コード例 #1
0
ファイル: tabsheet.class.php プロジェクト: lcorbasson/Piwigo
 function select($name)
 {
     $this->sheets = trigger_change('tabsheet_before_select', $this->sheets, $this->uniqid);
     if (!array_key_exists($name, $this->sheets)) {
         $keys = array_keys($this->sheets);
         $name = $keys[0];
     }
     $this->selected = $name;
 }
コード例 #2
0
ファイル: password.php プロジェクト: squidjam/Piwigo
/**
 * checks the validity of input parameters, fills $page['errors'] and
 * $page['infos'] and send an email with confirmation link
 *
 * @return bool (true if email was sent, false otherwise)
 */
function process_password_request()
{
    global $page, $conf;
    if (empty($_POST['username_or_email'])) {
        $page['errors'][] = l10n('Invalid username or email');
        return false;
    }
    $user_id = get_userid_by_email($_POST['username_or_email']);
    if (!is_numeric($user_id)) {
        $user_id = get_userid($_POST['username_or_email']);
    }
    if (!is_numeric($user_id)) {
        $page['errors'][] = l10n('Invalid username or email');
        return false;
    }
    $userdata = getuserdata($user_id, false);
    // password request is not possible for guest/generic users
    $status = $userdata['status'];
    if (is_a_guest($status) or is_generic($status)) {
        $page['errors'][] = l10n('Password reset is not allowed for this user');
        return false;
    }
    if (empty($userdata['email'])) {
        $page['errors'][] = l10n('User "%s" has no email address, password reset is not possible', $userdata['username']);
        return false;
    }
    $activation_key = generate_key(20);
    list($expire) = pwg_db_fetch_row(pwg_query('SELECT ADDDATE(NOW(), INTERVAL 1 HOUR)'));
    single_update(USER_INFOS_TABLE, array('activation_key' => pwg_password_hash($activation_key), 'activation_key_expire' => $expire), array('user_id' => $user_id));
    $userdata['activation_key'] = $activation_key;
    set_make_full_url();
    $message = l10n('Someone requested that the password be reset for the following user account:') . "\r\n\r\n";
    $message .= l10n('Username "%s" on gallery %s', $userdata['username'], get_gallery_home_url());
    $message .= "\r\n\r\n";
    $message .= l10n('To reset your password, visit the following address:') . "\r\n";
    $message .= get_gallery_home_url() . '/password.php?key=' . $activation_key . '-' . urlencode($userdata['email']);
    $message .= "\r\n\r\n";
    $message .= l10n('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n";
    unset_make_full_url();
    $message = trigger_change('render_lost_password_mail_content', $message);
    $email_params = array('subject' => '[' . $conf['gallery_title'] . '] ' . l10n('Password Reset'), 'content' => $message, 'email_format' => 'text/plain');
    if (pwg_mail($userdata['email'], $email_params)) {
        $page['infos'][] = l10n('Check your email for the confirmation link');
        return true;
    } else {
        $page['errors'][] = l10n('Error sending email');
        return false;
    }
}
コード例 #3
0
    ON u.' . $conf['user_fields']['id'] . ' = author_id
  WHERE ' . implode(' AND ', $where_clauses) . '
  ORDER BY date DESC
  LIMIT ' . $conf['guestbook']['nb_comment_page'] . ' OFFSET ' . $page['start'] . '
;';
    $result = pwg_query($query);
    while ($row = pwg_db_fetch_assoc($result)) {
        if (!empty($row['author'])) {
            $author = $row['author'];
            if ($author == 'guest') {
                $author = l10n('guest');
            }
        } else {
            $author = stripslashes($row['username']);
        }
        $tpl_comment = array('ID' => $row['id'], 'AUTHOR' => trigger_change('render_comment_author', $author), 'DATE' => format_date($row['date'], true), 'CONTENT' => trigger_change('render_comment_content', $row['content'], 'guestbook'), 'WEBSITE' => $row['website']);
        if ($conf['guestbook']['activate_rating']) {
            $tpl_comment['STARS'] = get_stars($row['rate'], get_root_url() . GUESTBOOK_PATH . 'template/jquery.raty/');
        }
        if (is_admin() and !empty($row['email'])) {
            $tpl_comment['EMAIL'] = $row['email'];
        }
        if (can_manage_comment('delete', $row['author_id'])) {
            $tpl_comment['U_DELETE'] = add_url_params($url_self, array('action' => 'delete_comment', 'comment_to_delete' => $row['id'], 'pwg_token' => get_pwg_token()));
        }
        if (can_manage_comment('edit', $row['author_id'])) {
            $tpl_comment['U_EDIT'] = add_url_params($url_self, array('action' => 'edit_comment', 'comment_to_edit' => $row['id']));
            if (isset($edit_comment) and $row['id'] == $edit_comment) {
                $tpl_comment['IN_EDIT'] = true;
                $tpl_comment['KEY'] = get_ephemeral_key(2);
                $tpl_comment['CONTENT'] = $row['content'];
コード例 #4
0
ファイル: history.php プロジェクト: donseba/Piwigo
 $tags_string = '';
 if (isset($line['tag_ids'])) {
     $tags_string = preg_replace_callback('/(\\d+)/', create_function('$m', 'global $name_of_tag; return isset($name_of_tag[$m[1]]) ? $name_of_tag[$m[1]] : $m[1];'), str_replace(',', ', ', $line['tag_ids']));
 }
 $image_string = '';
 if (isset($line['image_id'])) {
     $picture_url = make_picture_url(array('image_id' => $line['image_id']));
     if (isset($image_infos[$line['image_id']])) {
         $element = array('id' => $line['image_id'], 'file' => $image_infos[$line['image_id']]['file'], 'path' => $image_infos[$line['image_id']]['path'], 'representative_ext' => $image_infos[$line['image_id']]['representative_ext']);
         $thumbnail_display = $page['search']['fields']['display_thumbnail'];
     } else {
         $thumbnail_display = 'no_display_thumbnail';
     }
     $image_title = '(' . $line['image_id'] . ')';
     if (isset($image_infos[$line['image_id']]['label'])) {
         $image_title .= ' ' . trigger_change('render_element_description', $image_infos[$line['image_id']]['label']);
     } else {
         $image_title .= ' unknown filename';
     }
     $image_string = '';
     switch ($thumbnail_display) {
         case 'no_display_thumbnail':
             $image_string = '<a href="' . $picture_url . '">' . $image_title . '</a>';
             break;
         case 'display_thumbnail_classic':
             $image_string = '<a class="thumbnail" href="' . $picture_url . '">' . '<span><img src="' . DerivativeImage::thumb_url($element) . '" alt="' . $image_title . '" title="' . $image_title . '">' . '</span></a>';
             break;
         case 'display_thumbnail_hoverbox':
             $image_string = '<a class="over" href="' . $picture_url . '">' . '<span><img src="' . DerivativeImage::thumb_url($element) . '" alt="' . $image_title . '" title="' . $image_title . '">' . '</span>' . $image_title . '</a>';
             break;
     }
コード例 #5
0
/**
 * Sends an email, using Piwigo specific informations.
 *
 * @param string|array $to
 * @param array $args
 *       o from: sender [default value webmaster email]
 *       o Cc: array of carbon copy receivers of the mail. [default value empty]
 *       o Bcc: array of blind carbon copy receivers of the mail. [default value empty]
 *       o subject [default value 'Piwigo']
 *       o content: content of mail [default value '']
 *       o content_format: format of mail content [default value 'text/plain']
 *       o email_format: global mail format [default value $conf_mail['default_email_format']]
 *       o theme: theme to use [default value $conf_mail['mail_theme']]
 *       o mail_title: main title of the mail [default value $conf['gallery_title']]
 *       o mail_subtitle: subtitle of the mail [default value subject]
 * @param array $tpl - use these options to define a custom content template file
 *       o filename
 *       o dirname (optional)
 *       o assign (optional)
 *
 * @return boolean
 */
function pwg_mail($to, $args = array(), $tpl = array())
{
    global $conf, $conf_mail, $lang_info, $page;
    if (empty($to) and empty($args['Cc']) and empty($args['Bcc'])) {
        return true;
    }
    if (!isset($conf_mail)) {
        $conf_mail = get_mail_configuration();
    }
    include_once PHPWG_ROOT_PATH . 'include/phpmailer/class.phpmailer.php';
    $mail = new PHPMailer();
    foreach (get_clean_recipients_list($to) as $recipient) {
        $mail->addAddress($recipient['email'], $recipient['name']);
    }
    $mail->WordWrap = 76;
    $mail->CharSet = 'UTF-8';
    // Compute root_path in order have complete path
    set_make_full_url();
    if (empty($args['from'])) {
        $from = array('email' => $conf_mail['email_webmaster'], 'name' => $conf_mail['name_webmaster']);
    } else {
        $from = unformat_email($args['from']);
    }
    $mail->setFrom($from['email'], $from['name']);
    $mail->addReplyTo($from['email'], $from['name']);
    // Subject
    if (empty($args['subject'])) {
        $args['subject'] = 'Piwigo';
    }
    $args['subject'] = trim(preg_replace('#[\\n\\r]+#s', '', $args['subject']));
    $mail->Subject = $args['subject'];
    // Cc
    if (!empty($args['Cc'])) {
        foreach (get_clean_recipients_list($args['Cc']) as $recipient) {
            $mail->addCC($recipient['email'], $recipient['name']);
        }
    }
    // Bcc
    $Bcc = get_clean_recipients_list(@$args['Bcc']);
    if ($conf_mail['send_bcc_mail_webmaster']) {
        $Bcc[] = array('email' => get_webmaster_mail_address(), 'name' => '');
    }
    if (!empty($Bcc)) {
        foreach ($Bcc as $recipient) {
            $mail->addBCC($recipient['email'], $recipient['name']);
        }
    }
    // theme
    if (empty($args['theme']) or !in_array($args['theme'], array('clear', 'dark'))) {
        $args['theme'] = $conf_mail['mail_theme'];
    }
    // content
    if (!isset($args['content'])) {
        $args['content'] = '';
    }
    // try to decompose subject like "[....] ...."
    if (!isset($args['mail_title']) and !isset($args['mail_subtitle'])) {
        if (preg_match('#^\\[(.*)\\](.*)$#', $args['subject'], $matches)) {
            $args['mail_title'] = $matches[1];
            $args['mail_subtitle'] = $matches[2];
        }
    }
    if (!isset($args['mail_title'])) {
        $args['mail_title'] = $conf['gallery_title'];
    }
    if (!isset($args['mail_subtitle'])) {
        $args['mail_subtitle'] = $args['subject'];
    }
    // content type
    if (empty($args['content_format'])) {
        $args['content_format'] = 'text/plain';
    }
    $content_type_list = array();
    if ($conf_mail['mail_allow_html'] and @$args['email_format'] != 'text/plain') {
        $content_type_list[] = 'text/html';
    }
    $content_type_list[] = 'text/plain';
    $contents = array();
    foreach ($content_type_list as $content_type) {
        // key compose of indexes witch allow to cache mail data
        $cache_key = $content_type . '-' . $lang_info['code'];
        if (!isset($conf_mail[$cache_key])) {
            // instanciate a new Template
            if (!isset($conf_mail[$cache_key]['theme'])) {
                $conf_mail[$cache_key]['theme'] = get_mail_template($content_type);
                trigger_notify('before_parse_mail_template', $cache_key, $content_type);
            }
            $template =& $conf_mail[$cache_key]['theme'];
            $template->set_filename('mail_header', 'header.tpl');
            $template->set_filename('mail_footer', 'footer.tpl');
            $template->assign(array('GALLERY_URL' => get_gallery_home_url(), 'GALLERY_TITLE' => isset($page['gallery_title']) ? $page['gallery_title'] : $conf['gallery_title'], 'VERSION' => $conf['show_version'] ? PHPWG_VERSION : '', 'PHPWG_URL' => defined('PHPWG_URL') ? PHPWG_URL : '', 'CONTENT_ENCODING' => get_pwg_charset(), 'CONTACT_MAIL' => $conf_mail['email_webmaster']));
            if ($content_type == 'text/html') {
                if ($template->smarty->templateExists('global-mail-css.tpl')) {
                    $template->set_filename('global-css', 'global-mail-css.tpl');
                    $template->assign_var_from_handle('GLOBAL_MAIL_CSS', 'global-css');
                }
                if ($template->smarty->templateExists('mail-css-' . $args['theme'] . '.tpl')) {
                    $template->set_filename('css', 'mail-css-' . $args['theme'] . '.tpl');
                    $template->assign_var_from_handle('MAIL_CSS', 'css');
                }
            }
        }
        $template =& $conf_mail[$cache_key]['theme'];
        $template->assign(array('MAIL_TITLE' => $args['mail_title'], 'MAIL_SUBTITLE' => $args['mail_subtitle']));
        // Header
        $contents[$content_type] = $template->parse('mail_header', true);
        // Content
        // Stored in a temp variable, if a content template is used it will be assigned
        // to the $CONTENT template variable, otherwise it will be appened to the mail
        if ($args['content_format'] == 'text/plain' and $content_type == 'text/html') {
            // convert plain text to html
            $mail_content = '<p>' . nl2br(preg_replace('/(https?:\\/\\/([-\\w\\.]+[-\\w])+(:\\d+)?(\\/([\\w\\/_\\.\\#-]*(\\?\\S+)?[^\\.\\s])?)?)/i', '<a href="$1">$1</a>', htmlspecialchars($args['content']))) . '</p>';
        } else {
            if ($args['content_format'] == 'text/html' and $content_type == 'text/plain') {
                // convert html text to plain text
                $mail_content = strip_tags($args['content']);
            } else {
                $mail_content = $args['content'];
            }
        }
        // Runtime template
        if (isset($tpl['filename'])) {
            if (isset($tpl['dirname'])) {
                $template->set_template_dir($tpl['dirname'] . '/' . $content_type);
            }
            if ($template->smarty->templateExists($tpl['filename'] . '.tpl')) {
                $template->set_filename($tpl['filename'], $tpl['filename'] . '.tpl');
                if (!empty($tpl['assign'])) {
                    $template->assign($tpl['assign']);
                }
                $template->assign('CONTENT', $mail_content);
                $contents[$content_type] .= $template->parse($tpl['filename'], true);
            } else {
                $contents[$content_type] .= $mail_content;
            }
        } else {
            $contents[$content_type] .= $mail_content;
        }
        // Footer
        $contents[$content_type] .= $template->parse('mail_footer', true);
    }
    // Undo Compute root_path in order have complete path
    unset_make_full_url();
    // Send content to PHPMailer
    if (isset($contents['text/html'])) {
        $mail->isHTML(true);
        $mail->Body = move_css_to_body($contents['text/html']);
        if (isset($contents['text/plain'])) {
            $mail->AltBody = $contents['text/plain'];
        }
    } else {
        $mail->isHTML(false);
        $mail->Body = $contents['text/plain'];
    }
    if ($conf_mail['use_smtp']) {
        // now we need to split port number
        if (strpos($conf_mail['smtp_host'], ':') !== false) {
            list($smtp_host, $smtp_port) = explode(':', $conf_mail['smtp_host']);
        } else {
            $smtp_host = $conf_mail['smtp_host'];
            $smtp_port = 25;
        }
        $mail->IsSMTP();
        // enables SMTP debug information (for testing) 2 - debug, 0 - no message
        $mail->SMTPDebug = 0;
        $mail->Host = $smtp_host;
        $mail->Port = $smtp_port;
        if (!empty($conf_mail['smtp_secure']) and in_array($conf_mail['smtp_secure'], array('ssl', 'tls'))) {
            $mail->SMTPSecure = $conf_mail['smtp_secure'];
        }
        if (!empty($conf_mail['smtp_user'])) {
            $mail->SMTPAuth = true;
            $mail->Username = $conf_mail['smtp_user'];
            $mail->Password = $conf_mail['smtp_password'];
        }
    }
    $ret = true;
    $pre_result = trigger_change('before_send_mail', true, $to, $args, $mail);
    if ($pre_result) {
        $ret = $mail->send();
        if (!$ret and (!ini_get('display_errors') or is_admin())) {
            trigger_error('Mailer Error: ' . $mail->ErrorInfo, E_USER_WARNING);
        }
        if ($conf['debug_mail']) {
            pwg_send_mail_test($ret, $mail, $args);
        }
    }
    return $ret;
}
コード例 #6
0
ファイル: comments.php プロジェクト: lcorbasson/Piwigo
    validated,
    c.anonymous_id
  FROM ' . COMMENTS_TABLE . ' AS c
    INNER JOIN ' . IMAGES_TABLE . ' AS i
      ON i.id = c.image_id
    LEFT JOIN ' . USERS_TABLE . ' AS u
      ON u.' . $conf['user_fields']['id'] . ' = c.author_id
  WHERE ' . implode(' AND ', $where_clauses) . '
  ORDER BY c.date DESC
  LIMIT ' . $page['start'] . ', ' . $conf['comments_page_nb_comments'] . '
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
    $thumb = DerivativeImage::thumb_url(array('id' => $row['image_id'], 'path' => $row['path']));
    if (empty($row['author_id'])) {
        $author_name = $row['author'];
    } else {
        $author_name = stripslashes($row['username']);
    }
    $template->append('comments', array('U_PICTURE' => get_root_url() . 'admin.php?page=photo-' . $row['image_id'], 'ID' => $row['id'], 'TN_SRC' => $thumb, 'AUTHOR' => trigger_change('render_comment_author', $author_name), 'DATE' => format_date($row['date'], array('day_name', 'day', 'month', 'year', 'time')), 'CONTENT' => trigger_change('render_comment_content', $row['content']), 'IS_PENDING' => 'false' == $row['validated'], 'IP' => $row['anonymous_id']));
    $list[] = $row['id'];
}
// +-----------------------------------------------------------------------+
// |                            navigation bar                             |
// +-----------------------------------------------------------------------+
$navbar = create_navigation_bar(get_root_url() . 'admin.php' . get_query_string_diff(array('start')), 'pending' == $page['filter'] ? $nb_pending : $nb_total, $page['start'], $conf['comments_page_nb_comments']);
$template->assign('navbar', $navbar);
// +-----------------------------------------------------------------------+
// |                           sending html code                           |
// +-----------------------------------------------------------------------+
$template->assign_var_from_handle('ADMIN_CONTENT', 'comments');
コード例 #7
0
function insert_user_comment_guestbook(&$comm, $key)
{
    global $conf, $user, $page;
    $comm = array_merge($comm, array('ip' => $_SERVER['REMOTE_ADDR'], 'agent' => $_SERVER['HTTP_USER_AGENT']));
    if (!$conf['guestbook']['comments_validation'] or is_admin()) {
        $comment_action = 'validate';
    } else {
        $comment_action = 'moderate';
    }
    // author
    if (!is_classic_user()) {
        if (empty($comm['author'])) {
            $page['errors'][] = l10n('Please enter your username');
            $comment_action = 'reject';
        } else {
            $comm['author_id'] = $conf['guest_id'];
            // if a guest try to use the name of an already existing user,
            // he must be rejected
            $query = '
SELECT COUNT(*) AS user_exists
  FROM ' . USERS_TABLE . '
  WHERE ' . $conf['user_fields']['username'] . " = '" . addslashes($comm['author']) . "'\n;";
            $row = pwg_db_fetch_assoc(pwg_query($query));
            if ($row['user_exists'] == 1) {
                $page['errors'][] = l10n('This login is already used by another user');
                $comment_action = 'reject';
            }
        }
    } else {
        $comm['author'] = addslashes($user['username']);
        $comm['author_id'] = $user['id'];
    }
    // content
    if (empty($comm['content'])) {
        $comment_action = 'reject';
    }
    // key
    if (!verify_ephemeral_key(@$key)) {
        $comment_action = 'reject';
        $_POST['cr'][] = 'key';
    }
    // email
    if (empty($comm['email']) and is_classic_user() and !empty($user['email'])) {
        $comm['email'] = $user['email'];
    } else {
        if (empty($comm['email']) and $conf['comments_email_mandatory']) {
            $page['errors'][] = l10n('mail address must be like xxx@yyy.eee (example : jack@altern.org)');
            $comment_action = 'reject';
        } else {
            if (!empty($comm['email']) and !email_check_format($comm['email'])) {
                $page['errors'][] = l10n('mail address must be like xxx@yyy.eee (example : jack@altern.org)');
                $comment_action = 'reject';
            }
        }
    }
    // website
    if (!empty($comm['website'])) {
        $comm['website'] = strip_tags($comm['website']);
        if (!preg_match('/^(https?:\\/\\/)/i', $comm['website'])) {
            $comm['website'] = 'http://' . $comm['website'];
        }
        if (!url_check_format($comm['website'])) {
            $page['errors'][] = l10n('invalid website address');
            $comment_action = 'reject';
        }
    }
    // anonymous id = ip address
    $ip_components = explode('.', $_SERVER["REMOTE_ADDR"]);
    if (count($ip_components) > 3) {
        array_pop($ip_components);
    }
    $comm['anonymous_id'] = implode('.', $ip_components);
    // comment validation and anti-spam
    if ($comment_action != 'reject' and $conf['anti-flood_time'] > 0 and !is_admin()) {
        $reference_date = pwg_db_get_flood_period_expression($conf['anti-flood_time']);
        $query = '
SELECT COUNT(1) FROM ' . GUESTBOOK_TABLE . '
  WHERE 
    date > ' . $reference_date . '
    AND author_id = ' . $comm['author_id'];
        if (!is_classic_user()) {
            $query .= '
      AND anonymous_id = "' . $comm['anonymous_id'] . '"';
        }
        $query .= '
;';
        list($counter) = pwg_db_fetch_row(pwg_query($query));
        if ($counter > 0) {
            $page['errors'][] = l10n('Anti-flood system : please wait for a moment before trying to post another comment');
            $comment_action = 'reject';
        }
    }
    // perform more spam check
    $comment_action = trigger_change('user_comment_check', $comment_action, $comm, 'guestbook');
    if ($comment_action != 'reject') {
        $query = '
INSERT INTO ' . GUESTBOOK_TABLE . '(
    author, 
    author_id, 
    anonymous_id,
    content, 
    date, 
    validated, 
    validation_date, 
    website, 
    rate, 
    email
  )
  VALUES (
    \'' . $comm['author'] . '\',
    ' . $comm['author_id'] . ',
    \'' . $comm['anonymous_id'] . '\',
    \'' . $comm['content'] . '\',
    NOW(),
    \'' . ($comment_action == 'validate' ? 'true' : 'false') . '\',
    ' . ($comment_action == 'validate' ? 'NOW()' : 'NULL') . ',
    ' . (!empty($comm['website']) ? '\'' . $comm['website'] . '\'' : 'NULL') . ',
    ' . (!empty($comm['rate']) ? $comm['rate'] : 'NULL') . ',
    ' . (!empty($comm['email']) ? '\'' . $comm['email'] . '\'' : 'NULL') . '
  )
';
        pwg_query($query);
        $comm['id'] = pwg_db_insert_id(GUESTBOOK_TABLE);
        if ($conf['guestbook']['email_admin_on_comment'] and 'validate' == $comment_action or $conf['guestbook']['email_admin_on_comment_validation'] and 'moderate' == $comment_action) {
            include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php';
            $comment_url = add_url_params(GUESTBOOK_URL, array('comment_id' => $comm['id']));
            $keyargs_content = array(get_l10n_args('Author: %s', stripslashes($comm['author'])), get_l10n_args('Comment: %s', stripslashes($comm['content'])), get_l10n_args('', ''), get_l10n_args('Manage this user comment: %s', $comment_url));
            if ('moderate' == $comment_action) {
                $keyargs_content[] = get_l10n_args('', '');
                $keyargs_content[] = get_l10n_args('(!) This comment requires validation', '');
            }
            pwg_mail_notification_admins(get_l10n_args('Comment by %s', stripslashes($comm['author'])), $keyargs_content);
        }
    }
    return $comment_action;
}
コード例 #8
0
ファイル: ws_core.inc.php プロジェクト: squidjam/Piwigo
 /**
  *  Invokes a registered method. Returns the return of the method (or
  *  a PwgError object if the method is not found)
  *  @param methodName string the name of the method to invoke
  *  @param params array array of parameters to pass to the invoked method
  */
 function invoke($methodName, $params)
 {
     $method = @$this->_methods[$methodName];
     if ($method == null) {
         return new PwgError(WS_ERR_INVALID_METHOD, 'Method name is not valid');
     }
     if (isset($method['options']['post_only']) and $method['options']['post_only'] and !self::isPost()) {
         return new PwgError(405, 'This method requires HTTP POST');
     }
     if (isset($method['options']['admin_only']) and $method['options']['admin_only'] and !is_admin()) {
         return new PwgError(401, 'Access denied');
     }
     // parameter check and data correction
     $signature = $method['signature'];
     $missing_params = array();
     foreach ($signature as $name => $options) {
         $flags = $options['flags'];
         // parameter not provided in the request
         if (!array_key_exists($name, $params)) {
             if (!self::hasFlag($flags, WS_PARAM_OPTIONAL)) {
                 $missing_params[] = $name;
             } else {
                 if (array_key_exists('default', $options)) {
                     $params[$name] = $options['default'];
                     if (self::hasFlag($flags, WS_PARAM_FORCE_ARRAY)) {
                         self::makeArrayParam($params[$name]);
                     }
                 }
             }
         } else {
             if ($params[$name] === '' and !self::hasFlag($flags, WS_PARAM_OPTIONAL)) {
                 $missing_params[] = $name;
             } else {
                 $the_param = $params[$name];
                 if (is_array($the_param) and !self::hasFlag($flags, WS_PARAM_ACCEPT_ARRAY)) {
                     return new PwgError(WS_ERR_INVALID_PARAM, $name . ' must be scalar');
                 }
                 if (self::hasFlag($flags, WS_PARAM_FORCE_ARRAY)) {
                     self::makeArrayParam($the_param);
                 }
                 if ($options['type'] > 0) {
                     if (($ret = self::checkType($the_param, $options['type'], $name)) !== null) {
                         return $ret;
                     }
                 }
                 if (isset($options['maxValue']) and $the_param > $options['maxValue']) {
                     $the_param = $options['maxValue'];
                 }
                 $params[$name] = $the_param;
             }
         }
     }
     if (count($missing_params)) {
         return new PwgError(WS_ERR_MISSING_PARAM, 'Missing parameters: ' . implode(',', $missing_params));
     }
     $result = trigger_change('ws_invoke_allowed', true, $methodName, $params);
     if (strtolower(@get_class($result)) != 'pwgerror') {
         if (!empty($method['include'])) {
             include_once $method['include'];
         }
         $result = call_user_func_array($method['callback'], array($params, &$this));
     }
     return $result;
 }
コード例 #9
0
/**
 * @see get_quick_search_results but without result caching
 */
function get_quick_search_results_no_cache($q, $options)
{
    global $conf;
    $q = trim(stripslashes($q));
    $search_results = array('items' => array(), 'qs' => array('q' => $q));
    $q = trigger_change('qsearch_pre', $q);
    $scopes = array();
    $scopes[] = new QSearchScope('tag', array('tags'));
    $scopes[] = new QSearchScope('photo', array('photos'));
    $scopes[] = new QSearchScope('file', array('filename'));
    $scopes[] = new QSearchScope('author', array(), true);
    $scopes[] = new QNumericRangeScope('width', array());
    $scopes[] = new QNumericRangeScope('height', array());
    $scopes[] = new QNumericRangeScope('ratio', array(), false, 0.001);
    $scopes[] = new QNumericRangeScope('size', array());
    $scopes[] = new QNumericRangeScope('filesize', array());
    $scopes[] = new QNumericRangeScope('hits', array('hit', 'visit', 'visits'));
    $scopes[] = new QNumericRangeScope('score', array('rating'), true);
    $scopes[] = new QNumericRangeScope('id', array());
    $createdDateAliases = array('taken', 'shot');
    $postedDateAliases = array('added');
    if ($conf['calendar_datefield'] == 'date_creation') {
        $createdDateAliases[] = 'date';
    } else {
        $postedDateAliases[] = 'date';
    }
    $scopes[] = new QDateRangeScope('created', $createdDateAliases, true);
    $scopes[] = new QDateRangeScope('posted', $postedDateAliases);
    // allow plugins to add their own scopes
    $scopes = trigger_change('qsearch_get_scopes', $scopes);
    $expression = new QExpression($q, $scopes);
    // get inflections for terms
    $inflector = null;
    $lang_code = substr(get_default_language(), 0, 2);
    @(include_once PHPWG_ROOT_PATH . 'include/inflectors/' . $lang_code . '.php');
    $class_name = 'Inflector_' . $lang_code;
    if (class_exists($class_name)) {
        $inflector = new $class_name();
        foreach ($expression->stokens as $token) {
            if (isset($token->scope) && !$token->scope->is_text) {
                continue;
            }
            if (strlen($token->term) > 2 && ($token->modifier & (QST_QUOTED | QST_WILDCARD)) == 0 && strcspn($token->term, '\'0123456789') == strlen($token->term)) {
                $token->variants = array_unique(array_diff($inflector->get_variants($token->term), array($token->term)));
            }
        }
    }
    trigger_notify('qsearch_expression_parsed', $expression);
    //var_export($expression);
    if (count($expression->stokens) == 0) {
        return $search_results;
    }
    $qsr = new QResults();
    qsearch_get_tags($expression, $qsr);
    qsearch_get_images($expression, $qsr);
    // allow plugins to evaluate their own scopes
    trigger_notify('qsearch_before_eval', $expression, $qsr);
    $ids = qsearch_eval($expression, $qsr, $tmp, $search_results['qs']['unmatched_terms']);
    $debug[] = "<!--\nparsed: " . $expression;
    $debug[] = count($expression->stokens) . ' tokens';
    for ($i = 0; $i < count($expression->stokens); $i++) {
        $debug[] = $expression->stokens[$i] . ': ' . count($qsr->tag_ids[$i]) . ' tags, ' . count($qsr->tag_iids[$i]) . ' tiids, ' . count($qsr->images_iids[$i]) . ' iiids, ' . count($qsr->iids[$i]) . ' iids' . ' modifier:' . dechex($expression->stoken_modifiers[$i]) . (!empty($expression->stokens[$i]->variants) ? ' variants: ' . implode(', ', $expression->stokens[$i]->variants) : '');
    }
    $debug[] = 'before perms ' . count($ids);
    $search_results['qs']['matching_tags'] = $qsr->all_tags;
    $search_results = trigger_change('qsearch_results', $search_results, $expression, $qsr);
    global $template;
    if (empty($ids)) {
        $debug[] = '-->';
        $template->append('footer_elements', implode("\n", $debug));
        return $search_results;
    }
    $permissions = !isset($options['permissions']) ? true : $options['permissions'];
    $where_clauses = array();
    $where_clauses[] = 'i.id IN (' . implode(',', $ids) . ')';
    if (!empty($options['images_where'])) {
        $where_clauses[] = '(' . $options['images_where'] . ')';
    }
    if ($permissions) {
        $where_clauses[] = get_sql_condition_FandF(array('forbidden_categories' => 'category_id', 'forbidden_images' => 'i.id'), null, true);
    }
    $query = '
SELECT DISTINCT(id) FROM ' . IMAGES_TABLE . ' i';
    if ($permissions) {
        $query .= '
    INNER JOIN ' . IMAGE_CATEGORY_TABLE . ' AS ic ON id = ic.image_id';
    }
    $query .= '
  WHERE ' . implode("\n AND ", $where_clauses) . "\n" . $conf['order_by'];
    $ids = query2array($query, null, 'id');
    $debug[] = count($ids) . ' final photo count -->';
    $template->append('footer_elements', implode("\n", $debug));
    $search_results['items'] = $ids;
    return $search_results;
}
コード例 #10
0
ファイル: maintenance.php プロジェクト: donseba/Piwigo
        break;
    default:
        break;
}
// +-----------------------------------------------------------------------+
// |                             template init                             |
// +-----------------------------------------------------------------------+
$template->set_filenames(array('maintenance' => 'maintenance.tpl'));
$url_format = get_root_url() . 'admin.php?page=maintenance&amp;action=%s&amp;pwg_token=' . get_pwg_token();
$purge_urls[l10n('All')] = sprintf($url_format, 'derivatives') . '&amp;type=all';
foreach (ImageStdParams::get_defined_type_map() as $params) {
    $purge_urls[l10n($params->type)] = sprintf($url_format, 'derivatives') . '&amp;type=' . $params->type;
}
$purge_urls[l10n(IMG_CUSTOM)] = sprintf($url_format, 'derivatives') . '&amp;type=' . IMG_CUSTOM;
$template->assign(array('U_MAINT_CATEGORIES' => sprintf($url_format, 'categories'), 'U_MAINT_IMAGES' => sprintf($url_format, 'images'), 'U_MAINT_ORPHAN_TAGS' => sprintf($url_format, 'delete_orphan_tags'), 'U_MAINT_USER_CACHE' => sprintf($url_format, 'user_cache'), 'U_MAINT_HISTORY_DETAIL' => sprintf($url_format, 'history_detail'), 'U_MAINT_HISTORY_SUMMARY' => sprintf($url_format, 'history_summary'), 'U_MAINT_SESSIONS' => sprintf($url_format, 'sessions'), 'U_MAINT_FEEDS' => sprintf($url_format, 'feeds'), 'U_MAINT_DATABASE' => sprintf($url_format, 'database'), 'U_MAINT_C13Y' => sprintf($url_format, 'c13y'), 'U_MAINT_SEARCH' => sprintf($url_format, 'search'), 'U_MAINT_COMPILED_TEMPLATES' => sprintf($url_format, 'compiled-templates'), 'U_MAINT_DERIVATIVES' => sprintf($url_format, 'derivatives'), 'purge_derivatives' => $purge_urls, 'U_HELP' => get_root_url() . 'admin/popuphelp.php?page=maintenance'));
if ($conf['gallery_locked']) {
    $template->assign(array('U_MAINT_UNLOCK_GALLERY' => sprintf($url_format, 'unlock_gallery')));
} else {
    $template->assign(array('U_MAINT_LOCK_GALLERY' => sprintf($url_format, 'lock_gallery')));
}
// +-----------------------------------------------------------------------+
// | Define advanced features                                              |
// +-----------------------------------------------------------------------+
$advanced_features = array();
//$advanced_features is array of array composed of CAPTION & URL
$advanced_features = trigger_change('get_admin_advanced_features_links', $advanced_features);
$template->assign('advanced_features', $advanced_features);
// +-----------------------------------------------------------------------+
// |                           sending html code                           |
// +-----------------------------------------------------------------------+
$template->assign_var_from_handle('ADMIN_CONTENT', 'maintenance');
コード例 #11
0
ファイル: template.class.php プロジェクト: squidjam/Piwigo
 /**
  * Process a CSS file.
  *
  * @param string $css file content
  * @param string $file
  * @param string $header CSS directives that must appear first in
  *                       the minified file.
  * @return string
  */
 private static function process_css($css, $file, &$header)
 {
     $css = self::process_css_rec($css, dirname($file), $header);
     if (strpos($file, '.min') === false and version_compare(PHP_VERSION, '5.2.4', '>=')) {
         require_once PHPWG_ROOT_PATH . 'include/cssmin.class.php';
         $css = CssMin::minify($css, array('Variables' => false));
     }
     $css = trigger_change('combined_css_postfilter', $css);
     return $css;
 }
コード例 #12
0
ファイル: section_init.inc.php プロジェクト: squidjam/Piwigo
    // In case of incompatibility, the session stored image_order is removed.
    if ($orders[$image_order_id][2]) {
        $conf['order_by'] = str_replace('ORDER BY ', 'ORDER BY ' . $orders[$image_order_id][1] . ',', $conf['order_by']);
        $page['super_order_by'] = true;
    } else {
        pwg_unset_session_var('image_order');
        $page['super_order_by'] = false;
    }
}
$forbidden = get_sql_condition_FandF(array('forbidden_categories' => 'category_id', 'visible_categories' => 'category_id', 'visible_images' => 'id'), 'AND');
// +-----------------------------------------------------------------------+
// |                              category                                 |
// +-----------------------------------------------------------------------+
if ('categories' == $page['section']) {
    if (isset($page['category'])) {
        $page = array_merge($page, array('comment' => trigger_change('render_category_description', $page['category']['comment'], 'main_page_category_description'), 'title' => get_cat_display_name($page['category']['upper_names'], '', false)));
    } else {
        $page['title'] = '';
        // will be set later
    }
    // GET IMAGES LIST
    if ($page['startcat'] == 0 and !isset($page['chronology_field']) and (isset($page['category']) or isset($page['flat']))) {
        if (!empty($page['category']['image_order']) and !isset($page['super_order_by'])) {
            $conf['order_by'] = ' ORDER BY ' . $page['category']['image_order'];
        }
        // flat categories mode
        if (isset($page['flat'])) {
            // get all allowed sub-categories
            if (isset($page['category'])) {
                $query = '
SELECT id
コード例 #13
0
ファイル: site_manager.php プロジェクト: lcorbasson/Piwigo
  ON c.id=i.storage_category_id 
  WHERE c.site_id IS NOT NULL
  GROUP BY c.site_id
;';
$sites_detail = hash_from_query($query, 'site_id');
$query = '
SELECT *
  FROM ' . SITES_TABLE . '
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
    $is_remote = url_is_remote($row['galleries_url']);
    $base_url = PHPWG_ROOT_PATH . 'admin.php';
    $base_url .= '?page=site_manager';
    $base_url .= '&amp;site=' . $row['id'];
    $base_url .= '&amp;pwg_token=' . get_pwg_token();
    $base_url .= '&amp;action=';
    $update_url = PHPWG_ROOT_PATH . 'admin.php';
    $update_url .= '?page=site_update';
    $update_url .= '&amp;site=' . $row['id'];
    $tpl_var = array('NAME' => $row['galleries_url'], 'TYPE' => l10n($is_remote ? 'Remote' : 'Local'), 'CATEGORIES' => (int) @$sites_detail[$row['id']]['nb_categories'], 'IMAGES' => (int) @$sites_detail[$row['id']]['nb_images'], 'U_SYNCHRONIZE' => $update_url);
    if ($row['id'] != 1) {
        $tpl_var['U_DELETE'] = $base_url . 'delete';
    }
    $plugin_links = array();
    //$plugin_links is array of array composed of U_HREF, U_HINT & U_CAPTION
    $plugin_links = trigger_change('get_admins_site_links', $plugin_links, $row['id'], $is_remote);
    $tpl_var['plugin_links'] = $plugin_links;
    $template->append('sites', $tpl_var);
}
$template->assign_var_from_handle('ADMIN_CONTENT', 'site_manager');
コード例 #14
0
ファイル: album_notification.php プロジェクト: donseba/Piwigo
       is empty find child representative_picture_id */
    if (!empty($category['representative_picture_id'])) {
        $img = array();
        $query = '
SELECT id, file, path, representative_ext
  FROM ' . IMAGES_TABLE . '
  WHERE id = ' . $category['representative_picture_id'] . '
;';
        $result = pwg_query($query);
        if (pwg_db_num_rows($result) > 0) {
            $element = pwg_db_fetch_assoc($result);
            $img = array('link' => make_picture_url(array('image_id' => $element['id'], 'image_file' => $element['file'], 'category' => $category)), 'src' => DerivativeImage::url(IMG_THUMB, $element));
        }
    }
    $args = array('subject' => l10n('[%s] Visit album %s', $conf['gallery_title'], trigger_change('render_category_name', $category['name'], 'admin_cat_list')));
    $tpl = array('filename' => 'cat_group_info', 'assign' => array('IMG' => $img, 'CAT_NAME' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'), 'LINK' => make_index_url(array('category' => array('id' => $category['id'], 'name' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'), 'permalink' => $category['permalink']))), 'CPL_CONTENT' => empty($_POST['mail_content']) ? '' : stripslashes($_POST['mail_content'])));
    if ('users' == $_POST['who'] and isset($_POST['users']) and count($_POST['users']) > 0) {
        check_input_parameter('users', $_POST, true, PATTERN_ID);
        // TODO code very similar to function pwg_mail_group. We'd better create
        // a function pwg_mail_users that could be called from here and from
        // pwg_mail_group
        // TODO to make checks even better, we should check that theses users
        // have access to this album. No real privacy issue here, even if we
        // send the email to a user without permission.
        $query = '
SELECT
    ui.user_id,
    ui.status,
    ui.language,
    u.' . $conf['user_fields']['email'] . ' AS email,
    u.' . $conf['user_fields']['username'] . ' AS username
コード例 #15
0
ファイル: admin.php プロジェクト: lcorbasson/Piwigo
  FROM ' . CADDIE_TABLE . '
  WHERE user_id = ' . $user['id'] . '
;';
list($nb_photos_in_caddie) = pwg_db_fetch_row(pwg_query($query));
if ($nb_photos_in_caddie > 0) {
    $template->assign(array('NB_PHOTOS_IN_CADDIE' => $nb_photos_in_caddie, 'U_CADDIE' => $link_start . 'batch_manager&amp;filter=prefilter-caddie'));
}
// any orphan photo?
$nb_orphans = count(get_orphans());
if ($nb_orphans > 0) {
    $template->assign(array('NB_ORPHANS' => $nb_orphans, 'U_ORPHANS' => $link_start . 'batch_manager&amp;filter=prefilter-no_album'));
}
// +-----------------------------------------------------------------------+
// | Plugin menu                                                           |
// +-----------------------------------------------------------------------+
$plugin_menu_links = trigger_change('get_admin_plugin_menu_links', array());
function UC_name_compare($a, $b)
{
    return strcmp(strtolower($a['NAME']), strtolower($b['NAME']));
}
usort($plugin_menu_links, 'UC_name_compare');
$template->assign('plugin_menu_items', $plugin_menu_links);
// +-----------------------------------------------------------------------+
// | Refresh permissions                                                   |
// +-----------------------------------------------------------------------+
// Only for pages witch change permissions
if (in_array($page['page'], array('site_manager', 'site_update')) or !empty($_POST) and in_array($page['page'], array('album', 'cat_move', 'cat_options', 'user_list', 'user_perm'))) {
    invalidate_user_cache();
}
// +-----------------------------------------------------------------------+
// | Include specific page                                                 |
コード例 #16
0
ファイル: page_header.php プロジェクト: donseba/Piwigo
// | This program is distributed in the hope that it will be useful, but   |
// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
// | General Public License for more details.                              |
// |                                                                       |
// | You should have received a copy of the GNU General Public License     |
// | along with this program; if not, write to the Free Software           |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA.                                                                  |
// +-----------------------------------------------------------------------+
//
// Start output of page
//
$template->set_filenames(array('header' => 'header.tpl'));
trigger_notify('loc_begin_page_header');
$template->assign(array('GALLERY_TITLE' => isset($page['gallery_title']) ? $page['gallery_title'] : $conf['gallery_title'], 'PAGE_BANNER' => trigger_change('render_page_banner', str_replace('%gallery_title%', $conf['gallery_title'], isset($page['page_banner']) ? $page['page_banner'] : $conf['page_banner'])), 'BODY_ID' => isset($page['body_id']) ? $page['body_id'] : '', 'CONTENT_ENCODING' => get_pwg_charset(), 'PAGE_TITLE' => strip_tags($title), 'U_HOME' => get_gallery_home_url(), 'LEVEL_SEPARATOR' => $conf['level_separator']));
// Header notes
if (!empty($header_notes)) {
    $template->assign('header_notes', $header_notes);
}
// No referencing is required
if (!$conf['meta_ref']) {
    $page['meta_robots']['noindex'] = 1;
    $page['meta_robots']['nofollow'] = 1;
}
if (!empty($page['meta_robots'])) {
    $template->append('head_elements', '<meta name="robots" content="' . implode(',', array_keys($page['meta_robots'])) . '">');
}
if (!isset($page['meta_robots']['noindex'])) {
    $template->assign('meta_ref', 1);
}
コード例 #17
0
ファイル: picture_modify.php プロジェクト: donseba/Piwigo
 $data = array();
 $data['id'] = $_GET['image_id'];
 $data['name'] = $_POST['name'];
 $data['author'] = $_POST['author'];
 $data['level'] = $_POST['level'];
 if ($conf['allow_html_descriptions']) {
     $data['comment'] = @$_POST['description'];
 } else {
     $data['comment'] = strip_tags(@$_POST['description']);
 }
 if (!empty($_POST['date_creation'])) {
     $data['date_creation'] = $_POST['date_creation'];
 } else {
     $data['date_creation'] = null;
 }
 $data = trigger_change('picture_modify_before_update', $data);
 single_update(IMAGES_TABLE, $data, array('id' => $data['id']));
 // time to deal with tags
 $tag_ids = array();
 if (!empty($_POST['tags'])) {
     $tag_ids = get_tag_ids($_POST['tags']);
 }
 set_tags($tag_ids, $_GET['image_id']);
 // association to albums
 if (!isset($_POST['associate'])) {
     $_POST['associate'] = array();
 }
 check_input_parameter('associate', $_POST, true, PATTERN_ID);
 move_images_to_categories(array($_GET['image_id']), $_POST['associate']);
 invalidate_user_cache();
 // thumbnail for albums
コード例 #18
0
ファイル: picture.php プロジェクト: lcorbasson/Piwigo
    $query = '
SELECT id, name, permalink
  FROM ' . CATEGORIES_TABLE . '
  WHERE id IN (' . implode(',', $ids) . ')';
    $cat_map = hash_from_query($query, 'id');
    foreach ($related_categories as $category) {
        $cats = array();
        foreach (explode(',', $category['uppercats']) as $id) {
            $cats[] = $cat_map[$id];
        }
        $template->append('related_categories', get_cat_display_name($cats));
    }
}
// maybe someone wants a special display (call it before page_header so that
// they can add stylesheets)
$element_content = trigger_change('render_element_content', '', $picture['current']);
$template->assign('ELEMENT_CONTENT', $element_content);
if (isset($picture['next']) and $picture['next']['src_image']->is_original() and $template->get_template_vars('U_PREFETCH') == null and strpos(@$_SERVER['HTTP_USER_AGENT'], 'Chrome/') === false) {
    $template->assign('U_PREFETCH', $picture['next']['derivatives'][pwg_get_session_var('picture_deriv', $conf['derivative_default_size'])]->get_url());
}
$template->assign('U_CANONICAL', make_picture_url(array('image_id' => $picture['current']['id'], 'image_file' => $picture['current']['file'])));
// +-----------------------------------------------------------------------+
// |                               sub pages                               |
// +-----------------------------------------------------------------------+
include PHPWG_ROOT_PATH . 'include/picture_rate.inc.php';
if ($conf['activate_comments']) {
    include PHPWG_ROOT_PATH . 'include/picture_comment.inc.php';
}
if ($metadata_showable and pwg_get_session_var('show_metadata') != null) {
    include PHPWG_ROOT_PATH . 'include/picture_metadata.inc.php';
}
コード例 #19
0
/**
 * Assign a template var useable with {html_options} from a list of categories
 *
 * @param array[] $categories (at least id,name,global_rank,uppercats for each)
 * @param int[] $selected ids of selected items
 * @param string $blockname variable name in template
 * @param bool $fullname full breadcrumb or not
 */
function display_select_categories($categories, $selecteds, $blockname, $fullname = true)
{
    global $template;
    $tpl_cats = array();
    foreach ($categories as $category) {
        if ($fullname) {
            $option = strip_tags(get_cat_display_name_cache($category['uppercats'], null));
        } else {
            $option = str_repeat('&nbsp;', 3 * substr_count($category['global_rank'], '.'));
            $option .= '- ';
            $option .= strip_tags(trigger_change('render_category_name', $category['name'], 'display_select_categories'));
        }
        $tpl_cats[$category['id']] = $option;
    }
    $template->assign($blockname, $tpl_cats);
    $template->assign($blockname . '_selected', $selecteds);
}
コード例 #20
0
ファイル: derivative.inc.php プロジェクト: lcorbasson/Piwigo
 /**
  * @return string
  */
 function get_url()
 {
     if ($this->params == null) {
         return $this->src_image->get_url();
     }
     return embellish_url(trigger_change('get_derivative_url', get_root_url() . $this->rel_url, $this->params, $this->src_image, $this->rel_url));
 }
コード例 #21
0
/**
 * returns informations from EXIF metadata, mapping is done in this function.
 *
 * @param string $filename
 * @param array $map
 * @return array
 */
function get_exif_data($filename, $map)
{
    global $conf;
    $result = array();
    if (!function_exists('read_exif_data')) {
        die('Exif extension not available, admin should disable exif use');
    }
    // Read EXIF data
    if ($exif = @read_exif_data($filename) or $exif2 = trigger_change('format_exif_data', $exif = null, $filename, $map)) {
        if (!empty($exif2)) {
            $exif = $exif2;
        } else {
            $exif = trigger_change('format_exif_data', $exif, $filename, $map);
        }
        // configured fields
        foreach ($map as $key => $field) {
            if (strpos($field, ';') === false) {
                if (isset($exif[$field])) {
                    $result[$key] = $exif[$field];
                }
            } else {
                $tokens = explode(';', $field);
                if (isset($exif[$tokens[0]][$tokens[1]])) {
                    $result[$key] = $exif[$tokens[0]][$tokens[1]];
                }
            }
        }
        // GPS data
        $gps_exif = array_intersect_key($exif, array_flip(array('GPSLatitudeRef', 'GPSLatitude', 'GPSLongitudeRef', 'GPSLongitude')));
        if (count($gps_exif) == 4) {
            if (is_array($gps_exif['GPSLatitude']) and in_array($gps_exif['GPSLatitudeRef'], array('S', 'N')) and is_array($gps_exif['GPSLongitude']) and in_array($gps_exif['GPSLongitudeRef'], array('W', 'E'))) {
                $result['latitude'] = parse_exif_gps_data($gps_exif['GPSLatitude'], $gps_exif['GPSLatitudeRef']);
                $result['longitude'] = parse_exif_gps_data($gps_exif['GPSLongitude'], $gps_exif['GPSLongitudeRef']);
            }
        }
    }
    if (!$conf['allow_html_in_metadata']) {
        foreach ($result as $key => $value) {
            // in case the origin of the photo is unsecure (user upload), we remove
            // HTML tags to avoid XSS (malicious execution of javascript)
            $result[$key] = strip_tags($value);
        }
    }
    return $result;
}
コード例 #22
0
/**
 * API method
 * Moves a category
 * @param mixed[] $params
 *    @option string|int[] category_id
 *    @option int parent
 *    @option string pwg_token
 */
function ws_categories_move($params, &$service)
{
    global $page;
    if (get_pwg_token() != $params['pwg_token']) {
        return new PwgError(403, 'Invalid security token');
    }
    if (!is_array($params['category_id'])) {
        $params['category_id'] = preg_split('/[\\s,;\\|]/', $params['category_id'], -1, PREG_SPLIT_NO_EMPTY);
    }
    $params['category_id'] = array_map('intval', $params['category_id']);
    $category_ids = array();
    foreach ($params['category_id'] as $category_id) {
        if ($category_id > 0) {
            $category_ids[] = $category_id;
        }
    }
    if (count($category_ids) == 0) {
        return new PwgError(403, 'Invalid category_id input parameter, no category to move');
    }
    // we can't move physical categories
    $categories_in_db = array();
    $query = '
SELECT id, name, dir
  FROM ' . CATEGORIES_TABLE . '
  WHERE id IN (' . implode(',', $category_ids) . ')
;';
    $result = pwg_query($query);
    while ($row = pwg_db_fetch_assoc($result)) {
        $categories_in_db[$row['id']] = $row;
        // we break on error at first physical category detected
        if (!empty($row['dir'])) {
            $row['name'] = strip_tags(trigger_change('render_category_name', $row['name'], 'ws_categories_move'));
            return new PwgError(403, sprintf('Category %s (%u) is not a virtual category, you cannot move it', $row['name'], $row['id']));
        }
    }
    if (count($categories_in_db) != count($category_ids)) {
        $unknown_category_ids = array_diff($category_ids, array_keys($categories_in_db));
        return new PwgError(403, sprintf('Category %u does not exist', $unknown_category_ids[0]));
    }
    // does this parent exists? This check should be made in the
    // move_categories function, not here
    // 0 as parent means "move categories at gallery root"
    if (0 != $params['parent']) {
        $subcat_ids = get_subcat_ids(array($params['parent']));
        if (count($subcat_ids) == 0) {
            return new PwgError(403, 'Unknown parent category id');
        }
    }
    $page['infos'] = array();
    $page['errors'] = array();
    include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
    move_categories($category_ids, $params['parent']);
    invalidate_user_cache();
    if (count($page['errors']) != 0) {
        return new PwgError(403, implode('; ', $page['errors']));
    }
}
コード例 #23
0
ファイル: functions.inc.php プロジェクト: squidjam/Piwigo
/**
 * Returns webmaster mail address depending on $conf['webmaster_id']
 *
 * @return string
 */
function get_webmaster_mail_address()
{
    global $conf;
    $query = '
SELECT ' . $conf['user_fields']['email'] . '
  FROM ' . USERS_TABLE . '
  WHERE ' . $conf['user_fields']['id'] . ' = ' . $conf['webmaster_id'] . '
;';
    list($email) = pwg_db_fetch_row(pwg_query($query));
    $email = trigger_change('get_webmaster_mail_address', $email);
    return $email;
}
コード例 #24
0
ファイル: functions.php プロジェクト: lcorbasson/Piwigo
/**
 * Get tags list from SQL query (ids are surrounded by ~~, for get_tag_ids()).
 *
 * @param string $query
 * @param boolean $only_user_language - if true, only local name is returned for
 *    multilingual tags (if ExtendedDescription plugin is active)
 * @return array[] ('id', 'name')
 */
function get_taglist($query, $only_user_language = true)
{
    $result = pwg_query($query);
    $taglist = array();
    $altlist = array();
    while ($row = pwg_db_fetch_assoc($result)) {
        $raw_name = $row['name'];
        $name = trigger_change('render_tag_name', $raw_name, $row);
        $taglist[] = array('name' => $name, 'id' => '~~' . $row['id'] . '~~');
        if (!$only_user_language) {
            $alt_names = trigger_change('get_tag_alt_names', array(), $raw_name);
            foreach (array_diff(array_unique($alt_names), array($name)) as $alt) {
                $altlist[] = array('name' => $alt, 'id' => '~~' . $row['id'] . '~~');
            }
        }
    }
    usort($taglist, 'tag_alpha_compare');
    if (count($altlist)) {
        usort($altlist, 'tag_alpha_compare');
        $taglist = array_merge($taglist, $altlist);
    }
    return $taglist;
}
コード例 #25
0
ファイル: functions_tag.inc.php プロジェクト: donseba/Piwigo
/**
 * Return a list of tags corresponding to given items.
 *
 * @param int[] $items
 * @param int $max_tags
 * @param int[] $excluded_tag_ids
 * @return array [id, name, counter, url_name]
 */
function get_common_tags($items, $max_tags, $excluded_tag_ids = array())
{
    if (empty($items)) {
        return array();
    }
    $query = '
SELECT t.*, count(*) AS counter
  FROM ' . IMAGE_TAG_TABLE . '
    INNER JOIN ' . TAGS_TABLE . ' t ON tag_id = id
  WHERE image_id IN (' . implode(',', $items) . ')';
    if (!empty($excluded_tag_ids)) {
        $query .= '
    AND tag_id NOT IN (' . implode(',', $excluded_tag_ids) . ')';
    }
    $query .= '
  GROUP BY t.id
  ORDER BY ';
    if ($max_tags > 0) {
        // TODO : why ORDER field is in the if ?
        $query .= 'counter DESC
  LIMIT ' . $max_tags;
    } else {
        $query .= 'NULL';
    }
    $result = pwg_query($query);
    $tags = array();
    while ($row = pwg_db_fetch_assoc($result)) {
        $row['name'] = trigger_change('render_tag_name', $row['name'], $row);
        $tags[] = $row;
    }
    usort($tags, 'tag_alpha_compare');
    return $tags;
}
コード例 #26
0
/**
 * Add info to the title of the thumbnail based on photo properties.
 *
 * @param array $info hit, rating_score, nb_comments
 * @param string $title
 * @param string $comment
 * @return string
 */
function get_thumbnail_title($info, $title, $comment = '')
{
    global $conf, $user;
    $details = array();
    if (!empty($info['hit'])) {
        $details[] = $info['hit'] . ' ' . strtolower(l10n('Visits'));
    }
    if ($conf['rate'] and !empty($info['rating_score'])) {
        $details[] = strtolower(l10n('Rating score')) . ' ' . $info['rating_score'];
    }
    if (isset($info['nb_comments']) and $info['nb_comments'] != 0) {
        $details[] = l10n_dec('%d comment', '%d comments', $info['nb_comments']);
    }
    if (count($details) > 0) {
        $title .= ' (' . implode(', ', $details) . ')';
    }
    if (!empty($comment)) {
        $comment = strip_tags($comment);
        $title .= ' ' . substr($comment, 0, 100) . (strlen($comment) > 100 ? '...' : '');
    }
    $title = htmlspecialchars(strip_tags($title));
    $title = trigger_change('get_thumbnail_title', $title, $info);
    return $title;
}
コード例 #27
0
/**
 * Tries to login a user given username and password (must be MySql escaped).
 *
 * @param string $username
 * @param string $password
 * @param bool $remember_me
 * @return bool
 */
function try_log_user($username, $password, $remember_me)
{
    return trigger_change('try_log_user', false, $username, $password, $remember_me);
}
コード例 #28
0
        $representative_infos = $infos_of_image[$category['representative_picture_id']];
        $tpl_var = array_merge($category, array('ID' => $category['id'], 'representative' => $representative_infos, 'TN_ALT' => strip_tags($category['name']), 'URL' => make_index_url(array('category' => $category)), 'CAPTION_NB_IMAGES' => get_display_images_count($category['nb_images'], $category['count_images'], $category['count_categories'], true, '<br>'), 'DESCRIPTION' => trigger_change('render_category_literal_description', trigger_change('render_category_description', @$category['comment'], 'subcatify_category_description')), 'NAME' => $name));
        if ($conf['index_new_icon']) {
            $tpl_var['icon_ts'] = get_icon($category['max_date_last'], $category['is_child_date_last']);
        }
        if ($conf['display_fromto']) {
            if (isset($dates_of_category[$category['id']])) {
                $from = $dates_of_category[$category['id']]['from'];
                $to = $dates_of_category[$category['id']]['to'];
                if (!empty($from)) {
                    $tpl_var['INFO_DATES'] = format_fromto($from, $to);
                }
            }
        }
        $tpl_thumbnails_var[] = $tpl_var;
    }
    // pagination
    $page['total_categories'] = count($tpl_thumbnails_var);
    $tpl_thumbnails_var_selection = array_slice($tpl_thumbnails_var, $page['startcat'], $conf['nb_categories_page']);
    $derivative_params = trigger_change('get_index_album_derivative_params', ImageStdParams::get_by_type(IMG_THUMB));
    $tpl_thumbnails_var_selection = trigger_change('loc_end_index_category_thumbnails', $tpl_thumbnails_var_selection);
    $template->assign(array('maxRequests' => $conf['max_requests'], 'category_thumbnails' => $tpl_thumbnails_var_selection, 'derivative_params' => $derivative_params));
    $template->assign_var_from_handle('CATEGORIES', 'index_category_thumbnails');
    // navigation bar
    $page['cats_navigation_bar'] = array();
    if ($page['total_categories'] > $conf['nb_categories_page']) {
        $page['cats_navigation_bar'] = create_navigation_bar(duplicate_index_url(array(), array('startcat')), $page['total_categories'], $page['startcat'], $conf['nb_categories_page'], true, 'startcat');
    }
    $template->assign('cats_navbar', $page['cats_navigation_bar']);
}
pwg_debug('end include/category_cats.inc.php');
コード例 #29
0
ファイル: cat_list.php プロジェクト: lcorbasson/Piwigo
        }
        $nb_sub_photos[$cat_id] = $nb_photos;
    }
}
$template->assign('categories', array());
$base_url = get_root_url() . 'admin.php?page=';
if (isset($_GET['parent_id'])) {
    $template->assign('PARENT_EDIT', $base_url . 'album-' . $_GET['parent_id']);
}
foreach ($categories as $category) {
    $cat_list_url = $base_url . 'cat_list';
    $self_url = $cat_list_url;
    if (isset($_GET['parent_id'])) {
        $self_url .= '&amp;parent_id=' . $_GET['parent_id'];
    }
    $tpl_cat = array('NAME' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'), 'NB_PHOTOS' => isset($nb_photos_in[$category['id']]) ? $nb_photos_in[$category['id']] : 0, 'NB_SUB_PHOTOS' => isset($nb_sub_photos[$category['id']]) ? $nb_sub_photos[$category['id']] : 0, 'NB_SUB_ALBUMS' => isset($subcats_of[$category['id']]) ? count($subcats_of[$category['id']]) : 0, 'ID' => $category['id'], 'RANK' => $category['rank'] * 10, 'U_JUMPTO' => make_index_url(array('category' => $category)), 'U_CHILDREN' => $cat_list_url . '&amp;parent_id=' . $category['id'], 'U_EDIT' => $base_url . 'album-' . $category['id'], 'IS_VIRTUAL' => empty($category['dir']));
    if (empty($category['dir'])) {
        $tpl_cat['U_DELETE'] = $self_url . '&amp;delete=' . $category['id'];
        $tpl_cat['U_DELETE'] .= '&amp;pwg_token=' . get_pwg_token();
    } else {
        if ($conf['enable_synchronization']) {
            $tpl_cat['U_SYNC'] = $base_url . 'site_update&amp;site=1&amp;cat_id=' . $category['id'];
        }
    }
    $template->append('categories', $tpl_cat);
}
trigger_notify('loc_end_cat_list');
// +-----------------------------------------------------------------------+
// |                          sending html code                            |
// +-----------------------------------------------------------------------+
$template->assign_var_from_handle('ADMIN_CONTENT', 'categories');
コード例 #30
0
ファイル: batch_manager.php プロジェクト: donseba/Piwigo
    $query = '
SELECT id
  FROM ' . IMAGES_TABLE . '
  WHERE ' . implode(' AND ', $where_clause) . '
  ' . $conf['order_by'];
    $filter_sets[] = query2array($query, null, 'id');
}
if (isset($_SESSION['bulk_manager_filter']['search']) && strlen($_SESSION['bulk_manager_filter']['search']['q'])) {
    include_once PHPWG_ROOT_PATH . 'include/functions_search.inc.php';
    $res = get_quick_search_results_no_cache($_SESSION['bulk_manager_filter']['search']['q'], array('permissions' => false));
    if (!empty($res['items']) && !empty($res['qs']['unmatched_terms'])) {
        $template->assign('no_search_results', array_map('htmlspecialchars', $res['qs']['unmatched_terms']));
    }
    $filter_sets[] = $res['items'];
}
$filter_sets = trigger_change('batch_manager_perform_filters', $filter_sets, $_SESSION['bulk_manager_filter']);
$current_set = array_shift($filter_sets);
foreach ($filter_sets as $set) {
    $current_set = array_intersect($current_set, $set);
}
$page['cat_elements_id'] = $current_set;
// +-----------------------------------------------------------------------+
// |                       first element to display                        |
// +-----------------------------------------------------------------------+
// $page['start'] contains the number of the first element in its
// category. For exampe, $page['start'] = 12 means we must show elements #12
// and $page['nb_images'] next elements
if (!isset($_REQUEST['start']) or !is_numeric($_REQUEST['start']) or $_REQUEST['start'] < 0 or isset($_REQUEST['display']) and 'all' == $_REQUEST['display']) {
    $page['start'] = 0;
} else {
    $page['start'] = $_REQUEST['start'];