function show_memberlist() { cpg_db_query("DELETE FROM {$CONFIG['TABLE_USERS']} WHERE user_name = '' LIMIT 1"); pageheader($lang_usermgr_php['title']); list_users(); pagefooter(); }
function message($title, $message, $link, $time = 2) { global $CONFIG; if ($CONFIG['display_redirection_page'] == 0) { header("Location: {$link}&message_id=" . cpgStoreTempMessage($message)); } else { pageheader($title, "<META http-equiv=\"refresh\" content=\"{$time};url={$link}\">"); msg_box($title, $message, Lang::item('common.continue'), $link); pagefooter(); } exit; }
function slideshow() { global $CONFIG, $template_display_picture, $CPG_M_DIR; if (function_exists('theme_slideshow')) { theme_slideshow(); return; } pageheader(SLIDESHOW_TITLE); require_once "includes/coppermine/slideshow.inc"; $start_slideshow = '<script language="JavaScript" type="text/JavaScript">runSlideShow()</script>'; template_extract_block($template_display_picture, 'img_desc', $start_slideshow); $params = array('{CELL_HEIGHT}' => $CONFIG['picture_width'] + 100, '{IMAGE}' => '<img src="' . $start_img . '" name="SlideShow" class="image" alt="" /><br />', '{ADMIN_MENU}' => ''); starttable(); echo template_eval($template_display_picture, $params); endtable(); starttable(); echo ' <tr> <td style="text-align:center" class="navmenu" style="white-space: nowrap;"> <a href="javascript:endSlideShow()" class="navmenu">' . STOP_SLIDESHOW . '</a> </td> </tr> '; endtable(); pagefooter(); }
function cpg_die($msg_code, $msg_text, $error_file, $error_line, $output_buffer = false) { global $CONFIG, $lang_cpg_die, $template_cpg_die; // Simple output if theme file is not loaded if (!function_exists('pageheader')) { echo 'Fatal error :<br />' . $msg_text; exit; } $ob = ob_get_contents(); if ($ob) { ob_end_clean(); } if (!$CONFIG['debug_mode']) { template_extract_block($template_cpg_die, 'file_line'); } if (!$output_buffer && !$CONFIG['debug_mode']) { template_extract_block($template_cpg_die, 'output_buffer'); } $params = array('{MESSAGE}' => $msg_text, '{FILE_TXT}' => $lang_cpg_die['file'], '{FILE}' => $error_file, '{LINE_TXT}' => $lang_cpg_die['line'], '{LINE}' => $error_line, '{OUTPUT_BUFFER}' => $ob); pageheader($lang_cpg_die[$msg_code]); starttable(-1, $lang_cpg_die[$msg_code]); echo template_eval($template_cpg_die, $params); endtable(); pagefooter(); exit; }
function theme_slideshow($start_img, $title) { global $CONFIG, $lang_display_image_php, $template_display_media, $lang_common, $album, $pid, $slideshow; global $cat, $date, $THEME_DIR; pageheader($lang_display_image_php['slideshow']); template_extract_block($template_display_media, 'img_desc', $start_slideshow); /** set styles to slideshow background */ $setDimentionW = $CONFIG['picture_width'] + 100; $setDimentionH = $CONFIG['picture_width'] + 10; if (defined('THEME_HAS_PROGRESS_GRAPHICS')) { $prefix = $THEME_DIR; } else { $prefix = ''; } $params = array('{SLIDESHOW_STYLE}' => 'width:' . $setDimentionW . 'px; height: ' . $setDimentionH . 'px; position: relative;', '{IMAGE}' => '<img id="showImage" src="' . $start_img . '" class="image" alt="" border="" /><br />', '{ADMIN_MENU}' => '', '{LOADER_ICON_PATH}' => $prefix . 'images/loader.gif'); echo '<a name="top_display_media"></a>'; starttable(); echo <<<EOT <tr class="noscript"> <td align="center" class="tableh2"> <noscript> {$lang_common['javascript_needed']} </noscript> </td> </tr> <tr> <td align="center" class="navmenu" style="white-space: nowrap;"> <div id="title">{$title}</div> </td> </tr> EOT; endtable(); starttable(); echo template_eval($template_display_media, $params); endtable(); starttable(); echo <<<EOT <tr> <td align="center" id="back-to" class="navmenu" > <a class="navmenu" style="cursor:pointer">{$lang_display_image_php['stop_slideshow']}</a> </td> </tr> EOT; endtable(); pagefooter(); }
function html5_display_upload_form($upload_settings) { global $CONFIG, $USER_DATA, $lang_common, $lang_upload_php, $lang_plugin_html5upload, $icon_array, $h5a_upload, $lang_bbcode_help_title, $lang_bbcode_help; list($upload_form, $upload_select) = $upload_settings; if ($upload_form != 'html5_upload') { return $upload_settings; } $plugpath = 'plugins/html5upload'; $grpn = USER_ID > 0 ? (int) $USER_DATA['group_id'] : 0; $grpc = $grpn ? $grpn : ''; $cfg = isset($CONFIG['html5upload_config' . $grpc]) ? unserialize($CONFIG['html5upload_config' . $grpc]) : unserialize($CONFIG['html5upload_config']); $maxfilesizebytes = $cfg['upldsize'] ? max($cfg['upldsize'], $h5a_upload->sys_max_upl_size) : $h5a_upload->sys_max_upl_size; $maxfilesize = sprintf($lang_upload_php['max_fsize'], $h5a_upload->to_KMG($maxfilesizebytes)); list($timestamp, $form_token) = getFormToken(time() + 14400); //allow up to 4 hours for upload to complete set_js_var('timestamp', $timestamp - 14400); //subtract those 4 hours so edits happen correctly set_js_var('concurrent', $cfg['concurrent']); set_js_var('autoedit', $cfg['autoedit']); set_js_var('user_id', USER_ID); set_js_var('guest_edit', $CONFIG['allow_guests_enter_file_details']); set_js_var('H5uPath', "{$plugpath}/"); set_js_var('maxfilesize', $maxfilesizebytes); set_js_var('maxchunksize', $h5a_upload->sys_max_chnk_size); set_js_var('fup_payload', array('event' => 'picture', 'process' => 1, 'form_token' => $form_token, 'timestamp' => $timestamp, 'MFU' => 1)); set_js_var('h5uM', array('selAlb' => $lang_plugin_html5upload['albmSelMsg'], 'aborted' => $lang_plugin_html5upload['aborted'], 'type_err' => $lang_plugin_html5upload['type_err'], 'size_err' => $lang_plugin_html5upload['size_err'], 'extallow' => $lang_plugin_html5upload['extallow'], 'q_stop' => $lang_plugin_html5upload['q_stop'], 'q_go' => $lang_plugin_html5upload['q_resume'], 'q_can' => $lang_plugin_html5upload['q_cancel'])); $allowed_types = array_merge(explode('/', $CONFIG['allowed_img_types']), explode('/', $CONFIG['allowed_mov_types']), explode('/', $CONFIG['allowed_snd_types']), explode('/', $CONFIG['allowed_doc_types'])); set_js_var('allowed_file_types', $allowed_types); // include the javascript upload engine (minified unless in debug mode) $jsv = $CONFIG['debug_mode'] == 1 || $CONFIG['debug_mode'] == 2 && GALLERY_ADMIN_MODE ? '' : '.min'; js_include('plugins/html5upload/js/upload' . $jsv . '.js'); // add our style sheet $h5up_meta = '<link rel="stylesheet" href="plugins/html5upload/css/upload.css" type="text/css" />'; pageheader($lang_plugin_html5upload['title'], $h5up_meta); $upload_help = $h5a_upload->help_button('use'); $upload_table_header = <<<EOT \t<table border="0" cellspacing="0" cellpadding="0" width="100%"> \t\t<tr> \t\t\t<td> \t\t\t\t{$icon_array['upload']}{$lang_plugin_html5upload['upldfiles']}{$upload_help} \t\t\t</td> \t\t\t<td style="text-align:right"> \t\t\t\t<span id="upload_method_selector">{$upload_select}</span> \t\t\t</td> \t\t</tr> \t</table> EOT; starttable('100%', $upload_table_header, 2); echo '<tr><td colspan="2" class="tableb tableb_alternate"><strong>' . $maxfilesize . '</strong></td></tr>'; form_alb_list_box($lang_common['album'], 'h5u_album'); echo <<<EOT \t<tr id="navailrow" style="text-align:center;background-color:yellow;display:none"> \t\t<td colspan="2">{$lang_plugin_html5upload['notavail']}</td> \t</tr> \t<tr class="H5upV"> \t\t<td class="tableb" width="30%">{$lang_plugin_html5upload['flistitl']}</td> \t\t<td class="tableb"><input type="checkbox" id="flistitl" onchange="shide_titlrow(this);" /></td> \t</tr> EOT; if (USER_ID > 0 || $CONFIG['allow_guests_enter_file_details'] == 1) { if ($cfg['enabtitl']) { echo '<tr id="titlrow"><td class="tableb">' . $lang_upload_php['pic_title'] . '</td><td class="tableb"><input type="text" name="title" id="title" class="textinput" maxlength="255" style="width:90%" /></td></tr>'; } if ($cfg['enabdesc']) { $desclabl = $lang_upload_php['description']; if ($CONFIG['show_bbcode_help']) { $desclabl .= ' ' . cpg_display_help('f=empty.htm&base=64&h=' . urlencode(base64_encode(serialize($lang_bbcode_help_title))) . '&t=' . urlencode(base64_encode(serialize($lang_bbcode_help))), 470, 245); } echo '<tr><td class="tableb">' . $desclabl . '</td><td class="tableb"><textarea name="caption" rows="2" id="caption" class="textinput" style="width:90%" /></textarea></td></tr>'; } if ($cfg['enabkeys']) { $keywordLabel = sprintf($lang_common['keywords_insert1'], $lang_common['keyword_separators'][$CONFIG['keyword_separator']]) . '<br /><a href="keyword_select.php" class="greybox">' . $lang_common['keywords_insert2'] . '</a>'; echo '<tr><td class="tableb">' . $keywordLabel . '</td><td class="tableb"><input type="text" name="keywords" id="keywords" class="textinput" maxlength="255" style="width:90%" /></td></tr>'; } if ($cfg['enabusr1'] && !empty($CONFIG['user_field1_name'])) { echo '<tr><td class="tableb">' . $CONFIG['user_field1_name'] . '</td><td class="tableb"><input type="text" name="user1" id="user1" class="textinput" maxlength="255" style="width:90%" /></td></tr>'; } if ($cfg['enabusr2'] && !empty($CONFIG['user_field2_name'])) { echo '<tr><td class="tableb">' . $CONFIG['user_field2_name'] . '</td><td class="tableb"><input type="text" name="user2" id="user2" class="textinput" maxlength="255" style="width:90%" /></td></tr>'; } if ($cfg['enabusr3'] && !empty($CONFIG['user_field3_name'])) { echo '<tr><td class="tableb">' . $CONFIG['user_field3_name'] . '</td><td class="tableb"><input type="text" name="user3" id="user3" class="textinput" maxlength="255" style="width:90%" /></td></tr>'; } if ($cfg['enabusr4'] && !empty($CONFIG['user_field4_name'])) { echo '<tr><td class="tableb">' . $CONFIG['user_field4_name'] . '</td><td class="tableb"><input type="text" name="user4" id="user4" class="textinput" maxlength="255" style="width:90%" /></td></tr>'; } } $acptmime = $cfg['acptmime'] ? "accept=\"{$cfg['acptmime']}\"" : ''; echo <<<EOT \t<tr id="h5upldrow"> \t\t<td class="tableb">{$lang_plugin_html5upload['files']}</td> \t\t<td class="tableb" style="padding:1em"> \t\t\t<div style="width:480px"> \t\t\t\t<input type="file" name="userpictures" id="upload_field" multiple="multiple" {$acptmime}/> \t\t\t\t <br /> \t\t\t\t<div id="dropArea">{$lang_plugin_html5upload['drop_files']}</div> \t\t\t\t <br /> \t\t\t\t<div id="progress_report" style="position:relative"> \t\t\t\t\t<div id="progress_report_name"></div> \t\t\t\t\t<div id="progress_report_status" style="font-style: italic;"></div> \t\t\t\t\t<div id="totprogress"> \t\t\t\t\t\t<div id="progress_report_bar" style="background-color: blue; width: 0; height: 100%;"></div> \t\t\t\t\t</div> \t\t\t\t\t<div> \t\t\t\t\t\t{$lang_plugin_html5upload['files_left']}<span id="qcount">0</span><div class="acti" id="qstop"><img src="plugins/html5upload/css/stop.png" title="{$lang_plugin_html5upload['q_stop']}" onclick="H5uQctrl.stop()" /></div><div class="acti" id="qgocan"><img src="plugins/html5upload/css/play-green.png" title="{$lang_plugin_html5upload['q_resume']}" onclick="H5uQctrl.go()" /><img src="plugins/html5upload/css/cross.png" title="{$lang_plugin_html5upload['q_cancel']}" onclick="H5uQctrl.cancel()" /></div> \t\t\t\t\t</div> \t\t\t\t\t<div id="fprogress"></div> \t\t\t\t\t<div id="server_response"></div> \t\t\t\t</div> \t\t\t</div> \t\t</td> \t</tr> \t<tr id="gotoedit" style="display:none"> \t\t<td class="tableb tableb_alternate">{$lang_plugin_html5upload['continue']}</td> \t\t<td class="tableb tableb_alternate"> \t\t\t<button type="button" onclick="window.location=redirURL">{$lang_plugin_html5upload['gotoedit']}</button> \t\t</td> \t</tr> EOT; endtable(); pagefooter(); exit; }
function theme_slideshow($start_img, $title) { global $CONFIG, $lang_display_image_php, $template_display_media, $lang_common, $album, $pid, $slideshow; global $cat, $date; pageheader($lang_display_image_php['slideshow']); template_extract_block($template_display_media, 'img_desc', $start_slideshow); $params = array('{CELL_HEIGHT}' => $CONFIG['picture_width'] + 100, '{IMAGE}' => '<img src="' . $start_img . '" name="SlideShow" class="image" id="showImage" />', '{ADMIN_MENU}' => ''); starttable(); echo <<<EOT <noscript> <tr> <td align="center" class="tableh2"> {$lang_common['javascript_needed']} </td> </tr> </noscript> <tr> <td align="center" class="navmenu" style="white-space: nowrap;"> <div id="Title">{$title}</div> </td> </tr> EOT; endtable(); starttable(); echo template_eval($template_display_media, $params); endtable(); starttable(); echo <<<EOT <tr> <td align="center" class="navmenu" style="white-space: nowrap;"> <a class="navmenu" style="cursor:pointer">{$lang_display_image_php['stop_slideshow']}</a> </td> </tr> EOT; endtable(); pagefooter(); }
function theme_slideshow() { global $CONFIG, $lang_display_image_php, $template_display_media; pageheader($lang_display_image_php['slideshow']); include "include/slideshow.inc.php"; $start_slideshow = '<script language="JavaScript" type="text/JavaScript">runSlideShow()</script>'; template_extract_block($template_display_media, 'img_desc', $start_slideshow); $params = array('{CELL_HEIGHT}' => $CONFIG['picture_width'] + 100, '{IMAGE}' => '<img src="' . $start_img . '" name="SlideShow" class="image" /><br />', '{ADMIN_MENU}' => ''); starttable(); echo <<<EOT <tr> <td align="center" class="navmenu" style="white-space: nowrap;"> <div id="Title"></div> </td> </tr> EOT; endtable(); starttable(); echo template_eval($template_display_media, $params); endtable(); starttable(); echo <<<EOT <tr> <td align="center" class="navmenu" style="white-space: nowrap;"> <a href="javascript:endSlideShow()" class="navmenu">{$lang_display_image_php['stop_slideshow']}</a> </td> </tr> EOT; endtable(); pagefooter(); }
/** * cpgRedirectPage() * * Redirect to the target page or display an info screen first and then redirect * * @param string $targetAddress * @param string $caption * @param string $message * @param string $countdown * @return void **/ function cpgRedirectPage($targetAddress = '', $caption = '', $message = '', $countdown = 0) { global $CONFIG, $lang_common; if ($CONFIG['display_redirection_page'] == 0) { $header_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? 'Refresh: 0; URL=' : 'Location: '; if (strpos($targetAddress, '?') == FALSE) { $separator = '?'; } else { $separator = '&'; } header($header_location . $targetAddress . $separator . 'message_id=' . cpgStoreTempMessage($message) . '#cpgMessageBlock'); pageheader($caption, "<META http-equiv=\"refresh\" content=\"1;url={$targetAddress}\">"); msg_box($caption, $message, $lang_common['continue'], $location); pagefooter(); ob_end_flush(); exit; } else { pageheader($caption, "<META http-equiv=\"refresh\" content=\"1;url={$targetAddress}\">"); msg_box($caption, $message, $lang_common['continue'], $location); pagefooter(); ob_end_flush(); exit; } }
function h5u_config_form($sC) { global $CONFIG, $superCage, $lang_common, $lang_plugin_html5upload, $lang_gallery_admin_menu, $h5a_upload; $plugpath = 'plugins/html5upload'; echo <<<EOT \t<style> \t\t#h5u_busy {width:20px;height:20px;vertical-align:middle;margin-left:8px;display:none;background: transparent url("{$plugpath}/css/busy.gif") 0 0 no-repeat} \t</style> EOT; $grpn = 0; if ($superCage->post->keyExists('h5u_gSel')) { $grpn = (int) $superCage->post->getEscaped('h5u_gSel'); } // since we may have just written the cfg to the db, get a fresh copy from there $grpc = $grpn ? $grpn : ''; $rslt = cpg_db_query("SELECT value FROM {$CONFIG['TABLE_CONFIG']} WHERE name = 'html5upload_config{$grpc}'"); $scfg = $rslt->fetchAssoc(true); $tcfg = $scfg ? unserialize($scfg['value']) : unserialize($CONFIG['html5upload_config']); $plugin_help = $h5a_upload->help_button('adm'); echo '<form id="cfgForm" action="' . $superCage->server->getEscaped('REQUEST_URI') . '" method="post">'; starttable('100%', $lang_plugin_html5upload['html5upload'] . " - " . $lang_gallery_admin_menu['admin_lnk'] . $plugin_help . h5u_config_groupSel($grpn), 2); $concopts = ''; for ($value = 1; $value < 5; $value++) { $selected = $tcfg['concurrent'] == $value ? 'selected="selected"' : ''; $concopts .= "<option value=\"{$value}\" {$selected}>{$value}</option>"; } $uplsizm = 0; $uplsiz = $tcfg['upldsize']; if ($uplsiz) { if ($uplsiz % 1073741824 == 0) { $uplsizm = 2; $uplsiz = $uplsiz >> 30; } elseif ($uplsiz % 1048576 == 0) { $uplsizm = 1; $uplsiz = $uplsiz >> 20; } else { $uplsiz = $uplsiz >> 10; } } else { $uplsiz = ''; } $sizmopts = ''; foreach (array('K', 'M', 'G') as $k => $v) { $selected = $uplsizm == $k ? 'selected="selected"' : ''; $sizmopts .= "<option value=\"{$k}\" {$selected}>{$v}</option>"; } $sysfmax = $h5a_upload->sys_max_upl_size; $sysfmaxh = $h5a_upload->to_KMG($sysfmax); $autochecked = $tcfg['autoedit'] ? 'checked="checked" ' : ''; $titlchecked = $tcfg['enabtitl'] ? 'checked="checked" ' : ''; $descchecked = $tcfg['enabdesc'] ? 'checked="checked" ' : ''; $keyschecked = $tcfg['enabkeys'] ? 'checked="checked" ' : ''; $usr1checked = $tcfg['enabusr1'] ? 'checked="checked" ' : ''; $usr2checked = $tcfg['enabusr2'] ? 'checked="checked" ' : ''; $usr3checked = $tcfg['enabusr3'] ? 'checked="checked" ' : ''; $usr4checked = $tcfg['enabusr4'] ? 'checked="checked" ' : ''; $enabflds = ''; if (!empty($CONFIG['user_field1_name'])) { $enabflds .= '<br /><input type="checkbox" name="usr1fld" id="usr1fld" ' . $usr1checked . '/> <label for="usr1fld">' . $CONFIG['user_field1_name'] . '</label>'; } if (!empty($CONFIG['user_field2_name'])) { $enabflds .= '<br /><input type="checkbox" name="usr2fld" id="usr2fld" ' . $usr2checked . '/> <label for="usr2fld">' . $CONFIG['user_field2_name'] . '</label>'; } if (!empty($CONFIG['user_field3_name'])) { $enabflds .= '<br /><input type="checkbox" name="usr3fld" id="usr3fld" ' . $usr3checked . '/> <label for="usr3fld">' . $CONFIG['user_field3_name'] . '</label>'; } if (!empty($CONFIG['user_field4_name'])) { $enabflds .= '<br /><input type="checkbox" name="usr4fld" id="usr4fld" ' . $usr4checked . '/> <label for="usr4fld">' . $CONFIG['user_field4_name'] . '</label>'; } $submit_icon = cpg_fetch_icon('ok', 1); $rvrtbut = ''; if ($grpn && $scfg) { $undo_icon = cpg_fetch_icon('undo', 1); $rvrtbut = '<button value="' . $lang_plugin_html5upload['revert'] . '" name="revert" class="button" type="submit">' . $undo_icon . $lang_plugin_html5upload['revert'] . ' </button> '; } echo <<<EOT \t<tr> \t\t<td class="tableb" width="50%"> \t\t\t{$lang_plugin_html5upload['select']} \t\t</td> \t\t<td class="tableb"> \t\t\t<select class="listbox" name="concurrent">{$concopts}</select> \t\t</td> \t</tr> \t<tr> \t\t<td class="tableb"> \t\t\t{$lang_plugin_html5upload['maxUplSiz']} (PHP:CPG = {$sysfmaxh}) \t\t</td> \t\t<td class="tableb"> \t\t\t<input type="text" name="upsize" style="width:4em" maxlength="5" value="{$uplsiz}" /> \t\t\t<select class="listbox" name="upsizem">{$sizmopts}</select> \t\t</td> \t</tr> \t<tr> \t\t<td class="tableb"> \t\t\t{$lang_plugin_html5upload['acptmime']} \t\t</td> \t\t<td class="tableb"> \t\t\t<input type="text" name="acptmime" style="width:90%" maxlength="60" value="{$tcfg['acptmime']}" /> \t\t</td> \t</tr> \t<tr> \t\t<td class="tableb"> \t\t\t{$lang_plugin_html5upload['autoedit']} \t\t</td> \t\t<td class="tableb"> \t\t\t<input type="checkbox" name="autoedit" {$autochecked}/> \t\t</td> \t</tr> \t<tr> \t\t<td class="tableb"> \t\t\t{$lang_plugin_html5upload['incflds']} \t\t</td> \t\t<td class="tableb"> \t\t\t<input type="checkbox" name="titlfld" id="titlfld" {$titlchecked}/> <label for="titlfld">{$lang_common['title']}</label> \t\t\t<br /><input type="checkbox" name="descfld" id="descfld" {$descchecked}/> <label for="descfld">{$lang_common['caption']}</label> \t\t\t<br /><input type="checkbox" name="keysfld" id="keysfld" {$keyschecked}/> <label for="keysfld">{$lang_common['keywords']}</label> \t\t\t{$enabflds} \t\t</td> \t</tr> \t<tr> \t\t<td class="tableb" colspan="2" style="text-align:center"> \t\t\t{$rvrtbut}<button value="{$lang_common['apply_changes']}" name="save" class="button" type="submit">{$submit_icon}{$lang_common['apply_changes']} </button> \t\t</td> \t</tr> EOT; endtable(); list($timestamp, $form_token) = getFormToken(); echo "<input type=\"hidden\" name=\"form_token\" value=\"{$form_token}\" />"; echo "<input type=\"hidden\" name=\"timestamp\" value=\"{$timestamp}\" />"; pagefooter(); }
/** * recaptcha_check() * check/validate captcha confirmation code [user input] for each page * * @return */ function recaptcha_page_start() { global $lang_continue, $lang_error, $CONFIG, $CAPTCHA_DISABLE, $key_public, $key_private; include 'plugins/recaptcha/recaptcha_config.php'; $recapt_error_back = <<<EOT <script type="text/javascript"> \tdocument.write('<span style="h3"><a href="#" onclick="history.go(-1);return false;">{$lang_plugin_captcha_error}<br>{$lang_plugin_captcha_goback}</span></a>'); </script> EOT; switch ($_SERVER['PHP_SELF']) { case 'db_input.php': $valid_groups = explode(',', $CAPTCHA_DISABLE['comment']); if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['comment'] == '') { if (isset($_POST['msg_body']) && !isset($_POST['msg_id'])) { require_once 'plugins/recaptcha/recaptchalib.php'; $privatekey = "{$key_private}"; $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { load_template(); pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"25;url=displayimage.php?pos=" . -$_POST['pid'] . "\">"); msg_box($lang_error, $recapt_error_back); pagefooter(); exit; } return; } } break; case 'register.php': $valid_groups = explode(',', $CAPTCHA_DISABLE['register']); if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['register'] == '') { if (isset($_POST['submit'])) { require_once 'plugins/recaptcha/recaptchalib.php'; $privatekey = "{$key_private}"; $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { load_template(); pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"25;url=register.php\">"); msg_box($lang_error, $recapt_error_back); pagefooter(); exit; } return; } } break; case 'ecard.php': $valid_groups = explode(',', $CAPTCHA_DISABLE['ecard']); if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['ecard'] == '') { if (isset($_POST['submit'])) { require_once 'plugins/recaptcha/recaptchalib.php'; $privatekey = "{$key_private}"; $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { load_template(); pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"25;url=ecard.php?album={$_GET['album']}&pid={$_GET['pid']}&pos={$_GET['pos']}\">"); msg_box($lang_error, $recapt_error_back); pagefooter(); exit; } return; } } break; case 'report_file.php': $valid_groups = explode(',', $CAPTCHA_DISABLE['report']); if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['report'] == '') { if (count($_POST) > 0) { require_once 'plugins/recaptcha/recaptchalib.php'; $privatekey = "{$key_private}"; $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { load_template(); pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"25;url=report_file.php?album={$_GET['album']}&pid={$_GET['pid']}&pos={$_GET['pos']}\">"); msg_box($lang_error, $recapt_error_back); pagefooter(); exit; } return; } } break; case 'login.php': $valid_groups = explode(',', $CAPTCHA_DISABLE['login']); if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['login'] == '') { if (isset($_POST['submitted'])) { require_once 'plugins/recaptcha/recaptchalib.php'; $privatekey = "{$key_private}"; $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { load_template(); pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"25;url=login.php\">"); msg_box($lang_error, $recapt_error_back); pagefooter(); exit; } return; } } break; default: } // switch }
function make_form($next_form_action, $path_to_preview_image, $path_to_primary_image, $file_name) { global $event; global $album; global $title; global $caption; global $keywords; global $user1; global $user2; global $user3; global $user4; global $lang_image_processor_php; header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified header("Cache-Control: no-store, no-cache, must-revalidate"); // HTTP/1.1 header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); // HTTP/1.0 pageheader($lang_image_processor_php['page_title']); print "<br><br><br>"; print "<center>"; print "<img src=\"{$path_to_preview_image}\" alt=\"{$lang_image_processor_php['preview_image_alt_text']}\">"; print "</center>"; print "<br>"; print "<br>"; print "<form action=\"{$next_form_action}\" method=\"post\">"; print "<input type=\"hidden\" name=\"album\" value=\"{$album}\">"; print "<input type=\"hidden\" name=\"title\" value=\"{$title}\">"; print "<input type=\"hidden\" name=\"caption\" value=\"{$caption}\">"; print "<input type=\"hidden\" name=\"keywords\" value=\"{$keywords}\">"; print "<input type=\"hidden\" name=\"user1\" value=\"{$user1}\">"; print "<input type=\"hidden\" name=\"user2\" value=\"{$user2}\">"; print "<input type=\"hidden\" name=\"user3\" value=\"{$user3}\">"; print "<input type=\"hidden\" name=\"user4\" value=\"{$user4}\">"; print "<input type=\"hidden\" name=\"event\" value=\"{$event}\">"; print "<input type=\"hidden\" name=\"file_name\" value=\"{$file_name}\">"; print "<input type=\"hidden\" name=\"transitory_image_path\" value=\"{$path_to_primary_image}\">"; print "<input type=\"hidden\" name=\"preview_image_path\" value=\"{$path_to_preview_image}\">"; print "<p>{$lang_image_processor_php['manipulation_query']}</p>"; print "<br>"; print "<input type=\"radio\" name=\"degrees\" value=\"no\" checked>{$lang_image_processor_php['no_manipulation']} "; print "<input type=\"radio\" name=\"degrees\" value=\"90\">90° "; print "<input type=\"radio\" name=\"degrees\" value=\"180\">180° "; print "<input type=\"radio\" name=\"degrees\" value=\"270\">270° "; print "<br><br>"; print "<input type=\"submit\" value=\"Continue\">"; print "</form>"; pagefooter(); }
function display_instructions() { global $lang_xp_publish_required, $lang_xp_publish_client, $lang_xp_publish_select, $lang_xp_publish_testing, $lang_xp_publish_notes, $lang_xp_publish_flood, $lang_xp_publish_php, $icon_array; global $CONFIG, $lang_charset, $lang_common, $lang_errors, $CPG_PHP_SELF; $publish_help = ' ' . cpg_display_help('f=uploading_xp-publisher.htm&as=xp&ae=xp_end', '600', '600'); //$requirements_help = ' '.cpg_display_help('f=uploading_xp-publisher.htm&as=xp&ae=xp_end', '600', '600'); $install_help = ' ' . cpg_display_help('f=uploading_xp-publisher.htm&as=xp_publish_setup&ae=xp_publish_setup_end', '450', '400'); $usage_help = ' ' . cpg_display_help('f=uploading_xp-publisher.htm&as=xp_publish_upload&ae=xp_publish_upload_end', '600', '450'); $ok_icon = cpg_fetch_icon('ok', 0); $stop_icon = cpg_fetch_icon('stop', 0); $warning_icon = cpg_fetch_icon('warning', 0); pageheader($CONFIG['gallery_name'] . ' • ' . $lang_xp_publish_php['title']); starttable('100%', $icon_array['xp'] . $lang_xp_publish_php['client_header'] . $publish_help, 1); print <<<EOT <tr> <td class="tableh2"> <h2>{$lang_xp_publish_php['requirements']}</h2> </td> </tr> <tr> <td class="tableb"> <ul> <li> {$lang_xp_publish_php['windows_xp']}<br /> <div id="xp_vista" style="display:none">{$ok_icon}{$lang_common['ok']} - {$lang_xp_publish_php['windows_xp']}</div> <div id="other_os" style="display:none">{$stop_icon}{$lang_xp_publish_php['no_windows_xp']}</div> <div id="no_os_detection" style="display:block">{$warning_icon}{$lang_xp_publish_php['no_os_detect']}</div> </li> <li> {$lang_xp_publish_php['requirement_ie']}<br /> <div id="ie" style="display:none">{$ok_icon}{$lang_common['ok']} - {$lang_xp_publish_php['requirement_ie']}</div> <div id="other_browser" style="display:none">{$stop_icon}{$lang_xp_publish_php['no_ie']}</div> <div id="no_browser_detection" style="display:block">{$warning_icon}{$lang_xp_publish_php['no_browser_detect']}</div> </li> EOT; if (GALLERY_ADMIN_MODE) { print <<<EOT <li>{$lang_xp_publish_php['requirement_http_upload']}</li> EOT; if ($CONFIG['gallery_name'] == '') { print '<li>' . $stop_icon . $lang_xp_publish_php['no_gallery_name'] . '</li>'; } if ($CONFIG['gallery_description'] == '') { print '<li>' . $stop_icon . $lang_xp_publish_php['no_gallery_description'] . '</li>'; } } if (!USER_CAN_UPLOAD_PICTURES && !USER_CAN_CREATE_ALBUMS) { print <<<EOT <li>{$lang_xp_publish_php['requirement_permissions']}</li> EOT; } if (!USER_ID) { print <<<EOT <li>{$lang_xp_publish_php['requirement_login']}</li> EOT; } print <<<EOT </ul> </td> </tr> <tr> <td class="tableh2"> <h2>{$lang_xp_publish_php['howto_install']}{$install_help}</h2> </td> </tr> <tr> <td class="tableb"> <ul> <li> EOT; printf($lang_xp_publish_php['install_right_click'], '<a href="' . $CPG_PHP_SELF . '?cmd=send_reg">' . cpg_fetch_icon('download', 0), '</a>'); print <<<EOT </li> <li>{$lang_xp_publish_php['install_save']}</li> <li>{$lang_xp_publish_php['install_execute']}</li> </ul> </td> </tr> <tr> <td class="tableh2"> <h2>{$lang_xp_publish_php['usage']}{$usage_help}</h2> </td> </tr> <tr> <td class="tableb"> <ul> <li>{$lang_xp_publish_php['select_files']}</li> <li>{$lang_xp_publish_php['display_tasks']}</li> <li>{$lang_xp_publish_php['publish_on_the_web']}</li> <li>{$lang_xp_publish_php['confirm_selection']}, {$lang_xp_publish_php['next']}</li> <li>{$lang_xp_publish_php['select_service']}</li> <li>{$lang_xp_publish_php['enter_login']}</li> <li>{$lang_xp_publish_php['select_album']}, {$lang_xp_publish_php['next']}</li> <li>{$lang_xp_publish_php['upload_starts']}</li> <li>{$lang_xp_publish_php['upload_completed']}</li> </ul> </td> </tr> EOT; endtable(); print <<<EOT <script type="text/javascript"> function os_browser_detection() { // browser detection. // Usually, browser detection is buggy and should not be used. However, the sidebar works only in mainstream browsers anyway and requires JavaScript, so we can be pretty sure that the user has it enabled if this is supposed to work in the first place. var detection_success = 0; if (navigator.userAgent.indexOf('Firefox') != -1 || navigator.userAgent.indexOf('Netscape') != -1 || navigator.userAgent.indexOf('Konqueror') != -1 || navigator.userAgent.indexOf('Gecko') != -1) { document.getElementById('ie').style.display = 'none'; document.getElementById('other_browser').style.display = 'block'; document.getElementById('no_browser_detection').style.display = 'none'; detection_success = 1; } if (navigator.userAgent.indexOf('Opera') != -1) { document.getElementById('ie').style.display = 'none'; document.getElementById('other_browser').style.display = 'block'; document.getElementById('detecting').style.display = 'none'; detection_success = 1; } if (navigator.userAgent.indexOf('MSIE') != -1) { document.getElementById('ie').style.display = 'block'; document.getElementById('other_browser').style.display = 'none'; document.getElementById('no_browser_detection').style.display = 'none'; detection_success = 1; } if (navigator.userAgent.indexOf('Windows NT 6.1') != -1 || navigator.userAgent.indexOf('Windows NT 6.0') != -1 || navigator.userAgent.indexOf('Windows NT 5.2') != -1 || navigator.userAgent.indexOf('Windows NT 5.1') != -1) { document.getElementById('xp_vista').style.display = 'block'; document.getElementById('other_os').style.display = 'none'; document.getElementById('no_os_detection').style.display = 'none'; detection_success = 1; } if (navigator.userAgent.indexOf('Windows NT 5.0') != -1 || navigator.userAgent.indexOf('Windows NT 4.0') != -1 || navigator.userAgent.indexOf('Windows 9') != -1 || navigator.userAgent.indexOf('Windows CE') != -1 || navigator.userAgent.indexOf('Mac') != -1 || navigator.userAgent.indexOf('Linux') != -1) { document.getElementById('xp_vista').style.display = 'none'; document.getElementById('other_os').style.display = 'block'; document.getElementById('no_os_detection').style.display = 'none'; detection_success = 1; } } self.onload = os_browser_detection(); </script> EOT; pagefooter(); }
function custom_thumb_page_start() { global $CONFIG, $lang_errors; $superCage = Inspekt::makeSuperCage(); if ($superCage->get->keyExists('custom_thmb_id')) { $pid = $superCage->get->getInt('custom_thmb_id'); $result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} AS p INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS a ON a.aid = p.aid WHERE p.pid = '{$pid}' LIMIT 1"); $row = mysql_fetch_assoc($result); if (!(USER_ADMIN_MODE && $row['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $row['owner_id'] == USER_ID && USER_ID != 0 || GALLERY_ADMIN_MODE)) { load_template(); cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } require_once "./plugins/custom_thumb/lang/english.php"; if ($CONFIG['lang'] != 'english' && file_exists("./plugins/custom_thumb/lang/{$CONFIG['lang']}.php")) { require_once "./plugins/custom_thumb/lang/{$CONFIG['lang']}.php"; } if ($superCage->files->keyExists('fileupload') && $row) { if (!checkFormToken()) { load_template(); global $lang_errors; cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__); } $fileupload = $superCage->files->_source['fileupload']; if ($fileupload['error']) { load_template(); cpg_die(ERROR, $lang_errors['error'] . ' ' . $fileupload['error'], __FILE__, __LINE__); } if (is_image($fileupload['name'])) { if (!is_image($row['filename'])) { $path_parts = pathinfo($row['filename']); $row['filename'] = basename($row['filename'], '.' . $path_parts['extension']) . '.png'; } $thumb = $CONFIG['fullpath'] . $row['filepath'] . $CONFIG['thumb_pfx'] . $row['filename']; if (move_uploaded_file($fileupload['tmp_name'], $thumb) == TRUE) { require 'include/picmgmt.inc.php'; if ($superCage->post->keyExists('create_intermediate')) { $normal = $CONFIG['fullpath'] . $row['filepath'] . $CONFIG['normal_pfx'] . $row['filename']; $resize_method = $CONFIG['picture_use'] == "thumb" ? $CONFIG['thumb_use'] == "ex" ? "any" : $CONFIG['thumb_use'] : $CONFIG['picture_use']; resize_image($thumb, $normal, $CONFIG['picture_width'], $CONFIG['thumb_method'], $resize_method); } resize_image($thumb, $thumb, $CONFIG['thumb_width'], $CONFIG['thumb_method'], $CONFIG['thumb_use']); } else { load_template(); cpg_die(ERROR, sprintf($lang_plugin_custom_thumb['error_move_file'], $fileupload['tmp_name'], $thumb), __FILE__, __LINE__); } } else { load_template(); cpg_die(ERROR, $lang_plugin_custom_thumb['error_images_only'], __FILE__, __LINE__); } header("Location: {$CONFIG['site_url']}displayimage.php?pid={$pid}"); die; } else { load_template(); pageheader($lang_plugin_custom_thumb['custom_thumbnail']); echo '<form method="post" enctype="multipart/form-data">'; starttable('60%', $lang_plugin_custom_thumb['upload_custom_thumbnail'], 2); list($timestamp, $form_token) = getFormToken(); echo <<<EOT <tr> <td class="tableb" valign="top"> {$lang_plugin_custom_thumb['browse']} </td> <td class="tableb" valign="top"> <input type="file" name="fileupload" size="40" class="listbox" /> </td> </tr> <tr> <td class="tableb" valign="top"> {$lang_plugin_custom_thumb['create_intermediate']} </td> <td class="tableb" valign="top"> <input type="checkbox" name="create_intermediate" /> </td> </tr> <tr> <td align="center" colspan="2" class="tablef"> <input type="hidden" name="form_token" value="{$form_token}" /> <input type="hidden" name="timestamp" value="{$timestamp}" /> <input type="submit" name="commit" class="button" value="{$lang_plugin_custom_thumb['upload']}"/> </td> </tr> EOT; endtable(); echo '</form>'; pagefooter(); exit; } } }
/** * captcha_page_start() * check/validate captcha confirmation code [user input] for each page * * @return */ function captcha_page_start() { global $lang_continue, $lang_error, $lang_plugin_captcha_conf, $CONFIG, $CAPTCHA_DISABLE, $CAPTCHA_TIMEOUT; /* Setting Options */ /** * Enable/Disable array * * Set which group should NOT see Captcha on each page * ''=> Captcha Enable for all users * COppermine Standard Group Name: * Administrators,Registered,Guests,Banned * You can add your custome group name too * Seprated by ',' */ $CAPTCHA_DISABLE = array('login' => 'Administrators,Registered,Guests', 'register' => 'Administrators,Registered', 'comment' => 'Administrators,Registered', 'report' => 'Administrators', 'ecard' => 'Administrators'); $CAPTCHA_TIMEOUT = 300; // How many sec should passed before we remove the code from database require 'plugins/captcha/include/init.inc.php'; require 'plugins/captcha/include/captcha.class.php'; switch ($_SERVER['PHP_SELF']) { case 'login.php': $valid_groups = explode(',', $CAPTCHA_DISABLE['login']); if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['login'] == '') { if (isset($_POST['submitted']) and !Validate($_POST['confirmCode'])) { load_template(); pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"3;url=login.php\">"); msg_box($lang_error, "{$lang_plugin_captcha_error}", $lang_continue, 'login.php'); pagefooter(); exit; } } break; case 'register.php': $valid_groups = explode(',', $CAPTCHA_DISABLE['register']); if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['register'] == '') { if (isset($_POST['submit']) and !Validate($_POST['confirmCode'])) { load_template(); pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"3;url=register.php\">"); msg_box($lang_error, "{$lang_plugin_captcha_error}", $lang_continue, 'register.php'); pagefooter(); exit; } } break; case 'db_input.php': $valid_groups = explode(',', $CAPTCHA_DISABLE['comment']); if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['comment'] == '') { if (isset($_POST['msg_body']) and !Validate($_POST['confirmCode'])) { load_template(); pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"3;url=displayimage.php?pos=" . -$_POST['pid'] . "\">"); msg_box($lang_error, "{$lang_plugin_captcha_error}", $lang_continue, "displayimage.php?pos=" . -$_POST['pid']); pagefooter(); exit; } } break; case 'report_file.php': $valid_groups = explode(',', $CAPTCHA_DISABLE['report']); if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['report'] == '') { if (count($_POST) > 0 and !Validate($_POST['confirmCode'])) { load_template(); pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"3;url=report_file.php?album={$_GET['album']}&pid={$_GET['pid']}&pos={$_GET['pos']}\">"); msg_box($lang_error, "{$lang_plugin_captcha_error}", $lang_continue, "report_file.php?album={$_GET['album']}&pid={$_GET['pid']}&pos={$_GET['pos']}"); pagefooter(); exit; } } break; case 'ecard.php': $valid_groups = explode(',', $CAPTCHA_DISABLE['ecard']); if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['ecard'] == '') { if (count($_POST) > 0 and !Validate($_POST['confirmCode'])) { load_template(); pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"3;url=ecard.php?album={$_GET['album']}&pid={$_GET['pid']}&pos={$_GET['pos']}\">"); msg_box($lang_error, "{$lang_plugin_captcha_error}", $lang_continue, "ecard.php?album={$_GET['album']}&pid={$_GET['pid']}&pos={$_GET['pos']}"); pagefooter(); exit; } } break; default: } // switch }
function file_replacer_page_start() { global $CONFIG, $lang_errors; $superCage = Inspekt::makeSuperCage(); if ($superCage->get->keyExists('replacer_id')) { $pid = $superCage->get->getInt('replacer_id'); $result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} AS p INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS a ON a.aid = p.aid WHERE p.pid = '{$pid}' LIMIT 1"); $row = mysql_fetch_assoc($result); if (!(USER_ADMIN_MODE && $row['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $row['owner_id'] == USER_ID && USER_ID != 0 || GALLERY_ADMIN_MODE)) { load_template(); cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } require_once "./plugins/file_replacer/lang/english.php"; if ($CONFIG['lang'] != 'english' && file_exists("./plugins/file_replacer/lang/{$CONFIG['lang']}.php")) { require_once "./plugins/file_replacer/lang/{$CONFIG['lang']}.php"; } if ($superCage->files->keyExists('fileupload') && $row) { if (!checkFormToken()) { load_template(); global $lang_errors; cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__); } $fileupload = $superCage->files->_source['fileupload']; if ($fileupload['error']) { load_template(); global $lang_errors; cpg_die(ERROR, $lang_errors['error'] . ' ' . $fileupload['error'], __FILE__, __LINE__); } $image = $CONFIG['fullpath'] . $row['filepath'] . $row['filename']; $normal = $CONFIG['fullpath'] . $row['filepath'] . $CONFIG['normal_pfx'] . $row['filename']; $thumb = $CONFIG['fullpath'] . $row['filepath'] . $CONFIG['thumb_pfx'] . $row['filename']; $orig = $CONFIG['fullpath'] . $row['filepath'] . $CONFIG['orig_pfx'] . $row['filename']; $work_image = $image; if (!move_uploaded_file($fileupload['tmp_name'], $image)) { load_template(); cpg_die(ERROR, sprintf($lang_plugin_file_replacer['error_move_file'], $fileupload['tmp_name'], $image), __FILE__, __LINE__); } chmod($image, octdec($CONFIG['default_file_mode'])); if (is_known_filetype($image)) { if (is_image($image)) { require 'include/picmgmt.inc.php'; $imagesize = cpg_getimagesize($image); if ($CONFIG['read_iptc_data']) { // read IPTC data $iptc = get_IPTC($image); if ($superCage->post->keyExists('overwrite_metadata')) { $title = isset($iptc['Headline']) ? $iptc['Headline'] : ''; $caption = isset($iptc['Caption']) ? $iptc['Caption'] : ''; $keywords = isset($iptc['Keywords']) ? implode($CONFIG['keyword_separator'], $iptc['Keywords']) : ''; $metadata_sql = ", title = '{$title}', caption = '{$caption}', keywords = '{$keywords}'"; } } // resize picture if it's bigger than the max width or height for uploaded pictures if (max($imagesize[0], $imagesize[1]) > $CONFIG['max_upl_width_height']) { if (USER_IS_ADMIN && $CONFIG['auto_resize'] == 1 || !USER_IS_ADMIN && $CONFIG['auto_resize'] > 0) { resize_image($image, $image, $CONFIG['max_upl_width_height'], $CONFIG['thumb_method'], 'any', 'false'); // hard-coded 'any' according to configuration string 'Max width or height for uploaded pictures' $imagesize = cpg_getimagesize($image); } elseif (USER_IS_ADMIN) { // skip resizing for admin $picture_original_size = true; } else { @unlink($uploaded_pic); $msg = sprintf($lang_db_input_php['err_fsize_too_large'], $CONFIG['max_upl_width_height'], $CONFIG['max_upl_width_height']); return array('error' => $msg, 'halt_upload' => 1); } } // create backup of full sized picture if watermark is enabled for full sized pictures if (!file_exists($orig) && $CONFIG['enable_watermark'] == '1' && ($CONFIG['which_files_to_watermark'] == 'both' || $CONFIG['which_files_to_watermark'] == 'original')) { if (!copy($image, $orig)) { return false; } else { $work_image = $orig; } } //if (!file_exists($thumb)) { // create thumbnail if (($result = resize_image($work_image, $thumb, $CONFIG['thumb_width'], $CONFIG['thumb_method'], $CONFIG['thumb_use'], "false", 1)) !== true) { return $result; } //} if (max($imagesize[0], $imagesize[1]) > $CONFIG['picture_width'] && $CONFIG['make_intermediate']) { // create intermediate sized picture $resize_method = $CONFIG['picture_use'] == "thumb" ? $CONFIG['thumb_use'] == "ex" ? "any" : $CONFIG['thumb_use'] : $CONFIG['picture_use']; $watermark = $CONFIG['enable_watermark'] == '1' && ($CONFIG['which_files_to_watermark'] == 'both' || $CONFIG['which_files_to_watermark'] == 'resized') ? 'true' : 'false'; if (($result = resize_image($work_image, $normal, $CONFIG['picture_width'], $CONFIG['thumb_method'], $resize_method, $watermark)) !== true) { return $result; } } // watermark full sized picture if ($CONFIG['enable_watermark'] == '1' && ($CONFIG['which_files_to_watermark'] == 'both' || $CONFIG['which_files_to_watermark'] == 'original')) { $wm_max_upl_width_height = $picture_original_size ? max($imagesize[0], $imagesize[1]) : $CONFIG['max_upl_width_height']; // use max aspect of original image if it hasn't been resized earlier if (($result = resize_image($work_image, $image, $wm_max_upl_width_height, $CONFIG['thumb_method'], 'any', 'true')) !== true) { return $result; } } list($width, $height) = getimagesize($image); } else { $width = 0; $height = 0; } $image_filesize = filesize($image); $total_filesize = is_image($row['filename']) ? $image_filesize + (file_exists($normal) ? filesize($normal) : 0) + filesize($thumb) : $image_filesize; cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET filesize = '{$image_filesize}', total_filesize = '{$total_filesize}', pwidth = '{$width}', pheight = '{$height}' {$metadata_sql} WHERE pid = '{$pid}' LIMIT 1"); if ($superCage->post->keyExists('update_timestamp')) { cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET ctime = '" . time() . "' WHERE pid = '{$pid}' LIMIT 1"); } cpg_db_query("DELETE FROM {$CONFIG['TABLE_EXIF']} WHERE pid = '{$pid}' LIMIT 1"); if ($CONFIG['read_exif_data']) { include "include/exif_php.inc.php"; exif_parse_file($image, $pid); } $CONFIG['site_url'] = rtrim($CONFIG['site_url'], '/'); } else { if (is_image($image)) { @unlink($normal); @unlink($thumb); } @unlink($image); } header("Location: {$CONFIG['site_url']}/displayimage.php?pid={$pid}"); die; } else { load_template(); pageheader($lang_plugin_file_replacer['file_replacer']); echo '<form method="post" enctype="multipart/form-data">'; starttable('60%', $lang_plugin_file_replacer['upload_file'], 2); list($timestamp, $form_token) = getFormToken(); echo <<<EOT <tr> <td class="tableb" valign="top"> {$lang_plugin_file_replacer['browse']} </td> <td class="tableb" valign="top"> <input type="file" name="fileupload" size="40" class="listbox" /> </td> </tr> <tr> <td class="tableb" valign="top"> {$lang_plugin_file_replacer['update_timestamp']} </td> <td class="tableb" valign="top"> <input type="checkbox" name="update_timestamp" /> </td> </tr> <tr> <td class="tableb" valign="top"> {$lang_plugin_file_replacer['overwrite_metadata']} </td> <td class="tableb" valign="top"> <input type="checkbox" name="overwrite_metadata" /> </td> </tr> <tr> <td align="center" colspan="2" class="tablef"> <input type="hidden" name="form_token" value="{$form_token}" /> <input type="hidden" name="timestamp" value="{$timestamp}" /> <input type="submit" name="commit" class="button" value="{$lang_plugin_file_replacer['upload']}"/> </td> </tr> EOT; endtable(); echo '</form>'; pagefooter(); exit; } } }
function html_footer() { if (function_exists('pagefooter') && defined('COPPERMINE_VERSION') && GALLERY_ADMIN_MODE) { pagefooter(); } else { echo <<<EOT </body> </html> EOT; } }
function reload() { global $filelist, $counter, $lang_plugin_mass_import, $output_array, $lang_common, $mass_import_icon_array; // Create the super cage $superCage = Inspekt::makeSuperCage(); if ($superCage->post->keyExists('auto') || $superCage->post->keyExists('directory') || $superCage->post->keyExists('sleep') || $superCage->post->keyExists('hardlimit')) { // Do nothing } else { exit; } $remaining = countup($filelist); $filelist = base64_encode(serialize($filelist)); if ($superCage->post->keyExists('auto') && $superCage->post->getInt('auto') == 1) { $auto = 'checked = "checked"'; } else { $auto = ''; } if ($counter != 0) { $counter = $output_array['row_start'] . $lang_plugin_mass_import['files_added'] . ': ' . $output_array['row_separator'] . $counter . $output_array['row_end']; } else { $counter = $output_array['row_start'] . $lang_plugin_mass_import['structure_created'] . $output_array['row_separator'] . $output_array['row_end']; } if ($superCage->post->keyExists('directory')) { $directory = $superCage->post->getRaw('directory'); // We rely on the fact that only the admin can run this page } else { $directory = ''; } if ($superCage->post->keyExists('sleep')) { $sleep = $superCage->post->getInt('sleep'); } else { $sleep = '1000'; } if ($superCage->post->keyExists('hardlimit')) { $hardlimit = $superCage->post->getInt('hardlimit'); } else { $hardlimit = '0'; } $js = $superCage->post->keyExists('auto') && $remaining ? '<script type="text/javascript"> onload = document.form.submit();</script>' : ''; if (!connection_aborted()) { echo $counter; echo $output_array['row_start'] . $lang_plugin_mass_import['files_to_add'] . ': ' . $output_array['row_separator'] . $remaining . $output_array['row_end']; echo <<<EOT {$output_array['row_start']} <input name="filelist" type="hidden" value="{$filelist}" /> <input type="hidden" name="directory" value="{$directory}" />\t {$lang_plugin_mass_import['sleep_desc']}: {$output_array['row_separator']}\t <input type="text" name="sleep" id="sleep" value="{$sleep}" size="5" maxlength="5" class="textinput spin-button" /> ({$lang_plugin_mass_import['in_milliseconds']}) {$output_array['row_end']} {$output_array['row_start']} {$lang_plugin_mass_import['hardlimit_desc']}: {$output_array['row_separator']}\t <input type="text" name="hardlimit" id="hardlimit" value="{$hardlimit}" size="3" maxlength="3" class="textinput spin-button" /> {$output_array['row_end']} {$output_array['row_start']} <label for="auto" class="clickable_option">{$lang_plugin_mass_import['autorun_desc']}</label>: {$output_array['row_separator']}\t <input type="checkbox" name="auto" id="auto" value="1" class="checkbox" {$auto} /> {$output_array['row_end']} {$output_array['row_start']} <button type="submit" class="button" name="continue" value="{$lang_common['continue']}">{$mass_import_icon_array['continue']}{$lang_common['continue']}</button> {$output_array['row_separator']} {$output_array['row_end']} EOT; } echo $js; endtable(); echo <<<EOT </form> EOT; pagefooter(); }
function shorturl_page_start() { if (defined('INDEX_PHP')) { global $CONFIG, $lang_common, $lang_errors, $cpg_udb, $lang_gallery_admin_menu; require "./plugins/shorturl/lang/english.php"; if ($CONFIG['lang'] != 'english' && file_exists("./plugins/shorturl/lang/{$CONFIG['lang']}.php")) { require "./plugins/shorturl/lang/{$CONFIG['lang']}.php"; } $superCage = Inspekt::MakeSuperCage(); if ($superCage->get->keyExists('c')) { header("Location: index.php?cat=" . $superCage->get->getInt('c')); } if ($superCage->get->keyExists('a')) { header("Location: thumbnails.php?album=" . $superCage->get->getInt('a')); } if ($superCage->get->keyExists('p')) { header("Location: displayimage.php?pid=" . $superCage->get->getInt('p')); } if ($superCage->get->keyExists('r')) { $result = cpg_db_query("SELECT url FROM {$CONFIG['TABLE_PREFIX']}plugin_shorturl WHERE rid = " . $superCage->get->getInt('r')); $url = mysql_result($result, 0); mysql_free_result($result); if ($CONFIG['plugin_shorturl_preview'] == 1 || $superCage->get->keyExists('preview')) { load_template(); pageheader($lang_plugin_shorturl['redirection_preview']); starttable('100%', $lang_plugin_shorturl['redirection_preview']); echo <<<EOT <tr> <td class="tableb"> <a href="{$url}" class="external">{$url}</a> </td> </tr> EOT; endtable(); pagefooter(); exit; } else { header("Location: {$url}"); } } if ($superCage->get->keyExists('shorturl')) { if ($superCage->get->getAlpha('shorturl') == 'config') { if (!GALLERY_ADMIN_MODE) { load_template(); cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } if ($superCage->post->keyExists('submit') == TRUE) { if (!checkFormToken()) { load_template(); cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__); } $superCage = Inspekt::makeSuperCage(); if (!isset($CONFIG['plugin_shorturl_preview'])) { cpg_db_query("INSERT INTO {$CONFIG['TABLE_CONFIG']} (name, value) VALUES('plugin_shorturl_preview', '" . $superCage->post->getInt('plugin_shorturl_preview') . "')"); } else { cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '" . $superCage->post->getInt('plugin_shorturl_preview') . "' WHERE name = 'plugin_shorturl_preview'"); } $CONFIG['plugin_shorturl_preview'] = $superCage->post->getInt('plugin_shorturl_preview'); $result = cpg_db_query("SELECT group_id FROM {$CONFIG['TABLE_USERGROUPS']} WHERE has_admin_access != '1'"); while ($row = mysql_fetch_assoc($result)) { if (!isset($CONFIG['plugin_shorturl_permissions_' . $row['group_id']])) { cpg_db_query("INSERT INTO {$CONFIG['TABLE_CONFIG']} (name, value) VALUES('plugin_shorturl_permissions_{$row['group_id']}', '" . $superCage->post->getInt('plugin_shorturl_permissions_' . $row['group_id']) . "')"); } else { cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '" . $superCage->post->getInt('plugin_shorturl_permissions_' . $row['group_id']) . "' WHERE name = 'plugin_shorturl_permissions_{$row['group_id']}'"); } $CONFIG['plugin_shorturl_permissions_' . $row['group_id']] = $superCage->post->getInt('plugin_shorturl_permissions_' . $row['group_id']); } mysql_free_result($result); } load_template(); pageheader($lang_plugin_shorturl['plugin_name'] . ' ' . $lang_gallery_admin_menu['admin_lnk']); $permissions = ""; $result = cpg_db_query("SELECT group_id, group_name FROM {$CONFIG['TABLE_USERGROUPS']} ORDER BY group_id ASC"); while ($row = mysql_fetch_assoc($result)) { if (in_array($row['group_id'], $cpg_udb->admingroups)) { $permissions .= <<<EOT <tr> <td valign="top" align="left" class="tableb"> {$row['group_name']} </td> <td valign="top" align="center" class="tableb"> <input type="radio" class="radio" disabled="disabled" /> </td> <td valign="top" align="center" class="tableb"> <input type="radio" class="radio" checked="checked" /> </td> </tr> EOT; } else { $row['permission'] = mysql_result(cpg_db_query("SELECT value FROM {$CONFIG['TABLE_CONFIG']} WHERE name = 'plugin_shorturl_permissions_{$row['group_id']}'"), 0); $permissions .= <<<EOT <tr> <td valign="top" align="left" class="tableb"> {$row['group_name']} </td> EOT; for ($i = 0; $i <= 1; $i++) { if (!is_numeric($row['permission']) && $i == 0) { $checked = "checked=\"checked\""; } else { $checked = $row['permission'] == $i ? "checked=\"checked\"" : ""; } $permissions .= <<<EOT <td valign="top" align="center" class="tableb"> <input type="radio" name="plugin_shorturl_permissions_{$row['group_id']}" id="plugin_shorturl_permissions_{$row['group_id']}_{$i}" class="radio" value="{$i}" {$checked} /> </td> EOT; } $permissions .= <<<EOT </tr> EOT; } } mysql_free_result($result); $preview = ""; for ($i = 0; $i <= 1; $i++) { $checked = $CONFIG['plugin_shorturl_preview'] == $i ? "checked=\"checked\"" : ""; $preview .= <<<EOT <td valign="top" align="center" class="tableb"> <input type="radio" name="plugin_shorturl_preview" id="plugin_shorturl_preview_{$i}" class="radio" value="{$i}" {$checked} /> </td> EOT; } list($timestamp, $form_token) = getFormToken(); echo <<<EOT <form action="" method="post" name="shorturl_config" id="shorturl_config"> EOT; starttable('100%', $lang_plugin_shorturl['plugin_name'] . ' ' . $lang_gallery_admin_menu['admin_lnk'], 3); echo <<<EOT <tr> <td valign="top" class="tableb"> {$lang_plugin_shorturl['display_menu_button']} </td> <td valign="top" class="tableb" colspan="2"> <table border="0" cellspacing="0" cellpadding="0" width="100%"> <tr> <th valign="top" align="left" class="tableh2"> {$lang_plugin_shorturl['group']} </th> <th valign="top" align="center" class="tableh2"> {$lang_common['no']} </th> <th valign="top" align="center" class="tableh2"> {$lang_common['yes']} </th> </tr> {$permissions} </table> </td> </tr> <tr> <td class="tableb"> {$lang_plugin_shorturl['show_redirection_preview']} </td> <td class="tableb"> <table border="0" cellspacing="0" cellpadding="0" width="100%"> <tr> <th valign="top" align="center" class="tableh2"> {$lang_common['no']} </th> <th valign="top" align="center" class="tableh2"> {$lang_common['yes']} </th> </tr> {$preview} </table> </td> </tr> <tr> <td valign="middle" class="tablef"> </td> <td valign="middle" class="tablef" colspan="2"> <input type="hidden" name="form_token" value="{$form_token}" /> <input type="hidden" name="timestamp" value="{$timestamp}" /> <button type="submit" class="button" name="submit" value="{$lang_common['ok']}">{$annotate_icon_array['ok']}{$lang_common['ok']}</button> </td> </tr> EOT; endtable(); pagefooter(); exit; } if ($superCage->get->getAlpha('shorturl') == 'add') { if (shorturl_get_permission() == 0) { global $lang_errors; load_template(); cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } if ($superCage->post->keyExists('url')) { js_include('plugins/shorturl/jquery.copy.js'); load_template(); pageheader($lang_plugin_shorturl['your_url']); starttable('100%', $lang_plugin_shorturl['your_url'], 2); echo <<<EOT <tr> <td class="tableb"> EOT; $regex = '^' . '(https?://){1,1}' . '(([0-9a-z_!~*\'().&=+$%-]+: ){0,1}' . '[0-9a-z_!~*\'().&=+$%-]+@){0,1}' . '(([0-9]{1,3}\\.){3}[0-9]{1,3}' . '|' . '(' . '([0-9a-z_!~*\'()-]+\\.)*' . '([0-9a-z][0-9a-z-]{0,61})?[0-9a-z]\\.' . '[a-z]{2,6}' . ')' . ')' . '(:[0-9]{1,4}){0,1}' . '((/?)|' . '(/[0-9a-zA-Z_!~*\'().;?:@&=+$,%\\#-]+)+/?)' . '$'; $url = $superCage->post->getRaw('url'); if (!preg_match('#' . $regex . '#i', $url)) { echo $lang_plugin_shorturl['invalid_url'] . ": <tt>{$url}</tt> <br/> <form action=\"javascript:history.back();\"><button type=\"submit\" class=\"button\">{$lang_common['back']}</button></form>"; } else { $result = cpg_db_query("SELECT rid FROM {$CONFIG['TABLE_PREFIX']}plugin_shorturl WHERE url = '{$url}'"); if (mysql_num_rows($result) > 0) { $rid = mysql_result($result, 0); } else { cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}plugin_shorturl (url) VALUES ('{$url}')"); $result = cpg_db_query("SELECT rid FROM {$CONFIG['TABLE_PREFIX']}plugin_shorturl WHERE url = '{$url}'"); $rid = mysql_result($result, 0); } mysql_free_result($result); $length = strlen($CONFIG['ecards_more_pic_target'] . "?r={$rid}") + 20; $preview_status = sprintf($lang_plugin_shorturl['preview_status'], $CONFIG['plugin_shorturl_preview'] == 1 ? $lang_plugin_shorturl['enabled'] : $lang_plugin_shorturl['disabled']); echo <<<EOT <input id="shorturl" type="text" name="url" size="{$length}" class="textinput" value="{$CONFIG['ecards_more_pic_target']}?r={$rid}" readonly="readonly" onclick="\$(this).select();" /> <span style="cursor:help;" title="{$preview_status}">{$lang_plugin_shorturl['immediate_redirection']}</span> <br /> <input id="shorturl_p" type="text" name="url" size="{$length}" class="textinput" value="{$CONFIG['ecards_more_pic_target']}?r={$rid}&preview" readonly="readonly" onclick="\$(this).select();" /> {$lang_plugin_shorturl['display_link']} EOT; } echo <<<EOT </td> </tr> EOT; endtable(); pagefooter(); exit; } else { load_template(); pageheader($lang_plugin_shorturl['create_url']); echo '<form method="post">'; starttable('100%', $lang_plugin_shorturl['enter_url'], 2); list($timestamp, $form_token) = getFormToken(); echo <<<EOT <tr> <td class="tableb"> <input type="text" id="url" name="url" size="40" class="textinput" style="width:90%;" /> <input type="hidden" name="form_token" value="{$form_token}" /> <input type="hidden" name="timestamp" value="{$timestamp}" /> </td> <td class="tableb"> <input type="submit" name="commit" class="button" value="{$lang_plugin_shorturl['shorten']}" /> </td> </tr> EOT; endtable(); echo '</form>'; echo '<script type="text/javascript">$(document).ready(function() { $("#url").select(); });</script>'; pagefooter(); exit; } } } } }
endtable(); echo '<br />'; } echo '<form action="index.php?file=limit_upload/admin" method="post">'; starttable("100%", $lang_plugin_limit_upload['limit_upload'] . " - " . $lang_gallery_admin_menu['admin_lnk'], 3); $upload_limit = mysql_result(cpg_db_query("SELECT value FROM {$CONFIG['TABLE_CONFIG']} WHERE name = 'limit_upload_upload_limit'"), 0); $time_limit = mysql_result(cpg_db_query("SELECT value FROM {$CONFIG['TABLE_CONFIG']} WHERE name = 'limit_upload_time_limit'"), 0); foreach ($lang_plugin_limit_upload['upload_limit_values'] as $key => $value) { $selected = $time_limit == $key ? 'selected="selected"' : ''; $time_limit_options .= "<option value=\"{$key}\" {$selected}>{$value}</option>"; } $submit_icon = cpg_fetch_icon('ok', 1); echo <<<EOT <tr> <td class="tableb"> {$lang_plugin_limit_upload['upload_limit']} </td> <td class="tableb"> <input type="input" class="listbox" size="5" name="upload_limit" id="plugin_limit_upload_files" value="{$upload_limit}" /> <select class="listbox" name="time_limit">{$time_limit_options}</select> </td> <td class="tableb"> <button value="{$lang_common['apply_changes']}" name="submit" class="button" type="submit">{$submit_icon}{$lang_common['apply_changes']}</button> </td> </tr> EOT; endtable(); list($timestamp, $form_token) = getFormToken(); echo "<input type=\"hidden\" name=\"form_token\" value=\"{$form_token}\" />"; echo "<input type=\"hidden\" name=\"timestamp\" value=\"{$timestamp}\" />"; pagefooter();
function annotate_page_start() { global $CONFIG, $lang_meta_album_names, $valid_meta_albums; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; $superCage = Inspekt::MakeSuperCage(); $note = $superCage->get->keyExists('note') ? $superCage->get->getRaw('note') : $superCage->cookie->getRaw($CONFIG['cookie_name'] . 'note'); $lang_meta_album_names['lastnotes'] = $lang_plugin_annotate['lastnotes']; $lang_meta_album_names['shownotes'] = $lang_plugin_annotate['shownotes'] . " '{$note}'"; $valid_meta_albums[] = 'lastnotes'; $valid_meta_albums[] = 'shownotes'; $superCage = Inspekt::makeSuperCage(); if ($superCage->get->getAlpha('plugin') == "annotate" && $superCage->get->keyExists('delete_orphans')) { global $CONFIG; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; load_template(); pageheader($lang_plugin_annotate['delete_orphaned_entries']); if (version_compare(cpg_phpinfo_mysql_version(), '4.1', '>=')) { // we can use subqueries here cpg_db_query("DELETE FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate WHERE pid NOT IN (SELECT pid FROM {$CONFIG['TABLE_PICTURES']})"); } else { $result = cpg_db_query("SELECT pid FROM {$CONFIG['TABLE_PICTURES']}"); $pids = array(); while ($row = mysql_fetch_row($result)) { $pids[] = $row[0]; } $pids = implode(",", $pids); mysql_free_result($result); // cpg_db_query can cause browser to crash if debug output is enabled mysql_query("DELETE FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate WHERE pid NOT IN ({$pids})"); } $count = mysql_affected_rows(); if ($count == 1) { $count_output = $lang_plugin_annotate['1_orphaned_entry_deleted']; } else { $count_output = sprintf($lang_plugin_annotate['x_orphaned_entries_deleted'], $count); } starttable('-1', $annotate_icon_array['delete'] . $lang_plugin_annotate['delete_orphaned_entries']); echo <<<EOT <tr> <td class="tableb"> {$count_output} </td> </tr> EOT; endtable(); pagefooter(); exit; } if ($superCage->get->getAlpha('plugin') == "annotate" && $superCage->get->keyExists('import')) { global $CONFIG; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; load_template(); pageheader($lang_plugin_annotate['import']); starttable('-1', $annotate_icon_array['import'] . $lang_plugin_annotate['import']); if ($superCage->get->keyExists('do') && $CONFIG['plugin_annotate_import'] != "1") { if (!mysql_query("SELECT user_time FROM {$CONFIG['TABLE_PREFIX']}notes")) { cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}plugin_annotate (pid, posx, posy, width, height, note, user_id, user_time) \n SELECT pid, posx, posy, width, height, note, user_id, UNIX_TIMESTAMP() FROM {$CONFIG['TABLE_PREFIX']}notes"); } else { cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}plugin_annotate (pid, posx, posy, width, height, note, user_id, user_time) \n SELECT pid, posx, posy, width, height, note, user_id, user_time FROM {$CONFIG['TABLE_PREFIX']}notes"); } echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['import_success'], mysql_affected_rows()) . '</td></tr>'; cpg_db_query("INSERT INTO {$CONFIG['TABLE_CONFIG']} (name, value) VALUES ('plugin_annotate_import', '1')"); } else { $notes_to_import = mysql_result(cpg_db_query("SELECT COUNT(*) FROM {$CONFIG['TABLE_PREFIX']}notes"), 0); if (!$notes_to_import) { echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['import_found'], $notes_to_import) . '</td></tr>'; } elseif ($CONFIG['plugin_annotate_import'] == "1") { echo '<tr><td class="tableb">' . $lang_plugin_annotate['imported_already'] . '</td></tr>'; } else { echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['import_found'], $notes_to_import) . ' <a href="index.php?plugin=annotate&import&do" class="admin_menu">' . $lang_plugin_annotate['import'] . '</a></td></tr>'; } } endtable(); pagefooter(); exit; } if ($superCage->get->getAlpha('plugin') == "annotate" && $superCage->get->keyExists('update_database')) { global $CONFIG; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; load_template(); pageheader($lang_plugin_annotate['update_database']); require 'include/sql_parse.php'; $db_schema = './plugins/annotate/update.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { @mysql_query($q); } starttable('-1', $annotate_icon_array['update_database'] . $lang_plugin_annotate['update_database']); echo <<<EOT <tr> <td class="tableb"> {$lang_plugin_annotate['update_database_success']} </td> </tr> EOT; endtable(); pagefooter(); exit; } if ($superCage->get->getAlpha('plugin') == "annotate" && $superCage->get->keyExists('manage')) { if (!GALLERY_ADMIN_MODE) { return; } global $CONFIG; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; load_template(); if ($superCage->post->keyExists('submit')) { if (!checkFormToken()) { global $lang_errors; cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__); } if ($superCage->get->keyExists('batch_rename')) { if (strlen($superCage->post->getRaw('note_new')) < 1) { header("Location: index.php?plugin=annotate&manage&batch_rename&status=0¬e_old=" . $superCage->post->getRaw('note_old') . "¬e_new=" . $superCage->post->getRaw('note_new')); } else { cpg_db_query("UPDATE {$CONFIG['TABLE_PREFIX']}plugin_annotate SET note = '" . addslashes(addslashes($superCage->post->getRaw('note_new'))) . "' WHERE note = '" . addslashes(addslashes($superCage->post->getRaw('note_old'))) . "'"); header("Location: index.php?plugin=annotate&manage&batch_rename&status=1¬e_old=" . $superCage->post->getRaw('note_old') . "¬e_new=" . $superCage->post->getRaw('note_new')); } } if ($superCage->get->keyExists('batch_delete')) { cpg_db_query("DELETE FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate WHERE note = '" . addslashes(addslashes($superCage->post->getRaw('note_old'))) . "'"); header("Location: index.php?plugin=annotate&manage&batch_delete&status=1¬e_old=" . $superCage->post->getRaw('note_old')); } } pageheader($lang_plugin_annotate['manage']); if ($superCage->get->keyExists('batch_rename')) { starttable("100%", $lang_plugin_annotate['batch_rename']); } elseif ($superCage->get->keyExists('batch_delete')) { starttable("100%", $lang_plugin_annotate['batch_delete']); } else { starttable("100%", $lang_plugin_annotate['manage']); } if ($superCage->post->keyExists('sure')) { if ($superCage->get->keyExists('batch_rename')) { global $lang_common; $note_new = $superCage->post->getRaw('note_new'); if (strlen($note_new) < 1) { echo '<tr><td class="tableb">' . $lang_plugin_annotate['note_empty'] . ' <a href="javascript:history.back();">' . $lang_common['back'] . '</a></td></tr>'; endtable(); pagefooter(); die; } list($timestamp, $form_token) = getFormToken(); echo ' <tr><td class="tableb"> <form method="post" action="index.php?plugin=annotate&manage&batch_rename"> ' . sprintf($lang_plugin_annotate['sure_rename'], $superCage->post->getRaw('note_old'), $note_new) . ' <input type="hidden" name="note_old" class="textinput" value="' . $superCage->post->getRaw('note_old') . '" readonly="readonly"> <input type="hidden" name="note_new" class="textinput" value="' . $note_new . '" readonly="readonly"> <input type="hidden" name="form_token" value="' . $form_token . '" /> <input type="hidden" name="timestamp" value="' . $timestamp . '" /> <input type="submit" name="submit" class="button" value="' . $lang_common['go'] . '"> <a href="javascript:history.back();">' . $lang_common['back'] . '</a> </form> </td></tr> '; } if ($superCage->get->keyExists('batch_delete')) { global $lang_common; list($timestamp, $form_token) = getFormToken(); echo ' <tr><td class="tableb"> <form method="post" action="index.php?plugin=annotate&manage&batch_delete"> ' . sprintf($lang_plugin_annotate['sure_delete'], $superCage->post->getRaw('note_old')) . ' <input type="hidden" name="note_old" class="textinput" value="' . $superCage->post->getRaw('note_old') . '" readonly="readonly"> <input type="hidden" name="form_token" value="' . $form_token . '" /> <input type="hidden" name="timestamp" value="' . $timestamp . '" /> <input type="submit" name="submit" class="button" value="' . $lang_common['go'] . '"> <a href="javascript:history.back();">' . $lang_common['back'] . '</a> </form> </td></tr> '; } } if (!$superCage->post->keyExists('note_old')) { if ($superCage->get->keyExists('status')) { if ($superCage->get->keyExists('batch_rename')) { if ($superCage->get->getInt('status') == 1) { echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['rename_success'], $superCage->get->getRaw('note_old'), $superCage->get->getRaw('note_new')) . ' </td></tr>'; } if ($superCage->get->getInt('status') == 0) { echo '<tr><td class="tableb">"' . sprintf($lang_plugin_annotate['rename_fail'], $superCage->get->getRaw('note_old'), $superCage->get->getRaw('note_new')) . '. ' . $lang_plugin_annotate['note_empty'] . '</td></tr>'; } } if ($superCage->get->keyExists('batch_delete') && $superCage->get->getInt('status') == 1) { echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['delete_success'], $superCage->get->getRaw('note_old'), $superCage->get->getRaw('note_new')) . ' </td></tr>'; } } if ($superCage->get->keyExists('note')) { if ($superCage->get->keyExists('batch_rename')) { global $lang_common; echo ' <tr><td class="tableb"> <form method="post"> <input type="text" name="note_old" size="40" class="textinput" value="' . $superCage->get->getRaw('note') . '" readonly="readonly"> ' . $lang_plugin_annotate['rename_to'] . ' <input type="text" name="note_new" size="40" class="textinput" id="note_new"> <input type="submit" name="sure" class="button" value="' . $lang_common['go'] . '"> </form> <script type="text/javascript"> document.getElementById("note_new").select(); </script> </td></tr> '; } if ($superCage->get->keyExists('batch_delete')) { global $lang_common; echo ' <tr><td class="tableb"> <form method="post"> ' . $lang_common['delete'] . ' <input type="text" name="note_old" class="textinput" value="' . $superCage->get->getRaw('note') . '" readonly="readonly"> <input type="submit" name="sure" class="button" value="' . $lang_common['go'] . '"> </form> </td></tr> '; } } $result = cpg_db_query("SELECT DISTINCT(note) FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate ORDER BY note"); if (mysql_num_rows($result)) { $person_array = array(); while ($row = mysql_fetch_assoc($result)) { $person_array[] = stripslashes($row['note']); } echo '<tr><td class="tableb" align="left">'; for ($i = 0; $i < count($person_array); $i++) { $note = str_replace(array("#", "&"), array("%23", "%26"), $person_array[$i]); echo "\n <a href=\"index.php?plugin=annotate&manage&batch_delete&note={$note}\" title=\"{$lang_plugin_annotate['batch_delete']}\"><img src=\"images/icons/delete.png\" border=\"0\" /></a>\n <a href=\"index.php?plugin=annotate&manage&batch_rename&note={$note}\" title=\"{$lang_plugin_annotate['batch_rename']}\"><img src=\"images/icons/edit.png\" border=\"0\" /></a>\n {$person_array[$i]}<br />\n "; } echo '</td></tr>'; } mysql_free_result($result); } endtable(); pagefooter(); exit; } }
function photoshop_refresh($redirect, $txt = '') { global $lang_info; pageheader($lang_info, "<META http-equiv=\"refresh\" content=\"0;url={$redirect}\">"); if ($txt != '') { msg_box($txt, $txt); } pagefooter(); ob_end_flush(); exit; }
function fix_ratepic() { //replaces distribution ratepic by function to manage votes if (defined("RATEPIC_PHP")) { global $CONFIG; // Check if required parameters are present if (!isset($_GET['pic']) || !isset($_GET['rate'])) { return ""; } $pic = (int) $_GET['pic']; $rate = (int) $_GET['rate']; $rate = min($rate, 10); $rate = max($rate, 1); // If user does not accept script's cookies, we don't accept the vote if (!isset($_COOKIE[$CONFIG['cookie_name'] . '_data'])) { header('Location: displayimage.php?pos=' . -$pic); exit; } // If referer is not displayimage.php we don't accept the vote if (!eregi("displayimage", $_SERVER["HTTP_REFERER"])) { header('Location: displayimage.php?pos=' . -$pic); exit; } // Retrieve picture/album information & check if user can rate picture, and if this is a contest - else let go to normal ratepic $sql = "SELECT a.votes as votes_allowed, a.contest, p.votes as votes, pic_rating, owner_id " . "FROM {$CONFIG['TABLE_PICTURES']} AS p, {$CONFIG['TABLE_ALBUMS']} AS a " . "WHERE p.aid = a.aid AND pid = '{$pic}' LIMIT 1"; $result = cpg_db_query($sql); if (!mysql_num_rows($result)) { return ""; } $row = mysql_fetch_array($result); if (!USER_CAN_RATE_PICTURES || $row['votes_allowed'] == 'NO' || $row['contest'] == 'NO') { return ""; } //removed previous votes for USER_ID cpg_db_query("DELETE FROM `{$CONFIG['TABLE_PREFIX']}user_votes` WHERE pid = {$pic} AND user_id = " . USER_ID); // insert new vote cpg_db_query("INSERT INTO `{$CONFIG['TABLE_PREFIX']}user_votes` SET pid = {$pic}, rating = {$rate},user_id = " . USER_ID); // get average rating and store them with the image $result = cpg_db_query("SELECT COUNT(rating), SUM(rating) FROM `{$CONFIG['TABLE_PREFIX']}user_votes` WHERE pid = {$pic}"); if ($row = mysql_fetch_array($result)) { $count = $row[0]; $average = round($row[1] * 2000.0 / $count); } else { $count = 0; $average = 0; } $result = cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET pic_rating = '{$average}', votes = {$count} WHERE pid = '{$pic}' LIMIT 1"); // record the details of hits for the picture if the option is set in CONFIG if ($CONFIG['vote_details']) { $client_details = cpg_determine_client(); $os = $client_details['os']; $browser = $client_details['browser']; $time = time(); $referer = addslashes(htmlentities($_SERVER['HTTP_REFERER'])); cpg_db_query("INSERT INTO {$CONFIG['TABLE_VOTE_STATS']} SET pid = {$pic},rating = {$rate},Ip = '{$raw_ip}',sdate = '{$time}',referer = '{$referer}',browser = '{$browser}',os = '{$os}'"); } $location = "displayimage.php?pos=" . -$pic; $header_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? 'Refresh: 0; URL=' : 'Location: '; header($header_location . $location); pageheader($lang_info, "<META http-equiv=\"refresh\" content=\"1;url={$location}\">"); msg_box($lang_info, $lang_rate_pic_php['rate_ok'], $lang_continue, $location); pagefooter(); ob_end_flush(); } return ""; }
/** * cpgRedirectPage() * * Redirect to the target page or display an info screen first and then redirect * * @param string $targetAddress * @param string $caption * @param string $message * @param string $countdown * @param string $type (possible values: 'info', 'error', 'warning', 'validation', 'success' -> theme_display_message_block * @return void **/ function cpgRedirectPage($targetAddress = '', $caption = '', $message = '', $countdown = 0, $type = 'info') { global $CONFIG, $USER_DATA, $lang_common; $logged_in = USER_ID || isset($USER_DATA['user_id']) && is_numeric($USER_DATA['user_id']); if (!$logged_in && $CONFIG['allow_unlogged_access'] == 0) { // Anonymous access to site is not allowed, so need to redirect to login page $targetAddress = 'login.php'; } if ($CONFIG['display_redirection_page'] == 0) { $header_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? 'Refresh: 0; URL=' : 'Location: '; if (strpos($targetAddress, '?') == FALSE) { $separator = '?'; } else { $separator = '&'; } header($header_location . $targetAddress . $separator . 'message_id=' . cpgStoreTempMessage($message) . '&message_icon=' . $type . '#cpgMessageBlock'); pageheader($caption, "<META http-equiv=\"refresh\" content=\"1;url={$targetAddress}\">"); msg_box($caption, $message, $lang_common['continue'], $targetAddress, $type); pagefooter(); exit; } else { pageheader($caption, "<META http-equiv=\"refresh\" content=\"1;url={$targetAddress}\">"); msg_box($caption, $message, $lang_common['continue'], $targetAddress, $type); pagefooter(); exit; } }
function theme_minicms_edit(&$cms) { global $template_minicms, $lang_minicms; pageheader($cms['title'], $template_minicms['edit_meta']); if ($_REQUEST['submit'] == $lang_minicms['preview']) { theme_minicms_edit_preview($cms); } theme_minicms_edit_editor($cms); pagefooter(); }
function theme_minicms_edit(&$cms) { global $template_minicms, $lang_minicms; $superCage = Inspekt::makeSuperCage(); pageheader($cms['title'], $template_minicms['edit_meta']); if ($superCage->post->getRaw('submit') == $lang_minicms['preview']) { theme_minicms_edit_preview($cms); } theme_minicms_edit_editor($cms); pagefooter(); }