' . $location . 'images/icons/report.png" border="0" alt="" width="16" height="16" class="icon" />', '{WIDTH}' => $CONFIG['picture_table_width'] == "100%" ? $CONFIG['main_table_width'] : $CONFIG['picture_table_width'], '{FORM_TOKEN}' => $form_token, '{TIMESTAMP}' => $timestamp);
if ($hide_comment != 1) {
$html .= template_eval($template, $params);
}
}
// while-loop end
$html .= $tabs;
}
if (USER_CAN_POST_COMMENTS && $CURRENT_ALBUM_DATA['comments'] == 'YES') {
if (USER_ID) {
$user_name_input = '<tr><td colspan="2"><input type="hidden" name="msg_author" value="' . stripslashes(USER_NAME) . '" /></td>';
template_extract_block($template_add_your_comment, 'user_name_input', $user_name_input);
$user_name = '';
} else {
if (isset($USER['name'])) {
$user_name = strtr($USER['name'], $HTML_SUBST);
} else {
$user_name = $lang_display_comments['your_name'];
}
}
if ($CONFIG['comment_captcha'] == 0 || $CONFIG['comment_captcha'] == 2 && USER_ID) {
template_extract_block($template_add_your_comment, 'comment_captcha');
} else {
$template_add_your_comment = CPGPluginAPI::filter('captcha_comment_print', $template_add_your_comment);
}
if ($CONFIG['show_bbcode_help']) {
$captionLabel = ' ' . cpg_display_help('f=empty.htm&h=lang_bbcode_help_title&t=lang_bbcode_help', 470, 245);
}
list($timestamp, $form_token) = getFormToken();
$params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'], '{NAME}' => $lang_display_comments['name'], '{COMMENT}' => $lang_display_comments['comment'], '{CONFIRM}' => $lang_common['confirm'] . ' ' . cpg_display_help('f=empty.htm&h=lang_common[captcha_help_title]&t=lang_common[captcha_help]', 470, 245), '{PIC_ID}' => $pid, '{USER_NAME}' => $user_name, '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'], '{OK}' => $lang_common['ok'], '{OK_ICON}' => cpg_fetch_icon('ok', 1), '{DEFAULT_USERNAME}' => $lang_display_comments['your_name'], '{DEFAULT_USERNAME_MESSAGE}' => $lang_display_comments['default_username_message'], '{SMILIES}' => '', '{WIDTH}' => $CONFIG['picture_table_width'] == "100%" ? $CONFIG['main_table_width'] : $CONFIG['picture_table_width'], '{HELP_ICON}' => $captionLabel, '{FORM_TOKEN}' => $form_token, '{TIMESTAMP}' => $timestamp);
if ($CONFIG['enable_smilies']) {
$params['{SMILIES}'] = generate_smilies();
} else {
template_extract_block($template_add_your_comment, 'smilies');
}
template_extract_block($template_add_your_comment, 'login_to_comment');
if ($CONFIG['comments_sort_descending'] == 1) {
$html = '<br />' . template_eval($template_add_your_comment, $params) . $html;
} else {
$html .= template_eval($template_add_your_comment, $params);
}
} else {
// user can not post comments
if ($CONFIG['comment_promote_registration'] == 1 && $CURRENT_ALBUM_DATA['comments'] == 'YES') {
template_extract_block($template_add_your_comment, 'user_name_input');
if ($CONFIG['enable_smilies'] == 1) {
template_extract_block($template_add_your_comment, 'input_box_smilies');
} else {
template_extract_block($template_add_your_comment, 'input_box_no_smilies');
}
template_extract_block($template_add_your_comment, 'comment_captcha');
template_extract_block($template_add_your_comment, 'smilies');
template_extract_block($template_add_your_comment, 'submit');
$params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'], '{WIDTH}' => $CONFIG['picture_table_width'] == "100%" ? $CONFIG['main_table_width'] : $CONFIG['picture_table_width'], '{LOGIN_TO_COMMENT}' => sprintf($lang_display_comments['log_in_to_comment'], '<a href="login.php?referer=' . $REFERER . '">', '</a>'), '{HELP_ICON}' => '');
if ($CONFIG['comments_sort_descending'] == 1) {
$html = '<br />' . template_eval($template_add_your_comment, $params) . $html;
} else {
$html .= template_eval($template_add_your_comment, $params);
}
}
}
return $html;
}
function get_pic_data($album, &$count, &$album_name, $limit1 = -1, $limit2 = -1, $set_caption = true)
{
global $USER, $CONFIG, $ALBUM_SET, $CURRENT_CAT_NAME, $CURRENT_ALBUM_KEYWORD, $HTTP_GET_VARS, $HTML_SUBST, $THEME_DIR, $FAVPICS;
global $album_date_fmt, $lastcom_date_fmt, $lastup_date_fmt, $lasthit_date_fmt;
global $lang_get_pic_data, $lang_meta_album_names, $lang_errors;
$sort_array = array('na' => 'filename ASC', 'nd' => 'filename DESC', 'ta' => 'title ASC', 'td' => 'title DESC', 'da' => 'pid ASC', 'dd' => 'pid DESC');
$sort_code = isset($USER['sort']) ? $USER['sort'] : $CONFIG['default_sort_order'];
$sort_order = isset($sort_array[$sort_code]) ? $sort_array[$sort_code] : $sort_array[$CONFIG['default_sort_order']];
$limit = $limit1 != -1 ? ' LIMIT ' . $limit1 : '';
$limit .= $limit2 != -1 ? ' ,' . $limit2 : '';
if ($limit2 == 1) {
$select_columns = '*';
} else {
$select_columns = 'pid, filepath, filename, url_prefix, filesize, pwidth, pheight, ctime, aid';
}
// Keyword
if (!empty($CURRENT_ALBUM_KEYWORD)) {
$keyword = "OR keywords like '%{$CURRENT_ALBUM_KEYWORD}%'";
} else {
$keyword = '';
}
// Regular albums
if (is_numeric($album)) {
$album_name_keyword = get_album_name($album);
$album_name = $album_name_keyword['title'];
$album_keyword = $album_name_keyword['keyword'];
if (!empty($album_keyword)) {
$keyword = "OR keywords like '%{$album_keyword}%'";
}
$approved = GALLERY_ADMIN_MODE ? '' : 'AND approved=\'YES\'';
$result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE aid='{$album}' {$keyword} {$approved} {$ALBUM_SET}");
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
if ($select_columns != '*') {
$select_columns .= ', title, caption,hits,owner_id,owner_name';
}
$result = db_query("SELECT {$select_columns} from {$CONFIG['TABLE_PICTURES']} WHERE aid='{$album}' {$keyword} {$approved} {$ALBUM_SET} ORDER BY {$sort_order} {$limit}");
$rowset = db_fetch_rowset($result);
mysql_free_result($result);
// Set picture caption
if ($set_caption) {
foreach ($rowset as $key => $row) {
$caption = "<span class=\"thumb_title\">";
$caption .= $rowset[$key]['title'] || $rowset[$key]['hits'] ? $rowset[$key]['title'] : '';
if ($CONFIG['views_in_thumbview']) {
if ($rowset[$key]['title']) {
$caption .= " – ";
}
$caption .= sprintf($lang_get_pic_data['n_views'], $rowset[$key]['hits']);
}
$caption .= "</span>";
if ($CONFIG['caption_in_thumbview']) {
$caption .= $rowset[$key]['caption'] ? "<span class=\"thumb_caption\">" . bb_decode($rowset[$key]['caption']) . "</span>" : '';
}
if ($CONFIG['display_comment_count']) {
$comments_nr = count_pic_comments($row['pid']);
if ($comments_nr > 0) {
$caption .= "<span class=\"thumb_num_comments\">" . sprintf($lang_get_pic_data['n_comments'], $comments_nr) . "</span>";
}
}
if ($CONFIG['display_uploader']) {
$caption .= '<span class="thumb_title"><a href ="profile.php?uid=' . $rowset[$key]['owner_id'] . '">' . $rowset[$key]['owner_name'] . '</a></span>';
}
$rowset[$key]['caption_text'] = $caption;
}
}
return $rowset;
}
// Meta albums
switch ($album) {
case 'lastcom':
// Last comments
if ($ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $album_name = $lang_meta_album_names['lastcom'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['lastcom'];
}
$query = "SELECT COUNT(*) from {$CONFIG['TABLE_COMMENTS']}, {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND {$CONFIG['TABLE_COMMENTS']}.pid = {$CONFIG['TABLE_PICTURES']}.pid {$keyword} {$ALBUM_SET}";
$result = db_query($query);
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
if ($select_columns == '*') {
$select_columns = 'p.*';
} else {
$select_columns = str_replace('pid', 'c.pid', $select_columns) . ', msg_id, author_id, msg_author, UNIX_TIMESTAMP(msg_date) as msg_date, msg_body, aid';
}
$TMP_SET = str_replace($CONFIG['TABLE_PICTURES'], 'p', $ALBUM_SET);
$result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_COMMENTS']} as c, {$CONFIG['TABLE_PICTURES']} as p WHERE approved = 'YES' AND c.pid = p.pid {$keyword} {$TMP_SET} ORDER by msg_id DESC {$limit}");
$rowset = db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
foreach ($rowset as $key => $row) {
if ($row['author_id']) {
$user_link = '<a href ="profile.php?uid=' . $row['author_id'] . '">' . $row['msg_author'] . '</a>';
} else {
$user_link = $row['msg_author'];
}
$msg_body = strlen($row['msg_body']) > 50 ? @substr($row['msg_body'], 0, 50) . "..." : $row['msg_body'];
if ($CONFIG['enable_smilies']) {
$msg_body = process_smilies($msg_body);
}
$caption = '<span class="thumb_title">' . $user_link . '</span>' . '<span class="thumb_caption">' . localised_date($row['msg_date'], $lastcom_date_fmt) . '</span>' . '<span class="thumb_caption">' . $msg_body . '</span>';
$rowset[$key]['caption_text'] = $caption;
}
}
return $rowset;
break;
case 'lastcomby':
// Last comments by a specific user
if (isset($USER['uid'])) {
$uid = (int) $USER['uid'];
} else {
$uid = -1;
}
$user_name = get_username($uid);
if ($ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $album_name = $lang_meta_album_names['lastcom'] . ' - ' . $CURRENT_CAT_NAME . ' - ' . $user_name;
} else {
$album_name = $lang_meta_album_names['lastcom'] . ' - ' . $user_name;
}
$result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_COMMENTS']}, {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND author_id = '{$uid}' AND {$CONFIG['TABLE_COMMENTS']}.pid = {$CONFIG['TABLE_PICTURES']}.pid {$ALBUM_SET}");
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
if ($select_columns == '*') {
$select_columns = 'p.*';
} else {
$select_columns = str_replace('pid', 'c.pid', $select_columns) . ', msg_id, author_id, msg_author, UNIX_TIMESTAMP(msg_date) as msg_date, msg_body, aid';
}
$result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_COMMENTS']} as c, {$CONFIG['TABLE_PICTURES']} as p WHERE approved = 'YES' AND author_id = '{$uid}' AND c.pid = p.pid {$ALBUM_SET} ORDER by msg_id DESC {$limit}");
$rowset = db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
foreach ($rowset as $key => $row) {
if ($row['author_id']) {
$user_link = '<a href ="profile.php?uid=' . $row['author_id'] . '">' . $row['msg_author'] . '</a>';
} else {
$user_link = $row['msg_author'];
}
$caption = '<span class="thumb_title">' . $user_link . '</span>' . '<span class="thumb_caption">' . localised_date($row['msg_date'], $lastcom_date_fmt) . '</span>' . '<span class="thumb_caption">' . $row['msg_body'] . '</span>';
$rowset[$key]['caption_text'] = $caption;
}
}
return $rowset;
break;
case 'lastup':
// Last uploads
if ($ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['lastup'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['lastup'];
}
$result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$ALBUM_SET}");
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
if ($select_columns != '*') {
$select_columns .= ',title, caption, owner_id, owner_name, aid';
}
$result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$ALBUM_SET} ORDER BY pid DESC {$limit}");
$rowset = db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
foreach ($rowset as $key => $row) {
$user_link = $CONFIG['display_uploader'] && $row['owner_id'] && $row['owner_name'] ? '<span class="thumb_title"><a href ="profile.php?uid=' . $row['owner_id'] . '">' . $row['owner_name'] . '</a></span>' : '';
$caption = $user_link . '<span class="thumb_caption">' . localised_date($row['ctime'], $lastup_date_fmt) . '</span>';
$rowset[$key]['caption_text'] = $caption;
}
}
return $rowset;
break;
case 'lastupby':
// Last uploads by a specific user
if (isset($USER['uid'])) {
$uid = (int) $USER['uid'];
} else {
$uid = -1;
}
$user_name = get_username($uid);
if ($ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['lastup'] . ' - ' . $CURRENT_CAT_NAME . ' - ' . $user_name;
} else {
$album_name = $lang_meta_album_names['lastup'] . ' - ' . $user_name;
}
$result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND owner_id = '{$uid}' {$ALBUM_SET}");
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
if ($select_columns != '*') {
$select_columns .= ', owner_id, owner_name, aid';
}
$result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND owner_id = '{$uid}' {$ALBUM_SET} ORDER BY pid DESC {$limit}");
$rowset = db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
foreach ($rowset as $key => $row) {
if ($row['owner_id'] && $row['owner_name']) {
$user_link = '<span class="thumb_title"><a href ="profile.php?uid=' . $row['owner_id'] . '">' . $row['owner_name'] . '</a></span>';
} else {
$user_link = '';
}
$caption = $user_link . '<span class="thumb_caption">' . localised_date($row['ctime'], $lastup_date_fmt) . '</span>';
$rowset[$key]['caption_text'] = $caption;
}
}
return $rowset;
break;
case 'topn':
// Most viewed pictures
if ($ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['topn'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['topn'];
}
$query = "SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND hits > 0 {$ALBUM_SET} {$keyword}";
$result = db_query($query);
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
if ($select_columns != '*') {
$select_columns .= ', hits, aid, filename';
}
$result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES'AND hits > 0 {$ALBUM_SET} {$keyword} ORDER BY hits DESC, filename {$limit}");
$rowset = db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
foreach ($rowset as $key => $row) {
$caption = "<span class=\"thumb_caption\">" . sprintf($lang_get_pic_data['n_views'], $row['hits']) . '</span>';
$rowset[$key]['caption_text'] = $caption;
}
}
return $rowset;
break;
case 'toprated':
// Top rated pictures
if ($ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['toprated'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['toprated'];
}
$result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND votes >= '{$CONFIG['min_votes_for_rating']}' {$ALBUM_SET}");
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
if ($select_columns != '*') {
$select_columns .= ', pic_rating, votes, aid';
}
$result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND votes >= '{$CONFIG['min_votes_for_rating']}' {$ALBUM_SET} ORDER BY ROUND((pic_rating+1)/2000) DESC, votes DESC {$limit}");
$rowset = db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
foreach ($rowset as $key => $row) {
if (defined('THEME_HAS_RATING_GRAPHICS')) {
$prefix = $THEME_DIR;
} else {
$prefix = '';
}
$caption = "<span class=\"thumb_caption\">" . '<img src="' . $prefix . 'images/rating' . round($row['pic_rating'] / 2000) . '.gif" align="absmiddle"/>' . '<br />' . sprintf($lang_get_pic_data['n_votes'], $row['votes']) . '</span>';
$rowset[$key]['caption_text'] = $caption;
}
}
return $rowset;
break;
case 'lasthits':
// Last viewed pictures
if ($ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['lasthits'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['lasthits'];
}
$result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$ALBUM_SET}");
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
if ($select_columns != '*') {
$select_columns .= ', UNIX_TIMESTAMP(mtime) as mtime, aid';
}
$result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$ALBUM_SET} ORDER BY mtime DESC {$limit}");
$rowset = db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
foreach ($rowset as $key => $row) {
$caption = "<span class=\"thumb_caption\">" . localised_date($row['mtime'], $lasthit_date_fmt) . '</span>';
$rowset[$key]['caption_text'] = $caption;
}
}
return $rowset;
break;
case 'random':
// Random pictures
if ($ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['random'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['random'];
}
$result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$ALBUM_SET}");
$nbEnr = mysql_fetch_array($result);
$pic_count = $nbEnr[0];
mysql_free_result($result);
if ($select_columns != '*') {
$select_columns .= ', aid';
}
// if we have more than 1000 pictures, we limit the number of picture returned
// by the SELECT statement as ORDER BY RAND() is time consuming
/* Commented out due to image not found bug
if ($pic_count > 1000) {
$result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES'");
$nbEnr = mysql_fetch_array($result);
$total_count = $nbEnr[0];
mysql_free_result($result);
$granularity = floor($total_count / RANDPOS_MAX_PIC);
$cor_gran = ceil($total_count / $pic_count);
srand(time());
for ($i=1; $i<= $cor_gran; $i++) $random_num_set =rand(0, $granularity).', ';
$random_num_set = substr($random_num_set,0, -2);
$result = db_query("SELECT $select_columns FROM {$CONFIG['TABLE_PICTURES']} WHERE randpos IN ($random_num_set) AND approved = 'YES' $ALBUM_SET ORDER BY RAND() LIMIT $limit2");
} else {
*/
$sql = "SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$ALBUM_SET} ORDER BY RAND() LIMIT {$limit2}";
$result = db_query($sql);
$rowset = array();
while ($row = mysql_fetch_array($result)) {
$row['caption_text'] = '';
$rowset[-$row['pid']] = $row;
}
mysql_free_result($result);
return $rowset;
break;
case 'search':
// Search results
if (isset($USER['search'])) {
$search_string = $USER['search'];
} else {
$search_string = '';
}
if (substr($search_string, 0, 3) == '###') {
$query_all = 1;
$search_string = substr($search_string, 3);
} else {
$query_all = 0;
}
if ($ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['search'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['search'] . ' - "' . strtr($search_string, $HTML_SUBST) . '"';
}
include 'include/search.inc.php';
return $rowset;
break;
case 'lastalb':
// Last albums to which uploads
if ($ALBUM_SET && $CURRENT_CAT_NAME) {
$album_name = $lang_meta_album_names['lastalb'] . ' - ' . $CURRENT_CAT_NAME;
} else {
$album_name = $lang_meta_album_names['lastalb'];
}
$ALBUM_SET = str_replace("aid", $CONFIG['TABLE_PICTURES'] . ".aid", $ALBUM_SET);
$result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' {$ALBUM_SET}");
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
$result = db_query("SELECT *,{$CONFIG['TABLE_ALBUMS']}.title AS title,{$CONFIG['TABLE_ALBUMS']}.aid AS aid FROM {$CONFIG['TABLE_PICTURES']},{$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND approved = 'YES' {$ALBUM_SET} GROUP BY {$CONFIG['TABLE_PICTURES']}.aid ORDER BY {$CONFIG['TABLE_PICTURES']}.ctime DESC {$limit}");
$rowset = db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
foreach ($rowset as $key => $row) {
$caption = "<span class=\"thumb_caption\">" . $row['title'] . " - " . localised_date($row['ctime'], $lastup_date_fmt) . '</span>';
$rowset[$key]['caption_text'] = $caption;
}
}
return $rowset;
break;
case 'favpics':
// Favourite Pictures
$album_name = $lang_meta_album_names['favpics'];
$rowset = array();
if (count($FAVPICS) > 0) {
$favs = implode(",", $FAVPICS);
$result = db_query("SELECT COUNT(*) from {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES' AND pid IN ({$favs})");
$nbEnr = mysql_fetch_array($result);
$count = $nbEnr[0];
mysql_free_result($result);
$select_columns = '*';
$result = db_query("SELECT {$select_columns} FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'YES'AND pid IN ({$favs}) {$limit}");
$rowset = db_fetch_rowset($result);
mysql_free_result($result);
if ($set_caption) {
foreach ($rowset as $key => $row) {
$caption = $rowset[$key]['title'] ? "<span class=\"thumb_caption\">" . $rowset[$key]['title'] . "</span>" : '';
$rowset[$key]['caption_text'] = $caption;
}
}
}
return $rowset;
break;
default:
// Invalid meta album
cpg_die(ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
}
}
function html_comments($pid)
{
global $CONFIG, $USER, $CURRENT_ALBUM_DATA, $comment_date_fmt, $HTML_SUBST;
global $template_image_comments, $template_add_your_comment, $lang_display_comments;
$html = '';
if (!$CONFIG['enable_smilies']) {
$tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_no_smilies', '{EDIT}');
template_extract_block($template_image_comments, 'edit_box_smilies');
template_extract_block($template_add_your_comment, 'input_box_smilies');
} else {
$tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_smilies', '{EDIT}');
template_extract_block($template_image_comments, 'edit_box_no_smilies');
template_extract_block($template_add_your_comment, 'input_box_no_smilies');
}
$tmpl_comments_buttons = template_extract_block($template_image_comments, 'buttons', '{BUTTONS}');
$tmpl_comments_ipinfo = template_extract_block($template_image_comments, 'ipinfo', '{IPINFO}');
$result = db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}' ORDER BY msg_id ASC");
while ($row = mysql_fetch_array($result)) {
$user_can_edit = GALLERY_ADMIN_MODE || USER_ID && USER_ID == $row['author_id'] && USER_CAN_POST_COMMENTS || !USER_ID && USER_CAN_POST_COMMENTS && $USER['ID'] == $row['author_md5_id'];
$comment_buttons = $user_can_edit ? $tmpl_comments_buttons : '';
$comment_edit_box = $user_can_edit ? $tmpl_comment_edit_box : '';
$comment_ipinfo = $row['msg_raw_ip'] && GALLERY_ADMIN_MODE ? $tmpl_comments_ipinfo : '';
if ($CONFIG['enable_smilies']) {
$comment_body = process_smilies(make_clickable($row['msg_body']));
$smilies = generate_smilies("f{$row['msg_id']}", 'msg_body');
} else {
$comment_body = make_clickable($row['msg_body']);
$smilies = '';
}
$params = array('{EDIT}' => &$comment_edit_box, '{BUTTONS}' => &$comment_buttons, '{IPINFO}' => &$comment_ipinfo);
$template = template_eval($template_image_comments, $params);
$params = array('{MSG_AUTHOR}' => $row['msg_author'], '{MSG_ID}' => $row['msg_id'], '{EDIT_TITLE}' => &$lang_display_comments['edit_title'], '{CONFIRM_DELETE}' => &$lang_display_comments['confirm_delete'], '{MSG_DATE}' => localised_date($row['msg_date'], $comment_date_fmt), '{MSG_BODY}' => &$comment_body, '{MSG_BODY_RAW}' => $row['msg_body'], '{OK}' => &$lang_display_comments['OK'], '{SMILIES}' => $smilies, '{HDR_IP}' => $row['msg_hdr_ip'], '{RAW_IP}' => $row['msg_raw_ip']);
$html .= template_eval($template, $params);
}
if (USER_CAN_POST_COMMENTS && $CURRENT_ALBUM_DATA['comments'] == 'YES') {
if (USER_ID) {
$user_name_input = '<input type="hidden" name="msg_author" value="' . USER_NAME . '">';
template_extract_block($template_add_your_comment, 'user_name_input', $user_name_input);
$user_name = '';
} else {
$user_name = isset($USER['name']) ? '"' . strtr($USER['name'], $HTML_SUBST) . '"' : '"' . $lang_display_comments['your_name'] . '" onClick="javascript:this.value=\'\';"';
}
$params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'], '{NAME}' => $lang_display_comments['name'], '{COMMENT}' => $lang_display_comments['comment'], '{PIC_ID}' => $pid, '{USER_NAME}' => $user_name, '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'], '{OK}' => $lang_display_comments['OK'], '{SMILIES}' => '');
if ($CONFIG['enable_smilies']) {
$params['{SMILIES}'] = generate_smilies();
}
$html .= template_eval($template_add_your_comment, $params);
}
return $html;
}
if (mysql_num_rows($result)) {
$user_status = $lang_register_php['banned'];
} elseif (isset($user_data['user_active']) && $user_data['user_active'] == 'YES') {
$user_status = $lang_usermgr_php['status_active'];
} elseif (isset($user_data['user_active']) && $user_data['user_active'] == 'NO') {
$user_status = $lang_usermgr_php['status_inactive'];
} else {
$user_status = '';
}
if ($user_thumb != '') {
$user_thumb = '<td width="50%" valign="top" align="center">' . '<a href="thumbnails.php?album=lastupby&uid=' . $uid . '">' . '<span class="thumb_title">' . $lang_register_php['last_uploads'] . '<br />' . sprintf($lang_register_php['last_uploads_detail'], $user_data['user_name']) . '<br /></span>' . $user_thumb . '</a></td>';
}
$lastComArray = cpgUserLastComment($uid);
if ($lastComArray['count'] != 0) {
$lastcom = '<td width="50%" valign="top" align="center">' . '<a href="thumbnails.php?album=lastcomby&uid=' . $uid . '">' . '<span class="thumb_title">' . $lang_register_php['last_comments'] . '<br />' . sprintf($lang_register_php['last_comments_detail'], $user_data['user_name']) . '<br /></span>' . $lastComArray['thumb'] . '</a><br />';
$lastcom .= "<span class=\"thumb_caption\">" . localised_date($lastComArray['msg_date'], $lang_date['lastcom']) . '</span>' . "<span class=\"thumb_caption\">" . bb_decode(process_smilies($lastComArray['comment'])) . '</span></td>';
}
$quick_jump = $user_thumb . $lastcom ? '<table width="100%" border="0" cellspacing="5"><tr>' . $user_thumb . $lastcom . '</tr></table>' : '';
list($timestamp, $form_token) = getFormToken();
if ($uid == USER_ID) {
$adminLink = '<a href="profile.php?op=edit_profile" class="admin_menu">' . $lang_register_php['edit_my_profile'] . '</a>';
} elseif (GALLERY_ADMIN_MODE) {
$adminLink = '<a href="usermgr.php?op=edit&user_id=' . $uid . '&form_token=' . $form_token . '×tamp=' . $timestamp . '" class="admin_menu">' . $icon_array['edit'] . sprintf($lang_register_php['edit_xs_profile'], $user_data['user_name']) . '</a>';
} else {
$adminLink = '';
}
$form_data = array('username' => $user_data['user_name'], 'status' => $user_status, 'reg_date' => localised_date($user_data['user_regdate'], $lang_date['register']), 'group' => $user_data['group_name'], 'user_profile1' => $user_data['user_profile1'], 'user_profile2' => $user_data['user_profile2'], 'user_profile3' => $user_data['user_profile3'], 'user_profile4' => $user_data['user_profile4'], 'user_profile5' => $user_data['user_profile5'], 'user_profile6' => bb_decode($user_data['user_profile6']), 'user_thumb' => $quick_jump, 'pic_count' => cpgUserPicCount($uid), 'admin_link' => $adminLink);
$title = sprintf($lang_register_php['x_s_profile'], $user_data['user_name']);
pageheader($title);
// Displays the profile of any user
starttable(-1, cpg_fetch_icon('my_profile', 2) . $title, 2);
// Get picture thumbnail url
$result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} p WHERE pid='{$pid}' {$FORBIDDEN_SET}");
if (!$result->numRows()) {
cpg_die(ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
}
$row = $result->fetchArray(true);
$thumb_pic_url = get_pic_url($row, 'thumb');
if ($what == 'comment') {
$result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, approval FROM {$CONFIG['TABLE_COMMENTS']} WHERE msg_id='{$cid}' AND approval = 'YES' AND pid='{$pid}'");
if (!$result->numRows()) {
cpg_die(ERROR, $lang_errors['non_exist_comment'], __FILE__, __LINE__);
}
$row = $result->fetchArray(true);
$comment = bb_decode($row['msg_body']);
if ($CONFIG['enable_smilies']) {
$comment = process_smilies($comment);
}
$msg_author = $row['msg_author'];
$comment_field_name = sprintf($lang_report_php['comment_field_name'], $msg_author);
$type = $lang_report_php['type_comment'];
$template = $template_report_comment_email;
$form_action = "{$CPG_PHP_SELF}?pid={$pid}&msg_id={$cid}&what=comment";
//template_extract_block($template_report_form, 'reason_missing'); //need help to toggle off reason(missing) since doesn't apply to comments
} else {
//template_extract_block($template_report_form, 'display_comment'); //need help remove comment preview when reporting picture
}
// Check supplied email address
$valid_sender_email = Inspekt::isEmail($sender_email);
$invalid_email = '<div class="cpg_message_error">' . $lang_report_php['invalid_email'] . '</div>';
if (!$valid_sender_email && $superCage->post->keyExists('subject')) {
$sender_email_warning = $invalid_email;
define('IN_COPPERMINE', true);
define('DISPLAYREPORT_PHP', true);
require 'include/init.inc.php';
require 'include/smilies.inc.php';
if (!GALLERY_ADMIN_MODE) {
cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
}
if ($superCage->get->keyExists('data')) {
$get_data = $superCage->get->getEscaped('data');
} else {
cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'], __FILE__, __LINE__);
}
$data = array();
//$data = @unserialize(@base64_decode($_GET['data']));
$data = @unserialize(@base64_decode($get_data));
if (is_array($data)) {
// Remove HTML tags as we can't trust what we receive
//foreach($data as $key => $value) $data[$key] = strtr($value, $HTML_SUBST);
// Load template parameters
if ($data['t'] == 'comment') {
$params = array('{LANG_DIR}' => $lang_text_dir, '{TITLE}' => sprintf($lang_report_php['report_subject'], $data['sn'], $data['t']), '{CHARSET}' => $CONFIG['charset'] == 'language file' ? $lang_charset : $CONFIG['charset'], '{VIEW_REPORT_TGT}' => '', '{VIEW_REPORT_LNK}' => '', '{URL_PREFIX}' => '', '{SUBJECT}' => $data['su'], '{MESSAGE}' => nl2br(process_smilies($data['m'])), '{SENDER_EMAIL}' => $data['se'], '{SENDER_NAME}' => $data['sn'], '{VIEW_MORE_TGT}' => $CONFIG['ecards_more_pic_target'], '{VIEW_MORE_LNK}' => $lang_report_php['view_more_pics'], '{REASON}' => $data['r'], '{COMMENT}' => $data['c'], '{COMMENT_ID}' => $data['cid'], '{VIEW_COMMENT_LNK}' => $lang_report_php['view_comment'], '{COMMENT_LNK}' => $lang_report_php['go_comment'], '{COMMENT_TGT}' => "{$CONFIG['ecards_more_pic_target']}displayimage.php?pid=" . $data['pid'] . "#comment" . $data['cid'], '{PID}' => $data['pid']);
// Parse template if report is on a comment
echo template_eval($template_report_comment, $params);
} else {
$params = array('{LANG_DIR}' => $lang_text_dir, '{TITLE}' => sprintf($lang_report_php['report_subject'], $data['sn'], $data['t']), '{CHARSET}' => $CONFIG['charset'] == 'language file' ? $lang_charset : $CONFIG['charset'], '{VIEW_REPORT_TGT}' => '', '{VIEW_REPORT_LNK}' => '', '{PIC_URL}' => $data['p'], '{PIC_TGT}' => "{$CONFIG['ecards_more_pic_target']}displayimage.php?pid=" . $data['pid'], '{URL_PREFIX}' => '', '{SUBJECT}' => $data['su'], '{MESSAGE}' => nl2br(process_smilies($data['m'])), '{SENDER_EMAIL}' => $data['se'], '{SENDER_NAME}' => $data['sn'], '{VIEW_MORE_TGT}' => $CONFIG['ecards_more_pic_target'], '{VIEW_MORE_LNK}' => $lang_report_php['view_more_pics'], '{REASON}' => $data['r'], '{PID}' => $data['pid']);
// Parse template
echo template_eval($template_report, $params);
}
} else {
cpg_die(CRITICAL_ERROR, $lang_report_php['invalid_data'], __FILE__, __LINE__);
}
/**
* build_caption()
*
* @param array $rowset by reference
* @param array $must_have
**/
function build_caption(&$rowset, $must_have = array())
{
global $CONFIG, $THEME_DIR;
global $album_date_fmt, $lastcom_date_fmt, $lastup_date_fmt, $lasthit_date_fmt, $cat;
global $lang_get_pic_data, $lang_meta_album_names, $lang_errors;
foreach ($rowset as $key => $row) {
$caption = '';
if ($CONFIG['display_filename']) {
$caption .= '<span class="thumb_filename">' . $row['filename'] . '</span>';
}
$caption .= $row['title'] ? '<span class="thumb_title">' . $row['title'] . '</span>' : '';
if ($CONFIG['views_in_thumbview'] || in_array('hits', $must_have)) {
$caption .= '<span class="thumb_title">' . sprintf($lang_get_pic_data['n_views'], $row['hits']) . '</span>';
}
if ($CONFIG['caption_in_thumbview']) {
$caption .= $row['caption'] ? "<span class=\"thumb_caption\">" . strip_tags(bb_decode($row['caption'])) . "</span>" : '';
}
if ($CONFIG['display_comment_count']) {
$comments_nr = count_pic_comments($row['pid']);
if ($comments_nr > 0) {
$caption .= "<span class=\"thumb_num_comments\">" . sprintf($lang_get_pic_data['n_comments'], $comments_nr) . "</span>";
}
}
if ($CONFIG['display_uploader']) {
$caption .= $row['owner_id'] && $row['owner_name'] ? '<span class="thumb_title"><a href ="profile.php?uid=' . $row['owner_id'] . '">' . $row['owner_name'] . '</a></span>' : '';
}
if (in_array('msg_date', $must_have)) {
$caption .= '<span class="thumb_caption">' . localised_date($row['msg_date'], $lastcom_date_fmt) . '</span>';
}
if (in_array('msg_body', $must_have)) {
$msg_body = strip_tags(bb_decode($row['msg_body']));
// I didn't want to fully bb_decode the message where report to admin isn't available. -donnoman
$msg_body = utf_strlen($msg_body) > 50 ? utf_substr($msg_body, 0, 50) . '...' : $msg_body;
if ($CONFIG['enable_smilies']) {
$msg_body = process_smilies($msg_body);
}
if ($row['author_id']) {
$caption .= '<span class="thumb_caption"><a href ="profile.php?uid=' . $row['author_id'] . '">' . $row['msg_author'] . '</a>: ' . $msg_body . '</span>';
} else {
$caption .= '<span class="thumb_caption">' . $row['msg_author'] . ': ' . $msg_body . '</span>';
}
}
if (in_array('ctime', $must_have)) {
$caption .= '<span class="thumb_caption">' . localised_date($row['ctime'], $lastup_date_fmt) . '</span>';
}
if (in_array('pic_rating', $must_have)) {
if (defined('THEME_HAS_RATING_GRAPHICS')) {
$prefix = $THEME_DIR;
} else {
$prefix = '';
}
$caption .= "<span class=\"thumb_caption\">" . '<img src="' . $prefix . 'images/rating' . round($row['pic_rating'] / 2000) . '.gif" alt=""/>' . '<br />' . sprintf($lang_get_pic_data['n_votes'], $row['votes']) . '</span>';
}
if (in_array('mtime', $must_have)) {
$caption .= "<span class=\"thumb_caption\">" . localised_date($row['mtime'], $lasthit_date_fmt);
if (GALLERY_ADMIN_MODE) {
$caption .= "<br/>" . $row['lasthit_ip'];
}
$caption .= '</span>';
}
$rowset[$key]['caption_text'] = $caption;
}
$rowset = CPGPluginAPI::filter('thumb_caption', $rowset);
}
/**
* build_caption()
*
* @param array $rowset by reference
* @param array $must_have
**/
function build_caption(&$rowset, $must_have = array(), $mode = 'files')
{
global $CONFIG, $THEME_DIR, $lang_date, $lang_get_pic_data, $cpg_udb;
foreach ($rowset as $key => $row) {
$caption = '';
if ($CONFIG['display_filename']) {
$caption .= '<span class="thumb_filename">' . $row['filename'] . '</span>';
}
if (!empty($row['title'])) {
$caption .= '<span class="thumb_title thumb_title_title">' . $row['title'] . '</span>';
}
if ($CONFIG['views_in_thumbview'] || in_array('hits', $must_have)) {
$views = $mode == 'albums' ? $row['alb_hits'] : $row['hits'];
$caption .= '<span class="thumb_title thumb_title_views">' . sprintf($lang_get_pic_data['n_views'], $views) . '</span>';
}
if ($CONFIG['caption_in_thumbview'] && !empty($row['caption'])) {
$caption .= '<span class="thumb_caption thumb_caption_caption">' . strip_tags(bb_decode($row['caption'])) . '</span>';
}
if ($CONFIG['display_comment_count'] && $row['pid']) {
$comments_nr = count_pic_comments($row['pid']);
if ($comments_nr > 0) {
$caption .= '<span class="thumb_num_comments">' . sprintf($lang_get_pic_data['n_comments'], $comments_nr) . '</span>';
}
}
if ($CONFIG['display_uploader']) {
if ($row['owner_id']) {
$caption .= '<span class="thumb_title thumb_title_owner"><a href="profile.php?uid=' . $row['owner_id'] . '">' . $cpg_udb->get_user_name($row['owner_id']) . '</a></span>';
}
}
if (in_array('msg_date', $must_have)) {
$caption .= '<span class="thumb_caption thumb_caption_msg_date">' . localised_date($row['msg_date'], $lang_date['lastcom']) . '</span>';
}
if (in_array('msg_body', $must_have)) {
$msg_body = strip_tags(bb_decode($row['msg_body']));
// I didn't want to fully bb_decode the message where report to admin isn't available. -donnoman
$msg_body = utf_strlen($msg_body) > 50 ? utf_substr($msg_body, 0, 50) . '...' : $msg_body;
if ($CONFIG['enable_smilies']) {
$msg_body = process_smilies($msg_body);
}
if ($row['author_id']) {
$caption .= '<span class="thumb_caption thumb_caption_author"><a href="profile.php?uid=' . $row['author_id'] . '">' . $row['msg_author'] . '</a>: ' . $msg_body . '</span>';
} else {
$caption .= '<span class="thumb_caption thumb_caption_author">' . $row['msg_author'] . ': ' . $msg_body . '</span>';
}
}
if (in_array('ctime', $must_have)) {
$caption .= '<span class="thumb_caption thumb_caption_ctime">' . localised_date($row['ctime'], $lang_date['lastup']) . '</span>';
}
if (in_array('pic_rating', $must_have)) {
if (defined('THEME_HAS_RATING_GRAPHICS')) {
$prefix = $THEME_DIR;
} else {
$prefix = '';
}
//calculate required amount of stars in picinfo
$rating = round($row['pic_rating'] / 2000 / (5 / $CONFIG['rating_stars_amount']));
$rating_images = '';
for ($i = 1; $i <= $CONFIG['rating_stars_amount']; $i++) {
if ($i <= $rating) {
$rating_images .= '<img src="' . $prefix . 'images/rate_full.png" alt="' . $rating . '"/>';
} else {
$rating_images .= '<img src="' . $prefix . 'images/rate_empty.png" alt="' . $rating . '"/>';
}
}
$caption .= '<span class="thumb_caption thumb_caption_rating">' . $rating_images . '<br />' . sprintf($lang_get_pic_data['n_votes'], $row['votes']) . '</span>';
}
if (in_array('mtime', $must_have)) {
$caption .= '<span class="thumb_caption thumb_caption_mtime">' . localised_date($row['mtime'], $lang_date['lasthit']);
if (GALLERY_ADMIN_MODE) {
$caption .= '<br />' . $row['lasthit_ip'];
}
$caption .= '</span>';
}
$rowset[$key]['caption_text'] = $caption;
}
$rowset = CPGPluginAPI::filter('thumb_caption', $rowset);
}
function atom10()
{
global $CONFIG, $result, $base, $gallery_name, $CURRENT_CAT_NAME, $album, $album_name, $pic_data;
$superCage = Inspekt::makeSuperCage();
// Decide what kind of title to be shown
if ((int) $album) {
$title = " | Album: {$album_name}";
} elseif ($superCage->get->testInt('cat')) {
$title = " | Category: {$CURRENT_CAT_NAME}";
} elseif ($album) {
$title = ' | ' . strip_tags($album_name);
}
print "<?xml version=\"1.0\" encoding=\"{$CONFIG['charset']}\"?>\n";
print "<feed xmlns=\"http://www.w3.org/2005/Atom\">\n";
print "<title>{$gallery_name}{$title}</title>\n";
print "<link href=\"{$base}\" />\n";
print "<updated>" . rfc3339date(time()) . "</updated>\n";
print "<author><name>Admin</name></author>\n";
print "<id>{$base}/</id>\n";
print "<generator uri=\"http://coppermine-gallery.net/\" version=\"1.0\">Coppermine Atom Aggregator</generator>\n";
print "<link rel=\"self\" type=\"application/atom+xml\" href=\"{$base}" . $_SERVER["PHP_SELF"] . "?type=atom\" />\n\n";
foreach ($pic_data as $row) {
print "\t<entry>\n";
print "\t\t<title> {$row['title']} </title>\n";
print "\t\t<link href=\"{$base}/displayimage.php?pid={$row['pid']}\" />\n";
print "\t\t<id>{$base}/displayimage.php?pid={$row['pid']}</id>\n";
print "\t\t<updated>" . rfc3339date($row['ctime']) . "</updated>\n";
print "\t\t<content type=\"html\">\n";
echo htmlspecialchars("<p><a href=\"{$base}/displayimage.php?pid={$row['pid']}\"><img src=\"{$base}/" . get_pic_url($row, 'thumb') . "\" alt=\"{$row['filename']}\" /></a></p>", ENT_COMPAT, $CONFIG['charset']);
echo htmlspecialchars("<p>" . bb_decode($row['caption']) . " </p>", ENT_COMPAT, $CONFIG['charset']);
echo htmlspecialchars("<p>" . bb_decode($row['keywords']) . "</p>", ENT_COMPAT, $CONFIG['charset']);
if (isset($row['msg_body']) && !empty($row['msg_body'])) {
// We have comment for the photo. Must be lastcom metaalbum feed. Display the comment
echo htmlspecialchars("<p><b>Comment:</b> (<i>" . date('Y-m-d H:m:s', $row['msg_date']) . "</i>) - {$row['msg_author']}</p>", ENT_COMPAT, $CONFIG['charset']);
if ($CONFIG['enable_smilies']) {
include_once "include/smilies.inc.php";
$row['msg_body'] = process_smilies($row['msg_body']);
}
echo htmlspecialchars("<p>" . bb_decode($row['msg_body']) . " </p>", ENT_COMPAT, $CONFIG['charset']);
}
print "\n\t\t</content>\n";
print "\t</entry>\n";
print "\n";
}
print "</feed>";
}
function fix_displayimage()
{
// no specifics for Thumbnail page today.
if (!defined("DISPLAYIMAGE_PHP")) {
return;
}
global $CONFIG, $film_strip;
global $CURRENT_PIC_DATA, $CURRENT_ALBUM_DATA, $comments, $picture, $votes, $pic_info, $template_display_media, $THEME_DIR;
global $saved_template_image_comments, $saved_template_add_your_comment, $lang_display_comments, $lang_contest, $template_image_rating;
if (!array_key_exists('aid', $CURRENT_ALBUM_DATA)) {
return;
}
//checks if current album is a contest - not extracted in displayimage.php
$result = cpg_db_query("SELECT contest FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$CURRENT_ALBUM_DATA['aid']}'");
if ($row = mysql_fetch_row($result)) {
$CURRENT_ALBUM_DATA['contest'] = $row[0];
} else {
return;
}
// display the votes as a voting page.
if ($CURRENT_ALBUM_DATA['votes'] != 'YES' && $CURRENT_ALBUM_DATA['contest'] == 'YES') {
if (!defined('MAX_RATING')) {
define('MAX_RATING', 5);
}
$title = $lang_contest['result'];
$votetext = $CURRENT_PIC_DATA['votes'] ? sprintf($lang_contest['evaluation'], round($CURRENT_PIC_DATA['pic_rating'] / 2000, 1), MAX_RATING, $CURRENT_PIC_DATA['votes']) : $lang_rate_pic['no_votes'];
$votes = $template_image_rating;
$pattern = "#(<a href)(.*?)(</a>)#s";
if (preg_match_all($pattern, $votes, $matches)) {
foreach ($matches[0] as $key => $match) {
if (preg_match("rating", $match)) {
$votes = ereg_replace(preg_quote($match), "", $votes);
}
}
}
$votes = ereg_replace("{VOTES}", $votetext, $votes);
$votes = ereg_replace("{TITLE}", $title, $votes);
$votes = ereg_replace("{LOCATION}", $THEME_DIR, $votes);
if (preg_match("<!-- BEGIN rating_boxes -->", $votes)) {
template_extract_block($votes, 'rating_boxes', '');
}
}
//to be used only for contests in progress
if ($CURRENT_ALBUM_DATA['votes'] == 'YES' && $CURRENT_ALBUM_DATA['contest'] == 'YES') {
// do not display pic infos,owner names, captions
$pic_info = "";
$pattern = "#(<!-- BEGIN img_desc -->)(.*?)(<!-- END img_desc -->)#s";
if (preg_match($pattern, $picture, $matches)) {
$picture = str_replace($matches[0], $matches[1] . $matches[3], $picture);
}
//findout which image has already been noted by user in the contest and show them with a square in the film strip
$myvotes = array();
$query = "SELECT concat(filepath,'{$CONFIG['thumb_pfx']}',filename) FROM `{$CONFIG['TABLE_PREFIX']}user_votes` AS T1, `{$CONFIG['TABLE_PREFIX']}pictures` AS T2 WHERE T1.pid=T2.pid AND user_id = " . USER_ID;
$result = cpg_db_query($query);
while ($row = mysql_fetch_row($result)) {
$myvotes[] = $row[0];
}
$pattern = "#(<img )(.*?albums.*?)(\" border=\"0\")(.*?)(/>)#s";
if (preg_match_all($pattern, $film_strip, $matches)) {
foreach ($matches[0] as $key => $match) {
foreach ($myvotes as $v) {
if (strpos($match, $v) !== FALSE) {
$matches[3][$key] = " style=\"border:1pix;border-color:grey;\"";
break;
}
}
$film_strip = ereg_replace(preg_quote($match), $matches[1][$key] . $matches[2][$key] . $matches[3][$key] . $matches[4][$key] . $matches[5][$key], $film_strip);
}
$film_strip = ereg_replace("class=\"image\"", "", $film_strip);
}
//removes alt and title from film_strip
$pattern = "#(alt=\")(.*?)(\")#s";
if (preg_match_all($pattern, $film_strip, $matches)) {
foreach ($matches[0] as $key => $match) {
$film_strip = ereg_replace(preg_quote($match), "", $film_strip);
}
}
$pattern = "#(title=\")(.*?)(\")#s";
if (preg_match_all($pattern, $film_strip, $matches)) {
foreach ($matches[0] as $key => $match) {
$film_strip = ereg_replace(preg_quote($match), "", $film_strip);
}
}
//and try to set a border on current vote
$result = cpg_db_query("SELECT rating FROM `{$CONFIG['TABLE_PREFIX']}user_votes` WHERE pid = {$CURRENT_PIC_DATA['pid']} AND user_id = " . USER_ID);
if ($row = mysql_fetch_row($result)) {
$pattern = "#(<img.*?rating{$row[0]}.*?)(border=\"0\")(.*?/>)#s";
if (preg_match($pattern, $votes, $matches)) {
$votes = ereg_replace(preg_quote($matches[0]), $matches[1] . "border=\"2\"" . $matches[3], $votes);
}
}
// find if user can vote (not own image) and if can vote verifies that the voting block is not hidden
if ($CURRENT_PIC_DATA['owner_id'] == USER_ID || !USER_CAN_RATE_PICTURES) {
//<a href="javascript:location.href='./ratepic.php?pic=22&rate=1'" title="Beurk"><img src="themes/alphadxd/images/rating1.gif" border="0" alt="Beurk" /></a>
$pattern = "#(<a href.*?ratepic.*?\\>)(.*?)(</a>)#s";
if (preg_match_all($pattern, $votes, $matches)) {
foreach ($matches[0] as $key => $match) {
$votes = ereg_replace(preg_quote($match), $matches[2][$key], $votes);
}
}
} else {
$votes = ereg_replace(preg_quote("display: none;"), "", $votes);
}
// only display current user's comments in a contest
if ($CURRENT_ALBUM_DATA['comments'] != 'YES') {
return;
}
$comments = '';
$pid = $CURRENT_PIC_DATA['pid'];
if (!$CONFIG['enable_smilies']) {
$tmpl_comment_edit_box = template_extract_block($saved_template_image_comments, 'edit_box_no_smilies', '{EDIT}');
template_extract_block($saved_template_image_comments, 'edit_box_smilies');
template_extract_block($saved_template_add_your_comment, 'input_box_smilies');
} else {
$tmpl_comment_edit_box = template_extract_block($saved_template_image_comments, 'edit_box_smilies', '{EDIT}');
template_extract_block($saved_template_image_comments, 'edit_box_no_smilies');
template_extract_block($saved_template_add_your_comment, 'input_box_no_smilies');
}
$tmpl_comments_buttons = template_extract_block($saved_template_image_comments, 'buttons', '{BUTTONS}');
template_extract_block($saved_template_image_comments, 'ipinfo', '');
//suppressed by PL
template_extract_block($saved_template_image_comments, 'report_comment_button');
// won't report on own comment, would we?
$newpostok = true;
$query = "SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}' AND msg_author='" . USER_NAME . "' ORDER BY msg_id DESC LIMIT 1";
$result = cpg_db_query($query);
if ($row = mysql_fetch_array($result)) {
$user_can_edit = true;
$comment_buttons = $tmpl_comments_buttons;
$comment_edit_box = $tmpl_comment_edit_box;
if ($CONFIG['enable_smilies']) {
$comment_body = process_smilies(make_clickable($row['msg_body']));
$smilies = generate_smilies("f{$row['msg_id']}", 'msg_body');
} else {
$comment_body = make_clickable($row['msg_body']);
$smilies = '';
}
$params = array('{EDIT}' => &$tmpl_comment_edit_box, '{BUTTONS}' => &$tmpl_comments_buttons);
$template = template_eval($saved_template_image_comments, $params);
$params = array('{MSG_AUTHOR}' => stripslashes($row['msg_author']), '{MSG_ID}' => $row['msg_id'], '{PID}' => $row['pid'], '{EDIT_TITLE}' => &$lang_display_comments['edit_title'], '{CONFIRM_DELETE}' => &$lang_display_comments['confirm_delete'], '{MSG_DATE}' => localised_date($row['msg_date'], '%d %B %Y'), '{MSG_BODY}' => bb_decode($comment_body), '{MSG_BODY_RAW}' => $row['msg_body'], '{OK}' => &$lang_display_comments['OK'], '{SMILIES}' => $smilies, '{REPORT_COMMENT_TITLE}' => &$lang_display_comments['report_comment_title'], '{WIDTH}' => $CONFIG['picture_table_width']);
$comments .= template_eval($template, $params);
$newpostok = false;
// only 1 comment per author
}
if (USER_ID == $CURRENT_PIC_DATA['owner_id'] || USER_ID == 0) {
$newpostok = false;
}
if ($newpostok) {
$user_name_input = '<tr><td><input type="hidden" name="msg_author" value="' . stripslashes(USER_NAME) . '" /></td>';
template_extract_block($saved_template_add_your_comment, 'user_name_input', $user_name_input);
$user_name = '';
$params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'], '{NAME}' => $lang_display_comments['name'], '{COMMENT}' => "", '{PIC_ID}' => $pid, '{USER_NAME}' => $user_name, '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'], '{OK}' => $lang_display_comments['OK'], '{SMILIES}' => '', '{WIDTH}' => $CONFIG['picture_table_width']);
if ($CONFIG['enable_smilies']) {
$params['{SMILIES}'] = generate_smilies();
} else {
template_extract_block($saved_template_add_your_comment, 'smilies');
}
$comments .= template_eval($saved_template_add_your_comment, $params);
}
}
}
if ($CONFIG['log_mode'] != 0) {
log_write("Sending an ecard failed (sender name: {$sender_name}, sender email address: {$sender_email}, recipient name: {$recipient_name}, recipient email address: {$recipient_email}, IP: {$raw_ip}", CPG_MAIL_LOG);
}
cpg_die(ERROR, $lang_ecard_php['send_failed'], __FILE__, __LINE__);
}
}
} elseif ($superCage->post->keyExists('preview')) {
if ($CONFIG['make_intermediate'] && max($row['pwidth'], $row['pheight']) > $CONFIG['picture_width']) {
$n_picname = get_pic_url($row, 'normal');
} else {
$n_picname = get_pic_url($row, 'fullsize');
}
if (!stristr($n_picname, 'http:')) {
$n_picname = $gallery_url_prefix . $n_picname;
}
$msg_content = process_smilies($message, $gallery_url_prefix);
$data = array('sn' => $superCage->post->noTags('sender_name'), 'se' => $sender_email, 'p' => $n_picname, 'g' => $greetings, 'm' => $message, 'pid' => $pid, 'pt' => $pic_title, 'pc' => $pic_caption);
$encoded_data = urlencode(base64_encode(serialize($data)));
$params = array('{LANG_DIR}' => $lang_text_dir, '{TITLE}' => sprintf($lang_ecard_php['ecard_title'], $sender_name), '{CHARSET}' => $CONFIG['charset'] == 'language file' ? $lang_charset : $CONFIG['charset'], '{VIEW_ECARD_TGT}' => "{$gallery_url_prefix}displayecard.php?data={$encoded_data}", '{VIEW_ECARD_LNK}' => $lang_ecard_php['preview_view_ecard'], '{PIC_URL}' => $n_picname, '{URL_PREFIX}' => $gallery_url_prefix, '{GREETINGS}' => $greetings, '{MESSAGE}' => bb_decode($msg_content), '{SENDER_EMAIL}' => $sender_email, '{SENDER_NAME}' => $sender_name, '{VIEW_MORE_TGT}' => $CONFIG['ecards_more_pic_target'], '{VIEW_MORE_LNK}' => $lang_ecard_php['view_more_pics'], '{PID}' => $pid, '{PIC_TITLE}' => $pic_title, '{PIC_CAPTION}' => bb_decode($pic_caption), '{PIC_MARKUP}' => $pic_markup);
$eccontent = template_eval($template_ecard, $params);
if (preg_match('#<body[^>]*>(.*)</body>#s', $eccontent, $matches)) {
$eccontent = $matches[1];
}
starttable('100%', $icon_array['preview_table'] . $lang_ecard_php['preview']);
echo '<tr><td>';
echo $eccontent;
echo '</td></tr>';
endtable();
echo '<br />';
}
if ($CONFIG['show_bbcode_help']) {
EOT;
$sort_codes = array('name_a' => 'msg_author ASC', 'name_d' => 'msg_author DESC', 'date_a' => 'msg_id ASC', 'date_d' => 'msg_id DESC', 'comment_a' => 'msg_body ASC', 'comment_d' => 'msg_body DESC', 'file_a' => 'pid ASC', 'file_d' => 'pid DESC');
$sort = !isset($_GET['sort']) || !isset($sort_codes[$_GET['sort']]) ? 'date_d' : $_GET['sort'];
$result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, {$CONFIG['TABLE_COMMENTS']}.pid as pid, aid, filepath, filename, url_prefix, pwidth, pheight FROM {$CONFIG['TABLE_COMMENTS']}, {$CONFIG['TABLE_PICTURES']} WHERE {$CONFIG['TABLE_COMMENTS']}.pid = {$CONFIG['TABLE_PICTURES']}.pid ORDER BY {$sort_codes[$sort]} LIMIT {$start}, {$count}");
$rowcounter = 0;
while ($row = mysql_fetch_array($result)) {
$thumb_url = get_pic_url($row, 'thumb');
if (!is_image($row['filename'])) {
$image_info = getimagesize($thumb_url);
$row['pwidth'] = $image_info[0];
$row['pheight'] = $image_info[1];
}
$image_size = compute_img_size($row['pwidth'], $row['pheight'], $CONFIG['alb_list_thumb_size']);
$thumb_link = 'displayimage.php?pos=' . -$row['pid'];
$msg_date = localised_date($row['msg_date'], $comment_date_fmt);
$msg_body = bb_decode(process_smilies($row['msg_body']));
$rowcounter++;
if ($rowcounter >= 2) {
//let the row colors alternate, for now they are the same
$rowcounter = 0;
$tableclass = 'tableb';
// change to "tableh2_compact" or similar for alternation
} else {
$tableclass = 'tableb';
}
// build a link to the author's profile if applicable
if ($row['author_id'] != 0) {
$profile_link_start = '<a href="profile.php?uid=' . $row['author_id'] . '">';
$profile_link_end = '</a>';
} else {
$profile_link_start = '';
$sql = "SELECT filepath, filename, url_prefix, pwidth, pheight, msg_author, UNIX_TIMESTAMP(msg_date) as msg_date, msg_body " . "FROM {$CONFIG['TABLE_COMMENTS']} AS c, {$CONFIG['TABLE_PICTURES']} AS p " . "WHERE msg_id='" . $lastcom_id . "' AND c.pid = p.pid";
$result = cpg_db_query($sql);
if (mysql_num_rows($result)) {
$row = mysql_fetch_array($result);
mysql_free_result($result);
$pic_url = get_pic_url($row, 'thumb');
if (!is_image($row['filename'])) {
$image_info = getimagesize(urldecode($pic_url));
$row['pwidth'] = $image_info[0];
$row['pheight'] = $image_info[1];
}
$image_size = compute_img_size($row['pwidth'], $row['pheight'], $CONFIG['thumb_width']);
$mime_content = cpg_get_type($row['filename']);
$lastcom = '<img src="' . $pic_url . '" class="image"' . $image_size['geom'] . ' border="0" alt="" />';
$lastcom = '<td width="50%" valign="top" align="center">' . '<a href="thumbnails.php?album=lastcomby&uid=' . $uid . '">' . '<span class="thumb_title">' . $lang_register_php['last_comments'] . ' ' . $user_data['user_name'] . '<br /></span>' . $lastcom . '</a><br />';
$lastcom .= "<span class=\"thumb_caption\">" . localised_date($row['msg_date'], $lastcom_date_fmt) . '</span>' . "<span class=\"thumb_caption\">" . bb_decode(process_smilies($row['msg_body'])) . '</span></td>';
}
}
$user_thumb = '';
if ($picture_count) {
$sql = "SELECT filepath, filename, url_prefix, pwidth, pheight " . "FROM {$CONFIG['TABLE_PICTURES']} " . "WHERE pid='" . $thumb_pid . "'";
$result = cpg_db_query($sql);
if (mysql_num_rows($result)) {
$picture = mysql_fetch_array($result);
mysql_free_result($result);
$pic_url = get_pic_url($picture, 'thumb');
if (!is_image($picture['filename'])) {
$image_info = getimagesize(urldecode($pic_url));
$picture['pwidth'] = $image_info[0];
$picture['pheight'] = $image_info[1];
}
