/**
* Default method for user login, can be overwritten with 'try_log_user' trigger.
* @see try_log_user()
*
* @param string $username
* @param string $password
* @param bool $remember_me
* @return bool
*/
function pwg_login($success, $username, $password, $remember_me)
{
if ($success === true) {
return true;
}
// we force the session table to be clean
pwg_session_gc();
global $conf;
// retrieving the encrypted password of the login submitted
$query = '
SELECT ' . $conf['user_fields']['id'] . ' AS id,
' . $conf['user_fields']['password'] . ' AS password
FROM ' . USERS_TABLE . '
WHERE ' . $conf['user_fields']['username'] . ' = \'' . pwg_db_real_escape_string($username) . '\'
;';
$row = pwg_db_fetch_assoc(pwg_query($query));
if (isset($row['id']) and $conf['password_verify']($password, $row['password'], $row['id'])) {
log_user($row['id'], $remember_me);
trigger_notify('login_success', stripslashes($username));
return true;
}
trigger_notify('login_failure', stripslashes($username));
return false;
}
function vjs_begin_delete_elements($ids)
{
if (count($ids) == 0) {
return 0;
}
$vjs_extensions = array('ogg', 'ogv', 'mp4', 'm4v', 'webm', 'webmv');
$files_ext = array_merge(array(), $vjs_extensions, array_map('strtoupper', $vjs_extensions));
// Find details base on ID and if supported video files
$query = '
SELECT
id,
path,
representative_ext
FROM ' . IMAGES_TABLE . '
WHERE id IN (' . implode(',', $ids) . ') AND ' . SQL_VIDEOS . '
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
if (url_is_remote($row['path'])) {
continue;
}
$files = array();
$files[] = get_element_path($row);
$ok = true;
if (!isset($conf['never_delete_originals'])) {
foreach ($files as $path) {
// Don't delete the actual video or representative
// It is done by PWG core
// Delete any other video source format
$file_wo_ext = pathinfo($path);
$file_dir = dirname($path);
foreach ($files_ext as $file_ext) {
$path_ext = $file_dir . "/pwg_representative/" . $file_wo_ext['filename'] . "." . $file_ext;
if (is_file($path_ext) and !unlink($path_ext)) {
$ok = false;
trigger_error('"' . $path_ext . '" cannot be removed', E_USER_WARNING);
break;
}
}
// Delete video thumbnails
$filematch = $file_dir . "/pwg_representative/" . $file_wo_ext['filename'] . "-th_*";
$matches = glob($filematch);
if (is_array($matches)) {
foreach ($matches as $filename) {
if (is_file($filename) and !unlink($filename)) {
$ok = false;
trigger_error('"' . $filename . '" cannot be removed', E_USER_WARNING);
break;
}
}
}
// End videos thumbnails
}
// End for each files
}
// End IF
}
// End While
}
function get_summary($year = null, $month = null, $day = null)
{
$query = '
SELECT
year,
month,
day,
hour,
nb_pages
FROM ' . HISTORY_SUMMARY_TABLE;
if (isset($day)) {
$query .= '
WHERE year = ' . $year . '
AND month = ' . $month . '
AND day = ' . $day . '
AND hour IS NOT NULL
ORDER BY
year ASC,
month ASC,
day ASC,
hour ASC
;';
} elseif (isset($month)) {
$query .= '
WHERE year = ' . $year . '
AND month = ' . $month . '
AND day IS NOT NULL
AND hour IS NULL
ORDER BY
year ASC,
month ASC,
day ASC
;';
} elseif (isset($year)) {
$query .= '
WHERE year = ' . $year . '
AND month IS NOT NULL
AND day IS NULL
ORDER BY
year ASC,
month ASC
;';
} else {
$query .= '
WHERE year IS NOT NULL
AND month IS NULL
ORDER BY
year ASC
;';
}
$result = pwg_query($query);
$output = array();
while ($row = pwg_db_fetch_assoc($result)) {
$output[] = $row;
}
return $output;
}
function get_site_url($category_id)
{
global $page;
$query = '
SELECT galleries_url
FROM ' . SITES_TABLE . ' AS s,' . CATEGORIES_TABLE . ' AS c
WHERE s.id = c.site_id
AND c.id = ' . $category_id . '
;';
$row = pwg_db_fetch_assoc(pwg_query($query));
return $row['galleries_url'];
}
function NBMS_Load_Profile()
{
global $conf, $user, $template, $lang;
$query = '
SELECT enabled
FROM ' . USER_MAIL_NOTIFICATION_TABLE . '
WHERE user_id = \'' . $user['id'] . '\'
;';
$data = pwg_db_fetch_assoc(pwg_query($query));
$values = $data['enabled'];
if (is_null($values)) {
$values = 'false';
}
$template->assign('radio_options', array('true' => l10n('Yes'), 'false' => l10n('No')));
$template->assign(array('NBMS' => $values));
$template->set_prefilter('profile_content', 'NBMS_prefilter');
}
function global_version_update()
{
global $conf;
// Get current plugin version
$plugin = HIPE_infos(HIPE_PATH);
$version = $plugin['version'];
// Update plugin version
$query = '
SELECT value
FROM ' . CONFIG_TABLE . '
WHERE param = "HistoryIPConfig"
;';
$result = pwg_query($query);
$conf_HIPE = pwg_db_fetch_assoc($result);
$Newconf_HIPE = unserialize($conf_HIPE['value']);
$Newconf_HIPE['Version'] = $version;
conf_update_param('HistoryIPConfig', pwg_db_real_escape_string(serialize($Newconf_HIPE)));
}
/**
* Builds an data array from a SQL query.
* Depending on $key_name and $value_name it can return :
*
* - an array of arrays of all fields (key=null, value=null)
* array(
* array('id'=>1, 'name'=>'DSC8956', ...),
* array('id'=>2, 'name'=>'DSC8957', ...),
* ...
* )
*
* - an array of a single field (key=null, value='...')
* array('DSC8956', 'DSC8957', ...)
*
* - an associative array of array of all fields (key='...', value=null)
* array(
* 'DSC8956' => array('id'=>1, 'name'=>'DSC8956', ...),
* 'DSC8957' => array('id'=>2, 'name'=>'DSC8957', ...),
* ...
* )
*
* - an associative array of a single field (key='...', value='...')
* array(
* 'DSC8956' => 1,
* 'DSC8957' => 2,
* ...
* )
*
* @since 2.6
*
* @param string $query
* @param string $key_name
* @param string $value_name
* @return array
*/
function query2array($query, $key_name = null, $value_name = null)
{
$result = pwg_query($query);
$data = array();
if (isset($key_name)) {
if (isset($value_name)) {
while ($row = pwg_db_fetch_assoc($result)) {
$data[$row[$key_name]] = $row[$value_name];
}
} else {
while ($row = pwg_db_fetch_assoc($result)) {
$data[$row[$key_name]] = $row;
}
}
} else {
if (isset($value_name)) {
while ($row = pwg_db_fetch_assoc($result)) {
$data[] = $row[$value_name];
}
} else {
while ($row = pwg_db_fetch_assoc($result)) {
$data[] = $row;
}
}
}
return $data;
}
function qsearch_get_tags(QExpression $expr, QResults $qsr)
{
$token_tag_ids = $qsr->tag_iids = array_fill(0, count($expr->stokens), array());
$all_tags = array();
for ($i = 0; $i < count($expr->stokens); $i++) {
$token = $expr->stokens[$i];
if (isset($token->scope) && 'tag' != $token->scope->id) {
continue;
}
if (empty($token->term)) {
continue;
}
$clauses = qsearch_get_text_token_search_sql($token, array('name'));
$query = 'SELECT * FROM ' . TAGS_TABLE . '
WHERE (' . implode("\n OR ", $clauses) . ')';
$result = pwg_query($query);
while ($tag = pwg_db_fetch_assoc($result)) {
$token_tag_ids[$i][] = $tag['id'];
$all_tags[$tag['id']] = $tag;
}
}
// check adjacent short words
for ($i = 0; $i < count($expr->stokens) - 1; $i++) {
if ((strlen($expr->stokens[$i]->term) <= 3 || strlen($expr->stokens[$i + 1]->term) <= 3) && ($expr->stoken_modifiers[$i] & (QST_QUOTED | QST_WILDCARD)) == 0 && ($expr->stoken_modifiers[$i + 1] & (QST_BREAK | QST_QUOTED | QST_WILDCARD)) == 0) {
$common = array_intersect($token_tag_ids[$i], $token_tag_ids[$i + 1]);
if (count($common)) {
$token_tag_ids[$i] = $token_tag_ids[$i + 1] = $common;
}
}
}
// get images
$positive_ids = $not_ids = array();
for ($i = 0; $i < count($expr->stokens); $i++) {
$tag_ids = $token_tag_ids[$i];
$token = $expr->stokens[$i];
if (!empty($tag_ids)) {
$query = '
SELECT image_id FROM ' . IMAGE_TAG_TABLE . '
WHERE tag_id IN (' . implode(',', $tag_ids) . ')
GROUP BY image_id';
$qsr->tag_iids[$i] = query2array($query, null, 'image_id');
if ($expr->stoken_modifiers[$i] & QST_NOT) {
$not_ids = array_merge($not_ids, $tag_ids);
} else {
if (strlen($token->term) > 2 || count($expr->stokens) == 1 || isset($token->scope) || $token->modifier & (QST_WILDCARD | QST_QUOTED)) {
// add tag ids to list only if the word is not too short (such as de / la /les ...)
$positive_ids = array_merge($positive_ids, $tag_ids);
}
}
} elseif (isset($token->scope) && 'tag' == $token->scope->id && strlen($token->term) == 0) {
if ($token->modifier & QST_WILDCARD) {
// eg. 'tag:*' returns all tagged images
$qsr->tag_iids[$i] = query2array('SELECT DISTINCT image_id FROM ' . IMAGE_TAG_TABLE, null, 'image_id');
} else {
// eg. 'tag:' returns all untagged images
$qsr->tag_iids[$i] = query2array('SELECT id FROM ' . IMAGES_TABLE . ' LEFT JOIN ' . IMAGE_TAG_TABLE . ' ON id=image_id WHERE image_id IS NULL', null, 'id');
}
}
}
$all_tags = array_intersect_key($all_tags, array_flip(array_diff($positive_ids, $not_ids)));
usort($all_tags, 'tag_alpha_compare');
foreach ($all_tags as &$tag) {
$tag['name'] = trigger_change('render_tag_name', $tag['name'], $tag);
}
$qsr->all_tags = $all_tags;
$qsr->tag_ids = $token_tag_ids;
}
function Stereo_tabsheet($tabs, $context)
{
global $prefixeTable;
if ($context != 'photo') {
return $tabs;
}
load_language('plugin.lang', STEREO_PATH);
check_input_parameter('image_id', $_GET, false, PATTERN_ID);
$id = $_GET['image_id'];
$query = '
SELECT file from ' . $prefixeTable . 'images
WHERE id = ' . $id;
$result = pwg_db_fetch_assoc(pwg_query($query));
if ($result && preg_match('/.*mpo$/i', $result['file'])) {
$tabs['stereo'] = array('caption' => l10n('STEREO_ADJUSTMENT'), 'url' => Stereo_get_admin_url($id));
}
return $tabs;
}
/**
* API method
* Moves a category
* @param mixed[] $params
* @option string|int[] category_id
* @option int parent
* @option string pwg_token
*/
function ws_categories_move($params, &$service)
{
global $page;
if (get_pwg_token() != $params['pwg_token']) {
return new PwgError(403, 'Invalid security token');
}
if (!is_array($params['category_id'])) {
$params['category_id'] = preg_split('/[\\s,;\\|]/', $params['category_id'], -1, PREG_SPLIT_NO_EMPTY);
}
$params['category_id'] = array_map('intval', $params['category_id']);
$category_ids = array();
foreach ($params['category_id'] as $category_id) {
if ($category_id > 0) {
$category_ids[] = $category_id;
}
}
if (count($category_ids) == 0) {
return new PwgError(403, 'Invalid category_id input parameter, no category to move');
}
// we can't move physical categories
$categories_in_db = array();
$query = '
SELECT id, name, dir
FROM ' . CATEGORIES_TABLE . '
WHERE id IN (' . implode(',', $category_ids) . ')
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
$categories_in_db[$row['id']] = $row;
// we break on error at first physical category detected
if (!empty($row['dir'])) {
$row['name'] = strip_tags(trigger_change('render_category_name', $row['name'], 'ws_categories_move'));
return new PwgError(403, sprintf('Category %s (%u) is not a virtual category, you cannot move it', $row['name'], $row['id']));
}
}
if (count($categories_in_db) != count($category_ids)) {
$unknown_category_ids = array_diff($category_ids, array_keys($categories_in_db));
return new PwgError(403, sprintf('Category %u does not exist', $unknown_category_ids[0]));
}
// does this parent exists? This check should be made in the
// move_categories function, not here
// 0 as parent means "move categories at gallery root"
if (0 != $params['parent']) {
$subcat_ids = get_subcat_ids(array($params['parent']));
if (count($subcat_ids) == 0) {
return new PwgError(403, 'Unknown parent category id');
}
}
$page['infos'] = array();
$page['errors'] = array();
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
move_categories($category_ids, $params['parent']);
invalidate_user_cache();
if (count($page['errors']) != 0) {
return new PwgError(403, implode('; ', $page['errors']));
}
}
// FIXME: Duplicated boilerplate - could be avoided with a hook in the else
// clause at the bottom of admin/photo.php letting you set the right include file
if (!isset($_GET['image_id']) or !isset($_GET['section'])) {
die('Invalid data!');
}
global $template, $page, $prefixeTable;
load_language('plugin.lang', STEREO_PATH);
check_input_parameter('image_id', $_GET, false, PATTERN_ID);
$id = $_GET['image_id'];
$query = '
SELECT *
FROM ' . $prefixeTable . 'images i
LEFT JOIN ' . $prefixeTable . 'stereo s
ON i.id = s.media_id
WHERE i.id = ' . $id;
$picture = pwg_db_fetch_assoc(pwg_query($query));
if (isset($_POST['submit'])) {
check_pwg_token();
$offsetX = trim($_POST['offsetX']);
$offsetY = trim($_POST['offsetY']);
if (strlen($offsetX) === 0 || strlen($offsetY) === 0 || !is_numeric($offsetX) || !is_numeric($offsetY)) {
$page['errors'][] = 'Invalid offset value';
}
if (count($page['errors']) === 0) {
$stereoTable = $prefixeTable . 'stereo';
if (isset($picture['x'])) {
$query = "UPDATE {$stereoTable}\n\t\t\t\tSET x={$offsetX}, y={$offsetY}\n\t\t\t\tWHERE media_id = {$id};";
} else {
$picture['x'] = $offsetX;
$picture['y'] = $offsetY;
$query = "INSERT INTO {$stereoTable} (media_id, x, y)\n\t\t\t\tVALUES ({$id}, {$offsetX}, {$offsetY})";
/**
* Return a list of tags corresponding to given items.
*
* @param int[] $items
* @param int $max_tags
* @param int[] $excluded_tag_ids
* @return array [id, name, counter, url_name]
*/
function get_common_tags($items, $max_tags, $excluded_tag_ids = array())
{
if (empty($items)) {
return array();
}
$query = '
SELECT t.*, count(*) AS counter
FROM ' . IMAGE_TAG_TABLE . '
INNER JOIN ' . TAGS_TABLE . ' t ON tag_id = id
WHERE image_id IN (' . implode(',', $items) . ')';
if (!empty($excluded_tag_ids)) {
$query .= '
AND tag_id NOT IN (' . implode(',', $excluded_tag_ids) . ')';
}
$query .= '
GROUP BY t.id
ORDER BY ';
if ($max_tags > 0) {
// TODO : why ORDER field is in the if ?
$query .= 'counter DESC
LIMIT ' . $max_tags;
} else {
$query .= 'NULL';
}
$result = pwg_query($query);
$tags = array();
while ($row = pwg_db_fetch_assoc($result)) {
$row['name'] = trigger_change('render_tag_name', $row['name'], $row);
$tags[] = $row;
}
usort($tags, 'tag_alpha_compare');
return $tags;
}
/**
* API method
* Returns permissions
* @param mixed[] $params
* @option int[] cat_id (optional)
* @option int[] group_id (optional)
* @option int[] user_id (optional)
*/
function ws_permissions_getList($params, &$service)
{
$my_params = array_intersect(array_keys($params), array('cat_id', 'group_id', 'user_id'));
if (count($my_params) > 1) {
return new PwgError(WS_ERR_INVALID_PARAM, 'Too many parameters, provide cat_id OR user_id OR group_id');
}
$cat_filter = '';
if (!empty($params['cat_id'])) {
$cat_filter = 'WHERE cat_id IN(' . implode(',', $params['cat_id']) . ')';
}
$perms = array();
// direct users
$query = '
SELECT user_id, cat_id
FROM ' . USER_ACCESS_TABLE . '
' . $cat_filter . '
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
if (!isset($perms[$row['cat_id']])) {
$perms[$row['cat_id']]['id'] = intval($row['cat_id']);
}
$perms[$row['cat_id']]['users'][] = intval($row['user_id']);
}
// indirect users
$query = '
SELECT ug.user_id, ga.cat_id
FROM ' . USER_GROUP_TABLE . ' AS ug
INNER JOIN ' . GROUP_ACCESS_TABLE . ' AS ga
ON ug.group_id = ga.group_id
' . $cat_filter . '
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
if (!isset($perms[$row['cat_id']])) {
$perms[$row['cat_id']]['id'] = intval($row['cat_id']);
}
$perms[$row['cat_id']]['users_indirect'][] = intval($row['user_id']);
}
// groups
$query = '
SELECT group_id, cat_id
FROM ' . GROUP_ACCESS_TABLE . '
' . $cat_filter . '
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
if (!isset($perms[$row['cat_id']])) {
$perms[$row['cat_id']]['id'] = intval($row['cat_id']);
}
$perms[$row['cat_id']]['groups'][] = intval($row['group_id']);
}
// filter by group and user
foreach ($perms as $cat_id => &$cat) {
if (isset($filters['group_id'])) {
if (empty($cat['groups']) or count(array_intersect($cat['groups'], $params['group_id'])) == 0) {
unset($perms[$cat_id]);
continue;
}
}
if (isset($filters['user_id'])) {
if ((empty($cat['users_indirect']) or count(array_intersect($cat['users_indirect'], $params['user_id'])) == 0) and (empty($cat['users']) or count(array_intersect($cat['users'], $params['user_id'])) == 0)) {
unset($perms[$cat_id]);
continue;
}
}
$cat['groups'] = !empty($cat['groups']) ? array_values(array_unique($cat['groups'])) : array();
$cat['users'] = !empty($cat['users']) ? array_values(array_unique($cat['users'])) : array();
$cat['users_indirect'] = !empty($cat['users_indirect']) ? array_values(array_unique($cat['users_indirect'])) : array();
}
unset($cat);
return array('categories' => new PwgNamedArray(array_values($perms), 'category', array('id')));
}
/**
* Get computed array of categories, that means cache data of all categories
* available for the current user (count_categories, count_images, etc.).
*
* @param array &$userdata
* @param int $filter_days number of recent days to filter on or null
* @return array
*/
function get_computed_categories(&$userdata, $filter_days = null)
{
$query = 'SELECT c.id AS cat_id, id_uppercat';
$query .= ', global_rank';
// Count by date_available to avoid count null
$query .= ',
MAX(date_available) AS date_last, COUNT(date_available) AS nb_images
FROM ' . CATEGORIES_TABLE . ' as c
LEFT JOIN ' . IMAGE_CATEGORY_TABLE . ' AS ic ON ic.category_id = c.id
LEFT JOIN ' . IMAGES_TABLE . ' AS i
ON ic.image_id = i.id
AND i.level<=' . $userdata['level'];
if (isset($filter_days)) {
$query .= ' AND i.date_available > ' . pwg_db_get_recent_period_expression($filter_days);
}
if (!empty($userdata['forbidden_categories'])) {
$query .= '
WHERE c.id NOT IN (' . $userdata['forbidden_categories'] . ')';
}
$query .= '
GROUP BY c.id';
$result = pwg_query($query);
$userdata['last_photo_date'] = null;
$cats = array();
while ($row = pwg_db_fetch_assoc($result)) {
$row['user_id'] = $userdata['id'];
$row['nb_categories'] = 0;
$row['count_categories'] = 0;
$row['count_images'] = (int) $row['nb_images'];
$row['max_date_last'] = $row['date_last'];
if ($row['date_last'] > $userdata['last_photo_date']) {
$userdata['last_photo_date'] = $row['date_last'];
}
$cats[$row['cat_id']] = $row;
}
// it is important to logically sort the albums because some operations
// (like removal) rely on this logical order. Child album doesn't always
// have a bigger id than its parent (if it was moved afterwards).
uasort($cats, 'global_rank_compare');
foreach ($cats as $cat) {
if (!isset($cat['id_uppercat'])) {
continue;
}
// Piwigo before 2.5.3 may have generated inconsistent permissions, ie
// private album A1/A2 permitted to user U1 but private album A1 not
// permitted to U1.
//
// TODO 2.7: add an upgrade script to repair permissions and remove this
// test
if (!isset($cats[$cat['id_uppercat']])) {
continue;
}
$parent =& $cats[$cat['id_uppercat']];
$parent['nb_categories']++;
do {
$parent['count_images'] += $cat['nb_images'];
$parent['count_categories']++;
if (empty($parent['max_date_last']) or $parent['max_date_last'] < $cat['date_last']) {
$parent['max_date_last'] = $cat['date_last'];
}
if (!isset($parent['id_uppercat'])) {
break;
}
$parent =& $cats[$parent['id_uppercat']];
} while (true);
unset($parent);
}
if (isset($filter_days)) {
foreach ($cats as $category) {
if (empty($category['max_date_last'])) {
remove_computed_category($cats, $category);
}
}
}
return $cats;
}
// +-----------------------------------------------------------------------+
if (!defined("PHPWG_ROOT_PATH")) {
die("Hacking attempt!");
}
// +-----------------------------------------------------------------------+
// | Basic checks |
// +-----------------------------------------------------------------------+
check_status(ACCESS_ADMINISTRATOR);
check_input_parameter('cat_id', $_GET, false, PATTERN_ID);
$admin_album_base_url = get_root_url() . 'admin.php?page=album-' . $_GET['cat_id'];
$query = '
SELECT *
FROM ' . CATEGORIES_TABLE . '
WHERE id = ' . $_GET['cat_id'] . '
;';
$category = pwg_db_fetch_assoc(pwg_query($query));
if (!isset($category['id'])) {
die("unknown album");
}
// +-----------------------------------------------------------------------+
// | Tabs |
// +-----------------------------------------------------------------------+
include_once PHPWG_ROOT_PATH . 'admin/include/tabsheet.class.php';
$page['tab'] = 'properties';
if (isset($_GET['tab'])) {
$page['tab'] = $_GET['tab'];
}
$tabsheet = new tabsheet();
$tabsheet->set_id('album');
$tabsheet->select($page['tab']);
$tabsheet->assign();
if (!empty($_POST)) {
check_pwg_token();
}
$userdata = $user;
trigger_notify('loc_begin_profile');
// Reset to default (Guest) custom settings
if (isset($_POST['reset_to_default'])) {
$fields = array('nb_image_page', 'expand', 'show_nb_comments', 'show_nb_hits', 'recent_period', 'show_nb_hits');
// Get the Guest custom settings
$query = '
SELECT ' . implode(',', $fields) . '
FROM ' . USER_INFOS_TABLE . '
WHERE user_id = ' . $conf['default_user_id'] . '
;';
$result = pwg_query($query);
$default_user = pwg_db_fetch_assoc($result);
$userdata = array_merge($userdata, $default_user);
}
save_profile_from_post($userdata, $page['errors']);
$title = l10n('Your Gallery Customization');
$page['body_id'] = 'theProfilePage';
$template->set_filename('profile', 'profile.tpl');
$template->set_filename('profile_content', 'profile_content.tpl');
load_profile_in_template(get_root_url() . 'profile.php', make_index_url(), $userdata);
$template->assign_var_from_handle('PROFILE_CONTENT', 'profile_content');
// include menubar
$themeconf = $template->get_template_vars('themeconf');
if (!isset($themeconf['hide_menu_on']) or !in_array('theProfilePage', $themeconf['hide_menu_on'])) {
include PHPWG_ROOT_PATH . 'include/menubar.inc.php';
}
include PHPWG_ROOT_PATH . 'include/page_header.php';
function ws_images_addRemote($params, &$service)
{
global $conf;
if (!is_admin()) {
return new PwgError(401, 'Access denied');
}
load_language('plugin.lang', URLUPLOADER_PATH);
$params = array_map('trim', $params);
$allowed_extensions = array('jpg', 'jpeg', 'png', 'gif');
$allowed_mimes = array('image/jpeg', 'image/png', 'image/gif');
// check empty url
if (empty($params['file_url'])) {
return new PwgError(WS_ERR_INVALID_PARAM, l10n('File URL is empty'));
}
// check remote url
if (!url_is_remote($params['file_url'])) {
return new PwgError(WS_ERR_INVALID_PARAM, l10n('Invalid file URL'));
}
// check file extension
if (!in_array(strtolower(get_extension($params['file_url'])), $allowed_extensions)) {
return new PwgError(WS_ERR_INVALID_PARAM, l10n('Invalid file type'));
}
// download file
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
$temp_filename = $conf['data_location'] . basename($params['file_url']);
$file = fopen($temp_filename, 'w+');
$result = fetchRemote($params['file_url'], $file);
fclose($file);
// download failed ?
if (!$result) {
@unlink($temp_filename);
return new PwgError(WS_ERR_INVALID_PARAM, l10n('Unable to download file'));
}
// check mime-type
if (!in_array(get_mime($temp_filename, $allowed_mimes[0]), $allowed_mimes)) {
@unlink($temp_filename);
return new PwgError(WS_ERR_INVALID_PARAM, l10n('Invalid file type'));
}
// add photo
include_once PHPWG_ROOT_PATH . 'admin/include/functions_upload.inc.php';
$image_id = add_uploaded_file($temp_filename, basename($temp_filename), array($params['category']), $params['level']);
$updates = array();
if (!empty($params['name'])) {
$updates['name'] = $params['name'];
}
if ($params['url_in_comment'] == 'true') {
$url = parse_url($params['file_url']);
$url = $url['scheme'] . '://' . $url['host'];
$updates['comment'] = '<a href="' . $url . '">' . $url . '</a>';
}
single_update(IMAGES_TABLE, $updates, array('id' => $image_id));
// return infos
$query = '
SELECT id, name, permalink
FROM ' . CATEGORIES_TABLE . '
WHERE id = ' . $params['category'] . '
;';
$category = pwg_db_fetch_assoc(pwg_query($query));
$url_params = array('image_id' => $image_id, 'section' => 'categories', 'category' => $category);
$query = '
SELECT id, path, name
FROM ' . IMAGES_TABLE . '
WHERE id = ' . $image_id . '
;';
$image_infos = pwg_db_fetch_assoc(pwg_query($query));
$query = '
SELECT
COUNT(*) AS nb_photos
FROM ' . IMAGE_CATEGORY_TABLE . '
WHERE category_id = ' . $params['category'] . '
;';
$category_infos = pwg_db_fetch_assoc(pwg_query($query));
$category_name = get_cat_display_name_from_id($params['category'], null);
return array('image_id' => $image_id, 'url' => make_picture_url($url_params), 'src' => DerivativeImage::thumb_url($image_infos), 'name' => $image_infos['name'], 'category' => array('id' => $params['category'], 'nb_photos' => $category_infos['nb_photos'], 'label' => $category_name));
}
/**
* Add configuration parameters from database to global $conf array
*
* @param string $condition SQL condition
* @return void
*/
function load_conf_from_db($condition = '')
{
global $conf;
$query = '
SELECT param, value
FROM ' . CONFIG_TABLE . '
' . (!empty($condition) ? 'WHERE ' . $condition : '') . '
;';
$result = pwg_query($query);
if (pwg_db_num_rows($result) == 0 and !empty($condition)) {
fatal_error('No configuration data');
}
while ($row = pwg_db_fetch_assoc($result)) {
$val = isset($row['value']) ? $row['value'] : '';
// If the field is true or false, the variable is transformed into a boolean value.
if ($val == 'true') {
$val = true;
} elseif ($val == 'false') {
$val = false;
}
$conf[$row['param']] = $val;
}
trigger_notify('load_conf', $condition);
}
, ROUND(AVG(rate),2) AS average
FROM ' . RATE_TABLE . '
WHERE element_id = ' . $picture['current']['id'] . '
;';
list($rate_summary['count'], $rate_summary['average']) = pwg_db_fetch_row(pwg_query($query));
}
$template->assign('rate_summary', $rate_summary);
$user_rate = null;
if ($conf['rate_anonymous'] or is_autorize_status(ACCESS_CLASSIC)) {
if ($rate_summary['count'] > 0) {
$query = 'SELECT rate
FROM ' . RATE_TABLE . '
WHERE element_id = ' . $page['image_id'] . '
AND user_id = ' . $user['id'];
if (!is_autorize_status(ACCESS_CLASSIC)) {
$ip_components = explode('.', $_SERVER['REMOTE_ADDR']);
if (count($ip_components) > 3) {
array_pop($ip_components);
}
$anonymous_id = implode('.', $ip_components);
$query .= ' AND anonymous_id = \'' . $anonymous_id . '\'';
}
$result = pwg_query($query);
if (pwg_db_num_rows($result) > 0) {
$row = pwg_db_fetch_assoc($result);
$user_rate = $row['rate'];
}
}
$template->assign('rating', array('F_ACTION' => add_url_params($url_self, array('action' => 'rate')), 'USER_RATE' => $user_rate, 'marks' => $conf['rate_items']));
}
}
function osm_loc_begin_element_set_unit()
{
global $page;
if (!isset($_POST['submit'])) {
return;
}
$collection = explode(',', $_POST['element_ids']);
$query = "SELECT `id`, `latitude`, `longitude`\n\t\t\tFROM " . IMAGES_TABLE . "\n\t\t\tWHERE id IN (" . implode(',', $collection) . ")";
$datas = array();
$errors = array();
$form_errors = 0;
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
if (!isset($_POST['osmlat-' . $row['id']])) {
$form_errors++;
continue;
}
$error = false;
$data = array('id' => $row['id'], 'latitude' => trim($_POST['osmlat-' . $row['id']]), 'longitude' => trim($_POST['osmlon-' . $row['id']]));
if (strlen($data['latitude']) > 0 and strlen($data['longitude']) > 0) {
if (!is_numeric($data['latitude']) or !is_numeric($data['longitude']) or (double) $data['latitude'] > 90 or (double) $data['latitude'] < -90 or (double) $data['longitude'] > 180 or (double) $data['longitude'] < -180) {
$error = true;
}
} elseif (strlen($data['latitude']) == 0 and strlen($data['longitude']) == 0) {
// nothing
} else {
$error = true;
}
if ($error) {
$errors[] = $row['name'];
} else {
$datas[] = $data;
}
}
mass_updates(IMAGES_TABLE, array('primary' => array('id'), 'update' => array('latitude', 'longitude')), $datas);
if (count($errors) > 0) {
$page['errors'][] = 'Invalid latitude or longitude value for files: ' . implode(', ', $errors);
}
if ($form_errors) {
$page['errors'][] = 'OpenStreetMap: Invalid form submission for ' . $form_errors . ' photos';
}
}
/**
* API method
* Returns a list of missing derivatives (not generated yet)
* @param mixed[] $params
* @option string types (optional)
* @option int[] ids
* @option int max_urls
* @option int prev_page (optional)
*/
function ws_getMissingDerivatives($params, &$service)
{
global $conf;
if (empty($params['types'])) {
$types = array_keys(ImageStdParams::get_defined_type_map());
} else {
$types = array_intersect(array_keys(ImageStdParams::get_defined_type_map()), $params['types']);
if (count($types) == 0) {
return new PwgError(WS_ERR_INVALID_PARAM, "Invalid types");
}
}
$max_urls = $params['max_urls'];
$query = 'SELECT MAX(id)+1, COUNT(*) FROM ' . IMAGES_TABLE . ';';
list($max_id, $image_count) = pwg_db_fetch_row(pwg_query($query));
if (0 == $image_count) {
return array();
}
$start_id = $params['prev_page'];
if ($start_id <= 0) {
$start_id = $max_id;
}
$uid = '&b=' . time();
$conf['question_mark_in_urls'] = $conf['php_extension_in_urls'] = true;
$conf['derivative_url_style'] = 2;
//script
$qlimit = min(5000, ceil(max($image_count / 500, $max_urls / count($types))));
$where_clauses = ws_std_image_sql_filter($params, '');
$where_clauses[] = 'id<start_id';
if (!empty($params['ids'])) {
$where_clauses[] = 'id IN (' . implode(',', $params['ids']) . ')';
}
$query_model = '
SELECT id, path, representative_ext, width, height, rotation
FROM ' . IMAGES_TABLE . '
WHERE ' . implode(' AND ', $where_clauses) . '
ORDER BY id DESC
LIMIT ' . $qlimit . '
;';
$urls = array();
do {
$result = pwg_query(str_replace('start_id', $start_id, $query_model));
$is_last = pwg_db_num_rows($result) < $qlimit;
while ($row = pwg_db_fetch_assoc($result)) {
$start_id = $row['id'];
$src_image = new SrcImage($row);
if ($src_image->is_mimetype()) {
continue;
}
foreach ($types as $type) {
$derivative = new DerivativeImage($type, $src_image);
if ($type != $derivative->get_type()) {
continue;
}
if (@filemtime($derivative->get_path()) === false) {
$urls[] = $derivative->get_url() . $uid;
}
}
if (count($urls) >= $max_urls and !$is_last) {
break;
}
}
if ($is_last) {
$start_id = 0;
}
} while (count($urls) < $max_urls and $start_id);
$ret = array();
if ($start_id) {
$ret['next_page'] = $start_id;
}
$ret['urls'] = $urls;
return $ret;
}
/**
* Perform history search.
*
* @param array $data - used in trigger_change
* @param array $search
* @param string[] $types
* @param array
*/
function get_history($data, $search, $types)
{
if (isset($search['fields']['filename'])) {
$query = '
SELECT
id
FROM ' . IMAGES_TABLE . '
WHERE file LIKE \'' . $search['fields']['filename'] . '\'
;';
$search['image_ids'] = array_from_query($query, 'id');
}
// echo '<pre>'; print_r($search); echo '</pre>';
$clauses = array();
if (isset($search['fields']['date-after'])) {
$clauses[] = "date >= '" . $search['fields']['date-after'] . "'";
}
if (isset($search['fields']['date-before'])) {
$clauses[] = "date <= '" . $search['fields']['date-before'] . "'";
}
if (isset($search['fields']['types'])) {
$local_clauses = array();
foreach ($types as $type) {
if (in_array($type, $search['fields']['types'])) {
$clause = 'image_type ';
if ($type == 'none') {
$clause .= 'IS NULL';
} else {
$clause .= "= '" . $type . "'";
}
$local_clauses[] = $clause;
}
}
if (count($local_clauses) > 0) {
$clauses[] = implode(' OR ', $local_clauses);
}
}
if (isset($search['fields']['user']) and $search['fields']['user'] != -1) {
$clauses[] = 'user_id = ' . $search['fields']['user'];
}
if (isset($search['fields']['image_id'])) {
$clauses[] = 'image_id = ' . $search['fields']['image_id'];
}
if (isset($search['fields']['filename'])) {
if (count($search['image_ids']) == 0) {
// a clause that is always false
$clauses[] = '1 = 2 ';
} else {
$clauses[] = 'image_id IN (' . implode(', ', $search['image_ids']) . ')';
}
}
if (isset($search['fields']['ip'])) {
$clauses[] = 'IP LIKE "' . $search['fields']['ip'] . '"';
}
$clauses = prepend_append_array_items($clauses, '(', ')');
$where_separator = implode("\n AND ", $clauses);
$query = '
SELECT
date,
time,
user_id,
IP,
section,
category_id,
tag_ids,
image_id,
image_type
FROM ' . HISTORY_TABLE . '
WHERE ' . $where_separator . '
;';
// LIMIT '.$conf['nb_logs_page'].' OFFSET '.$page['start'].'
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
$data[] = $row;
}
return $data;
}
// | group list |
// +-----------------------------------------------------------------------+
$query = '
SELECT id, name, is_default
FROM ' . GROUPS_TABLE . '
ORDER BY name ASC
;';
$result = pwg_query($query);
$admin_url = get_root_url() . 'admin.php?page=';
$perm_url = $admin_url . 'group_perm&group_id=';
$del_url = $admin_url . 'group_list&delete=';
$toggle_is_default_url = $admin_url . 'group_list&toggle_is_default=';
while ($row = pwg_db_fetch_assoc($result)) {
$query = '
SELECT u.' . $conf['user_fields']['username'] . ' AS username
FROM ' . USERS_TABLE . ' AS u
INNER JOIN ' . USER_GROUP_TABLE . ' AS ug
ON u.' . $conf['user_fields']['id'] . ' = ug.user_id
WHERE ug.group_id = ' . $row['id'] . '
;';
$members = array();
$res = pwg_query($query);
while ($us = pwg_db_fetch_assoc($res)) {
$members[] = $us['username'];
}
$template->append('groups', array('NAME' => $row['name'], 'ID' => $row['id'], 'IS_DEFAULT' => get_boolean($row['is_default']) ? ' [' . l10n('default') . ']' : '', 'NB_MEMBERS' => count($members), 'L_MEMBERS' => implode(' <span class="userSeparator">·</span> ', $members), 'MEMBERS' => l10n_dec('%d member', '%d members', count($members)), 'U_DELETE' => $del_url . $row['id'] . '&pwg_token=' . get_pwg_token(), 'U_PERM' => $perm_url . $row['id'], 'U_ISDEFAULT' => $toggle_is_default_url . $row['id'] . '&pwg_token=' . get_pwg_token()));
}
// +-----------------------------------------------------------------------+
// | sending html code |
// +-----------------------------------------------------------------------+
$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
function insert_user_comment_guestbook(&$comm, $key)
{
global $conf, $user, $page;
$comm = array_merge($comm, array('ip' => $_SERVER['REMOTE_ADDR'], 'agent' => $_SERVER['HTTP_USER_AGENT']));
if (!$conf['guestbook']['comments_validation'] or is_admin()) {
$comment_action = 'validate';
} else {
$comment_action = 'moderate';
}
// author
if (!is_classic_user()) {
if (empty($comm['author'])) {
$page['errors'][] = l10n('Please enter your username');
$comment_action = 'reject';
} else {
$comm['author_id'] = $conf['guest_id'];
// if a guest try to use the name of an already existing user,
// he must be rejected
$query = '
SELECT COUNT(*) AS user_exists
FROM ' . USERS_TABLE . '
WHERE ' . $conf['user_fields']['username'] . " = '" . addslashes($comm['author']) . "'\n;";
$row = pwg_db_fetch_assoc(pwg_query($query));
if ($row['user_exists'] == 1) {
$page['errors'][] = l10n('This login is already used by another user');
$comment_action = 'reject';
}
}
} else {
$comm['author'] = addslashes($user['username']);
$comm['author_id'] = $user['id'];
}
// content
if (empty($comm['content'])) {
$comment_action = 'reject';
}
// key
if (!verify_ephemeral_key(@$key)) {
$comment_action = 'reject';
$_POST['cr'][] = 'key';
}
// email
if (empty($comm['email']) and is_classic_user() and !empty($user['email'])) {
$comm['email'] = $user['email'];
} else {
if (empty($comm['email']) and $conf['comments_email_mandatory']) {
$page['errors'][] = l10n('mail address must be like xxx@yyy.eee (example : jack@altern.org)');
$comment_action = 'reject';
} else {
if (!empty($comm['email']) and !email_check_format($comm['email'])) {
$page['errors'][] = l10n('mail address must be like xxx@yyy.eee (example : jack@altern.org)');
$comment_action = 'reject';
}
}
}
// website
if (!empty($comm['website'])) {
$comm['website'] = strip_tags($comm['website']);
if (!preg_match('/^(https?:\\/\\/)/i', $comm['website'])) {
$comm['website'] = 'http://' . $comm['website'];
}
if (!url_check_format($comm['website'])) {
$page['errors'][] = l10n('invalid website address');
$comment_action = 'reject';
}
}
// anonymous id = ip address
$ip_components = explode('.', $_SERVER["REMOTE_ADDR"]);
if (count($ip_components) > 3) {
array_pop($ip_components);
}
$comm['anonymous_id'] = implode('.', $ip_components);
// comment validation and anti-spam
if ($comment_action != 'reject' and $conf['anti-flood_time'] > 0 and !is_admin()) {
$reference_date = pwg_db_get_flood_period_expression($conf['anti-flood_time']);
$query = '
SELECT COUNT(1) FROM ' . GUESTBOOK_TABLE . '
WHERE
date > ' . $reference_date . '
AND author_id = ' . $comm['author_id'];
if (!is_classic_user()) {
$query .= '
AND anonymous_id = "' . $comm['anonymous_id'] . '"';
}
$query .= '
;';
list($counter) = pwg_db_fetch_row(pwg_query($query));
if ($counter > 0) {
$page['errors'][] = l10n('Anti-flood system : please wait for a moment before trying to post another comment');
$comment_action = 'reject';
}
}
// perform more spam check
$comment_action = trigger_change('user_comment_check', $comment_action, $comm, 'guestbook');
if ($comment_action != 'reject') {
$query = '
INSERT INTO ' . GUESTBOOK_TABLE . '(
author,
author_id,
anonymous_id,
content,
date,
validated,
validation_date,
website,
rate,
email
)
VALUES (
\'' . $comm['author'] . '\',
' . $comm['author_id'] . ',
\'' . $comm['anonymous_id'] . '\',
\'' . $comm['content'] . '\',
NOW(),
\'' . ($comment_action == 'validate' ? 'true' : 'false') . '\',
' . ($comment_action == 'validate' ? 'NOW()' : 'NULL') . ',
' . (!empty($comm['website']) ? '\'' . $comm['website'] . '\'' : 'NULL') . ',
' . (!empty($comm['rate']) ? $comm['rate'] : 'NULL') . ',
' . (!empty($comm['email']) ? '\'' . $comm['email'] . '\'' : 'NULL') . '
)
';
pwg_query($query);
$comm['id'] = pwg_db_insert_id(GUESTBOOK_TABLE);
if ($conf['guestbook']['email_admin_on_comment'] and 'validate' == $comment_action or $conf['guestbook']['email_admin_on_comment_validation'] and 'moderate' == $comment_action) {
include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php';
$comment_url = add_url_params(GUESTBOOK_URL, array('comment_id' => $comm['id']));
$keyargs_content = array(get_l10n_args('Author: %s', stripslashes($comm['author'])), get_l10n_args('Comment: %s', stripslashes($comm['content'])), get_l10n_args('', ''), get_l10n_args('Manage this user comment: %s', $comment_url));
if ('moderate' == $comment_action) {
$keyargs_content[] = get_l10n_args('', '');
$keyargs_content[] = get_l10n_args('(!) This comment requires validation', '');
}
pwg_mail_notification_admins(get_l10n_args('Comment by %s', stripslashes($comm['author'])), $keyargs_content);
}
}
return $comment_action;
}
/**
* API method
* Returns a list of images for tags
* @param mixed[] $params
* @option int[] tag_id (optional)
* @option string[] tag_url_name (optional)
* @option string[] tag_name (optional)
* @option bool tag_mode_and
* @option int per_page
* @option int page
* @option string order
*/
function ws_tags_getImages($params, &$service)
{
// first build all the tag_ids we are interested in
$tags = find_tags($params['tag_id'], $params['tag_url_name'], $params['tag_name']);
$tags_by_id = array();
foreach ($tags as $tag) {
$tags['id'] = (int) $tag['id'];
$tags_by_id[$tag['id']] = $tag;
}
unset($tags);
$tag_ids = array_keys($tags_by_id);
$where_clauses = ws_std_image_sql_filter($params);
if (!empty($where_clauses)) {
$where_clauses = implode(' AND ', $where_clauses);
}
$order_by = ws_std_image_sql_order($params, 'i.');
if (!empty($order_by)) {
$order_by = 'ORDER BY ' . $order_by;
}
$image_ids = get_image_ids_for_tags($tag_ids, $params['tag_mode_and'] ? 'AND' : 'OR', $where_clauses, $order_by);
$count_set = count($image_ids);
$image_ids = array_slice($image_ids, $params['per_page'] * $params['page'], $params['per_page']);
$image_tag_map = array();
// build list of image ids with associated tags per image
if (!empty($image_ids) and !$params['tag_mode_and']) {
$query = '
SELECT image_id, GROUP_CONCAT(tag_id) AS tag_ids
FROM ' . IMAGE_TAG_TABLE . '
WHERE tag_id IN (' . implode(',', $tag_ids) . ')
AND image_id IN (' . implode(',', $image_ids) . ')
GROUP BY image_id
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
$row['image_id'] = (int) $row['image_id'];
$image_tag_map[$row['image_id']] = explode(',', $row['tag_ids']);
}
}
$images = array();
if (!empty($image_ids)) {
$rank_of = array_flip($image_ids);
$query = '
SELECT *
FROM ' . IMAGES_TABLE . '
WHERE id IN (' . implode(',', $image_ids) . ')
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
$image = array();
$image['rank'] = $rank_of[$row['id']];
foreach (array('id', 'width', 'height', 'hit') as $k) {
if (isset($row[$k])) {
$image[$k] = (int) $row[$k];
}
}
foreach (array('file', 'name', 'comment', 'date_creation', 'date_available') as $k) {
$image[$k] = $row[$k];
}
$image = array_merge($image, ws_std_get_urls($row));
$image_tag_ids = $params['tag_mode_and'] ? $tag_ids : $image_tag_map[$image['id']];
$image_tags = array();
foreach ($image_tag_ids as $tag_id) {
$url = make_index_url(array('section' => 'tags', 'tags' => array($tags_by_id[$tag_id])));
$page_url = make_picture_url(array('section' => 'tags', 'tags' => array($tags_by_id[$tag_id]), 'image_id' => $row['id'], 'image_file' => $row['file']));
$image_tags[] = array('id' => (int) $tag_id, 'url' => $url, 'page_url' => $page_url);
}
$image['tags'] = new PwgNamedArray($image_tags, 'tag', ws_std_get_tag_xml_attributes());
$images[] = $image;
}
usort($images, 'rank_compare');
unset($rank_of);
}
return array('paging' => new PwgNamedStruct(array('page' => $params['page'], 'per_page' => $params['per_page'], 'count' => count($images), 'total_count' => $count_set)), 'images' => new PwgNamedArray($images, 'image', ws_std_get_image_xml_attributes()));
}
function forecast_render_element_content()
{
global $template, $picture, $page, $conf;
load_language('plugin.lang', FORECAST_PATH);
if (empty($page['image_id']) and !is_numeric($page['image_id'])) {
return;
}
// Load coordinates and date_creation from picture
$query = "SELECT latitude,longitude,date FROM forecast WHERE id='" . $page['image_id'] . "';";
//FIXME LIMIT 1 ?
$result = pwg_query($query);
$row = pwg_db_fetch_assoc($result);
if (!isset($row) or !isset($row['latitude']) or empty($row['latitude']) or !isset($row['longitude']) or empty($row['longitude']) or !isset($row['date']) or empty($row['date'])) {
return;
}
$lat = $row['latitude'];
$lon = $row['longitude'];
$date = $row['date'];
// Load parameter, fallback to default if unset
$fc_height = isset($conf['forecast_conf']['height']) ? $conf['forecast_conf']['height'] : '200';
$fc_header = isset($conf['forecast_conf']['link']) ? $conf['forecast_conf']['link'] : 'Overcast';
$fc_header_css = isset($conf['forecast_conf']['linkcss']) ? $conf['forecast_conf']['linkcss'] : '';
$fc_show_link = isset($conf['forecast_conf']['show']) ? $conf['forecast_conf']['show'] : 'true';
$fc_api_key = isset($conf['forecast_conf']['api_key']) ? $conf['forecast_conf']['api_key'] : '';
if (strlen($fc_header_css) != 0) {
$fc_css = "style='" . $fc_header_css . "'";
}
$fc_link = "http://forecast.io/#/f/" . $lat . "," . $lon;
// Init Forecast.io lib
include 'lib/forecast.io.php';
// Can be set to 'us', 'si', 'ca', 'uk' or 'auto' (see forecast.io API); default is auto
// Can be set to 'en', 'de', 'pl', 'es', 'fr', 'it', 'tet' or 'x-pig-latin' (see forecast.io API); default is 'en'
$fc_unit = isset($conf['forecast_conf']['unit']) ? $conf['forecast_conf']['unit'] : 'auto';
$fc_lang = isset($conf['forecast_conf']['lang']) ? $conf['forecast_conf']['lang'] : 'en';
/* Do we have a Forecast.io API key */
if (strlen($fc_api_key) != 0) {
// Make a request to Forecast.io using the user supply API, proxy set to false
$forecast = new ForecastIO($fc_api_key, $fc_unit, $fc_lang, false);
} else {
/**
* Make a request to https://forecast-xbgmsharp.rhcloud.com
* to non disclose the Forecast.io API key, proxy set to true
* Source code at https://github.com/xbgmsharp/nodejs-forecast
**/
$forecast = new ForecastIO($fc_api_key, $fc_unit, $fc_lang, true);
}
$condition = $forecast->getHistoricalConditions($lat, $lon, $date);
if (!isset($condition) or $condition === 'false') {
return;
}
//print_r($condition);
// Parse weather condition to human readable
$condition = parseCondition($condition);
// Select the template
$template->set_filenames(array('forecast_content' => dirname(__FILE__) . "/template/picture.tpl"));
// Assign the template variables
$template->assign(array('FORECAST_HEIGHT' => $fc_height, 'FORECAST_PATH' => embellish_url(get_gallery_home_url() . FORECAST_PATH), 'FORECAST_NAME' => $fc_header, 'FORECAST_NAME_CSS' => $fc_header_css, 'FORECAST_SHOW_LINK' => $fc_show_link, 'FORECAST_LINK' => $fc_link, 'FORECAST_DATA' => $condition));
// Return the rendered html
$forecast_content = $template->parse('forecast_content', true);
return $forecast_content;
}
<?php
/**********************************
* REQUIRED PATH TO THE TPL FILE */
$TOUR_PATH = PHPWG_PLUGINS_PATH . 'TakeATour/tours/2_7_0/tour.tpl';
/*********************************/
/**********************
* Preparse part *
**********************/
$template->assign('TAT_index', make_index_url(array('section' => 'categories')));
$template->assign('TAT_search', get_root_url() . 'search.php');
//picture id
if (isset($_GET['page']) and preg_match('/^photo-(\\d+)(?:-(.*))?$/', $_GET['page'], $matches)) {
$_GET['image_id'] = $matches[1];
}
check_input_parameter('image_id', $_GET, false, PATTERN_ID);
if (isset($_GET['image_id']) and pwg_get_session_var('TAT_image_id') == null) {
$template->assign('TAT_image_id', $_GET['image_id']);
pwg_set_session_var('TAT_image_id', $_GET['image_id']);
} elseif (is_numeric(pwg_get_session_var('TAT_image_id'))) {
$template->assign('TAT_image_id', pwg_get_session_var('TAT_image_id'));
} else {
$query = '
SELECT id
FROM ' . IMAGES_TABLE . '
ORDER BY RAND()
LIMIT 1
;';
$row = pwg_db_fetch_assoc(pwg_query($query));
$template->assign('TAT_image_id', $row['id']);
}
function pfemail_check_accounts()
{
global $conf, $user;
conf_update_param('pfemail_last_check', date('Y-m-d H:i:s'));
require_once PFEMAIL_PATH . 'include/ImapMailbox.php';
$image_ids = array();
$query = '
SELECT
*
FROM ' . PFEMAIL_MAILBOXES_TABLE . '
;';
$accounts = query2array($query);
foreach ($accounts as $account) {
$mailbox = new ImapMailbox($account['path'], $account['login'], $account['password'], $conf['upload_dir'] . '/buffer', 'utf-8');
$mails = array();
// Get some mail
$mailsIds = $mailbox->searchMailBox('UNSEEN');
if (!$mailsIds) {
continue;
// check next email account
}
$mailId = reset($mailsIds);
$mail = $mailbox->getMail($mailId);
$attachments = $mail->getAttachments();
include_once PHPWG_ROOT_PATH . 'admin/include/functions_upload.inc.php';
foreach ($attachments as $attachment) {
$extension = strtolower(get_extension($attachment->{'name'}));
if (!in_array($extension, $conf['picture_ext'])) {
// the file has been downloaded, we have to remove it now
unlink($attachment->{'filePath'});
continue;
}
$moderate = get_boolean($account['moderated']);
$image_id = add_uploaded_file($attachment->{'filePath'}, stripslashes($attachment->{'name'}), array($account['category_id']), $moderate ? 16 : 0, null);
// the photo is added by nobody (using the current user may make the
// photo editable by her with Admin Tools...)
single_update(IMAGES_TABLE, array('added_by' => null, 'name' => pfemail_clean_email_subject($mail->subject)), array('id' => $image_id));
$state = 'auto_validated';
if ($moderate) {
$state = 'moderation_pending';
}
list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
single_insert(PFEMAIL_PENDINGS_TABLE, array('image_id' => $image_id, 'state' => $state, 'added_on' => $dbnow, 'from_name' => $mail->fromName, 'from_address' => $mail->fromAddress, 'subject' => $mail->subject));
$image_ids[] = $image_id;
}
}
if (count($image_ids) > 0) {
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
invalidate_user_cache();
// let's notify administrators
$query = '
SELECT id
FROM ' . GROUPS_TABLE . '
;';
$group_ids = query2array($query, null, 'id');
if (count($group_ids) > 0) {
include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php';
$thumb_urls = array();
// force $conf['derivative_url_style'] to 2 (script) to make sure we
// will use i.php?/upload and not _data/i/upload because you don't
// know when the cache will be flushed
$previous_derivative_url_style = $conf['derivative_url_style'];
$conf['derivative_url_style'] = 2;
$query = '
SELECT
id,
path
FROM ' . IMAGES_TABLE . '
WHERE id IN (' . implode(',', $image_ids) . ')
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
$thumb = DerivativeImage::thumb_url(array('id' => $row['id'], 'path' => $row['path']));
$thumb_urls[] = $thumb;
}
// restore configuration setting
$conf['derivative_url_style'] = $previous_derivative_url_style;
$thumbs_html_string = '';
foreach ($thumb_urls as $thumb_url) {
if (!empty($thumbs_html_string)) {
$thumbs_html_string .= ' ';
}
$thumbs_html_string .= '<img src="' . $thumb_url . '">';
}
$content = $thumbs_html_string;
// how many photos pending?
$pendings = pfemail_get_pending_ids();
if (count($pendings) > 0) {
$content .= '<br><br>';
$content .= '<a href="' . get_absolute_root_url() . 'admin.php?page=plugin-photo_from_email-pendings' . '">';
$content .= l10n('%d photos pending for validation', count($pendings));
$content .= '</a>';
}
$real_user_id = $user['id'];
$user['id'] = $conf['guest_id'];
$subject = l10n('%d photos added by email', count($thumb_urls));
foreach ($group_ids as $group_id) {
pwg_mail_group($group_id, array('subject' => '[' . $conf['gallery_title'] . '] ' . $subject, 'mail_title' => $conf['gallery_title'], 'mail_subtitle' => $subject, 'content' => $content, 'content_format' => 'text/html'));
}
}
// restore current user
$user['id'] = $real_user_id;
}
}
}
$categories = array();
$sort = array();
list($order_by_field, $order_by_asc) = explode(' ', $_POST['order_by']);
$order_by_date = false;
if (strpos($order_by_field, 'date_') === 0) {
$order_by_date = true;
$ref_dates = get_categories_ref_date($category_ids, $order_by_field, 'ASC' == $order_by_asc ? 'min' : 'max');
}
$query = '
SELECT id, name, id_uppercat
FROM ' . CATEGORIES_TABLE . '
WHERE id IN (' . implode(',', $category_ids) . ')
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
if ($order_by_date) {
$sort[] = $ref_dates[$row['id']];
} else {
$sort[] = remove_accents($row['name']);
}
$categories[] = array('id' => $row['id'], 'id_uppercat' => $row['id_uppercat']);
}
array_multisort($sort, SORT_REGULAR, 'ASC' == $order_by_asc ? SORT_ASC : SORT_DESC, $categories);
save_categories_order($categories);
$page['infos'][] = l10n('Albums automatically sorted');
}
// +-----------------------------------------------------------------------+
// | Navigation path |
// +-----------------------------------------------------------------------+
if (isset($_GET['parent_id'])) {
function upgradeCM_221_222()
{
global $conf;
// Upgrading options
$query = '
SELECT value
FROM ' . CONFIG_TABLE . '
WHERE param = "CommentsManager"
;';
$result = pwg_query($query);
$conf_CM = pwg_db_fetch_assoc($result);
$Newconf_CM = unserialize($conf_CM['value']);
$Newconf_CM[6] = 'false';
$Newconf_CM[7] = '-1';
$update_conf = serialize($Newconf_CM);
conf_update_param('CommentsManager', pwg_db_real_escape_string($update_conf));
}