static function load_request($allow)
{
$uri = getRequestURI();
$parts = explode('?', $uri);
$uri = $parts[0];
$path = ltrim(substr($uri, strlen(WEBPATH) + 1), '/');
if (empty($path)) {
return $allow;
} else {
$rest = strpos($path, '/');
if ($rest === false) {
if (strpos($path, '?') === 0) {
// only a parameter string
return $allow;
}
$l = $path;
} else {
$l = substr($path, 0, $rest);
}
}
$locale = validateLocale($l, 'seo_locale');
if ($locale) {
// set the language cookie and redirect to the "base" url
zp_setCookie('dynamic_locale', $locale);
$uri = pathurlencode(preg_replace('|/' . $l . '[/$]|', '/', $uri));
if (isset($parts[1])) {
$uri .= '?' . $parts[1];
}
header("HTTP/1.0 302 Found");
header("Status: 302 Found");
header('Location: ' . $uri);
exitZP();
}
return $allow;
}
/**
* If in debug mode, prints the given error message and continues; otherwise redirects
* to the given error message image and exits; designed for a production gallery.
* @param $errormessage string the error message to print if $_GET['debug'] is set.
* @param $errorimg string the filename of the error image to display for production. Defaults
* to 'err-imagegeneral.png'. Images should be located in /zen/images .
*/
function imageError($status_text, $errormessage, $errorimg = 'err-imagegeneral.png')
{
global $newfilename, $album, $image;
$debug = isset($_GET['debug']);
if ($debug) {
echo '<strong>' . sprintf(gettext('Zenphoto Image Processing Error: %s'), $errormessage) . '</strong>' . '<br /><br />' . sprintf(gettext('Request URI: [ <code>%s</code> ]'), html_encode(getRequestURI())) . '<br />PHP_SELF: [ <code>' . html_encode($_SERVER['PHP_SELF']) . '</code> ]' . (empty($newfilename) ? '' : '<br />' . sprintf(gettext('Cache: [<code>%s</code>]'), '/' . CACHEFOLDER . '/' . html_encode(sanitize($newfilename, 3))) . ' ') . (empty($image) || empty($album) ? '' : ' <br />' . sprintf(gettext('Image: [<code>%s</code>]'), html_encode(sanitize($album . '/' . $image, 3))) . ' <br />');
} else {
if (DEBUG_IMAGE_ERR) {
trigger_error($errormessage, E_USER_NOTICE);
}
header("HTTP/1.0 {$status_text}");
header("Status: {$status_text}");
header('Location: ' . FULLWEBPATH . '/' . ZENFOLDER . '/images/' . $errorimg);
}
exitZP();
}
/**
* If in debug mode, prints the given error message and continues; otherwise redirects
* to the given error message image and exits; designed for a production gallery.
* @param $errormessage string the error message to print if $_GET['debug'] is set.
* @param $errorimg string the filename of the error image to display for production. Defaults
* to 'err-imagegeneral.png'. Images should be located in /zen/images .
*/
function imageError($status_text, $errormessage, $errorimg = 'err-imagegeneral.png')
{
global $newfilename, $album, $image;
$debug = isset($_GET['debug']);
$err = sprintf(gettext('Image Processing Error: %s'), $errormessage);
if ($debug) {
echo '<strong>' . $err . '</strong>';
} else {
if (DEBUG_IMAGE) {
$msg = $err . "\n\t\t" . sprintf(gettext('Request URI: [%s]'), getRequestURI()) . "\n\t\t" . 'PHP_SELF: [' . sanitize($_SERVER['PHP_SELF'], 3) . ']';
if ($newfilename) {
$msg .= "\n\t\t" . sprintf(gettext('Cache: [%s]'), '/' . CACHEFOLDER . '/' . sanitize($newfilename, 3));
}
if ($image || $album) {
$msg .= "\n\t\t" . sprintf(gettext('Image: [%s]'), sanitize($album . '/' . $image, 3));
}
debugLog($msg);
}
header("HTTP/1.0 {$status_text}");
header("Status: {$status_text}");
header('Location: ' . FULLWEBPATH . '/' . ZENFOLDER . '/images/' . $errorimg);
}
exitZP();
}
printTabs();
?>
<div id="content">
<h1><?php
echo gettext('Zenphoto License agreement');
?>
</h1>
<div id="container">
<p class="notebox">
<?php
printf(gettext('This license is in English because the <em>Free Software Foundation</em> does not approve translations as officially valid. Unofficial translations are available <a href="%s">here</a>.'), 'http://www.gnu.org/licenses/old-licenses/gpl-2.0-translations.html');
?>
</p>
<?php
if (!getOption('license_accepted')) {
$_SESSION['license_return'] = getRequestURI();
?>
<p class="buttons">
<a href="<?php
echo FULLWEBPATH . '/' . ZENFOLDER . '/license.php?licenseAccept&XSRFToken=' . getXSRFToken('ZenphotoLicense');
?>
" alt="<?php
echo gettext('You must accept this license to continue to use Zenphoto.');
?>
"><?php
echo gettext('I agree to these terms and conditions');
?>
</a>
</p>
<br class="clearall" />
<?php
/**
* prints a form for selecting a locale
* The POST handling is by getUserLocale() called in functions.php
*
*/
function printLanguageSelector($flags = NULL)
{
$languages = generateLanguageList();
if (isset($_REQUEST['locale'])) {
$locale = sanitize($_REQUEST['locale']);
if (getOption('locale') != $locale) {
?>
<div class="errorbox">
<h2>
<?php
printf(gettext('<em>%s</em> is not available.'), html_encode($locale));
?>
<?php
printf(gettext('The locale %s is not supported on your server.'), html_encode($locale));
?>
<br />
<?php
echo gettext('See the troubleshooting guide on zenphoto.org for details.');
?>
</h2>
</div>
<?php
}
}
if (is_null($flags)) {
$flags = getOption('dynamic_locale_visual');
}
if ($flags) {
asort($languages);
?>
<ul class="flags">
<?php
$currentValue = getOption('locale');
$request = parse_url(getRequestURI());
$separator = '?';
if (isset($request['query'])) {
$query = explode('&', $request['query']);
$uri['query'] = '';
foreach ($query as $key => $str) {
if (preg_match('/^locale\\s*=/', $str)) {
unset($query[$key]);
}
}
if (empty($query)) {
unset($request['query']);
} else {
$request['query'] = implode('&', $query);
$separator = '&';
}
}
$uri = $request['path'];
if (isset($request['query'])) {
$uri .= '?' . $request['query'];
}
foreach ($languages as $text => $lang) {
?>
<li<?php
if ($lang == $currentValue) {
echo ' class="currentLanguage"';
}
?>
>
<?php
if ($lang != $currentValue) {
switch (LOCALE_TYPE) {
case 2:
?>
<a href="<?php
echo dynamic_locale::fullHostPath($lang) . html_encode($uri);
?>
" >
<?php
break;
case 1:
?>
<a href="<?php
echo str_replace(WEBPATH, seo_locale::localePath(false, $lang), html_encode($uri));
?>
" >
<?php
break;
default:
?>
<a href="<?php
echo $uri . $separator;
?>
locale=<?php
echo $lang;
?>
" >
<?php
break;
}
}
$flag = getLanguageFlag($lang);
?>
<img src="<?php
echo $flag;
?>
" alt="<?php
echo $text;
?>
" title="<?php
echo $text;
?>
" />
<?php
if ($lang != $currentValue) {
?>
</a>
<?php
}
?>
</li>
<?php
}
?>
</ul>
<?php
} else {
?>
<form action="#" method="post">
<input type="hidden" name="oldlocale" value="<?php
echo getOption('locale');
?>
" />
<select id="dynamic-locale" class="languageselect" name="locale" onchange="this.form.submit()">
<?php
$currentValue = getOption('locale');
foreach ($languages as $key => $item) {
echo '<option class="languageoption" value="' . html_encode($item) . '"';
if ($item == $currentValue) {
echo ' selected="selected"';
}
echo ' >';
echo html_encode($key) . "</option>\n";
}
?>
</select>
</form>
<?php
}
}
/**
* Prints the feed xml
*
*/
public function printFeed()
{
global $_zp_gallery;
$feeditems = $this->getitems();
if (is_array($feeditems)) {
header('Content-Type: application/xml');
?>
<external version="1.0" >
<?php
if ($this->key) {
$key = md5($this->key . serialize($_SERVER));
query('UPDATE ' . prefix('plugin_storage') . ' SET `data`=' . db_quote($key) . ' WHERE `type`="externalFeed" AND `data`=' . db_quote($this->key));
?>
<accesskey><?php
echo $key;
?>
</accesskey>
<?php
}
?>
<channel>
<link href="<?php
echo PROTOCOL;
?>
://<?php
echo $this->host;
echo html_encode(getRequestURI());
?>
" />
<language><?php
echo $this->locale_xml;
?>
</language>
<?php
foreach ($feeditems as $feeditem) {
switch ($this->feedtype) {
case 'gallery':
$item = $this->getItemGallery($feeditem);
break;
case 'news':
$item = $this->getItemNews($feeditem);
break;
case 'pages':
$item = $this->getitemPages($feeditem, getOption('externalFeed_truncate_length'));
break;
case 'comments':
$item = $this->getitemComments($feeditem);
break;
default:
$item = $feeditem;
break;
}
?>
<item>
<title><![CDATA[<?php
echo $item['title'];
?>
]]></title>
<link><?php
echo PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . WEBPATH . '/' . html_encode(ltrim($item['link'], '/'));
?>
</link>
<description><![CDATA[<?php
echo $item['desc'];
?>
]]></description>
<?php
if (!empty($item['enclosure'])) {
echo $item['enclosure'] . "\n";
//prints xml as well
}
if (!empty($item['category'])) {
?>
<category><![CDATA[<?php
echo $item['category'];
?>
]]></category>
<?php
}
if (!empty($item['media_content'])) {
echo $item['media_content'] . "\n";
//prints xml as well
}
if (!empty($item['media_thumbnail'])) {
echo $item['media_thumbnail'] . "\n";
//prints xml as well
}
?>
<pubDate><?php
echo $item['pubdate'];
?>
</pubDate>
</item>
<?php
}
// foreach
?>
</channel>
</external>
<?php
}
}
/**
* Prints html meta data to be used in the <head> section of a page
*
*/
static function getHTMLMetaData()
{
global $_zp_gallery, $_zp_galley_page, $_zp_current_album, $_zp_current_image, $_zp_current_zenpage_news, $_zp_current_zenpage_page, $_zp_gallery_page, $_zp_current_category, $_zp_authority, $_zp_conf_vars, $_myFavorites, $htmlmetatags_need_cache, $_zp_page;
zp_register_filter('image_processor_uri', 'htmlmetatags::ipURI');
$host = sanitize("http://" . $_SERVER['HTTP_HOST']);
$url = $host . getRequestURI();
// Convert locale shorttag to allowed html meta format
$locale = str_replace("_", "-", getUserLocale());
$canonicalurl = '';
// generate page title, get date
$pagetitle = "";
// for gallery index setup below switch
$date = strftime(DATE_FORMAT);
// if we don't have a item date use current date
$desc = getBareGalleryDesc();
$thumb = '';
if (getOption('htmlmeta_sitelogo')) {
$thumb = getOption('htmlmeta_sitelogo');
}
if (getOption('htmlmeta_og-image') || getOption('htmlmeta_twittercard')) {
$ogimage_width = getOption('htmlmeta_ogimage_width');
$ogimage_height = getOption('htmlmeta_ogimage_height');
if (empty($ogimage_width)) {
$ogimage_width = 1280;
}
if (empty($ogimage_height)) {
$ogimage_height = 900;
}
}
$type = 'article';
switch ($_zp_gallery_page) {
case 'index.php':
$desc = getBareGalleryDesc();
//$canonicalurl = $host . getGalleryIndexURL();
$canonicalurl = $host . getPageNumURL($_zp_page);
$type = 'website';
break;
case 'album.php':
$pagetitle = getBareAlbumTitle() . " - ";
$date = getAlbumDate();
$desc = getBareAlbumDesc();
$canonicalurl = $host . getPageNumURL($_zp_page);
if (getOption('htmlmeta_og-image') || getOption('htmlmeta_twittercard')) {
$thumbimg = $_zp_current_album->getAlbumThumbImage();
getMaxSpaceContainer($ogimage_width, $ogimage_height, $thumbimg, false);
$thumb = $host . html_encode(pathurlencode($thumbimg->getCustomImage(NULL, $ogimage_width, $ogimage_height, NULL, NULL, NULL, NULL, false, NULL)));
}
break;
case 'image.php':
$pagetitle = getBareImageTitle() . " (" . getBareAlbumTitle() . ") - ";
$date = getImageDate();
$desc = getBareImageDesc();
$canonicalurl = $host . getImageURL();
if (getOption('htmlmeta_og-image') || getOption('htmlmeta_twittercard')) {
$thumb = $host . html_encode(pathurlencode(getCustomSizedImageMaxSpace($ogimage_width, $ogimage_height)));
}
break;
case 'news.php':
if (function_exists("is_NewsArticle")) {
if (is_NewsArticle()) {
$pagetitle = getBareNewsTitle() . " - ";
$date = getNewsDate();
$desc = trim(getBare(getNewsContent()));
$canonicalurl = $host . $_zp_current_zenpage_news->getLink();
} else {
if (is_NewsCategory()) {
$pagetitle = $_zp_current_category->getTitlelink() . " - ";
$date = strftime(DATE_FORMAT);
$desc = trim(getBare($_zp_current_category->getDesc()));
$canonicalurl = $host . $_zp_current_category->getLink();
$type = 'category';
} else {
$pagetitle = gettext('News') . " - ";
$desc = '';
$canonicalurl = $host . getNewsIndexURL();
$type = 'website';
}
}
if ($_zp_page != 1) {
$canonicalurl .= '/' . $_zp_page;
}
}
break;
case 'pages.php':
$pagetitle = getBarePageTitle() . " - ";
$date = getPageDate();
$desc = trim(getBare(getPageContent()));
$canonicalurl = $host . $_zp_current_zenpage_page->getLink();
break;
default:
// for all other possible static custom pages
$custompage = stripSuffix($_zp_gallery_page);
$standard = array('contact' => gettext('Contact'), 'register' => gettext('Register'), 'search' => gettext('Search'), 'archive' => gettext('Archive view'), 'password' => gettext('Password required'));
if (is_object($_myFavorites)) {
$standard['favorites'] = gettext('My favorites');
}
if (array_key_exists($custompage, $standard)) {
$pagetitle = $standard[$custompage] . " - ";
} else {
$pagetitle = $custompage . " - ";
}
$desc = '';
$canonicalurl = $host . getCustomPageURL($custompage);
if ($_zp_page != 1) {
$canonicalurl .= '/' . $_zp_page;
}
break;
}
// shorten desc to the allowed 200 characters if necesssary.
$desc = html_encode(trim(substr(getBare($desc), 0, 160)));
$pagetitle = $pagetitle . getBareGalleryTitle();
// get master admin
$admin = $_zp_authority->getMasterUser();
$author = $admin->getName();
$meta = '';
if (getOption('htmlmeta_http-equiv-cache-control')) {
$meta .= '<meta http-equiv="Cache-control" content="' . getOption("htmlmeta_cache_control") . '">' . "\n";
}
if (getOption('htmlmeta_http-equiv-pragma')) {
$meta .= '<meta http-equiv="pragma" content="' . getOption("htmlmeta_pragma") . '">' . "\n";
}
if (getOption('htmlmeta_name-keywords')) {
$meta .= '<meta name="keywords" content="' . htmlmetatags::getMetaKeywords() . '">' . "\n";
}
if (getOption('htmlmeta_name-description')) {
$meta .= '<meta name="description" content="' . $desc . '">' . "\n";
}
if (getOption('htmlmeta_name-page-topic')) {
$meta .= '<meta name="page-topic" content="' . $desc . '">' . "\n";
}
if (getOption('htmlmeta_name-robots')) {
$meta .= '<meta name="robots" content="' . getOption("htmlmeta_robots") . '">' . "\n";
}
if (getOption('htmlmeta_name-publisher')) {
$meta .= '<meta name="publisher" content="' . FULLWEBPATH . '">' . "\n";
}
if (getOption('htmlmeta_name-creator')) {
$meta .= '<meta name="creator" content="' . FULLWEBPATH . '">' . "\n";
}
if (getOption('htmlmeta_name-author')) {
$meta .= '<meta name="author" content="' . $author . '">' . "\n";
}
if (getOption('htmlmeta_name-copyright')) {
$meta .= '<meta name="copyright" content=" (c) ' . FULLWEBPATH . ' - ' . $author . '">' . "\n";
}
if (getOption('htmlmeta_name-rights')) {
$meta .= '<meta name="rights" content="' . $author . '">' . "\n";
}
if (getOption('htmlmeta_name-generator')) {
$meta .= '<meta name="generator" content="Zenphoto ' . ZENPHOTO_VERSION . '">' . "\n";
}
if (getOption('htmlmeta_name-revisit-after')) {
$meta .= '<meta name="revisit-after" content="' . getOption("htmlmeta_revisit_after") . '">' . "\n";
}
if (getOption('htmlmeta_name-expires')) {
$expires = getOption("htmlmeta_expires");
if ($expires == (int) $expires) {
$expires = preg_replace('|\\s\\-\\d+|', '', date('r', time() + $expires)) . ' GMT';
}
$meta .= '<meta name="expires" content="' . $expires . '">' . "\n";
}
// OpenGraph meta
if (getOption('htmlmeta_og-title')) {
$meta .= '<meta property="og:title" content="' . $pagetitle . '">' . "\n";
}
if (getOption('htmlmeta_og-image') && !empty($thumb)) {
$meta .= '<meta property="og:image" content="' . $thumb . '">' . "\n";
}
if (getOption('htmlmeta_og-description')) {
$meta .= '<meta property="og:description" content="' . $desc . '">' . "\n";
}
if (getOption('htmlmeta_og-url')) {
$meta .= '<meta property="og:url" content="' . html_encode($url) . '">' . "\n";
}
if (getOption('htmlmeta_og-type')) {
$meta .= '<meta property="og:type" content="' . $type . '">' . "\n";
}
// Social network extras
if (getOption('htmlmeta_name-pinterest')) {
$meta .= '<meta name="pinterest" content="nopin">' . "\n";
}
// dissalow users to pin images on Pinterest
// Twitter card
$twittername = getOption('htmlmeta_twittername');
if (getOption('htmlmeta_twittercard') || !empty($twittername)) {
$meta .= '<meta property="twitter:creator" content="' . $twittername . '">' . "\n";
$meta .= '<meta property="twitter:site" content="' . $twittername . '">' . "\n";
$meta .= '<meta property="twitter:card" content="summary">' . "\n";
$meta .= '<meta property="twitter:title" content="' . $pagetitle . '">' . "\n";
$meta .= '<meta property="twitter:description" content="' . $desc . '">' . "\n";
if (!empty($thumb)) {
$meta .= '<meta property="twitter:image" content="' . $thumb . '">' . "\n";
}
}
// Canonical url
if (getOption('htmlmeta_canonical-url')) {
$meta .= '<link rel="canonical" href="' . $canonicalurl . '">' . "\n";
if (METATAG_LOCALE_TYPE) {
$langs = generateLanguageList();
if (count($langs) != 1) {
foreach ($langs as $text => $lang) {
$langcheck = zpFunctions::getLanguageText($lang, '-');
// for hreflang we need en-US
if ($langcheck != $locale) {
switch (METATAG_LOCALE_TYPE) {
case 1:
$altlink = seo_locale::localePath(true, $lang);
break;
case 2:
$altlink = dynamic_locale::fullHostPath($lang);
break;
}
switch ($_zp_gallery_page) {
case 'index.php':
$altlink .= '/';
break;
case 'gallery.php':
$altlink .= '/' . _PAGE_ . '/gallery';
break;
case 'album.php':
$altlink .= '/' . html_encode($_zp_current_album->name) . '/';
break;
case 'image.php':
$altlink .= '/' . html_encode($_zp_current_album->name) . '/' . html_encode($_zp_current_image->filename) . IM_SUFFIX;
break;
case 'news.php':
if (function_exists("is_NewsArticle")) {
if (is_NewsArticle()) {
$altlink .= '/' . _NEWS_ . '/' . html_encode($_zp_current_zenpage_news->getTitlelink());
} else {
if (is_NewsCategory()) {
$altlink .= '/' . _NEWS_ . '/' . html_encode($_zp_current_category->getTitlelink());
} else {
$altlink .= '/' . _NEWS_;
}
}
}
break;
case 'pages.php':
$altlink .= '/' . _PAGES_ . '/' . html_encode($_zp_current_zenpage_page->getTitlelink());
break;
case 'archive.php':
$altlink .= '/' . _ARCHIVE_;
break;
case 'search.php':
$altlink .= '/' . _SEARCH_ . '/';
break;
case 'contact.php':
$altlink .= '/' . _CONTACT_ . '/';
break;
default:
// for all other possible none standard custom pages
$altlink .= '/' . _PAGE_ . '/' . html_encode($pagetitle);
break;
}
// switch
//append page number if needed
switch ($_zp_gallery_page) {
case 'index.php':
case 'album.php':
if ($_zp_page != 1) {
$altlink .= _PAGE_ . '/' . $_zp_page . '/';
}
break;
case 'gallery.php':
case 'news.php':
if ($_zp_page != 1) {
$altlink .= '/' . $_zp_page;
}
break;
}
$meta .= '<link rel="alternate" hreflang="' . $langcheck . '" href="' . $altlink . '">' . "\n";
}
// if lang
}
// foreach
}
// if count
}
// if option
}
// if canonical
if (!empty($htmlmetatags_need_cache)) {
$meta .= '<script type="text/javascript">' . "\n";
$meta .= 'var caches = ["' . implode('","', $htmlmetatags_need_cache) . '"];' . "\n";
$meta .= '
window.onload = function() {
var index,value;
for (index in caches) {
value = caches[index];
$.ajax({
cache: false,
type: "GET",
url: value
});
}
}
';
$meta .= '</script>' . "\n";
}
zp_remove_filter('image_processor_uri', 'htmlmetatags::ipURI');
echo $meta;
}
/**
* Returns a redirection link for the password form
*
* @return string
*/
function getPageRedirect()
{
global $_zp_login_error, $_zp_password_form_printed, $_zp_current_search, $_zp_gallery_page, $_zp_current_album, $_zp_current_image, $_zp_current_zenpage_news;
switch ($_zp_gallery_page) {
case 'index.php':
$action = '/index.php';
break;
case 'album.php':
$action = '/index.php?userlog=1&album=' . pathurlencode($_zp_current_album->name);
break;
case 'image.php':
$action = '/index.php?userlog=1&album=' . pathurlencode($_zp_current_album->name) . '&image=' . urlencode($_zp_current_image->filename);
break;
case 'pages.php':
$action = '/index.php?userlog=1&p=pages&title=' . urlencode(getPageTitlelink());
break;
case 'news.php':
$action = '/index.php?userlog=1&p=news';
if (!is_null($_zp_current_zenpage_news)) {
$action .= '&title=' . urlencode($_zp_current_zenpage_news->getTitlelink());
}
break;
case 'password.php':
$action = str_replace(SEO_WEBPATH, '', getRequestURI());
if ($action == '/' . _PAGE_ . '/password' || $action == '/index.php?p=password') {
$action = '/index.php';
}
break;
default:
if (in_context(ZP_SEARCH)) {
$action = '/index.php?userlog=1&p=search' . $_zp_current_search->getSearchParams();
} else {
$action = '/index.php?userlog=1&p=' . substr($_zp_gallery_page, 0, -4);
}
}
return SEO_WEBPATH . $action;
}
<?php
/**
* Form for registering users
*
* @package plugins
* @subpackage users
*/
Zenphoto_Authority::printPasswordFormJS();
$action = preg_replace('/\\?verify=(.*)/', '', getRequestURI());
?>
<div id="registration_form">
<form action="<?php
echo $action;
?>
" method="post" autocomplete="off">
<input type="hidden" name="register_user" value="yes" />
<p style="display:none;">
<label for="username"><?php
echo gettext("Username* (this will be your user username)");
?>
</label>
<input type="text" id="username" name="username" value="" size="<?php
echo TEXT_INPUT_SIZE;
?>
" />
</p>
<p>
<label for="adminuser">
<?php
if ($emailid = getOption('register_user_email_is_id')) {
static function ad_removeButton($obj, $id, $v, $add, $instance, $multi)
{
global $_myFavorites;
$table = $obj->table;
if ($v) {
$tag = '_add';
} else {
$tag = '_remove';
}
if ($instance && $multi) {
$add .= '[' . $instance . ']';
}
?>
<form name="<?php
echo $table . $obj->getID();
?>
Favorites_<?php
echo $instance . $tag;
?>
" class = "<?php
echo $table;
?>
Favorites<?php
echo $tag;
?>
" action = "<?php
echo html_encode(getRequestURI());
?>
" method = "post" accept-charset = "UTF-8">
<input type = "hidden" name = "addToFavorites" value = "<?php
echo $v;
?>
" />
<input type = "hidden" name = "type" value = "<?php
echo html_encode($table);
?>
" />
<input type = "hidden" name = "id" value = "<?php
echo html_encode($id);
?>
" />
<input type = "submit" class = "button buttons" value = "<?php
echo $add;
?>
" title = "<?php
echo $add;
?>
"/>
<?php
if ($v) {
if ($multi) {
?>
<span class="tagSuggestContainer">
<input type="text" name="instance" class="favorite_instance" value="" />
</span>
<?php
}
} else {
?>
<input type="hidden" name="instance" value="<?php
echo $_myFavorites->instance;
?>
" />
<?php
}
?>
</form>
<?php
}
/**
*
* Checks if protocol not https and redirects if https required
*/
function httpsRedirect()
{
if (defined('SERVER_PROTOCOL') && SERVER_PROTOCOL == 'https_admin') {
// force https login
if (!isset($_SERVER["HTTPS"])) {
$redirect = "https://" . $_SERVER['HTTP_HOST'] . getRequestURI();
header("Location:{$redirect}");
exitZP();
}
}
}
/**
*
* places a selector so a user may change thems
* @param string $text link text
*/
static function controlLink($textIn = NULL)
{
global $_zp_gallery, $_themeSwitcherThemelist, $_zp_gallery_page;
if (self::active()) {
$themes = array();
foreach ($_zp_gallery->getThemes() as $theme => $details) {
if ($_themeSwitcherThemelist[$theme]) {
if (getPlugin($_zp_gallery_page, $theme)) {
$themes[$details['name']] = $theme;
}
}
}
$text = $textIn;
if (empty($text)) {
$text = gettext('Theme');
}
$reloc = pathurlencode(trim(preg_replace('~themeSwitcher=.*?&~', '', getRequestURI() . '&'), '?&'));
if (strpos($reloc, '?')) {
$reloc .= '&themeSwitcher=%t';
} else {
$reloc .= '?themeSwitcher=%t';
}
$theme = $_zp_gallery->getCurrentTheme();
$icon = zp_apply_filter('iconColor', getPlugin('themeSwitcher/menu.png', true, true));
?>
<div class="themeSwitcherMenuMain themeSwitcherMenu themeSwitcherControl">
<img src="<?php
echo $icon;
?>
" onclick="$('.themeSwitcherControl').toggle();" title="<?php
echo gettext('Switch themes');
?>
" />
</div>
<div class="themeSwitcherControlLink themeSwitcherControl" style="display:none;">
<div class="themeSwitcherMenu">
<img src="<?php
echo WEBPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER;
?>
/themeSwitcher/menu.png" onclick="$('.themeSwitcherControl').toggle();" title="<?php
echo gettext('Close');
?>
" />
</div>
<?php
echo $text;
?>
<select name="themeSwitcher" id="themeSwitcher" onchange="switchTheme('<?php
echo html_encode($reloc);
?>
')" title="<?php
echo gettext("Themes will not show in this list if selecting them would result in a “not found” error.");
?>
">
<?php
generateListFromArray(array($theme), $themes, false, true);
?>
</select>
<?php
zp_apply_filter('themeSwitcher_Controllink', $theme);
?>
</div>
<?php
}
return $textIn;
}
/**
* "Rewrite" handling for zenphoto
*
* The basic rules are found in the zenphoto-rewrite.txt file. Additional rules can be provided by plugins. But
* for the plugin to load in time for the rules to be seen it must be either a CLASS_PLUGIN or a FEATURE_PLUGIN.
* Plugins add rules by inserting them into the $_zp_conf_vars['special_pages'] array. Each "rule" is an array
* of three elements: <var>define</var>, <var>rewrite</var>, and (optionally) <var>rule</rule>.
*
* Elemments which have a <var>define</var> and no <var>rule</rule> are processed by rewrite rules in the
* zenphoto-rewrite.txt file and the <var>define</var> is used internally to zenphoto to reference
* the rewrite text when building links.
*
* Elements with a <var>rule</rule> defined are processed after Search, Pages, and News rewrite rules and before
* Image and album rewrite rules. The tag %REWRITE% in the rule is replaced with the <var>rewrite</var> text
* before processing the rule. Thus <var>rewrite</var> is the token that should appear in the acutal URL.
*
* It makes no sense to have an element without either a <var>define</var> or a <var>rule</rule> as nothing will happen.
*
* At present all rules are presumed to to stop processing the rule set. Historically that is what all our rules have done, but I suppose
* we could change that. The "R" flag may be used to cause a <var>header</var> status to be sent. However, we do not redirect
* back to index.php, so the "R" flag is only useful if the target is a different script.
*
* @author Stephen Billard (sbillard)
*
* @package admin
*/
function rewriteHandler()
{
global $_zp_conf_vars, $_zp_rewritten;
$_zp_rewritten = false;
$definitions = array();
// query parameters should already be loaded into the $_GET and $_REQUEST arrays, so we discard them here
$request = explode('?', getRequestURI());
//rewrite base
$requesturi = ltrim(substr($request[0], strlen(WEBPATH)), '/');
list($definitions, $rules) = getRules();
//process the rules
foreach ($rules as $rule) {
if ($rule = trim($rule)) {
if ($rule[0] != '#') {
if (preg_match('~^rewriterule~i', $rule)) {
// it is a rewrite rule, see if it is applicable
$rule = strtr($rule, $definitions);
preg_match('~^rewriterule\\s+(.*?)\\s+(.*?)\\s*\\[(.*)\\]$~i', $rule, $matches);
if (array_key_exists(1, $matches)) {
if (preg_match('~' . $matches[1] . '~', $requesturi, $subs)) {
$params = array();
// setup the rule replacement values
foreach ($subs as $key => $sub) {
$params['$' . $key] = urlencode($sub);
// parse_str is going to decode the string!
}
// parse rewrite rule flags
$flags = array();
$banner = explode(',', strtoupper($matches[3]));
foreach ($banner as $flag) {
$flag = strtoupper(trim($flag));
$f = explode('=', $flag);
$flags[trim($f[0])] = isset($f[1]) ? trim($f[1]) : NULL;
}
if (!array_key_exists('QSA', $flags)) {
// QSA means merge the query parameters. Otherwise we clear them
$_REQUEST = array_diff($_REQUEST, $_GET);
$_GET = array();
}
preg_match('~(.*?)\\?(.*)~', $matches[2], $action);
if (empty($action)) {
$action[1] = $matches[2];
}
if (array_key_exists(2, $action)) {
// process the rules replacements
$query = strtr($action[2], $params);
parse_str($query, $gets);
$_GET = array_merge($_GET, $gets);
$_REQUEST = array_merge($_REQUEST, $gets);
}
// we will execute the index.php script in due course. But if the rule
// action takes us elsewhere we will have to re-direct to that script.
if (isset($action[1]) && $action[1] != 'index.php') {
$qs = http_build_query($_GET);
if ($qs) {
$qs = '?' . $qs;
}
if (array_key_exists('R', $flags)) {
header('Status: ' . $flags['R']);
}
header('Location: ' . WEBPATH . '/' . $action[1] . $qs);
exit;
}
$_zp_rewritten = true;
break;
}
} else {
zp_error(sprintf(gettext('Error processing rewrite rule: “%s”'), trim(preg_replace('~^rewriterule~i', '', $rule))), E_USER_WARNING);
}
} else {
if (preg_match('~define\\s+(.*?)\\s*\\=\\>\\s*(.*)$~i', $rule, $matches)) {
// store definitions
eval('$definitions[$matches[1]] = ' . $matches[2] . ';');
}
}
}
}
}
}
function print404status()
{
global $_404_data;
list($album, $image, $galleryPage, $theme, $page) = $_404_data;
if (DEBUG_404) {
$list = explode('/', $album);
if (array_shift($list) != 'cache') {
$target = getRequestURI();
if (!in_array($target, array(WEBPATH . '/favicon.ico', WEBPATH . '/zp-data/tést.jpg'))) {
$output = "404 error details\n\t\t\tSERVER:\n";
foreach (array('REQUEST_URI', 'HTTP_REFERER', 'REMOTE_ADDR', 'REDIRECT_STATUS') as $key) {
if (is_null(@$_SERVER[$key])) {
$value = 'NULL';
} else {
$value = "'{$_SERVER[$key]}'";
}
$output .= "\t\t\t\t\t{$key}\t=>\t{$value}\n";
}
$output .= "\t\t\tREQUEST:\n";
$request = $_REQUEST;
$request['theme'] = $theme;
if (!empty($image)) {
$request['image'] = $image;
}
foreach ($request as $key => $value) {
$output .= "\t\t\t\t\t{$key}\t=>\t'{$value}'\n";
}
debugLog($output);
}
}
}
echo "\n<strong>" . gettext("Error:</strong> the requested object was not found.");
if ($album) {
echo '<br />' . sprintf(gettext('Album: %s'), html_encode($album));
if ($image) {
echo '<br />' . sprintf(gettext('Image: %s'), html_encode($image));
}
} else {
echo '<br />' . sprintf(gettext('Page: %s'), html_encode(substr(basename($galleryPage), 0, -4)));
}
if ($page > 1) {
echo '/' . $page;
}
}
/**
* Parses the verification and registration if they have occurred
* places the user registration form
*
* @param string $thanks the message shown on successful registration
*/
function printRegistrationForm($thanks = NULL)
{
global $admin_e, $admin_n, $user, $_zp_authority, $_zp_captcha, $_zp_gallery, $_notify, $_link, $_message;
require_once SERVERPATH . '/' . ZENFOLDER . '/admin-functions.php';
$userobj = NULL;
// handle any postings
if (isset($_GET['verify'])) {
$currentadmins = $_zp_authority->getAdministrators();
$params = unserialize(pack("H*", trim(sanitize($_GET['verify']), '.')));
// expung the verify query string as it will cause us to come back here if login fails.
unset($_GET['verify']);
$_link = explode('?', getRequestURI());
$p = array();
if (isset($_link[1])) {
$p = explode('&', $_link[1]);
foreach ($p as $k => $v) {
if (strpos($v, 'verify=') === 0) {
unset($p[$k]);
}
}
unset($p['verify']);
}
$_SERVER['REQUEST_URI'] = $_link[0];
if (!empty($p)) {
$_SERVER['REQUEST_URI'] .= '?' . implode('&', $p);
}
$userobj = $_zp_authority->getAnAdmin(array('`user`=' => $params['user'], '`valid`=' => 1));
if ($userobj && $userobj->getEmail() == $params['email']) {
if (!$userobj->getRights()) {
$userobj->setCredentials(array('registered', 'user', 'email'));
$rights = getOption('register_user_user_rights');
$group = NULL;
if (!is_numeric($rights)) {
// a group or template
$admin = $_zp_authority->getAnAdmin(array('`user`=' => $rights, '`valid`=' => 0));
if ($admin) {
$userobj->setObjects($admin->getObjects());
if ($admin->getName() != 'template') {
$group = $rights;
}
$rights = $admin->getRights();
} else {
$rights = NO_RIGHTS;
}
}
$userobj->setRights($rights | NO_RIGHTS);
$userobj->setGroup($group);
zp_apply_filter('register_user_verified', $userobj);
if (getOption('register_user_notify')) {
$_notify = zp_mail(gettext('ZenPhoto20 Gallery registration'), sprintf(gettext('%1$s (%2$s) has registered for the zenphoto gallery providing an e-mail address of %3$s.'), $userobj->getName(), $userobj->getUser(), $userobj->getEmail()));
}
if (empty($_notify)) {
if (getOption('register_user_create_album')) {
$userobj->createPrimealbum();
}
$_notify = 'verified';
$_POST['user'] = $userobj->getUser();
}
$userobj->save();
} else {
$_notify = 'already_verified';
}
} else {
$_notify = 'not_verified';
// User ID no longer exists
}
}
if (isset($_GET['login'])) {
//presumably the user failed to login....
$_notify = 'loginfailed';
}
if (zp_loggedin()) {
if (isset($_GET['login'])) {
echo '<meta http-equiv="refresh" content="1; url=' . WEBPATH . '/">';
} else {
echo '<div class="errorbox fade-message">';
echo '<h2>' . gettext("you are already logged in.") . '</h2>';
echo '</div>';
}
return;
}
if (isset($_GET['login'])) {
//presumably the user failed to login....
$_notify = 'loginfailed';
}
if (!empty($_notify)) {
switch ($_notify) {
case 'verified':
if (is_null($thanks)) {
$thanks = gettext("Thank you for registering.");
}
?>
<div class="Messagebox fade-message">
<p><?php
echo $thanks;
?>
</p>
<p><?php
echo gettext('You may now log onto the site and verify your personal information.');
?>
</p>
</div>
<?php
case 'already_verified':
case 'loginfailed':
$_link = getRequestURI();
if (strpos($_link, '?') === false) {
$_SERVER['REQUEST_URI'] = $_link . '?login=true';
} else {
$_SERVER['REQUEST_URI'] = $_link . '&login=true';
}
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/user_login-out.php';
printPasswordForm(NULL, true, false, WEBPATH . '/' . ZENFOLDER . '/admin-users.php?page=users');
$_notify = 'success';
break;
case 'honeypot':
//pretend it was accepted
//pretend it was accepted
case 'accepted':
?>
<div class="Messagebox fade-message">
<p><?php
echo gettext('Your registration information has been accepted. An email has been sent to you to verify your email address.');
?>
</p>
</div>
<?php
if ($_notify != 'honeypot') {
$_notify = 'success';
}
// of course honeypot catches are no success!
break;
case 'exists':
?>
<div class="errorbox fade-message">
<h2><?php
echo gettext("Registration failed.");
?>
</h2>
<p><?php
printf(gettext('The user ID <em>%s</em> is already in use.'), $user);
?>
</p>
</div>
<?php
break;
case 'dup_email':
?>
<div class="errorbox fade-message">
<h2><?php
echo gettext("Registration failed.");
?>
</h2>
<p><?php
printf(gettext('A user with the e-mail <em>%s</em> already exists.'), $admin_e);
?>
</p>
</div>
<?php
break;
case 'empty':
?>
<div class="errorbox fade-message">
<h2><?php
echo gettext("Registration failed.");
?>
</h2>
<p><?php
echo gettext('Passwords may not be empty.');
?>
</p>
</div>
<?php
break;
case 'mismatch':
?>
<div class="errorbox fade-message">
<h2><?php
echo gettext("Registration failed.");
?>
</h2>
<p><?php
echo gettext('Your passwords did not match.');
?>
</p>
</div>
<?php
break;
case 'incomplete':
?>
<div class="errorbox fade-message">
<h2><?php
echo gettext("Registration failed.");
?>
</h2>
<p><?php
echo gettext('You have not filled in all the fields.');
?>
</p>
</div>
<?php
break;
case 'notverified':
?>
<div class="errorbox fade-message">
<h2><?php
echo gettext("Registration failed.");
?>
</h2>
<p><?php
echo gettext('Invalid verification link.');
?>
</p>
</div>
<?php
break;
case 'invalidemail':
?>
<div class="errorbox fade-message">
<h2><?php
echo gettext("Registration failed.");
?>
</h2>
<p><?php
echo gettext('Enter a valid email address.');
?>
</p>
</div>
<?php
break;
case 'invalidcaptcha':
?>
<div class="errorbox fade-message">
<h2><?php
echo gettext("Registration failed.");
?>
</h2>
<p><?php
echo gettext('The CAPTCHA you entered was not correct.');
?>
</p>
</div>
<?php
break;
case 'not_verified':
?>
<div class="errorbox fade-message">
<h2><?php
echo gettext("Verification failed.");
?>
</h2>
<p><?php
echo gettext('Your registration request could not be completed.');
?>
</p>
</div>
<?php
break;
case 'filter':
?>
<div class="errorbox fade-message">
<h2><?php
echo gettext("Registration failed.");
?>
</h2>
<p>
<?php
if (is_object($userobj) && !empty($userobj->msg)) {
echo $userobj->msg;
} else {
echo gettext('Your registration attempt failed a <code>register_user_registered</code> filter check.');
}
?>
</p>
</div>
<?php
break;
default:
?>
<div class="errorbox fade-message">
<h2><?php
echo gettext("Registration failed.");
?>
</h2>
<p><?php
echo $_notify;
?>
</p>
</div>
<?php
break;
}
}
if ($_notify != 'success') {
$form = getPlugin('register_user/register_user_form.php', true);
require_once $form;
}
}
/**
* Checks to see if the current URL is a query string url when mod_rewrite is active.
* If so it will redirects to the rewritten URL with a 301 Moved Permanently.
*/
function fix_path_redirect()
{
if (MOD_REWRITE) {
$request_uri = getRequestURI(false);
$parts = parse_url($request_uri);
$redirectURL = NULL;
if (isset($parts['path'])) {
// don't know how this can happen, but if it does, don't redirect
if (isset($parts['query'])) {
parse_str($parts['query'], $query);
$redirectURL = zpRewriteURL($query);
} else {
$query = array();
}
if (isset($_GET['album'])) {
if (isset($_GET['image'])) {
//image URLs should not end in a slash
if (substr($parts['path'], -1, 1) == '/') {
$redirectURL = zpRewriteURL($_GET);
}
} else {
//album URLs should end in a slash for consistency
if (substr($parts['path'], -1, 1) != '/') {
$redirectURL = zpRewriteURL($_GET);
}
}
}
if (isset($_GET['p'])) {
switch ($_GET['p']) {
case 'news':
if (isset($_GET['title'])) {
//article URLs should not end in slash
if (substr($parts['path'], -1, 1) == '/') {
$redirectURL = zpRewriteURL($_GET);
}
} else {
//should be news/
if (substr($parts['path'], -1, 1) != '/') {
$redirectURL = zpRewriteURL($_GET);
}
}
break;
case 'search':
if (isset($_GET['date'])) {
if (substr($parts['path'], -1, 1) != '/') {
$redirectURL = zpRewriteURL($_GET);
}
}
break;
}
}
//page numbers do not have trailing slash
if (isset($_GET['page'])) {
if (substr($parts['path'], -1, 1) == '/') {
$redirectURL = zpRewriteURL($_GET);
}
}
if ($redirectURL) {
$parts2 = parse_url($redirectURL);
if (isset($parts2['query'])) {
parse_str($parts2['query'], $query2);
} else {
$query2 = array();
}
if ($query != $query2 || preg_replace('~^' . WEBPATH . '/~', '', $parts['path']) != preg_replace('~^' . WEBPATH . '/~', '', html_encode($parts['path']))) {
header("HTTP/1.0 301 Moved Permanently");
header("Status: 301 Moved Permanently");
header('Location: ' . FULLWEBPATH . '/' . preg_replace('~^' . WEBPATH . '/~', '', $redirectURL));
exitZP();
}
}
}
}
}
/**
*
* Prints a download link for an album zip of the current album (therefore to be used only on album.php/image.php).
* This function only creates a download count and then redirects to the original Zenphoto album zip download.
*
* @param string $linktext
* @param object $albumobj
* @param bool $fromcache if true get the images from the cache
*/
function printDownloadAlbumZipURL($linktext = NULL, $albumobj = NULL, $fromcache = NULL)
{
global $_zp_current_album;
$request = parse_url(getRequestURI());
if (isset($request['query'])) {
$query = parse_query($request['query']);
} else {
$query = array();
}
if (is_null($albumobj)) {
$albumobj = $_zp_current_album;
}
if (!is_null($albumobj) && !$albumobj->isDynamic()) {
$file = $albumobj->name . '.zip';
DownloadList::addListItem($file);
if (getOption('downloadList_showdownloadcounter')) {
$downloaditem = DownloadList::getListItemFromDB($file);
if ($downloaditem) {
$downloadcount = ' - ' . sprintf(ngettext('%u download', '%u downloads', $downloaditem['data']), $downloaditem['data']);
} else {
$downloadcount = ' - ' . gettext('0 downloads');
}
$filesize = '<small>' . $downloadcount . '</small>';
} else {
$filesize = '';
}
if (!empty($linktext)) {
$file = $linktext;
}
$query['download'] = $albumobj->name;
$query['albumzip'] = 'true';
if ($fromcache) {
$query['fromcache'] = 'true';
}
$link = FULLWEBPATH . '/' . preg_replace('~^' . WEBPATH . '/~', '', $request['path']) . '?' . http_build_query($query);
echo '<a href="' . html_encode($link) . '" rel="nofollow" class="downloadlist_link">' . html_encode($file) . '</a>' . $filesize;
}
}
/**
* Checks to see if the current URL is a query string url when mod_rewrite is active.
* If so it will redirects to the rewritten URL with a 301 Moved Permanently.
*/
function fix_path_redirect()
{
if (MOD_REWRITE) {
$request_uri = getRequestURI();
$parts = parse_url($request_uri);
if (isset($parts['query'])) {
parse_str($parts['query'], $query);
$redirectURL = zpRewriteURL($query);
if ($redirectURL) {
header("HTTP/1.0 301 Moved Permanently");
header("Status: 301 Moved Permanently");
header('Location: ' . FULLWEBPATH . '/' . $redirectURL);
exitZP();
}
}
}
}
/**
* Logs blocked accesses to Managed albums
* @param bool $allow set to true to override the block
* @param string $page the "return" link
*/
static function adminAlbumGate($allow, $page)
{
list($user, $name) = security_logger::populate_user();
switch (getOption('logger_log_type')) {
case 'all':
break;
case 'all_user':
if (!$user) {
return $allow;
}
break;
}
if (!$allow) {
security_logger::Logger(2, $user, $name, 'blocked_album', '', getRequestURI());
}
return $allow;
}
/**
* Prints html meta data to be used in the <head> section of a page
*
*/
static function getHTMLMetaData()
{
global $_zp_gallery, $_zp_page, $_zp_current_album, $_zp_current_image, $_zp_current_search, $_zp_current_article, $_zp_current_page, $_zp_gallery_page, $_zp_current_category, $_zp_authority, $_zp_conf_vars, $_myFavorites;
$host = sanitize("http://" . $_SERVER['HTTP_HOST']);
$url = $host . getRequestURI();
// Convert locale shorttag to allowed html meta format
$locale_ = getUserLocale();
$locale = zpFunctions::getLanguageText($locale_, '-');
$canonicalurl = '';
// generate page title, get date
$pagetitle = "";
// for gallery index setup below switch
$date = strftime(DATE_FORMAT);
// if we don't have a item date use current date
$desc = getBareGalleryDesc();
$thumb = '';
if (getOption('htmlmeta_sitelogo')) {
$thumb = getOption('htmlmeta_sitelogo');
}
if (getOption('htmlmeta_og-image') || getOption('htmlmeta_twittercard')) {
$ogimage_width = getOption('htmlmeta_ogimage_width');
$ogimage_height = getOption('htmlmeta_ogimage_height');
if (empty($ogimage_width)) {
$ogimage_width = 1280;
}
if (empty($ogimage_height)) {
$ogimage_height = 900;
}
$twittercard_type = 'summary';
}
$type = 'article';
switch ($_zp_gallery_page) {
case 'index.php':
$desc = getBareGalleryDesc();
$canonicalurl = $host . $_zp_gallery->getLink($_zp_page);
$type = 'website';
break;
case 'album.php':
case 'favorites.php':
$pagetitle = getBareAlbumTitle() . " - ";
$date = getAlbumDate();
$desc = getBareAlbumDesc();
$canonicalurl = $host . $_zp_current_album->getLink($_zp_page);
if (getOption('htmlmeta_og-image') || getOption('htmlmeta_twittercard')) {
$thumbimg = $_zp_current_album->getAlbumThumbImage();
getMaxSpaceContainer($ogimage_width, $ogimage_height, $thumbimg, false);
$thumb = $host . html_encode(pathurlencode($thumbimg->getCustomImage(NULL, $ogimage_width, $ogimage_height, NULL, NULL, NULL, NULL, false, NULL)));
$twittercard_type = 'summary_large_image';
}
break;
case 'image.php':
$pagetitle = getBareImageTitle() . " (" . getBareAlbumTitle() . ") - ";
$date = getImageDate();
$desc = getBareImageDesc();
$canonicalurl = $host . $_zp_current_image->getLink();
if (getOption('htmlmeta_og-image') || getOption('htmlmeta_twittercard')) {
$thumb = $host . html_encode(pathurlencode(getCustomSizedImageMaxSpace($ogimage_width, $ogimage_height)));
$twittercard_type = 'summary_large_image';
}
break;
case 'news.php':
if (function_exists("is_NewsArticle")) {
if (is_NewsArticle()) {
$pagetitle = getBareNewsTitle() . " - ";
$date = getNewsDate();
$desc = trim(getBare(getNewsContent()));
$canonicalurl = $host . $_zp_current_article->getLink();
} else {
if (is_NewsCategory()) {
$pagetitle = $_zp_current_category->getTitlelink() . " - ";
$date = strftime(DATE_FORMAT);
$desc = trim(getBare($_zp_current_category->getDesc()));
$canonicalurl = $host . $_zp_current_category->getLink($_zp_page);
$type = 'category';
} else {
$pagetitle = gettext('News') . " - ";
$desc = '';
$canonicalurl = $host . getNewsPathNav($_zp_page);
$type = 'website';
}
}
}
break;
case 'pages.php':
$pagetitle = getBarePageTitle() . " - ";
$date = getPageDate();
$desc = trim(getBare(getPageContent()));
$canonicalurl = $host . $_zp_current_page->getLink();
break;
default:
// for all other possible static custom pages
$custompage = stripSuffix($_zp_gallery_page);
$standard = array('contact' => gettext('Contact'), 'register' => gettext('Register'), 'search' => gettext('Search'), 'archive' => gettext('Archive view'), 'password' => gettext('Password required'));
if (is_object($_myFavorites)) {
$standard['favorites'] = gettext('My favorites');
}
if (array_key_exists($custompage, $standard)) {
$pagetitle = $standard[$custompage] . " - ";
} else {
$pagetitle = $custompage . " - ";
}
$desc = '';
$canonicalurl = $host . getCustomPageURL($custompage);
break;
}
// shorten desc to the allowed 200 characters if necesssary.
$desc = html_encode(trim(substr(getBare($desc), 0, 160)));
$pagetitle = $pagetitle . getBareGalleryTitle();
// get master admin
$admin = $_zp_authority->getMasterUser();
$author = $admin->getName();
$meta = '';
if (getOption('htmlmeta_http-equiv-cache-control')) {
$meta .= '<meta http-equiv="Cache-control" content="' . getOption("htmlmeta_cache_control") . '">' . "\n";
}
if (getOption('htmlmeta_http-equiv-pragma')) {
$meta .= '<meta http-equiv="pragma" content="' . getOption("htmlmeta_pragma") . '">' . "\n";
}
if (getOption('htmlmeta_name-keywords')) {
$meta .= '<meta name="keywords" content="' . htmlmetatags::getMetaKeywords() . '">' . "\n";
}
if (getOption('htmlmeta_name-description')) {
$meta .= '<meta name="description" content="' . $desc . '">' . "\n";
}
if (getOption('htmlmeta_name-page-topic')) {
$meta .= '<meta name="page-topic" content="' . $desc . '">' . "\n";
}
if (getOption('htmlmeta_name-robots')) {
$meta .= '<meta name="robots" content="' . getOption("htmlmeta_robots") . '">' . "\n";
}
if (getOption('htmlmeta_name-publisher')) {
$meta .= '<meta name="publisher" content="' . FULLWEBPATH . '">' . "\n";
}
if (getOption('htmlmeta_name-creator')) {
$meta .= '<meta name="creator" content="' . FULLWEBPATH . '">' . "\n";
}
if (getOption('htmlmeta_name-author')) {
$meta .= '<meta name="author" content="' . $author . '">' . "\n";
}
if (getOption('htmlmeta_name-copyright')) {
$meta .= '<meta name="copyright" content=" (c) ' . FULLWEBPATH . ' - ' . $author . '">' . "\n";
}
if (getOption('htmlmeta_name-rights')) {
$meta .= '<meta name="rights" content="' . $author . '">' . "\n";
}
if (getOption('htmlmeta_name-generator')) {
$meta .= '<meta name="generator" content="ZenPhoto20 ' . ZENPHOTO_VERSION . '">' . "\n";
}
if (getOption('htmlmeta_name-revisit-after')) {
$meta .= '<meta name="revisit-after" content="' . getOption("htmlmeta_revisit_after") . ' days">' . "\n";
}
if (getOption('htmlmeta_name-expires')) {
$expires = getOption("htmlmeta_expires");
if ($expires == (int) $expires) {
$expires = preg_replace('|\\s\\-\\d+|', '', date('r', time() + $expires)) . ' GMT';
}
$meta .= '<meta name="expires" content="' . $expires . '">' . "\n";
}
// OpenGraph meta
if (getOption('htmlmeta_opengraph')) {
$meta .= '<meta property="og:title" content="' . $pagetitle . '">' . "\n";
if (!empty($thumb)) {
$meta .= '<meta property="og:image" content="' . $thumb . '">' . "\n";
}
$meta .= '<meta property="og:description" content="' . $desc . '">' . "\n";
$meta .= '<meta property="og:url" content="' . html_encode($url) . '">' . "\n";
$meta .= '<meta property="og:type" content="' . $type . '">' . "\n";
}
// Social network extras
if (getOption('htmlmeta_name-pinterest')) {
$meta .= '<meta name="pinterest" content="nopin">' . "\n";
}
// dissalow users to pin images on Pinterest
// Twitter card
$twittername = getOption('htmlmeta_twittername');
if (getOption('htmlmeta_twittercard') || !empty($twittername)) {
$meta .= '<meta name="twitter:creator" content="' . $twittername . '">' . "\n";
$meta .= '<meta name="twitter:site" content="' . $twittername . '">' . "\n";
$meta .= '<meta name="twitter:card" content="' . $twittercard_type . '">' . "\n";
$meta .= '<meta name="twitter:title" content="' . $pagetitle . '">' . "\n";
$meta .= '<meta name="twitter:description" content="' . $desc . '">' . "\n";
if (!empty($thumb)) {
$meta .= '<meta name="twitter:image" content="' . $thumb . '">' . "\n";
}
}
// Canonical url
if (getOption('htmlmeta_canonical-url')) {
$meta .= '<link rel="canonical" href="' . $canonicalurl . '">' . "\n";
if (METATAG_LOCALE_TYPE) {
$langs = generateLanguageList();
if (count($langs) != 1) {
if (METATAG_LOCALE_TYPE == 1) {
$locallink = seo_locale::localePath(false, $locale_);
} else {
$locallink = '';
}
foreach ($langs as $text => $lang) {
$langcheck = zpFunctions::getLanguageText($lang, '-');
// for hreflang we need en-US
if ($langcheck != $locale) {
if (METATAG_LOCALE_TYPE == 1) {
$altlink = seo_locale::localePath(true, $lang);
} else {
$altlink = dynamic_locale::fullHostPath($lang);
}
switch ($_zp_gallery_page) {
case 'index.php':
$altlink .= str_replace($locallink, '', $_zp_gallery->getLink($_zp_page));
break;
case 'album.php':
case 'favorites.php':
$altlink .= str_replace($locallink, '', $_zp_current_album->getLink($_zp_page));
break;
case 'image.php':
$altlink .= str_replace($locallink, '', $_zp_current_image->getLink());
break;
case 'news.php':
if (function_exists("is_NewsArticle")) {
if (is_NewsArticle()) {
$altlink .= str_replace($locallink, '', $_zp_current_article->getLink());
} else {
if (is_NewsCategory()) {
$altlink .= str_replace($locallink, '', $_zp_current_category->getLink($_zp_page));
} else {
$altlink .= getNewsPathNav($_zp_page);
}
}
}
break;
case 'pages.php':
$altlink .= str_replace($locallink, '', $_zp_current_page->getLink());
break;
case 'archive.php':
$altlink .= getCustomPageURL('archive');
break;
case 'search.php':
$searchwords = $_zp_current_search->codifySearchString();
$searchdate = $_zp_current_search->getSearchDate();
$searchfields = $_zp_current_search->getSearchFields(true);
$searchpagepath = getSearchURL($searchwords, $searchdate, $searchfields, $_zp_page, array('albums' => $_zp_current_search->getAlbumList()));
$altlink .= $searchpagepath;
break;
case 'contact.php':
$altlink .= getCustomPageURL('contact');
break;
default:
// for all other possible none standard custom pages
$altlink .= getCustomPageURL($pagetitle);
break;
}
// switch
$meta .= '<link rel="alternate" hreflang="' . $langcheck . '" href="' . html_encode($altlink) . '">' . "\n";
}
// if lang
}
// foreach
}
// if count
}
// if option
}
// if canonical
echo $meta;
}
if (defined('VIEW_ALL_RIGHTS')) {
define('ALL_ALBUMS_RIGHTS', VIEW_ALL_RIGHTS);
define('ALL_PAGES_RIGHTS', VIEW_ALL_RIGHTS);
define('ALL_NEWS_RIGHTS', VIEW_ALL_RIGHTS);
define('VIEW_SEARCH_RIGHTS', NO_RIGHTS);
define('VIEW_GALLERY_RIGHTS', NO_RIGHTS);
define('VIEW_FULLIMAGE_RIGHTS', NO_RIGHTS);
} else {
define('VIEW_ALL_RIGHTS', ALL_ALBUMS_RIGHTS | ALL_PAGES_RIGHTS | ALL_NEWS_RIGHTS);
}
// If the auth variable gets set somehow before this, get rid of it.
$_zp_loggedin = false;
// we have the ssl marker cookie, normally we are already logged in
// but we need to redirect to ssl to retrive the auth cookie (set as secure).
if (zp_getCookie('zenphoto_ssl') && !secureServer()) {
$redirect = "https://" . $_SERVER['HTTP_HOST'] . getRequestURI();
header("Location:{$redirect}");
exitZP();
}
if (isset($_POST['login'])) {
// Handle the login form.
if (secureServer()) {
// https: set the 'zenphoto_ssl' marker for redirection
zp_setCookie("zenphoto_ssl", "needed");
}
$_zp_loggedin = $_zp_authority->handleLogon();
if ($_zp_loggedin) {
if (isset($_POST['redirect'])) {
$redirect = sanitizeRedirect($_POST['redirect']);
if (!empty($redirect)) {
header("Location: " . $redirect);
/**
* Prints the mail contact form, handles checks and the mail sending. It uses Zenphoto's check for valid e-mail address and website URL and also supports CAPTCHA.
* The contact form itself is a separate file and is located within the /contact_form/form.php so that it can be style as needed.
*
* @param string $subject_override set to override the subject.
*/
function printContactForm($subject_override = '')
{
global $_zp_UTF8, $_zp_captcha, $_processing_post, $_zp_current_admin_obj;
$error = array();
if (isset($_POST['sendmail'])) {
$mailcontent = array();
$mailcontent['title'] = getField('title');
$mailcontent['name'] = getField('name');
$mailcontent['honeypot'] = getField('username');
$mailcontent['company'] = getField('company');
$mailcontent['street'] = getField('street');
$mailcontent['city'] = getField('city');
$mailcontent['state'] = getField('state');
$mailcontent['postal'] = getField('postal');
$mailcontent['country'] = getField('country');
$mailcontent['email'] = getField('email');
$mailcontent['website'] = getField('website');
$mailcontent['phone'] = getField('phone');
$mailcontent['subject'] = getField('subject');
$mailcontent['message'] = getField('message', 1);
// if you want other required fields or less add/modify their checks here
if (getOption('contactform_title') == "required" && empty($mailcontent['title'])) {
$error[1] = gettext("a title");
}
if (getOption('contactform_name') == "required" && empty($mailcontent['name'])) {
$error[2] = gettext("a name");
}
if (getOption('contactform_company') == "required" && empty($mailcontent['company'])) {
$error[3] = gettext("a company");
}
if (getOption('contactform_street') == "required" && empty($mailcontent['street'])) {
$error[4] = gettext("a street");
}
if (getOption('contactform_city') == "required" && empty($mailcontent['city'])) {
$error[5] = gettext("a city");
}
if (getOption('contactform_state') == "required" && empty($mailcontent['state'])) {
$error[5] = gettext("a state");
}
if (getOption('contactform_postal') == "required" && empty($mailcontent['postal'])) {
$error[5] = gettext("a postal code");
}
if (getOption('contactform_country') == "required" && empty($mailcontent['country'])) {
$error[6] = gettext("a country");
}
if (getOption('contactform_email') == "required" && (empty($mailcontent['email']) || !is_valid_email_zp($mailcontent['email']))) {
$error[7] = gettext("a valid email address");
}
if (getOption('contactform_website') == "required" && empty($mailcontent['website'])) {
$error[8] = gettext('a website');
} else {
if (!empty($mailcontent['website'])) {
if (substr($mailcontent['website'], 0, 7) != "http: //") {
$mailcontent['website'] = "http://" . $mailcontent['website'];
}
}
}
if (getOption("contactform_phone") == "required" && empty($mailcontent['phone'])) {
$error[9] = gettext("a phone number");
}
if (empty($mailcontent['subject'])) {
$error[10] = gettext("a subject");
}
if (empty($mailcontent['message'])) {
$error[11] = gettext("a message");
}
// CAPTCHA start
if (getOption("contactform_captcha")) {
$code_ok = trim(sanitize(isset($_POST['code_h']) ? $_POST['code_h'] : NULL));
$code = trim(sanitize(isset($_POST['code']) ? $_POST['code'] : NULL));
if (!$_zp_captcha->checkCaptcha($code, $code_ok)) {
$error[5] = gettext("the correct CAPTCHA verification code");
}
// no ticket
}
// CAPTCHA end
// If required fields are empty or not valide print note
if (count($error) != 0) {
?>
<div class="errorbox">
<h2>
<?php
$err = $error;
switch (count($err)) {
case 1:
printf(gettext('Please enter %s. Thanks.'), array_shift($err));
break;
case 2:
printf(gettext('Please enter %1$s and %2$s. Thanks.'), array_shift($err), array_shift($err));
break;
default:
$list = '<ul class="errorlist">';
foreach ($err as $item) {
$list .= '<li>' . $item . '</li>';
}
$list .= '</ul>';
printf(gettext('Please enter: %sThanks.'), $list);
break;
}
?>
</h2>
</div>
<?php
} else {
$mailaddress = $mailcontent['email'];
$name = $mailcontent['name'];
$subject = $mailcontent['subject'] . " (" . getBareGalleryTitle() . ")";
$message = '';
if (!empty($mailcontent['title'])) {
$message .= $mailcontent['title'] . "\n";
}
if (!empty($mailcontent['name'])) {
$message .= $mailcontent['name'] . "\n";
}
if (!empty($mailcontent['email'])) {
$message .= $mailcontent['email'] . "\n";
}
if (!empty($mailcontent['company'])) {
$message .= $mailcontent['company'] . "\n";
}
if (!empty($mailcontent['street'])) {
$message .= $mailcontent['street'] . "\n";
}
if (!empty($mailcontent['city'])) {
$message .= $mailcontent['city'] . "\n";
}
if (!empty($mailcontent['state'])) {
$message .= $mailcontent['state'] . "\n";
}
if (!empty($mailcontent['postal'])) {
$message .= $mailcontent['postal'] . "\n";
}
if (!empty($mailcontent['country'])) {
$message .= $mailcontent['country'] . "\n";
}
if (!empty($mailcontent['phone'])) {
$message .= $mailcontent['phone'] . "\n";
}
if (!empty($mailcontent['website'])) {
$message .= $mailcontent['website'] . "\n";
}
$message .= "\n\n" . $mailcontent['message'];
$message .= "\n\n";
if (getOption('contactform_confirm')) {
echo get_language_string(getOption("contactform_confirmtext"));
if (getOption('contactform_sendcopy')) {
echo get_language_string(getOption("contactform_sendcopy_text"));
}
?>
<div>
<?php
$_processing_post = true;
include getPlugin('contact_form/form.php', true);
?>
<form id="confirm" action="<?php
echo html_encode(getRequestURI());
?>
" method="post" accept-charset="UTF-8" style="float: left">
<input type="hidden" id="confirm" name="confirm" value="confirm" />
<input type="hidden" id="name" name="name" value="<?php
echo html_encode($name);
?>
" />
<input type="hidden" id="subject" name="subject" value="<?php
echo html_encode($subject);
?>
" />
<input type="hidden" id="message" name="message" value="<?php
echo html_encode($message);
?>
" />
<input type="hidden" id="mailaddress" name="mailaddress" value="<?php
echo html_encode($mailaddress);
?>
" />
<input type="text" id="username" name="username" value="<?php
echo html_encode($mailcontent['honeypot']);
?>
" style="display: none" />
<input type="submit" value="<?php
echo gettext("Confirm");
?>
" />
</form>
<form id="discard" action="<?php
echo html_encode(getRequestURI());
?>
" method="post" accept-charset="UTF-8">
<input type="hidden" id="discard" name="discard" value="discard" />
<input type="submit" value="<?php
echo gettext("Discard");
?>
" />
</form>
</div>
<?php
return;
} else {
// simulate confirmation action
$_POST['confirm'] = true;
$_POST['subject'] = $subject;
$_POST['message'] = $message;
$_POST['mailaddress'] = $mailaddress;
$_POST['name'] = $name;
}
}
}
if (isset($_POST['confirm'])) {
$subject = sanitize($_POST['subject']);
$message = sanitize($_POST['message'], 1);
$mailaddress = sanitize($_POST['mailaddress']);
$honeypot = sanitize($_POST['username']);
$name = sanitize($_POST['name']);
$mailinglist = explode(';', getOption("contactform_mailaddress"));
if (getOption('contactform_sendcopy')) {
$sendcopy = array($name => $mailaddress);
} else {
$sendcopy = NULL;
}
// If honeypot was triggered, silently don't send the message
$err_msg = false;
if (empty($honeypot)) {
$err_msg = zp_mail($subject, $message, $mailinglist, $sendcopy, NULL, array($name => $mailaddress));
}
if ($err_msg) {
$msgs = explode('.', $err_msg);
unset($msgs[0]);
// the "mail send failed" text
unset($msgs[count($msgs)]);
// a trailing empty one
?>
<div class="errorbox">
<strong><?php
echo ngettext('Error sending mail:', 'Errors sending mail:', count($msgs));
?>
</strong>
<ul class="errorlist">
<?php
foreach ($msgs as $line) {
echo '<li>' . trim($line) . '</li>';
}
?>
</ul>
</div>
<?php
} else {
echo get_language_string(getOption("contactform_thankstext"));
}
echo '<p><a href="?again">' . get_language_string(getOption('contactform_newmessagelink')) . '</a></p>';
} else {
if (count($error) <= 0) {
if (zp_loggedin()) {
$mailcontent = array('title' => '', 'name' => $_zp_current_admin_obj->getName(), 'company' => '', 'street' => '', 'city' => '', 'state' => '', 'country' => '', 'postal' => '', 'email' => $_zp_current_admin_obj->getEmail(), 'website' => '', 'phone' => '', 'subject' => $subject_override, 'message' => '', 'honeypot' => '');
if (extensionEnabled('comment_form')) {
$address = getSerializedArray($_zp_current_admin_obj->getCustomData());
foreach ($address as $key => $field) {
$mailcontent[$key] = $field;
}
}
} else {
$mailcontent = array('title' => '', 'name' => '', 'company' => '', 'street' => '', 'city' => '', 'st ate' => '', 'country' => '', 'email' => '', 'postal' => '', 'website' => '', 'phone' => '', 'subject' => $subject_override, 'message' => '', 'honeypot' => '');
}
}
echo get_language_string(getOption("contactform_introtext"));
if (getOption('contactform_sendcopy')) {
echo get_language_string(getOption("contactform_sendcopy_text"));
}
$_processing_post = false;
include getPlugin('contact_form/form.php', true);
}
}
/**
* produce debugging information on 404 errors
* @param string $album
* @param string $image
* @param string $theme
*/
function debug404($album, $image, $theme)
{
if (DEBUG_404) {
$list = explode('/', $album);
if (array_shift($list) == 'cache') {
return;
}
$ignore = array('/favicon.ico', '/zp-data/tést.jpg');
$target = getRequestURI();
foreach ($ignore as $uri) {
if ($target == $uri) {
return;
}
}
$server = array();
foreach (array('REQUEST_URI', 'HTTP_REFERER', 'REMOTE_ADDR', 'REDIRECT_STATUS') as $key) {
$server[$key] = @$_SERVER[$key];
}
$request = $_REQUEST;
$request['theme'] = $theme;
if (!empty($image)) {
$request['image'] = $image;
}
trigger_error(sprintf(gettext('Zenphoto processed a 404 error on %s. See the debug log for details.'), $target), E_USER_NOTICE);
ob_start();
var_dump($server);
$server = preg_replace('~array\\s*\\(.*\\)\\s*~', '', html_decode(getBare(ob_get_contents())));
ob_end_clean();
ob_start();
var_dump($request);
$request['theme'] = $theme;
if (!empty($image)) {
$request['image'] = $image;
}
$request = preg_replace('~array\\s*\\(.*\\)\\s*~', '', html_decode(getBare(ob_get_contents())));
ob_end_clean();
debugLog("404 error details\n" . $server . $request);
}
}
/**
* Prints a list of all pages.
*
* @param string $prevtext Insert here the linktext like 'previous page'
* @param string $menuset current menu set
* @param string $menuset current menu set
* @param string $class the css class to use, "pagelist" by default
* @param string $nextprev set to true to get the 'next' and 'prev' links printed
* @param string $id the css id to use
* @param bool $firstlast Add links to the first and last pages of you gallery
* @param int $navlen Number of navigation links to show (0 for all pages). Works best if the number is odd.
*/
function printMenuemanagerPageListWithNav($prevtext, $nexttext, $menuset = 'default', $class = 'pagelist', $nextprev = true, $id = NULL, $firstlast = true, $navlen = 9)
{
$currentitem = getMenuFromLink(html_encode(urldecode(getRequestURI())), $menuset);
if (is_null($currentitem)) {
return;
}
// we are not in menuset
$orders = explode('-', $currentitem['sort_order']);
array_pop($orders);
$lookfor = implode('-', $orders) . '-';
$sql = 'SELECT `sort_order` FROM ' . prefix('menu') . ' WHERE `sort_order` LIKE "' . $lookfor . '%" ORDER BY `sort_order` ASC';
$result = query_full_array($sql, false, 'sort_order');
if (is_array($result)) {
$l = strlen($lookfor) + 3;
foreach ($result as $key => $item) {
// discard next level items
if (strlen($key) > $l) {
unset($result[$key]);
}
}
$itemlist = array_keys($result);
$total = count($itemlist);
$current = array_search($currentitem['sort_order'], $itemlist) + 1;
if ($total < 2) {
$class .= ' disabled_nav';
}
if ($navlen == 0) {
$navlen = $total;
}
$extralinks = 2;
if ($firstlast) {
$extralinks = $extralinks + 2;
}
$len = floor(($navlen - $extralinks) / 2);
$j = max(round($extralinks / 2), min($current - $len - (2 - round($extralinks / 2)), $total - $navlen + $extralinks - 1));
$ilim = min($total, max($navlen - round($extralinks / 2), $current + floor($len)));
$k1 = round(($j - 2) / 2) + 1;
$k2 = $total - round(($total - $ilim) / 2);
$items = getMenuItems($menuset, getMenuVisibility());
echo "<div" . ($id ? " id=\"{$id}\"" : "") . " class=\"{$class}\">\n";
echo "<ul class=\"{$class}\">\n";
if ($nextprev) {
echo "<li class=\"prev\">";
printMenumanagerPrevLink($prevtext, $menuset, $prevtext, gettext("Previous Page"));
echo "</li>\n";
}
if ($firstlast) {
echo '<li class="' . ($current == 1 ? 'current' : 'first') . '">';
$itemarray = getItemTitleAndURL($items[$itemlist[0]]);
printLinkHTML($itemarray['url'], 1, gettext("Page 1"));
echo "</li>\n";
if ($j > 2) {
echo "<li>";
$itemarray = getItemTitleAndURL($items[$itemlist[$k1 - 1]]);
printLinkHTML($itemarray['url'], $j - 1 > 2 ? '...' : $k1, sprintf(ngettext('Page %u', 'Page %u', $k1), $k1));
echo "</li>\n";
}
}
for ($i = $j; $i <= $ilim; $i++) {
echo "<li" . ($i == $current ? " class=\"current\"" : "") . ">";
$itemarray = getItemTitleAndURL($items[$itemlist[$i - 1]]);
if ($i == $current) {
$title = sprintf(ngettext('Page %1$u (Current Page)', 'Page %1$u (Current Page)', $i), $i);
} else {
$title = sprintf(ngettext('Page %1$u', 'Page %1$u', $i), $i);
}
printLinkHTML($itemarray['url'], $i, $title);
echo "</li>\n";
}
if ($i < $total) {
echo "<li>";
$itemarray = getItemTitleAndURL($items[$itemlist[$k2 - 1]]);
printLinkHTML($itemarray['url'], $total - $i > 1 ? '...' : $k2, sprintf(ngettext('Page %u', 'Page %u', $k2), $k2));
echo "</li>\n";
}
if ($firstlast && $i <= $total) {
echo "\n <li class=\"last\">";
$itemarray = getItemTitleAndURL($items[$itemlist[$total - 1]]);
printLinkHTML($itemarray['url'], $total, sprintf(ngettext('Page {%u}', 'Page {%u}', $total), $total));
echo "</li>";
}
if ($nextprev) {
echo "<li class=\"next\">";
printMenumanagerNextLink($nexttext, gettext("Next Page"));
echo "</li>\n";
}
echo "</ul>\n";
echo "</div>\n";
}
}
<?php
/**
* Form for contact_form plugin
*
* @package plugins
*/
?>
<form id="mailform" action="<?php
echo html_encode(getRequestURI());
?>
" method="post" accept-charset="UTF-8">
<input type="hidden" id="sendmail" name="sendmail" value="sendmail" />
<?php
$star = '<strong>*</strong>';
if (showOrNotShowField(getOption('contactform_title'))) {
?>
<p>
<label for="title"><?php
printf(gettext("Title%s"), checkRequiredField(getOption('contactform_title')));
?>
</label>
<input type="text" id="title" name="title" size="50" value="<?php
echo html_encode($mailcontent['title']);
?>
"<?php
if ($_processing_post) {
echo ' disabled="disabled"';
}
?>
/>
<?php
/* zpBase simple social sharing include
* This file is included on a page to show social sharing links, if set in options
* http://www.oswebcreations.com
================================================== */
$host = sanitize("http://" . $_SERVER['HTTP_HOST']);
$url = $host . getRequestURI();
$fb_url = 'http://www.facebook.com/sharer.php?u=' . $url;
$tw_url = 'http://twitter.com/home?status=' . $url;
$g_url = 'https://plus.google.com/share?url=' . $url;
?>
<span id="social-share">
<?php
echo gettext('Share: ');
?>
<a target="_blank" class="share fb" href="<?php
echo $fb_url;
?>
" title="<?php
echo gettext('Share on Facebook');
?>
">Facebook</a>
, <a target="_blank" class="share tw" href="<?php
echo $tw_url;
?>
" title="<?php
echo gettext('Share on Twitter');
?>
">Twitter</a>
function errorLogin($errormsg = null, $errorurl = null, $EOS = null)
{
if ($errormsg == null) {
global $lang;
$errormsg = array($lang->phrase('not_allowed'));
} elseif (!is_array($errormsg)) {
$errormsg = array($errormsg);
}
if ($errorurl == null) {
$errorurl = htmlspecialchars(getRequestURI());
}
general_message('not_allowed', 'errorlogin', $errormsg, $errorurl, $EOS);
}
/**
* Prints the RSS feed xml
*
*/
public function printFeed()
{
global $_zp_gallery;
$feeditems = $this->getitems();
//NOTE: feeditems are complete HTML so necessarily must have been properly endoded by the server function!
if (is_array($feeditems)) {
header('Content-Type: application/xml');
$this->hitcounter();
$this->startCache();
echo '<?xml-stylesheet type="text/css" href="' . WEBPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/rss/rss.css" ?>' . "\n";
?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:media="http://search.yahoo.com/mrss/">
<channel>
<title><?php
echo $this->channel_title;
?>
</title>
<link><?php
echo PROTOCOL . '://' . $this->host . WEBPATH;
?>
</link>
<atom:link href="<?php
echo PROTOCOL;
?>
://<?php
echo $this->host;
echo html_encode(getRequestURI());
?>
" rel="self" type="application/rss+xml" />
<description><?php
echo getBare($_zp_gallery->getDesc($this->locale));
?>
</description>
<language><?php
echo $this->locale_xml;
?>
</language>
<pubDate><?php
echo date("r", time());
?>
</pubDate>
<lastBuildDate><?php
echo date("r", time());
?>
</lastBuildDate>
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
<generator>Zenphoto RSS Generator</generator>
<?php
foreach ($feeditems as $feeditem) {
switch ($this->feedtype) {
case 'gallery':
$item = $this->getItemGallery($feeditem);
break;
case 'news':
$item = $this->getItemNews($feeditem);
break;
case 'pages':
$item = $this->getitemPages($feeditem, getOption('RSS_truncate_length'));
break;
case 'comments':
$item = $this->getitemComments($feeditem);
break;
default:
$item = $feeditem;
break;
}
?>
<item>
<title><![CDATA[<?php
echo $item['title'];
?>
]]></title>
<link><?php
echo html_encode($item['link']);
?>
</link>
<description><![CDATA[<?php
echo $item['desc'];
?>
]]></description>
<?php
if (!empty($item['enclosure'])) {
echo $item['enclosure'];
//prints xml as well
}
if (!empty($item['category'])) {
?>
<category><![CDATA[<?php
echo $item['category'];
?>
]]></category>
<?php
}
if (!empty($item['media_content'])) {
echo $item['media_content'];
//prints xml as well
}
if (!empty($item['media_thumbnail'])) {
echo $item['media_thumbnail'];
//prints xml as well
}
?>
<guid><?php
echo html_encode($item['link']);
?>
</guid>
<pubDate><?php
echo html_encode($item['pubdate']);
?>
</pubDate>
</item>
<?php
}
// foreach
?>
</channel>
</rss>
<?php
$this->endCache();
}
}
/**
* Print the login form for ZP. This will take into account whether mod_rewrite is enabled or not.
*
* @param string $redirect URL to return to after login
* @param bool $logo set to true to display the ADMIN zenphoto logo.
* @param bool $showUserField set to true to display the user input
* @param bool $showCaptcha set to false to not display the forgot password captcha.
* @param string $hint optional hint for the password
*
*/
function printLoginForm($redirect = null, $logo = true, $showUserField = true, $showCaptcha = true, $hint = '')
{
global $_zp_login_error, $_zp_captcha, $_zp_gallery;
if (is_null($redirect)) {
$redirect = getRequestURI();
}
if (is_null($showUserField)) {
$showUserField = $_zp_gallery->getUserLogonField();
}
$cycle = sanitize_numeric(@$_GET['cycle']) + 1;
if (isset($_POST['user'])) {
$requestor = sanitize($_POST['user'], 0);
} else {
$requestor = '';
}
if (empty($requestor)) {
if (isset($_GET['ref'])) {
$requestor = sanitize($_GET['ref']);
}
}
$alt_handlers = zp_apply_filter('alt_login_handler', array());
$star = false;
$mails = array();
$info = array('challenge' => '', 'response' => '');
if (!empty($requestor)) {
if ($admin = $this->getAnAdmin(array('`user`=' => $requestor, '`valid`=' => 1))) {
$info = $admin->getChallengePhraseInfo();
} else {
$info = array('challenge' => '');
}
if (empty($info['challenge']) || $cycle > 2 && $cycle % 5 != 1) {
$locale = getUserLocale();
$questions = array();
foreach (getSerializedArray(getOption('challenge_foils')) as $question) {
$questions[] = get_language_string($question);
}
$rslt = query('SELECT `challenge_phrase`,`language` FROM ' . prefix('administrators') . ' WHERE `challenge_phrase` IS NOT NULL');
while ($row = db_fetch_assoc($rslt)) {
if (is_null($row['language']) || $row['language'] == $locale) {
$q = getSerializedArray($row['challenge_phrase']);
$questions[] = $q['challenge'];
}
}
db_free_result($rslt);
$questions = array_unique($questions);
shuffle($questions);
$info = array('challenge' => $questions[$cycle % count($questions)], 'response' => 0x0);
} else {
if ($admin->getEmail()) {
$star = $showCaptcha;
}
}
}
if (!$star) {
$admins = $this->getAdministrators();
while (count($admins) > 0) {
$user = array_shift($admins);
if ($user['email']) {
$star = $showCaptcha;
}
}
}
$whichForm = sanitize(@$_REQUEST['logon_step']);
?>
<div id="loginform">
<?php
if ($logo) {
?>
<p>
<img src="<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/images/zen-logo.png" title="ZenPhoto" alt="ZenPhoto" />
</p>
<?php
}
switch ($_zp_login_error) {
case 1:
?>
<div class="errorbox" id="message"><h2><?php
echo gettext("There was an error logging in.");
?>
</h2>
<?php
if ($showUserField) {
echo gettext("Check your username and password and try again.");
} else {
echo gettext("Check password and try again.");
}
?>
</div>
<?php
break;
case 2:
?>
<div class="messagebox fade-message">
<h2><?php
echo gettext("A reset request has been sent.");
?>
</h2>
</div>
<?php
break;
default:
if (!empty($_zp_login_error)) {
?>
<div class="errorbox fade-message">
<h2><?php
echo $_zp_login_error;
?>
</h2>
</div>
<?php
}
break;
}
switch ($whichForm) {
case 'challenge':
?>
<form name="login" action="<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/admin.php" method="post">
<fieldset id="logon_box">
<input type="hidden" name="login" value="1" />
<input type="hidden" name="password" value="challenge" />
<input type="hidden" name="redirect" value="<?php
echo html_encode(pathurlencode($redirect));
?>
" />
<fieldset>
<legend><?php
echo gettext('User');
?>
</legend>
<input class="textfield" name="user" id="user" type="text" size="35" value="<?php
echo html_encode($requestor);
?>
" />
</fieldset>
<?php
if ($requestor) {
?>
<p class="logon_form_text"><?php
echo gettext('Supply the correct response to the question below and you will be directed to a page where you can change your password.');
?>
</p>
<fieldset><legend><?php
echo gettext('Challenge question:');
?>
</legend>
<?php
echo html_encode($info['challenge']);
?>
</fieldset>
<fieldset><legend><?php
echo gettext('Your response');
?>
</legend>
<input class="textfield" name="pass" id="pass" type="text" size="35" />
</fieldset>
<br />
<?php
} else {
?>
<p class="logon_form_text">
<?php
echo gettext('Enter your User ID and press <code>Refresh</code> to get your challenge question.');
?>
</p>
<?php
}
?>
<div class="buttons">
<button type="submit" value="<?php
echo gettext("Submit");
?>
"<?php
if (!$info['challenge']) {
echo ' disabled="disabled"';
}
?>
><img src="<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/images/pass.png" alt="" /><?php
echo gettext("Submit");
?>
</button>
<button type="button" value="<?php
echo gettext("Refresh");
?>
" id="challenge_refresh" onclick="launchScript('<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/admin.php', ['logon_step=challenge', 'ref=' + $('#user').val(), 'cycle=<?php
echo $cycle;
?>
']);" ><img src="<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/images/refresh.png" alt="" /><?php
echo gettext("Refresh");
?>
</button>
<button type="button" value="<?php
echo gettext("Return");
?>
" onclick="launchScript('<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/admin.php', ['logon_step=', 'ref=' + $('#user').val(), 'cycle=<?php
echo $cycle;
?>
']);" ><img src="<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/images/refresh.png" alt="" /><?php
echo gettext("Return");
?>
</button>
</div>
<br class="clearall" />
</fieldset>
<br />
<?php
if ($star) {
?>
<p class="logon_link">
<a href="javascript:launchScript('<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/admin.php',['logon_step=captcha', 'ref='+$('#user').val()]);" >
<?php
echo gettext('Request reset by e-mail');
?>
</a>
</p>
<?php
}
?>
</form>
<?php
break;
default:
Zenphoto_Authority::printPasswordFormJS();
if (empty($alt_handlers)) {
$legend = gettext('Login');
} else {
?>
<script type="text/javascript">
// <!-- <![CDATA[
var handlers = [];
<?php
$list = '<select id="logon_choices" onchange="changeHandler(handlers[$(this).val()]);">' . '<option value="0">' . html_encode(get_language_string($_zp_gallery->getTitle())) . '</option>';
$c = 0;
foreach ($alt_handlers as $handler => $details) {
$c++;
$details['params'][] = 'redirect=' . $redirect;
if (!empty($requestor)) {
$details['params'][] = 'requestor=' . $requestor;
}
echo "handlers[" . $c . "]=['" . $details['script'] . "','" . implode("','", $details['params']) . "'];";
$list .= '<option value="' . $c . '">' . $handler . '</option>';
}
$list .= '</select>';
$legend = sprintf(gettext('Logon using:%s'), $list);
?>
function changeHandler(handler) {
handler.push('user='******'#user').val());
var script = handler.shift();
launchScript(script, handler);
}
// ]]> -->
</script>
<?php
}
$redirect = zp_apply_filter('login_redirect_link', $redirect);
?>
<form name="login" action="<?php
echo html_encode(pathurlencode($redirect));
?>
" method="post">
<input type="hidden" name="login" value="1" />
<input type="hidden" name="password" value="1" />
<input type="hidden" name="redirect" value="<?php
echo html_encode(pathurlencode($redirect));
?>
" />
<fieldset id="logon_box"><legend><?php
echo $legend;
?>
</legend>
<?php
if ($showUserField) {
// requires a "user" field
?>
<fieldset><legend><?php
echo gettext("User");
?>
</legend>
<input class="textfield" name="user" id="user" type="text" size="35" value="<?php
echo html_encode($requestor);
?>
" />
</fieldset>
<?php
}
?>
<fieldset><legend><?php
echo gettext("Password");
?>
</legend>
<input class="textfield" name="pass" id="pass" type="password" size="35" /><br />
<label><input type="checkbox" name="disclose_password" id="disclose_password" onclick="togglePassword('');" /><?php
echo gettext('Show password');
?>
</label>
</fieldset>
<br />
<div class="buttons">
<button type="submit" value="<?php
echo gettext("Log in");
?>
" ><img src="<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/images/pass.png" alt="" /><?php
echo gettext("Log in");
?>
</button>
<button type="reset" value="<?php
echo gettext("Reset");
?>
" ><img src="<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/images/reset.png" alt="" /><?php
echo gettext("Reset");
?>
</button>
</div>
<br class="clearall" />
</fieldset>
</form>
<?php
if ($hint) {
echo '<p>' . $hint . '</p>';
}
if ($showUserField && OFFSET_PATH != 2) {
?>
<p class="logon_link">
<a href="javascript:launchScript('<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/admin.php',['logon_step=challenge', 'ref='+$('#user').val()]);" >
<?php
echo gettext('I forgot my <strong>User ID</strong>/<strong>Password</strong>');
?>
</a>
</p>
<?php
}
break;
case 'captcha':
$captcha = $_zp_captcha->getCaptcha(NULL);
?>
<form name="login" action="<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/admin.php" method="post">
<?php
if (isset($captcha['hidden'])) {
echo $captcha['hidden'];
}
?>
<input type="hidden" name="login" value="1" />
<input type="hidden" name="password" value="captcha" />
<input type="hidden" name="redirect" value="<?php
echo html_encode(pathurlencode($redirect));
?>
" />
<fieldset id="logon_box">
<fieldset><legend><?php
echo gettext('User');
?>
</legend>
<input class="textfield" name="user" id="user" type="text" value="<?php
echo html_encode($requestor);
?>
" />
</fieldset>
<?php
if (isset($captcha['html'])) {
echo $captcha['html'];
}
?>
<?php
if (isset($captcha['input'])) {
?>
<fieldset><legend><?php
echo gettext("Enter CAPTCHA");
?>
</legend>
<?php
echo $captcha['input'];
?>
</fieldset>
<?php
}
?>
<br />
<div class="buttons">
<button type="submit" value="<?php
echo gettext("Request");
?>
" ><img src="<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/images/pass.png" alt="" /><?php
echo gettext("Request password reset");
?>
</button>
<button type="button" value="<?php
echo gettext("Return");
?>
" onclick="launchScript('<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/admin.php', ['logon_step=', 'ref=' + $('#user').val()]);" ><img src="<?php
echo WEBPATH . '/' . ZENFOLDER;
?>
/images/refresh.png" alt="" /><?php
echo gettext("Return");
?>
</button>
</div>
<br class="clearall" />
</fieldset>
</form>
<?php
break;
}
?>
</div>
<?php
}
/**
*
* places a selector so a user may change thems
* @param string $text link text
*/
static function controlLink($textIn = NULL)
{
global $_zp_gallery, $_themeSwitcherThemelist, $_zp_gallery_page;
if (self::active()) {
$themes = array();
foreach ($_zp_gallery->getThemes() as $theme => $details) {
if ($_themeSwitcherThemelist[$theme]) {
if (getPlugin($_zp_gallery_page, $theme)) {
$themes[$details['name']] = $theme;
}
}
}
$text = $textIn;
if (empty($text)) {
$text = gettext('Theme');
}
$reloc = pathurlencode(trim(preg_replace('~themeSwitcher=.*?&~', '', getRequestURI() . '&'), '?&'));
if (strpos($reloc, '?')) {
$reloc .= '&themeSwitcher=%t';
} else {
$reloc .= '?themeSwitcher=%t';
}
$theme = $_zp_gallery->getCurrentTheme();
?>
<span class="themeSwitcherControlLink">
<span title="<?php
echo gettext("Themes will not show in this list if selecting them would result in a “not found” error.");
?>
">
<?php
echo $text;
?>
<select name="themeSwitcher" id="themeSwitcher" onchange="switchTheme('<?php
echo html_encode($reloc);
?>
')">
<?php
generateListFromArray(array($theme), $themes, false, true);
?>
</select>
</span>
<?php
zp_apply_filter('themeSwitcher_Controllink', $theme);
?>
</span>
<?php
}
return $textIn;
}