function archive($name)
{
$this->options = array('basedir' => ".", 'name' => UTF8ToFilesystem($name), 'prepend' => "", 'inmemory' => 0, 'overwrite' => 0, 'recurse' => 1, 'storepaths' => 1, 'followlinks' => 0, 'level' => 3, 'method' => 1, 'sfx' => "", 'type' => "", 'comment' => "");
$this->files = array();
$this->exclude = array();
$this->storeonly = array();
$this->error = array();
}
function parseCSSDef($file)
{
$file = str_replace(WEBPATH, '', $file);
$file = SERVERPATH . UTF8ToFilesystem($file);
if (is_readable($file) && ($fp = @fopen($file, "r"))) {
while ($line = fgets($fp)) {
if (!(false === strpos($line, "#main2 {"))) {
$line = fgets($fp);
$line = trim($line);
$item = explode(":", $line);
$rslt = trim(substr($item[1], 0, -1));
return $rslt;
}
}
}
return "#0b9577";
/* the default value */
}
/**
* Creates a zip file of the album
*
* @param string $album album folder
*/
function createAlbumZip($album)
{
global $_zp_zip_list;
if (!checkAlbumPassword($album, $hint)) {
pageError();
exit;
}
$album = UTF8ToFilesystem($album);
$rp = realpath(getAlbumFolder() . $album) . '/';
$p = $album . '/';
include_once 'archive.php';
$dest = realpath(getAlbumFolder()) . '/' . urlencode($album) . ".zip";
$persist = getOption('persistent_archive');
if (!$persist || !file_exists($dest)) {
if (file_exists($dest)) {
unlink($dest);
}
$z = new zip_file($dest);
$z->set_options(array('basedir' => $rp, 'inmemory' => 0, 'recurse' => 0, 'storepaths' => 1));
if ($dh = opendir($rp)) {
$_zp_zip_list[] = '*.*';
while (($file = readdir($dh)) !== false) {
if ($file != '.' && $file != '..') {
if (is_dir($rp . $file)) {
$base_a = explode("/", $album);
unset($base_a[count($base_a) - 1]);
$base = implode('/', $base_a);
zipAddSubalbum($rp, $base, $file, $z);
}
}
}
closedir($dh);
}
$z->add_files($_zp_zip_list);
$z->create_archive();
}
header('Content-Type: application/zip');
header('Content-Disposition: attachment; filename="' . urlencode($album) . '.zip"');
header("Content-Length: " . filesize($dest));
printLargeFileContents($dest);
if (!$persist) {
unlink($dest);
}
}
/**
* Parses and sanitizes Theme definition text
*
* @param file $file theme file
* @return string
*/
function parseThemeDef($file)
{
$file = UTF8ToFilesystem($file);
$themeinfo = array();
if (is_readable($file) && ($fp = @fopen($file, "r"))) {
while ($line = fgets($fp)) {
if (substr(trim($line), 0, 1) != "#") {
$item = explode("::", $line);
$themeinfo[trim($item[0])] = sanitize(trim($item[1]), 1);
}
}
return $themeinfo;
} else {
return false;
}
}
/**
* Copies the image to a new album, along with all metadata.
*
* @param string $newalbum the destination album
*/
function copyImage($newalbum)
{
if (is_string($newalbum)) {
$newalbum = new Album($this->album->gallery, $newalbum, false);
}
if ($newalbum->id == $this->album->id) {
// Nothing to do - moving the file to the same place.
return true;
}
$newpath = $newalbum->localpath . UTF8ToFilesystem($this->filename);
if (file_exists($newpath)) {
// If the file exists, don't overwrite it.
return false;
}
$result = @copy($this->localpath, $newpath);
if ($result) {
$result = $this->copy(array('filename' => $this->filename, 'albumid' => $newalbum->id));
}
return $result;
}
natcasesort($filelist);
echo "<h1>Plugins</h1>\n";
echo '<p>';
echo gettext("Plugins provide optional functionality for Zenphoto.") . ' ';
echo gettext("They may be provided as part of the Zenphoto distribution or as offerings from third parties.") . ' ';
echo gettext("Plugins are placed in the <code>zp-core/plugins</code> folder and are automatically discovered.") . ' ';
echo gettext("If the plugin checkbox is checked, the plugin will be loaded and its functions made available to theme pages. If the checkbox is not checked the plugin is disabled and occupies no resources.");
echo "</p>\n";
echo '<form action="?action=saveplugins" method="post">' . "\n";
echo '<input type="hidden" name="saveplugins" value="yes" />' . "\n";
echo '<input type="submit" value=' . gettext('save') . ' />' . "\n";
echo "<table class=\"bordered\" width=\"100%\">\n";
foreach ($filelist as $extension) {
$ext = substr($extension, 0, strlen($extension) - 4);
$opt = 'zp_plugin_' . $ext;
$pluginStream = file_get_contents(UTF8ToFilesystem($extension));
$parserr = 0;
$str = isolate('$plugin_description', $pluginStream);
if (false === $str) {
$plugin_description = '';
} else {
if (false === eval(isolate('$plugin_description', $pluginStream))) {
$parserr = $parserr | 1;
$plugin_description = gettext('<strong>Error parsing <em>plugin_description</em> string!</strong> Try removing semicolons from string.');
}
}
$str = isolate('$plugin_author', $pluginStream);
if (false === $str) {
$plugin_author = '';
} else {
if (false === eval($str)) {
case 'bmp':
$suffix = 'wbmp';
break;
case 'jpg':
$suffix = 'jpeg';
break;
case 'png':
case 'gif':
case 'jpeg':
break;
default:
pageError(405, gettext("Method Not Allowed"));
exit;
}
if (getOption('cache_full_image')) {
$cache_path = SERVERCACHE . '/' . UTF8ToFilesystem($cache_file);
} else {
$cache_path = NULL;
}
if (!getOption('watermark_image')) {
// no processing needed
if (getOption('album_folder_class') != 'external' && !getOption('protect_full_image') == 'Download') {
// local album system, return the image directly
header('Content-Type: image/' . $suffix);
header("Location: " . getAlbumFolder(FULLWEBPATH) . pathurlencode($_zp_current_album->name) . "/" . rawurlencode($_zp_current_image->filename));
exit;
} else {
// the web server does not have access to the image, have to supply it
$fp = fopen($image_path, 'rb');
// send the right headers
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
if (isset($_POST['savealbum'])) {
$albumname = $_POST['album'];
if (!isMyAlbum($albumname, EDIT_RIGHTS)) {
die(gettext("You do not have edit rights on this album."));
}
$album = $_POST['albumselect'];
$words = $_POST['words'];
if (isset($_POST['thumb'])) {
$thumb = $_POST['thumb'];
} else {
$thumb = '';
}
$fields = $search->fields;
$redirect = $album . '/' . $albumname . ".alb";
if (!empty($albumname)) {
$f = fopen(UTF8ToFilesystem(getAlbumFolder() . $redirect), 'w');
if ($f !== false) {
fwrite($f, "WORDS={$words}\nTHUMB={$thumb}\nFIELDS={$fields}\n");
fclose($f);
// redirct to edit of this album
header("Location: " . FULLWEBPATH . "/" . ZENFOLDER . "/admin-edit.php?page=edit&album=" . urlencode($redirect));
exit;
}
}
}
$_GET['page'] = 'edit';
// pretend to be the edit page.
printAdminHeader();
echo "\n</head>";
echo "\n<body>";
printLogoAndLinks();
}
// re-initialize video dimensions if needed
if (isImageVideo() & !is_null($_zp_flash_player)) {
$_zp_current_image->updateDimensions();
}
// Display the page itself
if (!is_null($_zp_HTML_cache)) {
$_zp_HTML_cache->startHTMLCache();
}
// Include the appropriate page for the requested object, and a 200 OK header.
header("HTTP/1.0 200 OK");
header("Status: 200 OK");
include $obj;
} else {
// If the requested object does not exist, issue a 404 and redirect to the theme's
// 404.php page, or a 404.php in the zp-core folder.
list($album, $image) = rewrite_get_album_image('album', 'image');
$_zp_gallery_page = '404.php';
$errpage = THEMEFOLDER . '/' . UTF8ToFilesystem($theme) . '/404.php';
header("HTTP/1.0 404 Not Found");
header("Status: 404 Not Found");
if (file_exists(SERVERPATH . "/" . $errpage)) {
include $errpage;
} else {
include ZENFOLDER . '/404.php';
}
}
exposeZenPhotoInformations($obj, $_zp_loaded_plugins, $theme, $_zp_filters);
if (!is_null($_zp_HTML_cache)) {
$_zp_HTML_cache->endHTMLCache();
}
$theme = $_GET['theme'];
$themedir = SERVERPATH . '/themes/' . UTF8ToFilesystem($theme);
$themefiles = listDirectoryFiles($themedir);
$themefiles_to_ext = array();
foreach ($themefiles as $file) {
if (isTextFile($file)) {
$path_info = pathinfo($file);
$themefiles_to_ext[$path_info['extension']][] = $file;
// array(['php']=>array('file.php', 'image.php'),['css']=>array('style.css'))
} else {
unset($themefiles[$file]);
// $themefile will eventually have all editable files and nothing else
}
}
if (isset($_GET['file'])) {
$file_to_edit = str_replace('\\', '/', realpath(SERVERPATH . '/themes/' . UTF8ToFilesystem($theme) . '/' . $_GET['file']));
}
// realpath() to take care of ../../file.php schemes, str_replace() to sanitize Win32 filenames
// If we're attempting to edit a file from a bundled theme, this is an illegal attempt
if (!themeIsEditable($theme, $themes)) {
die(gettext('Cannot edit this file!'));
}
// If we're attempting to edit a file that's not a text file or that does not belong to the theme directory, this is an illegal attempt
if ($file_to_edit) {
if (!in_array($file_to_edit, $themefiles) or !isTextFile($file_to_edit) or filesize($file_to_edit) == 0) {
die(gettext('Cannot edit this file!'));
}
}
// Handle POST that updates a file
if (isset($_POST['action']) && $_POST['action'] == 'edit_file' && $file_to_edit) {
$file_content = stripslashes($_POST['newcontent']);
/**
* Returns an array of image names found in the search
*
* @return array
*/
function getSearchImages()
{
$images = array();
$searchstring = $this->getSearchString();
$searchdate = $this->dates;
if (empty($searchstring) && empty($searchdate)) {
return $images;
}
// nothing to find
$albumfolder = getAlbumFolder();
$fields = $this->fields;
$tagsSearch = $fields & SEARCH_TAGS;
$fields = $fields & ~SEARCH_TAGS;
$sql = $this->getSearchSQL($searchstring, $searchdate, 'images', $fields);
if (!empty($sql)) {
// valid fields exist
$search_results = query_full_array($sql, true);
}
if ($tagsSearch && count($searchstring) > 0) {
$idlist = array();
if (isset($search_results) && is_array($search_results)) {
foreach ($search_results as $row) {
$idlist[] = $row['id'];
}
}
$search_results = $this->searchTags($searchstring, 'images', $idlist);
}
if (isset($search_results) && is_array($search_results)) {
foreach ($search_results as $row) {
$albumid = $row['albumid'];
$query = "SELECT id, title, folder,`show` FROM " . prefix('albums') . " WHERE id = {$albumid}";
$row2 = query_single_row($query);
// id is unique
$albumname = $row2['folder'];
if (file_exists($albumfolder . UTF8ToFilesystem($albumname) . '/' . UTF8ToFilesystem($row['filename']))) {
if (checkAlbumPassword($albumname, $hint)) {
$images[] = array('filename' => $row['filename'], 'folder' => $albumname);
}
}
}
}
return $images;
}
/**
* Prints the album password form
*
* @param string $hint hint to the password
* @param bool $showProtected set false to supress the password protected message
* @param bool $showuser set true to force the user name filed to be present
*
*@since 1.1.3
*/
function printPasswordForm($hint, $showProtected = true, $showuser = NULL)
{
global $_zp_login_error, $_zp_password_form_printed, $_zp_current_search, $_zp_gallery_page, $_zp_current_album, $_zp_current_image;
if (is_null($showuser)) {
$showuser = getOption('login_user_field');
}
if ($_zp_password_form_printed) {
return;
}
$_zp_password_form_printed = true;
if ($_zp_login_error) {
echo "<div class=\"errorbox\" id=\"message\"><h2>" . gettext("There was an error logging in.") . "</h2><br/>" . gettext("Check your user and password and try again.") . "</div>";
}
switch ($_zp_gallery_page) {
case 'index.php':
$action = "";
break;
case 'album.php':
$action = '&album=' . urlencode($_zp_current_album->name);
break;
case 'image.php':
$action = '&album=' . urlencode($_zp_current_album->name) . '&image=' . urlencode($_zp_current_image->filename);
case 'full-image.php':
$action = '&album=' . urlencode($_zp_current_album->name) . '&image=' . urlencode($_zp_current_image->filename) . '&p=*full-image';
break;
default:
if (in_context(ZP_SEARCH)) {
$action = "&p=search" . $_zp_current_search->getSearchParams();
} else {
$action = '&p=' . substr($_zp_gallery_page, 0, -4);
}
}
if ($showProtected && !$_zp_login_error) {
echo "\n<p>" . gettext("The page you are trying to view is password protected.") . "</p>";
}
echo "\n<br/>";
echo "\n <form name=\"password\" action=\"?userlog=1{$action}\" method=\"POST\">";
echo "\n <input type=\"hidden\" name=\"password\" value=\"1\" />";
echo "\n <table>";
if ($showuser) {
echo "\n <tr><td style=\"text-align:right\">" . gettext("Login") . " </td><td style=\"text-align:left;\"><input type=\"text\" size=\"38\" name=\"user\" /></td></tr>";
}
echo "\n <tr><td style=\"text-align:right\">" . gettext("Password") . " </td><td style=\"text-align:left;\"><input type=\"password\" size=\"40\" name=\"pass\" /></td></tr>";
echo "\n <tr><td></td><td style=\"text-align:left\" ><input class=\"button\" type=\"submit\" value=\"" . gettext("Submit") . "\" /></td></tr>";
if (!empty($hint)) {
echo "\n <tr><td style=\"text-align:left\">" . sprintf(gettext("Hint: %s"), $hint) . "</td></tr>";
}
echo "\n </table>";
echo "\n </form>";
$registerpage = getOption('user_registration_page');
if (!empty($registerpage) && file_exists(SERVERPATH . '/' . THEMEFOLDER . '/' . getOption('current_theme') . '/' . UTF8ToFilesystem($registerpage) . '.php')) {
if (getOption('mod_rewrite')) {
$link = '/page/' . $registerpage;
} else {
$link = 'index.php?p=' . $registerpage;
}
printLink($link, get_language_string(getOption('user_registration_text')), get_language_string(getOption('user_registration_tip')));
}
}
/**
* Copy a theme directory to create a new custom theme
*
* @param $source source directory
* @param $target target directory
* @return bool|string either true or an error message
* @author Ozh
* @since 1.3
*/
function copyThemeDirectory($source, $target, $newname)
{
global $_zp_current_admin;
$message = true;
$source = SERVERPATH . '/themes/' . UTF8ToFilesystem($source);
$target = SERVERPATH . '/themes/' . UTF8ToFilesystem($target);
// If the target theme already exists, nothing to do.
if (is_dir($target)) {
return gettext('Cannot create new theme.') . ' ' . sprintf(gettext('Directory "%s" already exists!'), basename($target));
}
// If source dir is missing, exit too
if (!is_dir($source)) {
return gettext('Cannot create new theme.') . ' ' . sprintf(gettext('Cannot find theme directory "%s" to copy!'), basename($source));
}
// We must be able to write to the themes dir.
if (!is_writable(dirname($target))) {
return gettext('Cannot create new theme.') . ' ' . gettext('The <tt>/themes</tt> directory is not writable!');
}
// We must be able to create the directory
if (!mkdir($target, CHMOD_VALUE)) {
return gettext('Cannot create new theme.') . ' ' . gettext('Could not create directory for the new theme');
}
chmod($target, CHMOD_VALUE);
// Get a list of files to copy: get all files from the directory, remove those containing '/.svn/'
$source_files = array_filter(listDirectoryFiles($source), create_function('$str', 'return strpos($str, "/.svn/") === false;'));
// Determine nested (sub)directories structure to create: go through each file, explode path on "/"
// and collect every unique directory
$dirs_to_create = array();
foreach ($source_files as $path) {
$path = dirname(str_replace($source . '/', '', $path));
$path = explode('/', $path);
$dirs = '';
foreach ($path as $subdir) {
if ($subdir == '.svn' or $subdir == '.') {
continue 2;
}
$dirs = "{$dirs}/{$subdir}";
$dirs_to_create[$dirs] = $dirs;
}
}
/*
Example result for theme 'effervescence_plus': $dirs_to_create = array (
'/styles' => '/styles',
'/scripts' => '/scripts',
'/images' => '/images',
'/images/smooth' => '/images/smooth',
'/images/slimbox' => '/images/slimbox',
);
*/
// Create new directory structure
foreach ($dirs_to_create as $dir) {
mkdir("{$target}/{$dir}", CHMOD_VALUE);
chmod("{$target}/{$dir}", CHMOD_VALUE);
// Using chmod as PHP doc suggested: "Avoid using umask() in multithreaded webservers. It is better to change the file permissions with chmod() after creating the file."
}
// Now copy every file
foreach ($source_files as $file) {
$newfile = str_replace($source, $target, $file);
if (!copy("{$file}", "{$newfile}")) {
return sprintf(gettext("An error occured while copying files. Please delete manually the new theme directory '%s' and retry or copy files manually."), basename($target));
}
chmod("{$newfile}", CHMOD_VALUE);
}
// Rewrite the theme header.
if (file_exists($target . '/theme_description.php')) {
$theme_description = array();
require $target . '/theme_description.php';
$theme_description['desc'] = sprintf(gettext('Your theme, based on theme %s'), $theme_description['name']);
} else {
$theme_description['desc'] = gettext('Your theme');
}
$theme_description['name'] = $newname;
$theme_description['author'] = $_zp_current_admin['user'];
$theme_description['version'] = '1.0';
$theme_description['date'] = date('d/m/Y');
$description = sprintf('<' . '?php
// Zenphoto theme definition file
$theme_description["name"] = "%s";
$theme_description["author"] = "%s";
$theme_description["version"] = "%s";
$theme_description["date"] = "%s";
$theme_description["desc"] = "%s";
?' . '>', htmlentities($theme_description['name'], ENT_COMPAT), htmlentities($theme_description['author'], ENT_COMPAT), htmlentities($theme_description['version'], ENT_COMPAT), htmlentities($theme_description['date'], ENT_COMPAT), htmlentities($theme_description['desc'], ENT_COMPAT));
$f = fopen($target . '/theme_description.php', 'w');
if ($f !== FALSE) {
@fwrite($f, $description);
fclose($f);
$message = gettext('New custom theme created successfully!');
} else {
$message = gettext('New custom theme created, but its description could not be updated');
}
// Make a slightly custom theme image
if (file_exists("{$target}/theme.png")) {
$themeimage = "{$target}/theme.png";
} else {
if (file_exists("{$target}/theme.gif")) {
$themeimage = "{$target}/theme.gif";
} else {
if (file_exists("{$target}/theme.jpg")) {
$themeimage = "{$target}/theme.jpg";
} else {
$themeimage = false;
}
}
}
if ($themeimage) {
require_once dirname(__FILE__) . '/functions-image.php';
if ($im = get_image($themeimage)) {
$x = imagesx($im) / 2 - 45;
$y = imagesy($im) / 2 - 10;
$text = "CUSTOM COPY";
// create a blueish overlay
$overlay = imagecreatetruecolor(imagesx($im), imagesy($im));
imagefill($overlay, 0, 0, 0x606090);
// Merge theme image and overlay
imagecopymerge($im, $overlay, 0, 0, 0, 0, imagesx($im), imagesy($im), 45);
// Add text
imagestring($im, 5, $x - 1, $y - 1, $text, 0xffffff);
imagestring($im, 5, $x + 1, $y + 1, $text, 0xffffff);
imagestring($im, 5, $x, $y, $text, 0xff0000);
// Save new theme image
imagepng($im, $themeimage);
}
}
return $message;
}
// disable these two lines and enable the one following to allow sizing of default images.
header("Location: " . FULLWEBPATH . '/' . pathurlencode(FilesystemToUTF8($source . $source2)) . "/" . rawurlencode(filesystemToUTF8($imgfile)));
exit;
// $imgfile = SERVERPATH .'/'. $source.$source2 . "/" . $imgfile;
}
if (!file_exists($imgfile)) {
header("HTTP/1.0 404 Not Found");
imageError(gettext("Image not found; file does not exist."), 'err-imagenotfound.gif');
}
}
// Make the directories for the albums in the cache, recursively.
// Skip this for safe_mode, where we can't write to directories we create!
if (!ini_get("safe_mode")) {
$albumdirs = getAlbumArray($album, true);
foreach ($albumdirs as $dir) {
$dir = UTF8ToFilesystem($dir);
$dir = SERVERCACHE . '/' . $dir;
if (!is_dir($dir)) {
@mkdir($dir, CHMOD_VALUE);
chmod($dir, CHMOD_VALUE);
} else {
if (!is_writable($dir)) {
chmod($dir, CHMOD_VALUE);
}
}
}
}
$process = true;
// If the file exists, check its modification time and update as needed.
$fmt = filemtime($imgfile);
if (file_exists($newfile) & !$adminrequest) {
/** For every album in the gallery, look for its file. Delete from the database
* if the file does not exist. Do the same for images. Clean up comments that have
* been left orphaned.
*
* Returns true if the operation was interrupted because it was taking too long
*
* @param bool $cascade garbage collect every image and album in the gallery.
* @param bool $complete garbage collect every image and album in the *database* - completely cleans the database.
* @param int $restart Image ID to restart scan from
* @return bool
*/
function garbageCollect($cascade = true, $complete = false, $restart = '')
{
if (empty($restart)) {
// Check for the existence of top-level albums (subalbums handled recursively).
$result = query("SELECT * FROM " . prefix('albums'));
$dead = array();
$live = array('');
// purge the root album if it exists
$deadalbumthemes = array();
// Load the albums from disk
$albumfolder = getAlbumFolder();
while ($row = mysql_fetch_assoc($result)) {
if (!file_exists($albumfolder . UTF8ToFilesystem($row['folder'])) || in_array($row['folder'], $live)) {
$dead[] = $row['id'];
if ($row['album_theme'] !== '') {
// orphaned album theme options table
$deadalbumthemes[$row['id']] = $row['folder'];
}
} else {
$live[] = $row['folder'];
}
}
if (count($dead) > 0) {
/* delete the dead albums from the DB */
$first = array_pop($dead);
$sql1 = "DELETE FROM " . prefix('albums') . " WHERE `id`='{$first}'";
$sql2 = "DELETE FROM " . prefix('images') . " WHERE `albumid`='{$first}'";
$sql3 = "DELETE FROM " . prefix('comments') . " WHERE `type`='albums' AND `ownerid`='{$first}'";
$sql4 = "DELETE FROM " . prefix('obj_to_tag') . " WHERE `type`='albums' AND `objectid`='{$first}'";
foreach ($dead as $albumid) {
$sql1 .= " OR `id` = '{$albumid}'";
$sql2 .= " OR `albumid` = '{$albumid}'";
$sql3 .= " OR `ownerid` = '{$albumid}'";
$sql4 .= " OR `objectid` = '{$albumid}'";
}
$n = query($sql1);
if (!$complete && $n > 0 && $cascade) {
query($sql2);
query($sql3);
query($sql4);
}
}
if (count($deadalbumthemes) > 0) {
// delete the album theme options tables for dead albums
foreach ($deadalbumthemes as $id => $deadtable) {
$sql = 'DELETE FROM ' . prefix('options') . ' WHERE `ownerid`=' . $id;
query($sql, true);
}
}
}
if ($complete) {
if (empty($restart)) {
/* refresh 'metadata' of dynamic albums */
$albumfolder = getAlbumFolder();
$albumids = query_full_array("SELECT `id`, `mtime`, `folder` FROM " . prefix('albums') . " WHERE `dynamic`='1'");
foreach ($albumids as $album) {
if (($mtime = filemtime($albumfolder . UTF8ToFilesystem($album['folder']))) > $album['mtime']) {
// refresh
$data = file_get_contents($albumfolder . UTF8ToFilesystem($album['folder']));
while (!empty($data)) {
$data1 = trim(substr($data, 0, $i = strpos($data, "\n")));
if ($i === false) {
$data1 = $data;
$data = '';
} else {
$data = substr($data, $i + 1);
}
if (strpos($data1, 'WORDS=') !== false) {
$words = "words=" . urlencode(substr($data1, 6));
}
if (strpos($data1, 'THUMB=') !== false) {
$thumb = trim(substr($data1, 6));
}
if (strpos($data1, 'FIELDS=') !== false) {
$fields = "&searchfields=" . trim(substr($data1, 7));
}
}
if (!empty($words)) {
if (empty($fields)) {
$fields = '&searchfields=4';
}
}
$sql = "UPDATE " . prefix('albums') . "SET `search_params`=\"{$words}.{$fields}\", `thumb`=\"{$thumb}\", `mtime`=\"{$mtime}\" WHERE `id`=\"" . $album['id'] . "\"";
query($sql);
}
}
/* Delete all image entries that don't belong to an album at all. */
$albumids = query_full_array("SELECT `id` FROM " . prefix('albums'));
/* all the album IDs */
$idsofalbums = array();
foreach ($albumids as $row) {
$idsofalbums[] = $row['id'];
}
$imageAlbums = query_full_array("SELECT DISTINCT `albumid` FROM " . prefix('images'));
/* albumids of all the images */
$albumidsofimages = array();
foreach ($imageAlbums as $row) {
$albumidsofimages[] = $row['albumid'];
}
$orphans = array_diff($albumidsofimages, $idsofalbums);
/* albumids of images with no album */
if (count($orphans) > 0) {
/* delete dead images from the DB */
$firstrow = array_pop($orphans);
$sql = "DELETE FROM " . prefix('images') . " WHERE `albumid`='" . $firstrow . "'";
foreach ($orphans as $id) {
$sql .= " OR `albumid`='" . $id . "'";
}
query($sql);
// Then go into existing albums recursively to clean them... very invasive.
foreach ($this->getAlbums(0) as $folder) {
$album = new Album($this, $folder);
if (!$album->isDynamic()) {
if (is_null($album->getDateTime())) {
// see if we can get one from an image
$image = $album->getImage(0);
if (is_object($image)) {
$album->setDateTime($image->getDateTime());
}
}
$album->garbageCollect(true);
$album->preLoad();
}
}
}
}
/* Look for image records where the file no longer exists. While at it, check for images with IPTC data to update the DB */
$start = array_sum(explode(" ", microtime()));
// protect against too much processing.
if (!empty($restart)) {
$restartwhere = ' WHERE `id`>' . $restart;
} else {
$restartwhere = '';
}
$sql = 'SELECT `id`, `albumid`, `filename`, `desc`, `title`, `date`, `mtime` FROM ' . prefix('images') . $restartwhere . ' ORDER BY `id`';
$images = query_full_array($sql);
foreach ($images as $image) {
$sql = 'SELECT `folder` FROM ' . prefix('albums') . ' WHERE `id`="' . $image['albumid'] . '";';
$row = query_single_row($sql);
$imageName = UTF8ToFilesystem(getAlbumFolder() . $row['folder'] . '/' . $image['filename']);
if (file_exists($imageName)) {
if ($image['mtime'] != filemtime($imageName)) {
// file has changed since we last saw it
/* check metadata */
$metadata = getImageMetadata($imageName);
$set = '';
/* title */
$defaultTitle = substr($image['filename'], 0, strrpos($image['filename'], '.'));
if (empty($defaultTitle)) {
$defaultTitle = $image['filename'];
}
if ($defaultTitle == $image['title']) {
/* default title */
if (isset($metadata['title'])) {
$set = ',`title`="' . mysql_real_escape_string($metadata['title']) . '"';
}
}
/* description */
if (!isset($row['desc'])) {
if (isset($metadata['desc'])) {
$set .= ', `desc`="' . mysql_real_escape_string($metadata['desc']) . '"';
}
}
/* tags */
if (isset($metadata['tags'])) {
$tags = $metadata['tags'];
storeTags($tags, $image['id'], 'images');
}
/* location, city, state, and country */
if (isset($metadata['location'])) {
$set .= ', `location`="' . mysql_real_escape_string($metadata['location']) . '"';
}
if (isset($metadata['city'])) {
$set .= ', `city`="' . mysql_real_escape_string($metadata['city']) . '"';
}
if (isset($metadata['state'])) {
$set .= ', `state`="' . mysql_real_escape_string($metadata['state']) . '"';
}
if (isset($metadata['country'])) {
$set .= ', `country`="' . mysql_real_escape_string($metadata['country']) . '"';
}
/* credit & copyright */
if (isset($metadata['credit'])) {
$set .= ', `credit`="' . escape($metadata['credit']) . '"';
}
if (isset($metadata['copyright'])) {
$set .= ', `copyright`="' . escape($metadata['copyright']) . '"';
}
/* date (for sorting) */
$newDate = strftime('%Y-%m-%d %T', filemtime($imageName));
if (isset($metadata['date'])) {
$dt = dateTimeConvert($metadata['date']);
if ($dt !== false) {
// flaw in exif/iptc data?
$newDate = $dt;
}
}
$set .= ', `date`="' . $newDate . '"';
/* update DB is necessary */
$sql = "UPDATE " . prefix('images') . " SET `EXIFValid`=0,`mtime`=" . filemtime($imageName) . $set . " WHERE `id`='" . $image['id'] . "'";
query($sql);
}
} else {
$sql = 'DELETE FROM ' . prefix('images') . ' WHERE `id`="' . $image['id'] . '";';
$result = query($sql);
$sql = 'DELETE FROM ' . prefix('comments') . ' WHERE `type` IN (' . zp_image_types('"') . ') AND `ownerid` ="' . $image['id'] . '";';
$result = query($sql);
}
if (array_sum(explode(" ", microtime())) - $start >= 10) {
return $image['id'];
// avoide excessive processing
}
}
/* clean the comments table */
/* do the images */
$imageids = query_full_array('SELECT `id` FROM ' . prefix('images'));
/* all the image IDs */
$idsofimages = array();
foreach ($imageids as $row) {
$idsofimages[] = $row['id'];
}
$commentImages = query_full_array("SELECT DISTINCT `ownerid` FROM " . prefix('comments') . 'WHERE `type` IN (' . zp_image_types('"') . ')');
/* imageids of all the comments */
$imageidsofcomments = array();
foreach ($commentImages as $row) {
$imageidsofcomments[] = $row['ownerid'];
}
$orphans = array_diff($imageidsofcomments, $idsofimages);
/* image ids of comments with no image */
if (count($orphans) > 0) {
/* delete dead comments from the DB */
$firstrow = array_pop($orphans);
$sql = "DELETE FROM " . prefix('comments') . " WHERE `type` IN (" . zp_image_types("'") . ") AND `ownerid`='" . $firstrow . "'";
foreach ($orphans as $id) {
$sql .= " OR `ownerid`='" . $id . "'";
}
query($sql);
}
/* do the same for album comments */
$albumids = query_full_array('SELECT `id` FROM ' . prefix('albums'));
/* all the album IDs */
$idsofalbums = array();
foreach ($albumids as $row) {
$idsofalbums[] = $row['id'];
}
$commentAlbums = query_full_array("SELECT DISTINCT `ownerid` FROM " . prefix('comments') . 'WHERE `type`="albums"');
/* album ids of all the comments */
$albumidsofcomments = array();
foreach ($commentAlbums as $row) {
$albumidsofcomments[] = $row['ownerid'];
}
$orphans = array_diff($albumidsofcomments, $idsofalbums);
/* album ids of comments with no album */
if (count($orphans) > 0) {
/* delete dead comments from the DB */
$firstrow = array_pop($orphans);
$sql = "DELETE FROM " . prefix('comments') . "WHERE `type`='albums' AND `ownerid`='" . $firstrow . "'";
foreach ($orphans as $id) {
$sql .= " OR `ownerid`='" . $id . "'";
}
query($sql);
}
/* clean the tags table */
/* do the images */
$tagImages = query_full_array("SELECT DISTINCT `objectid` FROM " . prefix('obj_to_tag') . 'WHERE `type` IN (' . zp_image_types('"') . ')');
/* imageids of all the comments */
$imageidsoftags = array();
foreach ($tagImages as $row) {
$imageidsoftags[] = $row['objectid'];
}
$orphans = array_diff($imageidsoftags, $idsofimages);
/* image ids of comments with no image */
if (count($orphans) > 0) {
/* delete dead tags from the DB */
$firstrow = array_pop($orphans);
$sql = "DELETE FROM " . prefix('obj_to_tag') . " WHERE `type` IN (" . zp_image_types('"') . ") AND (`objectid`='" . $firstrow . "'";
foreach ($orphans as $id) {
$sql .= " OR `objectid`='" . $id . "'";
}
$sql .= ')';
query($sql);
}
/* do the same for album tags */
$tagAlbums = query_full_array("SELECT DISTINCT `objectid` FROM " . prefix('obj_to_tag') . 'WHERE `type`="albums"');
/* album ids of all the comments */
$albumidsoftags = array();
foreach ($tagAlbums as $row) {
$albumidsoftags[] = $row['objectid'];
}
$orphans = array_diff($albumidsoftags, $idsofalbums);
/* album ids of comments with no album */
if (count($orphans) > 0) {
/* delete dead tags from the DB */
$firstrow = array_pop($orphans);
$sql = "DELETE FROM " . prefix('obj_to_tag') . "WHERE `type`='albums' AND `objectid`='" . $firstrow . "'";
foreach ($orphans as $id) {
$sql .= " OR `objectid`='" . $id . "'";
}
query($sql);
}
}
return false;
}
if (isset($_GET['action'])) {
if ($_GET['action'] == 'upload') {
// Check for files.
$files_empty = true;
if (isset($_FILES['files'])) {
foreach ($_FILES['files']['name'] as $name) {
if (!empty($name)) {
$files_empty = false;
}
}
}
$newAlbum = $_POST['existingfolder'] == 'false' || isset($_POST['newalbum']);
// Make sure the folder exists. If not, create it.
if (isset($_POST['processed']) && !empty($_POST['folder']) && ($newAlbum || !$files_empty)) {
$folder = sanitize_path($_POST['folder']);
$uploaddir = $gallery->albumdir . UTF8ToFilesystem($folder);
if (!is_dir($uploaddir)) {
mkdir($uploaddir, CHMOD_VALUE);
}
@chmod($uploaddir, CHMOD_VALUE);
$album = new Album($gallery, $folder);
if ($album->exists) {
if (!isset($_POST['publishalbum'])) {
$album->setShow(false);
}
$title = sanitize($_POST['albumtitle'], 2);
if (!empty($title) && $newAlbum) {
$album->setTitle($title);
}
$album->save();
} else {
/**
* A helper function that only prints a item of the loop within printAlbumStatistic()
* Not for standalone use.
*
* @param array $album the array that getAlbumsStatistic() submitted
* @param string $option "popular" for the most popular albums,
* "latest" for the latest uploaded,
* "mostrated" for the most voted,
* "toprated" for the best voted
* "latestupdated" for the latest updated
* @param bool $showtitle if the album title should be shown
* @param bool $showdate if the album date should be shown
* @param bool $showdesc if the album description should be shown
* @param integer $desclength the length of the description to be shown
* @param string $showstatistic "hitcounter" for showing the hitcounter (views),
* "rating" for rating,
* "rating+hitcounter" for both.
* @param integer $width the width/cropwidth of the thumb if crop=true else $width is longest size. (Default 85px)
* @param integer $height the height/cropheight of the thumb if crop=true else not used. (Default 85px)
* @param bool $crop 'true' (default) if the thumb should be cropped, 'false' if not
*/
function printAlbumStatisticItem($album, $option, $showtitle = false, $showdate = false, $showdesc = false, $desclength = 40, $showstatistic = '', $width = 85, $height = 85, $crop = true)
{
global $_zp_gallery;
$albumpath = rewrite_path("/", "index.php?album=");
$tempalbum = new Album($_zp_gallery, $album['folder']);
echo "<li><a href=\"" . $albumpath . pathurlencode($tempalbum->name) . "\" title=\"" . html_encode($tempalbum->getTitle()) . "\">\n";
$albumthumb = $tempalbum->getAlbumThumbImage();
$thumb = newImage($tempalbum, $albumthumb->filename);
if ($crop) {
echo "<img src=\"" . $thumb->getCustomImage(NULL, $width, $height, $width, $height, NULL, NULL, TRUE) . "\" alt=\"" . html_encode($thumb->getTitle()) . "\" /></a>\n<br />";
} else {
echo "<img src=\"" . $thumb->getCustomImage($width, NULL, NULL, NULL, NULL, NULL, NULL, TRUE) . "\" alt=\"" . html_encode($thumb->getTitle()) . "\" /></a>\n<br />";
}
if ($showtitle) {
echo "<h3><a href=\"" . $albumpath . pathurlencode($tempalbum->name) . "\" title=\"" . html_encode($tempalbum->getTitle()) . "\">\n";
echo $tempalbum->getTitle() . "</a></h3>\n";
}
if ($showdate) {
if ($option === "latestupdated") {
$filechangedate = filectime(getAlbumFolder() . UTF8ToFilesystem($tempalbum->name));
$latestimage = query_single_row("SELECT mtime FROM " . prefix('images') . " WHERE albumid = " . $tempalbum->getAlbumID() . " AND `show` = 1 ORDER BY id DESC");
$lastuploaded = query("SELECT COUNT(*) FROM " . prefix('images') . " WHERE albumid = " . $tempalbum->getAlbumID() . " AND mtime = " . $latestimage['mtime']);
$row = mysql_fetch_row($lastuploaded);
$count = $row[0];
echo "<p>" . sprintf(gettext("Last update: %s"), zpFormattedDate(getOption('date_format'), $filechangedate)) . "</p>";
if ($count <= 1) {
$image = gettext("image");
} else {
$image = gettext("images");
}
echo "<span>" . sprintf(gettext('%1$u new %2$s'), $count, $image) . "</span>";
} else {
echo "<p>" . zpFormattedDate(getOption('date_format'), strtotime($tempalbum->getDateTime())) . "</p>";
}
}
if ($showstatistic === "rating" or $showstatistic === "rating+hitcounter") {
$votes = $tempalbum->get("total_votes");
$value = $tempalbum->get("total_value");
if ($votes != 0) {
$rating = round($value / $votes, 1);
}
echo "<p>" . sprintf(gettext('Rating: %1$u (Votes: %2$u )'), $rating, $tempalbum->get("total_votes")) . "</p>";
}
if ($showstatistic === "hitcounter" or $showstatistic === "rating+hitcounter") {
$hitcounter = $tempalbum->get("hitcounter");
if (empty($hitcounter)) {
$hitcounter = "0";
}
echo "<p>" . sprintf(gettext("Views: %u"), $hitcounter) . "</p>";
}
if ($showdesc) {
echo "<p>" . truncate_string($tempalbum->getDesc(), $desclength) . "</p>";
}
echo "</li>";
}
/**
* Returns the image file name for the thumbnail image.
*
* @return string
*/
function getThumbImageFile()
{
if ($this->objectsThumb != NULL) {
$imgfile = getAlbumFolder() . $this->album->name . '/' . $this->objectsThumb;
} else {
$imgfile = SERVERPATH . '/' . THEMEFOLDER . '/' . UTF8ToFilesystem($this->album->gallery->getCurrentTheme()) . '/images/multimediaDefault.png';
if (!file_exists($imgfile)) {
$imgfile = SERVERPATH . "/" . ZENFOLDER . PLUGIN_FOLDER . substr(basename(__FILE__), 0, -4) . '/multimediaDefault.png';
}
}
return $imgfile;
}
/**
* For every image in the album, look for its file. Delete from the database
* if the file does not exist. Same for each sub-directory/album.
*
* @param bool $deep set to true for a thorough cleansing
*/
function garbageCollect($deep = false)
{
if (is_null($this->images)) {
$this->getImages();
}
$result = query("SELECT * FROM " . prefix('images') . " WHERE `albumid` = '" . $this->id . "'");
$dead = array();
$live = array();
$files = $this->loadFileNames();
// Does the filename from the db row match any in the files on disk?
while ($row = mysql_fetch_assoc($result)) {
if (!in_array($row['filename'], $files)) {
// In the database but not on disk. Kill it.
$dead[] = $row['id'];
} else {
if (in_array($row['filename'], $live)) {
// Duplicate in the database. Kill it.
$dead[] = $row['id'];
// Do something else here? Compare titles/descriptions/metadata/update dates to see which is the latest?
} else {
$live[] = $row['filename'];
}
}
}
if (count($dead) > 0) {
$sql = "DELETE FROM " . prefix('images') . " WHERE `id` = '" . array_pop($dead) . "'";
$sql2 = "DELETE FROM " . prefix('comments') . " WHERE `type`='albums' AND `ownerid` = '" . array_pop($dead) . "'";
foreach ($dead as $id) {
$sql .= " OR `id` = '{$id}'";
$sql2 .= " OR `ownerid` = '{$id}'";
}
query($sql);
query($sql2);
}
// Get all sub-albums and make sure they exist.
$result = query("SELECT * FROM " . prefix('albums') . " WHERE `folder` LIKE '" . mysql_real_escape_string($this->name) . "/%'");
$dead = array();
$live = array();
// Does the dirname from the db row exist on disk?
while ($row = mysql_fetch_assoc($result)) {
if (!is_dir(getAlbumFolder() . UTF8ToFilesystem($row['folder'])) || in_array($row['folder'], $live) || substr($row['folder'], -1) == '/' || substr($row['folder'], 0, 1) == '/') {
$dead[] = $row['id'];
} else {
$live[] = $row['folder'];
}
}
if (count($dead) > 0) {
$sql = "DELETE FROM " . prefix('albums') . " WHERE `id` = '" . array_pop($dead) . "'";
$sql2 = "DELETE FROM " . prefix('comments') . " WHERE `type`='albums' AND `ownerid` = '" . array_pop($dead) . "'";
foreach ($dead as $albumid) {
$sql .= " OR `id` = '{$albumid}'";
$sql2 .= " OR `ownerid` = '{$albumid}'";
}
query($sql);
query($sql2);
}
if ($deep) {
foreach ($this->getSubAlbums(0) as $dir) {
$subalbum = new Album($this->gallery, $dir);
// Could have been deleted if it didn't exist above...
if ($subalbum->exists) {
$subalbum->garbageCollect($deep);
}
}
}
}
/**
* Returns the path of an image for uses in caching it
* NOTE: character set if for the filesystem
*
* @param string $album album folder
* @param string $image image file name
* @param array $args cropping arguments
* @return string
*/
function getImageCacheFilename($album8, $image8, $args)
{
// this function works in FILESYSTEM_CHARSET, so convert the file names
$album = UTF8ToFilesystem($album8);
$image = UTF8ToFilesystem($image8);
// Set default variable values.
$postfix = getImageCachePostfix($args);
if (empty($album)) {
$albumsep = '';
} else {
if (ini_get('safe_mode')) {
$albumsep = SAFE_MODE_ALBUM_SEP;
$album = str_replace(array('/', "\\"), $albumsep, $album);
} else {
$albumsep = '/';
}
}
return '/' . $album . $albumsep . $image . $postfix . '.jpg';
}
<th colspan="2"><b><?php
echo gettext('Installed themes');
?>
</b></th>
<th><b><?php
echo gettext('Action');
?>
</b></th>
</thead>
<tbody>
<?php
$themes = $gallery->getThemes();
$current_theme_style = "background-color: #ECF1F2;";
foreach ($themes as $theme => $themeinfo) {
$style = $theme == $current_theme ? " style=\"{$current_theme_style}\"" : "";
$themedir = SERVERPATH . '/themes/' . UTF8ToFilesystem($theme);
$themeweb = WEBPATH . "/themes/{$theme}";
?>
<tr>
<td style="margin: 0px; padding: 0px;"><?php
if (file_exists("{$themedir}/theme.png")) {
$themeimage = "{$themeweb}/theme.png";
} else {
if (file_exists("{$themedir}/theme.gif")) {
$themeimage = "{$themeweb}/theme.gif";
} else {
if (file_exists("{$themedir}/theme.jpg")) {
$themeimage = "{$themeweb}/theme.jpg";
} else {
$themeimage = false;
}
