/** * recovers search parameters from stored cookie, clears the cookie * * @param string $what the page type * @param string $album Name of the album * @param string $image Name of the image */ function handleSearchParms($what, $album = NULL, $image = NULL) { global $_zp_current_search, $zp_request; $cookiepath = WEBPATH; if (WEBPATH == '') { $cookiepath = '/'; } if (is_null($album)) { if (is_object($zp_request)) { $reset = get_class($zp_request) != 'SearchEngine'; } else { $reset = $zp_request; } if ($reset) { // clear the cookie if no album and not a search if (!isset($_REQUEST['preserve_serch_params'])) { zp_setcookie("zenphoto_image_search_params", "", time() - 368000, $cookiepath); } return; } } $context = get_context(); $params = zp_getCookie('zenphoto_image_search_params'); if (!empty($params)) { $_zp_current_search = new SearchEngine(); $_zp_current_search->setSearchParams($params); // check to see if we are still "in the search context" if (!is_null($image)) { if ($_zp_current_search->getImageIndex($album->name, $image->filename) !== false) { $context = $context | ZP_SEARCH_LINKED | ZP_IMAGE_LINKED; } } if (!is_null($album)) { $albumname = $album->name; $albumlist = $_zp_current_search->getAlbums(0); foreach ($albumlist as $searchalbum) { if (strpos($albumname, $searchalbum) !== false) { $context = $context | ZP_SEARCH_LINKED | ZP_ALBUM_LINKED; break; } } } if ($context & ZP_SEARCH_LINKED) { set_context($context); } else { $_zp_current_search = null; } } }
//update hit counter if (!isMyALbum($_zp_current_album->name, ALL_RIGHTS)) { $hc = $_zp_current_image->get('hitcounter') + 1; $_zp_current_image->set('hitcounter', $hc); $_zp_current_image->save(); } // Display an Album page. } else { if (in_context(ZP_ALBUM)) { if ($_zp_current_album->isDynamic()) { $search = $_zp_current_album->getSearchEngine(); $cookiepath = WEBPATH; if (WEBPATH == '') { $cookiepath = '/'; } zp_setcookie("zenphoto_image_search_params", $search->getSearchParams(), 0, $cookiepath); set_context(ZP_INDEX | ZP_ALBUM); $theme = setupTheme(); $_zp_gallery_page = basename($obj = THEMEFOLDER . "/{$theme}/album.php"); } else { handleSearchParms('album', $_zp_current_album); $theme = setupTheme(); $_zp_gallery_page = basename($obj = THEMEFOLDER . "/{$theme}/album.php"); } // update hit counter if (!isMyALbum($_zp_current_album->name, ALL_RIGHTS) && getCurrentPage() == 1) { $hc = $_zp_current_album->get('hitcounter') + 1; $_zp_current_album->set('hitcounter', $hc); $_zp_current_album->save(); } // Display the Index page.
<?php define('ALBUMCOLUMNS', 3); define('IMAGECOLUMNS', 5); if (!defined('WEBPATH')) { die; } $_noFlash = false; if (($personality = getOption('Theme_personality')) != "Simpleviewer" || !getOption('mod_rewrite')) { $_noFlash = true; } else { // Simpleviewer initialization stuff if (isset($_GET['noflash'])) { $_noFlash = true; zp_setcookie("noFlash", "noFlash"); } elseif (zp_getCookie("noFlash") != '') { $_noFlash = true; } // Change the Simpleviewer configuration here $maxImageWidth = "600"; $maxImageHeight = "600"; $preloaderColor = "0xFFFFFF"; $textColor = "0xFFFFFF"; $frameColor = "0xFFFFFF"; $frameWidth = "10"; $stagePadding = "20"; $thumbnailColumns = "3"; $thumbnailRows = "5"; $navPosition = "left"; $enableRightClickOpen = "true"; $backgroundImagePath = "";
function handleComment() { global $_zp_current_image, $_zp_current_album, $_zp_comment_stored, $_zp_current_zenpage_news, $_zp_current_zenpage_page; $activeImage = false; $comment_error = 0; $cookie = zp_getCookie('zenphoto'); if (isset($_POST['comment'])) { if (in_context(ZP_ALBUM) || in_context(ZP_ZENPAGE_NEWS_ARTICLE) || in_context(ZP_ZENPAGE_PAGE)) { if (isset($_POST['name'])) { $p_name = sanitize($_POST['name'], 3); } else { $p_name = ''; } if (isset($_POST['email'])) { $p_email = sanitize($_POST['email'], 3); } else { $p_email = ""; } if (isset($_POST['website'])) { $p_website = sanitize($_POST['website'], 3); } else { $p_website = ""; } if (isset($_POST['comment'])) { $p_comment = sanitize($_POST['comment'], 1); } else { $p_comment = ''; } $p_server = ThemeUtil::getUserIP(); if (isset($_POST['code'])) { $code1 = sanitize($_POST['code'], 3); $code2 = sanitize($_POST['code_h'], 3); } else { $code1 = ''; $code2 = ''; } $p_private = isset($_POST['private']); $p_anon = isset($_POST['anon']); if (isset($_POST['imageid'])) { //used (only?) by the tricasa hack to know which image the client is working with. $activeImage = zp_load_image_from_id(sanitize_numeric($_POST['imageid'])); if ($activeImage !== false) { $commentadded = $activeImage->addComment($p_name, $p_email, $p_website, $p_comment, $code1, $code2, $p_server, $p_private, $p_anon); $redirectTo = $activeImage->getLink(); } } else { if (in_context(ZP_IMAGE) and in_context(ZP_ALBUM)) { $commentobject = $_zp_current_image; $redirectTo = $_zp_current_image->getLink(); } else { if (!in_context(ZP_IMAGE) and in_context(ZP_ALBUM)) { $commentobject = $_zp_current_album; $redirectTo = $_zp_current_album->getAlbumLink(); } else { if (in_context(ZP_ZENPAGE_NEWS_ARTICLE)) { $commentobject = $_zp_current_zenpage_news; $redirectTo = FULLWEBPATH . '/index.php?p=' . ZENPAGE_NEWS . '&title=' . $_zp_current_zenpage_news->getTitlelink(); } else { if (in_context(ZP_ZENPAGE_PAGE)) { $commentobject = $_zp_current_zenpage_page; $redirectTo = FULLWEBPATH . '/index.php?p=' . ZENPAGE_PAGES . '&title=' . $_zp_current_zenpage_page->getTitlelink(); } } } } $commentadded = $commentobject->addComment($p_name, $p_email, $p_website, $p_comment, $code1, $code2, $p_server, $p_private, $p_anon); } $comment_error = $commentadded->getInModeration(); $_zp_comment_stored = array($commentadded->getName(), $commentadded->getEmail(), $commentadded->getWebsite(), $commentadded->getComment(), false, $commentadded->getPrivate(), $commentadded->getAnon(), $commentadded->getCustomData()); if (isset($_POST['remember'])) { $_zp_comment_stored[4] = true; } if (!$comment_error) { if (isset($_POST['remember'])) { // Should always re-cookie to update info in case it's changed... $_zp_comment_stored[3] = ''; // clear the comment itself zp_setcookie('zenphoto', implode('|~*~|', $_zp_comment_stored), time() + COOKIE_PESISTENCE, '/'); } else { zp_setcookie('zenphoto', '', time() - 368000, '/'); } return COMMENT_SUCCESS; } else { $comment_error++; if ($activeImage !== false and !in_context(ZP_ZENPAGE_NEWS_ARTICLE) and !in_context(ZP_ZENPAGE_PAGE)) { // tricasa hack? Set the context to the image on which the comment was posted $_zp_current_image = $activeImage; $_zp_current_album = $activeImage->getAlbum(); set_context(ZP_IMAGE | ZP_ALBUM | ZP_INDEX); } } } } else { if (!empty($cookie)) { // Comment form was not submitted; get the saved info from the cookie. $_zp_comment_stored = explode('|~*~|', stripslashes($cookie)); $_zp_comment_stored[4] = true; if (!isset($_zp_comment_stored[5])) { $_zp_comment_stored[5] = false; } if (!isset($_zp_comment_stored[6])) { $_zp_comment_stored[6] = false; } if (!isset($_zp_comment_stored[7])) { $_zp_comment_stored[7] = false; } } else { $_zp_comment_stored = array('', '', '', '', false, false, false, false); } } return $comment_error; }
setOption('admin_reset_date', time()); $req = getOption('admin_reset_date'); $ref = md5($req . $adm . $pas); $msg = "\n" . $requestor . "\n" . sprintf(gettext("To reset your Zenphoto Admin passwords visit: %s"), FULLWEBPATH . "/" . ZENFOLDER . "/admin-options.php?ticket={$ref}") . "\n" . gettext("If you do not wish to reset your passwords just ignore this message. This ticket will automatically expire in 3 days."); zp_mail(gettext("The Zenphoto information you requested"), $msg); $_zp_login_error = 2; } else { $_zp_login_error = 1; } } } } unset($saved_auth, $check_auth, $user, $pass); // Handle a logout action. if (isset($_REQUEST['logout'])) { zp_setcookie("zenphoto_auth", "*", time() - 368000, $cookiepath); $redirect = 'index.php'; if (isset($_GET['p'])) { $redirect .= "?p=" . $_GET['p']; if (isset($_GET['searchfields'])) { $redirect .= "&searchfields=" . $_GET['searchfields']; } if (isset($_GET['words'])) { $redirect .= "&words=" . $_GET['words']; } if (isset($_GET['date'])) { $redirect .= "&date=" . $_GET['date']; } } else { if (isset($_GET['album'])) { $redirect .= "?album=" . $_GET['album'];
/** * Loads the search object if it hasn't already been loaded. */ function zp_load_search() { global $_zp_current_search; if ($_zp_current_search == NULL) { $_zp_current_search = new SearchEngine(); } set_context(ZP_INDEX | ZP_SEARCH); $cookiepath = WEBPATH; if (WEBPATH == '') { $cookiepath = '/'; } $params = $_zp_current_search->getSearchParams(); zp_setcookie("zenphoto_image_search_params", $params, 0, $cookiepath); return $_zp_current_search; }
$candidate = $_COOKIE; } if (isset($_SESSION)) { $candidate = Array_merge($candidate, $_SESSION); } $candidate = array_unique($candidate); foreach ($candidate as $cookie => $value) { if ($cookie == 'zenphoto_auth' || $cookie == 'zp_gallery_auth' || $cookie == 'zp_search_auth' || strpos($cookie, 'zp_album_auth_') !== false) { $cookies[] = $cookie; } } if (isset($_GET['userlog'])) { // process the logout. if ($_GET['userlog'] == 0) { foreach ($cookies as $cookie) { zp_setcookie($cookie, "", time() - 368000, $cookiepath); } $_zp_loggedin = false; $saved_auth = NULL; $cookies = array(); $_zp_pre_authorization = array(); } } } /** * Prints the logout link if the user is logged in. * This is for album passwords only, not admin users; * * @param string $before before text * @param string $after after text * @param bool $showLoginForm set to true to display a login form if no one is logged in