function annotate_page_start() { global $CONFIG, $lang_meta_album_names, $valid_meta_albums; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; $superCage = Inspekt::MakeSuperCage(); $note = $superCage->get->keyExists('note') ? $superCage->get->getRaw('note') : $superCage->cookie->getRaw($CONFIG['cookie_name'] . 'note'); $lang_meta_album_names['lastnotes'] = $lang_plugin_annotate['lastnotes']; $lang_meta_album_names['shownotes'] = $lang_plugin_annotate['shownotes'] . " '{$note}'"; $valid_meta_albums[] = 'lastnotes'; $valid_meta_albums[] = 'shownotes'; $superCage = Inspekt::makeSuperCage(); if ($superCage->get->getAlpha('plugin') == "annotate" && $superCage->get->keyExists('delete_orphans')) { global $CONFIG; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; load_template(); pageheader($lang_plugin_annotate['delete_orphaned_entries']); if (version_compare(cpg_phpinfo_mysql_version(), '4.1', '>=')) { // we can use subqueries here cpg_db_query("DELETE FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate WHERE pid NOT IN (SELECT pid FROM {$CONFIG['TABLE_PICTURES']})"); } else { $result = cpg_db_query("SELECT pid FROM {$CONFIG['TABLE_PICTURES']}"); $pids = array(); while ($row = mysql_fetch_row($result)) { $pids[] = $row[0]; } $pids = implode(",", $pids); mysql_free_result($result); // cpg_db_query can cause browser to crash if debug output is enabled mysql_query("DELETE FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate WHERE pid NOT IN ({$pids})"); } $count = mysql_affected_rows(); if ($count == 1) { $count_output = $lang_plugin_annotate['1_orphaned_entry_deleted']; } else { $count_output = sprintf($lang_plugin_annotate['x_orphaned_entries_deleted'], $count); } starttable('-1', $annotate_icon_array['delete'] . $lang_plugin_annotate['delete_orphaned_entries']); echo <<<EOT <tr> <td class="tableb"> {$count_output} </td> </tr> EOT; endtable(); pagefooter(); exit; } if ($superCage->get->getAlpha('plugin') == "annotate" && $superCage->get->keyExists('import')) { global $CONFIG; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; load_template(); pageheader($lang_plugin_annotate['import']); starttable('-1', $annotate_icon_array['import'] . $lang_plugin_annotate['import']); if ($superCage->get->keyExists('do') && $CONFIG['plugin_annotate_import'] != "1") { if (!mysql_query("SELECT user_time FROM {$CONFIG['TABLE_PREFIX']}notes")) { cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}plugin_annotate (pid, posx, posy, width, height, note, user_id, user_time) \n SELECT pid, posx, posy, width, height, note, user_id, UNIX_TIMESTAMP() FROM {$CONFIG['TABLE_PREFIX']}notes"); } else { cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}plugin_annotate (pid, posx, posy, width, height, note, user_id, user_time) \n SELECT pid, posx, posy, width, height, note, user_id, user_time FROM {$CONFIG['TABLE_PREFIX']}notes"); } echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['import_success'], mysql_affected_rows()) . '</td></tr>'; cpg_db_query("INSERT INTO {$CONFIG['TABLE_CONFIG']} (name, value) VALUES ('plugin_annotate_import', '1')"); } else { $notes_to_import = mysql_result(cpg_db_query("SELECT COUNT(*) FROM {$CONFIG['TABLE_PREFIX']}notes"), 0); if (!$notes_to_import) { echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['import_found'], $notes_to_import) . '</td></tr>'; } elseif ($CONFIG['plugin_annotate_import'] == "1") { echo '<tr><td class="tableb">' . $lang_plugin_annotate['imported_already'] . '</td></tr>'; } else { echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['import_found'], $notes_to_import) . ' <a href="index.php?plugin=annotate&import&do" class="admin_menu">' . $lang_plugin_annotate['import'] . '</a></td></tr>'; } } endtable(); pagefooter(); exit; } if ($superCage->get->getAlpha('plugin') == "annotate" && $superCage->get->keyExists('update_database')) { global $CONFIG; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; load_template(); pageheader($lang_plugin_annotate['update_database']); require 'include/sql_parse.php'; $db_schema = './plugins/annotate/update.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { @mysql_query($q); } starttable('-1', $annotate_icon_array['update_database'] . $lang_plugin_annotate['update_database']); echo <<<EOT <tr> <td class="tableb"> {$lang_plugin_annotate['update_database_success']} </td> </tr> EOT; endtable(); pagefooter(); exit; } if ($superCage->get->getAlpha('plugin') == "annotate" && $superCage->get->keyExists('manage')) { if (!GALLERY_ADMIN_MODE) { return; } global $CONFIG; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; load_template(); if ($superCage->post->keyExists('submit')) { if (!checkFormToken()) { global $lang_errors; cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__); } if ($superCage->get->keyExists('batch_rename')) { if (strlen($superCage->post->getRaw('note_new')) < 1) { header("Location: index.php?plugin=annotate&manage&batch_rename&status=0¬e_old=" . $superCage->post->getRaw('note_old') . "¬e_new=" . $superCage->post->getRaw('note_new')); } else { cpg_db_query("UPDATE {$CONFIG['TABLE_PREFIX']}plugin_annotate SET note = '" . addslashes(addslashes($superCage->post->getRaw('note_new'))) . "' WHERE note = '" . addslashes(addslashes($superCage->post->getRaw('note_old'))) . "'"); header("Location: index.php?plugin=annotate&manage&batch_rename&status=1¬e_old=" . $superCage->post->getRaw('note_old') . "¬e_new=" . $superCage->post->getRaw('note_new')); } } if ($superCage->get->keyExists('batch_delete')) { cpg_db_query("DELETE FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate WHERE note = '" . addslashes(addslashes($superCage->post->getRaw('note_old'))) . "'"); header("Location: index.php?plugin=annotate&manage&batch_delete&status=1¬e_old=" . $superCage->post->getRaw('note_old')); } } pageheader($lang_plugin_annotate['manage']); if ($superCage->get->keyExists('batch_rename')) { starttable("100%", $lang_plugin_annotate['batch_rename']); } elseif ($superCage->get->keyExists('batch_delete')) { starttable("100%", $lang_plugin_annotate['batch_delete']); } else { starttable("100%", $lang_plugin_annotate['manage']); } if ($superCage->post->keyExists('sure')) { if ($superCage->get->keyExists('batch_rename')) { global $lang_common; $note_new = $superCage->post->getRaw('note_new'); if (strlen($note_new) < 1) { echo '<tr><td class="tableb">' . $lang_plugin_annotate['note_empty'] . ' <a href="javascript:history.back();">' . $lang_common['back'] . '</a></td></tr>'; endtable(); pagefooter(); die; } list($timestamp, $form_token) = getFormToken(); echo ' <tr><td class="tableb"> <form method="post" action="index.php?plugin=annotate&manage&batch_rename"> ' . sprintf($lang_plugin_annotate['sure_rename'], $superCage->post->getRaw('note_old'), $note_new) . ' <input type="hidden" name="note_old" class="textinput" value="' . $superCage->post->getRaw('note_old') . '" readonly="readonly"> <input type="hidden" name="note_new" class="textinput" value="' . $note_new . '" readonly="readonly"> <input type="hidden" name="form_token" value="' . $form_token . '" /> <input type="hidden" name="timestamp" value="' . $timestamp . '" /> <input type="submit" name="submit" class="button" value="' . $lang_common['go'] . '"> <a href="javascript:history.back();">' . $lang_common['back'] . '</a> </form> </td></tr> '; } if ($superCage->get->keyExists('batch_delete')) { global $lang_common; list($timestamp, $form_token) = getFormToken(); echo ' <tr><td class="tableb"> <form method="post" action="index.php?plugin=annotate&manage&batch_delete"> ' . sprintf($lang_plugin_annotate['sure_delete'], $superCage->post->getRaw('note_old')) . ' <input type="hidden" name="note_old" class="textinput" value="' . $superCage->post->getRaw('note_old') . '" readonly="readonly"> <input type="hidden" name="form_token" value="' . $form_token . '" /> <input type="hidden" name="timestamp" value="' . $timestamp . '" /> <input type="submit" name="submit" class="button" value="' . $lang_common['go'] . '"> <a href="javascript:history.back();">' . $lang_common['back'] . '</a> </form> </td></tr> '; } } if (!$superCage->post->keyExists('note_old')) { if ($superCage->get->keyExists('status')) { if ($superCage->get->keyExists('batch_rename')) { if ($superCage->get->getInt('status') == 1) { echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['rename_success'], $superCage->get->getRaw('note_old'), $superCage->get->getRaw('note_new')) . ' </td></tr>'; } if ($superCage->get->getInt('status') == 0) { echo '<tr><td class="tableb">"' . sprintf($lang_plugin_annotate['rename_fail'], $superCage->get->getRaw('note_old'), $superCage->get->getRaw('note_new')) . '. ' . $lang_plugin_annotate['note_empty'] . '</td></tr>'; } } if ($superCage->get->keyExists('batch_delete') && $superCage->get->getInt('status') == 1) { echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['delete_success'], $superCage->get->getRaw('note_old'), $superCage->get->getRaw('note_new')) . ' </td></tr>'; } } if ($superCage->get->keyExists('note')) { if ($superCage->get->keyExists('batch_rename')) { global $lang_common; echo ' <tr><td class="tableb"> <form method="post"> <input type="text" name="note_old" size="40" class="textinput" value="' . $superCage->get->getRaw('note') . '" readonly="readonly"> ' . $lang_plugin_annotate['rename_to'] . ' <input type="text" name="note_new" size="40" class="textinput" id="note_new"> <input type="submit" name="sure" class="button" value="' . $lang_common['go'] . '"> </form> <script type="text/javascript"> document.getElementById("note_new").select(); </script> </td></tr> '; } if ($superCage->get->keyExists('batch_delete')) { global $lang_common; echo ' <tr><td class="tableb"> <form method="post"> ' . $lang_common['delete'] . ' <input type="text" name="note_old" class="textinput" value="' . $superCage->get->getRaw('note') . '" readonly="readonly"> <input type="submit" name="sure" class="button" value="' . $lang_common['go'] . '"> </form> </td></tr> '; } } $result = cpg_db_query("SELECT DISTINCT(note) FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate ORDER BY note"); if (mysql_num_rows($result)) { $person_array = array(); while ($row = mysql_fetch_assoc($result)) { $person_array[] = stripslashes($row['note']); } echo '<tr><td class="tableb" align="left">'; for ($i = 0; $i < count($person_array); $i++) { $note = str_replace(array("#", "&"), array("%23", "%26"), $person_array[$i]); echo "\n <a href=\"index.php?plugin=annotate&manage&batch_delete&note={$note}\" title=\"{$lang_plugin_annotate['batch_delete']}\"><img src=\"images/icons/delete.png\" border=\"0\" /></a>\n <a href=\"index.php?plugin=annotate&manage&batch_rename&note={$note}\" title=\"{$lang_plugin_annotate['batch_rename']}\"><img src=\"images/icons/edit.png\" border=\"0\" /></a>\n {$person_array[$i]}<br />\n "; } echo '</td></tr>'; } mysql_free_result($result); } endtable(); pagefooter(); exit; } }
function shorturl_page_start() { if (defined('INDEX_PHP')) { global $CONFIG, $lang_common, $lang_errors, $cpg_udb, $lang_gallery_admin_menu; require "./plugins/shorturl/lang/english.php"; if ($CONFIG['lang'] != 'english' && file_exists("./plugins/shorturl/lang/{$CONFIG['lang']}.php")) { require "./plugins/shorturl/lang/{$CONFIG['lang']}.php"; } $superCage = Inspekt::MakeSuperCage(); if ($superCage->get->keyExists('c')) { header("Location: index.php?cat=" . $superCage->get->getInt('c')); } if ($superCage->get->keyExists('a')) { header("Location: thumbnails.php?album=" . $superCage->get->getInt('a')); } if ($superCage->get->keyExists('p')) { header("Location: displayimage.php?pid=" . $superCage->get->getInt('p')); } if ($superCage->get->keyExists('r')) { $result = cpg_db_query("SELECT url FROM {$CONFIG['TABLE_PREFIX']}plugin_shorturl WHERE rid = " . $superCage->get->getInt('r')); $url = mysql_result($result, 0); mysql_free_result($result); if ($CONFIG['plugin_shorturl_preview'] == 1 || $superCage->get->keyExists('preview')) { load_template(); pageheader($lang_plugin_shorturl['redirection_preview']); starttable('100%', $lang_plugin_shorturl['redirection_preview']); echo <<<EOT <tr> <td class="tableb"> <a href="{$url}" class="external">{$url}</a> </td> </tr> EOT; endtable(); pagefooter(); exit; } else { header("Location: {$url}"); } } if ($superCage->get->keyExists('shorturl')) { if ($superCage->get->getAlpha('shorturl') == 'config') { if (!GALLERY_ADMIN_MODE) { load_template(); cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } if ($superCage->post->keyExists('submit') == TRUE) { if (!checkFormToken()) { load_template(); cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__); } $superCage = Inspekt::makeSuperCage(); if (!isset($CONFIG['plugin_shorturl_preview'])) { cpg_db_query("INSERT INTO {$CONFIG['TABLE_CONFIG']} (name, value) VALUES('plugin_shorturl_preview', '" . $superCage->post->getInt('plugin_shorturl_preview') . "')"); } else { cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '" . $superCage->post->getInt('plugin_shorturl_preview') . "' WHERE name = 'plugin_shorturl_preview'"); } $CONFIG['plugin_shorturl_preview'] = $superCage->post->getInt('plugin_shorturl_preview'); $result = cpg_db_query("SELECT group_id FROM {$CONFIG['TABLE_USERGROUPS']} WHERE has_admin_access != '1'"); while ($row = mysql_fetch_assoc($result)) { if (!isset($CONFIG['plugin_shorturl_permissions_' . $row['group_id']])) { cpg_db_query("INSERT INTO {$CONFIG['TABLE_CONFIG']} (name, value) VALUES('plugin_shorturl_permissions_{$row['group_id']}', '" . $superCage->post->getInt('plugin_shorturl_permissions_' . $row['group_id']) . "')"); } else { cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '" . $superCage->post->getInt('plugin_shorturl_permissions_' . $row['group_id']) . "' WHERE name = 'plugin_shorturl_permissions_{$row['group_id']}'"); } $CONFIG['plugin_shorturl_permissions_' . $row['group_id']] = $superCage->post->getInt('plugin_shorturl_permissions_' . $row['group_id']); } mysql_free_result($result); } load_template(); pageheader($lang_plugin_shorturl['plugin_name'] . ' ' . $lang_gallery_admin_menu['admin_lnk']); $permissions = ""; $result = cpg_db_query("SELECT group_id, group_name FROM {$CONFIG['TABLE_USERGROUPS']} ORDER BY group_id ASC"); while ($row = mysql_fetch_assoc($result)) { if (in_array($row['group_id'], $cpg_udb->admingroups)) { $permissions .= <<<EOT <tr> <td valign="top" align="left" class="tableb"> {$row['group_name']} </td> <td valign="top" align="center" class="tableb"> <input type="radio" class="radio" disabled="disabled" /> </td> <td valign="top" align="center" class="tableb"> <input type="radio" class="radio" checked="checked" /> </td> </tr> EOT; } else { $row['permission'] = mysql_result(cpg_db_query("SELECT value FROM {$CONFIG['TABLE_CONFIG']} WHERE name = 'plugin_shorturl_permissions_{$row['group_id']}'"), 0); $permissions .= <<<EOT <tr> <td valign="top" align="left" class="tableb"> {$row['group_name']} </td> EOT; for ($i = 0; $i <= 1; $i++) { if (!is_numeric($row['permission']) && $i == 0) { $checked = "checked=\"checked\""; } else { $checked = $row['permission'] == $i ? "checked=\"checked\"" : ""; } $permissions .= <<<EOT <td valign="top" align="center" class="tableb"> <input type="radio" name="plugin_shorturl_permissions_{$row['group_id']}" id="plugin_shorturl_permissions_{$row['group_id']}_{$i}" class="radio" value="{$i}" {$checked} /> </td> EOT; } $permissions .= <<<EOT </tr> EOT; } } mysql_free_result($result); $preview = ""; for ($i = 0; $i <= 1; $i++) { $checked = $CONFIG['plugin_shorturl_preview'] == $i ? "checked=\"checked\"" : ""; $preview .= <<<EOT <td valign="top" align="center" class="tableb"> <input type="radio" name="plugin_shorturl_preview" id="plugin_shorturl_preview_{$i}" class="radio" value="{$i}" {$checked} /> </td> EOT; } list($timestamp, $form_token) = getFormToken(); echo <<<EOT <form action="" method="post" name="shorturl_config" id="shorturl_config"> EOT; starttable('100%', $lang_plugin_shorturl['plugin_name'] . ' ' . $lang_gallery_admin_menu['admin_lnk'], 3); echo <<<EOT <tr> <td valign="top" class="tableb"> {$lang_plugin_shorturl['display_menu_button']} </td> <td valign="top" class="tableb" colspan="2"> <table border="0" cellspacing="0" cellpadding="0" width="100%"> <tr> <th valign="top" align="left" class="tableh2"> {$lang_plugin_shorturl['group']} </th> <th valign="top" align="center" class="tableh2"> {$lang_common['no']} </th> <th valign="top" align="center" class="tableh2"> {$lang_common['yes']} </th> </tr> {$permissions} </table> </td> </tr> <tr> <td class="tableb"> {$lang_plugin_shorturl['show_redirection_preview']} </td> <td class="tableb"> <table border="0" cellspacing="0" cellpadding="0" width="100%"> <tr> <th valign="top" align="center" class="tableh2"> {$lang_common['no']} </th> <th valign="top" align="center" class="tableh2"> {$lang_common['yes']} </th> </tr> {$preview} </table> </td> </tr> <tr> <td valign="middle" class="tablef"> </td> <td valign="middle" class="tablef" colspan="2"> <input type="hidden" name="form_token" value="{$form_token}" /> <input type="hidden" name="timestamp" value="{$timestamp}" /> <button type="submit" class="button" name="submit" value="{$lang_common['ok']}">{$annotate_icon_array['ok']}{$lang_common['ok']}</button> </td> </tr> EOT; endtable(); pagefooter(); exit; } if ($superCage->get->getAlpha('shorturl') == 'add') { if (shorturl_get_permission() == 0) { global $lang_errors; load_template(); cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } if ($superCage->post->keyExists('url')) { js_include('plugins/shorturl/jquery.copy.js'); load_template(); pageheader($lang_plugin_shorturl['your_url']); starttable('100%', $lang_plugin_shorturl['your_url'], 2); echo <<<EOT <tr> <td class="tableb"> EOT; $regex = '^' . '(https?://){1,1}' . '(([0-9a-z_!~*\'().&=+$%-]+: ){0,1}' . '[0-9a-z_!~*\'().&=+$%-]+@){0,1}' . '(([0-9]{1,3}\\.){3}[0-9]{1,3}' . '|' . '(' . '([0-9a-z_!~*\'()-]+\\.)*' . '([0-9a-z][0-9a-z-]{0,61})?[0-9a-z]\\.' . '[a-z]{2,6}' . ')' . ')' . '(:[0-9]{1,4}){0,1}' . '((/?)|' . '(/[0-9a-zA-Z_!~*\'().;?:@&=+$,%\\#-]+)+/?)' . '$'; $url = $superCage->post->getRaw('url'); if (!preg_match('#' . $regex . '#i', $url)) { echo $lang_plugin_shorturl['invalid_url'] . ": <tt>{$url}</tt> <br/> <form action=\"javascript:history.back();\"><button type=\"submit\" class=\"button\">{$lang_common['back']}</button></form>"; } else { $result = cpg_db_query("SELECT rid FROM {$CONFIG['TABLE_PREFIX']}plugin_shorturl WHERE url = '{$url}'"); if (mysql_num_rows($result) > 0) { $rid = mysql_result($result, 0); } else { cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}plugin_shorturl (url) VALUES ('{$url}')"); $result = cpg_db_query("SELECT rid FROM {$CONFIG['TABLE_PREFIX']}plugin_shorturl WHERE url = '{$url}'"); $rid = mysql_result($result, 0); } mysql_free_result($result); $length = strlen($CONFIG['ecards_more_pic_target'] . "?r={$rid}") + 20; $preview_status = sprintf($lang_plugin_shorturl['preview_status'], $CONFIG['plugin_shorturl_preview'] == 1 ? $lang_plugin_shorturl['enabled'] : $lang_plugin_shorturl['disabled']); echo <<<EOT <input id="shorturl" type="text" name="url" size="{$length}" class="textinput" value="{$CONFIG['ecards_more_pic_target']}?r={$rid}" readonly="readonly" onclick="\$(this).select();" /> <span style="cursor:help;" title="{$preview_status}">{$lang_plugin_shorturl['immediate_redirection']}</span> <br /> <input id="shorturl_p" type="text" name="url" size="{$length}" class="textinput" value="{$CONFIG['ecards_more_pic_target']}?r={$rid}&preview" readonly="readonly" onclick="\$(this).select();" /> {$lang_plugin_shorturl['display_link']} EOT; } echo <<<EOT </td> </tr> EOT; endtable(); pagefooter(); exit; } else { load_template(); pageheader($lang_plugin_shorturl['create_url']); echo '<form method="post">'; starttable('100%', $lang_plugin_shorturl['enter_url'], 2); list($timestamp, $form_token) = getFormToken(); echo <<<EOT <tr> <td class="tableb"> <input type="text" id="url" name="url" size="40" class="textinput" style="width:90%;" /> <input type="hidden" name="form_token" value="{$form_token}" /> <input type="hidden" name="timestamp" value="{$timestamp}" /> </td> <td class="tableb"> <input type="submit" name="commit" class="button" value="{$lang_plugin_shorturl['shorten']}" /> </td> </tr> EOT; endtable(); echo '</form>'; echo '<script type="text/javascript">$(document).ready(function() { $("#url").select(); });</script>'; pagefooter(); exit; } } } } }