/** * plugin initialization */ function oauth_init() { global $conf, $page, $hybridauth_conf, $template; load_language('plugin.lang', OAUTH_PATH); $conf['oauth'] = safe_unserialize($conf['oauth']); // check config if (defined('IN_ADMIN')) { if (empty($hybridauth_conf) and strpos(@$_GET['page'], 'plugin-oAuth') === false) { $page['warnings'][] = '<a href="' . OAUTH_ADMIN . '">' . l10n('Social Connect: You need to configure the credentials') . '</a>'; } if (!function_exists('curl_init')) { $page['warnings'][] = l10n('Social Connect: PHP Curl extension is needed'); } } // in case of registration aborded if (script_basename() == 'index' and ($oauth_id = pwg_get_session_var('oauth_new_user')) !== null) { pwg_unset_session_var('oauth_new_user'); if ($oauth_id[0] == 'Persona') { oauth_assign_template_vars(get_gallery_home_url()); $template->block_footer_script(null, 'navigator.id.logout();'); } else { require_once OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php'; try { $hybridauth = new Hybrid_Auth($hybridauth_conf); $adapter = $hybridauth->getAdapter($oauth_id[0]); $adapter->logout(); } catch (Exception $e) { } } } }
/** * register page */ function oauth_begin_register() { global $conf, $template, $hybridauth_conf, $page, $user; if ($hybridauth_conf['enabled'] == 0) { return; } // coming from identification page if (pwg_get_session_var('oauth_new_user') != null) { list($provider, $user_identifier) = pwg_get_session_var('oauth_new_user'); try { if ($provider == 'Persona') { $template->assign('OAUTH_USER', array('provider' => 'Persona', 'username' => $user_identifier, 'u_profile' => null, 'avatar' => null)); oauth_assign_template_vars(); $template->append('OAUTH', array('persona_email' => $user_identifier), true); $conf['oauth']['include_common_template'] = true; } else { require_once OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php'; $hybridauth = new Hybrid_Auth($hybridauth_conf); $adapter = $hybridauth->authenticate($provider); $remote_user = $adapter->getUserProfile(); // security, check remote identifier if ($remote_user->identifier != $user_identifier) { pwg_unset_session_var('oauth_new_user'); throw new Exception('Hacking attempt!', 403); } $template->assign('OAUTH_USER', array('provider' => $hybridauth_conf['providers'][$provider]['name'], 'username' => $remote_user->displayName, 'u_profile' => $remote_user->profileURL, 'avatar' => $remote_user->photoURL)); } $oauth_id = pwg_db_real_escape_string($provider . '---' . $user_identifier); $page['infos'][] = l10n('Your registration is almost done, please complete the registration form.'); // register form submited if (isset($_POST['submit'])) { $user_id = register_user($_POST['login'], hash('sha1', $oauth_id . $conf['secret_key']), $_POST['mail_address'], true, $page['errors'], false); if ($user_id !== false) { pwg_unset_session_var('oauth_new_user'); // update oauth field single_update(USER_INFOS_TABLE, array('oauth_id' => $oauth_id), array('user_id' => $user_id)); // log_user and redirect log_user($user_id, false); redirect('profile.php'); } unset($_POST['submit']); } else { if (isset($_POST['login']) && $conf['oauth']['allow_merge_accounts']) { if ($conf['insensitive_case_logon'] == true) { $_POST['username'] = search_case_username($_POST['username']); } $user_id = get_userid($_POST['username']); if ($user_id === false) { $page['errors'][] = l10n('Invalid username or email'); } else { if ($user_id == $conf['webmaster_id']) { $page['errors'][] = l10n('For security reason, the main webmaster account can\'t be merged with a remote account, but you can use another webmaster account.'); } else { if (pwg_login(false, $_POST['username'], $_POST['password'], false)) { // update oauth field single_update(USER_INFOS_TABLE, array('oauth_id' => $oauth_id), array('user_id' => $user['id'])); pwg_unset_session_var('oauth_new_user'); redirect('profile.php'); } else { $page['errors'][] = l10n('Invalid password!'); } } } } } // overwrite fields with remote datas if ($provider == 'Persona') { $_POST['login'] = ''; $_POST['mail_address'] = $user_identifier; } else { $_POST['login'] = $remote_user->displayName; $_POST['mail_address'] = $remote_user->email; } // template $template->assign('OAUTH_PATH', OAUTH_PATH); if ($conf['oauth']['allow_merge_accounts']) { $template->assign('OAUTH_LOGIN_IN_REGISTER', true); $template->set_prefilter('register', 'oauth_add_login_in_register'); } else { $template->set_prefilter('register', 'oauth_add_profile_prefilter'); $template->set_prefilter('register', 'oauth_remove_password_fields_prefilter'); } } catch (Exception $e) { $page['errors'][] = l10n('An error occured, please contact the gallery owner. <i>Error code : %s</i>', $e->getCode()); } } else { if ($conf['oauth']['display_register']) { oauth_assign_template_vars(get_gallery_home_url()); $template->set_prefilter('register', 'oauth_add_buttons_prefilter'); } } }
$page['items'][] = $page['image_id']; } else { $url = make_picture_url(array('image_id' => $page['image_id'], 'image_file' => $page['image_file'], 'section' => 'categories', 'flat' => true)); set_status_header('recent_pics' == $page['section'] ? 301 : 302); redirect_http($url); } } } } } // There is cookie, so we must handle it at the beginning if (isset($_GET['metadata'])) { if (pwg_get_session_var('show_metadata') == null) { pwg_set_session_var('show_metadata', 1); } else { pwg_unset_session_var('show_metadata'); } } // add default event handler for rendering element content add_event_handler('render_element_content', 'default_picture_content'); // add default event handler for rendering element description add_event_handler('render_element_description', 'pwg_nl2br'); /** * pwg_nl2br is useful for PHP 5.2 which doesn't accept more than 1 * parameter on nl2br() (and anyway the second parameter of nl2br does not * match what Piwigo gives. */ function pwg_nl2br($string) { return nl2br($string); }
if ('categories' == $page['section'] and !isset($page['flat'])) { $conf['order_by'] = $conf['order_by_inside_category']; } if (pwg_get_session_var('image_order', 0) > 0) { $image_order_id = pwg_get_session_var('image_order'); $orders = get_category_preferred_image_orders(); // the current session stored image_order might be not compatible with // current image set, for example if the current image_order is the rank // and that we are displaying images related to a tag. // // In case of incompatibility, the session stored image_order is removed. if ($orders[$image_order_id][2]) { $conf['order_by'] = str_replace('ORDER BY ', 'ORDER BY ' . $orders[$image_order_id][1] . ',', $conf['order_by']); $page['super_order_by'] = true; } else { pwg_unset_session_var('image_order'); $page['super_order_by'] = false; } } $forbidden = get_sql_condition_FandF(array('forbidden_categories' => 'category_id', 'visible_categories' => 'category_id', 'visible_images' => 'id'), 'AND'); // +-----------------------------------------------------------------------+ // | category | // +-----------------------------------------------------------------------+ if ('categories' == $page['section']) { if (isset($page['category'])) { $page = array_merge($page, array('comment' => trigger_change('render_category_description', $page['category']['comment'], 'main_page_category_description'), 'title' => get_cat_display_name($page['category']['upper_names'], '', false))); } else { $page['title'] = ''; // will be set later } // GET IMAGES LIST
$filter['visible_images'] = implode(',', array_from_query($query, 'image_id')); if (empty($filter['visible_images'])) { // Must be not empty $filter['visible_images'] = -1; } // Save filter data on session pwg_set_session_var('filter_enabled', $filter['enabled']); pwg_set_session_var('filter_check_key', $filter_key); pwg_set_session_var('filter_categories', serialize($filter['categories'])); pwg_set_session_var('filter_visible_categories', $filter['visible_categories']); pwg_set_session_var('filter_visible_images', $filter['visible_images']); } else { // Read only data $filter['categories'] = unserialize(pwg_get_session_var('filter_categories', serialize(array()))); $filter['visible_categories'] = pwg_get_session_var('filter_visible_categories', ''); $filter['visible_images'] = pwg_get_session_var('filter_visible_images', ''); } unset($filter_key); if (get_filter_page_value('add_notes')) { $header_notes[] = l10n_dec('Photos posted within the last %d day.', 'Photos posted within the last %d days.', $filter['recent_period']); } include_once PHPWG_ROOT_PATH . 'include/functions_filter.inc.php'; } else { if (pwg_get_session_var('filter_enabled', false)) { pwg_unset_session_var('filter_enabled'); pwg_unset_session_var('filter_check_key'); pwg_unset_session_var('filter_categories'); pwg_unset_session_var('filter_visible_categories'); pwg_unset_session_var('filter_visible_images'); } }
if (isset($_REQUEST['submited_tour_path']) and defined('IN_ADMIN') and IN_ADMIN) { check_pwg_token(); pwg_set_session_var('tour_to_launch', $_REQUEST['submited_tour_path']); global $TAT_restart; $TAT_restart = true; } elseif (isset($_GET['tour_ended']) and defined('IN_ADMIN') and IN_ADMIN) { pwg_unset_session_var('tour_to_launch'); } /** Setup the tour **/ /* * CHANGE FOR RELEASE $version_=str_replace('.','_',PHPWG_VERSION);*/ $version_ = "2_7_0"; /***/ if (pwg_get_session_var('tour_to_launch') != 'tours/' . $version_ and isset($_GET['page']) and $_GET['page'] == "plugin-TakeATour") { pwg_unset_session_var('tour_to_launch'); } elseif (pwg_get_session_var('tour_to_launch')) { add_event_handler('init', 'TAT_tour_setup'); } function TAT_tour_setup() { global $template, $TAT_restart, $conf; $tour_to_launch = pwg_get_session_var('tour_to_launch'); load_language('plugin.lang', PHPWG_PLUGINS_PATH . 'TakeATour/', array('force_fallback' => 'en_UK')); list(, $tour_name) = explode('/', $tour_to_launch); load_language('tour_' . $tour_name . '.lang', PHPWG_PLUGINS_PATH . 'TakeATour/', array('force_fallback' => 'en_UK')); $template->set_filename('TAT_js_css', PHPWG_PLUGINS_PATH . 'TakeATour/tpl/js_css.tpl'); $template->assign('ADMIN_THEME', $conf['admin_theme']); $template->parse('TAT_js_css'); if (isset($TAT_restart) and $TAT_restart) { $TAT_restart = false;