function wppa_do_frontend_file_upload($file, $alb) { global $wpdb; // Log upload attempt wppa_log('Upl', 'FE Upload attempt of file ' . $file['name'] . ', size=' . filesize($file['tmp_name'])); $album = wppa_cache_album($alb); if (!wppa_allow_uploads($alb) || !wppa_allow_user_uploads()) { wppa_alert(__('Max uploads reached', 'wp-photo-album-plus')); return false; } if ($file['error'] != '0') { wppa_alert(__('Error during upload', 'wp-photo-album-plus')); return false; } $imgsize = getimagesize($file['tmp_name']); if (!is_array($imgsize)) { wppa_alert(__('Uploaded file is not an image', 'wp-photo-album-plus')); return false; } if ($imgsize[2] < 1 || $imgsize[2] > 3) { wppa_alert(sprintf(__('Only gif, jpg and png image files are supported. Returned filetype = %d.', 'wp-photo-album-plus'), $imagesize[2])); return false; } $ms = wppa_opt('upload_fronend_maxsize'); if ($ms) { // Max size configured if ($imgsize[0] > $ms || $imgsize[0] > $ms) { wppa_alert(sprintf(__('Uploaded file is larger than the allowed maximum of %d x %d pixels.', 'wp-photo-album-plus'), $ms, $ms)); return false; } } if (wppa_switch('void_dups')) { // Check for already exists if (wppa_file_is_in_album(wppa_sanitize_file_name($file['name']), $alb)) { wppa_alert(sprintf(__('Uploaded file %s already exists in this album.', 'wp-photo-album-plus'), wppa_sanitize_file_name($file['name']))); return false; } } $mayupload = wppa_check_memory_limit('', $imgsize[0], $imgsize[1]); if ($mayupload === false) { $maxsize = wppa_check_memory_limit(false); if (is_array($maxsize)) { wppa_alert(sprintf(__('The image is too big. Max photo size: %d x %d (%2.1f MegaPixel)', 'wp-photo-album-plus'), $maxsize['maxx'], $maxsize['maxy'], $maxsize['maxp'] / (1024 * 1024))); return false; } } switch ($imgsize[2]) { // mime type case 1: $ext = 'gif'; break; case 2: $ext = 'jpg'; break; case 3: $ext = 'png'; break; } if (wppa_get_post('user-name')) { $name = wppa_get_post('user-name'); } else { $name = $file['name']; } $name = wppa_sanitize_photo_name($name); $desc = balanceTags(wppa_get_post('user-desc'), true); $linktarget = '_self'; $status = wppa_switch('upload_moderate') && !current_user_can('wppa_admin') ? 'pending' : 'publish'; $filename = wppa_sanitize_file_name($file['name']); $id = wppa_create_photo_entry(array('album' => $alb, 'ext' => $ext, 'name' => $name, 'description' => $desc, 'status' => $status, 'filename' => $filename)); if (!$id) { wppa_alert(__('Could not insert photo into db.', 'wp-photo-album-plus')); return false; } else { wppa_save_source($file['tmp_name'], $filename, $alb); wppa_update_album(array('id' => $alb, 'modified' => time())); wppa_flush_treecounts($alb); wppa_flush_upldr_cache('photoid', $id); } if (wppa_make_the_photo_files($file['tmp_name'], $id, $ext)) { // Repair photoname if not standard if (!wppa_get_post('user-name')) { wppa_set_default_name($id, $file['name']); } // Custom data if (wppa_switch('fe_custom_fields')) { $custom_data = array('', '', '', '', '', '', '', '', '', ''); for ($i = '0'; $i < '10'; $i++) { if (isset($_POST['wppa-user-custom-' . $i])) { $custom_data[$i] = strip_tags($_POST['wppa-user-custom-' . $i]); } } wppa_update_photo(array('id' => $id, 'custom' => serialize($custom_data))); } // Default tags wppa_set_default_tags($id); // Custom tags $tags = wppa_get_photo_item($id, 'tags'); $oldt = $tags; for ($i = '1'; $i < '4'; $i++) { if (isset($_POST['wppa-user-tags-' . $i])) { // Existing tags $tags .= ',' . implode(',', $_POST['wppa-user-tags-' . $i]); } } if (isset($_POST['wppa-new-tags'])) { // New tags $newt = $_POST['wppa-new-tags']; $tags .= ',' . $newt; } else { $newt = ''; } $tags = wppa_sanitize_tags(str_replace(array('\'', '"'), ',', wppa_filter_iptc(wppa_filter_exif($tags, $id), $id))); if ($tags != $oldt) { // Added tag(s) wppa_update_photo(array('id' => $id, 'tags' => $tags)); } // Index wppa_index_add('photo', $id); // Tags if ($tags) { wppa_clear_taglist(); // Forces recreation } // and add watermark ( optionally ) to fullsize image only wppa_add_watermark($id); // Also to thumbnail? if (wppa_switch('watermark_thumbs')) { wppa_create_thumbnail($id); // create new thumb } // Is it a default coverimage? wppa_check_coverimage($id); // Mail if (wppa_switch('upload_notify')) { $to = get_bloginfo('admin_email'); $subj = sprintf(__('New photo uploaded: %s', 'wp-photo-album-plus'), $name); $cont['0'] = sprintf(__('User %1$s uploaded photo %2$s into album %3$s', 'wp-photo-album-plus'), wppa_get_user(), $id, wppa_get_album_name($alb)); if (wppa_switch('upload_moderate') && !current_user_can('wppa_admin')) { $cont['1'] = __('This upload requires moderation', 'wp-photo-album-plus'); $cont['2'] = '<a href="' . get_admin_url() . 'admin.php?page=wppa_admin_menu&tab=pmod&photo=' . $id . '" >' . __('Moderate manage photo', 'wp-photo-album-plus') . '</a>'; } else { $cont['1'] = __('Details:', 'wp-photo-album-plus'); $cont['1'] .= ' <a href="' . get_admin_url() . 'admin.php?page=wppa_admin_menu&tab=pmod&photo=' . $id . '" >' . __('Manage photo', 'wp-photo-album-plus') . '</a>'; } wppa_send_mail($to, $subj, $cont, $id); } return true; } else { return false; } }
function wppa_do_frontend_file_upload($file, $alb) { global $wpdb; global $wppa_supported_video_extensions; global $wppa_supported_audio_extensions; // Log upload attempt wppa_log('Upl', 'FE Upload attempt of file ' . $file['name'] . ', size=' . filesize($file['tmp_name'])); $album = wppa_cache_album($alb); // Legal here? if (!wppa_allow_uploads($alb) || !wppa_allow_user_uploads()) { wppa_alert(__('Max uploads reached', 'wp-photo-album-plus')); return false; } // No error during upload? if ($file['error'] != '0') { wppa_alert(__('Error during upload', 'wp-photo-album-plus')); return false; } // Find the filename $filename = wppa_sanitize_file_name($file['name']); $filename = wppa_strip_ext($filename); // See if this filename with any extension already exists in this album $id = $wpdb->get_var("SELECT `id` FROM `" . WPPA_PHOTOS . "` WHERE `filename` LIKE '" . $filename . ".%' AND `album` = " . $alb); // Addition to an av item? if ($id) { $is_av = wppa_get_photo_item($id, 'ext') == 'xxx'; } else { $is_av = false; } // see if audio / video and process if (wppa_switch('enable_video') && wppa_switch('user_upload_video_on') && in_array(strtolower(wppa_get_ext($file['name'])), $wppa_supported_video_extensions) || wppa_switch('enable_audio') && wppa_switch('user_upload_audio_on') && in_array(strtolower(wppa_get_ext($file['name'])), $wppa_supported_audio_extensions)) { $is_av = true; // Find the name if (wppa_get_post('user-name')) { $name = wppa_get_post('user-name'); } else { $name = $file['name']; } $name = wppa_sanitize_photo_name($name); $filename .= '.xxx'; // update entry if ($id) { wppa_update_photo(array('id' => $id, 'ext' => 'xxx', 'filename' => $filename)); } // Add new entry if (!$id) { $id = wppa_create_photo_entry(array('album' => $alb, 'filename' => $filename, 'ext' => 'xxx', 'name' => $name, 'description' => balanceTags(wppa_get_post('user-desc'), true))); if (!$id) { wppa_alert(__('Could not insert media into db.', 'wp-photo-album-plus')); return false; } } // Housekeeping wppa_update_album(array('id' => $alb, 'modified' => time())); wppa_flush_treecounts($alb); wppa_flush_upldr_cache('photoid', $id); // Add video filetype $ext = strtolower(wppa_get_ext($file['name'])); $newpath = wppa_strip_ext(wppa_get_photo_path($id)) . '.' . $ext; copy($file['tmp_name'], $newpath); // Repair name if not standard if (!wppa_get_post('user-name')) { wppa_set_default_name($id, $file['name']); } // tags wppa_fe_add_tags($id); // custom wppa_fe_add_custom($id); // Done! return $id; } // If not already an existing audio / video; Forget the id from a previously found item with the same filename. if (!$is_av) { $id = false; } // Is it an image? $imgsize = getimagesize($file['tmp_name']); if (!is_array($imgsize)) { wppa_alert(__('Uploaded file is not an image', 'wp-photo-album-plus')); return false; } // Is it a supported image filetype? if ($imgsize[2] != IMAGETYPE_GIF && $imgsize[2] != IMAGETYPE_JPEG && $imgsize[2] != IMAGETYPE_PNG) { wppa_alert(sprintf(__('Only gif, jpg and png image files are supported. Returned info = %s.', 'wp-photo-album-plus'), wppa_serialize($imgsize)), false, false); return false; } // Is it not too big? $ms = wppa_opt('upload_fronend_maxsize'); if ($ms) { // Max size configured if ($imgsize[0] > $ms || $imgsize[1] > $ms) { wppa_alert(sprintf(__('Uploaded file is larger than the allowed maximum of %d x %d pixels.', 'wp-photo-album-plus'), $ms, $ms)); return false; } } // Check for already exists if (wppa_switch('void_dups')) { if (wppa_file_is_in_album(wppa_sanitize_file_name($file['name']), $alb)) { wppa_alert(sprintf(__('Uploaded file %s already exists in this album.', 'wp-photo-album-plus'), wppa_sanitize_file_name($file['name']))); return false; } } // Check for max memory needed to rocess image? $mayupload = wppa_check_memory_limit('', $imgsize[0], $imgsize[1]); if ($mayupload === false) { $maxsize = wppa_check_memory_limit(false); if (is_array($maxsize)) { wppa_alert(sprintf(__('The image is too big. Max photo size: %d x %d (%2.1f MegaPixel)', 'wp-photo-album-plus'), $maxsize['maxx'], $maxsize['maxy'], $maxsize['maxp'] / (1024 * 1024))); return false; } } // Find extension from mimetype switch ($imgsize[2]) { // mime type case 1: $ext = 'gif'; break; case 2: $ext = 'jpg'; break; case 3: $ext = 'png'; break; } // Did the user supply a photoname? if (wppa_get_post('user-name')) { $name = wppa_get_post('user-name'); } else { $name = $file['name']; } // Sanitize input $name = wppa_sanitize_photo_name($name); $desc = balanceTags(wppa_get_post('user-desc'), true); // If BlogIt! and no descrption given, use name field - this is for the shortcode used: typ"mphoto" if (!$desc && isset($_POST['wppa-blogit'])) { $desc = 'w#name'; } // Find status and other needed data $linktarget = '_self'; $status = wppa_switch('upload_moderate') && !current_user_can('wppa_admin') ? 'pending' : 'publish'; if (wppa_switch('fe_upload_private')) { $status = 'private'; } $filename = wppa_sanitize_file_name($file['name']); // Create new entry if this is not a posterfile if (!$is_av) { $id = wppa_create_photo_entry(array('album' => $alb, 'ext' => $ext, 'name' => $name, 'description' => $desc, 'status' => $status, 'filename' => $filename)); } if (!$id) { wppa_alert(__('Could not insert photo into db.', 'wp-photo-album-plus')); return false; } else { wppa_save_source($file['tmp_name'], $filename, $alb); wppa_make_o1_source($id); wppa_update_album(array('id' => $alb, 'modified' => time())); wppa_flush_treecounts($alb); wppa_flush_upldr_cache('photoid', $id); } if (wppa_make_the_photo_files($file['tmp_name'], $id, $ext)) { // Repair photoname if not standard if (!wppa_get_post('user-name')) { wppa_set_default_name($id, $file['name']); } // Custom data wppa_fe_add_custom($id); // Add tags wppa_fe_add_tags($id); // and add watermark ( optionally ) to fullsize image only wppa_add_watermark($id); // Also to thumbnail? if (wppa_switch('watermark_thumbs')) { wppa_create_thumbnail($id); // create new thumb } // Is it a default coverimage? wppa_check_coverimage($id); // Mail if (wppa_switch('upload_notify')) { $to = get_bloginfo('admin_email'); $subj = sprintf(__('New photo uploaded: %s', 'wp-photo-album-plus'), $name); $cont['0'] = sprintf(__('User %1$s uploaded photo %2$s into album %3$s', 'wp-photo-album-plus'), wppa_get_user(), $id, wppa_get_album_name($alb)); if (wppa_switch('upload_moderate') && !current_user_can('wppa_admin')) { $cont['1'] = __('This upload requires moderation', 'wp-photo-album-plus'); $cont['2'] = '<a href="' . get_admin_url() . 'admin.php?page=wppa_admin_menu&tab=pmod&photo=' . $id . '" >' . __('Moderate manage photo', 'wp-photo-album-plus') . '</a>'; } else { $cont['1'] = __('Details:', 'wp-photo-album-plus'); $cont['1'] .= ' <a href="' . get_admin_url() . 'admin.php?page=wppa_admin_menu&tab=pmod&photo=' . $id . '" >' . __('Manage photo', 'wp-photo-album-plus') . '</a>'; } wppa_send_mail($to, $subj, $cont, $id); } return $id; } return false; }
function wppa_session_start() { global $wpdb; global $wppa_session; // If the session table does not yet exist on activation if (!wppa_table_exists(WPPA_SESSION)) { $wppa_session['id'] = '0'; return false; } $lifetime = 3600; // Sessions expire after one hour $expire = time() - $lifetime; // Is session already started? $session = $wpdb->get_row($wpdb->prepare("SELECT * FROM `" . WPPA_SESSION . "` WHERE `session` = %s AND `status` = 'valid' LIMIT 1", wppa_get_session_id()), ARRAY_A); // Started but expired? if ($session) { if ($session['timestamp'] < $expire) { $wpdb->query($wpdb->prepare("UPDATE `" . WPPA_SESSION . "` SET `status` = 'expired' WHERE `id` = %s", $session['id'])); $session = false; } } // Get data if valid session exists $data = $session ? $session['data'] : false; // No valid session exists, start new if ($data === false) { $iret = wppa_create_session_entry(array()); if (!$iret) { // Failed, retry after 1 sec. sleep(1); $iret = wppa_create_session_entry(array()); if (!$iret) { wppa_log('Err', 'Unable to create session for user ' . wppa_get_user()); // Give up return false; } else { wppa_log('Obs', 'Session ' . $iret . ' created after 1 retry for user ' . wppa_get_user()); } } $wppa_session = array(); $wppa_session['page'] = '0'; $wppa_session['ajax'] = '0'; $wppa_session['id'] = $iret; $wppa_session['user'] = wppa_get_user(); } else { $wpdb->query($wpdb->prepare("UPDATE `" . WPPA_SESSION . "` SET `count` = %s WHERE `id` = %s", $session['count'] + '1', $session['id'])); $data_arr = unserialize($data); if (is_array($data_arr)) { $wppa_session = $data_arr; } else { $wppa_session = array(); } } // Get info for root and sub search if (isset($_REQUEST['wppa-search-submit'])) { $wppa_session['rootbox'] = wppa_get_get('rootsearch') || wppa_get_post('rootsearch'); $wppa_session['subbox'] = wppa_get_get('subsearch') || wppa_get_post('subsearch'); if ($wppa_session['subbox']) { if (isset($wppa_session['use_searchstring'])) { $t = explode(',', $wppa_session['use_searchstring']); foreach (array_keys($t) as $idx) { $t[$idx] .= ' ' . wppa_test_for_search('at_session_start'); $t[$idx] = trim($t[$idx]); $v = explode(' ', $t[$idx]); $t[$idx] = implode(' ', array_unique($v)); } $wppa_session['use_searchstring'] = ' ' . implode(',', array_unique($t)); } else { $wppa_session['use_searchstring'] = wppa_test_for_search('at_session_start'); } } else { $wppa_session['use_searchstring'] = wppa_test_for_search('at_session_start'); } if (isset($wppa_session['use_searchstring'])) { $wppa_session['use_searchstring'] = trim($wppa_session['use_searchstring'], ' ,'); $wppa_session['display_searchstring'] = str_replace(',', ' ∪ ', str_replace(' ', ' ∩ ', $wppa_session['use_searchstring'])); } } // Add missing defaults $defaults = array('has_searchbox' => false, 'rootbox' => false, 'search_root' => '', 'subbox' => false, 'use_searchstring' => '', 'display_searchstring' => '', 'supersearch' => '', 'superview' => 'thumbs', 'superalbum' => '0', 'page' => '0', 'ajax' => '0', 'user' => '', 'id' => '0', 'uris' => array(), 'isrobot' => false); $wppa_session = wp_parse_args($wppa_session, $defaults); ksort($wppa_session); $wppa_session['page']++; if (isset($_SERVER['REQUEST_URI'])) { $wppa_session['uris'][] = date_i18n("g:i") . ' ' . $_SERVER['REQUEST_URI']; if (stripos($_SERVER['REQUEST_URI'], '/robots.txt') !== false) { $wppa_session['isrobot'] = true; } } wppa_save_session(); return true; }
function wppa_comment_html($id, $comment_allowed) { global $wpdb; global $current_user; global $wppa_first_comment_html; $result = ''; if (wppa_in_widget()) { return $result; } // NOT in a widget // Find out who we are either logged in or not $vis = is_user_logged_in() ? 'display:none; ' : ''; if (!$wppa_first_comment_html) { $wppa_first_comment_html = true; // Find user if (wppa_get_post('comname')) { wppa('comment_user', wppa_get_post('comname')); } if (wppa_get_post('comemail')) { wppa('comment_email', wppa_get_post('comemail')); } elseif (is_user_logged_in()) { get_currentuserinfo(); wppa('comment_user', $current_user->display_name); //user_login; wppa('comment_email', $current_user->user_email); } } // Loop the comments already there $n_comments = 0; if (wppa_switch('comments_desc')) { $ord = 'DESC'; } else { $ord = ''; } $comments = $wpdb->get_results($wpdb->prepare('SELECT * FROM ' . WPPA_COMMENTS . ' WHERE photo = %s ORDER BY id ' . $ord, $id), ARRAY_A); wppa_dbg_q('Q-Comm'); $com_count = count($comments); $color = 'darkgrey'; if (wppa_opt('fontcolor_box')) { $color = wppa_opt('fontcolor_box'); } if ($comments && (is_user_logged_in() || !wppa_switch('comment_view_login'))) { $result .= ' <div' . ' id="wppa-comtable-wrap-' . wppa('mocc') . '"' . ' style="display:none;"' . '>' . '<table' . ' id="wppacommentstable-' . wppa('mocc') . '"' . ' class="wppa-comment-form"' . ' style="margin:0; "' . '>' . '<tbody>'; foreach ($comments as $comment) { // Show a comment either when it is approved, or it is pending and mine or i am a moderator if ($comment['status'] == 'approved' || current_user_can('wppa_moderate') || current_user_can('wppa_comments') || ($comment['status'] == 'pending' || $comment['status'] == 'spam') && $comment['user'] == wppa('comment_user')) { $n_comments++; $result .= ' <tr' . ' class="wppa-comment-' . $comment['id'] . '"' . ' valign="top"' . ' style="border-bottom:0 none; border-top:0 none; border-left: 0 none; border-right: 0 none; "' . ' >' . '<td' . ' valign="top"' . ' class="wppa-box-text wppa-td"' . ' style="vertical-align:top; width:30%; border-width: 0 0 0 0; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '"' . ' >' . $comment['user'] . ' ' . __('wrote:', 'wp-photo-album-plus') . '<br />' . '<span style="font-size:9px; ">' . wppa_get_time_since($comment['timestamp']) . '</span>'; // Avatar ? if (wppa_opt('comment_gravatar') != 'none') { // Find the default if (wppa_opt('comment_gravatar') != 'url') { $default = wppa_opt('comment_gravatar'); } else { $default = wppa_opt('comment_gravatar_url'); } // Find the avatar, init $avt = false; $usr = false; // First try to find the user by email address ( works only if email required on comments ) if ($comment['email']) { $usr = get_user_by('email', $comment['email']); } // If not found, try to find the user by login name ( works only if login name is equal to display name ) if (!$usr) { $usr = get_user_by('login', $comment['user']); } // Still no user, try to find him by display name if (!$usr) { $usr = $wpdb->get_results($wpdb->prepare("SELECT * FROM {$wpdb->users} WHERE `display_name` = %s", $comment['user'])); // Accept this user if he is the only one with this display name if (count($usr) != 1) { $usr = false; } } // If a user is found, see for local Avatar ? if ($usr) { $avt = str_replace("'", "\"", get_avatar($usr->ID, wppa_opt('gravatar_size'), $default)); } // Global avatars off ? try myself if (!$avt) { $avt = ' <img' . ' class="wppa-box-text wppa-td"' . ' src="http://www.gravatar.com/avatar/' . md5(strtolower(trim($comment['email']))) . '.jpg?d=' . urlencode($default) . '&s=' . wppa_opt('gravatar_size') . '"' . ' alt="' . __('Avatar', 'wp-photo-album-plus') . '"' . ' />'; } // Compose the html $result .= ' <div class="com_avatar">' . $avt . '</div>'; } $result .= '</td>'; $txtwidth = floor(wppa_get_container_width() * 0.7) . 'px'; $result .= '<td' . ' class="wppa-box-text wppa-td"' . ' style="width:70%; word-wrap:break-word; border-width: 0 0 0 0;' . __wcs('wppa-box-text') . __wcs('wppa-td') . '"' . ' >' . '<p' . ' class="wppa-comment-textarea wppa-comment-textarea-' . wppa('mocc') . '"' . ' style="' . 'margin:0;' . 'background-color:transparent;' . 'width:' . $txtwidth . ';' . 'max-height:90px;' . 'overflow:auto;' . 'word-wrap:break-word;' . __wcs('wppa-box-text') . __wcs('wppa-td') . '"' . ' >' . html_entity_decode(esc_js(stripslashes(wppa_convert_smilies($comment['comment'])))); if ($comment['status'] != 'approved' && (current_user_can('wppa_moderate') || current_user_can('wppa_comments'))) { if (wppa('no_esc')) { $result .= wppa_moderate_links('comment', $id, $comment['id']); } else { $result .= wppa_html(esc_js(wppa_moderate_links('comment', $id, $comment['id']))); } } elseif ($comment['status'] == 'pending' && $comment['user'] == wppa('comment_user')) { $result .= '<br /><span style="color:red; font-size:9px;" >' . __('Awaiting moderation', 'wp-photo-album-plus') . '</span>'; } elseif ($comment['status'] == 'spam' && $comment['user'] == wppa('comment_user')) { $result .= '<br /><span style="color:red; font-size:9px;" >' . __('Marked as spam', 'wp-photo-album-plus') . '</span>'; } $result .= '</p>' . '</td>' . '</tr>' . '<tr class="wppa-comment-' . $comment['id'] . '">' . '<td colspan="2" style="padding:0">' . '<hr style="background-color:' . $color . '; margin:0;" />' . '</td>' . '</tr>'; } } $result .= '</tbody>' . '</table>' . '</div>'; } // See if we are currently in the process of adding/editing this comment $is_current = $id == wppa('comment_photo') && wppa('comment_id'); if ($is_current) { $txt = wppa('comment_text'); $btn = __('Edit!', 'wp-photo-album-plus'); } else { $txt = ''; $btn = __('Send!', 'wp-photo-album-plus'); } // Prepare the callback url $returnurl = wppa_get_permalink(); $album = wppa_get_get('album'); if ($album !== false) { $returnurl .= 'wppa-album=' . $album . '&'; } $cover = wppa_get_get('cover'); if ($cover) { $returnurl .= 'wppa-cover=' . $cover . '&'; } $slide = wppa_get_get('slide'); if ($slide !== false) { $returnurl .= 'wppa-slide&'; } $occur = wppa_get_get('occur'); if ($occur) { $returnurl .= 'wppa-occur=' . $occur . '&'; } $lasten = wppa_get_get('lasten'); if ($lasten) { $returnurl .= 'wppa-lasten=' . $lasten . '&'; } $topten = wppa_get_get('topten'); if ($topten) { $returnurl .= 'wppa-topten=' . $topten . '&'; } $comten = wppa_get_get('comten'); if ($comten) { $returnurl .= 'wppa-comten=' . $comten . '&'; } $tag = wppa_get_get('tag'); if ($tag) { $returnurl .= 'wppa-tag=' . $tag . '&'; } $returnurl .= 'wppa-photo=' . $id; // The comment form if ($comment_allowed) { $result .= '<div' . ' id="wppa-comform-wrap-' . wppa('mocc') . '"' . ' style="display:none;"' . ' >' . '<form' . ' id="wppa-commentform-' . wppa('mocc') . '"' . ' class="wppa-comment-form"' . ' action="' . $returnurl . '"' . ' method="post"' . ' onsubmit="return wppaValidateComment( ' . wppa('mocc') . ' )"' . ' >' . wp_nonce_field('wppa-nonce-' . wppa('mocc'), 'wppa-nonce-' . wppa('mocc'), false, false) . ($album ? '<input type="hidden" name="wppa-album" value="' . $album . '" />' : '') . ($cover ? '<input type="hidden" name="wppa-cover" value="' . $cover . '" />' : '') . ($slide ? '<input type="hidden" name="wppa-slide" value="' . $slide . '" />' : '') . '<input' . ' type="hidden"' . ' name="wppa-returnurl"' . ' id="wppa-returnurl-' . wppa('mocc') . '"' . ' value="' . $returnurl . '"' . ' />' . ($is_current ? '<input' . ' type="hidden"' . ' id="wppa-comment-edit-' . wppa('mocc') . '"' . ' name="wppa-comment-edit"' . ' value="' . wppa('comment_id') . '"' . ' />' : '') . '<input type="hidden" name="wppa-occur" value="' . wppa('occur') . '" />' . '<table id="wppacommenttable-' . wppa('mocc') . '" style="margin:0;">' . '<tbody>' . '<tr valign="top" style="' . $vis . '">' . '<td class="wppa-box-text wppa-td" style="width:30%; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" >' . __('Your name:', 'wp-photo-album-plus') . '</td>' . '<td class="wppa-box-text wppa-td" style="width:70%; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" >' . '<input' . ' type="text"' . ' name="wppa-comname"' . ' id="wppa-comname-' . wppa('mocc') . '"' . ' style="width:100%; " value="' . wppa('comment_user') . '"' . ' />' . '</td>' . '</tr>'; if (wppa_switch('comment_email_required')) { $result .= '<tr valign="top" style="' . $vis . '">' . '<td class="wppa-box-text wppa-td" style="width:30%; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" >' . __('Your email:', 'wp-photo-album-plus') . '</td>' . '<td class="wppa-box-text wppa-td" style="width:70%; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" >' . '<input' . ' type="text"' . ' name="wppa-comemail"' . ' id="wppa-comemail-' . wppa('mocc') . '"' . ' style="width:100%;"' . ' value="' . wppa('comment_email') . '"' . ' />' . '</td>' . '</tr>'; } $result .= '<tr valign="top" style="vertical-align:top;">' . '<td valign="top" class="wppa-box-text wppa-td" style="vertical-align:top; width:30%; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" >' . __('Your comment:', 'wp-photo-album-plus') . '<br />' . wppa('comment_user') . '<br />'; if (is_user_logged_in() && wppa_opt('comment_captcha') == 'all' || !is_user_logged_in() && wppa_opt('comment_captcha') != 'none') { $wid = '20%'; if (wppa_opt('fontsize_box')) { $wid = wppa_opt('fontsize_box') * 1.5 . 'px'; } $captkey = $id; if ($is_current) { $captkey = $wpdb->get_var($wpdb->prepare('SELECT `timestamp` FROM `' . WPPA_COMMENTS . '` WHERE `id` = %s', wppa('comment_id'))); } wppa_dbg_q('Q-Com-ts'); $result .= wppa_make_captcha($captkey) . '<input' . ' type="text"' . ' id="wppa-captcha-' . wppa('mocc') . '"' . ' name="wppa-captcha"' . ' style="width:' . $wid . ';' . __wcs('wppa-box-text') . __wcs('wppa-td') . '"' . ' /> '; } $result .= '<input type="button" name="commentbtn" onclick="wppaAjaxComment( ' . wppa('mocc') . ', ' . $id . ' )" value="' . $btn . '" style="margin:0 4px 0 0;" />' . '<img id="wppa-comment-spin-' . wppa('mocc') . '" src="' . wppa_get_imgdir() . 'wpspin.gif" style="display:none;" />' . '</td>' . '<td valign="top" class="wppa-box-text wppa-td" style="vertical-align:top; width:70%; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" >'; if (wppa_switch('comment_smiley_picker')) { $result .= wppa_get_smiley_picker_html('wppa-comment-' . wppa('mocc')); } $result .= '<textarea' . ' name="wppa-comment"' . ' id="wppa-comment-' . wppa('mocc') . '"' . ' style="height:60px; width:100%; "' . '>' . esc_textarea(stripslashes($txt)) . '</textarea>' . '</td>' . '</tr>' . '</tbody>' . '</table>' . '</form>' . '</div>'; } else { if (wppa_switch('login_links')) { $result .= sprintf(__('You must <a href="%s">login</a> to enter a comment', 'wp-photo-album-plus'), site_url('wp-login.php', 'login')); } else { $result .= __('You must login to enter a comment', 'wp-photo-album-plus'); } } $result .= '<div id="wppa-comfooter-wrap-' . wppa('mocc') . '" style="display:block;" >' . '<table id="wppacommentfooter-' . wppa('mocc') . '" class="wppa-comment-form" style="margin:0;">' . '<tbody>' . '<tr style="text-align:center;">' . '<td style="text-align:center; cursor:pointer;' . __wcs('wppa-box-text') . '" >' . '<a onclick="wppaOpenComments( ' . wppa('mocc') . ', -1 ); return false;" >'; if ($n_comments) { $result .= sprintf(_n('%d comment', '%d comments', $n_comments, 'wp-photo-album-plus'), $n_comments); } else { if ($comment_allowed) { $result .= __('Leave a comment', 'wp-photo-album-plus'); } } $result .= '</a>' . '</td>' . '</tr>' . '</tbody>' . '</table>' . '</div>' . '<div style="clear:both"></div>'; return $result; }
function wppa_session_start() { global $wpdb; global $wppa_session; // If the session table does not yet exist on activation if (!wppa_table_exists(WPPA_SESSION)) { $wppa_session['id'] = '0'; return false; } // Cleanup first $lifetime = 3600; // Sessions expire after one hour $savetime = 3600; // Save session data for 1 hour $expire = time() - $lifetime; $wpdb->query($wpdb->prepare("UPDATE `" . WPPA_SESSION . "` SET `status` = 'expired' WHERE `timestamp` < %s", $expire)); $purge = time() - $savetime; $wpdb->query($wpdb->prepare("DELETE FROM `" . WPPA_SESSION . "` WHERE `timestamp` < %s", $purge)); // Is session already started? $session = $wpdb->get_row($wpdb->prepare("SELECT * FROM `" . WPPA_SESSION . "` WHERE `session` = %s AND `status` = 'valid' LIMIT 1", wppa_get_session_id()), ARRAY_A); $data = $session ? $session['data'] : false; // Not started yet, setup session if ($data === false) { $iret = false; $tries = '0'; while (!$iret && $tries < '10') { $iret = wppa_create_session_entry(array()); if (!$iret) { sleep(1); $tries++; } } if ($tries > '3' && $iret) { wppa_log('Debug', 'It took ' . $tries . ' retries to start session ' . $iret); } if (!$iret) { wppa_log('Error', 'Unable to create session.'); return false; } $wppa_session = array(); $wppa_session['page'] = '0'; $wppa_session['ajax'] = '0'; $wppa_session['id'] = $wpdb->get_var($wpdb->prepare("SELECT `id` FROM `" . WPPA_SESSION . "` WHERE `session` = %s LIMIT 1", wppa_get_session_id())); $wppa_session['user'] = wppa_get_user(); } else { $wpdb->query($wpdb->prepare("UPDATE `" . WPPA_SESSION . "` SET `count` = %s WHERE `id` = %s", $session['count'] + '1', $session['id'])); $data_arr = unserialize($data); if (is_array($data_arr)) { $wppa_session = $data_arr; } else { $wppa_session = array(); } } // Get info for root and sub search if (isset($_REQUEST['wppa-search-submit'])) { $wppa_session['rootbox'] = wppa_get_get('rootsearch') || wppa_get_post('rootsearch'); $wppa_session['subbox'] = wppa_get_get('subsearch') || wppa_get_post('subsearch'); if ($wppa_session['subbox']) { if (isset($wppa_session['use_searchstring'])) { $t = explode(',', $wppa_session['use_searchstring']); foreach (array_keys($t) as $idx) { $t[$idx] .= ' ' . wppa_test_for_search('at_session_start'); $t[$idx] = trim($t[$idx]); $v = explode(' ', $t[$idx]); $t[$idx] = implode(' ', array_unique($v)); } $wppa_session['use_searchstring'] = ' ' . implode(',', array_unique($t)); } else { $wppa_session['use_searchstring'] = wppa_test_for_search('at_session_start'); } } else { $wppa_session['use_searchstring'] = wppa_test_for_search('at_session_start'); } if (isset($wppa_session['use_searchstring'])) { $wppa_session['use_searchstring'] = trim($wppa_session['use_searchstring'], ' ,'); $wppa_session['display_searchstring'] = str_replace(',', ' ∪ ', str_replace(' ', ' ∩ ', $wppa_session['use_searchstring'])); } } // Add missing defaults $defaults = array('has_searchbox' => false, 'rootbox' => false, 'search_root' => '', 'subbox' => false, 'use_searchstring' => '', 'display_searchstring' => '', 'supersearch' => '', 'superview' => 'thumbs', 'superalbum' => '0', 'page' => '0', 'ajax' => '0', 'user' => '', 'id' => $wpdb->get_var($wpdb->prepare("SELECT `id` FROM `" . WPPA_SESSION . "` WHERE `session` = %s LIMIT 1", wppa_get_session_id()))); $wppa_session = wp_parse_args($wppa_session, $defaults); ksort($wppa_session); $wppa_session['page']++; wppa_save_session(); return true; }
function wppa_comment_html($id, $comment_allowed) { global $wpdb; global $wppa; global $current_user; global $wppa_first_comment_html; $result = ''; if ($wppa['in_widget']) { return $result; } // NOT in a widget // Find out who we are either logged in or not $vis = is_user_logged_in() ? $vis = 'display:none; ' : ''; if (!$wppa_first_comment_html) { $wppa_first_comment_html = true; // Find user if (wppa_get_post('comname')) { $wppa['comment_user'] = wppa_get_post('comname'); } if (wppa_get_post('comemail')) { $wppa['comment_email'] = wppa_get_post('comemail'); } elseif (is_user_logged_in()) { get_currentuserinfo(); $wppa['comment_user'] = $current_user->display_name; //user_login; $wppa['comment_email'] = $current_user->user_email; } } // Loop the comments already there $n_comments = 0; if (wppa_switch('comments_desc')) { $ord = 'DESC'; } else { $ord = ''; } $comments = $wpdb->get_results($wpdb->prepare('SELECT * FROM ' . WPPA_COMMENTS . ' WHERE photo = %s ORDER BY id ' . $ord, $id), ARRAY_A); wppa_dbg_q('Q-Comm'); $com_count = count($comments); $color = 'darkgrey'; if (wppa_opt('wppa_fontcolor_box')) { $color = wppa_opt('wppa_fontcolor_box'); } if ($comments) { $result .= '<div id="wppa-comtable-wrap-' . $wppa['mocc'] . '" style="display:none;" >'; $result .= '<table id="wppacommentstable-' . $wppa['mocc'] . '" class="wppa-comment-form" style="margin:0; "><tbody>'; foreach ($comments as $comment) { // Show a comment either when it is approved, or it is pending and mine or i am a moderator if ($comment['status'] == 'approved' || current_user_can('wppa_moderate') || current_user_can('wppa_comments') || ($comment['status'] == 'pending' || $comment['status'] == 'spam') && $comment['user'] == $wppa['comment_user']) { $n_comments++; $result .= '<tr class="wppa-comment-' . $comment['id'] . '" valign="top" style="border-bottom:0 none; border-top:0 none; border-left: 0 none; border-right: 0 none; " >'; $result .= '<td valign="top" class="wppa-box-text wppa-td" style="vertical-align:top; width:30%; border-width: 0 0 0 0; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" >'; $result .= $comment['user'] . ' ' . __a('wrote:'); $result .= '<br /><span style="font-size:9px; ">' . wppa_get_time_since($comment['timestamp']) . '</span>'; if (wppa_opt('wppa_comment_gravatar') != 'none') { // Find the default if (wppa_opt('wppa_comment_gravatar') != 'url') { $default = wppa_opt('wppa_comment_gravatar'); } else { $default = wppa_opt('wppa_comment_gravatar_url'); } // Find the avatar $avt = ''; $usr = get_user_by('login', $comment['user']); if ($usr) { // Local Avatar ? $avt = str_replace("'", "\"", get_avatar($usr->ID, wppa_opt('wppa_gravatar_size'), $default)); } if ($avt == '') { // Global avatars off, try myself $avt = '<img class="wppa-box-text wppa-td" src="http://www.gravatar.com/avatar/' . md5(strtolower(trim($comment['email']))) . '.jpg?d=' . urlencode($default) . '&s=' . wppa_opt('wppa_gravatar_size') . '" alt="' . __a('Avatar') . '" />'; } // Compose the html $result .= '<div class="com_avatar">' . $avt . '</div>'; } $result .= '</td>'; $txtwidth = floor(wppa_get_container_width() * 0.7) . 'px'; $result .= '<td class="wppa-box-text wppa-td" style="width:70%; word-wrap:break-word; border-width: 0 0 0 0;' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" >' . '<p class="wppa-comment-textarea wppa-comment-textarea-' . $wppa['mocc'] . '" style="margin:0; background-color:transparent; width:' . $txtwidth . '; max-height:90px; overflow:auto; word-wrap:break-word;' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" >' . html_entity_decode(esc_js(stripslashes(wppa_convert_smilies($comment['comment'])))); if ($comment['status'] != 'approved' && (current_user_can('wppa_moderate') || current_user_can('wppa_comments'))) { if ($wppa['no_esc']) { $result .= wppa_moderate_links('comment', $id, $comment['id']); } else { $result .= wppa_html(esc_js(wppa_moderate_links('comment', $id, $comment['id']))); } } elseif ($comment['status'] == 'pending' && $comment['user'] == $wppa['comment_user']) { $result .= '<br /><span style="color:red; font-size:9px;" >' . __a('Awaiting moderation') . '</span>'; } elseif ($comment['status'] == 'spam' && $comment['user'] == $wppa['comment_user']) { $result .= '<br /><span style="color:red; font-size:9px;" >' . __a('Marked as spam') . '</span>'; } $result .= '</p>'; $result .= '</td>'; $result .= '</tr>'; $result .= '<tr class="wppa-comment-' . $comment['id'] . '"><td colspan="2" style="padding:0"><hr style="background-color:' . $color . '; margin:0;" /></td></tr>'; } } $result .= '</tbody></table>'; $result .= '</div>'; } // See if we are currently in the process of adding/editing this comment $is_current = $id == $wppa['comment_photo'] && $wppa['comment_id']; // $debugtext=' ( id='.$id.', comment_photo='.$wppa['comment_photo'].', comment_id='.$wppa['comment_id'].' )'; if ($is_current) { $txt = $wppa['comment_text']; $btn = __a('Edit!'); } else { $txt = ''; $btn = __a('Send!'); } // Prepare the callback url $returnurl = wppa_get_permalink(); $album = wppa_get_get('album'); if ($album !== false) { $returnurl .= 'wppa-album=' . $album . '&'; } $cover = wppa_get_get('cover'); if ($cover) { $returnurl .= 'wppa-cover=' . $cover . '&'; } $slide = wppa_get_get('slide'); if ($slide !== false) { $returnurl .= 'wppa-slide&'; } $occur = wppa_get_get('occur'); if ($occur) { $returnurl .= 'wppa-occur=' . $occur . '&'; } $lasten = wppa_get_get('lasten'); if ($lasten) { $returnurl .= 'wppa-lasten=' . $lasten . '&'; } $topten = wppa_get_get('topten'); if ($topten) { $returnurl .= 'wppa-topten=' . $topten . '&'; } $comten = wppa_get_get('comten'); if ($comten) { $returnurl .= 'wppa-comten=' . $comten . '&'; } $tag = wppa_get_get('tag'); if ($tag) { $returnurl .= 'wppa-tag=' . $tag . '&'; } $returnurl .= 'wppa-photo=' . $id; // The comment form if ($comment_allowed) { $result .= '<div id="wppa-comform-wrap-' . $wppa['mocc'] . '" style="display:none;" >'; $result .= '<form id="wppa-commentform-' . $wppa['mocc'] . '" class="wppa-comment-form" action="' . $returnurl . '" method="post" style="" onsubmit="return wppaValidateComment( ' . $wppa['mocc'] . ' )">'; $result .= wp_nonce_field('wppa-nonce-' . wppa('mocc'), 'wppa-nonce-' . wppa('mocc'), false, false); //, $alb ); if ($album) { $result .= '<input type="hidden" name="wppa-album" value="' . $album . '" />'; } if ($cover) { $result .= '<input type="hidden" name="wppa-cover" value="' . $cover . '" />'; } if ($slide) { $result .= '<input type="hidden" name="wppa-slide" value="' . $slide . '" />'; } $result .= '<input type="hidden" name="wppa-returnurl" id="wppa-returnurl-' . wppa('mocc') . '" value="' . $returnurl . '" />'; if ($is_current) { $result .= '<input type="hidden" id="wppa-comment-edit-' . $wppa['mocc'] . '" name="wppa-comment-edit" value="' . $wppa['comment_id'] . '" />'; } $result .= '<input type="hidden" name="wppa-occur" value="' . $wppa['occur'] . '" />'; $result .= '<table id="wppacommenttable-' . $wppa['mocc'] . '" style="margin:0;">'; $result .= '<tbody>'; $result .= '<tr valign="top" style="' . $vis . '">'; $result .= '<td class="wppa-box-text wppa-td" style="width:30%; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" >' . __a('Your name:') . '</td>'; $result .= '<td class="wppa-box-text wppa-td" style="width:70%; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" ><input type="text" name="wppa-comname" id="wppa-comname-' . $wppa['mocc'] . '" style="width:100%; " value="' . $wppa['comment_user'] . '" /></td>'; $result .= '</tr>'; if (wppa_switch('comment_email_required')) { $result .= '<tr valign="top" style="' . $vis . '">'; $result .= '<td class="wppa-box-text wppa-td" style="width:30%; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" >' . __a('Your email:') . '</td>'; $result .= '<td class="wppa-box-text wppa-td" style="width:70%; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" ><input type="text" name="wppa-comemail" id="wppa-comemail-' . $wppa['mocc'] . '" style="width:100%; " value="' . $wppa['comment_email'] . '" /></td>'; $result .= '</tr>'; } $result .= '<tr valign="top" style="vertical-align:top;">'; $result .= '<td valign="top" class="wppa-box-text wppa-td" style="vertical-align:top; width:30%; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" >' . __a('Your comment:') . '<br />' . $wppa['comment_user'] . '<br />'; if (wppa_switch('comment_captcha')) { $wid = '20%'; if (wppa_opt('wppa_fontsize_box')) { $wid = wppa_opt('wppa_fontsize_box') * 1.5 . 'px'; } $captkey = $id; if ($is_current) { $captkey = $wpdb->get_var($wpdb->prepare('SELECT `timestamp` FROM `' . WPPA_COMMENTS . '` WHERE `id` = %s', $wppa['comment_id'])); } wppa_dbg_q('Q-Com-ts'); $result .= wppa_make_captcha($captkey) . '<input type="text" id="wppa-captcha-' . $wppa['mocc'] . '" name="wppa-captcha" style="width:' . $wid . '; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" /> '; } // orig $result .= '<input type="submit" name="commentbtn" value="'.$btn.'" style="margin:0;" /></td>'; $result .= '<input type="button" name="commentbtn" onclick="wppaAjaxComment( ' . $wppa['mocc'] . ', ' . $id . ' )" value="' . $btn . '" style="margin:0 4px 0 0;" />'; $result .= '<img id="wppa-comment-spin-' . $wppa['mocc'] . '" src="' . wppa_get_imgdir() . 'wpspin.gif" style="display:none;" />'; $result .= '</td>'; $result .= '<td valign="top" class="wppa-box-text wppa-td" style="vertical-align:top; width:70%; ' . __wcs('wppa-box-text') . __wcs('wppa-td') . '" >'; /* if ( wppa_switch( 'use_wp_editor' ) ) { $quicktags_settings = array( 'buttons' => 'strong,em,link,block,ins,ul,ol,li,code,close' ); ob_start(); wp_editor( stripslashes( $txt ), 'wppacomment'.wppa_alfa_id( $id ), array( 'wpautop' => false, 'media_buttons' => false, 'textarea_rows' => '6', 'tinymce' => false, 'quicktags' => $quicktags_settings ) ); $editor = ob_get_clean(); $result .= str_replace( "'", '"', $editor ); } else { /**/ if (wppa_switch('comment_smiley_picker')) { $result .= wppa_get_smiley_picker_html('wppa-comment-' . $wppa['mocc']); } $result .= '<textarea name="wppa-comment" id="wppa-comment-' . $wppa['mocc'] . '" style="height:60px; width:100%; ">' . esc_textarea(stripslashes($txt)) . '</textarea>'; /* } /* */ $result .= '</td>'; $result .= '</tr>'; $result .= '</tbody>'; $result .= '</table>'; $result .= '</form>'; // $result.=$debugtext; $result .= '</div>'; } else { if (wppa_switch('login_links')) { $result .= sprintf(__a('You must <a href="%s">login</a> to enter a comment'), site_url('wp-login.php', 'login')); } else { $result .= __a('You must login to enter a comment'); } } $result .= '<div id="wppa-comfooter-wrap-' . $wppa['mocc'] . '" style="display:block;" >'; $result .= '<table id="wppacommentfooter-' . $wppa['mocc'] . '" class="wppa-comment-form" style="margin:0;">'; $result .= '<tbody><tr style="text-align:center; "><td style="text-align:center; cursor:pointer;' . __wcs('wppa-box-text') . '" ><a onclick="wppaOpenComments( ' . $wppa['mocc'] . ', -1 ); return false;">'; // wppaStartStop( '.$wppa['mocc'].', -1 ); return false;">'; if ($n_comments) { $result .= sprintf(__a('%d comments'), $n_comments); } else { if ($comment_allowed) { $result .= __a('Leave a comment'); } } $result .= '</a></td></tr></tbody></table>'; $result .= '</div><div style="clear:both"></div>'; return $result; }