function html_picture_menu() { global $lang_display_image_php, $CURRENT_PIC_DATA, $CURRENT_ALBUM_DATA, $CONFIG; $mime_content = cpg_get_type($CURRENT_PIC_DATA['filename']); $picmenu = ''; if (false) { //(!($mime_content['content']=='image')) { $picmenu = <<<EOT <a href="#" onclick="return MM_openBrWindow('setplayer.php?={$mime_content['extension']}','Set_Player','scrollbars=no,toolbar=no,status=no,resizable=no')" class="admin_menu" >{$lang_display_image_php['set_player']}</a> EOT; } if (USER_ADMIN_MODE && $CURRENT_ALBUM_DATA['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $CURRENT_PIC_DATA['owner_id'] == USER_ID && USER_ID != 0 || GALLERY_ADMIN_MODE) { $picmenu .= <<<EOT <a href="javascript:;" onclick="return MM_openBrWindow('picEditor.php?id={$CURRENT_PIC_DATA['pid']}','Crop_Picture','scrollbars=yes,toolbar=no,status=yes,resizable=yes')" class="admin_menu" >{$lang_display_image_php['crop_pic']}</a> <a href="editOnePic.php?id={$CURRENT_PIC_DATA['pid']}&what=picture" class="admin_menu">{$lang_display_image_php['edit_pic']}</a> <a href="delete.php?id={$CURRENT_PIC_DATA['pid']}&what=picture" class="admin_menu" onclick="return confirm('{$lang_display_image_php['confirm_del']}'); return false; ">{$lang_display_image_php['del_pic']}</a> EOT; } return $picmenu; }
function LightBox_theme_html_picture($SlideShowhtml) { global $slideshow_pic_html, $LBmime_content, $CURRENT_PIC_DATA; $LBmime_content = cpg_get_type($SlideShowhtml['filename']); if ($LBmime_content['content'] == 'image') { if (preg_match('/^youtube_(.*)\\.jpg$/', $CURRENT_PIC_DATA['filename'], $ytmatches)) { $vid = $ytmatches[1]; $slideshow_pic_html = '<object width="560" height="350"><param name="movie" value="http://www.youtube.com/v/' . $vid . '"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/' . $vid . '" type="application/x-shockwave-flash" wmode="transparent" width="560" height="350"></embed></object><br />'; $SlideShowhtml['html'] = $slideshow_pic_html; } elseif (isset($image_size['reduced'])) { $slideshow_pic_html = lightbox_list($SlideShowhtml); $SlideShowhtml['html'] = $slideshow_pic_html; } else { $slideshow_pic_html = lightbox_list($SlideShowhtml); $SlideShowhtml['html'] = $slideshow_pic_html; // $pic_html = "<img src=\"" . $picture_url . "\" {$image_size['geom']} class=\"image\" border=\"0\" alt=\"\" /><br />\n"; } } //$slideshow_pic_html = lightbox_list($SlideShowhtml); //$SlideShowhtml['html'] = $slideshow_pic_html; return $SlideShowhtml; }
function process_post_data() { global $CONFIG, $mb_utf8_regex; global $lang_errors, $lang_editpics_php; $pid = (int) $_POST['id']; $aid = (int) $_POST['aid']; $pwidth = (int) $_POST['pwidth']; $pheight = (int) $_POST['pheight']; $title = $_POST['title']; $caption = $_POST['caption']; $keywords = $_POST['keywords']; $user1 = $_POST['user1']; $user2 = $_POST['user2']; $user3 = $_POST['user3']; $user4 = $_POST['user4']; $galleryicon = (int) $_POST['galleryicon']; $isgalleryicon = $galleryicon === $pid; // need to implement "Read EXIF info again" checkbox; comment out for now // $read_exif = isset($_POST['read_exif']); $reset_vcount = isset($_POST['reset_vcount']); $reset_votes = isset($_POST['reset_votes']); $del_comments = isset($_POST['del_comments']) || $delete; $result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} AS p, {$CONFIG['TABLE_ALBUMS']} AS a WHERE a.aid = p.aid AND pid = '{$pid}'"); if (!mysql_num_rows($result)) { cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $pic = mysql_fetch_array($result); mysql_free_result($result); if (!(GALLERY_ADMIN_MODE || $pic['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $pic['owner_id'] == USER_ID) || !USER_ID) { cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } $update = "aid = '" . $aid . "'"; if (is_movie($pic['filename'])) { $update .= ", pwidth = " . $pwidth; $update .= ", pheight = " . $pheight; } $update .= ", title = '" . addslashes($title) . "'"; $update .= ", caption = '" . addslashes($caption) . "'"; $update .= ", keywords = '" . addslashes($keywords) . "'"; $update .= ", user1 = '" . addslashes($user1) . "'"; $update .= ", user2 = '" . addslashes($user2) . "'"; $update .= ", user3 = '" . addslashes($user3) . "'"; $update .= ", user4 = '" . addslashes($user4) . "'"; if ($isgalleryicon && $pic['category'] > FIRST_USER_CAT) { $sql = 'update ' . $CONFIG['TABLE_PICTURES'] . ' set galleryicon=0 where owner_id=' . $pic['owner_id'] . ';'; cpg_db_query($sql); $update .= ", galleryicon = " . addslashes($galleryicon); } if ($reset_vcount) { $update .= ", hits = '0'"; resetDetailHits($pid); } if ($reset_votes) { $update .= ", pic_rating = '0', votes = '0'"; resetDetailVotes($pid); } if ($del_comments) { $query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'"; $result = cpg_db_query($query); } else { $query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid='{$pid}' LIMIT 1"; $result = cpg_db_query($query); } // rename a file if ($_POST['filename'] != $pic['filename']) { if ($CONFIG['thumb_use'] == 'ht' && $pic['pheight'] > $CONFIG['picture_width']) { $condition = true; } elseif ($CONFIG['thumb_use'] == 'wd' && $pic['pwidth'] > $CONFIG['picture_width']) { $condition = true; } elseif ($CONFIG['thumb_use'] == 'any' && max($pic['pwidth'], $pic['pheight']) > $CONFIG['picture_width']) { $condition = true; } else { $condition = false; } if ($CONFIG['make_intermediate'] && $condition) { $prefices = array('fullsize', 'normal', 'thumb'); } else { $prefices = array('fullsize', 'thumb'); } if (!is_image($pic['filename'])) { $prefices = array('fullsize'); } foreach ($prefices as $prefix) { $oldname = urldecode(get_pic_url($pic, $prefix)); $filename = replace_forbidden($_POST['filename']); $newname = str_replace($pic['filename'], $filename, $oldname); $old_mime = cpg_get_type($oldname); $new_mime = cpg_get_type($newname); if ($old_mime['mime'] != $new_mime['mime'] && isset($new_mime['mime'])) { cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['mime_conv'], $old_mime['mime'], $new_mime['mime']), __FILE__, __LINE__); } if (!is_known_filetype($newname)) { cpg_die(CRITICAL_ERROR, $lang_editpics_php['forb_ext'], __FILE__, __LINE__); } if (file_exists($newname)) { cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['file_exists'], $newname), __FILE__, __LINE__); } if (!file_exists($oldname)) { cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['src_file_missing'], $oldname), __FILE__, __LINE__); } if (rename($oldname, $newname)) { cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET filename = '{$filename}' WHERE pid = '{$pid}' LIMIT 1"); } else { cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['rename_failed'], $oldname, $newname), __FILE__, __LINE__); } } } }
function theme_display_fullsize_pic() { global $CONFIG, $THEME_DIR, $FORBIDDEN_SET, $LINEBREAK, $pid; global $lang_errors, $lang_fullsize_popup, $lang_charset; $superCage = Inspekt::makeSuperCage(); if (!USER_ID && $CONFIG['allow_unlogged_access'] <= 2) { printf($lang_errors['login_needed'], '', '', '', ''); die; } elseif (USER_ID && USER_ACCESS_LEVEL <= 2) { printf($lang_errors['access_intermediate_only'], '', '', '', ''); die; } if ($superCage->get->keyExists('picfile')) { if (!GALLERY_ADMIN_MODE) { cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } //$picfile = $_GET['picfile']; //$picfile = $superCage->get->getPath('picfile'); // doesn't work with HTML entities $matches = $superCage->get->getMatched('picfile', '/^[0-9A-Za-z~ \\/_.-]+$/'); $picfile = $matches[0]; $picname = $CONFIG['fullpath'] . $picfile; $imagesize = @getimagesize($picname); $imagedata = array('name' => $picfile, 'path' => path2url($picname), 'geometry' => $imagesize[3]); } elseif ($pid) { $sql = "SELECT filepath, filename, url_prefix, pwidth, pheight FROM {$CONFIG['TABLE_PICTURES']} AS p " . "WHERE pid='{$pid}' {$FORBIDDEN_SET}"; $result = cpg_db_query($sql); if (!mysql_num_rows($result)) { cpg_die(ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $row = mysql_fetch_assoc($result); if (is_image($row['filename'])) { $pic_url = get_pic_url($row, 'fullsize'); $geom = 'width="' . $row['pwidth'] . '" height="' . $row['pheight'] . '"'; $imagedata = array('name' => $row['filename'], 'path' => $pic_url, 'geometry' => $geom); } else { $pic_html = theme_html_picture(); if (is_movie($row['filename'])) { $mime_content = cpg_get_type($row['filename']); $ctrl_offset['mov'] = 15; $ctrl_offset['wmv'] = 45; $ctrl_offset['swf'] = 0; $ctrl_offset['rm'] = 0; $ctrl_offset_default = 45; $ctrl_height = isset($ctrl_offset[$mime_content['extension']]) ? $ctrl_offset[$mime_content['extension']] : $ctrl_offset_default; preg_match('/width="([0-9]+)".*height="([0-9]+)"/', $pic_html, $matches); $width = $matches[1] + $CONFIG['fullsize_padding_x']; $height = $matches[2] + $CONFIG['fullsize_padding_y'] + $ctrl_height; $resize_window = '<script type="text/javascript">window.resizeTo(' . $width . ', ' . $height . ')</script>'; } preg_match('/<td align="center" style="{SLIDESHOW_STYLE}">.*(.*)<\\/td>/Us', $pic_html, $matches); $pic_html = $matches[1] . $resize_window; } } if (!USER_ID && $CONFIG['allow_unlogged_access'] <= 2 || USER_ID && USER_ACCESS_LEVEL <= 2) { // adjust the size of the window if we don't have to catter for a full-size pop-up, but only a text message $row['pwidth'] = 200; $row['pheight'] = 100; } $charset = $CONFIG['charset'] == 'language file' ? $lang_charset : $CONFIG['charset']; $fullsize_html = <<<EOT <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset={$charset}" /> <title>{$CONFIG['gallery_name']}: {$lang_fullsize_popup['click_to_close']}</title> <style type="text/css"> body { margin: 0; padding: 0; background-color: gray; } img { margin:0; padding:0; border:0; } #content { margin:0 auto; padding:0; border:0; } table { border:0; width:{$row['pwidth']}px; height:{$row['pheight']}px; border-collapse:collapse} td { vertical-align: middle; text-align:center; } </style> <script type="text/javascript" src="js/jquery-1.4.2.js"></script> <script type="text/javascript" src="js/jquery.dimensions.pack.js"></script> <script type="text/javascript" src="js/displayimage.fullsize.js"></script> </head> <body style="margin:0px; padding:0px; background-color: gray;"> EOT; if ($pic_html) { $fullsize_html .= $pic_html; } else { if ($CONFIG['transparent_overlay'] == 1) { $fullsize_html .= <<<EOT <table cellpadding="0" cellspacing="0" align="center" style="padding:0px;"> <tr> EOT; $fullsize_html .= '<td align="center" valign="middle" background="' . htmlspecialchars($imagedata['path']) . '" ' . $imagedata['geometry'] . ' class="image">'; $fullsize_html .= '<div id="content">'; $fullsize_html .= '<a href="javascript: window.close()" style="border:none"><img src="images/image.gif?id=' . floor(rand() * 1000 + rand()) . '&fullsize=yes" ' . $imagedata['geometry'] . ' alt="' . htmlspecialchars($imagedata['name']) . '" title="' . htmlspecialchars($imagedata['name']) . $LINEBREAK . $lang_fullsize_popup['click_to_close'] . '" /></a><br />' . $LINEBREAK; $fullsize_html .= <<<EOT </div> </td> </tr> </table> EOT; } else { $fullsize_html .= ' <div id="content">' . $LINEBREAK; $fullsize_html .= '<a href="javascript: window.close()"><img src="' . htmlspecialchars($imagedata['path']) . '" ' . $imagedata['geometry'] . ' id="fullsize_image" alt="' . htmlspecialchars($imagedata['name']) . '" title="' . htmlspecialchars($imagedata['name']) . $LINEBREAK . $lang_fullsize_popup['click_to_close'] . '" /></a><br />' . $LINEBREAK . ' </div>' . $LINEBREAK; } } $fullsize_html .= <<<EOT </body> </html> EOT; $fullsize_html = CPGPluginAPI::filter('fullsize_html', $fullsize_html); echo $fullsize_html; }
function delete_picture($pid, $tablecellstyle = 'tableb') { global $CONFIG, $header_printed, $lang_errors, $lang_delete_php, $LINEBREAK; if (!$header_printed) { output_table_header(); } $green = cpg_fetch_icon('ok', 0, $lang_delete_php['del_success']); $red = cpg_fetch_icon('stop', 0, $lang_delete_php['err_del']); // We will be selecting pid in the query as we need it in $pic array for the plugin filter if (GALLERY_ADMIN_MODE) { $query = "SELECT pid, aid, filepath, filename FROM {$CONFIG['TABLE_PICTURES']} WHERE pid='{$pid}'"; $result = cpg_db_query($query); if (!$result->numRows()) { cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $pic = $result->fetchAssoc(true); } else { $query = "SELECT pid, p.aid, category, filepath, filename, owner_id FROM {$CONFIG['TABLE_PICTURES']} AS p INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS a ON a.aid = p.aid WHERE pid='{$pid}'"; $result = cpg_db_query($query); if (!$result->numRows()) { cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $pic = $result->fetchAssoc(true); if (!($pic['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $pic['owner_id'] == USER_ID) || !USER_ID) { cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } } $aid = $pic['aid']; $dir = $CONFIG['fullpath'] . $pic['filepath']; $file = $pic['filename']; if (!is_writable($dir)) { cpg_die(CRITICAL_ERROR, sprintf($lang_errors['directory_ro'], htmlspecialchars($dir)), __FILE__, __LINE__); } // Plugin filter to be called before deleting a file CPGPluginAPI::action('before_delete_file', $pic); echo '<tr>'; echo "<td class=\"" . $tablecellstyle . "\">" . htmlspecialchars($file) . "</td>"; $files = array($dir . $file, $dir . $CONFIG['normal_pfx'] . $file, $dir . $CONFIG['orig_pfx'] . $file, $dir . $CONFIG['thumb_pfx'] . $file); // Check for custom thumbnails for non-images if (!is_image($file)) { $mime_content = cpg_get_type($file); $file_base_name = str_replace('.' . $mime_content['extension'], '', basename($file)); foreach (array('.gif', '.png', '.jpg') as $thumb_extension) { if (file_exists($dir . $CONFIG['thumb_pfx'] . $file_base_name . $thumb_extension)) { // Thumbnail found, check if it's the only file using that thumbnail $count = cpg_db_query("SELECT COUNT(*) FROM {$CONFIG['TABLE_PICTURES']} WHERE filepath = '{$pic['filepath']}' AND filename LIKE '{$file_base_name}.%'")->result(0); if ($count == 1) { unset($files[count($files) - 1]); $files[] = $dir . $CONFIG['thumb_pfx'] . $file_base_name . $thumb_extension; break; } } } } foreach ($files as $currFile) { echo "<td class=\"" . $tablecellstyle . "\" align=\"center\">"; if (is_file($currFile)) { if (@unlink($currFile)) { echo $green; } else { echo $red; } } else { echo " "; } echo "</td>"; } $query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'"; cpg_db_query($query); echo "<td class=\"" . $tablecellstyle . "\" align=\"center\">"; if (cpg_db_affected_rows() > 0) { echo $green; } else { echo " "; } echo "</td>"; $query = "DELETE FROM {$CONFIG['TABLE_EXIF']} WHERE pid = {$pid}"; cpg_db_query($query); $query = "DELETE FROM {$CONFIG['TABLE_PICTURES']} WHERE pid='{$pid}' LIMIT 1"; cpg_db_query($query); echo "<td class=\"" . $tablecellstyle . "\" align=\"center\">"; if (cpg_db_affected_rows() > 0) { echo $green; } else { echo $red; } $query = "UPDATE {$CONFIG['TABLE_ALBUMS']} SET thumb = '0' WHERE thumb = '{$pid}'"; cpg_db_query($query); echo '</td>'; echo '</tr>' . $LINEBREAK; // Plugin filter to be called after a file is deleted CPGPluginAPI::action('after_delete_file', $pic); return $aid; }
} $display_array = fetchcontent_display_thumbnails($album, $cat, 1, $thumbcols, $thumbrows, FALSE); $loopCounter = 1; echo <<<EOT document.writeln(' '); document.writeln(' <table border="1" cellspacing="0" cellpadding="0" class="fc_table" {$tableid}>'); document.writeln(' <tbody>'); EOT; for ($i = 1; $i <= $thumbrows; $i++) { echo <<<EOT document.writeln(' <tr class="fc_row">'); EOT; for ($j = 1; $j <= $thumbcols; $j++) { if ($loopCounter <= $display_array['thumb_count']) { // Determine the file type $filetype = cpg_get_type($display_array['thumb_list'][$loopCounter]['filename']); // returns an associative array with keys extension, mime, content (possible values: 'image', 'audio', 'movie', 'document') and player. // Come up with the image tag $image_string = ''; if ($size == 1) { // Requested files are thumbnail-size $image_string .= '<img src="' . $CONFIG['site_url'] . $display_array['thumb_list'][$loopCounter]['thumbpath'] . '" ' . $display_array['thumb_list'][$loopCounter]['thumbsize']; } else { // Requested file size is bigger than thumbs --- start $image_string .= '<img src="' . $CONFIG['site_url'] . $CONFIG['fullpath'] . $display_array['thumb_list'][$loopCounter]['filepath']; if ($size == 2) { $image_string .= $CONFIG['normal_pfx']; } $image_string .= $display_array['thumb_list'][$loopCounter]['filename'] . '"'; } // Requested file size is bigger than thumbs --- end
/** * get_pic_url() * * Return the url for a picture * * @param array $pic_row * @param string $mode * @param boolean $system_pic * @return string **/ function &get_pic_url(&$pic_row, $mode, $system_pic = false) { global $CONFIG, $THEME_DIR; static $pic_prefix = array(); static $url_prefix = array(); if (!count($pic_prefix)) { $pic_prefix = array('thumb' => $CONFIG['thumb_pfx'], 'normal' => $CONFIG['normal_pfx'], 'orig' => $CONFIG['orig_pfx'], 'fullsize' => ''); $url_prefix = array(0 => $CONFIG['fullpath']); } $mime_content = cpg_get_type($pic_row['filename']); $pic_row = array_merge($pic_row, $mime_content); $filepathname = null; // Code to handle custom thumbnails // If fullsize or normal mode use regular file if ($mime_content['content'] != 'image' && $mode == 'normal') { $mode = 'fullsize'; } elseif ($mime_content['content'] != 'image' && $mode == 'thumb' || $system_pic) { $thumb_extensions = array('.gif', '.png', '.jpg'); // Check for user-level custom thumbnails // Create custom thumb path and erase extension using filename; Erase filename's extension $custom_thumb_path = $url_prefix[$pic_row['url_prefix']] . $pic_row['filepath'] . $pic_prefix[$mode]; $file_base_name = str_replace('.' . $mime_content['extension'], '', basename($pic_row['filename'])); // Check for file-specific thumbs foreach ($thumb_extensions as $extension) { if (file_exists($custom_thumb_path . $file_base_name . $extension)) { $filepathname = $custom_thumb_path . $file_base_name . $extension; break; } } if (!$system_pic) { // Check for extension-specific thumbs if (is_null($filepathname)) { foreach ($thumb_extensions as $extension) { if (file_exists($custom_thumb_path . $mime_content['extension'] . $extension)) { $filepathname = $custom_thumb_path . $mime_content['extension'] . $extension; break; } } } // Check for content-specific thumbs if (is_null($filepathname)) { foreach ($thumb_extensions as $extension) { if (file_exists($custom_thumb_path . $mime_content['content'] . $extension)) { $filepathname = $custom_thumb_path . $mime_content['content'] . $extension; break; } } } } // Use default thumbs if (is_null($filepathname)) { // Check for default theme- and global-level thumbs $thumb_paths[] = $THEME_DIR . 'images/'; // Used for custom theme thumbs $thumb_paths[] = 'images/'; // Default Coppermine thumbs foreach ($thumb_paths as $default_thumb_path) { if (is_dir($default_thumb_path)) { if (!$system_pic) { foreach ($thumb_extensions as $extension) { // Check for extension-specific thumbs if (file_exists($default_thumb_path . $CONFIG['thumb_pfx'] . $mime_content['extension'] . $extension)) { $filepathname = $default_thumb_path . $CONFIG['thumb_pfx'] . $mime_content['extension'] . $extension; //thumb cropping - if we display a system thumb we calculate the dimension by any and not ex $pic_row['system_icon'] = true; break 2; } } foreach ($thumb_extensions as $extension) { // Check for media-specific thumbs (movie,document,audio) if (file_exists($default_thumb_path . $CONFIG['thumb_pfx'] . $mime_content['content'] . $extension)) { $filepathname = $default_thumb_path . $CONFIG['thumb_pfx'] . $mime_content['content'] . $extension; //thumb cropping $pic_row['system_icon'] = true; break 2; } } } else { // Check for file-specific thumbs for system files foreach ($thumb_extensions as $extension) { if (file_exists($default_thumb_path . $CONFIG['thumb_pfx'] . $file_base_name . $extension)) { $filepathname = $default_thumb_path . $CONFIG['thumb_pfx'] . $file_base_name . $extension; //thumb cropping $pic_row['system_icon'] = true; break 2; } } } } } } $filepathname = path2url($filepathname); } if (is_null($filepathname)) { $filepathname = $url_prefix[$pic_row['url_prefix']] . path2url($pic_row['filepath'] . $pic_prefix[$mode] . $pic_row['filename']); } // Added hack: "&& !isset($pic_row['mode'])" thumb_data filter isn't executed for the fullsize image if ($mode == 'thumb' && !isset($pic_row['mode'])) { $pic_row['url'] = $filepathname; $pic_row['mode'] = $mode; $pic_row = CPGPluginAPI::filter('thumb_data', $pic_row); } elseif ($mode != 'thumb') { $pic_row['url'] = $filepathname; $pic_row['mode'] = $mode; } else { $pic_row['url'] = $filepathname; } return $pic_row['url']; }
/** * process_post_data() * * Function to process the form posted */ function process_post_data() { global $CONFIG, $user_albums_list, $lang_errors; $superCage = Inspekt::makeSuperCage(); //Check if the form token is valid if (!checkFormToken()) { cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__); } $user_album_set = array(); $result = cpg_db_query("SELECT aid FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = " . (FIRST_USER_CAT + USER_ID) . " OR owner = " . USER_ID . " OR uploads = 'YES'"); while ($row = $result->fetchAssoc()) { $user_album_set[$row['aid']] = 1; } $result->free(); $pid_array = $superCage->post->getInt('pid'); if (!is_array($pid_array)) { cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'], __FILE__, __LINE__); } if ($superCage->post->keyExists('galleryicon')) { $galleryicon = $superCage->post->getInt('galleryicon'); } else { $galleryicon = ''; } foreach ($pid_array as $pid) { $aid = $superCage->post->getInt("aid{$pid}"); $title = get_post_var('title', $pid); $caption = get_post_var('caption', $pid); $keywords = get_post_var('keywords', $pid); $user1 = get_post_var('user1', $pid); $user2 = get_post_var('user2', $pid); $user3 = get_post_var('user3', $pid); $user4 = get_post_var('user4', $pid); $delete = false; $reset_vcount = false; $reset_votes = false; $del_comments = false; $isgalleryicon = $galleryicon === $pid; if ($superCage->post->keyExists('delete' . $pid)) { $delete = $superCage->post->getInt('delete' . $pid); } if ($superCage->post->keyExists('reset_vcount' . $pid)) { $reset_vcount = $superCage->post->getInt('reset_vcount' . $pid); } if ($superCage->post->keyExists('reset_votes' . $pid)) { $reset_votes = $superCage->post->getInt('reset_votes' . $pid); } if ($superCage->post->keyExists('del_comments' . $pid)) { $del_comments = $superCage->post->getInt('del_comments' . $pid); } // We will be selecting pid in the query as we need it in $pic array for the plugin filter $query = "SELECT pid, category, filepath, filename, owner_id FROM {$CONFIG['TABLE_PICTURES']} AS p INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS a ON a.aid = p.aid WHERE pid = {$pid}"; $result = cpg_db_query($query); if (!$result->numRows()) { cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $pic = $result->fetchAssoc(true); if (!GALLERY_ADMIN_MODE && !MODERATOR_MODE && !USER_ADMIN_MODE && !user_is_allowed() && !$CONFIG['users_can_edit_pics']) { if ($pic['category'] != FIRST_USER_CAT + USER_ID) { cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__); } if (!isset($user_album_set[$aid])) { cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__); } } cpg_trim_keywords($keywords); $update = "aid = '{$aid}'"; $update .= ", title = '{$title}'"; $update .= ", caption = '{$caption}'"; $update .= ", keywords = '{$keywords}'"; $update .= ", user1 = '{$user1}'"; $update .= ", user2 = '{$user2}'"; $update .= ", user3 = '{$user3}'"; $update .= ", user4 = '{$user4}'"; if ($isgalleryicon && $pic['category'] > FIRST_USER_CAT) { cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET galleryicon = 0 WHERE owner_id = {$pic['owner_id']}"); $update .= ", galleryicon = " . $galleryicon; } if (is_movie($pic['filename'])) { $pwidth = $superCage->post->getInt('pwidth' . $pid); $pheight = $superCage->post->getInt('pheight' . $pid); $update .= ", pwidth = " . $pwidth; $update .= ", pheight = " . $pheight; } if ($reset_vcount) { $update .= ", hits = 0"; resetDetailHits($pid); } if ($reset_votes) { $update .= ", pic_rating = 0, votes = 0"; resetDetailVotes($pid); } if (GALLERY_ADMIN_MODE || UPLOAD_APPROVAL_MODE || MODERATOR_MODE) { $approved = ''; if ($superCage->post->keyExists('approved' . $pid)) { $approved = $superCage->post->getAlpha('approved' . $pid); } if ($approved == 'YES') { $update .= ", approved = 'YES'"; } else { $update .= ", approved = 'NO'"; } } if ($del_comments || $delete) { cpg_db_query("DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid = {$pid}"); } if ($delete) { $dir = $CONFIG['fullpath'] . $pic['filepath']; $file = $pic['filename']; if (!is_writable($dir)) { cpg_die(CRITICAL_ERROR, sprintf($lang_errors['directory_ro'], $dir), __FILE__, __LINE__); } $files = array($dir . $file, $dir . $CONFIG['normal_pfx'] . $file, $dir . $CONFIG['orig_pfx'] . $file, $dir . $CONFIG['thumb_pfx'] . $file); // Check for custom thumbnails for non-images if (!is_image($file)) { $mime_content = cpg_get_type($file); $file_base_name = str_replace('.' . $mime_content['extension'], '', basename($file)); foreach (array('.gif', '.png', '.jpg') as $thumb_extension) { if (file_exists($dir . $CONFIG['thumb_pfx'] . $file_base_name . $thumb_extension)) { // Thumbnail found, check if it's the only file using that thumbnail $count = cpg_db_query("SELECT COUNT(*) FROM {$CONFIG['TABLE_PICTURES']} WHERE filepath = '{$pic['filepath']}' AND filename LIKE '{$file_base_name}.%'")->result(0); if ($count == 1) { unset($files[count($files) - 1]); $files[] = $dir . $CONFIG['thumb_pfx'] . $file_base_name . $thumb_extension; break; } } } } foreach ($files as $currFile) { if (is_file($currFile)) { @unlink($currFile); } } // Plugin filter to be called before deleting a file CPGPluginAPI::action('before_delete_file', $pic); cpg_db_query("DELETE FROM {$CONFIG['TABLE_PICTURES']} WHERE pid = {$pid} LIMIT 1"); cpg_db_query("UPDATE {$CONFIG['TABLE_ALBUMS']} SET thumb = '0' WHERE thumb = '{$pid}'"); // Plugin filter to be called after a file is deleted CPGPluginAPI::action('after_delete_file', $pic); } else { cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid = {$pid}"); // Executes after a file update is committed CPGPluginAPI::action('after_edit_file', $pid); } } }
function cpgUserLastComment($uid) { global $CONFIG; $result = cpg_db_query("SELECT count(*), MAX(msg_id) FROM {$CONFIG['TABLE_COMMENTS']} as c, {$CONFIG['TABLE_PICTURES']} as p WHERE c.pid = p.pid AND approval='YES' AND author_id = '{$uid}' {$FORBIDDEN_SET}"); $nbEnr = mysql_fetch_array($result); $comment_count = $nbEnr[0]; $lastcom_id = $nbEnr[1]; mysql_free_result($result); $lastcom = ''; if ($comment_count) { $sql = "SELECT filepath, filename, url_prefix, pwidth, pheight, msg_author, UNIX_TIMESTAMP(msg_date) as msg_date, msg_body, approval " . "FROM {$CONFIG['TABLE_COMMENTS']} AS c, {$CONFIG['TABLE_PICTURES']} AS p " . "WHERE msg_id='" . $lastcom_id . "' AND approval = 'YES' AND c.pid = p.pid"; $result = cpg_db_query($sql); if (mysql_num_rows($result)) { $row = mysql_fetch_array($result); mysql_free_result($result); $pic_url = get_pic_url($row, 'thumb'); if (!is_image($row['filename'])) { $image_info = cpg_getimagesize(urldecode($pic_url)); $row['pwidth'] = $image_info[0]; $row['pheight'] = $image_info[1]; } $image_size = compute_img_size($row['pwidth'], $row['pheight'], $CONFIG['thumb_width']); $mime_content = cpg_get_type($row['filename']); $lastcom = '<img src="' . $pic_url . '" class="image"' . $image_size['geom'] . ' border="0" alt="" />'; } } $lastComArray = array(); $lastComArray['thumb'] = $lastcom; $lastComArray['comment'] = $row['msg_body']; $lastComArray['msg_date'] = $row['msg_date']; $lastComArray['count'] = $comment_count; return $lastComArray; }
$output_denied++; if ($CONFIG['plugin_fetchcontent_enable_logging'] != 0) { $denial_reason_array[] = 'Plugin fetchcontent: denied access for ' . $size_array[$size] . ' of PID ' . $pid . ' for user ' . $USER_DATA['user_name'] . ' (ID ' . USER_ID . ', groups ' . implode(',', $USER_DATA['groups']) . '), remote IP address: ' . $superCage->server->getRaw('REMOTE_ADDR') . $referer; } } // Processing starts here $result = cpg_db_query("SELECT filepath, filename, pwidth, pheight FROM {$CONFIG['TABLE_PICTURES']} AS p WHERE pid='{$pid}' {$FORBIDDEN_SET} LIMIT 1"); if (mysql_num_rows($result) == 0) { $output_denied++; if ($CONFIG['plugin_fetchcontent_enable_logging'] != 0) { $denial_reason_array[] = 'Plugin fetchcontent: empty database record for ' . $size_array[$size] . ' of PID ' . $pid . ' for user ' . $USER_DATA['user_name'] . ' (ID ' . USER_ID . ', groups ' . implode(',', $USER_DATA['groups']) . '), remote IP address: ' . $superCage->server->getRaw('REMOTE_ADDR') . $referer; } } else { $row = mysql_fetch_assoc($result); // Determine the file type $filetype = cpg_get_type($row['filename']); // returns an associative array with keys extension, mime, content (possible values: 'image', 'audio', 'movie', 'document') and player. } mysql_free_result($result); if ($size == 1) { // Thumbnail size has been requested if (file_exists($CONFIG['fullpath'] . $row['filepath'] . $CONFIG['thumb_pfx'] . $row['filename'])) { $fetchcontent_redirection_path = $CONFIG['fullpath'] . $row['filepath'] . $CONFIG['thumb_pfx'] . $row['filename']; } else { if ($filetype['content'] == 'image') { // Requested file is an image $output_denied++; if ($CONFIG['plugin_fetchcontent_enable_logging'] != 0) { $denial_reason_array[] = 'Plugin fetchcontent: file does not exist for ' . $size_array[$size] . ' of PID ' . $pid . ' for user ' . $USER_DATA['user_name'] . ' (ID ' . USER_ID . ', groups ' . implode(',', $USER_DATA['groups']) . '), remote IP address: ' . $superCage->server->getRaw('REMOTE_ADDR') . $referer; } } else {
function download_resized_add_data($pic_data) { global $CONFIG, $album; $superCage = Inspekt::makeSuperCage(); $lang = isset($USER['lang']) ? $USER['lang'] : $CONFIG['lang']; if (!file_exists("plugins/download_resized/lang/{$lang}.php")) { $lang = 'english'; } require "plugins/download_resized/lang/{$lang}.php"; $sizes = array(); $sizes[0]['x'] = '1600'; $sizes[1]['x'] = '1440'; $sizes[2]['x'] = '1280'; $sizes[3]['x'] = '1024'; $sizes[4]['x'] = '800'; $sizes[5]['x'] = '640'; $sizes[6]['x'] = $CONFIG['picture_width']; $mime_content_image = cpg_get_type(get_pic_url($pic_data, 'fullsize')); if ($superCage->post->keyExists('resize_pid')) { $pid = $superCage->post->getInt('resize_pid'); $size = $superCage->post->getInt('resize_id'); //sanitize data if (!is_numeric($size)) { cpg_die(ERROR, 'Data not valid', __FILE__, __LINE__); } $result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} WHERE pid = '{$pid}'"); $row = mysql_fetch_assoc($result); if ($row) { $path = $CONFIG['fullpath'] . $row['filepath']; if (isset($CONFIG['enable_watermark'])) { // modpack installed ? Then we check for an orig image if (file_exists($CONFIG['fullpath'] . $row['filepath'] . $CONFIG['orig_pfx'] . $row['filename'])) { $row['filename'] = $CONFIG['orig_pfx'] . $row['filename']; } } $image = $CONFIG['fullpath'] . $row['filepath'] . $row['filename']; $dest_dir = $CONFIG['fullpath'] . 'edit/'; $filename = $row['filename']; $CONFIG['read_iptc_data'] = 0; require 'include/picmgmt.inc.php'; if (is_known_filetype($image)) { if (is_image($image)) { $imagesize = getimagesize($image); if (max($imagesize[0], $imagesize[1]) < $size) { $pic_data['html'] = "<img src=\"" . $image . "\" class=\"image\" alt=\"" . $image . "\" border=\"0\">"; } else { // Do some cleanup in the edit directory. spring_cleaning('./albums/edit', 900); // is a file with the same name already in the edit dir? while (file_exists($dest_dir . $filename)) { $filename = ++$nr . '_' . $row['filename']; } //resize the image into the edit dir if ($CONFIG['enable_watermark'] == 1) { resize_image($image, $dest_dir . $filename, $size, $CONFIG['thumb_method'], 'any', 'true'); } else { resize_image($image, $dest_dir . $filename, $size, $CONFIG['thumb_method'], 'any'); } $pic_data['html'] = "<img src=\"" . $dest_dir . $filename . "\" class=\"image\" alt=\"" . $dest_dir . "\" border=\"0\">"; $image = $dest_dir . $filename; $row['filename'] = $filename; } } } } } if ($mime_content_image['content'] == 'image') { $counter = null; // do we have an image > than min resize size $html = "<select name=\"resize_id\" class=\"listbox_lang\">"; foreach ($sizes as $key => $value) { if ($value['x'] <= max($pic_data['pwidth'], $pic_data['pheight'])) { $html .= "<option value=\"{$value['x']}\">{$value['x']} {$lang_download_resized['px']}</option>"; $counter++; } } $html .= "</select>"; if ($counter < 1) { return $pic_data; } //return if we have no dropdown entry $album == 'search' ? $referer = "displayimage.php?pos=-{$pic_data['pid']}" : ($referer = null); if ($row['filename']) { $down_link = "<a href = \"index.php?file=download_resized/download_resized&filename={$row['filename']}&image={$image}\">{$lang_download_resized['download']}</a>"; } else { $file_down_data = ''; } $download_resized_data = <<<EOT \t\t<table class="tableh" width="100%"> \t\t\t<tr> \t\t\t\t<td align="center"> \t\t\t\t<form action="{$referer}" method="post"> \t\t\t\t \t{$added}{$lang_download_resized[resize]}: {$html} \t\t\t\t\t<input type="hidden" value="{$pic_data['pid']}" name="resize_pid" /> \t \t\t\t<input type="submit" value="{$lang_download_resized[send_data]}" class="comment_button" /> \t\t\t\t</form> \t\t\t\t{$down_link} \t\t\t\t</td> \t\t\t</tr> \t\t</table> EOT; $pic_data['html'] = $download_resized_data . $pic_data['html']; } return $pic_data; }
} $user_thumb = ''; if ($picture_count) { $sql = "SELECT filepath, filename, url_prefix, pwidth, pheight " . "FROM {$CONFIG['TABLE_PICTURES']} " . "WHERE pid='" . $thumb_pid . "'"; $result = cpg_db_query($sql); if (mysql_num_rows($result)) { $picture = mysql_fetch_array($result); mysql_free_result($result); $pic_url = get_pic_url($picture, 'thumb'); if (!is_image($picture['filename'])) { $image_info = getimagesize(urldecode($pic_url)); $picture['pwidth'] = $image_info[0]; $picture['pheight'] = $image_info[1]; } $image_size = compute_img_size($picture['pwidth'], $picture['pheight'], $CONFIG['thumb_width']); $mime_content = cpg_get_type($picture['filename']); $user_thumb = '<img src="' . $pic_url . '" class="image"' . $image_size['geom'] . ' border="0" alt="" />'; $user_thumb = '<td width="50%" valign="top" align="center">' . '<a href="thumbnails.php?album=lastupby&uid=' . $uid . '">' . '<span class="thumb_title">' . $lang_register_php['last_uploads'] . ' ' . $user_data['user_name'] . '<br /></span>' . $user_thumb . '</a></td>'; } } $quick_jump = $user_thumb . $lastcom ? '<table width="100%" border="0" cellspacing="5"><tr>' . $user_thumb . $lastcom . '</tr></table>' : ''; $form_data = array('username' => $user_data['user_name'], 'reg_date' => localised_date($user_data['user_regdate'], $register_date_fmt), 'group' => $user_data['group_name'], 'user_profile1' => $user_data['user_profile1'], 'user_profile2' => $user_data['user_profile2'], 'user_profile3' => $user_data['user_profile3'], 'user_profile4' => $user_data['user_profile4'], 'user_profile5' => $user_data['user_profile5'], 'user_profile6' => bb_decode($user_data['user_profile6']), 'user_thumb' => $quick_jump, 'pic_count' => $pic_count); $title = sprintf($lang_register_php['x_s_profile'], $user_data['user_name']); pageheader($title); starttable(-1, $title, 2); make_form($display_profile_form_param, $form_data); endtable(); pagefooter(); ob_end_flush(); break; }
function lightbox_nfn_theme_html_picture($html) { global $USER, $FORBIDDEN_SET, $slideshow_pic_html, $mime_content, $CURRENT_PIC_DATA, $CONFIG, $pic_html; if ($CONFIG['allow_unlogged_access'] == 3 || USER_ID && $CONFIG['allow_unlogged_access'] <= 2) { $mime_content = cpg_get_type($html['filename']); if ($mime_content['content'] == 'image') { if (preg_match('/^youtube_(.*)\\.jpg$/', $CURRENT_PIC_DATA['filename'], $ytmatches)) { $vid = $ytmatches[1]; $slideshow_pic_html = '<object width="560" height="350"><param name="movie" value="http://www.youtube.com/v/' . $vid . '"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/' . $vid . '" type="application/x-shockwave-flash" wmode="transparent" width="560" height="350"></embed></object><br />'; $html['html'] = $slideshow_pic_html; } elseif (isset($image_size['reduced'])) { $slideshow_pic_html = lightbox_list($html); $html['html'] = $slideshow_pic_html; } else { $slideshow_pic_html = lightbox_list($html); $html['html'] = $slideshow_pic_html; } } return $html; } else { if (!USER_ID && $CONFIG['allow_unlogged_access'] <= 2) { $html['html'] = $CURRENT_PIC_DATA['html']; return $html; } } }
function process_post_data() { global $CONFIG, $mb_utf8_regex; global $lang_errors, $lang_editpics_php; $superCage = Inspekt::makeSuperCage(); $pid = $superCage->post->getInt('id'); $aid = $superCage->post->getInt('aid'); $pwight = $superCage->post->getInt('pwidth'); $pheight = $superCage->post->getInt('pheight'); $title = cpgSanitizeUserTextInput($superCage->post->getEscaped('title')); $caption = cpgSanitizeUserTextInput($superCage->post->getEscaped('caption')); $keywords = cpgSanitizeUserTextInput(utf_replace($superCage->post->getEscaped('keywords'))); $user1 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user1')); $user2 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user2')); $user3 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user3')); $user4 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user4')); $galleryicon = $superCage->post->getInt('galleryicon'); $isgalleryicon = $galleryicon === $pid; if ($superCage->post->keyExists('read_exif')) { $read_exif = $superCage->post->getInt('read_exif'); } if ($superCage->post->keyExists('reset_vcount')) { $reset_vcount = $superCage->post->getInt('reset_vcount'); } if ($superCage->post->keyExists('reset_votes')) { $reset_votes = $superCage->post->getInt('reset_votes'); } if ($superCage->post->keyExists('del_comments')) { $del_comments = $superCage->post->getInt('del_comments') || $delete; } $result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} AS p, {$CONFIG['TABLE_ALBUMS']} AS a WHERE a.aid = p.aid AND pid = '{$pid}'"); if (!mysql_num_rows($result)) { cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $pic = mysql_fetch_array($result); mysql_free_result($result); if (!(GALLERY_ADMIN_MODE || $pic['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $pic['owner_id'] == USER_ID) || !USER_ID) { cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } $update = "aid = '" . $aid . "'"; if (is_movie($pic['filename'])) { $update .= ", pwidth = " . $pwidth; $update .= ", pheight = " . $pheight; } $update .= ", title = '" . $title . "'"; $update .= ", caption = '" . $caption . "'"; $update .= ", keywords = '" . $keywords . "'"; if (GALLERY_ADMIN_MODE) { $approved = $superCage->post->getAlpha('approved'); $update .= ", approved = '" . $approved . "'"; } $update .= ", user1 = '" . $user1 . "'"; $update .= ", user2 = '" . $user2 . "'"; $update .= ", user3 = '" . $user3 . "'"; $update .= ", user4 = '" . $user4 . "'"; if ($isgalleryicon && $pic['category'] > FIRST_USER_CAT) { $sql = 'update ' . $CONFIG['TABLE_PICTURES'] . ' set galleryicon=0 where owner_id=' . $pic['owner_id'] . ';'; cpg_db_query($sql); $update .= ", galleryicon = " . $galleryicon; } if ($reset_vcount) { $update .= ", hits = '0'"; resetDetailHits($pid); } if ($reset_votes) { $update .= ", pic_rating = '0', votes = '0'"; resetDetailVotes($pid); } if ($read_exif) { $filepath = urldecode(get_pic_url($pic, 'fullsize')); // If read exif info again is checked then we will just delete the entry from exif table. The new exif information will automatically be read when someone views the image. $query = "DELETE FROM {$CONFIG['TABLE_EXIF']} WHERE filename = '{$filepath}'"; cpg_db_query($query); } if ($del_comments) { $query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'"; $result = cpg_db_query($query); } else { $query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid='{$pid}' LIMIT 1"; $result = cpg_db_query($query); } // rename a file if ($superCage->post->keyExists('filename') && ($matches = $superCage->post->getMatched('filename', '/^[0-9A-Za-z\\/_.-]+$/'))) { $post_filename = $matches[0]; } if ($post_filename != $pic['filename']) { if ($CONFIG['thumb_use'] == 'ht' && $pic['pheight'] > $CONFIG['picture_width']) { $condition = true; } elseif ($CONFIG['thumb_use'] == 'wd' && $pic['pwidth'] > $CONFIG['picture_width']) { $condition = true; } elseif ($CONFIG['thumb_use'] == 'any' && max($pic['pwidth'], $pic['pheight']) > $CONFIG['picture_width']) { $condition = true; } else { $condition = false; } if ($CONFIG['make_intermediate'] && $condition) { $prefices = array('fullsize', 'normal', 'thumb'); } else { $prefices = array('fullsize', 'thumb'); } if ($CONFIG['enable_watermark'] == '1' && ($CONFIG['which_files_to_watermark'] == 'both' || $CONFIG['which_files_to_watermark'] == 'original')) { $prefices[] = 'orig'; } if (!is_image($pic['filename'])) { $prefices = array('fullsize'); } foreach ($prefices as $prefix) { // OVI // $oldname = urldecode(get_pic_url($pic, $prefix)); $oldname = urldecode(get_pic_url($pic, $prefix, false, true)); // OVI $filename = replace_forbidden($post_filename); $newname = str_replace($pic['filename'], $filename, $oldname); $old_mime = cpg_get_type($oldname); $new_mime = cpg_get_type($newname); if ($old_mime['mime'] != $new_mime['mime'] && isset($new_mime['mime'])) { cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['mime_conv'], $old_mime['mime'], $new_mime['mime']), __FILE__, __LINE__); } if (!is_known_filetype($newname)) { cpg_die(CRITICAL_ERROR, $lang_editpics_php['forb_ext'], __FILE__, __LINE__); } // OVI //if (file_exists($newname)) //cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['file_exists'], $newname), __FILE__, __LINE__); //if (!file_exists($oldname)) //cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['src_file_missing'], $oldname), __FILE__, __LINE__); // OVI // OVI $imageContainer = new FileContainer($pic['pid'], $pic['owner_id']); $imageContainer->original_path = $oldname; //echo $imageContainer->original_path." ".$newname;exit(1); global $storage; if (!$storage->rename_file($imageContainer, $newname)) { cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['rename_failed'], $oldname, $newname), __FILE__, __LINE__); } // OVI /*if (rename($oldname, $newname)) { cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET filename = '$filename' WHERE pid = '$pid' LIMIT 1"); } else cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['rename_failed'], $oldname, $newname), __FILE__, __LINE__); */ } // foreach // OVI cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET filename = '{$filename}' WHERE pid = '{$pid}' LIMIT 1"); // OVI } }
function theme_html_picture() { global $CONFIG, $CURRENT_PIC_DATA, $CURRENT_ALBUM_DATA, $USER; global $album, $comment_date_fmt, $template_display_media; global $lang_display_image_php, $lang_picinfo; $pid = $CURRENT_PIC_DATA['pid']; $pic_title = ''; if (!isset($USER['liv']) || !is_array($USER['liv'])) { $USER['liv'] = array(); } // Add 1 to hit counter if (!USER_IS_ADMIN && !in_array($pid, $USER['liv']) && isset($_COOKIE[$CONFIG['cookie_name'] . '_data'])) { add_hit($pid); if (count($USER['liv']) > 4) { array_shift($USER['liv']); } array_push($USER['liv'], $pid); } if ($CONFIG['thumb_use'] == 'ht' && $CURRENT_PIC_DATA['pheight'] > $CONFIG['picture_width']) { // The wierd comparision is because only picture_width is stored $condition = true; } elseif ($CONFIG['thumb_use'] == 'wd' && $CURRENT_PIC_DATA['pwidth'] > $CONFIG['picture_width']) { $condition = true; } elseif ($CONFIG['thumb_use'] == 'any' && max($CURRENT_PIC_DATA['pwidth'], $CURRENT_PIC_DATA['pheight']) > $CONFIG['picture_width']) { $condition = true; //thumb cropping } elseif ($CONFIG['thumb_use'] == 'ex' && max($CURRENT_PIC_DATA['pwidth'], $CURRENT_PIC_DATA['pheight']) > $CONFIG['picture_width']) { $condition = true; } else { $condition = false; } if ($CURRENT_PIC_DATA['title'] != '') { $pic_title .= $CURRENT_PIC_DATA['title'] . "\n"; } if ($CURRENT_PIC_DATA['caption'] != '') { $pic_title .= $CURRENT_PIC_DATA['caption'] . "\n"; } if ($CURRENT_PIC_DATA['keywords'] != '') { $pic_title .= $lang_picinfo['Keywords'] . ": " . $CURRENT_PIC_DATA['keywords']; } if (!$CURRENT_PIC_DATA['title'] && !$CURRENT_PIC_DATA['caption']) { template_extract_block($template_display_media, 'img_desc'); } else { if (!$CURRENT_PIC_DATA['title']) { template_extract_block($template_display_media, 'title'); } if (!$CURRENT_PIC_DATA['caption']) { template_extract_block($template_display_media, 'caption'); } } $CURRENT_PIC_DATA['menu'] = html_picture_menu(); //((USER_ADMIN_MODE && $CURRENT_ALBUM_DATA['category'] == FIRST_USER_CAT + USER_ID) || ($CONFIG['users_can_edit_pics'] && $CURRENT_PIC_DATA['owner_id'] == USER_ID && USER_ID != 0) || GALLERY_ADMIN_MODE) ? html_picture_menu($pid) : ''; if ($CONFIG['make_intermediate'] && $condition) { $picture_url = get_pic_url($CURRENT_PIC_DATA, 'normal'); } else { $picture_url = get_pic_url($CURRENT_PIC_DATA, 'fullsize'); } //thumb cropping $image_size = compute_img_size($CURRENT_PIC_DATA['pwidth'], $CURRENT_PIC_DATA['pheight'], $CONFIG['picture_width'], 'normal'); $pic_title = ''; $mime_content = cpg_get_type($CURRENT_PIC_DATA['filename']); if ($mime_content['content'] == 'movie' || $mime_content['content'] == 'audio') { if ($CURRENT_PIC_DATA['pwidth'] == 0 || $CURRENT_PIC_DATA['pheight'] == 0) { $CURRENT_PIC_DATA['pwidth'] = 320; // Default width // Set default height; if file is a movie if ($mime_content['content'] == 'movie') { $CURRENT_PIC_DATA['pheight'] = 240; // Default height } } $ctrl_offset['mov'] = 15; $ctrl_offset['wmv'] = 45; $ctrl_offset['swf'] = 0; $ctrl_offset['rm'] = 0; $ctrl_offset_default = 45; $ctrl_height = isset($ctrl_offset[$mime_content['extension']]) ? $ctrl_offset[$mime_content['extension']] : $ctrl_offset_default; $image_size['whole'] = 'width="' . $CURRENT_PIC_DATA['pwidth'] . '" height="' . ($CURRENT_PIC_DATA['pheight'] + $ctrl_height) . '"'; } if ($mime_content['content'] == 'image') { if (isset($image_size['reduced'])) { $imginfo = getimagesize($picture_url); $winsizeX = $CURRENT_PIC_DATA['pwidth'] + $CONFIG['fullsize_padding_x']; //the +'s are the mysterious FF and IE paddings $winsizeY = $CURRENT_PIC_DATA['pheight'] + $CONFIG['fullsize_padding_y']; //the +'s are the mysterious FF and IE paddings if ($CONFIG['transparent_overlay'] == 1) { $pic_html = "<table cellpadding=\"0\" cellspacing=\"0\" border=\"0\"><tr><td background=\"" . $picture_url . "\" width=\"{$imginfo[0]}\" height=\"{$imginfo[1]}\" class=\"image\">"; $pic_html .= "<a href=\"javascript:;\" onclick=\"MM_openBrWindow('displayimage.php?pid={$pid}&fullsize=1','" . uniqid(rand()) . "','scrollbars=yes,toolbar=no,status=no,resizable=yes,width={$winsizeX},height={$winsizeY}')\">"; $pic_title = $lang_display_image_php['view_fs'] . "\n==============\n" . $pic_title; $pic_html .= "<img src=\"images/image.gif?id=" . floor(rand() * 1000 + rand()) . "\" width={$imginfo[0]} height={$imginfo[1]} border=\"0\" alt=\"{$lang_display_image_php['view_fs']}\" /><br />"; $pic_html .= "</a>\n </td></tr></table>"; } else { $pic_html = "<a href=\"javascript:;\" onclick=\"MM_openBrWindow('displayimage.php?pid={$pid}&fullsize=1','" . uniqid(rand()) . "','scrollbars=yes,toolbar=no,status=no,resizable=yes,width={$winsizeX},height={$winsizeY}')\">"; $pic_title = $lang_display_image_php['view_fs'] . "\n==============\n" . $pic_title; $pic_html .= "<img src=\"" . $picture_url . "\" class=\"image\" border=\"0\" alt=\"{$lang_display_image_php['view_fs']}\" /><br />"; $pic_html .= "</a>\n"; } } else { if ($CONFIG['transparent_overlay'] == 1) { $pic_html = "<table cellpadding=\"0\" cellspacing=\"0\" border=\"0\"><tr><td background=\"" . $picture_url . "\" width=\"{$CURRENT_PIC_DATA['pwidth']}\" height=\"{$CURRENT_PIC_DATA['pheight']}\" class=\"image\">"; $pic_html .= "<img src=\"images/image.gif?id=" . floor(rand() * 1000 + rand()) . "\" width={$CURRENT_PIC_DATA['pwidth']} height={$CURRENT_PIC_DATA['pheight']} border=\"0\" alt=\"\" /><br />\n"; $pic_html .= "</td></tr></table>"; } else { $pic_html = "<img src=\"" . $picture_url . "\" {$image_size['geom']} class=\"image\" border=\"0\" alt=\"\" /><br />\n"; } } } elseif ($mime_content['content'] == 'document') { $pic_thumb_url = get_pic_url($CURRENT_PIC_DATA, 'thumb'); $pic_html = "<a href=\"{$picture_url}\" target=\"_blank\" class=\"document_link\"><img src=\"" . $pic_thumb_url . "\" border=\"0\" class=\"image\" /></a>\n<br />"; } else { $autostart = $CONFIG['media_autostart'] ? 'true' : 'false'; $players['WMP'] = array('id' => 'MediaPlayer', 'clsid' => 'classid="clsid:6BF52A52-394A-11D3-B153-00C04F79FAA6" ', 'codebase' => 'codebase="http://activex.microsoft.com/activex/controls/mplayer/en/nsmp2inf.cab#Version=5,1,52,701" ', 'mime' => 'type="application/x-mplayer2" '); $players['RMP'] = array('id' => 'RealPlayer', 'clsid' => 'classid="clsid:CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA" ', 'codebase' => '', 'mime' => 'type="audio/x-pn-realaudio-plugin" '); $players['QT'] = array('id' => 'QuickTime', 'clsid' => 'classid="clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B" ', 'codebase' => 'codebase="http://www.apple.com/qtactivex/qtplugin.cab" ', 'mime' => 'type="video/x-quicktime" '); $players['SWF'] = array('id' => 'SWFlash', 'clsid' => ' classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" ', 'codebase' => 'codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" ', 'mime' => 'type="application/x-shockwave-flash" '); $players['UNK'] = array('id' => 'DefaultPlayer', 'clsid' => '', 'codebase' => '', 'mime' => ''); if (isset($_COOKIE[$CONFIG['cookie_name'] . '_' . $mime_content['extension'] . 'player'])) { $user_player = $_COOKIE[$CONFIG['cookie_name'] . '_' . $mime_content['extension'] . 'player']; } else { $user_player = $mime_content['player']; } // There isn't a player selected or user wants client-side control if (!$user_player) { $user_player = 'UNK'; } $player = $players[$user_player]; $pic_html = '<object id="' . $player['id'] . '" ' . $player['classid'] . $player['codebase'] . $player['mime'] . $image_size['whole'] . '>'; $pic_html .= "<param name=\"autostart\" value=\"{$autostart}\" /><param name=\"src\" value=\"" . $picture_url . "\" />"; $pic_html .= '<embed ' . $image_size['whole'] . ' src="' . $picture_url . '" autostart="' . $autostart . '" ' . $player['mime'] . '></embed>'; $pic_html .= "</object><br />\n"; } $CURRENT_PIC_DATA['html'] = $pic_html; $CURRENT_PIC_DATA['header'] = ''; $CURRENT_PIC_DATA['footer'] = ''; $CURRENT_PIC_DATA = CPGPluginAPI::filter('file_data', $CURRENT_PIC_DATA); $params = array('{CELL_HEIGHT}' => '100', '{IMAGE}' => $CURRENT_PIC_DATA['header'] . $CURRENT_PIC_DATA['html'] . $CURRENT_PIC_DATA['footer'], '{ADMIN_MENU}' => $CURRENT_PIC_DATA['menu'], '{TITLE}' => bb_decode($CURRENT_PIC_DATA['title']), '{CAPTION}' => bb_decode($CURRENT_PIC_DATA['caption'])); return template_eval($template_display_media, $params); }
function process_post_data() { global $CONFIG, $USER_DATA, $lang_errors, $lang_editpics_php, $superCage; //Check if the form token is valid if (!checkFormToken()) { cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__); } $user_album_set = array(); $result = cpg_db_query("SELECT aid FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = " . (FIRST_USER_CAT + USER_ID) . " OR owner = " . USER_ID . " OR uploads = 'YES'"); while ($row = mysql_fetch_assoc($result)) { $user_album_set[$row['aid']] = 1; } mysql_free_result($result); $pid = $superCage->post->getInt('id'); $aid = $superCage->post->getInt('aid'); $pwidth = $superCage->post->getInt('pwidth'); $pheight = $superCage->post->getInt('pheight'); $title = cpgSanitizeUserTextInput($superCage->post->getEscaped('title')); $caption = cpgSanitizeUserTextInput($superCage->post->getEscaped('caption')); $keywords = cpgSanitizeUserTextInput(utf_replace($superCage->post->getEscaped('keywords'))); $user1 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user1')); $user2 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user2')); $user3 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user3')); $user4 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user4')); $galleryicon = $superCage->post->getInt('galleryicon'); $isgalleryicon = $galleryicon == $pid; $read_exif = $superCage->post->keyExists('read_exif') ? $superCage->post->getInt('read_exif') : 0; $reset_vcount = $superCage->post->keyExists('reset_vcount') ? $superCage->post->getInt('reset_vcount') : 0; $reset_votes = $superCage->post->keyExists('reset_votes') ? $superCage->post->getInt('reset_votes') : 0; $del_comments = $superCage->post->keyExists('del_comments') ? $superCage->post->getInt('del_comments') : 0; $result = cpg_db_query("SELECT category, owner_id, url_prefix, filepath, filename, pwidth, pheight, p.aid AS aid FROM {$CONFIG['TABLE_PICTURES']} AS p INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS a ON a.aid = p.aid WHERE pid = '{$pid}'"); if (!mysql_num_rows($result)) { cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $pic = mysql_fetch_assoc($result); mysql_free_result($result); if (!GALLERY_ADMIN_MODE && !MODERATOR_MODE && !USER_ADMIN_MODE && !user_is_allowed() && !$CONFIG['users_can_edit_pics']) { if ($pic['category'] != FIRST_USER_CAT + USER_ID) { cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__); } if (!isset($user_album_set[$aid])) { cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__); } } if (!USER_ID || !(GALLERY_ADMIN_MODE || $pic['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $pic['owner_id'] == USER_ID)) { cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } $result = cpg_db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid = '{$aid}'"); if (!mysql_num_rows($result)) { cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $new_alb = mysql_fetch_assoc($result); mysql_free_result($result); cpg_trim_keywords($keywords); $update = "aid = '{$aid}'"; if (is_movie($pic['filename'])) { $update .= ", pwidth = " . $pwidth; $update .= ", pheight = " . $pheight; } $update .= ", title = '{$title}'"; $update .= ", caption = '{$caption}'"; $update .= ", keywords = '{$keywords}'"; if (GALLERY_ADMIN_MODE) { $approved = $superCage->post->getAlpha('approved'); $update .= ", approved = '{$approved}'"; } elseif ($new_alb['category'] < FIRST_USER_CAT && $aid != $pic['aid']) { $approved = $USER_DATA['pub_upl_need_approval'] ? 'NO' : 'YES'; $update .= ", approved = '{$approved}'"; } elseif ($new_alb['category'] > FIRST_USER_CAT && $aid != $pic['aid'] && $pic['category'] < FIRST_USER_CAT) { $approved = $USER_DATA['priv_upl_need_approval'] ? 'NO' : 'YES'; $update .= ", approved = '{$approved}'"; } $update .= ", user1 = '{$user1}'"; $update .= ", user2 = '{$user2}'"; $update .= ", user3 = '{$user3}'"; $update .= ", user4 = '{$user4}'"; if ($isgalleryicon && $pic['category'] > FIRST_USER_CAT) { $sql = "UPDATE {$CONFIG['TABLE_PICTURES']} SET galleryicon = 0 WHERE owner_id = {$pic['owner_id']}"; cpg_db_query($sql); $update .= ", galleryicon = " . $galleryicon; } if ($reset_vcount) { $update .= ", hits = 0"; resetDetailHits($pid); } if ($reset_votes) { $update .= ", pic_rating = 0, votes = 0"; resetDetailVotes($pid); } if ($read_exif) { // If "read exif info again" is checked then just delete the entry from the exif table. // The new exif information will automatically be read when someone views the image. $query = "DELETE FROM {$CONFIG['TABLE_EXIF']} WHERE pid = '{$pid}'"; cpg_db_query($query); } if ($del_comments) { $query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid = '{$pid}'"; cpg_db_query($query); } $query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid='{$pid}' LIMIT 1"; cpg_db_query($query); // Executes after a file update is committed CPGPluginAPI::action('after_edit_file', $pid); // rename a file if ($superCage->post->keyExists('filename')) { $post_filename = $superCage->post->getEscaped('filename'); } if ($post_filename != $pic['filename']) { if ($CONFIG['make_intermediate'] && cpg_picture_dimension_exceeds_intermediate_limit($pic['pwidth'], $pic['pheight'])) { $prefixes = array('fullsize', 'normal', 'thumb'); } else { $prefixes = array('fullsize', 'thumb'); } if ($CONFIG['enable_watermark'] == '1' && ($CONFIG['which_files_to_watermark'] == 'both' || $CONFIG['which_files_to_watermark'] == 'original')) { $prefixes[] = 'orig'; } if (!is_image($pic['filename'])) { $prefixes = array('fullsize'); // Check for custom thumbnails $mime_content_old = cpg_get_type($pic['filename']); $mime_content_new = cpg_get_type(replace_forbidden($post_filename)); $file_base_name_old = str_replace('.' . $mime_content_old['extension'], '', basename($pic['filename'])); foreach (array('.gif', '.png', '.jpg') as $thumb_extension) { if (file_exists($CONFIG['fullpath'] . $pic['filepath'] . $CONFIG['thumb_pfx'] . $file_base_name_old . $thumb_extension)) { // Thumbnail found, check if it's the only file using that thumbnail $count = mysql_result(cpg_db_query("SELECT COUNT(*) FROM {$CONFIG['TABLE_PICTURES']} WHERE filepath = '{$pic['filepath']}' AND filename LIKE '{$file_base_name_old}.%'"), 0); if ($count == 1) { $prefixes[] = 'thumb'; $custom_thumb = TRUE; break; } } } } $pic_prefix = array('thumb' => $CONFIG['thumb_pfx'], 'normal' => $CONFIG['normal_pfx'], 'orig' => $CONFIG['orig_pfx'], 'fullsize' => ''); $files_to_rename = array(); foreach ($prefixes as $prefix) { $oldname = urldecode($CONFIG['fullpath'] . $pic['filepath'] . $pic_prefix[$prefix] . $pic['filename']); $filename = replace_forbidden($post_filename); $newname = str_replace($pic['filename'], $filename, $oldname); if ($custom_thumb == TRUE && $prefix == 'thumb') { $oldname = str_replace('.' . $mime_content_old['extension'], $thumb_extension, $oldname); $newname = str_replace('.' . $mime_content_new['extension'], $thumb_extension, $newname); } $old_mime = cpg_get_type($oldname); $new_mime = cpg_get_type($newname); if ($old_mime['mime'] != $new_mime['mime'] && isset($new_mime['mime'])) { cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['mime_conv'], $old_mime['mime'], $new_mime['mime']), __FILE__, __LINE__); } if (!is_known_filetype($newname)) { cpg_die(CRITICAL_ERROR, $lang_editpics_php['forb_ext'], __FILE__, __LINE__); } if (file_exists($newname)) { cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['file_exists'], $newname), __FILE__, __LINE__); } if (!file_exists($oldname)) { cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['src_file_missing'], $oldname), __FILE__, __LINE__); } // Check if there will be no conflicts before doing anything $files_to_rename[] = array('oldname' => $oldname, 'filename' => $filename, 'newname' => $newname); } if (count($files_to_rename) > 0) { foreach ($files_to_rename as $file) { if (rename($file['oldname'], $file['newname'])) { cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET filename = '{$file['filename']}' WHERE pid = '{$pid}' LIMIT 1"); } else { cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['rename_failed'], $oldname, $newname), __FILE__, __LINE__); } } } } }
function is_document(&$file) { return cpg_get_type($file, 'document'); }
function fmp_fullsize_thumbnail_params($data) { preg_match('/alt="(.*)"/Ui', $data['{THUMB}'], $match_alt); $mime_content = cpg_get_type($match_alt[1]); if (fmp_get_html($mime_content, true)) { global $CONFIG; preg_match('/pid=([0-9]+)/i', $data['{LINK_TGT}'], $match_pid); $pid = $match_pid[1]; $sql = "SELECT pwidth, pheight FROM {$CONFIG['TABLE_PICTURES']} WHERE pid='{$pid}'"; $result = cpg_db_query($sql); $CURRENT_PIC_DATA = mysql_fetch_assoc($result); if ($CURRENT_PIC_DATA['pwidth'] == 0 || $CURRENT_PIC_DATA['pheight'] == 0) { $resize_method = $CONFIG['picture_use'] == "thumb" ? $CONFIG['thumb_use'] == "ex" ? "any" : $CONFIG['thumb_use'] : $CONFIG['picture_use']; if ($resize_method == 'ht') { $pwidth = $CONFIG['picture_width'] * 4 / 3; $pheight = $CONFIG['picture_width']; } else { $pwidth = $CONFIG['picture_width']; $pheight = $CONFIG['picture_width'] * 3 / 4; } $CURRENT_PIC_DATA['pwidth'] = $pwidth; // Default width // Set default height; if file is a movie if ($mime_content['content'] == 'movie') { $CURRENT_PIC_DATA['pheight'] = $pheight; // Default height } } $new_height = ceil($CURRENT_PIC_DATA['pheight'] + $CONFIG['fullsize_padding_y']); $new_width = ceil($CURRENT_PIC_DATA['pwidth'] + $CONFIG['fullsize_padding_x']); $data['{LINK_TGT}'] = preg_replace('/width=([0-9]+),height=([0-9]+)/i', 'width=' . $new_width . ',height=' . $new_height, $data['{LINK_TGT}']); } return $data; }