/** * Handle user- & total image_counter * * @param array $image_id_ary array with the image_ids which changed their status * @param bool $add are we adding or removing the images * @param bool $readd is it possible that there are images which aren't really changed */ public static function handle_counter($image_id_ary, $add, $readd = false) { global $db; $num_images = $num_comments = 0; $sql = 'SELECT SUM(image_comments) comments FROM ' . GALLERY_IMAGES_TABLE . ' WHERE image_status ' . ($readd ? '=' : '<>') . ' ' . self::STATUS_UNAPPROVED . ' AND ' . $db->sql_in_set('image_id', $image_id_ary) . ' GROUP BY image_user_id'; $result = $db->sql_query($sql); $num_comments = $db->sql_fetchfield('comments'); $db->sql_freeresult($result); $sql = 'SELECT COUNT(image_id) images, image_user_id FROM ' . GALLERY_IMAGES_TABLE . ' WHERE image_status ' . ($readd ? '=' : '<>') . ' ' . self::STATUS_UNAPPROVED . ' AND ' . $db->sql_in_set('image_id', $image_id_ary) . ' GROUP BY image_user_id'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $sql_ary = array('user_id' => $row['image_user_id'], 'user_images' => $row['images']); phpbb_gallery_hookup::add_image($row['image_user_id'], $add ? $row['images'] : 0 - $row['images']); $num_images = $num_images + $row['images']; $sql = 'UPDATE ' . GALLERY_USERS_TABLE . ' SET user_images = user_images ' . ($add ? '+ ' : '- ') . $row['images'] . ' WHERE ' . $db->sql_in_set('user_id', $row['image_user_id']); $db->sql_query($sql); if ($db->sql_affectedrows() != 1) { $sql = 'INSERT INTO ' . GALLERY_USERS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); $db->sql_query($sql); } } $db->sql_freeresult($result); if ($add) { phpbb_gallery_config::inc('num_images', $num_images); phpbb_gallery_config::inc('num_comments', $num_comments); } else { phpbb_gallery_config::dec('num_images', $num_images); phpbb_gallery_config::dec('num_comments', $num_comments); } }
/** * Generate personal album for user, when moving image into it */ public static function generate_personal_album($album_name, $user_id, $user_colour, $gallery_user) { global $cache, $db; $album_data = array('album_name' => $album_name, 'parent_id' => 0, 'album_desc_options' => 7, 'album_desc' => '', 'album_parents' => '', 'album_type' => self::TYPE_UPLOAD, 'album_status' => self::STATUS_UNLOCKED, 'album_user_id' => $user_id, 'album_last_username' => '', 'album_last_user_colour' => $user_colour); $db->sql_query('INSERT INTO ' . GALLERY_ALBUMS_TABLE . ' ' . $db->sql_build_array('INSERT', $album_data)); $personal_album_id = $db->sql_nextid(); $gallery_user->update_data(array('personal_album_id' => $personal_album_id)); phpbb_gallery_config::inc('num_pegas', 1); // Update the config for the statistic on the index phpbb_gallery_config::set('newest_pega_user_id', $user_id); phpbb_gallery_config::set('newest_pega_username', $album_name); phpbb_gallery_config::set('newest_pega_user_colour', $user_colour); phpbb_gallery_config::set('newest_pega_album_id', $personal_album_id); $cache->destroy('_albums'); $cache->destroy('sql', GALLERY_ALBUMS_TABLE); return $personal_album_id; }
function import() { global $db, $template, $user; $import_schema = request_var('import_schema', ''); $images = request_var('images', array(''), true); $submit = isset($_POST['submit']) ? true : (empty($images) ? false : true); if ($import_schema) { if (phpbb_gallery_url::_file_exists($import_schema, 'import', '')) { include phpbb_gallery_url::_return_file($import_schema, 'import', ''); // Replace the md5 with the ' again and remove the space at the end to prevent \' troubles $user_data['username'] = utf8_substr(str_replace("{{$import_schema}}", "'", $user_data['username']), 0, -1); $image_name = utf8_substr(str_replace("{{$import_schema}}", "'", $image_name), 0, -1); } else { global $phpEx; trigger_error(sprintf($user->lang['MISSING_IMPORT_SCHEMA'], $import_schema . '.' . $phpEx), E_USER_WARNING); } $images_loop = 0; foreach ($images as $image_src) { /** * Import the images */ $image_src = str_replace("{{$import_schema}}", "'", $image_src); $image_src_full = phpbb_gallery_url::path('import') . utf8_decode($image_src); if (file_exists($image_src_full)) { $filetype = getimagesize($image_src_full); $filetype_ext = ''; switch ($filetype['mime']) { case 'image/jpeg': case 'image/jpg': case 'image/pjpeg': $filetype_ext = '.jpg'; $read_function = 'imagecreatefromjpeg'; if (substr(strtolower($image_src), -4) != '.jpg' && substr(strtolower($image_src), -5) != '.jpeg') { trigger_error(sprintf($user->lang['FILETYPE_MIMETYPE_MISMATCH'], $image_src, $filetype['mime']), E_USER_WARNING); } break; case 'image/png': case 'image/x-png': $filetype_ext = '.png'; $read_function = 'imagecreatefrompng'; if (substr(strtolower($image_src), -4) != '.png') { trigger_error(sprintf($user->lang['FILETYPE_MIMETYPE_MISMATCH'], $image_src, $filetype['mime']), E_USER_WARNING); } break; case 'image/gif': case 'image/giff': $filetype_ext = '.gif'; $read_function = 'imagecreatefromgif'; if (substr(strtolower($image_src), -4) != '.gif') { trigger_error(sprintf($user->lang['FILETYPE_MIMETYPE_MISMATCH'], $image_src, $filetype['mime']), E_USER_WARNING); } break; default: trigger_error('NOT_ALLOWED_FILE_TYPE'); break; } $image_filename = md5(unique_id()) . $filetype_ext; if (!@move_uploaded_file($image_src_full, phpbb_gallery_url::path('upload') . $image_filename)) { if (!@copy($image_src_full, phpbb_gallery_url::path('upload') . $image_filename)) { $user->add_lang('posting'); trigger_error(sprintf($user->lang['GENERAL_UPLOAD_ERROR'], phpbb_gallery_url::path('upload') . $image_filename), E_USER_WARNING); } } @chmod(phpbb_gallery_url::path('upload') . $image_filename, 0777); // The source image is imported, so we delete it. @unlink($image_src_full); $sql_ary = array('image_filename' => $image_filename, 'image_thumbnail' => '', 'image_desc' => '', 'image_desc_uid' => '', 'image_desc_bitfield' => '', 'image_user_id' => $user_data['user_id'], 'image_username' => $user_data['username'], 'image_username_clean' => utf8_clean_string($user_data['username']), 'image_user_colour' => $user_data['user_colour'], 'image_user_ip' => $user->ip, 'image_time' => $start_time + $done_images, 'image_album_id' => $album_id, 'image_status' => phpbb_gallery_image::STATUS_APPROVED, 'image_exif_data' => ''); $image_tools = new phpbb_gallery_image_tools(); $image_tools->set_image_options(phpbb_gallery_config::get('max_filesize'), phpbb_gallery_config::get('max_height'), phpbb_gallery_config::get('max_width')); $image_tools->set_image_data(phpbb_gallery_url::path('upload') . $image_filename); // Read exif data from file $image_tools->read_exif_data(); $sql_ary['image_exif_data'] = $image_tools->exif_data_serialized; $sql_ary['image_has_exif'] = $image_tools->exif_data_exist; if ($filetype[0] > phpbb_gallery_config::get('max_width') || $filetype[1] > phpbb_gallery_config::get('max_height')) { /** * Resize overside images */ if (phpbb_gallery_config::get('allow_resize')) { $image_tools->resize_image(phpbb_gallery_config::get('max_width'), phpbb_gallery_config::get('max_height')); if ($image_tools->resized) { $image_tools->write_image(phpbb_gallery_url::path('upload') . $image_filename, phpbb_gallery_config::get('jpg_quality'), true); } } } if (!$image_tools->exif_data_force_db && $sql_ary['image_has_exif'] == phpbb_gallery_constants::EXIF_DBSAVED) { // Image was not resized, so we can pull the Exif from the image to save db-memory. $sql_ary['image_has_exif'] = phpbb_gallery_constants::EXIF_AVAILABLE; $sql_ary['image_exif_data'] = ''; } // Try to get real filesize from temporary folder (not always working) ;) $sql_ary['filesize_upload'] = @filesize(phpbb_gallery_url::path('upload') . $image_filename) ? @filesize(phpbb_gallery_url::path('upload') . $image_filename) : 0; if ($filename || $image_name == '') { $sql_ary['image_name'] = str_replace("_", " ", utf8_substr($image_src, 0, -4)); } else { $sql_ary['image_name'] = str_replace('{NUM}', $num_offset + $done_images, $image_name); } $sql_ary['image_name_clean'] = utf8_clean_string($sql_ary['image_name']); // Put the images into the database $db->sql_query('INSERT INTO ' . GALLERY_IMAGES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $done_images++; } // Remove the image from the list unset($images[$images_loop]); $images_loop++; if ($images_loop == 10) { // We made 10 images, so we end for this turn break; } } if ($images_loop) { $image_user = new phpbb_gallery_user($db, $user_data['user_id'], false); $image_user->update_images($images_loop); phpbb_gallery_config::inc('num_images', $images_loop); $todo_images = $todo_images - $images_loop; } phpbb_gallery_album::update_info($album_id); if (!$todo_images) { unlink(phpbb_gallery_url::_return_file($import_schema, 'import', '')); trigger_error(sprintf($user->lang['IMPORT_FINISHED'], $done_images) . adm_back_link($this->u_action)); } else { // Write the new list $this->create_import_schema($import_schema, $album_id, $user_data, $start_time, $num_offset, $done_images, $todo_images, $image_name, $filename, $images); // Redirect $forward_url = $this->u_action . "&import_schema={$import_schema}"; meta_refresh(1, $forward_url); trigger_error(sprintf($user->lang['IMPORT_DEBUG_MES'], $done_images, $todo_images)); } } else { if ($submit) { if (!check_form_key('acp_gallery')) { trigger_error('FORM_INVALID', E_USER_WARNING); } if (!$images) { trigger_error('NO_FILE_SELECTED', E_USER_WARNING); } // Who is the uploader? $username = request_var('username', '', true); $user_id = 0; if ($username) { if (!function_exists('user_get_id_name')) { phpbb_gallery_url::_include('functions_user', 'phpbb'); } user_get_id_name($user_id, $username); } if (is_array($user_id)) { $user_id = $user_id[0]; } if (!$user_id) { $user_id = $user->data['user_id']; } $sql = 'SELECT username, user_colour, user_id FROM ' . USERS_TABLE . ' WHERE user_id = ' . $user_id; $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$user_row) { trigger_error('HACKING_ATTEMPT', E_USER_WARNING); } // Where do we put them to? $album_id = request_var('album_id', 0); $sql = 'SELECT album_id, album_name FROM ' . GALLERY_ALBUMS_TABLE . ' WHERE album_id = ' . $album_id; $result = $db->sql_query($sql); $album_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$album_row) { trigger_error('HACKING_ATTEMPT', E_USER_WARNING); } $start_time = time(); $import_schema = md5($start_time); $filename = request_var('filename', '') == 'filename' ? true : false; $image_name = request_var('image_name', '', true); $num_offset = request_var('image_num', 0); $this->create_import_schema($import_schema, $album_row['album_id'], $user_row, $start_time, $num_offset, 0, sizeof($images), $image_name, $filename, $images); $forward_url = $this->u_action . "&import_schema={$import_schema}"; meta_refresh(2, $forward_url); trigger_error('IMPORT_SCHEMA_CREATED'); } } $handle = opendir(phpbb_gallery_url::path('import')); $files = array(); while ($file = readdir($handle)) { if (!is_dir(phpbb_gallery_url::path('import') . $file) && (substr(strtolower($file), -4) == '.png' && phpbb_gallery_config::get('allow_png') || substr(strtolower($file), -4) == '.gif' && phpbb_gallery_config::get('allow_gif') || substr(strtolower($file), -4) == '.jpg' && phpbb_gallery_config::get('allow_jpg') || substr(strtolower($file), -5) == '.jpeg' && phpbb_gallery_config::get('allow_jpg'))) { $files[utf8_strtolower($file)] = $file; } } closedir($handle); // Sort the files by name again ksort($files); foreach ($files as $file) { $template->assign_block_vars('imagerow', array('FILE_NAME' => utf8_encode($file))); } $template->assign_vars(array('S_IMPORT_IMAGES' => true, 'ACP_GALLERY_TITLE' => $user->lang['ACP_IMPORT_ALBUMS'], 'ACP_GALLERY_TITLE_EXPLAIN' => $user->lang['ACP_IMPORT_ALBUMS_EXPLAIN'], 'L_IMPORT_DIR_EMPTY' => sprintf($user->lang['IMPORT_DIR_EMPTY'], phpbb_gallery_url::path('import')), 'S_ALBUM_IMPORT_ACTION' => $this->u_action, 'S_SELECT_IMPORT' => phpbb_gallery_album::get_albumbox(false, 'album_id', false, false, false, phpbb_gallery_album::PUBLIC_ALBUM, phpbb_gallery_album::TYPE_UPLOAD), 'U_FIND_USERNAME' => phpbb_gallery_url::append_sid('phpbb', 'memberlist', 'mode=searchuser&form=acp_gallery&field=username&select_single=true'))); }
$sql_update = 'UPDATE ' . GALLERY_IMAGES_TABLE . ' SET image_contest_end = ' . $contest_end_time . ', image_contest_rank = 1 WHERE image_id = ' . $first; $db->sql_query($sql_update); $sql_update = 'UPDATE ' . GALLERY_IMAGES_TABLE . ' SET image_contest_end = ' . $contest_end_time . ', image_contest_rank = 2 WHERE image_id = ' . $second; $db->sql_query($sql_update); $sql_update = 'UPDATE ' . GALLERY_IMAGES_TABLE . ' SET image_contest_end = ' . $contest_end_time . ', image_contest_rank = 3 WHERE image_id = ' . $third; $db->sql_query($sql_update); phpbb_gallery_config::inc('contests_ended', 1); $album_data['contest_marked'] = phpbb_gallery_image::NO_CONTEST; } /** * Build auth-list */ phpbb_gallery::$auth->gen_auth_level('album', $album_id, $album_data['album_status'], $album_data['album_user_id']); if (!phpbb_gallery::$auth->acl_check('i_view', $album_id, $album_data['album_user_id'])) { if ($user->data['is_bot']) { phpbb_gallery::redirect('index'); } if (!$user->data['is_registered']) { login_box(); } else { trigger_error('NOT_AUTHORISED'); }
public static function end($album_id, $contest_id, $end_time) { global $db; $sql = 'UPDATE ' . GALLERY_IMAGES_TABLE . ' SET image_contest = ' . phpbb_gallery_image::NO_CONTEST . ' WHERE image_album_id = ' . $album_id; $db->sql_query($sql); $sql = 'SELECT image_id FROM ' . GALLERY_IMAGES_TABLE . ' WHERE image_album_id = ' . $album_id . ' ORDER BY ' . self::get_tabulation(); $result = $db->sql_query_limit($sql, self::NUM_IMAGES); $first = (int) $db->sql_fetchfield('image_id'); $second = (int) $db->sql_fetchfield('image_id'); $third = (int) $db->sql_fetchfield('image_id'); $db->sql_freeresult($result); $sql = 'UPDATE ' . GALLERY_CONTESTS_TABLE . ' SET contest_marked = ' . phpbb_gallery_image::NO_CONTEST . ",\n\t\t\t\tcontest_first = {$first},\n\t\t\t\tcontest_second = {$second},\n\t\t\t\tcontest_third = {$third}\n\t\t\tWHERE contest_id = " . (int) $contest_id; $db->sql_query($sql); $sql = 'UPDATE ' . GALLERY_IMAGES_TABLE . ' SET image_contest_end = ' . (int) $end_time . ', image_contest_rank = 1 WHERE image_id = ' . $first; $db->sql_query($sql); $sql = 'UPDATE ' . GALLERY_IMAGES_TABLE . ' SET image_contest_end = ' . (int) $end_time . ', image_contest_rank = 2 WHERE image_id = ' . $second; $db->sql_query($sql); $sql = 'UPDATE ' . GALLERY_IMAGES_TABLE . ' SET image_contest_end = ' . (int) $end_time . ', image_contest_rank = 3 WHERE image_id = ' . $third; $db->sql_query($sql); phpbb_gallery_config::inc('contests_ended', 1); }
function initialise_album() { global $cache, $db, $template, $user; if (!phpbb_gallery::$user->get_data('personal_album_id')) { // Check if the user is allowed to have one if (!phpbb_gallery::$auth->acl_check('i_upload', phpbb_gallery_auth::OWN_ALBUM)) { trigger_error('NO_PERSALBUM_ALLOWED'); } $album_data = array('album_name' => $user->data['username'], 'parent_id' => request_var('parent_id', 0), 'album_desc_options' => 7, 'album_desc' => utf8_normalize_nfc(request_var('album_desc', '', true)), 'album_parents' => '', 'album_type' => phpbb_gallery_album::TYPE_UPLOAD, 'album_status' => phpbb_gallery_album::STATUS_OPEN, 'album_user_id' => $user->data['user_id'], 'album_last_username' => '', 'album_last_user_colour' => $user->data['user_colour']); $db->sql_query('INSERT INTO ' . GALLERY_ALBUMS_TABLE . ' ' . $db->sql_build_array('INSERT', $album_data)); $album_id = $db->sql_nextid(); phpbb_gallery::$user->update_data(array('personal_album_id' => $album_id)); phpbb_gallery_config::inc('num_pegas', 1); // Update the config for the statistic on the index phpbb_gallery_config::set('newest_pega_user_id', $user->data['user_id']); phpbb_gallery_config::set('newest_pega_username', $user->data['username']); phpbb_gallery_config::set('newest_pega_user_colour', $user->data['user_colour']); phpbb_gallery_config::set('newest_pega_album_id', $album_id); $cache->destroy('_albums'); $cache->destroy('sql', GALLERY_ALBUMS_TABLE); phpbb_gallery_auth::set_user_permissions('all', ''); } redirect($this->u_action); }
$error .= ($error ? '<br />' : '') . $user->lang['MISSING_COMMENT']; } if (utf8_strlen($comment_text) > phpbb_gallery_config::get('comment_length')) { $submit = false; $error .= ($error ? '<br />' : '') . $user->lang['COMMENT_TOO_LONG']; } $message_parser = new parse_message(); $message_parser->message = utf8_normalize_nfc($comment_text); if ($message_parser->message) { $message_parser->parse(true, true, true, true, false, true, true, true); } $sql_ary = array('comment_image_id' => $image_id, 'comment_user_id' => $user->data['user_id'], 'comment_username' => $user->data['user_id'] != ANONYMOUS ? $user->data['username'] : $comment_username, 'comment_user_colour' => $user->data['user_colour'], 'comment_user_ip' => $user->ip, 'comment_time' => time(), 'comment' => $message_parser->message, 'comment_uid' => $message_parser->bbcode_uid, 'comment_bitfield' => $message_parser->bbcode_bitfield); if (!$error && $sql_ary['comment'] != '') { $db->sql_query('INSERT INTO ' . GALLERY_COMMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $newest_comment = $db->sql_nextid(); phpbb_gallery_config::inc('num_comments', 1); if (phpbb_gallery_misc::display_captcha('comment')) { $captcha->reset(); } $sql = 'UPDATE ' . GALLERY_IMAGES_TABLE . "\n\t\t\t\t\t\t\tSET image_comments = image_comments + 1,\n\t\t\t\t\t\t\t\timage_last_comment = {$newest_comment}\n\t\t\t\t\t\t\tWHERE " . $db->sql_in_set('image_id', $image_id); $db->sql_query($sql); if (phpbb_gallery::$user->get_data('watch_com') && !$image_data['watch_id']) { $sql_ary = array('image_id' => $image_id, 'user_id' => $user->data['user_id']); $sql = 'INSERT INTO ' . GALLERY_WATCH_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); $db->sql_query($sql); } phpbb_gallery_misc::notification('image', $image_id, $image_data['image_name']); $message .= $user->lang['COMMENT_STORED'] . '<br />'; } else { if (phpbb_gallery_misc::display_captcha('comment')) { $s_captcha_hidden_fields = $captcha->is_solved() ? build_hidden_fields($captcha->get_hidden_fields()) : '';