function select($name)
{
$this->sheets = trigger_change('tabsheet_before_select', $this->sheets, $this->uniqid);
if (!array_key_exists($name, $this->sheets)) {
$keys = array_keys($this->sheets);
$name = $keys[0];
}
$this->selected = $name;
}
/**
* checks the validity of input parameters, fills $page['errors'] and
* $page['infos'] and send an email with confirmation link
*
* @return bool (true if email was sent, false otherwise)
*/
function process_password_request()
{
global $page, $conf;
if (empty($_POST['username_or_email'])) {
$page['errors'][] = l10n('Invalid username or email');
return false;
}
$user_id = get_userid_by_email($_POST['username_or_email']);
if (!is_numeric($user_id)) {
$user_id = get_userid($_POST['username_or_email']);
}
if (!is_numeric($user_id)) {
$page['errors'][] = l10n('Invalid username or email');
return false;
}
$userdata = getuserdata($user_id, false);
// password request is not possible for guest/generic users
$status = $userdata['status'];
if (is_a_guest($status) or is_generic($status)) {
$page['errors'][] = l10n('Password reset is not allowed for this user');
return false;
}
if (empty($userdata['email'])) {
$page['errors'][] = l10n('User "%s" has no email address, password reset is not possible', $userdata['username']);
return false;
}
$activation_key = generate_key(20);
list($expire) = pwg_db_fetch_row(pwg_query('SELECT ADDDATE(NOW(), INTERVAL 1 HOUR)'));
single_update(USER_INFOS_TABLE, array('activation_key' => pwg_password_hash($activation_key), 'activation_key_expire' => $expire), array('user_id' => $user_id));
$userdata['activation_key'] = $activation_key;
set_make_full_url();
$message = l10n('Someone requested that the password be reset for the following user account:') . "\r\n\r\n";
$message .= l10n('Username "%s" on gallery %s', $userdata['username'], get_gallery_home_url());
$message .= "\r\n\r\n";
$message .= l10n('To reset your password, visit the following address:') . "\r\n";
$message .= get_gallery_home_url() . '/password.php?key=' . $activation_key . '-' . urlencode($userdata['email']);
$message .= "\r\n\r\n";
$message .= l10n('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n";
unset_make_full_url();
$message = trigger_change('render_lost_password_mail_content', $message);
$email_params = array('subject' => '[' . $conf['gallery_title'] . '] ' . l10n('Password Reset'), 'content' => $message, 'email_format' => 'text/plain');
if (pwg_mail($userdata['email'], $email_params)) {
$page['infos'][] = l10n('Check your email for the confirmation link');
return true;
} else {
$page['errors'][] = l10n('Error sending email');
return false;
}
}
ON u.' . $conf['user_fields']['id'] . ' = author_id
WHERE ' . implode(' AND ', $where_clauses) . '
ORDER BY date DESC
LIMIT ' . $conf['guestbook']['nb_comment_page'] . ' OFFSET ' . $page['start'] . '
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
if (!empty($row['author'])) {
$author = $row['author'];
if ($author == 'guest') {
$author = l10n('guest');
}
} else {
$author = stripslashes($row['username']);
}
$tpl_comment = array('ID' => $row['id'], 'AUTHOR' => trigger_change('render_comment_author', $author), 'DATE' => format_date($row['date'], true), 'CONTENT' => trigger_change('render_comment_content', $row['content'], 'guestbook'), 'WEBSITE' => $row['website']);
if ($conf['guestbook']['activate_rating']) {
$tpl_comment['STARS'] = get_stars($row['rate'], get_root_url() . GUESTBOOK_PATH . 'template/jquery.raty/');
}
if (is_admin() and !empty($row['email'])) {
$tpl_comment['EMAIL'] = $row['email'];
}
if (can_manage_comment('delete', $row['author_id'])) {
$tpl_comment['U_DELETE'] = add_url_params($url_self, array('action' => 'delete_comment', 'comment_to_delete' => $row['id'], 'pwg_token' => get_pwg_token()));
}
if (can_manage_comment('edit', $row['author_id'])) {
$tpl_comment['U_EDIT'] = add_url_params($url_self, array('action' => 'edit_comment', 'comment_to_edit' => $row['id']));
if (isset($edit_comment) and $row['id'] == $edit_comment) {
$tpl_comment['IN_EDIT'] = true;
$tpl_comment['KEY'] = get_ephemeral_key(2);
$tpl_comment['CONTENT'] = $row['content'];
$tags_string = '';
if (isset($line['tag_ids'])) {
$tags_string = preg_replace_callback('/(\\d+)/', create_function('$m', 'global $name_of_tag; return isset($name_of_tag[$m[1]]) ? $name_of_tag[$m[1]] : $m[1];'), str_replace(',', ', ', $line['tag_ids']));
}
$image_string = '';
if (isset($line['image_id'])) {
$picture_url = make_picture_url(array('image_id' => $line['image_id']));
if (isset($image_infos[$line['image_id']])) {
$element = array('id' => $line['image_id'], 'file' => $image_infos[$line['image_id']]['file'], 'path' => $image_infos[$line['image_id']]['path'], 'representative_ext' => $image_infos[$line['image_id']]['representative_ext']);
$thumbnail_display = $page['search']['fields']['display_thumbnail'];
} else {
$thumbnail_display = 'no_display_thumbnail';
}
$image_title = '(' . $line['image_id'] . ')';
if (isset($image_infos[$line['image_id']]['label'])) {
$image_title .= ' ' . trigger_change('render_element_description', $image_infos[$line['image_id']]['label']);
} else {
$image_title .= ' unknown filename';
}
$image_string = '';
switch ($thumbnail_display) {
case 'no_display_thumbnail':
$image_string = '<a href="' . $picture_url . '">' . $image_title . '</a>';
break;
case 'display_thumbnail_classic':
$image_string = '<a class="thumbnail" href="' . $picture_url . '">' . '<span><img src="' . DerivativeImage::thumb_url($element) . '" alt="' . $image_title . '" title="' . $image_title . '">' . '</span></a>';
break;
case 'display_thumbnail_hoverbox':
$image_string = '<a class="over" href="' . $picture_url . '">' . '<span><img src="' . DerivativeImage::thumb_url($element) . '" alt="' . $image_title . '" title="' . $image_title . '">' . '</span>' . $image_title . '</a>';
break;
}
/**
* Sends an email, using Piwigo specific informations.
*
* @param string|array $to
* @param array $args
* o from: sender [default value webmaster email]
* o Cc: array of carbon copy receivers of the mail. [default value empty]
* o Bcc: array of blind carbon copy receivers of the mail. [default value empty]
* o subject [default value 'Piwigo']
* o content: content of mail [default value '']
* o content_format: format of mail content [default value 'text/plain']
* o email_format: global mail format [default value $conf_mail['default_email_format']]
* o theme: theme to use [default value $conf_mail['mail_theme']]
* o mail_title: main title of the mail [default value $conf['gallery_title']]
* o mail_subtitle: subtitle of the mail [default value subject]
* @param array $tpl - use these options to define a custom content template file
* o filename
* o dirname (optional)
* o assign (optional)
*
* @return boolean
*/
function pwg_mail($to, $args = array(), $tpl = array())
{
global $conf, $conf_mail, $lang_info, $page;
if (empty($to) and empty($args['Cc']) and empty($args['Bcc'])) {
return true;
}
if (!isset($conf_mail)) {
$conf_mail = get_mail_configuration();
}
include_once PHPWG_ROOT_PATH . 'include/phpmailer/class.phpmailer.php';
$mail = new PHPMailer();
foreach (get_clean_recipients_list($to) as $recipient) {
$mail->addAddress($recipient['email'], $recipient['name']);
}
$mail->WordWrap = 76;
$mail->CharSet = 'UTF-8';
// Compute root_path in order have complete path
set_make_full_url();
if (empty($args['from'])) {
$from = array('email' => $conf_mail['email_webmaster'], 'name' => $conf_mail['name_webmaster']);
} else {
$from = unformat_email($args['from']);
}
$mail->setFrom($from['email'], $from['name']);
$mail->addReplyTo($from['email'], $from['name']);
// Subject
if (empty($args['subject'])) {
$args['subject'] = 'Piwigo';
}
$args['subject'] = trim(preg_replace('#[\\n\\r]+#s', '', $args['subject']));
$mail->Subject = $args['subject'];
// Cc
if (!empty($args['Cc'])) {
foreach (get_clean_recipients_list($args['Cc']) as $recipient) {
$mail->addCC($recipient['email'], $recipient['name']);
}
}
// Bcc
$Bcc = get_clean_recipients_list(@$args['Bcc']);
if ($conf_mail['send_bcc_mail_webmaster']) {
$Bcc[] = array('email' => get_webmaster_mail_address(), 'name' => '');
}
if (!empty($Bcc)) {
foreach ($Bcc as $recipient) {
$mail->addBCC($recipient['email'], $recipient['name']);
}
}
// theme
if (empty($args['theme']) or !in_array($args['theme'], array('clear', 'dark'))) {
$args['theme'] = $conf_mail['mail_theme'];
}
// content
if (!isset($args['content'])) {
$args['content'] = '';
}
// try to decompose subject like "[....] ...."
if (!isset($args['mail_title']) and !isset($args['mail_subtitle'])) {
if (preg_match('#^\\[(.*)\\](.*)$#', $args['subject'], $matches)) {
$args['mail_title'] = $matches[1];
$args['mail_subtitle'] = $matches[2];
}
}
if (!isset($args['mail_title'])) {
$args['mail_title'] = $conf['gallery_title'];
}
if (!isset($args['mail_subtitle'])) {
$args['mail_subtitle'] = $args['subject'];
}
// content type
if (empty($args['content_format'])) {
$args['content_format'] = 'text/plain';
}
$content_type_list = array();
if ($conf_mail['mail_allow_html'] and @$args['email_format'] != 'text/plain') {
$content_type_list[] = 'text/html';
}
$content_type_list[] = 'text/plain';
$contents = array();
foreach ($content_type_list as $content_type) {
// key compose of indexes witch allow to cache mail data
$cache_key = $content_type . '-' . $lang_info['code'];
if (!isset($conf_mail[$cache_key])) {
// instanciate a new Template
if (!isset($conf_mail[$cache_key]['theme'])) {
$conf_mail[$cache_key]['theme'] = get_mail_template($content_type);
trigger_notify('before_parse_mail_template', $cache_key, $content_type);
}
$template =& $conf_mail[$cache_key]['theme'];
$template->set_filename('mail_header', 'header.tpl');
$template->set_filename('mail_footer', 'footer.tpl');
$template->assign(array('GALLERY_URL' => get_gallery_home_url(), 'GALLERY_TITLE' => isset($page['gallery_title']) ? $page['gallery_title'] : $conf['gallery_title'], 'VERSION' => $conf['show_version'] ? PHPWG_VERSION : '', 'PHPWG_URL' => defined('PHPWG_URL') ? PHPWG_URL : '', 'CONTENT_ENCODING' => get_pwg_charset(), 'CONTACT_MAIL' => $conf_mail['email_webmaster']));
if ($content_type == 'text/html') {
if ($template->smarty->templateExists('global-mail-css.tpl')) {
$template->set_filename('global-css', 'global-mail-css.tpl');
$template->assign_var_from_handle('GLOBAL_MAIL_CSS', 'global-css');
}
if ($template->smarty->templateExists('mail-css-' . $args['theme'] . '.tpl')) {
$template->set_filename('css', 'mail-css-' . $args['theme'] . '.tpl');
$template->assign_var_from_handle('MAIL_CSS', 'css');
}
}
}
$template =& $conf_mail[$cache_key]['theme'];
$template->assign(array('MAIL_TITLE' => $args['mail_title'], 'MAIL_SUBTITLE' => $args['mail_subtitle']));
// Header
$contents[$content_type] = $template->parse('mail_header', true);
// Content
// Stored in a temp variable, if a content template is used it will be assigned
// to the $CONTENT template variable, otherwise it will be appened to the mail
if ($args['content_format'] == 'text/plain' and $content_type == 'text/html') {
// convert plain text to html
$mail_content = '<p>' . nl2br(preg_replace('/(https?:\\/\\/([-\\w\\.]+[-\\w])+(:\\d+)?(\\/([\\w\\/_\\.\\#-]*(\\?\\S+)?[^\\.\\s])?)?)/i', '<a href="$1">$1</a>', htmlspecialchars($args['content']))) . '</p>';
} else {
if ($args['content_format'] == 'text/html' and $content_type == 'text/plain') {
// convert html text to plain text
$mail_content = strip_tags($args['content']);
} else {
$mail_content = $args['content'];
}
}
// Runtime template
if (isset($tpl['filename'])) {
if (isset($tpl['dirname'])) {
$template->set_template_dir($tpl['dirname'] . '/' . $content_type);
}
if ($template->smarty->templateExists($tpl['filename'] . '.tpl')) {
$template->set_filename($tpl['filename'], $tpl['filename'] . '.tpl');
if (!empty($tpl['assign'])) {
$template->assign($tpl['assign']);
}
$template->assign('CONTENT', $mail_content);
$contents[$content_type] .= $template->parse($tpl['filename'], true);
} else {
$contents[$content_type] .= $mail_content;
}
} else {
$contents[$content_type] .= $mail_content;
}
// Footer
$contents[$content_type] .= $template->parse('mail_footer', true);
}
// Undo Compute root_path in order have complete path
unset_make_full_url();
// Send content to PHPMailer
if (isset($contents['text/html'])) {
$mail->isHTML(true);
$mail->Body = move_css_to_body($contents['text/html']);
if (isset($contents['text/plain'])) {
$mail->AltBody = $contents['text/plain'];
}
} else {
$mail->isHTML(false);
$mail->Body = $contents['text/plain'];
}
if ($conf_mail['use_smtp']) {
// now we need to split port number
if (strpos($conf_mail['smtp_host'], ':') !== false) {
list($smtp_host, $smtp_port) = explode(':', $conf_mail['smtp_host']);
} else {
$smtp_host = $conf_mail['smtp_host'];
$smtp_port = 25;
}
$mail->IsSMTP();
// enables SMTP debug information (for testing) 2 - debug, 0 - no message
$mail->SMTPDebug = 0;
$mail->Host = $smtp_host;
$mail->Port = $smtp_port;
if (!empty($conf_mail['smtp_secure']) and in_array($conf_mail['smtp_secure'], array('ssl', 'tls'))) {
$mail->SMTPSecure = $conf_mail['smtp_secure'];
}
if (!empty($conf_mail['smtp_user'])) {
$mail->SMTPAuth = true;
$mail->Username = $conf_mail['smtp_user'];
$mail->Password = $conf_mail['smtp_password'];
}
}
$ret = true;
$pre_result = trigger_change('before_send_mail', true, $to, $args, $mail);
if ($pre_result) {
$ret = $mail->send();
if (!$ret and (!ini_get('display_errors') or is_admin())) {
trigger_error('Mailer Error: ' . $mail->ErrorInfo, E_USER_WARNING);
}
if ($conf['debug_mail']) {
pwg_send_mail_test($ret, $mail, $args);
}
}
return $ret;
}
validated,
c.anonymous_id
FROM ' . COMMENTS_TABLE . ' AS c
INNER JOIN ' . IMAGES_TABLE . ' AS i
ON i.id = c.image_id
LEFT JOIN ' . USERS_TABLE . ' AS u
ON u.' . $conf['user_fields']['id'] . ' = c.author_id
WHERE ' . implode(' AND ', $where_clauses) . '
ORDER BY c.date DESC
LIMIT ' . $page['start'] . ', ' . $conf['comments_page_nb_comments'] . '
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
$thumb = DerivativeImage::thumb_url(array('id' => $row['image_id'], 'path' => $row['path']));
if (empty($row['author_id'])) {
$author_name = $row['author'];
} else {
$author_name = stripslashes($row['username']);
}
$template->append('comments', array('U_PICTURE' => get_root_url() . 'admin.php?page=photo-' . $row['image_id'], 'ID' => $row['id'], 'TN_SRC' => $thumb, 'AUTHOR' => trigger_change('render_comment_author', $author_name), 'DATE' => format_date($row['date'], array('day_name', 'day', 'month', 'year', 'time')), 'CONTENT' => trigger_change('render_comment_content', $row['content']), 'IS_PENDING' => 'false' == $row['validated'], 'IP' => $row['anonymous_id']));
$list[] = $row['id'];
}
// +-----------------------------------------------------------------------+
// | navigation bar |
// +-----------------------------------------------------------------------+
$navbar = create_navigation_bar(get_root_url() . 'admin.php' . get_query_string_diff(array('start')), 'pending' == $page['filter'] ? $nb_pending : $nb_total, $page['start'], $conf['comments_page_nb_comments']);
$template->assign('navbar', $navbar);
// +-----------------------------------------------------------------------+
// | sending html code |
// +-----------------------------------------------------------------------+
$template->assign_var_from_handle('ADMIN_CONTENT', 'comments');
function insert_user_comment_guestbook(&$comm, $key)
{
global $conf, $user, $page;
$comm = array_merge($comm, array('ip' => $_SERVER['REMOTE_ADDR'], 'agent' => $_SERVER['HTTP_USER_AGENT']));
if (!$conf['guestbook']['comments_validation'] or is_admin()) {
$comment_action = 'validate';
} else {
$comment_action = 'moderate';
}
// author
if (!is_classic_user()) {
if (empty($comm['author'])) {
$page['errors'][] = l10n('Please enter your username');
$comment_action = 'reject';
} else {
$comm['author_id'] = $conf['guest_id'];
// if a guest try to use the name of an already existing user,
// he must be rejected
$query = '
SELECT COUNT(*) AS user_exists
FROM ' . USERS_TABLE . '
WHERE ' . $conf['user_fields']['username'] . " = '" . addslashes($comm['author']) . "'\n;";
$row = pwg_db_fetch_assoc(pwg_query($query));
if ($row['user_exists'] == 1) {
$page['errors'][] = l10n('This login is already used by another user');
$comment_action = 'reject';
}
}
} else {
$comm['author'] = addslashes($user['username']);
$comm['author_id'] = $user['id'];
}
// content
if (empty($comm['content'])) {
$comment_action = 'reject';
}
// key
if (!verify_ephemeral_key(@$key)) {
$comment_action = 'reject';
$_POST['cr'][] = 'key';
}
// email
if (empty($comm['email']) and is_classic_user() and !empty($user['email'])) {
$comm['email'] = $user['email'];
} else {
if (empty($comm['email']) and $conf['comments_email_mandatory']) {
$page['errors'][] = l10n('mail address must be like xxx@yyy.eee (example : jack@altern.org)');
$comment_action = 'reject';
} else {
if (!empty($comm['email']) and !email_check_format($comm['email'])) {
$page['errors'][] = l10n('mail address must be like xxx@yyy.eee (example : jack@altern.org)');
$comment_action = 'reject';
}
}
}
// website
if (!empty($comm['website'])) {
$comm['website'] = strip_tags($comm['website']);
if (!preg_match('/^(https?:\\/\\/)/i', $comm['website'])) {
$comm['website'] = 'http://' . $comm['website'];
}
if (!url_check_format($comm['website'])) {
$page['errors'][] = l10n('invalid website address');
$comment_action = 'reject';
}
}
// anonymous id = ip address
$ip_components = explode('.', $_SERVER["REMOTE_ADDR"]);
if (count($ip_components) > 3) {
array_pop($ip_components);
}
$comm['anonymous_id'] = implode('.', $ip_components);
// comment validation and anti-spam
if ($comment_action != 'reject' and $conf['anti-flood_time'] > 0 and !is_admin()) {
$reference_date = pwg_db_get_flood_period_expression($conf['anti-flood_time']);
$query = '
SELECT COUNT(1) FROM ' . GUESTBOOK_TABLE . '
WHERE
date > ' . $reference_date . '
AND author_id = ' . $comm['author_id'];
if (!is_classic_user()) {
$query .= '
AND anonymous_id = "' . $comm['anonymous_id'] . '"';
}
$query .= '
;';
list($counter) = pwg_db_fetch_row(pwg_query($query));
if ($counter > 0) {
$page['errors'][] = l10n('Anti-flood system : please wait for a moment before trying to post another comment');
$comment_action = 'reject';
}
}
// perform more spam check
$comment_action = trigger_change('user_comment_check', $comment_action, $comm, 'guestbook');
if ($comment_action != 'reject') {
$query = '
INSERT INTO ' . GUESTBOOK_TABLE . '(
author,
author_id,
anonymous_id,
content,
date,
validated,
validation_date,
website,
rate,
email
)
VALUES (
\'' . $comm['author'] . '\',
' . $comm['author_id'] . ',
\'' . $comm['anonymous_id'] . '\',
\'' . $comm['content'] . '\',
NOW(),
\'' . ($comment_action == 'validate' ? 'true' : 'false') . '\',
' . ($comment_action == 'validate' ? 'NOW()' : 'NULL') . ',
' . (!empty($comm['website']) ? '\'' . $comm['website'] . '\'' : 'NULL') . ',
' . (!empty($comm['rate']) ? $comm['rate'] : 'NULL') . ',
' . (!empty($comm['email']) ? '\'' . $comm['email'] . '\'' : 'NULL') . '
)
';
pwg_query($query);
$comm['id'] = pwg_db_insert_id(GUESTBOOK_TABLE);
if ($conf['guestbook']['email_admin_on_comment'] and 'validate' == $comment_action or $conf['guestbook']['email_admin_on_comment_validation'] and 'moderate' == $comment_action) {
include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php';
$comment_url = add_url_params(GUESTBOOK_URL, array('comment_id' => $comm['id']));
$keyargs_content = array(get_l10n_args('Author: %s', stripslashes($comm['author'])), get_l10n_args('Comment: %s', stripslashes($comm['content'])), get_l10n_args('', ''), get_l10n_args('Manage this user comment: %s', $comment_url));
if ('moderate' == $comment_action) {
$keyargs_content[] = get_l10n_args('', '');
$keyargs_content[] = get_l10n_args('(!) This comment requires validation', '');
}
pwg_mail_notification_admins(get_l10n_args('Comment by %s', stripslashes($comm['author'])), $keyargs_content);
}
}
return $comment_action;
}
/**
* Invokes a registered method. Returns the return of the method (or
* a PwgError object if the method is not found)
* @param methodName string the name of the method to invoke
* @param params array array of parameters to pass to the invoked method
*/
function invoke($methodName, $params)
{
$method = @$this->_methods[$methodName];
if ($method == null) {
return new PwgError(WS_ERR_INVALID_METHOD, 'Method name is not valid');
}
if (isset($method['options']['post_only']) and $method['options']['post_only'] and !self::isPost()) {
return new PwgError(405, 'This method requires HTTP POST');
}
if (isset($method['options']['admin_only']) and $method['options']['admin_only'] and !is_admin()) {
return new PwgError(401, 'Access denied');
}
// parameter check and data correction
$signature = $method['signature'];
$missing_params = array();
foreach ($signature as $name => $options) {
$flags = $options['flags'];
// parameter not provided in the request
if (!array_key_exists($name, $params)) {
if (!self::hasFlag($flags, WS_PARAM_OPTIONAL)) {
$missing_params[] = $name;
} else {
if (array_key_exists('default', $options)) {
$params[$name] = $options['default'];
if (self::hasFlag($flags, WS_PARAM_FORCE_ARRAY)) {
self::makeArrayParam($params[$name]);
}
}
}
} else {
if ($params[$name] === '' and !self::hasFlag($flags, WS_PARAM_OPTIONAL)) {
$missing_params[] = $name;
} else {
$the_param = $params[$name];
if (is_array($the_param) and !self::hasFlag($flags, WS_PARAM_ACCEPT_ARRAY)) {
return new PwgError(WS_ERR_INVALID_PARAM, $name . ' must be scalar');
}
if (self::hasFlag($flags, WS_PARAM_FORCE_ARRAY)) {
self::makeArrayParam($the_param);
}
if ($options['type'] > 0) {
if (($ret = self::checkType($the_param, $options['type'], $name)) !== null) {
return $ret;
}
}
if (isset($options['maxValue']) and $the_param > $options['maxValue']) {
$the_param = $options['maxValue'];
}
$params[$name] = $the_param;
}
}
}
if (count($missing_params)) {
return new PwgError(WS_ERR_MISSING_PARAM, 'Missing parameters: ' . implode(',', $missing_params));
}
$result = trigger_change('ws_invoke_allowed', true, $methodName, $params);
if (strtolower(@get_class($result)) != 'pwgerror') {
if (!empty($method['include'])) {
include_once $method['include'];
}
$result = call_user_func_array($method['callback'], array($params, &$this));
}
return $result;
}
/**
* @see get_quick_search_results but without result caching
*/
function get_quick_search_results_no_cache($q, $options)
{
global $conf;
$q = trim(stripslashes($q));
$search_results = array('items' => array(), 'qs' => array('q' => $q));
$q = trigger_change('qsearch_pre', $q);
$scopes = array();
$scopes[] = new QSearchScope('tag', array('tags'));
$scopes[] = new QSearchScope('photo', array('photos'));
$scopes[] = new QSearchScope('file', array('filename'));
$scopes[] = new QSearchScope('author', array(), true);
$scopes[] = new QNumericRangeScope('width', array());
$scopes[] = new QNumericRangeScope('height', array());
$scopes[] = new QNumericRangeScope('ratio', array(), false, 0.001);
$scopes[] = new QNumericRangeScope('size', array());
$scopes[] = new QNumericRangeScope('filesize', array());
$scopes[] = new QNumericRangeScope('hits', array('hit', 'visit', 'visits'));
$scopes[] = new QNumericRangeScope('score', array('rating'), true);
$scopes[] = new QNumericRangeScope('id', array());
$createdDateAliases = array('taken', 'shot');
$postedDateAliases = array('added');
if ($conf['calendar_datefield'] == 'date_creation') {
$createdDateAliases[] = 'date';
} else {
$postedDateAliases[] = 'date';
}
$scopes[] = new QDateRangeScope('created', $createdDateAliases, true);
$scopes[] = new QDateRangeScope('posted', $postedDateAliases);
// allow plugins to add their own scopes
$scopes = trigger_change('qsearch_get_scopes', $scopes);
$expression = new QExpression($q, $scopes);
// get inflections for terms
$inflector = null;
$lang_code = substr(get_default_language(), 0, 2);
@(include_once PHPWG_ROOT_PATH . 'include/inflectors/' . $lang_code . '.php');
$class_name = 'Inflector_' . $lang_code;
if (class_exists($class_name)) {
$inflector = new $class_name();
foreach ($expression->stokens as $token) {
if (isset($token->scope) && !$token->scope->is_text) {
continue;
}
if (strlen($token->term) > 2 && ($token->modifier & (QST_QUOTED | QST_WILDCARD)) == 0 && strcspn($token->term, '\'0123456789') == strlen($token->term)) {
$token->variants = array_unique(array_diff($inflector->get_variants($token->term), array($token->term)));
}
}
}
trigger_notify('qsearch_expression_parsed', $expression);
//var_export($expression);
if (count($expression->stokens) == 0) {
return $search_results;
}
$qsr = new QResults();
qsearch_get_tags($expression, $qsr);
qsearch_get_images($expression, $qsr);
// allow plugins to evaluate their own scopes
trigger_notify('qsearch_before_eval', $expression, $qsr);
$ids = qsearch_eval($expression, $qsr, $tmp, $search_results['qs']['unmatched_terms']);
$debug[] = "<!--\nparsed: " . $expression;
$debug[] = count($expression->stokens) . ' tokens';
for ($i = 0; $i < count($expression->stokens); $i++) {
$debug[] = $expression->stokens[$i] . ': ' . count($qsr->tag_ids[$i]) . ' tags, ' . count($qsr->tag_iids[$i]) . ' tiids, ' . count($qsr->images_iids[$i]) . ' iiids, ' . count($qsr->iids[$i]) . ' iids' . ' modifier:' . dechex($expression->stoken_modifiers[$i]) . (!empty($expression->stokens[$i]->variants) ? ' variants: ' . implode(', ', $expression->stokens[$i]->variants) : '');
}
$debug[] = 'before perms ' . count($ids);
$search_results['qs']['matching_tags'] = $qsr->all_tags;
$search_results = trigger_change('qsearch_results', $search_results, $expression, $qsr);
global $template;
if (empty($ids)) {
$debug[] = '-->';
$template->append('footer_elements', implode("\n", $debug));
return $search_results;
}
$permissions = !isset($options['permissions']) ? true : $options['permissions'];
$where_clauses = array();
$where_clauses[] = 'i.id IN (' . implode(',', $ids) . ')';
if (!empty($options['images_where'])) {
$where_clauses[] = '(' . $options['images_where'] . ')';
}
if ($permissions) {
$where_clauses[] = get_sql_condition_FandF(array('forbidden_categories' => 'category_id', 'forbidden_images' => 'i.id'), null, true);
}
$query = '
SELECT DISTINCT(id) FROM ' . IMAGES_TABLE . ' i';
if ($permissions) {
$query .= '
INNER JOIN ' . IMAGE_CATEGORY_TABLE . ' AS ic ON id = ic.image_id';
}
$query .= '
WHERE ' . implode("\n AND ", $where_clauses) . "\n" . $conf['order_by'];
$ids = query2array($query, null, 'id');
$debug[] = count($ids) . ' final photo count -->';
$template->append('footer_elements', implode("\n", $debug));
$search_results['items'] = $ids;
return $search_results;
}
break;
default:
break;
}
// +-----------------------------------------------------------------------+
// | template init |
// +-----------------------------------------------------------------------+
$template->set_filenames(array('maintenance' => 'maintenance.tpl'));
$url_format = get_root_url() . 'admin.php?page=maintenance&action=%s&pwg_token=' . get_pwg_token();
$purge_urls[l10n('All')] = sprintf($url_format, 'derivatives') . '&type=all';
foreach (ImageStdParams::get_defined_type_map() as $params) {
$purge_urls[l10n($params->type)] = sprintf($url_format, 'derivatives') . '&type=' . $params->type;
}
$purge_urls[l10n(IMG_CUSTOM)] = sprintf($url_format, 'derivatives') . '&type=' . IMG_CUSTOM;
$template->assign(array('U_MAINT_CATEGORIES' => sprintf($url_format, 'categories'), 'U_MAINT_IMAGES' => sprintf($url_format, 'images'), 'U_MAINT_ORPHAN_TAGS' => sprintf($url_format, 'delete_orphan_tags'), 'U_MAINT_USER_CACHE' => sprintf($url_format, 'user_cache'), 'U_MAINT_HISTORY_DETAIL' => sprintf($url_format, 'history_detail'), 'U_MAINT_HISTORY_SUMMARY' => sprintf($url_format, 'history_summary'), 'U_MAINT_SESSIONS' => sprintf($url_format, 'sessions'), 'U_MAINT_FEEDS' => sprintf($url_format, 'feeds'), 'U_MAINT_DATABASE' => sprintf($url_format, 'database'), 'U_MAINT_C13Y' => sprintf($url_format, 'c13y'), 'U_MAINT_SEARCH' => sprintf($url_format, 'search'), 'U_MAINT_COMPILED_TEMPLATES' => sprintf($url_format, 'compiled-templates'), 'U_MAINT_DERIVATIVES' => sprintf($url_format, 'derivatives'), 'purge_derivatives' => $purge_urls, 'U_HELP' => get_root_url() . 'admin/popuphelp.php?page=maintenance'));
if ($conf['gallery_locked']) {
$template->assign(array('U_MAINT_UNLOCK_GALLERY' => sprintf($url_format, 'unlock_gallery')));
} else {
$template->assign(array('U_MAINT_LOCK_GALLERY' => sprintf($url_format, 'lock_gallery')));
}
// +-----------------------------------------------------------------------+
// | Define advanced features |
// +-----------------------------------------------------------------------+
$advanced_features = array();
//$advanced_features is array of array composed of CAPTION & URL
$advanced_features = trigger_change('get_admin_advanced_features_links', $advanced_features);
$template->assign('advanced_features', $advanced_features);
// +-----------------------------------------------------------------------+
// | sending html code |
// +-----------------------------------------------------------------------+
$template->assign_var_from_handle('ADMIN_CONTENT', 'maintenance');
/**
* Process a CSS file.
*
* @param string $css file content
* @param string $file
* @param string $header CSS directives that must appear first in
* the minified file.
* @return string
*/
private static function process_css($css, $file, &$header)
{
$css = self::process_css_rec($css, dirname($file), $header);
if (strpos($file, '.min') === false and version_compare(PHP_VERSION, '5.2.4', '>=')) {
require_once PHPWG_ROOT_PATH . 'include/cssmin.class.php';
$css = CssMin::minify($css, array('Variables' => false));
}
$css = trigger_change('combined_css_postfilter', $css);
return $css;
}
// In case of incompatibility, the session stored image_order is removed.
if ($orders[$image_order_id][2]) {
$conf['order_by'] = str_replace('ORDER BY ', 'ORDER BY ' . $orders[$image_order_id][1] . ',', $conf['order_by']);
$page['super_order_by'] = true;
} else {
pwg_unset_session_var('image_order');
$page['super_order_by'] = false;
}
}
$forbidden = get_sql_condition_FandF(array('forbidden_categories' => 'category_id', 'visible_categories' => 'category_id', 'visible_images' => 'id'), 'AND');
// +-----------------------------------------------------------------------+
// | category |
// +-----------------------------------------------------------------------+
if ('categories' == $page['section']) {
if (isset($page['category'])) {
$page = array_merge($page, array('comment' => trigger_change('render_category_description', $page['category']['comment'], 'main_page_category_description'), 'title' => get_cat_display_name($page['category']['upper_names'], '', false)));
} else {
$page['title'] = '';
// will be set later
}
// GET IMAGES LIST
if ($page['startcat'] == 0 and !isset($page['chronology_field']) and (isset($page['category']) or isset($page['flat']))) {
if (!empty($page['category']['image_order']) and !isset($page['super_order_by'])) {
$conf['order_by'] = ' ORDER BY ' . $page['category']['image_order'];
}
// flat categories mode
if (isset($page['flat'])) {
// get all allowed sub-categories
if (isset($page['category'])) {
$query = '
SELECT id
ON c.id=i.storage_category_id
WHERE c.site_id IS NOT NULL
GROUP BY c.site_id
;';
$sites_detail = hash_from_query($query, 'site_id');
$query = '
SELECT *
FROM ' . SITES_TABLE . '
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
$is_remote = url_is_remote($row['galleries_url']);
$base_url = PHPWG_ROOT_PATH . 'admin.php';
$base_url .= '?page=site_manager';
$base_url .= '&site=' . $row['id'];
$base_url .= '&pwg_token=' . get_pwg_token();
$base_url .= '&action=';
$update_url = PHPWG_ROOT_PATH . 'admin.php';
$update_url .= '?page=site_update';
$update_url .= '&site=' . $row['id'];
$tpl_var = array('NAME' => $row['galleries_url'], 'TYPE' => l10n($is_remote ? 'Remote' : 'Local'), 'CATEGORIES' => (int) @$sites_detail[$row['id']]['nb_categories'], 'IMAGES' => (int) @$sites_detail[$row['id']]['nb_images'], 'U_SYNCHRONIZE' => $update_url);
if ($row['id'] != 1) {
$tpl_var['U_DELETE'] = $base_url . 'delete';
}
$plugin_links = array();
//$plugin_links is array of array composed of U_HREF, U_HINT & U_CAPTION
$plugin_links = trigger_change('get_admins_site_links', $plugin_links, $row['id'], $is_remote);
$tpl_var['plugin_links'] = $plugin_links;
$template->append('sites', $tpl_var);
}
$template->assign_var_from_handle('ADMIN_CONTENT', 'site_manager');
is empty find child representative_picture_id */
if (!empty($category['representative_picture_id'])) {
$img = array();
$query = '
SELECT id, file, path, representative_ext
FROM ' . IMAGES_TABLE . '
WHERE id = ' . $category['representative_picture_id'] . '
;';
$result = pwg_query($query);
if (pwg_db_num_rows($result) > 0) {
$element = pwg_db_fetch_assoc($result);
$img = array('link' => make_picture_url(array('image_id' => $element['id'], 'image_file' => $element['file'], 'category' => $category)), 'src' => DerivativeImage::url(IMG_THUMB, $element));
}
}
$args = array('subject' => l10n('[%s] Visit album %s', $conf['gallery_title'], trigger_change('render_category_name', $category['name'], 'admin_cat_list')));
$tpl = array('filename' => 'cat_group_info', 'assign' => array('IMG' => $img, 'CAT_NAME' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'), 'LINK' => make_index_url(array('category' => array('id' => $category['id'], 'name' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'), 'permalink' => $category['permalink']))), 'CPL_CONTENT' => empty($_POST['mail_content']) ? '' : stripslashes($_POST['mail_content'])));
if ('users' == $_POST['who'] and isset($_POST['users']) and count($_POST['users']) > 0) {
check_input_parameter('users', $_POST, true, PATTERN_ID);
// TODO code very similar to function pwg_mail_group. We'd better create
// a function pwg_mail_users that could be called from here and from
// pwg_mail_group
// TODO to make checks even better, we should check that theses users
// have access to this album. No real privacy issue here, even if we
// send the email to a user without permission.
$query = '
SELECT
ui.user_id,
ui.status,
ui.language,
u.' . $conf['user_fields']['email'] . ' AS email,
u.' . $conf['user_fields']['username'] . ' AS username
FROM ' . CADDIE_TABLE . '
WHERE user_id = ' . $user['id'] . '
;';
list($nb_photos_in_caddie) = pwg_db_fetch_row(pwg_query($query));
if ($nb_photos_in_caddie > 0) {
$template->assign(array('NB_PHOTOS_IN_CADDIE' => $nb_photos_in_caddie, 'U_CADDIE' => $link_start . 'batch_manager&filter=prefilter-caddie'));
}
// any orphan photo?
$nb_orphans = count(get_orphans());
if ($nb_orphans > 0) {
$template->assign(array('NB_ORPHANS' => $nb_orphans, 'U_ORPHANS' => $link_start . 'batch_manager&filter=prefilter-no_album'));
}
// +-----------------------------------------------------------------------+
// | Plugin menu |
// +-----------------------------------------------------------------------+
$plugin_menu_links = trigger_change('get_admin_plugin_menu_links', array());
function UC_name_compare($a, $b)
{
return strcmp(strtolower($a['NAME']), strtolower($b['NAME']));
}
usort($plugin_menu_links, 'UC_name_compare');
$template->assign('plugin_menu_items', $plugin_menu_links);
// +-----------------------------------------------------------------------+
// | Refresh permissions |
// +-----------------------------------------------------------------------+
// Only for pages witch change permissions
if (in_array($page['page'], array('site_manager', 'site_update')) or !empty($_POST) and in_array($page['page'], array('album', 'cat_move', 'cat_options', 'user_list', 'user_perm'))) {
invalidate_user_cache();
}
// +-----------------------------------------------------------------------+
// | Include specific page |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
//
// Start output of page
//
$template->set_filenames(array('header' => 'header.tpl'));
trigger_notify('loc_begin_page_header');
$template->assign(array('GALLERY_TITLE' => isset($page['gallery_title']) ? $page['gallery_title'] : $conf['gallery_title'], 'PAGE_BANNER' => trigger_change('render_page_banner', str_replace('%gallery_title%', $conf['gallery_title'], isset($page['page_banner']) ? $page['page_banner'] : $conf['page_banner'])), 'BODY_ID' => isset($page['body_id']) ? $page['body_id'] : '', 'CONTENT_ENCODING' => get_pwg_charset(), 'PAGE_TITLE' => strip_tags($title), 'U_HOME' => get_gallery_home_url(), 'LEVEL_SEPARATOR' => $conf['level_separator']));
// Header notes
if (!empty($header_notes)) {
$template->assign('header_notes', $header_notes);
}
// No referencing is required
if (!$conf['meta_ref']) {
$page['meta_robots']['noindex'] = 1;
$page['meta_robots']['nofollow'] = 1;
}
if (!empty($page['meta_robots'])) {
$template->append('head_elements', '<meta name="robots" content="' . implode(',', array_keys($page['meta_robots'])) . '">');
}
if (!isset($page['meta_robots']['noindex'])) {
$template->assign('meta_ref', 1);
}
$data = array();
$data['id'] = $_GET['image_id'];
$data['name'] = $_POST['name'];
$data['author'] = $_POST['author'];
$data['level'] = $_POST['level'];
if ($conf['allow_html_descriptions']) {
$data['comment'] = @$_POST['description'];
} else {
$data['comment'] = strip_tags(@$_POST['description']);
}
if (!empty($_POST['date_creation'])) {
$data['date_creation'] = $_POST['date_creation'];
} else {
$data['date_creation'] = null;
}
$data = trigger_change('picture_modify_before_update', $data);
single_update(IMAGES_TABLE, $data, array('id' => $data['id']));
// time to deal with tags
$tag_ids = array();
if (!empty($_POST['tags'])) {
$tag_ids = get_tag_ids($_POST['tags']);
}
set_tags($tag_ids, $_GET['image_id']);
// association to albums
if (!isset($_POST['associate'])) {
$_POST['associate'] = array();
}
check_input_parameter('associate', $_POST, true, PATTERN_ID);
move_images_to_categories(array($_GET['image_id']), $_POST['associate']);
invalidate_user_cache();
// thumbnail for albums
$query = '
SELECT id, name, permalink
FROM ' . CATEGORIES_TABLE . '
WHERE id IN (' . implode(',', $ids) . ')';
$cat_map = hash_from_query($query, 'id');
foreach ($related_categories as $category) {
$cats = array();
foreach (explode(',', $category['uppercats']) as $id) {
$cats[] = $cat_map[$id];
}
$template->append('related_categories', get_cat_display_name($cats));
}
}
// maybe someone wants a special display (call it before page_header so that
// they can add stylesheets)
$element_content = trigger_change('render_element_content', '', $picture['current']);
$template->assign('ELEMENT_CONTENT', $element_content);
if (isset($picture['next']) and $picture['next']['src_image']->is_original() and $template->get_template_vars('U_PREFETCH') == null and strpos(@$_SERVER['HTTP_USER_AGENT'], 'Chrome/') === false) {
$template->assign('U_PREFETCH', $picture['next']['derivatives'][pwg_get_session_var('picture_deriv', $conf['derivative_default_size'])]->get_url());
}
$template->assign('U_CANONICAL', make_picture_url(array('image_id' => $picture['current']['id'], 'image_file' => $picture['current']['file'])));
// +-----------------------------------------------------------------------+
// | sub pages |
// +-----------------------------------------------------------------------+
include PHPWG_ROOT_PATH . 'include/picture_rate.inc.php';
if ($conf['activate_comments']) {
include PHPWG_ROOT_PATH . 'include/picture_comment.inc.php';
}
if ($metadata_showable and pwg_get_session_var('show_metadata') != null) {
include PHPWG_ROOT_PATH . 'include/picture_metadata.inc.php';
}
/**
* Assign a template var useable with {html_options} from a list of categories
*
* @param array[] $categories (at least id,name,global_rank,uppercats for each)
* @param int[] $selected ids of selected items
* @param string $blockname variable name in template
* @param bool $fullname full breadcrumb or not
*/
function display_select_categories($categories, $selecteds, $blockname, $fullname = true)
{
global $template;
$tpl_cats = array();
foreach ($categories as $category) {
if ($fullname) {
$option = strip_tags(get_cat_display_name_cache($category['uppercats'], null));
} else {
$option = str_repeat(' ', 3 * substr_count($category['global_rank'], '.'));
$option .= '- ';
$option .= strip_tags(trigger_change('render_category_name', $category['name'], 'display_select_categories'));
}
$tpl_cats[$category['id']] = $option;
}
$template->assign($blockname, $tpl_cats);
$template->assign($blockname . '_selected', $selecteds);
}
/**
* @return string
*/
function get_url()
{
if ($this->params == null) {
return $this->src_image->get_url();
}
return embellish_url(trigger_change('get_derivative_url', get_root_url() . $this->rel_url, $this->params, $this->src_image, $this->rel_url));
}
/**
* returns informations from EXIF metadata, mapping is done in this function.
*
* @param string $filename
* @param array $map
* @return array
*/
function get_exif_data($filename, $map)
{
global $conf;
$result = array();
if (!function_exists('read_exif_data')) {
die('Exif extension not available, admin should disable exif use');
}
// Read EXIF data
if ($exif = @read_exif_data($filename) or $exif2 = trigger_change('format_exif_data', $exif = null, $filename, $map)) {
if (!empty($exif2)) {
$exif = $exif2;
} else {
$exif = trigger_change('format_exif_data', $exif, $filename, $map);
}
// configured fields
foreach ($map as $key => $field) {
if (strpos($field, ';') === false) {
if (isset($exif[$field])) {
$result[$key] = $exif[$field];
}
} else {
$tokens = explode(';', $field);
if (isset($exif[$tokens[0]][$tokens[1]])) {
$result[$key] = $exif[$tokens[0]][$tokens[1]];
}
}
}
// GPS data
$gps_exif = array_intersect_key($exif, array_flip(array('GPSLatitudeRef', 'GPSLatitude', 'GPSLongitudeRef', 'GPSLongitude')));
if (count($gps_exif) == 4) {
if (is_array($gps_exif['GPSLatitude']) and in_array($gps_exif['GPSLatitudeRef'], array('S', 'N')) and is_array($gps_exif['GPSLongitude']) and in_array($gps_exif['GPSLongitudeRef'], array('W', 'E'))) {
$result['latitude'] = parse_exif_gps_data($gps_exif['GPSLatitude'], $gps_exif['GPSLatitudeRef']);
$result['longitude'] = parse_exif_gps_data($gps_exif['GPSLongitude'], $gps_exif['GPSLongitudeRef']);
}
}
}
if (!$conf['allow_html_in_metadata']) {
foreach ($result as $key => $value) {
// in case the origin of the photo is unsecure (user upload), we remove
// HTML tags to avoid XSS (malicious execution of javascript)
$result[$key] = strip_tags($value);
}
}
return $result;
}
/**
* API method
* Moves a category
* @param mixed[] $params
* @option string|int[] category_id
* @option int parent
* @option string pwg_token
*/
function ws_categories_move($params, &$service)
{
global $page;
if (get_pwg_token() != $params['pwg_token']) {
return new PwgError(403, 'Invalid security token');
}
if (!is_array($params['category_id'])) {
$params['category_id'] = preg_split('/[\\s,;\\|]/', $params['category_id'], -1, PREG_SPLIT_NO_EMPTY);
}
$params['category_id'] = array_map('intval', $params['category_id']);
$category_ids = array();
foreach ($params['category_id'] as $category_id) {
if ($category_id > 0) {
$category_ids[] = $category_id;
}
}
if (count($category_ids) == 0) {
return new PwgError(403, 'Invalid category_id input parameter, no category to move');
}
// we can't move physical categories
$categories_in_db = array();
$query = '
SELECT id, name, dir
FROM ' . CATEGORIES_TABLE . '
WHERE id IN (' . implode(',', $category_ids) . ')
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
$categories_in_db[$row['id']] = $row;
// we break on error at first physical category detected
if (!empty($row['dir'])) {
$row['name'] = strip_tags(trigger_change('render_category_name', $row['name'], 'ws_categories_move'));
return new PwgError(403, sprintf('Category %s (%u) is not a virtual category, you cannot move it', $row['name'], $row['id']));
}
}
if (count($categories_in_db) != count($category_ids)) {
$unknown_category_ids = array_diff($category_ids, array_keys($categories_in_db));
return new PwgError(403, sprintf('Category %u does not exist', $unknown_category_ids[0]));
}
// does this parent exists? This check should be made in the
// move_categories function, not here
// 0 as parent means "move categories at gallery root"
if (0 != $params['parent']) {
$subcat_ids = get_subcat_ids(array($params['parent']));
if (count($subcat_ids) == 0) {
return new PwgError(403, 'Unknown parent category id');
}
}
$page['infos'] = array();
$page['errors'] = array();
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
move_categories($category_ids, $params['parent']);
invalidate_user_cache();
if (count($page['errors']) != 0) {
return new PwgError(403, implode('; ', $page['errors']));
}
}
/**
* Returns webmaster mail address depending on $conf['webmaster_id']
*
* @return string
*/
function get_webmaster_mail_address()
{
global $conf;
$query = '
SELECT ' . $conf['user_fields']['email'] . '
FROM ' . USERS_TABLE . '
WHERE ' . $conf['user_fields']['id'] . ' = ' . $conf['webmaster_id'] . '
;';
list($email) = pwg_db_fetch_row(pwg_query($query));
$email = trigger_change('get_webmaster_mail_address', $email);
return $email;
}
/**
* Get tags list from SQL query (ids are surrounded by ~~, for get_tag_ids()).
*
* @param string $query
* @param boolean $only_user_language - if true, only local name is returned for
* multilingual tags (if ExtendedDescription plugin is active)
* @return array[] ('id', 'name')
*/
function get_taglist($query, $only_user_language = true)
{
$result = pwg_query($query);
$taglist = array();
$altlist = array();
while ($row = pwg_db_fetch_assoc($result)) {
$raw_name = $row['name'];
$name = trigger_change('render_tag_name', $raw_name, $row);
$taglist[] = array('name' => $name, 'id' => '~~' . $row['id'] . '~~');
if (!$only_user_language) {
$alt_names = trigger_change('get_tag_alt_names', array(), $raw_name);
foreach (array_diff(array_unique($alt_names), array($name)) as $alt) {
$altlist[] = array('name' => $alt, 'id' => '~~' . $row['id'] . '~~');
}
}
}
usort($taglist, 'tag_alpha_compare');
if (count($altlist)) {
usort($altlist, 'tag_alpha_compare');
$taglist = array_merge($taglist, $altlist);
}
return $taglist;
}
/**
* Return a list of tags corresponding to given items.
*
* @param int[] $items
* @param int $max_tags
* @param int[] $excluded_tag_ids
* @return array [id, name, counter, url_name]
*/
function get_common_tags($items, $max_tags, $excluded_tag_ids = array())
{
if (empty($items)) {
return array();
}
$query = '
SELECT t.*, count(*) AS counter
FROM ' . IMAGE_TAG_TABLE . '
INNER JOIN ' . TAGS_TABLE . ' t ON tag_id = id
WHERE image_id IN (' . implode(',', $items) . ')';
if (!empty($excluded_tag_ids)) {
$query .= '
AND tag_id NOT IN (' . implode(',', $excluded_tag_ids) . ')';
}
$query .= '
GROUP BY t.id
ORDER BY ';
if ($max_tags > 0) {
// TODO : why ORDER field is in the if ?
$query .= 'counter DESC
LIMIT ' . $max_tags;
} else {
$query .= 'NULL';
}
$result = pwg_query($query);
$tags = array();
while ($row = pwg_db_fetch_assoc($result)) {
$row['name'] = trigger_change('render_tag_name', $row['name'], $row);
$tags[] = $row;
}
usort($tags, 'tag_alpha_compare');
return $tags;
}
/**
* Add info to the title of the thumbnail based on photo properties.
*
* @param array $info hit, rating_score, nb_comments
* @param string $title
* @param string $comment
* @return string
*/
function get_thumbnail_title($info, $title, $comment = '')
{
global $conf, $user;
$details = array();
if (!empty($info['hit'])) {
$details[] = $info['hit'] . ' ' . strtolower(l10n('Visits'));
}
if ($conf['rate'] and !empty($info['rating_score'])) {
$details[] = strtolower(l10n('Rating score')) . ' ' . $info['rating_score'];
}
if (isset($info['nb_comments']) and $info['nb_comments'] != 0) {
$details[] = l10n_dec('%d comment', '%d comments', $info['nb_comments']);
}
if (count($details) > 0) {
$title .= ' (' . implode(', ', $details) . ')';
}
if (!empty($comment)) {
$comment = strip_tags($comment);
$title .= ' ' . substr($comment, 0, 100) . (strlen($comment) > 100 ? '...' : '');
}
$title = htmlspecialchars(strip_tags($title));
$title = trigger_change('get_thumbnail_title', $title, $info);
return $title;
}
/**
* Tries to login a user given username and password (must be MySql escaped).
*
* @param string $username
* @param string $password
* @param bool $remember_me
* @return bool
*/
function try_log_user($username, $password, $remember_me)
{
return trigger_change('try_log_user', false, $username, $password, $remember_me);
}
$representative_infos = $infos_of_image[$category['representative_picture_id']];
$tpl_var = array_merge($category, array('ID' => $category['id'], 'representative' => $representative_infos, 'TN_ALT' => strip_tags($category['name']), 'URL' => make_index_url(array('category' => $category)), 'CAPTION_NB_IMAGES' => get_display_images_count($category['nb_images'], $category['count_images'], $category['count_categories'], true, '<br>'), 'DESCRIPTION' => trigger_change('render_category_literal_description', trigger_change('render_category_description', @$category['comment'], 'subcatify_category_description')), 'NAME' => $name));
if ($conf['index_new_icon']) {
$tpl_var['icon_ts'] = get_icon($category['max_date_last'], $category['is_child_date_last']);
}
if ($conf['display_fromto']) {
if (isset($dates_of_category[$category['id']])) {
$from = $dates_of_category[$category['id']]['from'];
$to = $dates_of_category[$category['id']]['to'];
if (!empty($from)) {
$tpl_var['INFO_DATES'] = format_fromto($from, $to);
}
}
}
$tpl_thumbnails_var[] = $tpl_var;
}
// pagination
$page['total_categories'] = count($tpl_thumbnails_var);
$tpl_thumbnails_var_selection = array_slice($tpl_thumbnails_var, $page['startcat'], $conf['nb_categories_page']);
$derivative_params = trigger_change('get_index_album_derivative_params', ImageStdParams::get_by_type(IMG_THUMB));
$tpl_thumbnails_var_selection = trigger_change('loc_end_index_category_thumbnails', $tpl_thumbnails_var_selection);
$template->assign(array('maxRequests' => $conf['max_requests'], 'category_thumbnails' => $tpl_thumbnails_var_selection, 'derivative_params' => $derivative_params));
$template->assign_var_from_handle('CATEGORIES', 'index_category_thumbnails');
// navigation bar
$page['cats_navigation_bar'] = array();
if ($page['total_categories'] > $conf['nb_categories_page']) {
$page['cats_navigation_bar'] = create_navigation_bar(duplicate_index_url(array(), array('startcat')), $page['total_categories'], $page['startcat'], $conf['nb_categories_page'], true, 'startcat');
}
$template->assign('cats_navbar', $page['cats_navigation_bar']);
}
pwg_debug('end include/category_cats.inc.php');
}
$nb_sub_photos[$cat_id] = $nb_photos;
}
}
$template->assign('categories', array());
$base_url = get_root_url() . 'admin.php?page=';
if (isset($_GET['parent_id'])) {
$template->assign('PARENT_EDIT', $base_url . 'album-' . $_GET['parent_id']);
}
foreach ($categories as $category) {
$cat_list_url = $base_url . 'cat_list';
$self_url = $cat_list_url;
if (isset($_GET['parent_id'])) {
$self_url .= '&parent_id=' . $_GET['parent_id'];
}
$tpl_cat = array('NAME' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'), 'NB_PHOTOS' => isset($nb_photos_in[$category['id']]) ? $nb_photos_in[$category['id']] : 0, 'NB_SUB_PHOTOS' => isset($nb_sub_photos[$category['id']]) ? $nb_sub_photos[$category['id']] : 0, 'NB_SUB_ALBUMS' => isset($subcats_of[$category['id']]) ? count($subcats_of[$category['id']]) : 0, 'ID' => $category['id'], 'RANK' => $category['rank'] * 10, 'U_JUMPTO' => make_index_url(array('category' => $category)), 'U_CHILDREN' => $cat_list_url . '&parent_id=' . $category['id'], 'U_EDIT' => $base_url . 'album-' . $category['id'], 'IS_VIRTUAL' => empty($category['dir']));
if (empty($category['dir'])) {
$tpl_cat['U_DELETE'] = $self_url . '&delete=' . $category['id'];
$tpl_cat['U_DELETE'] .= '&pwg_token=' . get_pwg_token();
} else {
if ($conf['enable_synchronization']) {
$tpl_cat['U_SYNC'] = $base_url . 'site_update&site=1&cat_id=' . $category['id'];
}
}
$template->append('categories', $tpl_cat);
}
trigger_notify('loc_end_cat_list');
// +-----------------------------------------------------------------------+
// | sending html code |
// +-----------------------------------------------------------------------+
$template->assign_var_from_handle('ADMIN_CONTENT', 'categories');
$query = '
SELECT id
FROM ' . IMAGES_TABLE . '
WHERE ' . implode(' AND ', $where_clause) . '
' . $conf['order_by'];
$filter_sets[] = query2array($query, null, 'id');
}
if (isset($_SESSION['bulk_manager_filter']['search']) && strlen($_SESSION['bulk_manager_filter']['search']['q'])) {
include_once PHPWG_ROOT_PATH . 'include/functions_search.inc.php';
$res = get_quick_search_results_no_cache($_SESSION['bulk_manager_filter']['search']['q'], array('permissions' => false));
if (!empty($res['items']) && !empty($res['qs']['unmatched_terms'])) {
$template->assign('no_search_results', array_map('htmlspecialchars', $res['qs']['unmatched_terms']));
}
$filter_sets[] = $res['items'];
}
$filter_sets = trigger_change('batch_manager_perform_filters', $filter_sets, $_SESSION['bulk_manager_filter']);
$current_set = array_shift($filter_sets);
foreach ($filter_sets as $set) {
$current_set = array_intersect($current_set, $set);
}
$page['cat_elements_id'] = $current_set;
// +-----------------------------------------------------------------------+
// | first element to display |
// +-----------------------------------------------------------------------+
// $page['start'] contains the number of the first element in its
// category. For exampe, $page['start'] = 12 means we must show elements #12
// and $page['nb_images'] next elements
if (!isset($_REQUEST['start']) or !is_numeric($_REQUEST['start']) or $_REQUEST['start'] < 0 or isset($_REQUEST['display']) and 'all' == $_REQUEST['display']) {
$page['start'] = 0;
} else {
$page['start'] = $_REQUEST['start'];
